virtualvacation.us Open in urlscan Pro
185.199.110.153 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://virtualvacation.us/guess
Submission: On February 22 via manual (February 22nd 2022, 3:33:45 pm UTC) from US — Scanned from US

Summary HTTP 93 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 34 IPs in 3 countries across 27 domains to perform 93 HTTP transactions. The main IP is 185.199.110.153, located in United States and belongs to FASTLY, US. The main domain is virtualvacation.us. The Cisco Umbrella rank of the primary domain is 339696.
TLS certificate: Issued by R3 on January 14th 2022. Valid for: 3 months.

This is the only time virtualvacation.us was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
17	185.199.110.153 185.199.110.153	54113 (FASTLY) (FASTLY)
4	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4006:80c::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	192.229.173.207 192.229.173.207	15133 (EDGECAST) (EDGECAST)
2	2606:4700::68... 2606:4700::6810:7baf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.225.205.93 13.225.205.93	16509 (AMAZON-02) (AMAZON-02)
1	2607:f8b0:400... 2607:f8b0:4006:824::2008	15169 (GOOGLE) (GOOGLE)
2	2606:4700:310... 2606:4700:3108::ac42:2b42	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4006:822::200a	15169 (GOOGLE) (GOOGLE)
2	2606:50c0:800... 2606:50c0:8000::153	54113 (FASTLY) (FASTLY)
11	2607:f8b0:400... 2607:f8b0:4006:824::200e	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:807::2003	15169 (GOOGLE) (GOOGLE)
1	2600:9000:21e... 2600:9000:21ec:1400:c:abe:f440:93a1	16509 (AMAZON-02) (AMAZON-02)
1 2	3.15.117.250 3.15.117.250	16509 (AMAZON-02) (AMAZON-02)
4	142.251.32.98 142.251.32.98	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:5514	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3033::6815:45cd	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2607:f8b0:400... 2607:f8b0:4006:809::200e	15169 (GOOGLE) (GOOGLE)
1 4	68.67.160.75 68.67.160.75	29990 (ASN-APPNEX) (ASN-APPNEX)
3	104.67.5.55 104.67.5.55	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2607:f8b0:402... 2607:f8b0:4023:1404::9c	15169 (GOOGLE) (GOOGLE)
1	13.225.230.48 13.225.230.48	16509 (AMAZON-02) (AMAZON-02)
5	2600:9000:214... 2600:9000:2140:dc00:1d:85c3:6640:93a1	16509 (AMAZON-02) (AMAZON-02)
1	151.101.1.108 151.101.1.108	54113 (FASTLY) (FASTLY)
1 3	2607:f8b0:400... 2607:f8b0:4006:80f::2002	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4006:80c::2001	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:80c::2006	15169 (GOOGLE) (GOOGLE)
2	2a02:6ea0:c60... 2a02:6ea0:c600::11	60068 (CDN77 ^_^) (CDN77 ^_^)
2 2	52.0.156.250 52.0.156.250	14618 (AMAZON-AES) (AMAZON-AES)
5	18.190.45.198 18.190.45.198	16509 (AMAZON-02) (AMAZON-02)
2 2	18.206.84.102 18.206.84.102	14618 (AMAZON-AES) (AMAZON-AES)
2 2	34.231.251.31 34.231.251.31	14618 (AMAZON-AES) (AMAZON-AES)
2 2	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
1 2	34.233.103.61 34.233.103.61	14618 (AMAZON-AES) (AMAZON-AES)
2 2	35.190.60.146 35.190.60.146	15169 (GOOGLE) (GOOGLE)
2 2	104.18.101.194 104.18.101.194	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	213.95.181.109 213.95.181.109	12337 (NORIS-NET...) (NORIS-NETWORK IT Service Provider located in Nuernberg)
4	2607:f8b0:400... 2607:f8b0:4006:81d::2002	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:823::2004	15169 (GOOGLE) (GOOGLE)
93	34

17 185.199.110.153 (United States)

ASN54113 (FASTLY, US)
PTR: cdn-185-199-110-153.github.com

virtualvacation.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80c::200a (Queens, United States)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.229.173.207 (New York, United States)

ASN15133 (EDGECAST, US)

www.w3schools.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:7baf (United States)

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.205.93 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-205-93.ewr50.r.cloudfront.net

platform-api.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:824::2008 (Queens, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3108::ac42:2b42 (United States)

ASN13335 (CLOUDFLARENET, US)

api.adinplay.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:822::200a (Queens, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:50c0:8000::153 (United States)

ASN54113 (FASTLY, US)

afarkas.github.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2607:f8b0:4006:824::200e (Queens, United States)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:807::2003 (Queens, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21ec:1400:c:abe:f440:93a1 (United States)

ASN16509 (AMAZON-02, US)

buttons-config.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.15.117.250 (Columbus, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-15-117-250.us-east-2.compute.amazonaws.com

l.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.251.32.98 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s77-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::6815:45cd (United States)

ASN13335 (CLOUDFLARENET, US)

country.adinplay.workers.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:809::200e (Queens, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 68.67.160.75 (Brooklyn, United States) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.67.5.55 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-67-5-55.deploy.static.akamaitechnologies.com

t.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4023:1404::9c (Columbus, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.230.48 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-230-48.jfk51.r.cloudfront.net

count-server.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:2140:dc00:1d:85c3:6640:93a1 (United States)

ASN16509 (AMAZON-02, US)

platform-cdn.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.108 (United States)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:80f::2002 (Queens, United States) 1 redirects

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:80c::2001 (Queens, United States)

ASN15169 (GOOGLE, US)

970bd2fe66f39b8f2acf4b9c90932a27.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80c::2006 (Queens, United States)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6ea0:c600::11 (Chicago, United States)

ASN60068 (CDN77 ^_^, GB)

cdn.adspirit.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.0.156.250 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-0-156-250.compute-1.amazonaws.com

loadus.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 18.190.45.198 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-190-45-198.us-east-2.compute.amazonaws.com

sync.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.206.84.102 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-206-84-102.compute-1.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.231.251.31 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-231-251-31.compute-1.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.223.40.198 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.233.103.61 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-233-103-61.compute-1.amazonaws.com

ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.60.146 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.101.194 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

p.adsymptotic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.95.181.109 (Oberschleissheim, Germany)

ASN12337 (NORIS-NETWORK IT Service Provider located in Nuernberg, Germany, DE)
PTR: webportal-adspirit.de

adinplay.adspirit.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:81d::2002 (Queens, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:823::2004 (Queens, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	sharethis.com 1 redirects platform-api.sharethis.com — Cisco Umbrella Rank: 4701 buttons-config.sharethis.com — Cisco Umbrella Rank: 5594 l.sharethis.com — Cisco Umbrella Rank: 4302 t.sharethis.com — Cisco Umbrella Rank: 5820 count-server.sharethis.com — Cisco Umbrella Rank: 10992 platform-cdn.sharethis.com — Cisco Umbrella Rank: 10263 sync.sharethis.com — Cisco Umbrella Rank: 2516	65 KB
17	virtualvacation.us virtualvacation.us — Cisco Umbrella Rank: 339696	4 MB
11	youtube.com www.youtube.com — Cisco Umbrella Rank: 87	753 KB
8	googlesyndication.com 970bd2fe66f39b8f2acf4b9c90932a27.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 92 tpc.googlesyndication.com — Cisco Umbrella Rank: 120	38 KB
8	doubleclick.net 1 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 159 stats.g.doubleclick.net — Cisco Umbrella Rank: 67 googleads.g.doubleclick.net — Cisco Umbrella Rank: 37 static.doubleclick.net — Cisco Umbrella Rank: 309	150 KB
5	adspirit.de cdn.adspirit.de — Cisco Umbrella Rank: 95834 adinplay.adspirit.de — Cisco Umbrella Rank: 406071	14 KB
5	adnxs.com 1 redirects ib.adnxs.com — Cisco Umbrella Rank: 210 acdn.adnxs.com — Cisco Umbrella Rank: 547	20 KB
4	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 610	123 KB
2	adsymptotic.com 2 redirects p.adsymptotic.com — Cisco Umbrella Rank: 497	571 B
2	rlcdn.com 2 redirects idsync.rlcdn.com — Cisco Umbrella Rank: 283	492 B
2	ml314.com 1 redirects ml314.com — Cisco Umbrella Rank: 1357	884 B
2	adsrvr.org 2 redirects match.adsrvr.org — Cisco Umbrella Rank: 295	925 B
2	eyeota.net 2 redirects ps.eyeota.net — Cisco Umbrella Rank: 845	1 KB
2	crwdcntrl.net 2 redirects bcp.crwdcntrl.net — Cisco Umbrella Rank: 629	896 B
2	exelator.com 2 redirects loadus.exelator.com — Cisco Umbrella Rank: 1160	2 KB
2	google.com adservice.google.com — Cisco Umbrella Rank: 59 www.google.com — Cisco Umbrella Rank: 2	2 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	20 KB
2	gstatic.com fonts.gstatic.com	29 KB
2	github.io afarkas.github.io — Cisco Umbrella Rank: 132129	5 KB
2	adinplay.com api.adinplay.com — Cisco Umbrella Rank: 10107	128 KB
2	unpkg.com unpkg.com — Cisco Umbrella Rank: 802	45 KB
2	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 250 fonts.googleapis.com — Cisco Umbrella Rank: 35	32 KB
1	workers.dev country.adinplay.workers.dev — Cisco Umbrella Rank: 35190	620 B
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 401	1 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 50	37 KB
1	w3schools.com www.w3schools.com — Cisco Umbrella Rank: 16063	5 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 197	7 KB
93	27

	Domain	Requested by
17	virtualvacation.us	virtualvacation.us
11	www.youtube.com	virtualvacation.us www.youtube.com
5	sync.sharethis.com	virtualvacation.us
5	platform-cdn.sharethis.com	virtualvacation.us
4	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
4	ib.adnxs.com	1 redirects api.adinplay.com acdn.adnxs.com
4	securepubads.g.doubleclick.net	api.adinplay.com securepubads.g.doubleclick.net
4	maxcdn.bootstrapcdn.com	virtualvacation.us maxcdn.bootstrapcdn.com
3	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
3	adinplay.adspirit.de	cdn.adspirit.de
3	t.sharethis.com	platform-api.sharethis.com t.sharethis.com
2	p.adsymptotic.com	2 redirects
2	idsync.rlcdn.com	2 redirects
2	ml314.com	1 redirects virtualvacation.us
2	match.adsrvr.org	2 redirects
2	ps.eyeota.net	2 redirects
2	bcp.crwdcntrl.net	2 redirects
2	loadus.exelator.com	2 redirects
2	cdn.adspirit.de	api.adinplay.com cdn.adspirit.de
2	googleads.g.doubleclick.net	1 redirects www.youtube.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	l.sharethis.com	1 redirects virtualvacation.us
2	fonts.gstatic.com	fonts.googleapis.com www.youtube.com
2	afarkas.github.io	virtualvacation.us
2	api.adinplay.com	virtualvacation.us api.adinplay.com
2	unpkg.com	virtualvacation.us
1	www.google.com	tpc.googlesyndication.com
1	static.doubleclick.net	www.youtube.com
1	970bd2fe66f39b8f2acf4b9c90932a27.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	acdn.adnxs.com	api.adinplay.com
1	count-server.sharethis.com	platform-api.sharethis.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	country.adinplay.workers.dev	api.adinplay.com
1	cdn.jsdelivr.net	api.adinplay.com
1	buttons-config.sharethis.com	platform-api.sharethis.com
1	fonts.googleapis.com	virtualvacation.us
1	www.googletagmanager.com	virtualvacation.us
1	platform-api.sharethis.com	virtualvacation.us
1	www.w3schools.com	virtualvacation.us
1	cdnjs.cloudflare.com	virtualvacation.us
1	ajax.googleapis.com	virtualvacation.us
93	42

This site contains links to these domains. Also see Links.

Domain
www.geoguessr.com
www.w3schools.com
codepen.io
pursued.nemesys.hu
twitter.com
www.facebook.com
pinterest.com
www.linkedin.com
virtualvacation.typeform.com

Subject Issuer	Validity	Valid
virtualvacation.us R3	`2022-01-14` - `2022-04-14`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-01-29` - `2023-01-29`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
*.w3schools.com DigiCert TLS RSA SHA256 2020 CA1	`2021-04-27` - `2022-05-02`	a year	crt.sh
sharethis.com Amazon	`2021-07-19` - `2022-08-17`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
adinplay.com Cloudflare Inc ECC CA-3	`2021-07-22` - `2022-07-21`	a year	crt.sh
www.github.com DigiCert SHA2 High Assurance Server CA	`2020-05-06` - `2022-04-14`	2 years	crt.sh
*.google.com GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
cert1.a1.atm.aqfer.net R3	`2022-01-20` - `2022-04-20`	3 months	crt.sh
cdn.adnxs.com GlobalSign Organization Validated CA - SHA256 - G4	`2021-05-10` - `2022-06-11`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
*.adspirit.de Sectigo RSA Organization Validation Secure Server CA	`2021-05-18` - `2022-06-18`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh

This page contains 8 frames:

Primary Page: https://virtualvacation.us/guess
Frame ID: D6FB3631C9326C49267B9EA1432E4FD4
Requests: 64 HTTP requests in this frame

Frame: https://www.youtube.com/embed/Fe78ODqrhXQ?modestbranding=1&rel=0&start=40&playsinline=1&controls=0&showinfo=0&loop=1&enablejsapi=1&origin=https%3A%2F%2Fvirtualvacation.us&widgetid=1
Frame ID: 249EB2A89C646A244774C255CA964209
Requests: 12 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.858.22997&cid=c010&cls=B
Frame ID: B689AF2CF4F138446073C31DE114597C
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 50555C6501B6F7321666C7E2A94B1EAE
Requests: 3 HTTP requests in this frame

Frame: https://970bd2fe66f39b8f2acf4b9c90932a27.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 0532D9CAF4718C94001D818582CFD94C
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/1.858.22997/a/US/t_.js?cid=c010&cls=B
Frame ID: 099776EB4AE92E6A6A0F281DF38AFC63
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F7DEC95044708D473A542DDB0C5D51B8
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B95D049DD71D7B7A2335F7EA385DBEAE
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

City Guesser - Can you guess what city you're in?

Detected technologies

Leaflet (Maps) Expand

Overall confidence: 100%
Detected patterns

leaflet.{0,32}\.js

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Popper (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

<script [^>]*src="[^"]*/popper\.js/([0-9.]+)
/popper\.js/([0-9.]+)

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

93
Requests

90 %
HTTPS

55 %
IPv6

27
Domains

42
Subdomains

34
IPs

3
Countries

5973 kB
Transfer

9429 kB
Size

27
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://www.geoguessr.com/
Title: GeoGuessr

Search URL Search Domain Scan URL

URL: https://www.w3schools.com/w3css/w3css_cards.asp
Title: W3 CSS Cards

Search URL Search Domain Scan URL

URL: https://codepen.io/mirandalwashburn/pen/MWawdxr
Title: Modern Travel Cards

Search URL Search Domain Scan URL

URL: http://pursued.nemesys.hu/
Title: Pursued Maps

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https%3A%2F%2Fvirtualvacation.us%2Fguess&text=This%20guessing%20game%20pops%20you%20into%20the%20ambience%20of%20a%20random%20city%20and%20you%20have%20to%20guess%20where%20you%20are%20at.%20You%27ll%20be%20able%20to%20see%20cars%20driving%20around%20you%20and%20people%20walking.%20Can%20you%20get%20100%25%3F
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fvirtualvacation.us%2Fguess
Title: Facebook

Search URL Search Domain Scan URL

URL: https://pinterest.com/pin/create/button/?url=https%3A%2F%2Fvirtualvacation.us%2Fguess&media=https%3A%2F%2Fvirtualvacation.us%2Fstatic%2Funsplash1.jpg&description=This%20guessing%20game%20pops%20you%20into%20the%20ambience%20of%20a%20random%20city%20and%20you%20have%20to%20guess%20where%20you%20are%20at.%20You%27ll%20be%20able%20to%20see%20cars%20driving%20around%20you%20and%20people%20walking.%20Can%20you%20get%20100%25%3F
Title: Pinterest

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=https%3A%2F%2Fvirtualvacation.us%2Fguess&title=This%20guessing%20game%20pops%20you%20into%20the%20ambience%20of%20a%20random%20city%20and%20you%20have%20to%20guess%20where%20you%20are%20at.%20You%27ll%20be%20able%20to%20see%20cars%20driving%20around%20you%20and%20people%20walking.%20Can%20you%20get%20100%25%3F
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://virtualvacation.typeform.com/to/VAdncnhj
Title: Submit Video

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 20

https://l.sharethis.com/pview?event=pview&hostname=virtualvacation.us&location=%2Fguess&product=sticky-share-buttons&url=https%3A%2F%2Fvirtualvacation.us%2Fguess&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=City%20Guesser%20-%20Can%20you%20guess%20what%20city%20you%27re%20in%3F&cms=unknown&publisher=5efe4a1ed9c6890012469011&sop=true&version=st_sop.js&lang=en&description=City%20Guesser%20is%20a%20game%20that%20plops%20you%20into%20a%20random%20city%20and%20forces%20you%20to%20guess%20where%20you%20are%20at! HTTP 301
https://l.sharethis.com/sc?event=pview&hostname=virtualvacation.us&location=%2Fguess&product=sticky-share-buttons&url=https%3A%2F%2Fvirtualvacation.us%2Fguess&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=City%20Guesser%20-%20Can%20you%20guess%20what%20city%20you%27re%20in%3F&cms=unknown&publisher=5efe4a1ed9c6890012469011&sop=true&version=st_sop.js&lang=en&description=City%20Guesser%20is%20a%20game%20that%20plops%20you%20into%20a%20random%20city%20and%20forces%20you%20to%20guess%20where%20you%20are%20at!&samesite=None

Request Chain 64

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 70

https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Request Chain 72

https://loadus.exelator.com/load/?p=847&g=001&j=0&gdpr=0&gdpr_consent= HTTP 302
https://loadus.exelator.com/load/?p=847&g=001&j=0&gdpr=0&gdpr_consent=&xl8blockcheck=1 HTTP 302
https://sync.sharethis.com/nlsn?uid=ca766dce221a3f02de0122e58703ac67

Request Chain 73

https://bcp.crwdcntrl.net/5/c=9084/tp=SARE/tpid=ZGAAFGIVAlMAAAAIeVx0Aw%3D%3D&gdpr=0&gdpr_consent=?https%3A%2F%2Fsync.sharethis.com%2Fint%2Flotame%3Fuid%3D%24%7Bprofile_id%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://bcp.crwdcntrl.net/5/ct=y/c=9084/tp=SARE/tpid=ZGAAFGIVAlMAAAAIeVx0Aw%3D%3D&gdpr=0&gdpr_consent=?https%3A%2F%2Fsync.sharethis.com%2Fint%2Flotame%3Fuid%3D%24%7Bprofile_id%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://sync.sharethis.com/int/lotame?uid=1d2fd861e189b9475520a26818ccfbf1&gdpr=0&gdpr_consent=

Request Chain 74

https://ps.eyeota.net/pixel?pid=1mpb5m0&t=gif&gdpr=0&gdpr_consent= HTTP 302
https://ps.eyeota.net/pixel/bounce/?pid=1mpb5m0&t=gif&gdpr=0&gdpr_consent= HTTP 302
https://sync.sharethis.com/eyeota?uid=2LoPu6E63ipmL-439_nOE58B_CBBDtQ3zdqKSEp_sR0g&gdpr=0&gdpr_consent=

Request Chain 75

https://match.adsrvr.org/track/cmf/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://sync.sharethis.com/ttd?uid=0bc20246-ed82-480d-8706-4033430fa14d&gdpr=0&gdpr_consent=

Request Chain 76

https://ml314.com/utsync.ashx?eid=50131&et=13&cid=lr&fp=ZGAAFGIVAlMAAAAIeVx0Aw%3D%3D&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fidsync.rlcdn.com%2F395886.gif%3Fpartner_uid%3D%5BPersonID%5D HTTP 302
https://idsync.rlcdn.com/395886.gif?partner_uid=3625322199883710471 HTTP 307
https://idsync.rlcdn.com/1000.gif?memo=CO6UGBIeChoIARCuXxoTMzYyNTMyMjE5OTg4MzcxMDQ3MRAAGg0I1ITUkAYSBQjoBxAAQgBKAA HTTP 307
https://ml314.com/csync.ashx?fp=06ae82fe1c01844a99cb5b349a50cb167c608f969d3501c606c2e052fa5968d5f4cb09cee1a4f8eb&person_id=3625322199883710471&eid=50082

Request Chain 77

https://p.adsymptotic.com/d/px/?_pid=12608&_psign=f58963b3af9d250b387068620e8a4444&_puuid=ZGAAFGIVAlMAAAAIeVx0Aw%3D%3D&_redirect=https%3A%2F%2Fsync.sharethis.com%2Fdrawbridge%3Fuid%3D%24%7BUUID%7D&_rand=1645544020050 HTTP 302
https://p.adsymptotic.com/d/px/?_pid=12608&_psign=f58963b3af9d250b387068620e8a4444&_puuid=ZGAAFGIVAlMAAAAIeVx0Aw%3D%3D&_redirect=https%3A%2F%2Fsync.sharethis.com%2Fdrawbridge%3Fuid%3D%24%7BUUID%7D&_rand=1645544020050&_expected_cookie=364b7cab5f70a85e36021b5926b69b43 HTTP 302
https://sync.sharethis.com/drawbridge?uid=364b7cab5f70a85e36021b5926b69b43

93 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request guess Show response
virtualvacation.us/ 154 KB
47 KB 68ms
4ms Document
text/html 185.199.110.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://virtualvacation.us/guess

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.199.110.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

cdn-185-199-110-153.github.com

Software

GitHub.com /

Resource Hash

b5c198693aa2381fa368e7bd7425cefa519ccb4877be9d669d67b37edf28cd9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-US,en;q=0.9

Response headers

server: GitHub.com
content-type: text/html; charset=utf-8
last-modified: Fri, 10 Dec 2021 00:00:19 GMT
access-control-allow-origin: *
strict-transport-security: max-age=31556952
etag: W/"61b29893-26670"
expires: Tue, 22 Feb 2022 13:03:54 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: 688C:6791:30CDD9:4A4DC3:6214DCE2
accept-ranges: bytes
date: Tue, 22 Feb 2022 15:33:39 GMT
via: 1.1 varnish
age: 312
x-served-by: cache-lga21957-LGA
x-cache: HIT
x-cache-hits: 1
x-timer: S1645544019.147703,VS0,VE1
vary: Accept-Encoding
x-fastly-request-id: 2be809aac0a2bed2a0bffee1b00134fd464b9d69
content-length: 47476

GET
H2 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/4.5.0/css/ 157 KB
24 KB 38ms
21ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/4.5.0/css/bootstrap.min.css

Requested by

Host: virtualvacation.us
URL: https://virtualvacation.us/guess

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

680af6669abc319f9803f0fa26d443df1b6bc29133d88a8e4bea560ffed7288c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://virtualvacation.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 15:33:39 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 617, 617
age: 23585344
cdn-cachedat: 2021-05-25 11:04:09
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:10 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 624e07d45f04aebb6f421eb0a18c2bfd
cf-ray: 6e194627fb3c17a9-EWR
cdn-requestcountrycode: US
cdn-requestpullsuccess: True

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ 87 KB
31 KB 27ms
5ms Script
text/javascript 2607:f8b0:4006:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

Requested by

Host: virtualvacation.us
URL: https://virtualvacation.us/guess

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::200a Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://virtualvacation.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 06:08:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 379487
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31021
x-xss-protection: 0
last-modified: Fri, 08 May 2020 07:05:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 18 Feb 2023 06:08:52 GMT

GET
H2 200 popper.min.js Show response
cdnjs.cloudflare.com/ajax/libs/popper.js/1.16.0/umd/ 21 KB
7 KB 39ms
15ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.16.0/umd/popper.min.js

Requested by

Host: virtualvacation.us
URL: https://virtualvacation.us/guess

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c776195ad46333c6c9a9fe3c74502ffea9a02faf122388ea3567922cc65a3060

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://virtualvacation.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 15:33:39 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2298274
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6696
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:15:37 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fa9-5309"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=owkz3U%2BelrZ%2B7q7TQQkGkdsy8rG1OtU5QR%2FF%2F27h2J1QeNbPIcrpl2Ws5lB2%2FUMkyhoips%2FX424c7M8r4lhwqrhvC2Vm73TUWrzB0W6fq2cKGcqqkuAKnyKbGUIm5WnwMUaYcAHW4KvG%2BJV2DnFbNGqh"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6e1946280e558cd4-EWR
expires: Sun, 12 Feb 2023 15:33:39 GMT

GET
H2 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/4.5.0/js/ 59 KB
15 KB 44ms
28ms Script
application/javascript 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/4.5.0/js/bootstrap.min.js

Requested by

Host: virtualvacation.us
URL: https://virtualvacation.us/guess

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

38544024da1a0fc2f706be6582557b5722d17f48ad9a8073594a0cf928e2e3ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://virtualvacation.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 15:33:39 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 718, 718
age: 23585345
cdn-cachedat: 2021-05-25 11:02:01
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:10 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 2f4d1d051017e760104b2b9a14e3a7dc
cf-ray: 6e194627fb4117a9-EWR
cdn-requestcountrycode: US
cdn-requestpullsuccess: True

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/latest/css/ 30 KB
7 KB 33ms
17ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/latest/css/font-awesome.min.css

Requested by

Host: virtualvacation.us
URL: https://virtualvacation.us/guess

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://virtualvacation.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 15:33:39 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 617, 617
age: 23585346
cdn-cachedat: 2021-05-25 07:51:47
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:56 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: f1c12e9af13041bd3f52106ebdc7757c
cf-ray: 6e194627fb3f17a9-EWR
cdn-requestcountrycode: US
cdn-requestpullsuccess: True

GET
H2 200 w3.css
www.w3schools.com/w3css/4/ 23 KB
5 KB 56ms
4ms Stylesheet
text/css 192.229.173.207
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.w3schools.com/w3css/4/w3.css

Requested by

Host: virtualvacation.us
URL: https://virtualvacation.us/guess

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.173.207 New York, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (nyb/1D2F) / ASP.NET

Resource Hash

c4f2aba13970ecf8303fb9329f97c8824861569273b0aa27acce48abc61d04f5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://mycourses.w3schools.com;
X-Content-Security-Policy	frame-ancestors 'self' https://mycourses.w3schools.com;

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://virtualvacation.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self' https://mycourses.w3schools.com;
content-encoding: gzip
etag: "057b8d5c827d81:0"
last-modified: Tue, 22 Feb 2022 08:47:34 GMT
server: ECS (nyb/1D2F)
age: 3398
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
cache-control: public,max-age=14400,public
date: Tue, 22 Feb 2022 15:33:39 GMT
accept-ranges: bytes
content-length: 5258
x-content-security-policy: frame-ancestors 'self' https://mycourses.w3schools.com;

GET
H2 200 leaflet.css
unpkg.com/leaflet@1.6.0/dist/ 14 KB
4 KB 36ms
17ms Stylesheet
text/css 2606:4700::6810:7baf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/leaflet@1.6.0/dist/leaflet.css

Requested by

Host: virtualvacation.us
URL: https://virtualvacation.us/guess

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7baf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4873060989924f8e92a321a0a38611ffd0252b5bdfddf7fce00abdc8ae2176a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://virtualvacation.us/
Origin: https://virtualvacation.us
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 15:33:39 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5300289
fly-request-id: 01FQK2A5Q82CK1BQPG79B7XQ9W
content-encoding: br
vary: Accept-Encoding
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"37bc-eNGUkCb3bhCXe6sFt0PSpUCo4lU"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6e194627feed8c3f-EWR

GET
H2 200 leaflet.js Show response
unpkg.com/leaflet@1.6.0/dist/ 139 KB
42 KB 44ms
25ms Script
application/javascript 2606:4700::6810:7baf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/leaflet@1.6.0/dist/leaflet.js

Requested by

Host: virtualvacation.us
URL: https://virtualvacation.us/guess

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7baf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7cda11af090fd86b983db352266309382c9f441d8384f41ed2b19383346ccaca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://virtualvacation.us/
Origin: https://virtualvacation.us
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 15:33:39 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5300276
fly-request-id: 01FQK2AJX0GNJYXYB3RHJMMPWT
content-encoding: br
vary: Accept-Encoding
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"22d09-HJo6tWuVO3o/u4lm8+IrxwxIyMk"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6e1946280ef08c3f-EWR

GET
H2 200 sharethis.js Show response
platform-api.sharethis.com/js/ 184 KB
41 KB 20ms
4ms Script
text/javascript 13.225.205.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://platform-api.sharethis.com/js/sharethis.js

Requested by

Host: virtualvacation.us
URL: https://virtualvacation.us/guess

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.205.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-205-93.ewr50.r.cloudfront.net

Software

Resource Hash

444ee2a405e57ede9ef10e17bb58c0351c39e9d21203f242b55a77fd07d30784

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://virtualvacation.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 15:24:58 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 521
etag: W/"2df1b-sQ5Sn/JpfKxrQLYebTQ3d0yXV0s"
x-frame-options: SAMEORIGIN
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
via: 1.1 6e131451bd3f2f00145987b931606ec0.cloudfront.net (CloudFront)
edge-control: cache-maxage=60m,downstream-ttl=60m
cache-control: max-age=600, public
x-amz-cf-pop: EWR50-C1
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-id: cWVyNVWC0tZZp-xi59q2_NwlJSMfw45i9P_-7saE2qPy4WvWV2gUFA==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 94 KB
37 KB 39ms
23ms Script
application/javascript 2607:f8b0:4006:824::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-153516768-4

Requested by

Host: virtualvacation.us
URL: https://virtualvacation.us/guess

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2008 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7a0ff76c662bb891ac1fb95ff960c9951feffa5099b0615b2f41107a3d83b434

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://virtualvacation.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 15:33:39 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37303
x-xss-protection: 0
last-modified: Tue, 22 Feb 2022 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 22 Feb 2022 15:33:39 GMT

GET
H2 200 tag.min.js Show response
api.adinplay.com/libs/aiptag/pub/TPK/virtualvacation.us/ 433 KB
127 KB 64ms
31ms Script
application/javascript 2606:4700:3108::ac42:2b42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.adinplay.com/libs/aiptag/pub/TPK/virtualvacation.us/tag.min.js
Requested by: Host: virtualvacation.us
URL: https://virtualvacation.us/guess
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:2b42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: edf73ce2890d53a3e52005d155c869d164fd1e4ccad2b926e978e8b71ecf8e98

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://virtualvacation.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 15:33:39 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1549756
x-host: adinplay-1
last-modified: Fri, 04 Feb 2022 17:03:30 GMT
server: cloudflare
etag: W/"61fd5c62-6c257"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B%2Bfj8%2B72IecsbdFdJeJPW5iWev0GAO8Ge9YD%2BhJQhANpVyCEzvxrsYdBkcQQ%2BkOCo2Agv1pf%2FmgqEEFlD10mcK7i5SICYhvyDMhFJ%2FNQ%2BuprsAs1yxfUM6F%2Fi%2Fjtmsnkl%2FPQaZoymF5mJCqtbrA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1800
access-control-allow-credentials: true
cf-ray: 6e1946288fe715c7-EWR

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
1 KB 39ms
19ms Stylesheet
text/css 2607:f8b0:4006:822::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Nunito:wght@600&display=swap

Requested by

Host: virtualvacation.us
URL: https://virtualvacation.us/guess

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::200a Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

27aabc3490a7bd53a4fb7ffc7f6989fd6b491c481dafe635489f7a0b196595f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://virtualvacation.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 22 Feb 2022 15:33:39 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 22 Feb 2022 15:33:39 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 22 Feb 2022 15:33:39 GMT

GET
H2 200 ls.bgset.min.js Show response
afarkas.github.io/lazysizes/plugins/bgset/ 3 KB
1 KB 23ms
4ms Script
application/javascript 2606:50c0:8000::153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://afarkas.github.io/lazysizes/plugins/bgset/ls.bgset.min.js
Requested by: Host: virtualvacation.us
URL: https://virtualvacation.us/guess
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:50c0:8000::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: GitHub.com /
Resource Hash: d41c6733a8c4a3a7f08204de8e3d60e1d2baf17dd7f675a26830fb1047fac40a

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://virtualvacation.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-fastly-request-id: b036b50eeb57dffbfc93150547444267660e9ffc
date: Tue, 22 Feb 2022 15:33:39 GMT
content-encoding: gzip
age: 421
x-cache: HIT
content-length: 1286
x-served-by: cache-lga21954-LGA
access-control-allow-origin: *
last-modified: Mon, 17 May 2021 09:28:46 GMT
server: GitHub.com
x-github-request-id: FBB6:163E:19CD6A:2D1FB3:6214915E
x-timer: S1645544019.202833,VS0,VE0
etag: W/"60a2374e-bf7"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
expires: Tue, 22 Feb 2022 07:35:54 GMT
cache-control: max-age=600
permissions-policy: interest-cohort=()
accept-ranges: bytes
x-proxy-cache: HIT
x-cache-hits: 1

GET
H2 200 lazysizes.min.js Show response
afarkas.github.io/lazysizes/ 8 KB
4 KB 23ms
4ms Script
application/javascript 2606:50c0:8000::153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://afarkas.github.io/lazysizes/lazysizes.min.js
Requested by: Host: virtualvacation.us
URL: https://virtualvacation.us/guess
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:50c0:8000::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: GitHub.com /
Resource Hash: 3d9120fa621da6d613c1698b7014ec6bdf4620366e8f2b7b547059f4b6f6272b

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://virtualvacation.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-fastly-request-id: 30442710b10582b3235eb71725f875a6d16c1be8
date: Tue, 22 Feb 2022 15:33:39 GMT
content-encoding: gzip
age: 171
x-cache: HIT
content-length: 3497
x-served-by: cache-lga21954-LGA
access-control-allow-origin: *
last-modified: Mon, 17 May 2021 09:28:46 GMT
server: GitHub.com
x-github-request-id: 8C30:3832:EEB89:19EACB:620C9935
x-timer: S1645544019.202932,VS0,VE0
etag: W/"60a2374e-1ed1"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
expires: Wed, 16 Feb 2022 06:33:56 GMT
cache-control: max-age=600
permissions-policy: interest-cohort=()
accept-ranges: bytes
x-origin-cache: HIT
x-proxy-cache: HIT
x-cache-hits: 2

GET
H2 200 confetti.js Show response
virtualvacation.us/ 8 KB
2 KB 6ms
5ms Script
application/javascript 185.199.110.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://virtualvacation.us/confetti.js

Requested by

Host: virtualvacation.us
URL: https://virtualvacation.us/guess

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.199.110.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

cdn-185-199-110-153.github.com

Software

GitHub.com /

Resource Hash

be48274a9a0273108bfc415139fa536157ee97f684a57f3023f00fbb19375d16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://virtualvacation.us/guess
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-fastly-request-id: 51e223468181487d2321aeb2626adf13864893cb
strict-transport-security: max-age=31556952
content-encoding: gzip
etag: W/"61b29893-1e20"
age: 255
x-cache: HIT
content-length: 2091
x-served-by: cache-lga21957-LGA
access-control-allow-origin: *
last-modified: Fri, 10 Dec 2021 00:00:19 GMT
server: GitHub.com
x-github-request-id: 148E:4B66:2428CF:352926:62146842
x-timer: S1645544019.186753,VS0,VE1
date: Tue, 22 Feb 2022 15:33:39 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
expires: Tue, 22 Feb 2022 04:46:18 GMT
cache-control: max-age=600
accept-ranges: bytes
x-origin-cache: HIT
x-proxy-cache: MISS
x-cache-hits: 1

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/latest/fonts/ 75 KB
76 KB 28ms
18ms Font
application/font-woff2 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/latest/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/latest/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/latest/css/font-awesome.min.css
Origin: https://virtualvacation.us
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 15:33:39 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 617
age: 464289
cdn-cachedat: 2021-04-13 03:07:47
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 77160
timing-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:56 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/font-woff2
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 6d61e1c5643690038219640b8ddf9184
cdn-requestcountrycode: US
accept-ranges: bytes
cf-ray: 6e1946286d9c195d-EWR
cdn-cache: HIT
cdn-requestpullsuccess: True

GET
H2 200 iframe_api Show response
www.youtube.com/ 980 B
2 KB 43ms
28ms Script
text/javascript 2607:f8b0:4006:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: virtualvacation.us
URL: https://virtualvacation.us/guess

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::200e Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

386d6705d2d0272a475b99ea3da6e3fa565474e45128668f6daf3b9d71ed694d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://virtualvacation.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 15:33:39 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: ESF
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
report-to: {"group":"ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94"}]}
content-type: text/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94"
expires: Tue, 22 Feb 2022 15:33:39 GMT

GET
H2 200 XRXI3I6Li01BKofiOc5wtlZ2di8HDGUmdTQ3jw.woff2
fonts.gstatic.com/s/nunito/v22/ 14 KB
14 KB 21ms
6ms Font
font/woff2 2607:f8b0:4006:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunito/v22/XRXI3I6Li01BKofiOc5wtlZ2di8HDGUmdTQ3jw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Nunito:wght@600&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:807::2003 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d46dee7f7bcf947af690cf2d153c90fc78305ce2ab3af3b98ab0919b42e25b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://virtualvacation.us
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 08:32:07 GMT
x-content-type-options: nosniff
age: 284492
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14112
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 01:09:27 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sun, 19 Feb 2023 08:32:07 GMT

GET
H2 206 silence.mp3
virtualvacation.us/static/ 2 MB
2 MB 5ms
5ms Media
audio/mp3 185.199.110.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://virtualvacation.us/static/silence.mp3

Requested by

Host: virtualvacation.us
URL: https://virtualvacation.us/guess

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.199.110.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

cdn-185-199-110-153.github.com

Software

GitHub.com /

Resource Hash

78d76f6d29f3611b13b028444776438f99f827dab7a049878b76084dcad30069

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952

Request headers

Referer: https://virtualvacation.us/guess
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Range: bytes=0-

Response headers

x-fastly-request-id: 64a0e3d5aa999ccf017a49c0f7bb3a5ddc786bdf
strict-transport-security: max-age=31556952
via: 1.1 varnish
etag: "61b29893-24aac0"
age: 181
x-cache: HIT
Content-Range: bytes 0-2403007/2403008
Content-Length: 2403008
x-served-by: cache-lga21957-LGA
last-modified: Fri, 10 Dec 2021 00:00:19 GMT
server: GitHub.com
x-github-request-id: 4A2A:04B6:27CC4A:4039F6:6214D705
x-timer: S1645544019.331763,VS0,VE1
date: Tue, 22 Feb 2022 15:33:39 GMT
vary: Accept-Encoding
content-type: audio/mp3
access-control-allow-origin: *
expires: Tue, 22 Feb 2022 12:38:53 GMT
cache-control: max-age=600
accept-ranges: bytes
x-origin-cache: HIT
x-proxy-cache: MISS
x-cache-hits: 0

GET
H2 200 5efe4a1ed9c6890012469011.js Show response
buttons-config.sharethis.com/js/ 1 KB
1 KB 116ms
72ms Script
text/javascript 2600:9000:21ec:1400:c:abe:f440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://buttons-config.sharethis.com/js/5efe4a1ed9c6890012469011.js

Requested by

Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21ec:1400:c:abe:f440:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

95a393d0029fc7c029bbb7ccc2fb8181d603a069439e4c076290c300f9d743a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://virtualvacation.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Tue, 22 Feb 2022 15:33:40 GMT
content-encoding: gzip
last-modified: Sun, 10 Jan 2021 02:43:00 GMT
server: AmazonS3
x-amz-cf-pop: JFK51-C1
etag: W/"f6346a62889bd3713ae64610c131e0cb"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/javascript
via: 1.1 4fe583422d0b309b9b1d4505e54b137c.cloudfront.net (CloudFront)
cache-control: public, max-age=60
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-id: -LGAfYHmbH-1Nt5AGEp9sK8yrtEX7rquGah7ht98HMNVaiRI8cFoYA==

GET
H/1.1

200
OK

sc Show response
l.sharethis.com/
Redirect Chain

https://l.sharethis.com/pview?event=pview&hostname=virtualvacation.us&location=%2Fguess&product=sticky-share-buttons&url=https%3A%2F%2Fvirtualvacation.us%2Fguess&source=sharethis.js&fcmp=false&fcmp...
https://l.sharethis.com/sc?event=pview&hostname=virtualvacation.us&location=%2Fguess&product=sticky-share-buttons&url=https%3A%2F%2Fvirtualvacation.us%2Fguess&source=sharethis.js&fcmp=false&fcmpv2=...

160 B
684 B

22ms
22ms

XHR
text/plain

3.15.117.250
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://l.sharethis.com/sc?event=pview&hostname=virtualvacation.us&location=%2Fguess&product=sticky-share-buttons&url=https%3A%2F%2Fvirtualvacation.us%2Fguess&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=City%20Guesser%20-%20Can%20you%20guess%20what%20city%20you%27re%20in%3F&cms=unknown&publisher=5efe4a1ed9c6890012469011&sop=true&version=st_sop.js&lang=en&description=City%20Guesser%20is%20a%20game%20that%20plops%20you%20into%20a%20random%20city%20and%20forces%20you%20to%20guess%20where%20you%20are%20at!&samesite=None

Requested by

Host: virtualvacation.us
URL: https://virtualvacation.us/guess

Protocol

HTTP/1.1

Server

3.15.117.250 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-15-117-250.us-east-2.compute.amazonaws.com

Software

Resource Hash

67445195688c6c5ee0b283055392445fb392e95d50e5b746d55e7e6e4f2db111

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://virtualvacation.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 22 Feb 2022 15:33:39 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Access-Control-Max-Age: 1728000
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: https://virtualvacation.us
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Access-Control-Allow-Headers: *
Content-Length: 160
Stid: ZGAAFGIVAlMAAAAIeVx0Aw==

Redirect headers

Date: Tue, 22 Feb 2022 15:33:39 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Access-Control-Allow-Origin: https://virtualvacation.us
Access-Control-Max-Age: 1728000
Content-Type: text/html; charset=utf-8
Location: /sc?event=pview&hostname=virtualvacation.us&location=%2Fguess&product=sticky-share-buttons&url=https%3A%2F%2Fvirtualvacation.us%2Fguess&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=City%20Guesser%20-%20Can%20you%20guess%20what%20city%20you%27re%20in%3F&cms=unknown&publisher=5efe4a1ed9c6890012469011&sop=true&version=st_sop.js&lang=en&description=City%20Guesser%20is%20a%20game%20that%20plops%20you%20into%20a%20random%20city%20and%20forces%20you%20to%20guess%20where%20you%20are%20at!&samesite=None
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Access-Control-Allow-Headers: *
Content-Length: 623
Stid: ZGAAFGIVAlMAAAAIeVx0Aw==

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 82 KB
27 KB 83ms
53ms Script
text/javascript 142.251.32.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/TPK/virtualvacation.us/tag.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.32.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s77-in-f2.1e100.net

Software

sffe /

Resource Hash

13819980b2bb8838d02f6f4d91e1892160410b6de6f862bd0da14fcc75a9726e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://virtualvacation.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 15:33:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27525
x-xss-protection: 0
server: sffe
etag: "1139 / 29 of 1000 / last-modified: 1645531653"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 22 Feb 2022 15:33:39 GMT

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
1 KB 32ms
16ms XHR
application/json 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20220222

Requested by

Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/TPK/virtualvacation.us/tag.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c858b393dfc30fafa6c155823a2a747d793ca26288ab305128460be0a7f2a244

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://virtualvacation.us/
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 22 Feb 2022 15:33:39 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1955
x-jsd-version: 1.0.1261
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19144-FRA, cache-lga21937-LGA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"6a2-aIMcs6pLARzv69outHmmfsUexNs"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 6e1946295bc78c95-EWR

GET
H2 200 adsbygoogle.js Show response
api.adinplay.com/libs/aiptag/assets/ 16 B
371 B 14ms
14ms Script
application/javascript 2606:4700:3108::ac42:2b42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.adinplay.com/libs/aiptag/assets/adsbygoogle.js
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/TPK/virtualvacation.us/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:2b42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 351b4bae56595d6878b3ffd7940ac231a0a85427f4cb1e5adb1952b71998f35a

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://virtualvacation.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 15:33:39 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1236379
x-host: adinplay-2
content-length: 16
last-modified: Wed, 04 Apr 2018 16:13:25 GMT
server: cloudflare
etag: "5ac4f9a5-10"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MLinLgplw9bj5UcZg7AqBj7QLVycajAhEEWHS2bBb8i%2FydLARI1bSrjiGpVpU%2BEYS1RgrEUPw%2FwGHvK%2FNkqTQT9bnNZj5EYVsxWkaZxkRc1SM9wHDuU0WdUe6J%2FjXTrG%2FXbKySZ%2B%2BO6lPjSAMkk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1800
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6e19462948c915c7-EWR

GET
H2 200 / Show response
country.adinplay.workers.dev/ 2 B
620 B 63ms
13ms XHR
text/plain 2606:4700:3033::6815:45cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://country.adinplay.workers.dev/
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/TPK/virtualvacation.us/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:45cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9b202ecbc6d45c6d8901d989a918878397a3eb9d00e8f48022fc051b19d21a1d

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://virtualvacation.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 15:33:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-allow-headers: Content-Type
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rruIBJoPHrS%2B87oP6EOLQCjTnteNyZmGXqMUz2a0LihJHq6706Ajz1jI5vnsmtpv2zzP0Xw96XGXDiG1VgEf9ZwGURKnOJ50HNpiFJRqVLTI%2B2Hpx5Wi6e0E%2BSErR0bRtOdsiAr4Yjz05V462tYzFRucp%2BSArcMwM%2F58"}],"group":"cf-nel","max_age":604800}
cf-ray: 6e19462999358c6f-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2

GET
H2 200 entireglobe.jpg
virtualvacation.us/static/ 368 KB
368 KB 17ms
16ms Image
image/jpeg 185.199.110.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://virtualvacation.us/static/entireglobe.jpg

Requested by

Host: virtualvacation.us
URL: https://virtualvacation.us/guess

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.199.110.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

cdn-185-199-110-153.github.com

Software

GitHub.com /

Resource Hash

fc859a334b3b155ea6a35004a2f2440cb32b957112dc270bfd1aa07eb909e08f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://virtualvacation.us/guess
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-fastly-request-id: 145d9b6f555eaaf99242ce04ae60ee4445a56e52
strict-transport-security: max-age=31556952
via: 1.1 varnish
etag: "61b29893-5c033"
age: 569
x-cache: HIT
content-length: 376883
x-served-by: cache-lga21957-LGA
last-modified: Fri, 10 Dec 2021 00:00:19 GMT
server: GitHub.com
x-github-request-id: AA3E:3133:16F5B5:2F2179:6214DCE3
x-timer: S1645544019.416482,VS0,VE1
date: Tue, 22 Feb 2022 15:33:39 GMT
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
expires: Tue, 22 Feb 2022 13:02:41 GMT
cache-control: max-age=600
accept-ranges: bytes
x-proxy-cache: HIT
x-cache-hits: 1

GET
H2 200 usa.jpg
virtualvacation.us/static/ 901 KB
901 KB 22ms
21ms Image
image/jpeg 185.199.110.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://virtualvacation.us/static/usa.jpg

Requested by

Host: virtualvacation.us
URL: https://virtualvacation.us/guess

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.199.110.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

cdn-185-199-110-153.github.com

Software

GitHub.com /

Resource Hash

1fe496c07fac51109659619aa985f0ccc90956577fdc367d6b36292a7ab3ab5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://virtualvacation.us/guess
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-fastly-request-id: 1d7ddfcadab204578f73aec2a49662229f30a9b7
strict-transport-security: max-age=31556952
via: 1.1 varnish
etag: "61b29893-e12ee"
age: 569
x-cache: HIT
content-length: 922350
x-served-by: cache-lga21957-LGA
last-modified: Fri, 10 Dec 2021 00:00:19 GMT
server: GitHub.com
x-github-request-id: 3890:391F:1640D1:2E6384:6214DCE3
x-timer: S1645544019.416544,VS0,VE2
date: Tue, 22 Feb 2022 15:33:39 GMT
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
expires: Tue, 22 Feb 2022 13:03:55 GMT
cache-control: max-age=600
accept-ranges: bytes
x-proxy-cache: MISS
x-cache-hits: 1

GET
H2 200 euflags.jpg
virtualvacation.us/static/ 61 KB
61 KB 16ms
15ms Image
image/jpeg 185.199.110.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://virtualvacation.us/static/euflags.jpg

Requested by

Host: virtualvacation.us
URL: https://virtualvacation.us/guess

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.199.110.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

cdn-185-199-110-153.github.com

Software

GitHub.com /

Resource Hash

cb52fafd0efae05e37e7144bd9251155f60b276b76923dfe31b1368b5d96a047

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://virtualvacation.us/guess
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-fastly-request-id: ff955726d4e9260ffdb13821ae67540b30bc72f1
strict-transport-security: max-age=31556952
via: 1.1 varnish
etag: "61b29893-f448"
age: 569
x-cache: HIT
content-length: 62536
x-served-by: cache-lga21957-LGA
last-modified: Fri, 10 Dec 2021 00:00:19 GMT
server: GitHub.com
x-github-request-id: 781E:6DC1:20BF99:395F0F:6214DCE3
x-timer: S1645544019.416613,VS0,VE1
date: Tue, 22 Feb 2022 15:33:39 GMT
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
expires: Tue, 22 Feb 2022 13:03:55 GMT
cache-control: max-age=600
accept-ranges: bytes
x-origin-cache: HIT
x-proxy-cache: MISS
x-cache-hits: 1

GET
H2 200 monuments.jpg
virtualvacation.us/static/ 59 KB
59 KB 17ms
15ms Image
image/jpeg 185.199.110.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://virtualvacation.us/static/monuments.jpg

Requested by

Host: virtualvacation.us
URL: https://virtualvacation.us/guess

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.199.110.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

cdn-185-199-110-153.github.com

Software

GitHub.com /

Resource Hash

b020a567020c15e833bb380277be210fcb69f60b2120952d7fab9f419312c626

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://virtualvacation.us/guess
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-fastly-request-id: aead248c3bff2651cebcff01fa8d7c3f7e6fc2f7
strict-transport-security: max-age=31556952
via: 1.1 varnish
etag: "61b29893-eb73"
age: 569
x-cache: HIT
content-length: 60275
x-served-by: cache-lga21957-LGA
last-modified: Fri, 10 Dec 2021 00:00:19 GMT
server: GitHub.com
x-github-request-id: 12CE:1FA0:2434B6:3CF28B:6214DCE3
x-timer: S1645544019.416676,VS0,VE1
date: Tue, 22 Feb 2022 15:33:39 GMT
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
expires: Tue, 22 Feb 2022 13:03:55 GMT
cache-control: max-age=600
accept-ranges: bytes
x-proxy-cache: MISS
x-cache-hits: 1

GET
H2 200 canadian.jpg
virtualvacation.us/static/ 68 KB
69 KB 51ms
50ms Image
image/jpeg 185.199.110.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://virtualvacation.us/static/canadian.jpg

Requested by

Host: virtualvacation.us
URL: https://virtualvacation.us/guess

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.199.110.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

cdn-185-199-110-153.github.com

Software

GitHub.com /

Resource Hash

9b2459fe86499770da5300aa745e75a2a42a8438e3ced336f975b04dc1160cf5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://virtualvacation.us/guess
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-fastly-request-id: d8219dc7fff5b59ec1a5261b0b620fe6eec443cb
strict-transport-security: max-age=31556952
via: 1.1 varnish
etag: "61b29893-11084"
age: 0
x-cache: HIT
content-length: 69764
x-served-by: cache-lga21957-LGA
last-modified: Fri, 10 Dec 2021 00:00:19 GMT
server: GitHub.com
x-github-request-id: 77B8:660F:18F69E:311F9D:6214DCE5
x-timer: S1645544019.416757,VS0,VE10
date: Tue, 22 Feb 2022 15:33:39 GMT
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
expires: Tue, 22 Feb 2022 13:03:57 GMT
cache-control: max-age=600
accept-ranges: bytes
x-origin-cache: HIT
x-proxy-cache: MISS
x-cache-hits: 1

GET
H2 200 russianflag.jpg
virtualvacation.us/static/ 22 KB
22 KB 51ms
49ms Image
image/jpeg 185.199.110.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://virtualvacation.us/static/russianflag.jpg

Requested by

Host: virtualvacation.us
URL: https://virtualvacation.us/guess

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.199.110.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

cdn-185-199-110-153.github.com

Software

GitHub.com /

Resource Hash

49d5139ea6580787a03471ff60ccfb1d7159a041da154403928b3d97238d6448

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://virtualvacation.us/guess
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-fastly-request-id: b140c25532b1d0d183450b64ccedbe250973a473
strict-transport-security: max-age=31556952
via: 1.1 varnish
etag: "61b29893-56c7"
age: 0
x-cache: HIT
content-length: 22215
x-served-by: cache-lga21957-LGA
last-modified: Fri, 10 Dec 2021 00:00:19 GMT
server: GitHub.com
x-github-request-id: 99CA:041D:20F59E:39B0F0:6214DCE4
x-timer: S1645544019.416804,VS0,VE9
date: Tue, 22 Feb 2022 15:33:39 GMT
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
expires: Tue, 22 Feb 2022 13:03:56 GMT
cache-control: max-age=600
accept-ranges: bytes
x-origin-cache: HIT
x-proxy-cache: MISS
x-cache-hits: 1

GET
H2 200 unionjack.jpg
virtualvacation.us/static/ 22 KB
22 KB 50ms
49ms Image
image/jpeg 185.199.110.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://virtualvacation.us/static/unionjack.jpg

Requested by

Host: virtualvacation.us
URL: https://virtualvacation.us/guess

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.199.110.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

cdn-185-199-110-153.github.com

Software

GitHub.com /

Resource Hash

c88aa2c0c5121e3ab4df8cc8ad50e7432af4b7d8fd3420068c25e3c7206f442d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://virtualvacation.us/guess
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-fastly-request-id: a0fdac4a97e3b070a39be178634c026216bd4488
strict-transport-security: max-age=31556952
via: 1.1 varnish
etag: "61b29893-5627"
age: 0
x-cache: HIT
content-length: 22055
x-served-by: cache-lga21957-LGA
last-modified: Fri, 10 Dec 2021 00:00:19 GMT
server: GitHub.com
x-github-request-id: B45A:757B:21C0EA:3AA0AC:6214DCE4
x-timer: S1645544019.416873,VS0,VE8
date: Tue, 22 Feb 2022 15:33:39 GMT
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
expires: Tue, 22 Feb 2022 13:03:56 GMT
cache-control: max-age=600
accept-ranges: bytes
x-origin-cache: HIT
x-proxy-cache: MISS
x-cache-hits: 1

GET
H2 200 frenchflag.jpg
virtualvacation.us/static/ 10 KB
10 KB 51ms
50ms Image
image/jpeg 185.199.110.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://virtualvacation.us/static/frenchflag.jpg

Requested by

Host: virtualvacation.us
URL: https://virtualvacation.us/guess

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.199.110.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

cdn-185-199-110-153.github.com

Software

GitHub.com /

Resource Hash

f1848af4a450dd27d9e9e185368412d4184b07b2ba867ad7de41d0d721035675

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://virtualvacation.us/guess
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-fastly-request-id: 6e609dbdc22024161b2c411df0b9a1084cfe1913
strict-transport-security: max-age=31556952
via: 1.1 varnish
etag: "61b29893-27b0"
age: 0
x-cache: HIT
content-length: 10160
x-served-by: cache-lga21957-LGA
last-modified: Fri, 10 Dec 2021 00:00:19 GMT
server: GitHub.com
x-github-request-id: E33A:0C51:32DFBE:4C772A:6214DCE4
x-timer: S1645544019.416926,VS0,VE11
date: Tue, 22 Feb 2022 15:33:39 GMT
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
expires: Tue, 22 Feb 2022 13:02:56 GMT
cache-control: max-age=600
accept-ranges: bytes
x-origin-cache: HIT
x-proxy-cache: HIT
x-cache-hits: 1

GET
H2 200 seasia.jpg
virtualvacation.us/static/ 38 KB
38 KB 14ms
14ms Image
image/jpeg 185.199.110.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://virtualvacation.us/static/seasia.jpg

Requested by

Host: virtualvacation.us
URL: https://virtualvacation.us/guess

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.199.110.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

cdn-185-199-110-153.github.com

Software

GitHub.com /

Resource Hash

da1e96273329820e5b057812cbd0ee310fa20e3861e7c1a40d80efe7e5d634f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://virtualvacation.us/guess
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-fastly-request-id: 5b4fbb50687efffb8ab094c2e8db5d79623e9337
strict-transport-security: max-age=31556952
via: 1.1 varnish
etag: "61b29893-9607"
age: 569
x-cache: HIT
content-length: 38407
x-served-by: cache-lga21957-LGA
last-modified: Fri, 10 Dec 2021 00:00:19 GMT
server: GitHub.com
x-github-request-id: 54D6:216F:2198A0:3A6638:6214DCE4
x-timer: S1645544019.416965,VS0,VE1
date: Tue, 22 Feb 2022 15:33:39 GMT
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
expires: Tue, 22 Feb 2022 13:03:56 GMT
cache-control: max-age=600
accept-ranges: bytes
x-origin-cache: HIT
x-proxy-cache: MISS
x-cache-hits: 1

GET
H2 200 japanflag.jpg
virtualvacation.us/static/ 38 KB
39 KB 16ms
15ms Image
image/jpeg 185.199.110.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://virtualvacation.us/static/japanflag.jpg

Requested by

Host: virtualvacation.us
URL: https://virtualvacation.us/guess

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.199.110.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

cdn-185-199-110-153.github.com

Software

GitHub.com /

Resource Hash

362d67b2832f4fd49adfb966f963bd0ec808a9ced1bfd21dceb8fa82a19429bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://virtualvacation.us/guess
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-fastly-request-id: 83f684c76cd2b8d4e455677b8f371afa8167cd53
strict-transport-security: max-age=31556952
via: 1.1 varnish
etag: "61b29893-9913"
age: 567
x-cache: HIT
content-length: 39187
x-served-by: cache-lga21957-LGA
last-modified: Fri, 10 Dec 2021 00:00:19 GMT
server: GitHub.com
x-github-request-id: A8BE:3135:22917A:3B615E:6214DCE4
x-timer: S1645544019.417078,VS0,VE1
date: Tue, 22 Feb 2022 15:33:39 GMT
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
expires: Tue, 22 Feb 2022 13:03:56 GMT
cache-control: max-age=600
accept-ranges: bytes
x-origin-cache: HIT
x-proxy-cache: MISS
x-cache-hits: 1

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 24ms
3ms Script
text/javascript 2607:f8b0:4006:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-153516768-4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::200e Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://virtualvacation.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 4163
date: Tue, 22 Feb 2022 14:24:16 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 22 Feb 2022 16:24:16 GMT

GET
H3 200 www-widgetapi.js Show response
www.youtube.com/s/player/c3125ad0/www-widgetapi.vflset/ 147 KB
47 KB 16ms
4ms Script
text/javascript 2607:f8b0:4006:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/c3125ad0/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::200e Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

34ab26c49efdbbeca6567e183ca38ad41691979e324b377d7a2328b44e0d23e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://virtualvacation.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 08:36:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25056
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48596
x-xss-protection: 0
last-modified: Thu, 17 Feb 2022 01:18:33 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 22 Feb 2023 08:36:03 GMT

GET
H3 200 Fe78ODqrhXQ Show response
www.youtube.com/embed/ Frame 249E 54 KB
24 KB 54ms
53ms Document
text/html 2607:f8b0:4006:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/Fe78ODqrhXQ?modestbranding=1&rel=0&start=40&playsinline=1&controls=0&showinfo=0&loop=1&enablejsapi=1&origin=https%3A%2F%2Fvirtualvacation.us&widgetid=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c3125ad0/www-widgetapi.vflset/www-widgetapi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::200e Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

be825b96ade38b4f386822bebcbb31a821b7f4c6e375f42bd67bf746f51d3c7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-US,en;q=0.9
Referer: https://virtualvacation.us/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 22 Feb 2022 15:33:39 GMT
strict-transport-security: max-age=31536000
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
report-to: {"group":"ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94"
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-encoding: br
server: ESF
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 26ms
16ms XHR
text/plain 2607:f8b0:4006:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1531541774&t=pageview&_s=1&dl=https%3A%2F%2Fvirtualvacation.us%2Fguess&ul=en-us&de=UTF-8&dt=City%20Guesser%20-%20Can%20you%20guess%20what%20city%20you%27re%20in%3F&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=2120784233&gjid=1316863958&cid=1132659608.1645544019&tid=UA-153516768-4&_gid=524375281.1645544019&_r=1&gtm=2ou2g0&z=573227101

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::200e Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://virtualvacation.us/
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 22 Feb 2022 15:33:39 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://virtualvacation.us
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 138 B
820 B 39ms
25ms XHR
application/json 68.67.160.75
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/TPK/virtualvacation.us/tag.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.160.75 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

5908cc580e68418eaaff01045279f2d99e5e3695a9b41609fb1637b2c3bf1d42

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://virtualvacation.us/
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 22 Feb 2022 15:33:39 GMT
X-Proxy-Origin: 5.181.234.157; 5.181.234.157; 673.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid: 74435e20-4420-4925-a643-4678858fe638
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://virtualvacation.us
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 138
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK t.dhj Show response
t.sharethis.com/1/d/ 2 KB
2 KB 22ms
5ms Script
application/javascript 104.67.5.55
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=B&dmn=virtualvacation.us&rnd=1645544019538

Requested by

Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.67.5.55 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-67-5-55.deploy.static.akamaitechnologies.com

Software

Resource Hash

606af405d267f3b7e189d240152ba91b93e98b931514fd2f1ed004a73c1c2d55

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://virtualvacation.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 22 Feb 2022 15:33:39 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: application/javascript
Cache-Control: private, max-age=3600
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 1365
Expires: Tue, 22 Feb 2022 16:33:39 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
441 B 64ms
31ms XHR
text/plain 2607:f8b0:4023:1404::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-153516768-4&cid=1132659608.1645544019&jid=2120784233&gjid=1316863958&_gid=524375281.1645544019&_u=YEBAAUAAAAAAAC~&z=1894246785

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4023:1404::9c Columbus, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://virtualvacation.us/
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 22 Feb 2022 15:33:39 GMT
content-type: text/plain
access-control-allow-origin: https://virtualvacation.us
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pubads_impl_2022021401.js Show response
securepubads.g.doubleclick.net/gpt/ 360 KB
120 KB 19ms
4ms Script
text/javascript 142.251.32.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021401.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.32.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s77-in-f2.1e100.net

Software

sffe /

Resource Hash

8e2dcb9912e96ad6472e010d4e66d67c647dfc385f09d652c1ff8d4d752baf14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://virtualvacation.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:29:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 223477
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 123280
x-xss-protection: 0
last-modified: Mon, 14 Feb 2022 09:43:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 20 Feb 2023 01:29:02 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 80 B
102 B 45ms
28ms XHR
application/json 142.251.32.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=virtualvacation.us

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.32.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s77-in-f2.1e100.net

Software

cafe /

Resource Hash

aabbc838e2d0dc4cba54e1e60647d31f88455d168590847d1f88456c0d3edb6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://virtualvacation.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 22 Feb 2022 15:33:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 77
x-xss-protection: 0
expires: Tue, 22 Feb 2022 15:33:39 GMT

GET
H2 200 get_counts Show response
count-server.sharethis.com/v2.0/ 845 B
1 KB 46ms
6ms Script
text/javascript 13.225.230.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://count-server.sharethis.com/v2.0/get_counts?cb=window.__sharethis__.cb&url=https%3A%2F%2Fvirtualvacation.us%2Fguess

Requested by

Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.230.48 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-230-48.jfk51.r.cloudfront.net

Software

Resource Hash

db9d3ccc95cbf9611e822c92c704b50751fa16e2d747f0220324633c5b603347

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://virtualvacation.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 19:16:57 GMT
via: 1.1 ab95c5a0dcf51f52101ed4d59d15a2a2.cloudfront.net (CloudFront)
age: 73002
etag: ecd339472d80470756c9b90f43e0db8c
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-pop: JFK51-C1
content-length: 845
apigw-requestid: N6C-ejyyoAMESjw=
x-amz-cf-id: g1AkXOf5rWxIEA1njidj0L8eHOqJW06Z-K7J7Q_0i6nMe8NZr-dTYw==

GET
H2 200 facebook.svg
platform-cdn.sharethis.com/img/ 301 B
725 B 42ms
3ms Image
image/svg+xml 2600:9000:2140:dc00:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://platform-cdn.sharethis.com/img/facebook.svg

Requested by

Host: virtualvacation.us
URL: https://virtualvacation.us/guess

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2140:dc00:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

768d97ec0916217ae82c70aeda3a61b9b0dab344edc4a3240a4f7cd94af00307

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://virtualvacation.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Fri, 04 Feb 2022 07:13:15 GMT
via: 1.1 b7a66b6616123855c5af2d7cdf2b099e.cloudfront.net (CloudFront)
last-modified: Thu, 10 Oct 2019 01:20:12 GMT
server: AmazonS3
age: 1585225
etag: "c6e9be45643e197ce1db1d7e24a99adc"
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
x-amz-cf-pop: EWR52-C1
accept-ranges: bytes
content-length: 301
x-amz-cf-id: aIGkPRVE-nRlPHJalrrwWXZLGZLMGNnpDtZnIFo2Jec4j2gW01iGQA==

GET
H2 200 twitter.svg
platform-cdn.sharethis.com/img/ 731 B
1 KB 43ms
4ms Image
image/svg+xml 2600:9000:2140:dc00:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://platform-cdn.sharethis.com/img/twitter.svg

Requested by

Host: virtualvacation.us
URL: https://virtualvacation.us/guess

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2140:dc00:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

7c93346d4f681a0be90d1dfc19346382a4700f1810f41caa54415688dee1777f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://virtualvacation.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Fri, 04 Feb 2022 07:13:15 GMT
via: 1.1 b7a66b6616123855c5af2d7cdf2b099e.cloudfront.net (CloudFront)
last-modified: Thu, 10 Oct 2019 01:20:13 GMT
server: AmazonS3
age: 1585225
etag: "0af2fb38987598376c99e21af17ade45"
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
x-amz-cf-pop: EWR52-C1
accept-ranges: bytes
content-length: 731
x-amz-cf-id: XAYJz0EZqKh9XgWQQMJMo3Ha1BwYU3oxpfyOor3EJTpYql9UATUu4g==

GET
H2 200 pinterest.svg
platform-cdn.sharethis.com/img/ 771 B
1 KB 43ms
5ms Image
image/svg+xml 2600:9000:2140:dc00:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://platform-cdn.sharethis.com/img/pinterest.svg

Requested by

Host: virtualvacation.us
URL: https://virtualvacation.us/guess

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2140:dc00:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

efc737b4f58cfe73a9bd0e57d7570365701381da31e628b269e7217a0ce3359d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://virtualvacation.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Fri, 04 Feb 2022 07:15:00 GMT
via: 1.1 b7a66b6616123855c5af2d7cdf2b099e.cloudfront.net (CloudFront)
last-modified: Thu, 10 Oct 2019 01:20:13 GMT
server: AmazonS3
age: 1585120
etag: "2b10a062e719c64b686e2e8fcdc216dc"
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
x-amz-cf-pop: EWR52-C1
accept-ranges: bytes
content-length: 771
x-amz-cf-id: tfPVEk49VKJaMLKzlWPvBsYqUnGcP0NlNhQVZrNCKeQ5rmr5m-v10w==

GET
H2 200 email.svg
platform-cdn.sharethis.com/img/ 343 B
767 B 44ms
5ms Image
image/svg+xml 2600:9000:2140:dc00:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://platform-cdn.sharethis.com/img/email.svg

Requested by

Host: virtualvacation.us
URL: https://virtualvacation.us/guess

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2140:dc00:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

5f5012132c752db2433e17712d91ef8689f1bc95167b2720e23224c2ae62e009

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://virtualvacation.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Fri, 04 Feb 2022 07:13:19 GMT
via: 1.1 b7a66b6616123855c5af2d7cdf2b099e.cloudfront.net (CloudFront)
last-modified: Thu, 10 Oct 2019 01:20:12 GMT
server: AmazonS3
age: 1585221
etag: "5977437466e857c7ddcadda6f6d88c2a"
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
x-amz-cf-pop: EWR52-C1
accept-ranges: bytes
content-length: 343
x-amz-cf-id: RhD6s3ichYCkhQiBGGrUhi9Sp0DRdlqxLFarnMDr1XVDDn1253tELw==

GET
H2 200 sharethis.svg
platform-cdn.sharethis.com/img/ 514 B
939 B 44ms
6ms Image
image/svg+xml 2600:9000:2140:dc00:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://platform-cdn.sharethis.com/img/sharethis.svg

Requested by

Host: virtualvacation.us
URL: https://virtualvacation.us/guess

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2140:dc00:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

9a83c65bdd0ff9488af9d25720686457ea7295c9c44f9f1d285a0c9ec89bab99

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://virtualvacation.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Fri, 04 Feb 2022 07:13:15 GMT
via: 1.1 b7a66b6616123855c5af2d7cdf2b099e.cloudfront.net (CloudFront)
last-modified: Thu, 10 Oct 2019 01:20:13 GMT
server: AmazonS3
age: 1585225
etag: "deecdaa377907db5cc1722fc831670a1"
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
x-amz-cf-pop: EWR52-C1
accept-ranges: bytes
content-length: 514
x-amz-cf-id: PK8oitfHNUzrOqN_0iR9nTONYAJ4TvhOOxQDijOa-DmUVFTThF6m7w==

GET
H3 200 www-player-webp.css
www.youtube.com/s/player/c3125ad0/ Frame 249E 341 KB
47 KB 5ms
5ms Stylesheet
text/css 2607:f8b0:4006:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/c3125ad0/www-player-webp.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Fe78ODqrhXQ?modestbranding=1&rel=0&start=40&playsinline=1&controls=0&showinfo=0&loop=1&enablejsapi=1&origin=https%3A%2F%2Fvirtualvacation.us&widgetid=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::200e Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4477ee59b97030d6f35483b304d8bd6e71388e45c339d83c22cde5d1dead3d34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.youtube.com/embed/Fe78ODqrhXQ?modestbranding=1&rel=0&start=40&playsinline=1&controls=0&showinfo=0&loop=1&enablejsapi=1&origin=https%3A%2F%2Fvirtualvacation.us&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 05:01:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 210739
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47760
x-xss-protection: 0
last-modified: Thu, 17 Feb 2022 01:18:33 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 20 Feb 2023 05:01:20 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/c3125ad0/www-embed-player.vflset/ Frame 249E 283 KB
85 KB 8ms
7ms Script
text/javascript 2607:f8b0:4006:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/c3125ad0/www-embed-player.vflset/www-embed-player.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::200e Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8b838fab476b0b972555361c19bfa11475adc6bcb3165ea3823eca1584fe6017

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.youtube.com/embed/Fe78ODqrhXQ?modestbranding=1&rel=0&start=40&playsinline=1&controls=0&showinfo=0&loop=1&enablejsapi=1&origin=https%3A%2F%2Fvirtualvacation.us&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 15:52:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 430853
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87214
x-xss-protection: 0
last-modified: Thu, 17 Feb 2022 01:18:33 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 17 Feb 2023 15:52:46 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/c3125ad0/player_ias.vflset/en_US/ Frame 249E 2 MB
538 KB 10ms
9ms Script
text/javascript 2607:f8b0:4006:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/c3125ad0/player_ias.vflset/en_US/base.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::200e Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

febae1ff34e2aac13f3ad553f75f409f0dc7b29bd385a197565408bf2dff16c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.youtube.com/embed/Fe78ODqrhXQ?modestbranding=1&rel=0&start=40&playsinline=1&controls=0&showinfo=0&loop=1&enablejsapi=1&origin=https%3A%2F%2Fvirtualvacation.us&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 19:08:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 159903
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 550685
x-xss-protection: 0
last-modified: Thu, 17 Feb 2022 01:18:33 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 20 Feb 2023 19:08:36 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube.com/s/player/c3125ad0/fetch-polyfill.vflset/ Frame 249E 10 KB
3 KB 6ms
6ms Script
text/javascript 2607:f8b0:4006:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/c3125ad0/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::200e Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

245700ec8ef4a9acfb6088689f5b4867269393b8222cb1c75ea791621751ff87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.youtube.com/embed/Fe78ODqrhXQ?modestbranding=1&rel=0&start=40&playsinline=1&controls=0&showinfo=0&loop=1&enablejsapi=1&origin=https%3A%2F%2Fvirtualvacation.us&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 15:52:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 430853
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3338
x-xss-protection: 0
last-modified: Thu, 17 Feb 2022 01:18:33 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 17 Feb 2023 15:52:46 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 249E 15 KB
15 KB 18ms
4ms Font
font/woff2 2607:f8b0:4006:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2003 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 15:59:51 GMT
x-content-type-options: nosniff
age: 603228
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 15 Feb 2023 15:59:51 GMT

GET
H/1.1 200
OK t_.htm Show response
t.sharethis.com/a/ Frame B689 2 KB
1 KB 11ms
9ms Document
text/html 104.67.5.55
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/a/t_.htm?ver=1.858.22997&cid=c010&cls=B

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=B&dmn=virtualvacation.us&rnd=1645544019538

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.67.5.55 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-67-5-55.deploy.static.akamaitechnologies.com

Software

Resource Hash

ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-US,en;q=0.9
Referer: https://virtualvacation.us/

Response headers

Content-Length: 1160
Cache-Control: max-age=604800
Expires: Tue, 01 Mar 2022 15:33:39 GMT
Date: Tue, 22 Feb 2022 15:33:39 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Encoding: gzip
Content-Type: text/html
X-Robots-Tag: noindex, nofollow

GET
H2 200 inf.jpg
virtualvacation.us/static/ 140 KB
140 KB 5ms
5ms Image
image/jpeg 185.199.110.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://virtualvacation.us/static/inf.jpg

Requested by

Host: virtualvacation.us
URL: https://virtualvacation.us/guess

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.199.110.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

cdn-185-199-110-153.github.com

Software

GitHub.com /

Resource Hash

0bc21ed88fdaf5f388e5fad84ed63f1f9b38803c995c1b30a0f75e3d85648b4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://virtualvacation.us/guess
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-fastly-request-id: eb09466cef5a745d590fd8fae4bb60e5efe5e9f8
strict-transport-security: max-age=31556952
via: 1.1 varnish
etag: "61b29893-2302f"
age: 568
x-cache: HIT
content-length: 143407
x-served-by: cache-lga21957-LGA
last-modified: Fri, 10 Dec 2021 00:00:19 GMT
server: GitHub.com
x-github-request-id: 12CE:1FA0:2434C6:3CF2A1:6214DCE4
x-timer: S1645544020.643284,VS0,VE1
date: Tue, 22 Feb 2022 15:33:39 GMT
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
expires: Tue, 22 Feb 2022 13:03:56 GMT
cache-control: max-age=600
accept-ranges: bytes
x-origin-cache: HIT
x-proxy-cache: MISS
x-cache-hits: 1

GET
H2 200 bff.jpg
virtualvacation.us/static/ 42 KB
42 KB 6ms
5ms Image
image/jpeg 185.199.110.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://virtualvacation.us/static/bff.jpg

Requested by

Host: virtualvacation.us
URL: https://virtualvacation.us/guess

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.199.110.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

cdn-185-199-110-153.github.com

Software

GitHub.com /

Resource Hash

8cf39397676875c07b6796362f24307fd96a4e4d78dc6df1562574023cddd2e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://virtualvacation.us/guess
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-fastly-request-id: b8b1c3ab497f64baaac2974e0248e365f237dd67
strict-transport-security: max-age=31556952
via: 1.1 varnish
etag: "61b29893-a6ab"
age: 568
x-cache: HIT
content-length: 42667
x-served-by: cache-lga21957-LGA
last-modified: Fri, 10 Dec 2021 00:00:19 GMT
server: GitHub.com
x-github-request-id: 561A:4945:202B1C:38AE9C:6214DCE9
x-timer: S1645544020.643421,VS0,VE1
date: Tue, 22 Feb 2022 15:33:39 GMT
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
expires: Tue, 22 Feb 2022 13:04:01 GMT
cache-control: max-age=600
accept-ranges: bytes
x-origin-cache: HIT
x-proxy-cache: MISS
x-cache-hits: 1

GET
H2 200 aff.jpg
virtualvacation.us/static/ 293 KB
294 KB 9ms
9ms Image
image/jpeg 185.199.110.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://virtualvacation.us/static/aff.jpg

Requested by

Host: virtualvacation.us
URL: https://virtualvacation.us/guess

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.199.110.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

cdn-185-199-110-153.github.com

Software

GitHub.com /

Resource Hash

bcad6f3f12bb2b10ed5f96230e1d0e42c75bbcd3833a80cf874ba065b9c066cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://virtualvacation.us/guess
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-fastly-request-id: 9dbd4f29d69febe160b80c6f459baa59656c15de
strict-transport-security: max-age=31556952
via: 1.1 varnish
etag: "61b29893-495af"
age: 568
x-cache: HIT
content-length: 300463
x-served-by: cache-lga21957-LGA
last-modified: Fri, 10 Dec 2021 00:00:19 GMT
server: GitHub.com
x-github-request-id: 59DE:4501:391A34:52A727:6214DCE8
x-timer: S1645544020.643514,VS0,VE1
date: Tue, 22 Feb 2022 15:33:39 GMT
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
expires: Tue, 22 Feb 2022 13:04:00 GMT
cache-control: max-age=600
accept-ranges: bytes
x-origin-cache: HIT
x-proxy-cache: MISS
x-cache-hits: 1

GET
H2 200 argentinaflag.jpeg
virtualvacation.us/static/ 37 KB
37 KB 11ms
10ms Image
image/jpeg 185.199.110.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://virtualvacation.us/static/argentinaflag.jpeg

Requested by

Host: virtualvacation.us
URL: https://virtualvacation.us/guess

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.199.110.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

cdn-185-199-110-153.github.com

Software

GitHub.com /

Resource Hash

262ebe8d8c357005c8c2a8faa838ba6f7bcfcd215dc829fc89e936cfed85e266

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://virtualvacation.us/guess
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-fastly-request-id: 39633567680e9e3e039f6678a7a549d73dc9e0e5
strict-transport-security: max-age=31556952
via: 1.1 varnish
etag: "61b29893-92de"
age: 503
x-cache: HIT
content-length: 37598
x-served-by: cache-lga21957-LGA
last-modified: Fri, 10 Dec 2021 00:00:19 GMT
server: GitHub.com
x-github-request-id: A02E:5BE3:3D269F:58F9CF:6214FD9C
x-timer: S1645544020.653735,VS0,VE1
date: Tue, 22 Feb 2022 15:33:39 GMT
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
expires: Tue, 22 Feb 2022 15:23:32 GMT
cache-control: max-age=600
accept-ranges: bytes
x-origin-cache: HIT
x-proxy-cache: MISS
x-cache-hits: 1

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 5055 52 KB
17 KB 75ms
2ms Document
text/html 151.101.1.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/TPK/virtualvacation.us/tag.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-US,en;q=0.9
Referer: https://virtualvacation.us/

Response headers

Connection: keep-alive
Content-Length: 17053
Server: nginx/1.18.0 (Ubuntu)
Content-Type: text/html
Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: W/"5fc7ff8f-cf34"
Expires: Wed, 23 Feb 2022 04:03:36 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Accept-Ranges: bytes
Date: Tue, 22 Feb 2022 15:33:39 GMT
Via: 1.1 varnish
Age: 41406
X-Served-By: cache-lga21939-LGA
X-Cache: HIT
X-Cache-Hits: 82675
X-Timer: S1645544020.789665,VS0,VE0
Vary: Accept-Encoding

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 42ms
22ms Script
application/javascript 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=virtualvacation.us

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://virtualvacation.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 22 Feb 2022 15:33:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 572 B
312 B 66ms
65ms XHR
text/plain 142.251.32.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=481605079240995&correlator=162870261153165&eid=31064905%2C31064965%2C31063224%2C31064869&output=ldjh&gdfp_req=1&vrg=2022021401&ptt=17&impl=fif&sc=1&sfv=1-0-38&ecs=20220222&iu_parts=421469808%2Cvirtualvacation.us_728x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&eri=1&cust_params=GS%3DNo%26FC%3D1%26OS%3DOther&cookie_enabled=1&bc=31&abxe=1&dt=1645544019757&lmt=1639094419&dlt=1645544019153&idt=577&frm=20&biw=1600&bih=1200&oid=2&adxs=436&adys=755&adks=3697411644&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fvirtualvacation.us%2Fguess&vis=1&scr_x=0&scr_y=0&psz=1600x-1&msz=1600x-1&ga_vid=1132659608.1645544019&ga_sid=1645544020&ga_hid=1531541774&ga_fc=true&fws=4&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.32.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s77-in-f2.1e100.net

Software

cafe /

Resource Hash

96f01b2bd829bddf807c76a2b877549ca4af9a06737167e5d4de06da6755c805

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://virtualvacation.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 15:33:39 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 282
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://virtualvacation.us
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
970bd2fe66f39b8f2acf4b9c90932a27.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0532 6 KB
4 KB 61ms
23ms Document
text/html 2607:f8b0:4006:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://970bd2fe66f39b8f2acf4b9c90932a27.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2001 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-US,en;q=0.9
Referer: https://virtualvacation.us/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Tue, 22 Feb 2022 15:33:39 GMT
expires: Wed, 22 Feb 2023 15:33:39 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 249E
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

40ms
28ms

XHR
application/json

2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Protocol

Server

2607:f8b0:4006:80f::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eaffbe767131665902e17b6bd9c3807b3ea053be7833648ef59a01f4139eafe7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 15:33:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 22 Feb 2022 15:33:39 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 249E 29 B
588 B 18ms
4ms Script
text/javascript 2607:f8b0:4006:80c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c3125ad0/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2006 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 15:28:14 GMT
x-content-type-options: nosniff
age: 325
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 22 Feb 2022 15:43:14 GMT

GET
H2 200 adasync.min.js Show response
cdn.adspirit.de/ 33 KB
9 KB 214ms
19ms Script
application/javascript 2a02:6ea0:c600::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adspirit.de/adasync.min.js
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/TPK/virtualvacation.us/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c600::11 Chicago, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 87f79f2f506631ff7210d138d584afc5ba8d6966db6fdca9e6f98ff19002097b

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://virtualvacation.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-77-pop: chicagoUSIL
date: Tue, 22 Feb 2022 15:33:40 GMT
content-encoding: gzip
x-77-nzt-ray: Hks7n0mDB/g
x-cache: HIT
x-age: 3095
x-77-nzt: Abn20QR3wxf/FwwAAA
x-accel-expires: @1645627325
last-modified: Thu, 01 Apr 2021 12:06:58 GMT
server: CDN77-Turbo
etag: W/"3665562209"
x-77-cache: HIT
access-control-allow-methods: GET, POST, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-headers: range
expires: Fri, 02 Apr 2021 14:04:32 GMT

POST
H3 204 qoe
www.youtube.com/api/stats/ Frame 249E 0
19 B 23ms
22ms Ping
text/html 2607:f8b0:4006:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/qoe?cpn=vdV2gjfWtJGkwsrT&el=embedded&ns=yt&fexp=23858057%2C23983296%2C24001373%2C24002022%2C24002025%2C24004644%2C24007246%2C24080738%2C24082662%2C24091243%2C24134697%2C24135310%2C24140279%2C24152471%2C24165197%2C24166123%2C24169726%2C24170002&cl=429167346&seq=1&event=streamingstats&docid=Fe78ODqrhXQ&cbr=Chrome&cbrver=98.0.4758.80&c=WEB_EMBEDDED_PLAYER&cver=1.20220216.01.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&vps=0.000:N,0.000:ER&cmt=0.000:0.000,0.000:0.000&error=0.000:auth:0.000:0;a6s.0&vis=0.000:0&bh=0.000:0.000

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c3125ad0/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::200e Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/Fe78ODqrhXQ?modestbranding=1&rel=0&start=40&playsinline=1&controls=0&showinfo=0&loop=1&enablejsapi=1&origin=https%3A%2F%2Fvirtualvacation.us&widgetid=1
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 22 Feb 2022 15:33:39 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/c3125ad0/player_ias.vflset/en_US/ Frame 249E 26 KB
8 KB 3ms
3ms Script
text/javascript 2607:f8b0:4006:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/c3125ad0/player_ias.vflset/en_US/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c3125ad0/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::200e Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a0a95f5345eee401264602894c9598cfd529818413f73a07346b7759580cffb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.youtube.com/embed/Fe78ODqrhXQ?modestbranding=1&rel=0&start=40&playsinline=1&controls=0&showinfo=0&loop=1&enablejsapi=1&origin=https%3A%2F%2Fvirtualvacation.us&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 15:52:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 430853
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7661
x-xss-protection: 0
last-modified: Thu, 17 Feb 2022 01:18:33 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 17 Feb 2023 15:52:46 GMT

GET
H/1.1 200
OK t_.js Show response
t.sharethis.com/1.858.22997/a/US/ Frame 0997 24 KB
10 KB 5ms
5ms Script
text/javascript 104.67.5.55
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1.858.22997/a/US/t_.js?cid=c010&cls=B

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.858.22997&cid=c010&cls=B

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.67.5.55 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-67-5-55.deploy.static.akamaitechnologies.com

Software

Resource Hash

fc70a8ac1580f5f81f01a290654460c27fcdb89b49652c63aad6089e8e16d4bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.858.22997&cid=c010&cls=B
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 22 Feb 2022 15:33:39 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: text/javascript
Cache-Control: max-age=604800
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 9847
Expires: Tue, 01 Mar 2022 15:33:39 GMT

GET
H/1.1

200
OK

bounce Show response
ib.adnxs.com/ Frame 5055
Redirect Chain

https://ib.adnxs.com/async_usersync?cbfn=queuePixels
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

0
803 B

29ms
28ms

Script
text/html

68.67.160.75
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Server

68.67.160.75 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 22 Feb 2022 15:33:40 GMT
X-Proxy-Origin: 5.181.234.157; 5.181.234.157; 673.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid: 72904dad-736d-40a1-a15d-87f5ef90d095
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 22 Feb 2022 15:33:39 GMT
X-Proxy-Origin: 5.181.234.157; 5.181.234.157; 673.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid: 2124f949-cb41-49cc-8ca3-c4c317595b41
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 204 qoe
www.youtube.com/api/stats/ Frame 249E 0
19 B 23ms
22ms Ping
text/html 2607:f8b0:4006:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/qoe?cpn=vdV2gjfWtJGkwsrT&el=embedded&ns=yt&fexp=23858057%2C23983296%2C24001373%2C24002022%2C24002025%2C24004644%2C24007246%2C24080738%2C24082662%2C24091243%2C24134697%2C24135310%2C24140279%2C24152471%2C24165197%2C24166123%2C24169726%2C24170002&cl=429167346&seq=2&event=streamingstats&docid=Fe78ODqrhXQ&cbr=Chrome&cbrver=98.0.4758.80&c=WEB_EMBEDDED_PLAYER&cver=1.20220216.01.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&vps=0.112:ER&bat=0.112:1:1&cmt=0.112:0.000&bh=0.112:0.000

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c3125ad0/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::200e Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/Fe78ODqrhXQ?modestbranding=1&rel=0&start=40&playsinline=1&controls=0&showinfo=0&loop=1&enablejsapi=1&origin=https%3A%2F%2Fvirtualvacation.us&widgetid=1
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 22 Feb 2022 15:33:40 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

nlsn
sync.sharethis.com/ Frame 0997
Redirect Chain

https://loadus.exelator.com/load/?p=847&g=001&j=0&gdpr=0&gdpr_consent=
https://loadus.exelator.com/load/?p=847&g=001&j=0&gdpr=0&gdpr_consent=&xl8blockcheck=1
https://sync.sharethis.com/nlsn?uid=ca766dce221a3f02de0122e58703ac67

42 B
297 B

83ms
21ms

Image
image/gif

18.190.45.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.sharethis.com/nlsn?uid=ca766dce221a3f02de0122e58703ac67

Requested by

Host: virtualvacation.us
URL: https://virtualvacation.us/guess

Protocol

HTTP/1.1

Server

18.190.45.198 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-190-45-198.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Date: Tue, 22 Feb 2022 15:33:40 GMT
Content-Length: 42
Stid: ZGAAFGIVAlMAAAAIeVx0Aw==
Content-Type: image/gif

Redirect headers

date: Tue, 22 Feb 2022 15:33:40 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://sync.sharethis.com/nlsn?uid=ca766dce221a3f02de0122e58703ac67
cache-control: no-cache
access-control-allow-credentials: true
content-type: image/gif
content-length: 0

GET
H/1.1

200
OK

lotame
sync.sharethis.com/int/ Frame 0997
Redirect Chain

https://bcp.crwdcntrl.net/5/c=9084/tp=SARE/tpid=ZGAAFGIVAlMAAAAIeVx0Aw%3D%3D&gdpr=0&gdpr_consent=?https%3A%2F%2Fsync.sharethis.com%2Fint%2Flotame%3Fuid%3D%24%7Bprofile_id%7D%26gdpr%3D0%26gdpr_conse...
https://bcp.crwdcntrl.net/5/ct=y/c=9084/tp=SARE/tpid=ZGAAFGIVAlMAAAAIeVx0Aw%3D%3D&gdpr=0&gdpr_consent=?https%3A%2F%2Fsync.sharethis.com%2Fint%2Flotame%3Fuid%3D%24%7Bprofile_id%7D%26gdpr%3D0%26gdpr_...
https://sync.sharethis.com/int/lotame?uid=1d2fd861e189b9475520a26818ccfbf1&gdpr=0&gdpr_consent=

42 B
297 B

75ms
21ms

Image
image/gif

18.190.45.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.sharethis.com/int/lotame?uid=1d2fd861e189b9475520a26818ccfbf1&gdpr=0&gdpr_consent=

Requested by

Host: virtualvacation.us
URL: https://virtualvacation.us/guess

Protocol

HTTP/1.1

Server

18.190.45.198 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-190-45-198.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Date: Tue, 22 Feb 2022 15:33:40 GMT
Content-Length: 42
Stid: ZGAAFGIVAlMAAAAIeVx0Aw==
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 22 Feb 2022 15:33:40 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://sync.sharethis.com/int/lotame?uid=1d2fd861e189b9475520a26818ccfbf1&gdpr=0&gdpr_consent=
cache-control: no-cache
x-server: 10.40.0.102
content-length: 0
expires: 0

GET
H/1.1

200
OK

eyeota
sync.sharethis.com/ Frame 0997
Redirect Chain

https://ps.eyeota.net/pixel?pid=1mpb5m0&t=gif&gdpr=0&gdpr_consent=
https://ps.eyeota.net/pixel/bounce/?pid=1mpb5m0&t=gif&gdpr=0&gdpr_consent=
https://sync.sharethis.com/eyeota?uid=2LoPu6E63ipmL-439_nOE58B_CBBDtQ3zdqKSEp_sR0g&gdpr=0&gdpr_consent=

42 B
297 B

22ms
22ms

Image
image/gif

18.190.45.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.sharethis.com/eyeota?uid=2LoPu6E63ipmL-439_nOE58B_CBBDtQ3zdqKSEp_sR0g&gdpr=0&gdpr_consent=

Requested by

Host: virtualvacation.us
URL: https://virtualvacation.us/guess

Protocol

HTTP/1.1

Server

18.190.45.198 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-190-45-198.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Date: Tue, 22 Feb 2022 15:33:40 GMT
Content-Length: 42
Stid: ZGAAFGIVAlMAAAAIeVx0Aw==
Content-Type: image/gif

Redirect headers

Location: https://sync.sharethis.com/eyeota?uid=2LoPu6E63ipmL-439_nOE58B_CBBDtQ3zdqKSEp_sR0g&gdpr=0&gdpr_consent=
Date: Tue, 22 Feb 2022 15:33:40 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H/1.1

200
OK

ttd
sync.sharethis.com/ Frame 0997
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent=
https://sync.sharethis.com/ttd?uid=0bc20246-ed82-480d-8706-4033430fa14d&gdpr=0&gdpr_consent=

42 B
297 B

88ms
22ms

Image
image/gif

18.190.45.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.sharethis.com/ttd?uid=0bc20246-ed82-480d-8706-4033430fa14d&gdpr=0&gdpr_consent=

Requested by

Host: virtualvacation.us
URL: https://virtualvacation.us/guess

Protocol

HTTP/1.1

Server

18.190.45.198 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-190-45-198.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Date: Tue, 22 Feb 2022 15:33:40 GMT
Content-Length: 42
Stid: ZGAAFGIVAlMAAAAIeVx0Aw==
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 22 Feb 2022 15:33:40 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://sync.sharethis.com/ttd?uid=0bc20246-ed82-480d-8706-4033430fa14d&gdpr=0&gdpr_consent=
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 215

GET
H/1.1

200
OK

csync.ashx
ml314.com/ Frame 0997
Redirect Chain

https://ml314.com/utsync.ashx?eid=50131&et=13&cid=lr&fp=ZGAAFGIVAlMAAAAIeVx0Aw%3D%3D&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fidsync.rlcdn.com%2F395886.gif%3Fpartner_uid%3D%5BPersonID%5D
https://idsync.rlcdn.com/395886.gif?partner_uid=3625322199883710471
https://idsync.rlcdn.com/1000.gif?memo=CO6UGBIeChoIARCuXxoTMzYyNTMyMjE5OTg4MzcxMDQ3MRAAGg0I1ITUkAYSBQjoBxAAQgBKAA
https://ml314.com/csync.ashx?fp=06ae82fe1c01844a99cb5b349a50cb167c608f969d3501c606c2e052fa5968d5f4cb09cee1a4f8eb&person_id=3625322199883710471&eid=50082

43 B
312 B

12ms
12ms

Image
image/gif

34.233.103.61
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ml314.com/csync.ashx?fp=06ae82fe1c01844a99cb5b349a50cb167c608f969d3501c606c2e052fa5968d5f4cb09cee1a4f8eb&person_id=3625322199883710471&eid=50082
Requested by: Host: virtualvacation.us
URL: https://virtualvacation.us/guess
Protocol: HTTP/1.1
Server: 34.233.103.61 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-233-103-61.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 22 Feb 2022 15:33:39 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: image/gif
Cache-Control: private
Connection: keep-alive
Content-Length: 43
Expires: Wed, 23 Feb 2022 10:33:40 GMT

Redirect headers

date: Tue, 22 Feb 2022 15:33:40 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://ml314.com/csync.ashx?fp=06ae82fe1c01844a99cb5b349a50cb167c608f969d3501c606c2e052fa5968d5f4cb09cee1a4f8eb&person_id=3625322199883710471&eid=50082
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1

200
OK

drawbridge
sync.sharethis.com/ Frame 0997
Redirect Chain

https://p.adsymptotic.com/d/px/?_pid=12608&_psign=f58963b3af9d250b387068620e8a4444&_puuid=ZGAAFGIVAlMAAAAIeVx0Aw%3D%3D&_redirect=https%3A%2F%2Fsync.sharethis.com%2Fdrawbridge%3Fuid%3D%24%7BUUID%7D&...
https://p.adsymptotic.com/d/px/?_pid=12608&_psign=f58963b3af9d250b387068620e8a4444&_puuid=ZGAAFGIVAlMAAAAIeVx0Aw%3D%3D&_redirect=https%3A%2F%2Fsync.sharethis.com%2Fdrawbridge%3Fuid%3D%24%7BUUID%7D&...
https://sync.sharethis.com/drawbridge?uid=364b7cab5f70a85e36021b5926b69b43

42 B
297 B

62ms
22ms

Image
image/gif

18.190.45.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.sharethis.com/drawbridge?uid=364b7cab5f70a85e36021b5926b69b43

Requested by

Host: virtualvacation.us
URL: https://virtualvacation.us/guess

Protocol

HTTP/1.1

Server

18.190.45.198 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-190-45-198.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Date: Tue, 22 Feb 2022 15:33:40 GMT
Content-Length: 42
Stid: ZGAAFGIVAlMAAAAIeVx0Aw==
Content-Type: image/gif

Redirect headers

date: Tue, 22 Feb 2022 15:33:40 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP='NON DSP COR CONi OUR BUS CNT'
location: https://sync.sharethis.com/drawbridge?uid=364b7cab5f70a85e36021b5926b69b43
cf-ray: 6e19462dc93032e4-EWR
content-length: 0

GET
H/1.1 200
OK adscript.php Show response
adinplay.adspirit.de/ 1 KB
2 KB 580ms
113ms Script
text/html 213.95.181.109
NORIS-NETWORK IT ...

General

Check archive.org

Show headers Download Go to

Full URL

https://adinplay.adspirit.de/adscript.php?async=adspirit_ad_24&wpcn=asm69973041x1645544020103&ref=https%3A%2F%2Fvirtualvacation.us%2Fguess&swf=-1&scx=1600&scy=1200&wcx=1600&wcy=1200&dcx=1600&vis=4&tz=1645544020104&pid=24&pbid=virtualvacation-us_728x90

Requested by

Host: cdn.adspirit.de
URL: https://cdn.adspirit.de/adasync.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

213.95.181.109 Oberschleissheim, Germany, ASN12337 (NORIS-NETWORK IT Service Provider located in Nuernberg, Germany, DE),

Reverse DNS

webportal-adspirit.de

Software

Apache / PHP/7.3.31

Resource Hash

7100cb031e02100e50359307ec34bd609718cdd1f3c47fd6efaa757d15389c70

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://virtualvacation.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 22 Feb 2022 15:33:40 GMT
Last-Modified: Tue, 22 Feb 2022 15:33:40 GMT
Server: Apache
X-Powered-By: PHP/7.3.31
Transfer-Encoding: chunked
P3P: policyref="https://help.adspirit.de/w3c/adspirit.p3p", CP="NOI DSP COR NID PSAo PSDo IVAo IVDo OUR STP UNI COM NAV DEM"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate
Connection: close
Content-Type: text/html; charset=UTF-8
X-XSS-Protection: 0
Expires: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 13 KB
10 KB 53ms
36ms XHR
application/json 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022021401&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1776e3e93b1f790f09fb86e8ba25f57fcbd8bb1fec45ce8ee19f53199dd9ad9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://virtualvacation.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 22 Feb 2022 15:33:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9778
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 39ms
34ms Script
text/javascript 2607:f8b0:4006:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2001 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://virtualvacation.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 15:33:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 22 Feb 2022 15:33:40 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F7DE 13 KB
5 KB 16ms
3ms Document
text/html 2607:f8b0:4006:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2001 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-US,en;q=0.9
Referer: https://virtualvacation.us/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 20 Feb 2022 19:27:41 GMT
expires: Mon, 20 Feb 2023 19:27:41 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 158759
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame B95D 783 B
1 KB 42ms
25ms Document
text/html 2607:f8b0:4006:823::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2004 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c4329b24b717af18bf8d67c66e7ab933ad4f6d830356ec7f508dd29e1c22789a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-PtxhwAzhTqT56jkRCc3YvQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-US,en;q=0.9
Referer: https://virtualvacation.us/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Tue, 22 Feb 2022 15:33:40 GMT
date: Tue, 22 Feb 2022 15:33:40 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-PtxhwAzhTqT56jkRCc3YvQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 515
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 amNa6lhdd-Oid2bHU1unpRJ57vx5QG5_ysqcoHUTmoo.js Show response
pagead2.googlesyndication.com/bg/ Frame F7DE 35 KB
13 KB 15ms
4ms Script
text/javascript 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/amNa6lhdd-Oid2bHU1unpRJ57vx5QG5_ysqcoHUTmoo.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a635aea585d77e3a27766c7535ba7a51279eefc79406e7fcaca9ca075139a8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 20:27:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68778
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13572
x-xss-protection: 0
last-modified: Mon, 14 Feb 2022 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 21 Feb 2023 20:27:22 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame B95D 0
0 67ms
67ms Image
text/html 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022021401&jk=481605079240995&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:81d::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame F7DE 0
9 B 3ms
3ms Image
text/plain 2607:f8b0:4006:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?7tGXzw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80c::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 15:33:40 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 68ms
68ms Image
image/gif 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022021401&jk=481605079240995&bg=!JSalJmLNAAbf-5Dq3_s7ACkAdvg8WmaygaFHl-H5ItXDlrwID2fGYGDBFoTV-XTWlkSSL-7GVXhYRQIAAABXUgAAAAJoAQeZAsaJmPu9o-sKE_YW0iHtqVt5gRXevygYaUgSmIWaTSMJN7X36vzQ9tZPYqQIrD_sGd99uBnzL_colKVwIFMjBbfbgozxYxG2XQgsw2AnJ1PupG4C4ojaYDcpBPL_JApcRNRYzta8hCVYAQEMJMLbvrwuy4jL5ugKdseYFy14sBDUVWiYio2f5WhLwBIj0L68BgQClxcgx7jI2tkMVR8mbUDDojuqTRxY0_z1aQcK9vycDC__sCb6ULG-aC9CtmzjINS9bmPcLsIOJ6rIdyGIPij1HqqhkoSO_O1Y9wUu4fhTOPDp8iLxcK_6GxUNsCxM-re8ty_a5mTtOFal5_5wot9SNgCQXpnToUeMy1gbHup7Tbxsr3QpJOH3NmZASnxyce104AuN0m6Fo1TSPyJs2YIwCE8OicDjApJyn4OxJBsWwVVhBBx27KKYsI4KVXrxGDXVGgEysR_t4WBDREoRa-z-mJN9HsaE7groW-FCGJ1AJ9fMDOeVNnka4gCxQQIdETDXM6pAH60kRITo8_s_JOh7OKrTuojtN_lXkW6afUhU9_pJG9xA94SzEyWE6VRhi77ANgkOG0qAH1t0lyzj89_j8HKKaGFkaHoRQiSt15W7omvX8KAN52-9q15geJrnjZSuSXV0Nf0FZ1iXB_G7Bt8cqosp1icYtr0YddQx5AhJk_wQrW-oBzW02AUXj3bGhtAjPkA1ZzRul4pKYkPam941l4Crss8qN3zaqZUFTWCfhr72XphWbqIGrB6dwA4O1znUC_Uyd6vT96ITMAEgwtbsp0K4sICgzoGDNLRlM-MiGF37aG2BIJj0ubapdhWIYnGuhet9C3x6DZ6lzlT15QmNy2X1hsoJoTW0GYoL9HtwwhXUg41nvwwpAhTJESPYonw3RfYF4sjiBIoimAynq0cXothX670D0lAQ_VBPs-6GgQr0m8W2yA

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://virtualvacation.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Feb 2022 15:33:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 5055 0
731 B 12ms
12ms Script
text/html 68.67.160.75
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.160.75 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 22 Feb 2022 15:33:41 GMT
X-Proxy-Origin: 5.181.234.157; 5.181.234.157; 673.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid: 192ed25f-6bd8-43a4-ba9e-6fac3c1c3016
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK adscript.php Show response
adinplay.adspirit.de/ 327 B
1 KB 101ms
101ms Script
text/html 213.95.181.109
NORIS-NETWORK IT ...

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: cdn.adspirit.de
URL: https://cdn.adspirit.de/adasync.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

213.95.181.109 Oberschleissheim, Germany, ASN12337 (NORIS-NETWORK IT Service Provider located in Nuernberg, Germany, DE),

Reverse DNS

webportal-adspirit.de

Software

Apache / PHP/7.3.30

Resource Hash

7dac41c03128eacdd521f978d01e20ef3b88ed337654f75fb2a8ce06c2deae7f

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://virtualvacation.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 22 Feb 2022 15:33:41 GMT
Last-Modified: Tue, 22 Feb 2022 15:33:41 GMT
Server: Apache
X-Powered-By: PHP/7.3.30
Transfer-Encoding: chunked
P3P: policyref="https://help.adspirit.de/w3c/adspirit.p3p", CP="NOI DSP COR NID PSAo PSDo IVAo IVDo OUR STP UNI COM NAV DEM"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate
x-ip: 5.181.234.157
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Keep-Alive: timeout=3, max=1000
X-XSS-Protection: 0
Expires: 0

GET
H2 200 asm_pageview.min.js Show response
cdn.adspirit.de/banner/ 2 KB
1 KB 20ms
19ms Script
application/javascript 2a02:6ea0:c600::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adspirit.de/banner/asm_pageview.min.js
Requested by: Host: cdn.adspirit.de
URL: https://cdn.adspirit.de/adasync.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c600::11 Chicago, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 9d33f1621ca6eca3c807b75f23aea2f847f1992d487cab0aeb732332af8fab46

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://virtualvacation.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-77-pop: chicagoUSIL
date: Tue, 22 Feb 2022 15:33:41 GMT
content-encoding: gzip
x-77-nzt-ray: XOSlp7zH68I
x-cache: HIT
x-age: 82688
x-77-nzt: Abn20QSH94j/AEMBAA
x-accel-expires: @1645547733
last-modified: Tue, 11 Jun 2019 08:31:43 GMT
server: CDN77-Turbo
etag: W/"3762381252"
x-77-cache: HIT
access-control-allow-methods: GET, POST, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-headers: range
expires: Sat, 08 Feb 2020 15:50:12 GMT

GET
H/1.1 200
OK adpageview.php
adinplay.adspirit.de/ 43 B
512 B 97ms
96ms Image
image/gif 213.95.181.109
NORIS-NETWORK IT ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adinplay.adspirit.de/adpageview.php?&wsid=12&sid=0&sid2=0&sid3=0&gdpr_consent=&tz=1645544021915

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

213.95.181.109 Oberschleissheim, Germany, ASN12337 (NORIS-NETWORK IT Service Provider located in Nuernberg, Germany, DE),

Reverse DNS

webportal-adspirit.de

Software

Apache / PHP/7.3.30

Resource Hash

5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://virtualvacation.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 22 Feb 2022 15:33:41 GMT
Last-Modified: Tue, 22 Feb 2022 15:33:41 GMT
Server: Apache
X-Powered-By: PHP/7.3.30
P3P: policyref="https://help.adspirit.de/w3c/adspirit.p3p", CP="NOI DSP COR NID PSAo PSDo IVAo IVDo OUR STP UNI COM NAV DEM"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate
Connection: close
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: 0

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 249E 28 B
50 B 26ms
26ms XHR
application/json 2607:f8b0:4006:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c3125ad0/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::200e Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/Fe78ODqrhXQ?modestbranding=1&rel=0&start=40&playsinline=1&controls=0&showinfo=0&loop=1&enablejsapi=1&origin=https%3A%2F%2Fvirtualvacation.us&widgetid=1
X-YouTube-Client-Version: 1.20220216.01.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtZUkR0aXJmalJfSSjThNSQBg%3D%3D
X-YouTube-Ad-Signals: dt=1645544019828&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&wgl=true&ca_type=image

Response headers

date: Tue, 22 Feb 2022 15:33:42 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0

Verdicts & Comments Add Verdict or Comment

208 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

27 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: 08TZ4aBkIxk
.youtube.com/	1970-01-20 05:24:56	Name: VISITOR_INFO1_LIVE Value: YRDtirfjR_I
.sharethis.com/	1970-01-20 09:51:20	Name: __stid Value: ZGAAFGIVAlMAAAAIeVx0Aw==
.sharethis.com/	1970-01-20 09:51:20	Name: __stidv Value: 2
.virtualvacation.us/	1970-01-20 18:36:56	Name: _ga Value: GA1.2.1132659608.1645544019
.virtualvacation.us/	1970-01-20 01:07:10	Name: _gid Value: GA1.2.524375281.1645544019
.virtualvacation.us/	1970-01-20 01:05:44	Name: _gat_gtag_UA_153516768_4 Value: 1
.virtualvacation.us/	1970-01-20 03:17:13	Name: CountryCode Value: US
.virtualvacation.us/	1970-01-20 03:17:13	Name: userFromEEA Value: false
.virtualvacation.us/	1970-01-20 09:51:20	Name: fpestid Value: sl4IBkeFCip8EG7X-yEoQtjr9l0coWbAAxsh3Ln8mmrQrmKtzInaw6uUmn7WwTiF3b8sSQ
.doubleclick.net/	1970-01-20 01:05:44	Name: test_cookie Value: CheckForPermission
.virtualvacation.us/	1970-01-20 10:27:20	Name: __gads Value: ID=eb794770bd2f17e0-2220a435c77b003d:T=1645544019:S=ALNI_Mb7ISnKZrbLOTopxEYIszv6F3KPtw
.adnxs.com/	1970-01-20 03:15:20	Name: uuid2 Value: 7677262714381645638
.t.sharethis.com/	1970-01-20 01:48:56	Name: pxcelPage_default_c010_B Value: 0_6_1645544020050
.adsrvr.org/	1970-01-20 09:51:20	Name: TDID Value: 0bc20246-ed82-480d-8706-4033430fa14d
.adsrvr.org/	1970-01-20 09:51:20	Name: TDCPM Value: CAEYBSABKAIyCwjondbp7Yi7OhAFOAE.
.exelator.com/	1970-01-20 03:58:32	Name: EE Value: "ca766dce221a3f02de0122e58703ac67"
.adsymptotic.com/	1970-01-20 03:15:20	Name: U Value: 364b7cab5f70a85e36021b5926b69b43
.ml314.com/	1970-01-20 09:51:20	Name: pi Value: 3625322199883710471
.exelator.com/	1970-01-20 03:58:32	Name: ud Value: "eJxrXxzq6XKLQSE50dzMLCU51cjIMNE4zcAoJdXA0Mgo1dTC3MA4MdnMfHFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq0yNJiSX5RZvqi0ODFRSlpDItKik8F75%252FICQB%252FYynU"
.crwdcntrl.net/	1970-01-20 07:34:30	Name: _cc_dc Value: 0
.crwdcntrl.net/	1970-01-20 07:34:30	Name: _cc_id Value: 1d2fd861e189b9475520a26818ccfbf1
.rlcdn.com/	1970-01-20 09:51:20	Name: rlas3 Value: TJ6p6RCYXiN7V9y+N+FyaB0XTGinrL5cZ+Ix9KUI7D8=
.rlcdn.com/	1970-01-20 02:32:08	Name: pxrc Value: CNSE1JAGEgUI6AcQABIFCNtOEAA=
.eyeota.net/	1970-01-20 09:51:20	Name: mako_uid Value: 17f2211197a-6af70000010a554e
.eyeota.net/	1970-01-20 01:05:44	Name: SERVERID Value: 21838~DM
adinplay.adspirit.de/	1970-01-20 01:48:56	Name: adinplayuxid Value: c57f5eaca520383d6d41bfb88bc1fb63cec83b0978e40102df0c7a4212ef1a59

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31556952

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

970bd2fe66f39b8f2acf4b9c90932a27.safeframe.googlesyndication.com
acdn.adnxs.com
adinplay.adspirit.de
adservice.google.com
afarkas.github.io
ajax.googleapis.com
api.adinplay.com
bcp.crwdcntrl.net
buttons-config.sharethis.com
cdn.adspirit.de
cdn.jsdelivr.net
cdnjs.cloudflare.com
count-server.sharethis.com
country.adinplay.workers.dev
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
ib.adnxs.com
idsync.rlcdn.com
l.sharethis.com
loadus.exelator.com
match.adsrvr.org
maxcdn.bootstrapcdn.com
ml314.com
p.adsymptotic.com
pagead2.googlesyndication.com
platform-api.sharethis.com
platform-cdn.sharethis.com
ps.eyeota.net
securepubads.g.doubleclick.net
static.doubleclick.net
stats.g.doubleclick.net
sync.sharethis.com
t.sharethis.com
tpc.googlesyndication.com
unpkg.com
virtualvacation.us
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.w3schools.com
www.youtube.com
104.18.101.194
104.67.5.55
13.225.205.93
13.225.230.48
142.251.32.98
151.101.1.108
18.190.45.198
18.206.84.102
185.199.110.153
192.229.173.207
213.95.181.109
2600:9000:2140:dc00:1d:85c3:6640:93a1
2600:9000:21ec:1400:c:abe:f440:93a1
2606:4700:3033::6815:45cd
2606:4700:3108::ac42:2b42
2606:4700::6810:125e
2606:4700::6810:5514
2606:4700::6810:7baf
2606:4700::6812:bcf
2606:50c0:8000::153
2607:f8b0:4006:807::2003
2607:f8b0:4006:809::200e
2607:f8b0:4006:80c::2001
2607:f8b0:4006:80c::2006
2607:f8b0:4006:80c::200a
2607:f8b0:4006:80f::2002
2607:f8b0:4006:81d::2002
2607:f8b0:4006:822::200a
2607:f8b0:4006:823::2004
2607:f8b0:4006:824::2008
2607:f8b0:4006:824::200e
2607:f8b0:4023:1404::9c
2a02:6ea0:c600::11
3.15.117.250
34.231.251.31
34.233.103.61
35.190.60.146
52.0.156.250
52.223.40.198
68.67.160.75
0bc21ed88fdaf5f388e5fad84ed63f1f9b38803c995c1b30a0f75e3d85648b4e
13819980b2bb8838d02f6f4d91e1892160410b6de6f862bd0da14fcc75a9726e
1776e3e93b1f790f09fb86e8ba25f57fcbd8bb1fec45ce8ee19f53199dd9ad9b
1fe496c07fac51109659619aa985f0ccc90956577fdc367d6b36292a7ab3ab5d
245700ec8ef4a9acfb6088689f5b4867269393b8222cb1c75ea791621751ff87
262ebe8d8c357005c8c2a8faa838ba6f7bcfcd215dc829fc89e936cfed85e266
27aabc3490a7bd53a4fb7ffc7f6989fd6b491c481dafe635489f7a0b196595f3
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
34ab26c49efdbbeca6567e183ca38ad41691979e324b377d7a2328b44e0d23e4
351b4bae56595d6878b3ffd7940ac231a0a85427f4cb1e5adb1952b71998f35a
362d67b2832f4fd49adfb966f963bd0ec808a9ced1bfd21dceb8fa82a19429bc
38544024da1a0fc2f706be6582557b5722d17f48ad9a8073594a0cf928e2e3ff
386d6705d2d0272a475b99ea3da6e3fa565474e45128668f6daf3b9d71ed694d
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3d9120fa621da6d613c1698b7014ec6bdf4620366e8f2b7b547059f4b6f6272b
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
444ee2a405e57ede9ef10e17bb58c0351c39e9d21203f242b55a77fd07d30784
4477ee59b97030d6f35483b304d8bd6e71388e45c339d83c22cde5d1dead3d34
4873060989924f8e92a321a0a38611ffd0252b5bdfddf7fce00abdc8ae2176a3
49d5139ea6580787a03471ff60ccfb1d7159a041da154403928b3d97238d6448
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc
5908cc580e68418eaaff01045279f2d99e5e3695a9b41609fb1637b2c3bf1d42
5d46dee7f7bcf947af690cf2d153c90fc78305ce2ab3af3b98ab0919b42e25b4
5f5012132c752db2433e17712d91ef8689f1bc95167b2720e23224c2ae62e009
606af405d267f3b7e189d240152ba91b93e98b931514fd2f1ed004a73c1c2d55
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
67445195688c6c5ee0b283055392445fb392e95d50e5b746d55e7e6e4f2db111
680af6669abc319f9803f0fa26d443df1b6bc29133d88a8e4bea560ffed7288c
6a635aea585d77e3a27766c7535ba7a51279eefc79406e7fcaca9ca075139a8a
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7100cb031e02100e50359307ec34bd609718cdd1f3c47fd6efaa757d15389c70
768d97ec0916217ae82c70aeda3a61b9b0dab344edc4a3240a4f7cd94af00307
78d76f6d29f3611b13b028444776438f99f827dab7a049878b76084dcad30069
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7a0ff76c662bb891ac1fb95ff960c9951feffa5099b0615b2f41107a3d83b434
7c93346d4f681a0be90d1dfc19346382a4700f1810f41caa54415688dee1777f
7cda11af090fd86b983db352266309382c9f441d8384f41ed2b19383346ccaca
7dac41c03128eacdd521f978d01e20ef3b88ed337654f75fb2a8ce06c2deae7f
87f79f2f506631ff7210d138d584afc5ba8d6966db6fdca9e6f98ff19002097b
8b838fab476b0b972555361c19bfa11475adc6bcb3165ea3823eca1584fe6017
8cf39397676875c07b6796362f24307fd96a4e4d78dc6df1562574023cddd2e5
8e2dcb9912e96ad6472e010d4e66d67c647dfc385f09d652c1ff8d4d752baf14
95a393d0029fc7c029bbb7ccc2fb8181d603a069439e4c076290c300f9d743a3
96f01b2bd829bddf807c76a2b877549ca4af9a06737167e5d4de06da6755c805
9a83c65bdd0ff9488af9d25720686457ea7295c9c44f9f1d285a0c9ec89bab99
9b202ecbc6d45c6d8901d989a918878397a3eb9d00e8f48022fc051b19d21a1d
9b2459fe86499770da5300aa745e75a2a42a8438e3ced336f975b04dc1160cf5
9d33f1621ca6eca3c807b75f23aea2f847f1992d487cab0aeb732332af8fab46
a0a95f5345eee401264602894c9598cfd529818413f73a07346b7759580cffb5
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
aabbc838e2d0dc4cba54e1e60647d31f88455d168590847d1f88456c0d3edb6c
b020a567020c15e833bb380277be210fcb69f60b2120952d7fab9f419312c626
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b5c198693aa2381fa368e7bd7425cefa519ccb4877be9d669d67b37edf28cd9f
bcad6f3f12bb2b10ed5f96230e1d0e42c75bbcd3833a80cf874ba065b9c066cd
be48274a9a0273108bfc415139fa536157ee97f684a57f3023f00fbb19375d16
be825b96ade38b4f386822bebcbb31a821b7f4c6e375f42bd67bf746f51d3c7d
c4329b24b717af18bf8d67c66e7ab933ad4f6d830356ec7f508dd29e1c22789a
c4f2aba13970ecf8303fb9329f97c8824861569273b0aa27acce48abc61d04f5
c776195ad46333c6c9a9fe3c74502ffea9a02faf122388ea3567922cc65a3060
c858b393dfc30fafa6c155823a2a747d793ca26288ab305128460be0a7f2a244
c88aa2c0c5121e3ab4df8cc8ad50e7432af4b7d8fd3420068c25e3c7206f442d
cb52fafd0efae05e37e7144bd9251155f60b276b76923dfe31b1368b5d96a047
d41c6733a8c4a3a7f08204de8e3d60e1d2baf17dd7f675a26830fb1047fac40a
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
da1e96273329820e5b057812cbd0ee310fa20e3861e7c1a40d80efe7e5d634f6
db9d3ccc95cbf9611e822c92c704b50751fa16e2d747f0220324633c5b603347
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eaffbe767131665902e17b6bd9c3807b3ea053be7833648ef59a01f4139eafe7
ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0
edf73ce2890d53a3e52005d155c869d164fd1e4ccad2b926e978e8b71ecf8e98
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efc737b4f58cfe73a9bd0e57d7570365701381da31e628b269e7217a0ce3359d
f1848af4a450dd27d9e9e185368412d4184b07b2ba867ad7de41d0d721035675
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fc70a8ac1580f5f81f01a290654460c27fcdb89b49652c63aad6089e8e16d4bb
fc859a334b3b155ea6a35004a2f2440cb32b957112dc270bfd1aa07eb909e08f
febae1ff34e2aac13f3ad553f75f409f0dc7b29bd385a197565408bf2dff16c0

virtualvacation.us Open in urlscan Pro 185.199.110.153 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

93 Requests

90 %HTTPS

55 %IPv6

27 Domains

42 Subdomains

34 IPs

3 Countries

5973 kBTransfer

9429 kBSize

27 Cookies

9 Outgoing links

Redirected requests

93 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

virtualvacation.us Open in urlscan Pro
185.199.110.153 Public Scan

Screenshot
Live screenshot

Full Image

93
Requests

90 %
HTTPS

55 %
IPv6

27
Domains

42
Subdomains

34
IPs

3
Countries

5973 kB
Transfer

9429 kB
Size

27
Cookies

93 HTTP transactions
0 data transactions