www.lascatalinascr.com Open in urlscan Pro
13.68.180.169 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.lascatalinascr.com/
Effective URL:
https://www.lascatalinascr.com/
Submission: On May 24 via api (May 24th 2024, 11:08:40 pm UTC) from US — Scanned from DE

Summary HTTP 58 Redirects Links 14 Behaviour Indicators

Summary

This website contacted 25 IPs in 5 countries across 22 domains to perform 58 HTTP transactions. The main IP is 13.68.180.169, located in Washington, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is www.lascatalinascr.com.
TLS certificate: Issued by RapidSSL TLS RSA CA G1 on October 3rd 2023. Valid for: a year.

This is the only time www.lascatalinascr.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	13.68.180.169 13.68.180.169	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2606:4700::68... 2606:4700::6812:8d77	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:8dd1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c06::9c	15169 (GOOGLE) (GOOGLE)
2	142.250.186.35 142.250.186.35	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6810:6bfe	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::6812:22e5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:8a11	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:4c8e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:80ac	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:a0a8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.185.196 142.250.185.196	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f17... 2a03:2880:f177:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
6	2606:4700::68... 2606:4700::6810:7574	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:f36c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	52.217.104.118 52.217.104.118	16509 (AMAZON-02) (AMAZON-02)
1	157.240.252.13 157.240.252.13	32934 (FACEBOOK) (FACEBOOK)
5	104.18.80.204 104.18.80.204	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	37.139.1.159 37.139.1.159	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	2620:100:6022... 2620:100:6022:15::a27d:420f	() ()
58	25

5 13.68.180.169 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
PTR: iws-04.ideawork.com

www.lascatalinascr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:8d77 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:8dd1 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c06::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.35 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f3.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:6bfe (United States)

ASN13335 (CLOUDFLARENET, US)

js.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forms.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:22e5 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:8a11 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsleadflows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:4c8e (United States)

ASN13335 (CLOUDFLARENET, US)

js.usemessages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:80ac (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsadspixel.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:a0a8 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.196 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6810:7574 (United States)

ASN13335 (CLOUDFLARENET, US)

api.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
app.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forms.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:f36c (United States)

ASN13335 (CLOUDFLARENET, US)

api.hubapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.217.104.118 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 157.240.252.13 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-fra3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.18.80.204 (None, )

ASN13335 (CLOUDFLARENET, US)

forms.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forms-na1.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.139.1.159 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)

api.openweathermap.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:100:6022:15::a27d:420f (None, )

ASN- ()

dl.dropboxusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	amazonaws.com s3.amazonaws.com	880 KB
6	hubspot.com api.hubspot.com — Cisco Umbrella Rank: 4890 track.hubspot.com — Cisco Umbrella Rank: 2393 app.hubspot.com — Cisco Umbrella Rank: 5794 forms.hubspot.com — Cisco Umbrella Rank: 5442	5 KB
5	hsforms.com forms.hsforms.com — Cisco Umbrella Rank: 4333 forms-na1.hsforms.com — Cisco Umbrella Rank: 6937	4 KB
5	lascatalinascr.com www.lascatalinascr.com	2 MB
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 101	4 KB
3	google.com region1.analytics.google.com — Cisco Umbrella Rank: 3095 www.google.com — Cisco Umbrella Rank: 2	376 B
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 183	75 KB
2	hscollectedforms.net js.hscollectedforms.net — Cisco Umbrella Rank: 4572 forms.hscollectedforms.net — Cisco Umbrella Rank: 4722	25 KB
2	google.de www.google.de — Cisco Umbrella Rank: 7810	126 B
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 89	410 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 32	21 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	192 KB
1	dropboxusercontent.com dl.dropboxusercontent.com
1	openweathermap.org api.openweathermap.org — Cisco Umbrella Rank: 12864	877 B
1	hubapi.com api.hubapi.com — Cisco Umbrella Rank: 3473	1 KB
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 2225	24 KB
1	hsadspixel.net js.hsadspixel.net — Cisco Umbrella Rank: 3146	4 KB
1	usemessages.com js.usemessages.com — Cisco Umbrella Rank: 4801	24 KB
1	hsleadflows.net js.hsleadflows.net — Cisco Umbrella Rank: 5201	92 KB
1	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 2189	26 KB
1	hs-scripts.com js.hs-scripts.com — Cisco Umbrella Rank: 2460	1 KB
1	hsforms.net js.hsforms.net — Cisco Umbrella Rank: 6801	156 KB
58	22

	Domain	Requested by
6	s3.amazonaws.com
5	www.lascatalinascr.com	www.lascatalinascr.com
4	forms.hsforms.com	js.hsforms.net js.hscollectedforms.net
4	www.facebook.com	www.lascatalinascr.com
3	connect.facebook.net	www.lascatalinascr.com connect.facebook.net
2	track.hubspot.com
2	api.hubspot.com	js.usemessages.com
2	www.google.de	www.lascatalinascr.com
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	region1.analytics.google.com	www.googletagmanager.com
2	www.google-analytics.com	www.lascatalinascr.com www.google-analytics.com
2	www.googletagmanager.com	www.lascatalinascr.com
1	forms-na1.hsforms.com
1	dl.dropboxusercontent.com
1	api.openweathermap.org	www.lascatalinascr.com
1	forms.hubspot.com	js.hsleadflows.net
1	app.hubspot.com	js.usemessages.com
1	forms.hscollectedforms.net	js.hscollectedforms.net
1	api.hubapi.com	js.hsadspixel.net
1	www.google.com	www.lascatalinascr.com
1	js.hs-analytics.net	js.hs-scripts.com
1	js.hsadspixel.net	js.hs-scripts.com
1	js.usemessages.com	js.hs-scripts.com
1	js.hsleadflows.net	js.hs-scripts.com
1	js.hs-banner.com	js.hs-scripts.com
1	js.hscollectedforms.net	js.hs-scripts.com
1	js.hs-scripts.com	www.lascatalinascr.com
1	js.hsforms.net	www.lascatalinascr.com
58	28

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.instagram.com
www.youtube.com
www.beachtowntravel.com
theblog.lascatalinascr.com
www.google.com
www.onceuponatime.agency

Subject Issuer	Validity	Valid
www.lascatalinascr.com RapidSSL TLS RSA CA G1	`2023-10-03` - `2024-11-02`	a year	crt.sh
hsforms.net GTS CA 1P5	`2024-04-15` - `2024-07-14`	3 months	crt.sh
*.google-analytics.com WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
hs-scripts.com E1	`2024-04-01` - `2024-06-30`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-03-03` - `2024-06-01`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-05-06` - `2024-07-29`	3 months	crt.sh
*.google.de WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
hscollectedforms.net E1	`2024-03-29` - `2024-06-27`	3 months	crt.sh
hs-banner.com E1	`2024-04-01` - `2024-06-30`	3 months	crt.sh
hsleadflows.net E1	`2024-04-05` - `2024-07-04`	3 months	crt.sh
usemessages.com E1	`2024-04-12` - `2024-07-11`	3 months	crt.sh
hsadspixel.net E1	`2024-04-16` - `2024-07-15`	3 months	crt.sh
hs-analytics.net GTS CA 1P5	`2024-04-13` - `2024-07-12`	3 months	crt.sh
*.google.com WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
hubspot.com E1	`2024-05-23` - `2024-08-21`	3 months	crt.sh
hubapi.com E1	`2024-05-04` - `2024-08-02`	3 months	crt.sh
s3.amazonaws.com Amazon RSA 2048 M01	`2024-02-08` - `2025-01-11`	a year	crt.sh
hsforms.com GTS CA 1P5	`2024-04-17` - `2024-07-16`	3 months	crt.sh
*.openweathermap.org Sectigo RSA Domain Validation Secure Server CA	`2023-06-30` - `2024-07-30`	a year	crt.sh
*.dl.dropboxusercontent.com DigiCert TLS RSA SHA256 2020 CA1	`2024-03-25` - `2025-03-11`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://www.lascatalinascr.com/
Frame ID: 46E0CEFDE798A3B1AAC42A13BFB6971C
Requests: 56 HTTP requests in this frame

Frame: https://app.hubspot.com/conversations-visitor/4917861/threads/utk/c8d45654a78c41a595437034543b6e04?uuid=fe29904f156d409d9005fb7c88701a5f&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=&domain=lascatalinascr.com&inApp53=false&messagesUtk=c8d45654a78c41a595437034543b6e04&url=https%3A%2F%2Fwww.lascatalinascr.com%2F&inline=false&isFullscreen=false&globalCookieOptOut=&isFirstVisitorSession=true&isAttachmentDisabled=false&isInitialInputFocusDisabled=false&enableWidgetCookieBanner=false&isInCMS=false&hideScrollToButton=true
Frame ID: 7C822B6C1B7F65F7BACA3FE479344100
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Beach Town in Guanacaste, Costa Rica | Las Catalinas

Page URL History Show full URLs

http://www.lascatalinascr.com/ HTTP 307
https://www.lascatalinascr.com/ Page URL

Detected technologies

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

Page Statistics

58
Requests

90 %
HTTPS

71 %
IPv6

22
Domains

28
Subdomains

25
IPs

5
Countries

3111 kB
Transfer

34785 kB
Size

16
Cookies

14 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/LasCatalinasCR/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/las_catalinas_

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCfOCnZQ7JEgqO9UUmVa0ngA

Search URL Search Domain Scan URL

URL: http://www.beachtowntravel.com/
Title: Visit

Search URL Search Domain Scan URL

URL: https://theblog.lascatalinascr.com/a-walk-through-our-car-free-town-for-cnu-29-design-for-challenge-congress
Title: vehicles are refreshingly absent

Search URL Search Domain Scan URL

URL: https://theblog.lascatalinascr.com/drawing-a-street-in-a-walkable-town
Title: Explore

Search URL Search Domain Scan URL

URL: https://theblog.lascatalinascr.com/cars-kids-and-quality-of-life
Title: Explore

Search URL Search Domain Scan URL

URL: https://theblog.lascatalinascr.com/las-catalinas-tile
Title: Explore

Search URL Search Domain Scan URL

URL: https://theblog.lascatalinascr.com/made-in-las-catalinas-the-woodshop
Title: Explore

Search URL Search Domain Scan URL

URL: https://theblog.lascatalinascr.com/desayuno-t%C3%ADpico-the-costa-rican-breakfast
Title: Explore

Search URL Search Domain Scan URL

URL: https://www.instagram.com/las_catalinas_/
Title: Las Catalinas

Search URL Search Domain Scan URL

URL: https://www.beachtowntravel.com/
Title: Beach Town Travel

Search URL Search Domain Scan URL

URL: https://www.google.com/maps/place/Guanacaste+Province,+Las+Catalinas,+Costa+Rica/data=!4m2!3m1!1s0x8f9e25ee7d7275cb:0x66fef976ab80fbe9?sa=X&ved=2ahUKEwjK1KHgrrfsAhV9knIEHQhYDQ8Q8gEwGXoECA8QAQ
Title: Las Catalinas, Guanacaste, Costa Rica

Search URL Search Domain Scan URL

URL: https://www.onceuponatime.agency/hospitality
Title: Once Upon a Time

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.lascatalinascr.com/ HTTP 307
https://www.lascatalinascr.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

58 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.lascatalinascr.com/
Redirect Chain

http://www.lascatalinascr.com/
https://www.lascatalinascr.com/

16 KB
6 KB

432ms
136ms

Document
text/html

13.68.180.169
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.lascatalinascr.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.68.180.169 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

iws-04.ideawork.com

Software

Resource Hash

8d018f2958d3c697ff0aa423dfb4f38b1ace4c9306378a88afc51c53d210d9d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
content-encoding: gzip
content-type: text/html; charset=utf-8
etag: W/"41ec-C3dfcGdscQN0ghcH0TF8QQ"
strict-transport-security: max-age=86400
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

Location: https://www.lascatalinascr.com/
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 v2.js Show response
js.hsforms.net/forms/ 482 KB
156 KB 275ms
55ms Script
application/javascript 2606:4700::6812:8d77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsforms.net/forms/v2.js

Requested by

Host: www.lascatalinascr.com
URL: https://www.lascatalinascr.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:8d77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f171db8dc0eb7cec86c84ceac278dbf2fbe33770334635a2703186d14f4828b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.lascatalinascr.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: gzip
age: 468
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=forms-embed/static-1.5064/bundles/project-v2.js&cfRay=8890e7667f364dc6-FRA
x-amz-replication-status: COMPLETED
x-evy-trace-listener: listener_https
etag: W/"b0047a8901d8ed9f81db3dcb5982114e"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
cache-control: s-maxage=600, max-age=300
x-hs-target-asset: forms-embed/static-1.5064/bundles/project-v2.js
date: Fri, 24 May 2024 23:08:35 GMT
x-amz-version-id: 4lHA5dnNobe4YqKec9CE2kPtPUzRSBNR
x-content-type-options: nosniff
cf-cache-status: HIT
via: 1.1 c5f8f8068a88ebb73e505f5e51b5262e.cloudfront.net (CloudFront)
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: IAD12-P3
x-hubspot-correlation-id: da24a788-35f0-40d5-8f94-d587dc11474d
x-cache: Hit from cloudfront
cache-tag: staticjsapp-forms-embed-v2-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 2
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-request-id: da24a788-35f0-40d5-8f94-d587dc11474d
last-modified: Wed, 03 Apr 2024 11:15:05 UTC
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LkRYxMi%2FHiUelM0bqIRo2JIopSphGNREJgS4RPAiYwEMGBSnLonEoVdGFwJa3DWm662t1NF6n7T4jak0vxZINCXHSRmPs7z%2FU0%2FDsU4nlJi%2BoxW9jwmT5f6KIqvLexxu2fjQ2IllAKHGe%2Bvl"}],"group":"cf-nel","max_age":604800}
x-hs-cache-status: HIT
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-68b7f7fbff-rl62l
cf-ray: 8890f2cefa4c5d9e-FRA
x-amz-cf-id: TNHzfRdRde5uNBWHddcgm2netznNhVEY8EGS6iRrPf7cNp7IxD3pPw==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 258 KB
90 KB 156ms
64ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-817146118

Requested by

Host: www.lascatalinascr.com
URL: https://www.lascatalinascr.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

823f967a9138ecd30b428e7b7fea4c0903c11d4f9e7933e3ac14a775735fa88e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.lascatalinascr.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 23:08:34 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 91382
x-xss-protection: 0
last-modified: Fri, 24 May 2024 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 24 May 2024 23:08:34 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 314 KB
102 KB 62ms
62ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-SBPR8STE70

Requested by

Host: www.lascatalinascr.com
URL: https://www.lascatalinascr.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8a7706552d6b2d64b40b7175a0f972312ea2a02491c82aee27da9d30712c5728

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.lascatalinascr.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 23:08:35 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 104251
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 24 May 2024 23:08:35 GMT

GET
H2 200 4917861.js Show response
js.hs-scripts.com/ 3 KB
1 KB 243ms
155ms Script
application/javascript 2606:4700::6810:8dd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hs-scripts.com/4917861.js

Requested by

Host: www.lascatalinascr.com
URL: https://www.lascatalinascr.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:8dd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

88b97d0f808cc05f8bde8c641d5bb74783264bfef0b288e2f7c10e04ceb1a469

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.lascatalinascr.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 23:08:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: EXPIRED
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 30ddc78c-0b9f-4169-b314-5491761a034c
x-envoy-upstream-service-time: 4
content-length: 708
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 30ddc78c-0b9f-4169-b314-5491761a034c
last-modified: Fri, 24 May 2024 23:06:14 GMT
server: cloudflare
vary: origin, Accept-Encoding
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://www.lascatalinascr.com
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-5d47c8d44f-q6gqp
access-control-allow-credentials: true
cache-control: public, max-age=90
accept-ranges: bytes
cf-ray: 8890f2d06bcc30f3-FRA
expires: Fri, 24 May 2024 23:10:05 GMT

GET
H2 200 main.f474a9de8a75a2938de6.css
www.lascatalinascr.com/dist/ 314 KB
47 KB 126ms
125ms Stylesheet
text/css 13.68.180.169
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lascatalinascr.com/dist/main.f474a9de8a75a2938de6.css
Requested by: Host: www.lascatalinascr.com
URL: https://www.lascatalinascr.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.68.180.169 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS: iws-04.ideawork.com
Software: / Express
Resource Hash: b6f097ff7a4ecc5cc8325c510d0835954805eb24f0faea8bbfd74bbf5aafaf9d

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.lascatalinascr.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: gzip
last-modified: Thu, 14 Mar 2024 20:15:18 GMT
x-powered-by: Express
etag: W/"4e693-18e3e9ad4e9"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes

GET
H2 200 main.f474a9de8a75a2938de6.js Show response
www.lascatalinascr.com/dist/ 2 MB
493 KB 128ms
128ms Script
application/javascript 13.68.180.169
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lascatalinascr.com/dist/main.f474a9de8a75a2938de6.js
Requested by: Host: www.lascatalinascr.com
URL: https://www.lascatalinascr.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.68.180.169 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS: iws-04.ideawork.com
Software: / Express
Resource Hash: 0800c0c0457f4e0610e882ebfe5e2b60fcabb02b959eadea39ab3df3d049fa4d

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.lascatalinascr.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: gzip
last-modified: Thu, 14 Mar 2024 20:15:18 GMT
x-powered-by: Express
etag: W/"1be1e4-18e3e9ad585"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 135ms
43ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.lascatalinascr.com
URL: https://www.lascatalinascr.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.lascatalinascr.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 24 May 2024 22:29:08 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 2367
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sat, 25 May 2024 00:29:08 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 218 KB
59 KB 128ms
43ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.lascatalinascr.com
URL: https://www.lascatalinascr.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e9c370ea9070b144ed45ff5f35c9206112dd1091326ff898f414ef8c12ec85c0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.lascatalinascr.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 24 May 2024 23:08:35 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57845
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=41, rtx=0, c=12, mss=1294, tbw=2795, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: KYBviq58T/01kc6s7J8vjBvtPw8f3NzGu59qTuKkH1QeADLNz/r2SWIU0MeebBspq8rFPLgURiAtW+mFoXqkUw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
259 B 150ms
54ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-SBPR8STE70&gtm=45je45m0v894656547za200&_p=1716592115194&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1671735897.1716592115&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.112%7CChromium%3B125.0.6422.112%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1716592115&sct=1&seg=0&dl=https%3A%2F%2Fwww.lascatalinascr.com%2F&dt=Beach%20Town%20in%20Guanacaste%2C%20Costa%20Rica%20%7C%20Las%20Catalinas&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=966
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-SBPR8STE70
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.lascatalinascr.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 24 May 2024 23:08:35 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.lascatalinascr.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
259 B 163ms
54ms Ping
text/plain 2a00:1450:400c:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-SBPR8STE70&cid=1671735897.1716592115&gtm=45je45m0v894656547za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-SBPR8STE70
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.lascatalinascr.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 24 May 2024 23:08:35 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.lascatalinascr.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 107ms
53ms Image
image/gif 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-SBPR8STE70&cid=1671735897.1716592115&gtm=45je45m0v894656547za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0&z=543431444

Requested by

Host: www.lascatalinascr.com
URL: https://www.lascatalinascr.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.lascatalinascr.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 24 May 2024 23:08:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
214 B 54ms
53ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=440219172&t=pageview&_s=1&dl=https%3A%2F%2Fwww.lascatalinascr.com%2F&ul=de-de&de=UTF-8&dt=Beach%20Town%20in%20Guanacaste%2C%20Costa%20Rica%20%7C%20Las%20Catalinas&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IADAAEABAAAAACAAI~&jid=2038338709&gjid=1236078677&cid=1671735897.1716592115&tid=UA-39165542-1&_gid=643026794.1716592115&_r=1&_slc=1&z=2135352645

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.lascatalinascr.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 24 May 2024 23:08:35 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.lascatalinascr.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collectedforms.js Show response
js.hscollectedforms.net/ 69 KB
25 KB 529ms
420ms Script
application/javascript 2606:4700::6810:6bfe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hscollectedforms.net/collectedforms.js

Requested by

Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/4917861.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:6bfe , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53a3dc763a0bd679523a77f5610e4ab27231fe6763d7089c1c92966daa1663f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.lascatalinascr.com/
Origin: https://www.lascatalinascr.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: gzip
age: 141
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=collected-forms-embed-js/static-1.503/bundles/project.js&cfRay=8890ef5eac903a64-FRA
x-amz-replication-status: COMPLETED
x-evy-trace-listener: listener_https
etag: W/"7d377a186677c174f204d466b8fa5fdb"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
cache-control: s-maxage=600, max-age=300
x-hs-target-asset: collected-forms-embed-js/static-1.503/bundles/project.js
date: Fri, 24 May 2024 23:08:35 GMT
x-amz-version-id: WQne3xdBhaNpu67z_dXMAVxQ_qJQQf8W
x-content-type-options: nosniff
cf-cache-status: HIT
via: 1.1 3c43e000c50d5633eb558057710f3c54.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD12-P3
x-hubspot-correlation-id: b52efa10-23bb-426e-95c9-eba5384dc1a7
x-cache: Hit from cloudfront
cache-tag: staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 9
x-evy-trace-route-configuration: listener_https/all
x-request-id: b52efa10-23bb-426e-95c9-eba5384dc1a7
last-modified: Wed, 15 May 2024 14:34:44 UTC
server: cloudflare
access-control-max-age: 3000
x-hs-cache-status: MISS
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-68b7f7fbff-vdptk
cf-ray: 8890f2d21a25bb32-FRA
x-amz-cf-id: 02DsCqL4pN4ET6oLCDXgsSikwqzqdhaBiiLRnkzJKtfMjmruNxh1mw==

GET
H2 200 banner.js Show response
js.hs-banner.com/v2/4917861/ 71 KB
26 KB 442ms
330ms Script
text/javascript 2606:4700:4400::6812:22e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/v2/4917861/banner.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/4917861.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:22e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c3b94c996567dd5c2ef3effbfcb90655cc981c0db4d142bee4abc2bcbe155ca0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.lascatalinascr.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 23:08:35 GMT
x-amz-version-id: Izo7QIyOwp0kJ2JxDlNjsT4fNcRA9YqI
content-encoding: gzip
cf-cache-status: REVALIDATED
x-amz-request-id: T18Z5Y4TZC8JWC17
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: 00612f87-0ff5-4c65-9663-12ec1c6e4c5f
x-envoy-upstream-service-time: 110
x-amz-id-2: CIDK+w0IhRV4eawkhIRBKCzvJewW/nDdfB8p7H6rT1eET/mM1HFkRakzAddsvS+s42VkU7NznS4=
x-evy-trace-listener: listener_https
x-request-id: 00612f87-0ff5-4c65-9663-12ec1c6e4c5f
x-evy-trace-route-configuration: listener_https/all
last-modified: Mon, 15 Apr 2024 14:28:49 GMT
server: cloudflare
etag: W/"51ebee12eabcf4111df94188c75c788b"
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://thejournal.santarenahotel.com
x-evy-trace-virtual-host: all
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300,public
access-control-allow-credentials: true
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-78cb6f459b-gnznr
vary: origin, Accept-Encoding
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 8890f2d228396ae1-FRA
expires: Fri, 24 May 2024 23:13:35 GMT

GET
H2 200 leadflows.js Show response
js.hsleadflows.net/ 551 KB
92 KB 286ms
147ms Script
application/javascript 2606:4700::6812:8a11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsleadflows.net/leadflows.js

Requested by

Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/4917861.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:8a11 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

efb5dc6835aeb8a8e1615ca49df1828cfaf708dc73651c5f1c651f2d2ab3907a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.lascatalinascr.com/
Origin: https://www.lascatalinascr.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 23:08:35 GMT
x-amz-version-id: FzXUOelq5PzvbDhLOc3Au0ThiCBuXHAc
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 3c43e000c50d5633eb558057710f3c54.cloudfront.net (CloudFront)
cf-cache-status: EXPIRED
x-amz-cf-pop: IAD12-P3
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: a453720a-9005-46d5-9474-705138d51058
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=lead-flows-js/static-1.1338/bundle/main/lead-flows-release.js&cfRay=8890f2d24ab12c2d-FRA
x-cache: Hit from cloudfront
cache-tag: staticjsapp-lead-flows-cloudflare-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 1
x-amz-replication-status: COMPLETED
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: a453720a-9005-46d5-9474-705138d51058
last-modified: Wed, 03 Apr 2024 09:27:53 UTC
server: cloudflare
etag: W/"d252299cef5b9176cf0435e72e0baeeb"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
x-hs-cache-status: HIT
cache-control: s-maxage=86400, max-age=0
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-68b7f7fbff-ncdrp
cf-ray: 8890f2d24ab12c2d-FRA
x-amz-cf-id: Qi2Q8qrb4jxqeB5C6wy6lt9SbKZIIPUKqndjbrEocEyut5owInmyKw==
x-hs-target-asset: lead-flows-js/static-1.1338/bundle/main/lead-flows-release.js

GET
H2 200 conversations-embed.js Show response
js.usemessages.com/ 86 KB
24 KB 191ms
52ms Script
application/javascript 2606:4700::6810:4c8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.usemessages.com/conversations-embed.js

Requested by

Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/4917861.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:4c8e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8fcc2d62aa56006d7087b11b473c6f12aa61eab39d385475bf68cd96391ffcb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.lascatalinascr.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 23:08:35 GMT
x-amz-version-id: .qDGC7zo0zmijZixEpdNGhvW8Rd7SOzn
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 05133180bbd1649d4b8f97441bf305e8.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: IAD12-P3
age: 471
x-amz-server-side-encryption: AES256
x-evy-trace-route-service-name: envoyset-translator
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=conversations-embed/static-1.16462/bundles/project.js&cfRay=8890e74f395037e6-FRA
x-cache: Hit from cloudfront
x-hubspot-correlation-id: 0bd4479c-45e4-418d-bbe2-8cd1816697b9
cache-tag: staticjsapp-conversations-embed-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 8
x-amz-replication-status: COMPLETED
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 0bd4479c-45e4-418d-bbe2-8cd1816697b9
last-modified: Thu, 23 May 2024 14:37:23 UTC
server: cloudflare
etag: W/"725a8590d0b92cb071bed0679fb11bd0"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-hs-cache-status: MISS
x-evy-trace-virtual-host: all
cache-control: max-age=600
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-68b7f7fbff-ddwd7
cf-ray: 8890f2d24b0f1973-FRA
x-amz-cf-id: fltGN7xHqhcx-v8Rxl9BFdv2bTIRXHOp7OX3-amZQSlFMMan2j_alA==
x-hs-target-asset: conversations-embed/static-1.16462/bundles/project.js

GET
H2 200 fb.js Show response
js.hsadspixel.net/ 6 KB
4 KB 188ms
50ms Script
application/javascript 2606:4700::6811:80ac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsadspixel.net/fb.js

Requested by

Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/4917861.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:80ac , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

081cf70b8e6c0d1d978f810f4537e84501c1940d54cd19aee0b065fb8fea3c5b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.lascatalinascr.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 23:08:35 GMT
x-amz-version-id: 3uRfq0xkxtJ5qmNotyFivu_Hfg8U.PRS
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 c13d71f8919c23db6bbd1c08a4dfb350.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: IAD12-P3
age: 593
x-amz-server-side-encryption: AES256
x-evy-trace-route-service-name: envoyset-translator
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=adsscriptloaderstatic/static-1.562/bundles/pixels-release.js&cfRay=8890e4550b441a6d-FRA
x-cache: Hit from cloudfront
x-hubspot-correlation-id: a31e4e7a-3cfc-44a6-8886-cb69ac5f6561
cache-tag: staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 0
x-amz-replication-status: COMPLETED
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: a31e4e7a-3cfc-44a6-8886-cb69ac5f6561
last-modified: Thu, 23 May 2024 14:45:23 UTC
server: cloudflare
etag: W/"8c40e1f5f100c96c8a0884459629fdec"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-hs-cache-status: HIT
x-evy-trace-virtual-host: all
cache-control: max-age=600
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-68b7f7fbff-rcvgx
cf-ray: 8890f2d24cd49b71-FRA
x-amz-cf-id: oQm6OLdaX0lNwzAtipy2vaS7epJ0IIpQJ-bJhCUICskZbuWmf6g2LQ==
x-hs-target-asset: adsscriptloaderstatic/static-1.562/bundles/pixels-release.js

GET
H2 200 4917861.js Show response
js.hs-analytics.net/analytics/1716591900000/ 67 KB
24 KB 585ms
476ms Script
text/javascript 2606:4700::6810:a0a8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1716591900000/4917861.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/4917861.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:a0a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3ba0464be7003a2f5108b0d2342b673f12c9ea85f12fe669f9e6ea5647172e4d

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.lascatalinascr.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 23:08:35 GMT
x-amz-version-id: null
content-encoding: gzip
cf-cache-status: MISS
x-amz-request-id: 9GP7665YRK4Y28PY
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: 3edf25be-af0e-4bd5-af37-d23250d4a315
x-envoy-upstream-service-time: 65
x-amz-id-2: lwZvtfvF6HBNSs5Clkc9oXdua/jIUMpStkjEM/rgMFqvwnRfM02/F/FJQR4I7ydvwVmDULWs/1w=
x-evy-trace-listener: listener_https
x-request-id: 3edf25be-af0e-4bd5-af37-d23250d4a315
x-evy-trace-route-configuration: listener_https/all
last-modified: Fri, 24 May 2024 15:50:50 GMT
server: cloudflare
etag: W/"8f0ff0c5cf93f2fd75017a6f4feeb4ae"
vary: origin, Accept-Encoding
content-type: text/javascript
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-78cb6f459b-2r68v
cache-control: max-age=300,public
access-control-allow-credentials: false
cf-ray: 8890f2d2292c2c76-FRA
expires: Fri, 24 May 2024 23:13:35 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 48ms
48ms XHR
text/plain 2a00:1450:400c:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-39165542-1&cid=1671735897.1716592115&jid=2038338709&gjid=1236078677&_gid=643026794.1716592115&_u=IADAAEAAAAAAACAAI~&z=1693826984

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.lascatalinascr.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 24 May 2024 23:08:35 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.lascatalinascr.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 650358602149787 Show response
connect.facebook.net/signals/config/ 56 KB
12 KB 111ms
111ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/650358602149787?v=2.9.156&r=stable&domain=www.lascatalinascr.com&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a5a8d5d28e4d33ae75ccde42cca3d1c7115be0ce3f487cd440dfc5f2eab2d357

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.lascatalinascr.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 24 May 2024 23:08:35 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=41, rtx=0, c=63, mss=1294, tbw=63376, tp=-1, tpl=-1, uplat=71, ullat=0
pragma: public
x-fb-debug: rQY6eFbrcvwC3N9hb5E/vSPM6bCxm5NlWcbwsKDJzTHYDkLrh+63ewziijiqZJkNMxdKtU3C9gB/ZnQUb1wuqg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 146ms
50ms Image
image/gif 142.250.185.196
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-39165542-1&cid=1671735897.1716592115&jid=2038338709&_u=IADAAEAAAAAAACAAI~&z=1235041481

Requested by

Host: www.lascatalinascr.com
URL: https://www.lascatalinascr.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.lascatalinascr.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 24 May 2024 23:08:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 50ms
50ms Image
image/gif 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-39165542-1&cid=1671735897.1716592115&jid=2038338709&_u=IADAAEAAAAAAACAAI~&z=1235041481

Requested by

Host: www.lascatalinascr.com
URL: https://www.lascatalinascr.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.lascatalinascr.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 24 May 2024 23:08:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 155ms
38ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=650358602149787&ev=PageView&dl=https%3A%2F%2Fwww.lascatalinascr.com%2F&rl=&if=false&ts=1716592115572&sw=1600&sh=1200&v=2.9.156&r=stable&ec=0&o=4126&fbp=fb.1.1716592115571.1490400074&ler=empty&cdl=API_unavailable&it=1716592115437&coo=false&rqm=GET

Requested by

Host: www.lascatalinascr.com
URL: https://www.lascatalinascr.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.lascatalinascr.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=39, rtx=0, c=10, mss=1294, tbw=2844, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 24 May 2024 23:08:35 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
4 KB 465ms
348ms Image
image/png 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=650358602149787&ev=PageView&dl=https%3A%2F%2Fwww.lascatalinascr.com%2F&rl=&if=false&ts=1716592115572&sw=1600&sh=1200&v=2.9.156&r=stable&ec=0&o=4126&fbp=fb.1.1716592115571.1490400074&ler=empty&cdl=API_unavailable&it=1716592115437&coo=false&rqm=FGET

Requested by

Host: www.lascatalinascr.com
URL: https://www.lascatalinascr.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.lascatalinascr.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0xb1b85d5507ace484","source_keys":["1","2"]},{"key_piece":"0xa129d975423a8db5","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Fri, 24 May 2024 23:08:36 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=44, rtx=0, c=14, mss=1294, tbw=3162, tp=-1, tpl=-1, uplat=306, ullat=0
pragma: no-cache
x-fb-debug: IipzCiVTCikkcLvfjU/fVwOzGX5CRwkMbDaHXNdhQ/rTFhI73XOnWnjZI1KnH8Im5pPD2PRxLWo9PMk1DJ3GLw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 public Show response
api.hubspot.com/livechat-public/v1/message/ 3 KB
2 KB 265ms
265ms XHR
application/json 2606:4700::6810:7574
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubspot.com/livechat-public/v1/message/public?portalId=4917861&conversations-embed=static-1.16462&mobile=false&messagesUtk=c8d45654a78c41a595437034543b6e04&traceId=c8d45654a78c41a595437034543b6e04

Requested by

Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7574 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

33a375921a56ee72e27507b648f2c85350f1d9ad522eb71f60b2de1c7fa2cb6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.lascatalinascr.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
X-HubSpot-Messages-Uri: https://www.lascatalinascr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 23:08:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 78d6c115-65da-4eae-aa5c-7a64c700a676
x-envoy-upstream-service-time: 110
content-length: 1344
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 78d6c115-65da-4eae-aa5c-7a64c700a676
server: cloudflare
vary: origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.lascatalinascr.com
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-5d47c8d44f-lzh2m
cache-control: no-cache, no-store, no-transform, must-revalidate, max-age=0
access-control-allow-credentials: false
x-evy-trace-virtual-host: all
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4Hd%2Fnh9eplWQ3v3TctMH6Rwx5NlIfWouHaSxHUrnom%2Fb5I7Atmjdz5RccswP9UoMpOf%2FNKfIzo%2B89sL0NF0vUUKwk7YzRTdxS70Nrp9inzYU2fGd42jvag2KGLaGyKs%2BCwyF5HBip9QXIssLeA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8890f2d45b932bf0-FRA
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri

OPTIONS
H2 200 public
api.hubspot.com/livechat-public/v1/message/ Frame 0
0 260ms
160ms Preflight
text/plain 2606:4700::6810:7574
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7574 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: x-hubspot-messages-uri
Access-Control-Request-Method: GET
Origin: https://www.lascatalinascr.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: false
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin: https://www.lascatalinascr.com
allow: HEAD,GET,OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 8890f2d35a8d2bf0-FRA
content-length: 18
content-type: text/plain; charset=utf-8
date: Fri, 24 May 2024 23:08:35 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=huTk%2FBnP7beTR1%2FeCj1VSouwZGcxOM90komjPWVN7o237l%2BWy4grYag6B2GxMk3dtizx3N%2B4lgu2wVEConJkY%2F7h5mwyWxXcdSsPP9atAzFLVvquukVCQMHUusWNmJnqvfXhMhrIdsZduoY%2BNA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: origin, Accept-Encoding
x-content-type-options: nosniff
x-envoy-upstream-service-time: 5
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-5d47c8d44f-d7kd4
x-evy-trace-virtual-host: all
x-hubspot-correlation-id: 4fd3dbf7-08fe-4fc4-84db-a34d925f3c4c
x-request-id: 4fd3dbf7-08fe-4fc4-84db-a34d925f3c4c

GET
H2 200 json Show response
api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/ 122 B
1 KB 261ms
163ms XHR
application/json 2606:4700::6812:f36c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/json?portalId=4917861

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:f36c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f76874d017cb2caaba0f213acb3bf5cc8ec911330fc161e2f083e177a2b3b043

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.lascatalinascr.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 23:08:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: d32ca949-c2ab-49c2-b04b-7b1124aaf8fa
content-encoding: br
x-envoy-upstream-service-time: 2
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: d32ca949-c2ab-49c2-b04b-7b1124aaf8fa
server: cloudflare
vary: origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.lascatalinascr.com
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-5d47c8d44f-q6gqp
access-control-max-age: 180
access-control-allow-credentials: false
x-evy-trace-virtual-host: all
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eGWD%2FTRxIvfhOYObc1%2BlxMuVMrujseICRMWjOiTfgqaOyB1yIkxmVUc%2FAKUMsLiFl1u%2FhEa9lumkSVR1L1KX%2Ffi9kPZGsD1nBIkBrpX%2FdPMXS5riLO1PVwubaeYLyqg%2FDn4qcgamXZEKG18v"}],"group":"cf-nel","max_age":604800}
cf-ray: 8890f2d4dd259b9e-FRA
access-control-allow-headers: *

GET
H2 200 content
www.lascatalinascr.com/api/ 17 MB
689 KB 683ms
682ms XHR
application/json 13.68.180.169
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.lascatalinascr.com/api/content?cacheBuster=1716592115969

Requested by

Host: www.lascatalinascr.com
URL: https://www.lascatalinascr.com/dist/main.f474a9de8a75a2938de6.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.68.180.169 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

iws-04.ideawork.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept: application/json, text/plain, */*
Referer: https://www.lascatalinascr.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=86400
content-encoding: gzip
x-content-type-options: nosniff
etag: W/"112b8a9-DF89oGyFvEJd1eyr7A6aZQ"
x-download-options: noopen
x-dns-prefetch-control: off
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, x-access-token
x-xss-protection: 1; mode=block

GET
H2 200 slides
www.lascatalinascr.com/api/ 12 MB
339 KB 1334ms
1333ms XHR
application/json 13.68.180.169
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.lascatalinascr.com/api/slides?cacheBuster=1716592115969

Requested by

Host: www.lascatalinascr.com
URL: https://www.lascatalinascr.com/dist/main.f474a9de8a75a2938de6.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.68.180.169 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

iws-04.ideawork.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept: application/json, text/plain, */*
Referer: https://www.lascatalinascr.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=86400
content-encoding: gzip
x-content-type-options: nosniff
etag: W/"b9e010-PlvfjRK7mYV+wkaVZrQ3YA"
x-download-options: noopen
x-dns-prefetch-control: off
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, x-access-token
x-xss-protection: 1; mode=block

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
1 KB 252ms
163ms Image
image/gif 2606:4700::6810:7574
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=de-de&bfp=1608735010&v=1.1&a=4917861&rcu=https%3A%2F%2Fwww.lascatalinascr.com%2F&pu=https%3A%2F%2Fwww.lascatalinascr.com%2F&t=Beach+Town+in+Guanacaste%2C+Costa+Rica+%7C+Las+Catalinas&cts=1716592116071&vi=1b0662a6a638770143fed34dfe73c85d&nc=true&u=197076275.1b0662a6a638770143fed34dfe73c85d.1716592116069.1716592116069.1716592116069.1&b=197076275.1.1716592116069&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7574 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.lascatalinascr.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 23:08:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: a16313ef-cdda-477a-aebd-f41cf079a2a5
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 15
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: a16313ef-cdda-477a-aebd-f41cf079a2a5
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=r7uQCSYSNYpoKzwbMzsxpiArUt6FT5k802N4RRzskry%2FtBdWEwwnOVln%2Fr%2F6CtFK9glZRzCxLBizMe2tTNyjnDxLuUWk0sba344T%2FecxmFtxrWfc7kgu5GBpOB8VY5TKfbIchUOdcxWK4HnbkP%2BC"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-76d96f8b5d-fn8tt
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 8890f2d6191e91d1-FRA
x-robots-tag: none

GET
H2 200 json Show response
forms.hscollectedforms.net/collected-forms/v1/config/ 133 B
453 B 151ms
150ms XHR
application/json 2606:4700::6810:6bfe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hscollectedforms.net/collected-forms/v1/config/json?portalId=4917861&utk=1b0662a6a638770143fed34dfe73c85d

Requested by

Host: js.hscollectedforms.net
URL: https://js.hscollectedforms.net/collectedforms.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:6bfe , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7a8ef809b16c7abcbfb4f265704eff749da0b49d301099621f5249424f3d623b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept: application/json, text/plain, */*
Referer: https://www.lascatalinascr.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 23:08:36 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 679d0e1d-6fb9-49a8-83bd-f0cd69a52ba1
x-envoy-upstream-service-time: 9
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 679d0e1d-6fb9-49a8-83bd-f0cd69a52ba1
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.lascatalinascr.com
x-evy-trace-virtual-host: all
cache-control: max-age=0
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-68b7f7fbff-mgch5
access-control-max-age: 180
x-robots-tag: none
access-control-allow-headers: *
cf-ray: 8890f2d59d19bb32-FRA

GET
H/1.1 200
OK lc_monogram_black-1603288688038.png
s3.amazonaws.com/lascatalinascr/ 10 KB
11 KB 395ms
148ms Other
image/png 52.217.104.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/lascatalinascr/lc_monogram_black-1603288688038.png
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.217.104.118 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: f2a67966f8c5c6a308122142b659daef7a0007b23a2336af3f27cfdcb52b5a71

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.lascatalinascr.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 24 May 2024 23:08:37 GMT
Last-Modified: Wed, 21 Oct 2020 13:58:09 GMT
Server: AmazonS3
x-amz-request-id: GGZVYXFZR41PZWH5
ETag: "a05ef648dbaf3f1f4d688c70c5236115"
Content-Type: image/png
Cache-Control: public,max-age=604800
Accept-Ranges: bytes
Content-Length: 10700
x-amz-id-2: WxjhUU9Dkzip4NNPSOYVY3H/Jet/Q4yE+fvyaEat/KsZoypexSEpasHbNKdWoifHGskoDY2ajaM=

GET
H3 200 223368732033123 Show response
connect.facebook.net/signals/config/ 28 KB
5 KB 147ms
147ms Script
application/x-javascript 157.240.252.13
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/223368732033123?v=2.9.156&r=stable&domain=www.lascatalinascr.com&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105%2C184%2C183%2C185%2C190%2C191%2C192%2C188%2C180%2C122%2C150%2C179%2C181%2C113%2C144%2C135%2C139%2C119%2C174%2C216%2C106%2C217%2C152%2C110%2C133%2C126%2C114

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.252.13 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra3.fbcdn.net

Software

Resource Hash

1fa98ece81b6eb1572f4cda2dcdd54c99b7278452452f655e958a999799a4f8c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.lascatalinascr.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 24 May 2024 23:08:36 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=41, rtx=0, c=23, mss=1232, tbw=4343, tp=9, tpl=0, uplat=107, ullat=0
pragma: public
x-fb-debug: 6tlcsuHPj+Y5sIR8O9VmXFdqh3/rAZQO6NAY/L5hwdgbEY/sWg+FTk7WTSxHgZrjcAoC6a6Z/VpwV2kDJpSijA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 c8d45654a78c41a595437034543b6e04
app.hubspot.com/conversations-visitor/4917861/threads/utk/ Frame 7C82 0
0 591ms
510ms Document
text/html 2606:4700::6810:7574
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hubspot.com/conversations-visitor/4917861/threads/utk/c8d45654a78c41a595437034543b6e04?uuid=fe29904f156d409d9005fb7c88701a5f&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=&domain=lascatalinascr.com&inApp53=false&messagesUtk=c8d45654a78c41a595437034543b6e04&url=https%3A%2F%2Fwww.lascatalinascr.com%2F&inline=false&isFullscreen=false&globalCookieOptOut=&isFirstVisitorSession=true&isAttachmentDisabled=false&isInitialInputFocusDisabled=false&enableWidgetCookieBanner=false&isInCMS=false&hideScrollToButton=true

Requested by

Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7574 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	no-sniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.lascatalinascr.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-credentials: false
age: 2313
cache-control: max-age=600
cache-tag: staticjsapp-conversations-visitor-ui-web-prod,staticjsapp-prod
cf-cache-status: DYNAMIC
cf-ray: 8890f2d689741bcf-FRA
content-encoding: gzip
content-security-policy-report-only: script-src 'self' www.hubspot.com *.hsappstatic.net *.hs-analytics.net *.hs-banner.com *.hsforms.net *.hsleadflows.net *.hs-scripts.com *.hubspotfeedback.com *.usemessages.com js.hubspot.com *.hsadspixel.net *.hscollectedforms.net js-agent.newrelic.com bam.nr-data.net bam-cell.nr-data.net *.google-analytics.com www.googletagmanager.com data: 'unsafe-inline' 'unsafe-eval' blob: connect.facebook.net www.gstatic.cn www.gstatic.com www.google.com www.recaptcha.net *.fullstory.com fullstory.com apis.google.com snap.licdn.com; report-uri https://send.hsbrowserreports.com/csp/report?resource=conversations-visitor-ui/static-1.18914/html/index.html&cfRay=8890f2d689741bcf&reqUrl=https%3A%2F%2Fapp.hubspot.com%2Fconversations-visitor%2F4917861%2Fthreads%2Futk%2Fc8d45654a78c41a595437034543b6e04%3Fuuid%3Dfe29904f156d409d9005fb7c88701a5f%26mobile%3Dfalse%26mobileSafari%3Dfalse%26hideWelcomeMessage%3Dfalse%26hstc%3D%26domain%3Dlascatalinascr.com%26inApp53%3Dfalse%26messagesUtk%3Dc8d45654a78c41a595437034543b6e04%26url%3Dhttps%253A%252F%252Fwww.lascatalinascr.com%252F%26inline%3Dfalse%26isFullscreen%3Dfalse%26globalCookieOptOut%3D%26isFirstVisitorSession%3Dtrue%26isAttachmentDisabled%3Dfalse%26isInitialInputFocusDisabled%3Dfalse%26enableWidgetCookieBanner%3Dfalse%26isInCMS%3Dfalse%26hideScrollToButton%3Dtrue&referrer=https%3A%2F%2Fwww.lascatalinascr.com%2F&cfenv=prod&pdt=2024-05-24&csp=ro
content-type: text/html; charset=utf-8
date: Fri, 24 May 2024 23:08:36 GMT
etag: W/"57088aa078c704b74829bceda9089b8e"
last-modified: Thu, 23 May 2024 14:37:23 UTC
report-to: {"group":"default","max_age":86400,"endpoints":[{"url":"https://send.hsbrowserreports.com/csp/reports"}]}
reporting-endpoints: default="https://send.hsbrowserreports.com/csp/reports?cfRay=8890f2d689741bcf&resource=conversations-visitor-ui/static-1.18914/html/index.html"
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: origin, Accept-Encoding
via: 1.1 6b29c936420d116b13807604a0e67044.cloudfront.net (CloudFront)
x-amz-cf-id: 7F_gPOYWWGhuWojOebNRdr_-soT_F-Bs7kxG0BblVI4OUHeNlry6Tw==
x-amz-cf-pop: IAD12-P3
x-amz-replication-status: COMPLETED
x-amz-server-side-encryption: AES256
x-amz-version-id: vE91Sm5P_U5n4F3mU_O6sLhYDfZeYu1v
x-cache: Hit from cloudfront
x-content-type-options: no-sniff
x-envoy-upstream-service-time: 6
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-68b7f7fbff-zjnrr
x-evy-trace-virtual-host: all
x-hs-cache-status: MISS
x-hs-target-asset: conversations-visitor-ui/static-1.18914/html/index.html
x-hs-worker-debug-mode: false
x-hubspot-correlation-id: 6bbb925f-f5dc-4cb8-8172-d9af8337b9b5
x-request-id: 6bbb925f-f5dc-4cb8-8172-d9af8337b9b5

GET
H2 200 json Show response
forms.hubspot.com/lead-flows-config/v1/config/ 178 B
1 KB 183ms
174ms XHR
application/json 2606:4700::6810:7574
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hubspot.com/lead-flows-config/v1/config/json?portalId=4917861&utk=1b0662a6a638770143fed34dfe73c85d&__hstc=197076275.1b0662a6a638770143fed34dfe73c85d.1716592116069.1716592116069.1716592116069.1&__hssc=197076275.1.1716592116069&currentUrl=https%3A%2F%2Fwww.lascatalinascr.com%2F

Requested by

Host: js.hsleadflows.net
URL: https://js.hsleadflows.net/leadflows.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7574 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

be411c809e51220960585f4424ee0cfa8a977c40980ebe1901aacb2897587371

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.lascatalinascr.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 23:08:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 04731bbb-3b10-40d9-abbc-bd4ae35fcfc3
content-encoding: br
x-envoy-upstream-service-time: 31
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 04731bbb-3b10-40d9-abbc-bd4ae35fcfc3
server: cloudflare
vary: origin
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.lascatalinascr.com
x-evy-trace-virtual-host: all
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-9fd6b4b-kkb7j
access-control-max-age: 180
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uyE6fb6JY%2Bxa7FwgZyvzJxMz%2FekXJ7kcMUKYcwWuzag4tFVefP%2B3TOWD1BQ00PdMasAwUcu2RJrRVig9m3nR82KAOt3Co128Jb2LmgWTe7gr7Iwt7zlBu2iCPnzDMTJLxl2DmmYM6T7NFGxi8Iwy"}],"group":"cf-nel","max_age":604800}
x-robots-tag: none
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
cf-ray: 8890f2d61cc02bf0-FRA

GET
H2 200 /
www.facebook.com/tr/ 0
102 B 42ms
42ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=223368732033123&ev=PageView&dl=https%3A%2F%2Fwww.lascatalinascr.com%2F&rl=&if=false&ts=1716592116273&sw=1600&sh=1200&ud[external_id]=1b0662a6a638770143fed34dfe73c85d&v=2.9.156&r=stable&a=hubspot&ec=0&o=4126&fbp=fb.1.1716592115571.1490400074&ler=empty&cdl=API_unavailable&cs_est=true&it=1716592115437&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.lascatalinascr.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=42, rtx=0, c=10, mss=1294, tbw=6909, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 24 May 2024 23:08:36 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
483 B 78ms
78ms Image
image/png 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=223368732033123&ev=PageView&dl=https%3A%2F%2Fwww.lascatalinascr.com%2F&rl=&if=false&ts=1716592116273&sw=1600&sh=1200&ud[external_id]=1b0662a6a638770143fed34dfe73c85d&v=2.9.156&r=stable&a=hubspot&ec=0&o=4126&fbp=fb.1.1716592115571.1490400074&ler=empty&cdl=API_unavailable&cs_est=true&it=1716592115437&coo=false&rqm=FGET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.lascatalinascr.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x34386a324fc48e7f","source_keys":["1","2"]},{"key_piece":"0x907d485e000a9179","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Fri, 24 May 2024 23:08:36 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=42, rtx=0, c=10, mss=1294, tbw=7055, tp=-1, tpl=-1, uplat=39, ullat=0
pragma: no-cache
x-fb-debug: RUfEZc22ksfrx359J0O0P1yU79IfQc322GlMUC7DeNVQ0Sj6h+2gId6/KTwUF66GzfvCY/g1xMVWm5JDInMfVg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET TradeGothicLTStd.woff2
www.lascatalinascr.com/dist/ 0
0

GET MinionPro-Regular.woff2
www.lascatalinascr.com/dist/ 0
0

GET TradeGothicLTStd-Bd2.woff2
www.lascatalinascr.com/dist/ 0
0

GET
H3 200 json Show response
forms.hsforms.com/embed/v3/form/4917861/8084996b-d76c-48be-af6e-288e9d0e20af/ 2 KB
2 KB 299ms
255ms XHR
application/json 104.18.80.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hsforms.com/embed/v3/form/4917861/8084996b-d76c-48be-af6e-288e9d0e20af/json?hs_static_app=forms-embed&hs_static_app_version=1.5064&X-HubSpot-Static-App-Info=forms-embed-1.5064&hutk=1b0662a6a638770143fed34dfe73c85d

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/v2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.80.204 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e27327b9b185cdba6102b5973daeec2340099c02b6d242ed0a31681732739695

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept: application/json, text/plain, */*
Referer: https://www.lascatalinascr.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-origin-hublet: na1
date: Fri, 24 May 2024 23:08:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 661ff699-28e2-42a4-93b8-c99a3fbf34a4
x-envoy-upstream-service-time: 103
alt-svc: h3=":443"; ma=86400
content-length: 1075
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 661ff699-28e2-42a4-93b8-c99a3fbf34a4
server: cloudflare
vary: origin
access-control-allow-methods: OPTIONS, GET
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.lascatalinascr.com
x-evy-trace-virtual-host: all
access-control-expose-headers: X-Origin-Hublet
access-control-max-age: 180
access-control-allow-credentials: false
cache-control: max-age=0, no-cache, no-store
x-robots-tag: none
access-control-allow-headers: *
cf-ray: 8890f2eacfbf6a78-TXL
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-9fd6b4b-h57s4

GET
H/1.1 200
OK weather Show response
api.openweathermap.org/data/2.5/ 500 B
877 B 206ms
103ms XHR
application/json 37.139.1.159
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://api.openweathermap.org/data/2.5/weather?id=3622294&APPID=9bd3938003efde84f8b9b29e090f067d&units=imperial
Requested by: Host: www.lascatalinascr.com
URL: https://www.lascatalinascr.com/dist/main.f474a9de8a75a2938de6.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 37.139.1.159 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: openresty /
Resource Hash: 725c20bbad9cf368976f5a85aaa608485ea4941fbacdce9a7159349eb0e6651f

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept: application/json, text/plain, */*
Referer: https://www.lascatalinascr.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 24 May 2024 23:08:39 GMT
Server: openresty
X-Cache-Key: /data/2.5/weather?APPID=9bd3938003efde84f8b9b29e090f067d&id=3622294&units=imperial
Access-Control-Allow-Methods: GET, POST
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 500

GET
H3 200 counters.gif
forms.hsforms.com/embed/v3/ 35 B
889 B 199ms
156ms Image
image/gif 104.18.80.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=1

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.80.204 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.lascatalinascr.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 23:08:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 33ffc5d5-0329-4f43-916d-4c69fbadedb8
x-envoy-upstream-service-time: 2
alt-svc: h3=":443"; ma=86400
content-length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 33ffc5d5-0329-4f43-916d-4c69fbadedb8
server: cloudflare
vary: origin
content-type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-9fd6b4b-kkb7j
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-robots-tag: none
cf-ray: 8890f2eace1944f8-TXL

GET pattern.abf84b5f8d06911ad5f1cc5b0653f97a.png
www.lascatalinascr.com/dist/ 0
0

GET pattern-quote.c365fc85949cd53f328533e7db3e115e.png
www.lascatalinascr.com/dist/ 0
0

GET
H/1.1 200
OK home_stories_option2-1599076172366.jpg
s3.amazonaws.com/lascatalinascr/ 239 KB
239 KB 140ms
140ms Image
image/jpeg 52.217.104.118
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/lascatalinascr/home_stories_option2-1599076172366.jpg
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.217.104.118 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: c78a9c768012d59816b23ffd1382e3fd4c0f836594e3a191ea07ef55990e25ab

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.lascatalinascr.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 24 May 2024 23:08:40 GMT
Last-Modified: Wed, 02 Sep 2020 19:49:33 GMT
Server: AmazonS3
x-amz-request-id: P6AJR2H2DDZ6CV99
ETag: "2a3f26729d70e368f93bee66cdb10287"
Content-Type: image/jpeg
Cache-Control: public,max-age=604800
Accept-Ranges: bytes
Content-Length: 244634
x-amz-id-2: biyZW8246mf1PDph2trYVv28gHJW9v+5BxcBecSfJr9chQ1QpqMO6ehE38JgGMx4h/SnNEz8K24=

GET MinionPro-It.woff2
www.lascatalinascr.com/dist/ 0
0

GET
H2 206 lascatalinas_overalltown_04_%28no_logo%29%20%28720p%29.mp4
dl.dropboxusercontent.com/s/jzx6i7o1fbgw9vb/ 48 KB
0 768ms
665ms Media
video/mp4 2620:100:6022:15::a27d:420f

General

Check archive.org

Show headers Download Go to

Full URL

https://dl.dropboxusercontent.com/s/jzx6i7o1fbgw9vb/lascatalinas_overalltown_04_%28no_logo%29%20%28720p%29.mp4?dl=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:6022:15::a27d:420f -, , ASN (),

Reverse DNS

Software

envoy /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-usercontent ; sandbox allow-forms allow-scripts allow-top-navigation allow-popups, form-action 'none' ; report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-noscript ; script-src 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Referer: https://www.lascatalinascr.com/
Range: bytes=0-
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-usercontent ; sandbox allow-forms allow-scripts allow-top-navigation allow-popups, form-action 'none' ; report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-noscript ; script-src 'none'
date: Fri, 24 May 2024 23:08:39 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-dropbox-request-id: 59fbdfca918741a18f3ffec3eb8e6eef
Content-Range: bytes 0-26945973/26945974
x-dropbox-response-origin: far_remote
content-disposition: inline; filename="lascatalinas_overalltown_04_(no_logo) (720p).mp4"; filename*=UTF-8''lascatalinas_overalltown_04_%28no_logo%29%20%28720p%29.mp4
Content-Length: 26945974
pragma: public
server: envoy
etag: 1683923843562721n
content-type: video/mp4
cache-control: max-age=60
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noimageindex

GET
H/1.1 200
OK logo-1589389499543.png
s3.amazonaws.com/lascatalinascr/ 76 KB
77 KB 414ms
170ms Image
image/png 52.217.104.118
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/lascatalinascr/logo-1589389499543.png
Protocol: HTTP/1.1
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 52.217.104.118 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 7183dcb7b3210c56bdc97da37f76b44ef73819378c605098eb8bcdd1bbd1501f

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.lascatalinascr.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 24 May 2024 23:08:40 GMT
Last-Modified: Wed, 13 May 2020 17:05:00 GMT
Server: AmazonS3
x-amz-request-id: P6AYEHBCZ2GDMWX8
ETag: "088537018a404bd84ddb06a1a8a9cc02"
Content-Type: image/png
Cache-Control: public,max-age=604800
Accept-Ranges: bytes
Content-Length: 78067
x-amz-id-2: OX0/9Eyk8iLGdbQxajNvng9C5+qdk4KKiGvmOOw4LG69ofYMJvXRTdcW1aQijBgyiiu9P+zV0UQ=

GET
H/1.1 200
OK image2_option3-1599075965116.jpg
s3.amazonaws.com/lascatalinascr/ 227 KB
227 KB 439ms
194ms Image
image/jpeg 52.217.104.118
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/lascatalinascr/image2_option3-1599075965116.jpg
Protocol: HTTP/1.1
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 52.217.104.118 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: f73bd5e44950f0b421895065806fb802170e52e7a9e608701f1f2f5a65f0405a

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.lascatalinascr.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 24 May 2024 23:08:40 GMT
Last-Modified: Wed, 02 Sep 2020 19:46:06 GMT
Server: AmazonS3
x-amz-request-id: P6AYJJ0R33Y290YN
ETag: "3b79e87fd998cfa783a56d582e129a2b"
Content-Type: image/jpeg
Cache-Control: public,max-age=604800
Accept-Ranges: bytes
Content-Length: 232390
x-amz-id-2: vAtpNyTwanwwTCa8E+l4pZa+o2IEypiet8H2WHRWEbdyBCB+N4DTINy8iuIriUaOqQNNLJKZOtc=

GET
H/1.1 200
OK image1_option1-1599075933472.jpg
s3.amazonaws.com/lascatalinascr/ 154 KB
154 KB 403ms
158ms Image
image/jpeg 52.217.104.118
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/lascatalinascr/image1_option1-1599075933472.jpg
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.217.104.118 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: b58cf3ce28c99486a906e87c62a5be7433149ce729af18cb02a6e0cd6380f7f9

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.lascatalinascr.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 24 May 2024 23:08:40 GMT
Last-Modified: Wed, 02 Sep 2020 19:45:34 GMT
Server: AmazonS3
x-amz-request-id: P6AHQYPKW29Z9JA5
ETag: "93b3d1e84a2b091d14ebc6b3dc5d8119"
Content-Type: image/jpeg
Cache-Control: public,max-age=604800
Accept-Ranges: bytes
Content-Length: 157672
x-amz-id-2: HA+43YiSa1b2Ps6BFpFu5Mtnz++ZzjODa0yNY39ns/wzxodHGiVICWCmd8Kf+Qfq+rsF+J72hHY=

GET
H/1.1 200
OK image3_option2-1599075951521.jpg
s3.amazonaws.com/lascatalinascr/ 171 KB
172 KB 371ms
137ms Image
image/jpeg 52.217.104.118
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/lascatalinascr/image3_option2-1599075951521.jpg
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.217.104.118 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: cc17a70a939f254e1789bb7b0ba1a9c10b427252dc6727e880aca8aceca82070

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.lascatalinascr.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 24 May 2024 23:08:40 GMT
Last-Modified: Wed, 02 Sep 2020 19:45:52 GMT
Server: AmazonS3
x-amz-request-id: P6AGN4KTNMSE943P
ETag: "e1cd24508d3238cb24ab690085fc2e53"
Content-Type: image/jpeg
Cache-Control: public,max-age=604800
Accept-Ranges: bytes
Content-Length: 175503
x-amz-id-2: z6dSMsXI7xycUGOdXRwUZjP1y4lWI+GCxzhx2MtZ6T85ZF+M2SCcx8ftnkmAjexHx6561bihR4E=

GET
H3 200 counters.gif
forms.hsforms.com/embed/v3/ 35 B
536 B 150ms
149ms Image
image/gif 104.18.80.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-DEFINITION_SUCCESS&count=1

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.80.204 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.lascatalinascr.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 23:08:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 898acc9a-e0ed-4a75-91ea-b4fd92310db8
x-envoy-upstream-service-time: 4
alt-svc: h3=":443"; ma=86400
content-length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 898acc9a-e0ed-4a75-91ea-b4fd92310db8
server: cloudflare
vary: origin
content-type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-9fd6b4b-r6vs2
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-robots-tag: none
cf-ray: 8890f2ec792a44f8-TXL

GET
H3 200 counters.gif
forms.hsforms.com/embed/v3/ 35 B
538 B 175ms
174ms Image
image/gif 104.18.80.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=1

Requested by

Host: js.hscollectedforms.net
URL: https://js.hscollectedforms.net/collectedforms.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.80.204 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.lascatalinascr.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 23:08:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 5ef6ae32-7485-4174-b49c-c79a54e9773c
x-envoy-upstream-service-time: 11
alt-svc: h3=":443"; ma=86400
content-length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 5ef6ae32-7485-4174-b49c-c79a54e9773c
server: cloudflare
vary: origin
content-type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-9fd6b4b-qhrwc
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-robots-tag: none
cf-ray: 8890f2ec996d44f8-TXL

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
768 B 155ms
154ms Image
image/gif 2606:4700::6810:7574
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=15&fi=8084996b-d76c-48be-af6e-288e9d0e20af&fci=8a2c6cc7-cc31-481c-a1ac-a7e3994404ee&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=de-de&bfp=1608735010&v=1.1&a=4917861&rcu=https%3A%2F%2Fwww.lascatalinascr.com%2F&pu=https%3A%2F%2Fwww.lascatalinascr.com%2F&t=Beach+Town+in+Guanacaste%2C+Costa+Rica+%7C+Las+Catalinas&cts=1716592119777&vi=1b0662a6a638770143fed34dfe73c85d&nc=true&u=197076275.1b0662a6a638770143fed34dfe73c85d.1716592116069.1716592116069.1716592116069.1&b=197076275.1.1716592116069&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7574 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.lascatalinascr.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 23:08:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 7188707c-876e-45ca-ae8f-eecf9822a63e
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 9
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 7188707c-876e-45ca-ae8f-eecf9822a63e
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FGHQYvnAwSyp58WKyUdPqNZmjWeHE5SH0RFzf7OzuUbCM6eHnudIeICtjGlk15R9bhuDEJ452utYSPP8H6fHIABvI97QY1DtQf6FBgefW%2B7BFHKfh7aIkQ4cND7Vg3CGdkuHji8nSYtIZ2RpD5o9"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-76d96f8b5d-qz296
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 8890f2ecbd8491d1-FRA
x-robots-tag: none

GET
H3 200 counters.gif
forms-na1.hsforms.com/embed/v3/ 35 B
537 B 158ms
149ms Image
image/gif 104.18.80.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms-na1.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-RENDER_SUCCESS&count=1

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.80.204 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.lascatalinascr.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 23:08:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: dffdb6a5-914c-4a9d-9592-2b82b57cfe2a
x-envoy-upstream-service-time: 3
alt-svc: h3=":443"; ma=86400
content-length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: dffdb6a5-914c-4a9d-9592-2b82b57cfe2a
server: cloudflare
vary: origin
content-type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-9fd6b4b-kkb7j
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-robots-tag: none
cf-ray: 8890f2ecb9a644f8-TXL

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 47ms
46ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-SBPR8STE70&gtm=45je45m0v894656547za200&_p=1716592115194&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1671735897.1716592115&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.112%7CChromium%3B125.0.6422.112%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1716592115&sct=1&seg=0&dl=https%3A%2F%2Fwww.lascatalinascr.com%2F&dt=Beach%20Town%20in%20Guanacaste%2C%20Costa%20Rica%20%7C%20Las%20Catalinas&en=scroll&epn.percent_scrolled=90&_et=8&tfd=5978
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-SBPR8STE70
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.lascatalinascr.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 24 May 2024 23:08:40 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.lascatalinascr.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.lascatalinascr.com
URL: https://www.lascatalinascr.com/dist/TradeGothicLTStd.woff2

Domain: www.lascatalinascr.com
URL: https://www.lascatalinascr.com/dist/MinionPro-Regular.woff2

Domain: www.lascatalinascr.com
URL: https://www.lascatalinascr.com/dist/TradeGothicLTStd-Bd2.woff2

Domain: www.lascatalinascr.com
URL: https://www.lascatalinascr.com/dist/pattern.abf84b5f8d06911ad5f1cc5b0653f97a.png

Domain: www.lascatalinascr.com
URL: https://www.lascatalinascr.com/dist/pattern-quote.c365fc85949cd53f328533e7db3e115e.png

Domain: www.lascatalinascr.com
URL: https://www.lascatalinascr.com/dist/MinionPro-It.woff2

Verdicts & Comments Add Verdict or Comment

63 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.hsforms.net/	1970-01-20 20:49:53	Name: __cf_bm Value: Nj1CYF3vtIGn43XUZOVWXD6OZDqdD_ovddTekPP7MeU-1716592115-1.0.1.1-kvwfva1dzzPQsdfAn_djLFDri1ItxGfX6A0bTIpp.ZJgYHLFYQ._ujk7KN9DG78xXyJrao6cMaYg5FwaYNDn3A
.lascatalinascr.com/	1970-01-20 22:59:28	Name: _gcl_au Value: 1.1.1240593417.1716592115
.lascatalinascr.com/	1970-01-21 06:25:52	Name: _ga_SBPR8STE70 Value: GS1.1.1716592115.1.0.1716592115.60.0.0
.lascatalinascr.com/	1970-01-21 06:25:52	Name: _ga Value: GA1.2.1671735897.1716592115
.lascatalinascr.com/	1970-01-20 20:51:18	Name: _gid Value: GA1.2.643026794.1716592115
.lascatalinascr.com/	1970-01-20 20:49:52	Name: _gat Value: 1
.lascatalinascr.com/	1970-01-20 22:59:28	Name: _fbp Value: fb.1.1716592115571.1490400074
.lascatalinascr.com/	1970-01-21 01:09:04	Name: __hstc Value: 197076275.1b0662a6a638770143fed34dfe73c85d.1716592116069.1716592116069.1716592116069.1
.lascatalinascr.com/	1970-01-21 01:09:04	Name: hubspotutk Value: 1b0662a6a638770143fed34dfe73c85d
.lascatalinascr.com/	1969-12-31 23:59:59	Name: __hssrc Value: 1
.lascatalinascr.com/	1970-01-20 20:49:53	Name: __hssc Value: 197076275.1.1716592116069
.lascatalinascr.com/	1970-01-21 01:09:04	Name: messagesUtk Value: c8d45654a78c41a595437034543b6e04
.hsforms.com/	1970-01-20 20:49:53	Name: __cf_bm Value: PTBLAUXbSStTbSBOqjNexQWmon_HrD9DHrC_h3qITqo-1716592119-1.0.1.1-IIoiI1WkCQrYT9SEiH7l7W4HAKDdTEXYiTJYmHtM3VuYzrP_PQxrx5BNrl_PC_Bov8P59k2ws.5rSb_yhsRpqQ
.hsforms.com/	1969-12-31 23:59:59	Name: _cfuvid Value: mbzEZUPyP0L1HaZspKvVl7COjvFGCEF7aQWXhUuvUU8-1716592119615-0.0.1.1-604800000
.hubspot.com/	1970-01-20 20:49:53	Name: __cf_bm Value: Xk1DX4fZUbSu73DUwkvjBqxGASiscvUsVxAmcsHzGis-1716592119-1.0.1.1-3TB5FoOaz8rIpgk9phHMMQr1T5qR8JedBdvsK06MYeUDQDx62KWKMH1BCsovWmEmy9blsB.Q7Zty9vBfltc9rg
.hubspot.com/	1969-12-31 23:59:59	Name: _cfuvid Value: VT4JrUfBMx1GsRYvQnliFy9uYnOsrtjYKeCqpAiqygU-1716592119911-0.0.1.1-604800000

26 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.lascatalinascr.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.lascatalinascr.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.lascatalinascr.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.lascatalinascr.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.lascatalinascr.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.lascatalinascr.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.lascatalinascr.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.lascatalinascr.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.lascatalinascr.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.lascatalinascr.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.lascatalinascr.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.lascatalinascr.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.lascatalinascr.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.lascatalinascr.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.lascatalinascr.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.lascatalinascr.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.lascatalinascr.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.lascatalinascr.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.lascatalinascr.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.lascatalinascr.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.lascatalinascr.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.lascatalinascr.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.lascatalinascr.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.lascatalinascr.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.lascatalinascr.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.lascatalinascr.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.hubapi.com
api.hubspot.com
api.openweathermap.org
app.hubspot.com
connect.facebook.net
dl.dropboxusercontent.com
forms-na1.hsforms.com
forms.hscollectedforms.net
forms.hsforms.com
forms.hubspot.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsadspixel.net
js.hscollectedforms.net
js.hsforms.net
js.hsleadflows.net
js.usemessages.com
region1.analytics.google.com
s3.amazonaws.com
stats.g.doubleclick.net
track.hubspot.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.lascatalinascr.com
www.lascatalinascr.com
104.18.80.204
13.68.180.169
142.250.185.196
142.250.186.35
157.240.252.13
2001:4860:4802:32::36
2606:4700:4400::6812:22e5
2606:4700::6810:4c8e
2606:4700::6810:6bfe
2606:4700::6810:7574
2606:4700::6810:8dd1
2606:4700::6810:a0a8
2606:4700::6811:80ac
2606:4700::6812:8a11
2606:4700::6812:8d77
2606:4700::6812:f36c
2620:100:6022:15::a27d:420f
2a00:1450:4001:827::200e
2a00:1450:4001:82f::2008
2a00:1450:400c:c06::9c
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
37.139.1.159
52.217.104.118
0800c0c0457f4e0610e882ebfe5e2b60fcabb02b959eadea39ab3df3d049fa4d
081cf70b8e6c0d1d978f810f4537e84501c1940d54cd19aee0b065fb8fea3c5b
1fa98ece81b6eb1572f4cda2dcdd54c99b7278452452f655e958a999799a4f8c
33a375921a56ee72e27507b648f2c85350f1d9ad522eb71f60b2de1c7fa2cb6a
3ba0464be7003a2f5108b0d2342b673f12c9ea85f12fe669f9e6ea5647172e4d
53a3dc763a0bd679523a77f5610e4ab27231fe6763d7089c1c92966daa1663f7
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
7183dcb7b3210c56bdc97da37f76b44ef73819378c605098eb8bcdd1bbd1501f
725c20bbad9cf368976f5a85aaa608485ea4941fbacdce9a7159349eb0e6651f
7a8ef809b16c7abcbfb4f265704eff749da0b49d301099621f5249424f3d623b
823f967a9138ecd30b428e7b7fea4c0903c11d4f9e7933e3ac14a775735fa88e
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
88b97d0f808cc05f8bde8c641d5bb74783264bfef0b288e2f7c10e04ceb1a469
8a7706552d6b2d64b40b7175a0f972312ea2a02491c82aee27da9d30712c5728
8d018f2958d3c697ff0aa423dfb4f38b1ace4c9306378a88afc51c53d210d9d5
8fcc2d62aa56006d7087b11b473c6f12aa61eab39d385475bf68cd96391ffcb4
a5a8d5d28e4d33ae75ccde42cca3d1c7115be0ce3f487cd440dfc5f2eab2d357
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b58cf3ce28c99486a906e87c62a5be7433149ce729af18cb02a6e0cd6380f7f9
b6f097ff7a4ecc5cc8325c510d0835954805eb24f0faea8bbfd74bbf5aafaf9d
be411c809e51220960585f4424ee0cfa8a977c40980ebe1901aacb2897587371
c3b94c996567dd5c2ef3effbfcb90655cc981c0db4d142bee4abc2bcbe155ca0
c78a9c768012d59816b23ffd1382e3fd4c0f836594e3a191ea07ef55990e25ab
cc17a70a939f254e1789bb7b0ba1a9c10b427252dc6727e880aca8aceca82070
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e27327b9b185cdba6102b5973daeec2340099c02b6d242ed0a31681732739695
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9c370ea9070b144ed45ff5f35c9206112dd1091326ff898f414ef8c12ec85c0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efb5dc6835aeb8a8e1615ca49df1828cfaf708dc73651c5f1c651f2d2ab3907a
f171db8dc0eb7cec86c84ceac278dbf2fbe33770334635a2703186d14f4828b2
f2a67966f8c5c6a308122142b659daef7a0007b23a2336af3f27cfdcb52b5a71
f73bd5e44950f0b421895065806fb802170e52e7a9e608701f1f2f5a65f0405a
f76874d017cb2caaba0f213acb3bf5cc8ec911330fc161e2f083e177a2b3b043

www.lascatalinascr.com Open in urlscan Pro 13.68.180.169 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

58 Requests

90 %HTTPS

71 %IPv6

22 Domains

28 Subdomains

25 IPs

5 Countries

3111 kBTransfer

34785 kBSize

16 Cookies

14 Outgoing links

Page URL History

Redirected requests

58 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.lascatalinascr.com Open in urlscan Pro
13.68.180.169 Public Scan

Screenshot
Live screenshot

Full Image

58
Requests

90 %
HTTPS

71 %
IPv6

22
Domains

28
Subdomains

25
IPs

5
Countries

3111 kB
Transfer

34785 kB
Size

16
Cookies

58 HTTP transactions
0 data transactions