gt.usembassy.gov Open in urlscan Pro
2600:9000:223c:6e00:3:228f:7440:93a1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://gt.usembassy.gov/
Effective URL:
https://gt.usembassy.gov/
Submission: On October 13 via manual (October 13th 2023, 3:19:24 am UTC) — Scanned from DE

Summary HTTP 224 Redirects Links 223 Behaviour Indicators

Summary

This website contacted 29 IPs in 4 countries across 23 domains to perform 224 HTTP transactions. The main IP is 2600:9000:223c:6e00:3:228f:7440:93a1, located in United States and belongs to AMAZON-02, US. The main domain is gt.usembassy.gov.
TLS certificate: Issued by Amazon RSA 2048 M02 on June 15th 2023. Valid for: a year.

This is the only time gt.usembassy.gov was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2600:9000:223... 2600:9000:223c:f600:3:228f:7440:93a1	16509 (AMAZON-02) (AMAZON-02)
69	2600:9000:223... 2600:9000:223c:6e00:3:228f:7440:93a1	16509 (AMAZON-02) (AMAZON-02)
5	2606:4700::68... 2606:4700::6810:5814	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
3	2606:4700:e0:... 2606:4700:e0::ac40:660b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:211... 2600:9000:211e:2e00:5:83ea:ba80:93a1	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:81c::2008	15169 (GOOGLE) (GOOGLE)
25	2600:9000:224... 2600:9000:2240:1a00:6:d944:3c80:93a1	16509 (AMAZON-02) (AMAZON-02)
10	2606:4700::68... 2606:4700::6811:1a54	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
18	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
1	54.77.171.233 54.77.171.233	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
3	2600:9000:205... 2600:9000:2057:dc00:a:248d:16c0:93a1	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:400c:c07::9b	15169 (GOOGLE) (GOOGLE)
5	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700::68... 2606:4700::6811:1654	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
2 4	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2006	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2016	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6811:45f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
1	52.222.206.40 52.222.206.40	16509 (AMAZON-02) (AMAZON-02)
12	151.101.194.132 151.101.194.132	54113 (FASTLY) (FASTLY)
224	29

1 2600:9000:223c:f600:3:228f:7440:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

gt.usembassy.gov	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

69 2600:9000:223c:6e00:3:228f:7440:93a1 (United States)

ASN16509 (AMAZON-02, US)

gt.usembassy.gov	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:e0::ac40:660b (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:211e:2e00:5:83ea:ba80:93a1 (United States)

ASN16509 (AMAZON-02, US)

dap.digitalgov.gov	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:81c::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2600:9000:2240:1a00:6:d944:3c80:93a1 (United States)

ASN16509 (AMAZON-02, US)

uploads.mwp.mprod.getusinfo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700::6811:1a54 (United States)

ASN13335 (CLOUDFLARENET, US)

answers-embed.covid19.state.gov.pagescdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.77.171.233 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-171-233.eu-west-1.compute.amazonaws.com

w.usabilla.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2057:dc00:a:248d:16c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

share.america.gov	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:400c:c07::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6811:1654 (United States)

ASN13335 (CLOUDFLARENET, US)

assets.sitescdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:45f (United States)

ASN13335 (CLOUDFLARENET, US)

liveapi.yext.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
realtimeanalytics.yext.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.206.40 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-206-40.fra56.r.cloudfront.net

d6tizftlrpuof.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 151.101.194.132 (United States)

ASN54113 (FASTLY, US)

basemaps.cartocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
70	usembassy.gov 1 redirects gt.usembassy.gov	1 MB
25	getusinfo.com uploads.mwp.mprod.getusinfo.com — Cisco Umbrella Rank: 233987	8 MB
18	youtube.com www.youtube.com — Cisco Umbrella Rank: 85	2 MB
12	cartocdn.com basemaps.cartocdn.com — Cisco Umbrella Rank: 54218	274 KB
12	doubleclick.net 2 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 98 googleads.g.doubleclick.net — Cisco Umbrella Rank: 45 static.doubleclick.net — Cisco Umbrella Rank: 304	2 KB
10	gstatic.com fonts.gstatic.com www.gstatic.com	182 KB
10	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 42 region1.google-analytics.com — Cisco Umbrella Rank: 2250	42 KB
10	pagescdn.com answers-embed.covid19.state.gov.pagescdn.com — Cisco Umbrella Rank: 537327	327 KB
9	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 49 jnn-pa.googleapis.com — Cisco Umbrella Rank: 237	64 KB
8	google.com region1.analytics.google.com — Cisco Umbrella Rank: 2714 www.google.com — Cisco Umbrella Rank: 2 play.google.com Failed	30 KB
6	google.de www.google.de — Cisco Umbrella Rank: 6147	767 B
6	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 56	513 KB
5	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 373	41 KB
4	sitescdn.net assets.sitescdn.net — Cisco Umbrella Rank: 11932	239 KB
3	america.gov share.america.gov — Cisco Umbrella Rank: 460966	281 KB
3	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 1214	166 KB
2	yext.com liveapi.yext.com — Cisco Umbrella Rank: 39064 realtimeanalytics.yext.com — Cisco Umbrella Rank: 47982	1 KB
2	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 224	8 KB
2	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 104	14 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 250	10 KB
1	cloudfront.net d6tizftlrpuof.cloudfront.net	2 KB
1	usabilla.com w.usabilla.com — Cisco Umbrella Rank: 4735	11 KB
1	digitalgov.gov dap.digitalgov.gov — Cisco Umbrella Rank: 5953	7 KB
224	23

	Domain	Requested by
70	gt.usembassy.gov	1 redirects gt.usembassy.gov
25	uploads.mwp.mprod.getusinfo.com	gt.usembassy.gov
18	www.youtube.com	gt.usembassy.gov www.youtube.com www.googletagmanager.com
12	basemaps.cartocdn.com
10	answers-embed.covid19.state.gov.pagescdn.com	gt.usembassy.gov answers-embed.covid19.state.gov.pagescdn.com
8	jnn-pa.googleapis.com	www.youtube.com
7	www.google-analytics.com	gt.usembassy.gov www.google-analytics.com www.googletagmanager.com
6	www.google.com	gt.usembassy.gov www.youtube.com
6	www.google.de	gt.usembassy.gov
6	stats.g.doubleclick.net	www.google-analytics.com www.googletagmanager.com
6	fonts.gstatic.com	fonts.googleapis.com www.youtube.com
6	www.googletagmanager.com	gt.usembassy.gov dap.digitalgov.gov www.googletagmanager.com
5	cdn.jsdelivr.net	gt.usembassy.gov cdn.jsdelivr.net
4	www.gstatic.com	www.youtube.com www.gstatic.com
4	googleads.g.doubleclick.net	2 redirects www.youtube.com
4	assets.sitescdn.net	answers-embed.covid19.state.gov.pagescdn.com
3	region1.google-analytics.com	www.googletagmanager.com
3	share.america.gov	gt.usembassy.gov
3	use.fontawesome.com	gt.usembassy.gov use.fontawesome.com
2	yt3.ggpht.com	www.youtube.com
2	i.ytimg.com	www.youtube.com
2	static.doubleclick.net	www.youtube.com
2	cdnjs.cloudflare.com	answers-embed.covid19.state.gov.pagescdn.com
2	region1.analytics.google.com	www.googletagmanager.com
1	d6tizftlrpuof.cloudfront.net	gt.usembassy.gov
1	realtimeanalytics.yext.com	assets.sitescdn.net
1	liveapi.yext.com	answers-embed.covid19.state.gov.pagescdn.com
1	w.usabilla.com	gt.usembassy.gov
1	dap.digitalgov.gov	gt.usembassy.gov
1	fonts.googleapis.com	gt.usembassy.gov
0	play.google.com Failed	www.youtube.com
224	31

This site contains links to these domains. Also see Links.

Domain
travel.state.gov
af.usembassy.gov
al.usembassy.gov
dz.usembassy.gov
ao.usembassy.gov
ar.usembassy.gov
am.usembassy.gov
au.usembassy.gov
at.usembassy.gov
az.usembassy.gov
bs.usembassy.gov
bh.usembassy.gov
bd.usembassy.gov
bb.usembassy.gov
by.usembassy.gov
be.usembassy.gov
bz.usembassy.gov
bj.usembassy.gov
bm.usconsulate.gov
bo.usembassy.gov
ba.usembassy.gov
bw.usembassy.gov
br.usembassy.gov
bn.usembassy.gov
bg.usembassy.gov
bf.usembassy.gov
mm.usembassy.gov
bi.usembassy.gov
cv.usembassy.gov
kh.usembassy.gov
cm.usembassy.gov
ca.usembassy.gov
cf.usembassy.gov
td.usembassy.gov
cl.usembassy.gov
china.usembassy-china.org.cn
co.usembassy.gov
km.usembassy.gov
cr.usembassy.gov
ci.usembassy.gov
hr.usembassy.gov
cu.usembassy.gov
cw.usconsulate.gov
cy.usembassy.gov
cz.usembassy.gov
cd.usembassy.gov
dk.usembassy.gov
dj.usembassy.gov
do.usembassy.gov
ec.usembassy.gov
eg.usembassy.gov
sv.usembassy.gov
gq.usembassy.gov
er.usembassy.gov
ee.usembassy.gov
sz.usembassy.gov
et.usembassy.gov
fj.usembassy.gov
fi.usembassy.gov
fr.usembassy.gov
ga.usembassy.gov
ge.usembassy.gov
de.usembassy.gov
gh.usembassy.gov
gr.usembassy.gov
gn.usembassy.gov
gw.usmission.gov
gy.usembassy.gov
gm.usembassy.gov
ht.usembassy.gov
hn.usembassy.gov
hk.usconsulate.gov
hu.usembassy.gov
is.usembassy.gov
in.usembassy.gov
id.usembassy.gov
ir.usembassy.gov
iq.usembassy.gov
ie.usembassy.gov
il.usembassy.gov
it.usembassy.gov
jm.usembassy.gov
jp.usembassy.gov
jo.usembassy.gov
kz.usembassy.gov
ke.usembassy.gov
kr.usembassy.gov
xk.usembassy.gov
kw.usembassy.gov
kg.usembassy.gov
la.usembassy.gov
lv.usembassy.gov
lb.usembassy.gov
ls.usembassy.gov
lr.usembassy.gov
ly.usembassy.gov
lt.usembassy.gov
lu.usembassy.gov
mg.usembassy.gov
mw.usembassy.gov
my.usembassy.gov
mv.usmission.gov
ml.usembassy.gov
mt.usembassy.gov
mh.usembassy.gov
mr.usembassy.gov
mu.usembassy.gov
mx.usembassy.gov
fm.usembassy.gov
md.usembassy.gov
mn.usembassy.gov
me.usembassy.gov
ma.usembassy.gov
mz.usembassy.gov
na.usembassy.gov
np.usembassy.gov
nl.usembassy.gov
nz.usembassy.gov
ni.usembassy.gov
ne.usembassy.gov
ng.usembassy.gov
mk.usembassy.gov
no.usembassy.gov
om.usembassy.gov
pk.usembassy.gov
pw.usembassy.gov
palestinianaffairs.state.gov
pa.usembassy.gov
pg.usembassy.gov
py.usembassy.gov
pe.usembassy.gov
ph.usembassy.gov
pl.usembassy.gov
pt.usembassy.gov
qa.usembassy.gov
cg.usembassy.gov
ro.usembassy.gov
ru.usembassy.gov
rw.usembassy.gov
ws.usembassy.gov
sm.usmission.gov
sa.usembassy.gov
sn.usembassy.gov
rs.usembassy.gov
sl.usembassy.gov
sg.usembassy.gov
sk.usembassy.gov
si.usembassy.gov
so.usembassy.gov
za.usembassy.gov
ss.usembassy.gov
es.usembassy.gov
lk.usembassy.gov
sd.usembassy.gov
sr.usembassy.gov
se.usembassy.gov
ch.usembassy.gov
sy.usembassy.gov
www.ait.org.tw
tj.usembassy.gov
tz.usembassy.gov
th.usembassy.gov
tl.usembassy.gov
tg.usembassy.gov
tt.usembassy.gov
tn.usembassy.gov
tr.usembassy.gov
tm.usembassy.gov
ug.usembassy.gov
ua.usembassy.gov
ae.usembassy.gov
uk.usembassy.gov
uy.usembassy.gov
uz.usembassy.gov
ve.usembassy.gov
vn.usembassy.gov
ye.usembassy.gov
zm.usembassy.gov
zw.usembassy.gov
asean.usmission.gov
www.usau.usmission.gov
useu.usmission.gov
va.usembassy.gov
icao.usmission.gov
nato.usmission.gov
osce.usmission.gov
usoas.usmission.gov
usoecd.usmission.gov
geneva.usmission.gov
usunrome.usmission.gov
usun.usmission.gov
vienna.usmission.gov
step.state.gov
twitter.com
www.whitehouse.gov
www.state.gov
maps.google.com
www.facebook.com
www.youtube.com
www.flickr.com
instagram.com
leafletjs.com
b4after.pl
osm.org
share.america.gov
uploads.mwp.mprod.getusinfo.com
foia.state.gov

Subject Issuer	Validity	Valid
usembassy.gov Amazon RSA 2048 M02	`2023-06-15` - `2024-07-13`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-02` - `2024-05-01`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
use.fontawesome.com Cloudflare Inc ECC CA-3	`2023-10-12` - `2024-10-10`	a year	crt.sh
dap.digitalgov.gov Amazon RSA 2048 M02	`2023-07-07` - `2024-08-04`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
uploads.mwp.mprod.getusinfo.com Amazon RSA 2048 M01	`2023-06-12` - `2024-07-10`	a year	crt.sh
answers-embed.covid19.state.gov.pagescdn.com Cloudflare Inc ECC CA-3	`2023-01-02` - `2024-01-02`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
w.usabilla.com Amazon RSA 2048 M01	`2023-02-09` - `2024-02-09`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
share.america.gov Amazon RSA 2048 M02	`2023-06-24` - `2024-07-22`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
yext.com Cloudflare Inc ECC CA-3	`2023-09-28` - `2023-12-27`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
*.basemaps.cartocdn.com R3	`2023-10-02` - `2023-12-31`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://gt.usembassy.gov/
Frame ID: ED2D4FA3722B4E42B00EDAE5A1FCFA17
Requests: 162 HTTP requests in this frame

Frame: https://www.youtube.com/embed/1A_jEvB3JmU?feature=oembed&start=0&enablejsapi=1&origin=https%3A%2F%2Fgt.usembassy.gov
Frame ID: D7D6816846C94324F978A622244E4DE0
Requests: 43 HTTP requests in this frame

Frame: https://w.usabilla.com/a5fe257d2b93.js?lv=1
Frame ID: 8B0FEA658B65305C74DB49E5C87D82AB
Requests: 1 HTTP requests in this frame

Frame: https://answers-embed.covid19.state.gov.pagescdn.com/index.html?referrerPageUrl=https://gt.usembassy.gov/
Frame ID: 907C502D2E6A2F3E32B90C0FA978D7CC
Requests: 12 HTTP requests in this frame

Frame: https://answers-embed.covid19.state.gov.pagescdn.com/overlay-button.html
Frame ID: 16E33C25E78B01D1E96BD9D9612045A8
Requests: 4 HTTP requests in this frame

Frame: https://d6tizftlrpuof.cloudfront.net/live/resources/buttons/usabilla_white_rightSideImprove.png
Frame ID: 0B96040C902CF156F1C0F663215C8934
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Homepage - U.S. Embassy in GuatemalaLock

Page URL History Show full URLs

http://gt.usembassy.gov/ HTTP 301
https://gt.usembassy.gov/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Leaflet (Maps) Expand

Overall confidence: 100%
Detected patterns

leaflet.{0,32}\.js

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Backbone.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

backbone.*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/slick(?:\.min)?\.js

Underscore.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

underscore.*\.js(?:\?ver=([\d.]+))?

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

224
Requests

97 %
HTTPS

90 %
IPv6

23
Domains

31
Subdomains

29
IPs

4
Countries

13699 kB
Transfer

22768 kB
Size

21
Cookies

223 Outgoing links

These are links going to different origins than the main page.

URL: https://travel.state.gov/content/travel/en/traveladvisories/traveladvisories/guatemala-travel-advisory.html
Title: Read More...

Search URL Search Domain Scan URL

URL: https://af.usembassy.gov/
Title: Afghanistan

Search URL Search Domain Scan URL

URL: https://al.usembassy.gov/
Title: Albania

Search URL Search Domain Scan URL

URL: https://dz.usembassy.gov/
Title: Algeria

Search URL Search Domain Scan URL

URL: https://ao.usembassy.gov/
Title: Angola

Search URL Search Domain Scan URL

URL: https://ar.usembassy.gov/
Title: Argentina

Search URL Search Domain Scan URL

URL: https://am.usembassy.gov/
Title: Armenia

Search URL Search Domain Scan URL

URL: https://au.usembassy.gov/
Title: Australia

Search URL Search Domain Scan URL

URL: https://at.usembassy.gov/
Title: Austria

Search URL Search Domain Scan URL

URL: https://az.usembassy.gov/
Title: Azerbaijan

Search URL Search Domain Scan URL

URL: https://bs.usembassy.gov/
Title: Bahamas

Search URL Search Domain Scan URL

URL: https://bh.usembassy.gov/
Title: Bahrain

Search URL Search Domain Scan URL

URL: https://bd.usembassy.gov/
Title: Bangladesh

Search URL Search Domain Scan URL

URL: https://bb.usembassy.gov/
Title: Barbados

Search URL Search Domain Scan URL

URL: https://by.usembassy.gov/
Title: Belarus

Search URL Search Domain Scan URL

URL: https://be.usembassy.gov/
Title: Belgium

Search URL Search Domain Scan URL

URL: https://bz.usembassy.gov/
Title: Belize

Search URL Search Domain Scan URL

URL: https://bj.usembassy.gov/
Title: Benin

Search URL Search Domain Scan URL

URL: https://bm.usconsulate.gov/
Title: Bermuda

Search URL Search Domain Scan URL

URL: https://bo.usembassy.gov/
Title: Bolivia

Search URL Search Domain Scan URL

URL: https://ba.usembassy.gov/
Title: Bosnia & Herzegovina

Search URL Search Domain Scan URL

URL: https://bw.usembassy.gov/
Title: Botswana

Search URL Search Domain Scan URL

URL: https://br.usembassy.gov/
Title: Brazil

Search URL Search Domain Scan URL

URL: https://bn.usembassy.gov/
Title: Brunei

Search URL Search Domain Scan URL

URL: https://bg.usembassy.gov/
Title: Bulgaria

Search URL Search Domain Scan URL

URL: https://bf.usembassy.gov/
Title: Burkina Faso

Search URL Search Domain Scan URL

URL: https://mm.usembassy.gov/
Title: Burma

Search URL Search Domain Scan URL

URL: https://bi.usembassy.gov/
Title: Burundi

Search URL Search Domain Scan URL

URL: https://cv.usembassy.gov/
Title: Cabo Verde

Search URL Search Domain Scan URL

URL: https://kh.usembassy.gov/
Title: Cambodia

Search URL Search Domain Scan URL

URL: https://cm.usembassy.gov/
Title: Cameroon

Search URL Search Domain Scan URL

URL: https://ca.usembassy.gov/
Title: Canada

Search URL Search Domain Scan URL

URL: https://cf.usembassy.gov/
Title: Central African Republic

Search URL Search Domain Scan URL

URL: https://td.usembassy.gov/
Title: Chad

Search URL Search Domain Scan URL

URL: https://cl.usembassy.gov/
Title: Chile

Search URL Search Domain Scan URL

URL: https://china.usembassy-china.org.cn/
Title: China

Search URL Search Domain Scan URL

URL: https://co.usembassy.gov/
Title: Colombia

Search URL Search Domain Scan URL

URL: https://km.usembassy.gov/
Title: Comoros

Search URL Search Domain Scan URL

URL: https://cr.usembassy.gov/
Title: Costa Rica

Search URL Search Domain Scan URL

URL: https://ci.usembassy.gov/
Title: Côte d’Ivoire

Search URL Search Domain Scan URL

URL: https://hr.usembassy.gov/
Title: Croatia

Search URL Search Domain Scan URL

URL: https://cu.usembassy.gov/
Title: Cuba

Search URL Search Domain Scan URL

URL: https://cw.usconsulate.gov/
Title: Curacao

Search URL Search Domain Scan URL

URL: https://cy.usembassy.gov/
Title: Cyprus

Search URL Search Domain Scan URL

URL: https://cz.usembassy.gov/
Title: Czech Republic

Search URL Search Domain Scan URL

URL: https://cd.usembassy.gov/
Title: Democratic Republic of the Congo

Search URL Search Domain Scan URL

URL: https://dk.usembassy.gov/
Title: Denmark

Search URL Search Domain Scan URL

URL: https://dj.usembassy.gov/
Title: Djibouti

Search URL Search Domain Scan URL

URL: https://do.usembassy.gov/
Title: Dominican Republic

Search URL Search Domain Scan URL

URL: https://ec.usembassy.gov/
Title: Ecuador

Search URL Search Domain Scan URL

URL: https://eg.usembassy.gov/
Title: Egypt

Search URL Search Domain Scan URL

URL: https://sv.usembassy.gov/
Title: El Salvador

Search URL Search Domain Scan URL

URL: https://gq.usembassy.gov/
Title: Equatorial Guinea

Search URL Search Domain Scan URL

URL: https://er.usembassy.gov/
Title: Eritrea

Search URL Search Domain Scan URL

URL: https://ee.usembassy.gov/
Title: Estonia

Search URL Search Domain Scan URL

URL: https://sz.usembassy.gov/
Title: Eswatini

Search URL Search Domain Scan URL

URL: https://et.usembassy.gov/
Title: Ethiopia

Search URL Search Domain Scan URL

URL: https://fj.usembassy.gov/
Title: Fiji

Search URL Search Domain Scan URL

URL: https://fi.usembassy.gov/
Title: Finland

Search URL Search Domain Scan URL

URL: https://fr.usembassy.gov/
Title: France

Search URL Search Domain Scan URL

URL: https://ga.usembassy.gov/
Title: Gabon

Search URL Search Domain Scan URL

URL: https://ge.usembassy.gov/
Title: Georgia

Search URL Search Domain Scan URL

URL: https://de.usembassy.gov/
Title: Germany

Search URL Search Domain Scan URL

URL: https://gh.usembassy.gov/
Title: Ghana

Search URL Search Domain Scan URL

URL: https://gr.usembassy.gov/
Title: Greece

Search URL Search Domain Scan URL

URL: https://gn.usembassy.gov/
Title: Guinea

Search URL Search Domain Scan URL

URL: https://gw.usmission.gov/
Title: U.S. Virtual Presence in Guinea-Bissau

Search URL Search Domain Scan URL

URL: https://gy.usembassy.gov/
Title: Guyana

Search URL Search Domain Scan URL

URL: https://gm.usembassy.gov/
Title: The Gambia

Search URL Search Domain Scan URL

URL: https://ht.usembassy.gov/
Title: Haiti

Search URL Search Domain Scan URL

URL: https://hn.usembassy.gov/
Title: Honduras

Search URL Search Domain Scan URL

URL: https://hk.usconsulate.gov/
Title: Hong Kong and Macau

Search URL Search Domain Scan URL

URL: https://hu.usembassy.gov/
Title: Hungary

Search URL Search Domain Scan URL

URL: https://is.usembassy.gov/
Title: Iceland

Search URL Search Domain Scan URL

URL: https://in.usembassy.gov/
Title: India

Search URL Search Domain Scan URL

URL: https://id.usembassy.gov/
Title: Indonesia

Search URL Search Domain Scan URL

URL: https://ir.usembassy.gov/
Title: Iran

Search URL Search Domain Scan URL

URL: https://iq.usembassy.gov/
Title: Iraq

Search URL Search Domain Scan URL

URL: https://ie.usembassy.gov/
Title: Ireland

Search URL Search Domain Scan URL

URL: https://il.usembassy.gov/
Title: Israel

Search URL Search Domain Scan URL

URL: https://it.usembassy.gov/
Title: Italy

Search URL Search Domain Scan URL

URL: https://jm.usembassy.gov/
Title: Jamaica

Search URL Search Domain Scan URL

URL: https://jp.usembassy.gov/
Title: Japan

Search URL Search Domain Scan URL

URL: https://jo.usembassy.gov/
Title: Jordan

Search URL Search Domain Scan URL

URL: https://kz.usembassy.gov/
Title: Kazakhstan

Search URL Search Domain Scan URL

URL: https://ke.usembassy.gov/
Title: Kenya

Search URL Search Domain Scan URL

URL: https://kr.usembassy.gov/
Title: Korea

Search URL Search Domain Scan URL

URL: https://xk.usembassy.gov/
Title: Kosovo

Search URL Search Domain Scan URL

URL: https://kw.usembassy.gov/
Title: Kuwait

Search URL Search Domain Scan URL

URL: https://kg.usembassy.gov/
Title: Kyrgyz Republic

Search URL Search Domain Scan URL

URL: https://la.usembassy.gov/
Title: Laos

Search URL Search Domain Scan URL

URL: https://lv.usembassy.gov/
Title: Latvia

Search URL Search Domain Scan URL

URL: https://lb.usembassy.gov/
Title: Lebanon

Search URL Search Domain Scan URL

URL: https://ls.usembassy.gov/
Title: Lesotho

Search URL Search Domain Scan URL

URL: https://lr.usembassy.gov/
Title: Liberia

Search URL Search Domain Scan URL

URL: https://ly.usembassy.gov/
Title: Libya

Search URL Search Domain Scan URL

URL: https://lt.usembassy.gov/
Title: Lithuania

Search URL Search Domain Scan URL

URL: https://lu.usembassy.gov/
Title: Luxembourg

Search URL Search Domain Scan URL

URL: https://mg.usembassy.gov/
Title: Madagascar

Search URL Search Domain Scan URL

URL: https://mw.usembassy.gov/
Title: Malawi

Search URL Search Domain Scan URL

URL: https://my.usembassy.gov/
Title: Malaysia

Search URL Search Domain Scan URL

URL: https://mv.usmission.gov/mission/maldives/
Title: Maldives

Search URL Search Domain Scan URL

URL: https://ml.usembassy.gov/
Title: Mali

Search URL Search Domain Scan URL

URL: https://mt.usembassy.gov/
Title: Malta

Search URL Search Domain Scan URL

URL: https://mh.usembassy.gov/
Title: Marshall Islands

Search URL Search Domain Scan URL

URL: https://mr.usembassy.gov/
Title: Mauritania

Search URL Search Domain Scan URL

URL: https://mu.usembassy.gov/
Title: Mauritius

Search URL Search Domain Scan URL

URL: https://mx.usembassy.gov/
Title: Mexico

Search URL Search Domain Scan URL

URL: https://fm.usembassy.gov/
Title: Micronesia

Search URL Search Domain Scan URL

URL: https://md.usembassy.gov/
Title: Moldova

Search URL Search Domain Scan URL

URL: https://mn.usembassy.gov/
Title: Mongolia

Search URL Search Domain Scan URL

URL: https://me.usembassy.gov/
Title: Montenegro

Search URL Search Domain Scan URL

URL: https://ma.usembassy.gov/
Title: Morocco

Search URL Search Domain Scan URL

URL: https://mz.usembassy.gov/
Title: Mozambique

Search URL Search Domain Scan URL

URL: https://na.usembassy.gov/
Title: Namibia

Search URL Search Domain Scan URL

URL: https://np.usembassy.gov/
Title: Nepal

Search URL Search Domain Scan URL

URL: https://nl.usembassy.gov/
Title: Netherlands

Search URL Search Domain Scan URL

URL: https://nz.usembassy.gov/
Title: New Zealand

Search URL Search Domain Scan URL

URL: https://ni.usembassy.gov/
Title: Nicaragua

Search URL Search Domain Scan URL

URL: https://ne.usembassy.gov/
Title: Niger

Search URL Search Domain Scan URL

URL: https://ng.usembassy.gov/
Title: Nigeria

Search URL Search Domain Scan URL

URL: https://mk.usembassy.gov/
Title: North Macedonia

Search URL Search Domain Scan URL

URL: https://no.usembassy.gov/
Title: Norway

Search URL Search Domain Scan URL

URL: https://om.usembassy.gov/
Title: Oman

Search URL Search Domain Scan URL

URL: https://pk.usembassy.gov/
Title: Pakistan

Search URL Search Domain Scan URL

URL: https://pw.usembassy.gov/
Title: Palau

Search URL Search Domain Scan URL

URL: https://palestinianaffairs.state.gov/
Title: Palestinian Territories

Search URL Search Domain Scan URL

URL: https://pa.usembassy.gov/
Title: Panama

Search URL Search Domain Scan URL

URL: https://pg.usembassy.gov/
Title: Papua New Guinea

Search URL Search Domain Scan URL

URL: https://py.usembassy.gov/
Title: Paraguay

Search URL Search Domain Scan URL

URL: https://pe.usembassy.gov/
Title: Peru

Search URL Search Domain Scan URL

URL: https://ph.usembassy.gov/
Title: Philippines

Search URL Search Domain Scan URL

URL: https://pl.usembassy.gov/
Title: Poland

Search URL Search Domain Scan URL

URL: https://pt.usembassy.gov/
Title: Portugal

Search URL Search Domain Scan URL

URL: https://qa.usembassy.gov/
Title: Qatar

Search URL Search Domain Scan URL

URL: https://cg.usembassy.gov/
Title: Republic of Congo

Search URL Search Domain Scan URL

URL: https://ro.usembassy.gov/
Title: Romania

Search URL Search Domain Scan URL

URL: https://ru.usembassy.gov/
Title: Russia

Search URL Search Domain Scan URL

URL: https://rw.usembassy.gov/
Title: Rwanda

Search URL Search Domain Scan URL

URL: https://ws.usembassy.gov/
Title: Samoa

Search URL Search Domain Scan URL

URL: https://sm.usmission.gov/
Title: San Marino

Search URL Search Domain Scan URL

URL: https://sa.usembassy.gov/
Title: Saudi Arabia

Search URL Search Domain Scan URL

URL: https://sn.usembassy.gov/
Title: Senegal

Search URL Search Domain Scan URL

URL: https://rs.usembassy.gov/
Title: Serbia

Search URL Search Domain Scan URL

URL: https://sl.usembassy.gov/
Title: Sierra Leone

Search URL Search Domain Scan URL

URL: https://sg.usembassy.gov/
Title: Singapore

Search URL Search Domain Scan URL

URL: https://sk.usembassy.gov/
Title: Slovakia

Search URL Search Domain Scan URL

URL: https://si.usembassy.gov/
Title: Slovenia

Search URL Search Domain Scan URL

URL: https://so.usembassy.gov/
Title: Somalia

Search URL Search Domain Scan URL

URL: https://za.usembassy.gov/
Title: South Africa

Search URL Search Domain Scan URL

URL: https://ss.usembassy.gov/
Title: South Sudan

Search URL Search Domain Scan URL

URL: https://es.usembassy.gov/
Title: Spain

Search URL Search Domain Scan URL

URL: https://lk.usembassy.gov/
Title: Sri Lanka

Search URL Search Domain Scan URL

URL: https://sd.usembassy.gov/
Title: Sudan

Search URL Search Domain Scan URL

URL: https://sr.usembassy.gov/
Title: Suriname

Search URL Search Domain Scan URL

URL: https://se.usembassy.gov/
Title: Sweden

Search URL Search Domain Scan URL

URL: https://ch.usembassy.gov/
Title: Switzerland

Search URL Search Domain Scan URL

URL: https://sy.usembassy.gov/
Title: Syria

Search URL Search Domain Scan URL

URL: https://www.ait.org.tw/
Title: American Institute in Taiwan

Search URL Search Domain Scan URL

URL: https://tj.usembassy.gov/
Title: Tajikistan

Search URL Search Domain Scan URL

URL: https://tz.usembassy.gov/
Title: Tanzania

Search URL Search Domain Scan URL

URL: https://th.usembassy.gov/
Title: Thailand

Search URL Search Domain Scan URL

URL: https://tl.usembassy.gov/
Title: Timor-Leste

Search URL Search Domain Scan URL

URL: https://tg.usembassy.gov/
Title: Togo

Search URL Search Domain Scan URL

URL: https://tt.usembassy.gov/
Title: Trinidad & Tobago

Search URL Search Domain Scan URL

URL: https://tn.usembassy.gov/
Title: Tunisia

Search URL Search Domain Scan URL

URL: https://tr.usembassy.gov/
Title: Türkiye

Search URL Search Domain Scan URL

URL: https://tm.usembassy.gov/
Title: Turkmenistan

Search URL Search Domain Scan URL

URL: https://ug.usembassy.gov/
Title: Uganda

Search URL Search Domain Scan URL

URL: https://ua.usembassy.gov/
Title: Ukraine

Search URL Search Domain Scan URL

URL: https://ae.usembassy.gov/
Title: United Arab Emirates

Search URL Search Domain Scan URL

URL: https://uk.usembassy.gov/
Title: United Kingdom

Search URL Search Domain Scan URL

URL: https://uy.usembassy.gov/
Title: Uruguay

Search URL Search Domain Scan URL

URL: https://uz.usembassy.gov/
Title: Uzbekistan

Search URL Search Domain Scan URL

URL: https://ve.usembassy.gov/
Title: Venezuela

Search URL Search Domain Scan URL

URL: https://vn.usembassy.gov/
Title: Vietnam

Search URL Search Domain Scan URL

URL: https://ye.usembassy.gov/
Title: Yemen

Search URL Search Domain Scan URL

URL: https://zm.usembassy.gov/
Title: Zambia

Search URL Search Domain Scan URL

URL: https://zw.usembassy.gov/
Title: Zimbabwe

Search URL Search Domain Scan URL

URL: https://asean.usmission.gov/
Title: U.S. Mission to ASEAN

Search URL Search Domain Scan URL

URL: https://www.usau.usmission.gov/
Title: U.S. Mission to the African Union

Search URL Search Domain Scan URL

URL: https://useu.usmission.gov/
Title: U.S. Mission to the EU

Search URL Search Domain Scan URL

URL: https://va.usembassy.gov/
Title: Holy See

Search URL Search Domain Scan URL

URL: https://icao.usmission.gov/
Title: U.S. Mission to the ICAO

Search URL Search Domain Scan URL

URL: https://nato.usmission.gov/
Title: U.S. Mission to NATO

Search URL Search Domain Scan URL

URL: https://osce.usmission.gov/
Title: U.S. Mission to OSCE

Search URL Search Domain Scan URL

URL: https://usoas.usmission.gov/
Title: U.S. Mission to the OAS

Search URL Search Domain Scan URL

URL: https://usoecd.usmission.gov/
Title: U.S. Mission to the OECD

Search URL Search Domain Scan URL

URL: https://geneva.usmission.gov/
Title: U.S. Mission to the UN-Geneva

Search URL Search Domain Scan URL

URL: https://usunrome.usmission.gov/
Title: U.S. Mission to the UN-Rome

Search URL Search Domain Scan URL

URL: https://usun.usmission.gov/
Title: U.S. Mission to the United Nations

Search URL Search Domain Scan URL

URL: https://vienna.usmission.gov/
Title: U.S. Mission to International Organizations in Vienna

Search URL Search Domain Scan URL

URL: https://travel.state.gov/content/travel/en/international-travel.html
Title: Visit Travel.State.gov for More Information

Search URL Search Domain Scan URL

URL: https://step.state.gov/
Title: Sign-up for Alerts

Search URL Search Domain Scan URL

URL: https://twitter.com/POTUS

Search URL Search Domain Scan URL

URL: https://www.whitehouse.gov/administration/president-biden/
Title: Read Full Biography

Search URL Search Domain Scan URL

URL: https://twitter.com/VP

Search URL Search Domain Scan URL

URL: https://www.whitehouse.gov/administration/vice-president-harris/
Title: Read Full Biography

Search URL Search Domain Scan URL

URL: https://twitter.com/ABlinken

Search URL Search Domain Scan URL

URL: https://www.state.gov/biographies/antony-j-blinken/
Title: Read Full Biography

Search URL Search Domain Scan URL

URL: https://maps.google.com/?q=Boulevard%20Austriaco%2011-51,%20Zone%2016%20Guatemala%20City,%20Guatemala
Title: Boulevard Austriaco 11-51, Zone 16 Guatemala City, Guatemala

Search URL Search Domain Scan URL

URL: https://twitter.com/usembassyguate

Search URL Search Domain Scan URL

URL: http://www.facebook.com/pages/US-Embassy-Guatemala/90293542586

Search URL Search Domain Scan URL

URL: http://www.youtube.com/usembassyguate

Search URL Search Domain Scan URL

URL: http://www.flickr.com/photos/usembassyguatemala

Search URL Search Domain Scan URL

URL: http://instagram.com/usembassyguatemala

Search URL Search Domain Scan URL

URL: http://leafletjs.com/
Title: Leaflet

Search URL Search Domain Scan URL

URL: https://b4after.pl/?utm_source=https://gt.usembassy.gov/&utm_medium=map_contributors&utm_campaign=OSMapper
Title: Agencja SEO Poznań

Search URL Search Domain Scan URL

URL: http://osm.org/copyright
Title: OpenStreetMap

Search URL Search Domain Scan URL

URL: https://share.america.gov/us-postage-stamps-pay-tribute-hispanic-americans/

Search URL Search Domain Scan URL

URL: https://share.america.gov/star-wars-actor-on-how-astronauts-do-science-in-space/

Search URL Search Domain Scan URL

URL: https://share.america.gov/united-with-ukraine-july-2023/

Search URL Search Domain Scan URL

URL: https://www.state.gov/reports/2022-trafficking-in-persons-report/
Title: 2022 Trafficking in Persons Report

Search URL Search Domain Scan URL

URL: https://www.state.gov/reports/2022-report-on-international-religious-freedom/
Title: 2022 International Religious Freedom Report

Search URL Search Domain Scan URL

URL: https://uploads.mwp.mprod.getusinfo.com/uploads/sites/40/2022/06/GUATEMALA-2021-INTERNATIONAL-RELIGIOUS-FREEDOM-REPORT.pdf
Title: 2021 Report on International Religious Freedom

Search URL Search Domain Scan URL

URL: https://www.state.gov/reports/2021-trafficking-in-persons-report/guatemala
Title: 2021 Trafficking in Persons Report

Search URL Search Domain Scan URL

URL: https://www.state.gov/reports/2023-trafficking-in-persons-report/
Title: 2023 Trafficking in Persons Report

Search URL Search Domain Scan URL

URL: https://www.whitehouse.gov/
Title: White House

Search URL Search Domain Scan URL

URL: https://www.state.gov/
Title: Department of State

Search URL Search Domain Scan URL

URL: https://www.state.gov/social-media-terms-of-use/
Title: Social Media Terms of Use

Search URL Search Domain Scan URL

URL: https://foia.state.gov/
Title: FOIA

Search URL Search Domain Scan URL

URL: https://www.state.gov/key-topics-office-of-civil-rights/eeo-no-fear-act-whistleblower-protection-acts/
Title: No Fear Act

Search URL Search Domain Scan URL

URL: http://twitter.com/usembassyguate

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://gt.usembassy.gov/ HTTP 301
https://gt.usembassy.gov/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 154

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 198

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

224 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
gt.usembassy.gov/
Redirect Chain

http://gt.usembassy.gov/
https://gt.usembassy.gov/

138 KB
24 KB

52ms
14ms

Document
text/html

2600:9000:223c:6e00:3:228f:7440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gt.usembassy.gov/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223c:6e00:3:228f:7440:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

923eb1c5d1f9ae2c035f60ae755f62612e0a061940f4d3293e718badfd9bc54c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-headers: X-Requested-With, Content-Type, Origin, Authorization, Accept, Client-Security-Token, Accept-Encoding
access-control-allow-methods: GET
access-control-allow-origin: https://travel.state.gov
age: 238
cache-control: max-age=600
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 13 Oct 2023 03:15:19 GMT
expires: Fri, 13 Oct 2023 03:25:18 GMT
link: <https://gt.usembassy.gov/wp-json/>; rel="https://api.w.org/" <https://gt.usembassy.gov/wp-json/wp/v2/pages/267>; rel="alternate"; type="application/json" <https://gt.usembassy.gov/>; rel=shortlink
server: nginx
strict-transport-security: max-age=31536000; includeSubdomains; preload
vary: Accept-Encoding
via: 1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
x-amz-cf-id: KvOWMHzqXhB-pxlZInzxWpfMpSNVG8Bc2zOlt_9TgmpDQNRMEqVQuA==
x-amz-cf-pop: FRA56-P2
x-cache: Hit from cloudfront
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-tec-api-origin: https://gt.usembassy.gov
x-tec-api-root: https://gt.usembassy.gov/wp-json/tribe/events/v1/
x-tec-api-version: v1

Redirect headers

Connection: keep-alive
Content-Length: 167
Content-Type: text/html
Date: Fri, 13 Oct 2023 03:19:17 GMT
Location: https://gt.usembassy.gov/
Server: CloudFront
Via: 1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
X-Amz-Cf-Id: Tt2QRcG51rvTEa90Pms2I5AQYqq5FEsICujGBHkWhBeV8ZRbn_3TIg==
X-Amz-Cf-Pop: FRA56-P2
X-Cache: Redirect from cloudfront

GET
H2 200 tribe-events-pro-mini-calendar-block.min.css
gt.usembassy.gov/wp-content/plugins/events-calendar-pro/src/resources/css/ 655 B
1 KB 19ms
16ms Stylesheet
text/css 2600:9000:223c:6e00:3:228f:7440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gt.usembassy.gov/wp-content/plugins/events-calendar-pro/src/resources/css/tribe-events-pro-mini-calendar-block.min.css?ver=6.2.1.1

Requested by

Host: gt.usembassy.gov
URL: https://gt.usembassy.gov/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223c:6e00:3:228f:7440:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

d2d330f53cdfd25a188faebfc07535a76190bcc529946b09c74d0971e84b53cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gt.usembassy.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 04:36:13 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
via: 1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 81784
x-amz-cf-pop: FRA56-P2
x-cache: Hit from cloudfront
content-length: 655
last-modified: Fri, 06 Oct 2023 17:15:25 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: https://travel.state.gov
cache-control: max-age=691200
accept-ranges: bytes
access-control-allow-headers: X-Requested-With, Content-Type, Origin, Authorization, Accept, Client-Security-Token, Accept-Encoding
x-amz-cf-id: 32KjwnEyyaEIVgqYOeZZDNtHGtTIngk881cBgBxRWNC_Cbu9IkHWPQ==
expires: Fri, 20 Oct 2023 04:36:13 GMT

GET
H2 200 style.min.css
gt.usembassy.gov/wp-includes/css/dist/block-library/ 102 KB
103 KB 23ms
20ms Stylesheet
text/css 2600:9000:223c:6e00:3:228f:7440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gt.usembassy.gov/wp-includes/css/dist/block-library/style.min.css?ver=947f6f738d8ae398d758626f0d9c2ae3

Requested by

Host: gt.usembassy.gov
URL: https://gt.usembassy.gov/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223c:6e00:3:228f:7440:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gt.usembassy.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 04:36:13 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
via: 1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 81784
x-amz-cf-pop: FRA56-P2
x-cache: Hit from cloudfront
last-modified: Tue, 29 Aug 2023 14:28:14 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: https://travel.state.gov
cache-control: max-age=691200
accept-ranges: bytes
access-control-allow-headers: X-Requested-With, Content-Type, Origin, Authorization, Accept, Client-Security-Token, Accept-Encoding
x-amz-cf-id: _aF5uL8CyRp-MDF7jQ__o8v1_lWK6NcZQ2w832iucvOLZczH_pNU5Q==
expires: Fri, 20 Oct 2023 04:36:13 GMT

GET
H2 200 america-api-client-public.css
gt.usembassy.gov/wp-content/plugins/america-api-client/public/ 2 KB
2 KB 32ms
29ms Stylesheet
text/css 2600:9000:223c:6e00:3:228f:7440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gt.usembassy.gov/wp-content/plugins/america-api-client/public/america-api-client-public.css?ver=1.0.0

Requested by

Host: gt.usembassy.gov
URL: https://gt.usembassy.gov/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223c:6e00:3:228f:7440:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

58cbd73dd793a7bba150e4fd727b91f3e5a60efd48c4437554bf3252732d3304

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gt.usembassy.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 15:19:23 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
via: 1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 302394
x-amz-cf-pop: FRA56-P2
x-cache: Hit from cloudfront
last-modified: Mon, 11 Sep 2023 20:48:54 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: https://travel.state.gov
cache-control: max-age=691200
accept-ranges: bytes
access-control-allow-headers: X-Requested-With, Content-Type, Origin, Authorization, Accept, Client-Security-Token, Accept-Encoding
x-amz-cf-id: x620MtpSYQW7iKWevoTyySd7vUCXgsa9_lqG6M2ZYR6RLStCZYJtZg==
expires: Tue, 17 Oct 2023 15:19:23 GMT

GET
H2 200 styles.css
gt.usembassy.gov/wp-content/plugins/contact-form-7/includes/css/ 3 KB
3 KB 21ms
18ms Stylesheet
text/css 2600:9000:223c:6e00:3:228f:7440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gt.usembassy.gov/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.8.1

Requested by

Host: gt.usembassy.gov
URL: https://gt.usembassy.gov/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223c:6e00:3:228f:7440:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

ab21762c3f447aa08cbefd5ea3866165f925bd5058a9ae19e23721462de6fb60

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gt.usembassy.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 04:36:13 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
via: 1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 81784
x-amz-cf-pop: FRA56-P2
x-cache: Hit from cloudfront
last-modified: Sun, 19 Feb 2023 04:35:00 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: https://travel.state.gov
cache-control: max-age=691200
accept-ranges: bytes
access-control-allow-headers: X-Requested-With, Content-Type, Origin, Authorization, Accept, Client-Security-Token, Accept-Encoding
x-amz-cf-id: isL75LwlR74lbrnGYuMlUrCHiXzF1EGDsarVrawbuLoVl8M9V0mRHA==
expires: Fri, 20 Oct 2023 04:36:13 GMT

GET
H2 200 style.css
gt.usembassy.gov/wp-content/plugins/cf7-conditional-fields/ 2 KB
2 KB 21ms
19ms Stylesheet
text/css 2600:9000:223c:6e00:3:228f:7440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gt.usembassy.gov/wp-content/plugins/cf7-conditional-fields/style.css?ver=2.3.10

Requested by

Host: gt.usembassy.gov
URL: https://gt.usembassy.gov/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223c:6e00:3:228f:7440:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

cedc9155263d1f634191e71f3c9ce256b315f833e375739ed0e65087996428cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gt.usembassy.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 12:55:25 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
via: 1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 224632
x-amz-cf-pop: FRA56-P2
x-cache: Hit from cloudfront
last-modified: Sun, 11 Dec 2022 15:17:12 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: https://travel.state.gov
cache-control: max-age=691200
accept-ranges: bytes
access-control-allow-headers: X-Requested-With, Content-Type, Origin, Authorization, Accept, Client-Security-Token, Accept-Encoding
x-amz-cf-id: 3iRUx3q6DJsqO16aSPE4jmVg4KBBl6TLLEh-SLIfzXcszLX0VoiAsQ==
expires: Wed, 18 Oct 2023 12:55:25 GMT

GET
H2 200 slick.min.css
cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/ 2 KB
1 KB 169ms
14ms Stylesheet
text/css 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/slick.min.css?ver=1696612542

Requested by

Host: gt.usembassy.gov
URL: https://gt.usembassy.gov/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce54d767f01eb9114389e6ef95a27fe04211a98a4a7a0a4a6a56cb9274656e63

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gt.usembassy.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 03:19:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 17856719
x-jsd-version: 1.8.1
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230064-FRA, cache-yyz4542-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"684-GF2HLIFihozHz5lQusuuoPZJs88"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ekd6AEuylMxgE08i5OXHr7FU2NFTU6%2B%2Fh2d3Sbn1yxApk6SwyMGhD6Lral5i%2BoZ2SqWz2fKhvYzczhdaHGgckEQbG4WItQcI6SSFU%2FjRmU%2FVjGUxKk9tDT9o5OVe5gVUr%2FzCl2%2BZFkaUOfvteCw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 815470ad7d6c0414-FRA

GET
H2 200 slick-theme.min.css
cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/ 3 KB
1 KB 174ms
19ms Stylesheet
text/css 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/slick-theme.min.css?ver=1696612542

Requested by

Host: gt.usembassy.gov
URL: https://gt.usembassy.gov/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a3166ddd944effa0090cab36a67512a7bccb8ae0c62488c07862568d9f5697c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gt.usembassy.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 03:19:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 15806327
x-jsd-version: 1.8.1
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230138-FRA, cache-jnb7022-JNB
x-jsd-version-type: version
server: cloudflare
etag: W/"a8d-r8Y5IYv5SkLyJ6agYlQ7jaREjpU"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7VoDXbaaydRouHguxuKVTgRWQYjZ%2F2tWBEzfZgwh4KBrCVzDz4ysdIOMr%2Bx5bLXtlQOQ0i06tmHIailSx06ju57GnGjVdddeE1jMYFG88mnu%2F92F0UATExDOkCzjPuD8f0u11aIOdT6pnVGMaqs%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 815470ad7d6a0414-FRA

GET
H2 200 css
fonts.googleapis.com/ 26 KB
2 KB 180ms
23ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=EB+Garamond:italic,bold,200,400,500,600,700%7COpen+Sans:italic,bold,200,400,500,600,700&display=swap

Requested by

Host: gt.usembassy.gov
URL: https://gt.usembassy.gov/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6dd96918803094b8af6983e83552fde86104da7ef2934a6b6393eb286e9c4f2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gt.usembassy.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 13 Oct 2023 03:19:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 13 Oct 2023 03:19:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 13 Oct 2023 03:19:17 GMT

GET
H2 200 mwp.min.css
gt.usembassy.gov/wp-content/themes/mwp/css/ 238 KB
36 KB 19ms
16ms Stylesheet
text/css 2600:9000:223c:6e00:3:228f:7440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gt.usembassy.gov/wp-content/themes/mwp/css/mwp.min.css?ver=1696612542

Requested by

Host: gt.usembassy.gov
URL: https://gt.usembassy.gov/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223c:6e00:3:228f:7440:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

d13950523af91285df5b6bfc9e6089592af57c65c13899afd966e583c533b5ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gt.usembassy.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 04:36:13 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
x-content-type-options: nosniff
via: 1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
age: 81784
x-amz-cf-pop: FRA56-P2
x-cache: Hit from cloudfront
last-modified: Fri, 06 Oct 2023 17:15:43 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: https://travel.state.gov
cache-control: max-age=691200
x-frame-options: SAMEORIGIN
access-control-allow-headers: X-Requested-With, Content-Type, Origin, Authorization, Accept, Client-Security-Token, Accept-Encoding
x-amz-cf-id: STZYz_ZoMqzSqsxOTBLvcXQrPlNGBGUZaV_3AuzoJKs8vAD1bN3UzA==
expires: Fri, 20 Oct 2023 04:36:13 GMT

GET
H2 200 bootstrap.min.css
gt.usembassy.gov/wp-content/themes/mwp/bootstrap/css/ 157 KB
157 KB 32ms
30ms Stylesheet
text/css 2600:9000:223c:6e00:3:228f:7440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gt.usembassy.gov/wp-content/themes/mwp/bootstrap/css/bootstrap.min.css?ver=4.0

Requested by

Host: gt.usembassy.gov
URL: https://gt.usembassy.gov/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223c:6e00:3:228f:7440:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

5b0fbe5b7ad705f6a937c4998ad02f73d8f0d976fe231b74aef0ec996990c93a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gt.usembassy.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 15:19:23 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
via: 1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 302394
x-amz-cf-pop: FRA56-P2
x-cache: Hit from cloudfront
last-modified: Mon, 11 Sep 2023 20:46:31 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: https://travel.state.gov
cache-control: max-age=691200
accept-ranges: bytes
access-control-allow-headers: X-Requested-With, Content-Type, Origin, Authorization, Accept, Client-Security-Token, Accept-Encoding
x-amz-cf-id: iIqsIpJY-HVnnnnSftpwt_P24wd34nnrlL5tyZEVOsmCLxE4Gz5BAw==
expires: Tue, 17 Oct 2023 15:19:23 GMT

GET
H2 200 all.css
use.fontawesome.com/releases/v5.15.3/css/ 58 KB
13 KB 170ms
16ms Stylesheet
text/css 2606:4700:e0::ac40:660b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.15.3/css/all.css?ver=5.15.3
Requested by: Host: gt.usembassy.gov
URL: https://gt.usembassy.gov/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:660b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d87ddf917b7a1449ab45e2b8e3c98354629bdd65b6659c37e6023bbea1ce1386

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gt.usembassy.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 03:19:17 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: D4HEPK7MGSA1VS6D
age: 1110969
alt-svc: h3=":443"; ma=86400
x-amz-id-2: JqSy8zyrdhRDbGgk17IZVnBiKWxEIkCnTfgruqg+TYipx/bkg9A/FGJgxXRFpwjWCdXpJXnjWBQ=
last-modified: Wed, 30 Jun 2021 15:41:15 GMT
server: cloudflare
etag: W/"74bab4578692993514e7f882cc15c218"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6ak2h%2B0a5GqKckiRTVETkxbmSvXZNpEdydaFZpSv8ucxpFuOBprd22XuDIQBXEPn4UIyM6vJEzpt6W7cB%2BUl8rplJ1S1YVKnRujVUWw3LR9hDsZLpwUcQW32lAayTjqLELZ2eSg6qSN%2F7DDboNCGOfln"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 815470ad78525c74-FRA

GET
H2 200 footer.min.css
gt.usembassy.gov/wp-content/themes/mwp/css/header-footer/ 2 KB
1 KB 20ms
18ms Stylesheet
text/css 2600:9000:223c:6e00:3:228f:7440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gt.usembassy.gov/wp-content/themes/mwp/css/header-footer/footer.min.css?ver=1696612547

Requested by

Host: gt.usembassy.gov
URL: https://gt.usembassy.gov/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223c:6e00:3:228f:7440:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

fe0cd2ebc678fd12559c16cccd9048f8a016eea1be807f550ffa793d0004184c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gt.usembassy.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 04:36:13 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
x-content-type-options: nosniff
via: 1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
age: 81784
x-amz-cf-pop: FRA56-P2
x-cache: Hit from cloudfront
last-modified: Fri, 06 Oct 2023 17:15:47 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: https://travel.state.gov
cache-control: max-age=691200
x-frame-options: SAMEORIGIN
access-control-allow-headers: X-Requested-With, Content-Type, Origin, Authorization, Accept, Client-Security-Token, Accept-Encoding
x-amz-cf-id: pGIb5a9-21tkqyuPg5aOI0BH9T75ppu0bc083N8Vv56VHnny3dpgjw==
expires: Fri, 20 Oct 2023 04:36:13 GMT

GET
H2 200 alert.min.css
gt.usembassy.gov/wp-content/themes/mwp/css/header-footer/ 1 KB
1 KB 30ms
28ms Stylesheet
text/css 2600:9000:223c:6e00:3:228f:7440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gt.usembassy.gov/wp-content/themes/mwp/css/header-footer/alert.min.css?ver=1696612547

Requested by

Host: gt.usembassy.gov
URL: https://gt.usembassy.gov/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223c:6e00:3:228f:7440:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

0f82fb588f66c83a37186ac3081f27c63e4e0bc4f5a452c98f2327fd33052b80

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gt.usembassy.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 04:36:13 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
x-content-type-options: nosniff
via: 1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
age: 81784
x-amz-cf-pop: FRA56-P2
x-cache: Hit from cloudfront
last-modified: Fri, 06 Oct 2023 17:15:47 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: https://travel.state.gov
cache-control: max-age=691200
x-frame-options: SAMEORIGIN
access-control-allow-headers: X-Requested-With, Content-Type, Origin, Authorization, Accept, Client-Security-Token, Accept-Encoding
x-amz-cf-id: q-nNMHTkLy4ftuZbuftOu7JaoYlw_SHP0BotAiWILf9C5ps4Ww2KRQ==
expires: Fri, 20 Oct 2023 04:36:13 GMT

GET
H2 200 callout.min.css
gt.usembassy.gov/wp-content/themes/mwp/css/callout/ 13 KB
3 KB 30ms
29ms Stylesheet
text/css 2600:9000:223c:6e00:3:228f:7440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gt.usembassy.gov/wp-content/themes/mwp/css/callout/callout.min.css?ver=1696612543

Requested by

Host: gt.usembassy.gov
URL: https://gt.usembassy.gov/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223c:6e00:3:228f:7440:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

ac08fa8b565329cd5398c2f7f1cc58ae7d6ffbdb422f6cea1d387200c1226977

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gt.usembassy.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 04:36:13 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
x-content-type-options: nosniff
via: 1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
age: 81784
x-amz-cf-pop: FRA56-P2
x-cache: Hit from cloudfront
last-modified: Fri, 06 Oct 2023 17:15:43 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: https://travel.state.gov
cache-control: max-age=691200
x-frame-options: SAMEORIGIN
access-control-allow-headers: X-Requested-With, Content-Type, Origin, Authorization, Accept, Client-Security-Token, Accept-Encoding
x-amz-cf-id: CTcbrfa32XwIJT7Q2Rwnpe44DW9NJmLA96pDfK9fYERVRASZE4nHew==
expires: Fri, 20 Oct 2023 04:36:13 GMT

GET
H2 200 default.css
gt.usembassy.gov/wp-content/plugins/tablepress/css/build/ 6 KB
7 KB 36ms
34ms Stylesheet
text/css 2600:9000:223c:6e00:3:228f:7440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gt.usembassy.gov/wp-content/plugins/tablepress/css/build/default.css?ver=2.1.7

Requested by

Host: gt.usembassy.gov
URL: https://gt.usembassy.gov/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223c:6e00:3:228f:7440:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

8c10bfd761676feda6e280e0d31794b1a8d21279f437ddb817a708d6fe0b72db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gt.usembassy.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 15:19:23 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
via: 1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 302394
x-amz-cf-pop: FRA56-P2
x-cache: Hit from cloudfront
last-modified: Tue, 15 Aug 2023 07:47:24 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: https://travel.state.gov
cache-control: max-age=691200
accept-ranges: bytes
access-control-allow-headers: X-Requested-With, Content-Type, Origin, Authorization, Accept, Client-Security-Token, Accept-Encoding
x-amz-cf-id: y5_9nDSW4p5I2ze3s7rI7Q5m7Py2_QoDJNVo85wdB1Xupr_Udq50nA==
expires: Tue, 17 Oct 2023 15:19:23 GMT

GET
H2 200 leaflet.fullscreen.css
gt.usembassy.gov/wp-content/plugins/osmapper/assets/css/ 1014 B
2 KB 37ms
36ms Stylesheet
text/css 2600:9000:223c:6e00:3:228f:7440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gt.usembassy.gov/wp-content/plugins/osmapper/assets/css/leaflet.fullscreen.css?ver=2.1.5

Requested by

Host: gt.usembassy.gov
URL: https://gt.usembassy.gov/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223c:6e00:3:228f:7440:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

14081cbfbe75fa8cffb0a01681eb68a7486ba0ec7837b34926159b6951d8e646

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gt.usembassy.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 12:55:25 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
via: 1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 224632
x-amz-cf-pop: FRA56-P2
x-cache: Hit from cloudfront
last-modified: Mon, 11 Sep 2023 20:48:38 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: https://travel.state.gov
cache-control: max-age=691200
accept-ranges: bytes
access-control-allow-headers: X-Requested-With, Content-Type, Origin, Authorization, Accept, Client-Security-Token, Accept-Encoding
x-amz-cf-id: pDiPkt9Zm5KOHU7hE6NYe-HLKADadskMdHqrkYRiv8zqTufbtSYe1Q==
expires: Wed, 18 Oct 2023 12:55:25 GMT

GET
H2 200 ba_map_renderer.css
gt.usembassy.gov/wp-content/plugins/osmapper/assets/css/ 11 KB
12 KB 37ms
35ms Stylesheet
text/css 2600:9000:223c:6e00:3:228f:7440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gt.usembassy.gov/wp-content/plugins/osmapper/assets/css/ba_map_renderer.css?ver=2.1.5

Requested by

Host: gt.usembassy.gov
URL: https://gt.usembassy.gov/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223c:6e00:3:228f:7440:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

19082314f12786c3c514253f2572ec0f8f0927394e59ade62b78dcd5dde1162c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gt.usembassy.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 12:55:25 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
via: 1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 224632
x-amz-cf-pop: FRA56-P2
x-cache: Hit from cloudfront
last-modified: Mon, 11 Sep 2023 20:48:38 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: https://travel.state.gov
cache-control: max-age=691200
accept-ranges: bytes
access-control-allow-headers: X-Requested-With, Content-Type, Origin, Authorization, Accept, Client-Security-Token, Accept-Encoding
x-amz-cf-id: -4pwsgjWMNQGSHl1kIUujuxuyKzKOIDnWHjSW2cS1G6HMhZrfgUbHw==
expires: Wed, 18 Oct 2023 12:55:25 GMT

GET
H2 200 default-styles.css
gt.usembassy.gov/wp-content/plugins/post-content-shortcodes/styles/ 1 KB
2 KB 36ms
35ms Stylesheet
text/css 2600:9000:223c:6e00:3:228f:7440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gt.usembassy.gov/wp-content/plugins/post-content-shortcodes/styles/default-styles.css?ver=1.0

Requested by

Host: gt.usembassy.gov
URL: https://gt.usembassy.gov/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223c:6e00:3:228f:7440:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

15828bb8b056b9a331c6ce02f9b5ac52abba8e04f957d3d892c29f057a2f5f38

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gt.usembassy.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 12:55:25 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
via: 1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 224632
x-amz-cf-pop: FRA56-P2
x-cache: Hit from cloudfront
last-modified: Mon, 11 Sep 2023 20:48:39 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: https://travel.state.gov
cache-control: max-age=691200
accept-ranges: bytes
access-control-allow-headers: X-Requested-With, Content-Type, Origin, Authorization, Accept, Client-Security-Token, Accept-Encoding
x-amz-cf-id: nzCf3fd6BK62NM2rtZgjkebLHT0EpY10kCZj4TeX-rCs8cTp1RZwVw==
expires: Wed, 18 Oct 2023 12:55:25 GMT

GET
H2 200 jquery.min.js Show response
gt.usembassy.gov/wp-includes/js/jquery/ 85 KB
86 KB 96ms
84ms Script
application/javascript 2600:9000:223c:6e00:3:228f:7440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gt.usembassy.gov/wp-includes/js/jquery/jquery.min.js?ver=3.7.0

Requested by

Host: gt.usembassy.gov
URL: https://gt.usembassy.gov/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223c:6e00:3:228f:7440:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gt.usembassy.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 04:36:13 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
via: 1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 81784
x-amz-cf-pop: FRA56-P2
x-cache: Hit from cloudfront
last-modified: Tue, 29 Aug 2023 14:28:14 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: https://travel.state.gov
cache-control: max-age=691200
accept-ranges: bytes
access-control-allow-headers: X-Requested-With, Content-Type, Origin, Authorization, Accept, Client-Security-Token, Accept-Encoding
x-amz-cf-id: G_3VClQR9QAV5hA2Mhy5dSCoKevMO8kzojFnUlMxmJoIJXSkG68D-g==
expires: Fri, 20 Oct 2023 04:36:13 GMT

GET
H2 200 jquery-migrate.min.js Show response
gt.usembassy.gov/wp-includes/js/jquery/ 13 KB
14 KB 95ms
82ms Script
application/javascript 2600:9000:223c:6e00:3:228f:7440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gt.usembassy.gov/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: gt.usembassy.gov
URL: https://gt.usembassy.gov/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223c:6e00:3:228f:7440:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gt.usembassy.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 04:36:13 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
via: 1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 81784
x-amz-cf-pop: FRA56-P2
x-cache: Hit from cloudfront
last-modified: Tue, 29 Aug 2023 14:28:14 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: https://travel.state.gov
cache-control: max-age=691200
accept-ranges: bytes
access-control-allow-headers: X-Requested-With, Content-Type, Origin, Authorization, Accept, Client-Security-Token, Accept-Encoding
x-amz-cf-id: krbSGwKmCtCcYYaKP9rd2dYdKiYeJJVQ_nDmBhq37kbBniOzuI00Ag==
expires: Fri, 20 Oct 2023 04:36:13 GMT

GET
H2 200 Universal-Federated-Analytics-Min.js Show response
dap.digitalgov.gov/ 24 KB
7 KB 118ms
9ms Script
application/javascript 2600:9000:211e:2e00:5:83ea:ba80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dap.digitalgov.gov/Universal-Federated-Analytics-Min.js?agency=DOS
Requested by: Host: gt.usembassy.gov
URL: https://gt.usembassy.gov/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:2e00:5:83ea:ba80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5aa160ad964402d622c0032f2a12db80a9fa54808305e6ccacf3b4e0db562251

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gt.usembassy.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 05:40:23 GMT
x-amz-version-id: zyZrzqhK15RgOdA9RDCbP8yYgwnv7CPf
content-encoding: gzip
last-modified: Thu, 21 Sep 2023 01:19:04 GMT
server: AmazonS3
via: 1.1 28b0f9ae51406f70504a784d296a3a48.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
etag: W/"36612be2a6ccaefd48af22240f0c4f35"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
age: 77935
x-amz-replication-status: COMPLETED
x-amz-cf-id: vH7Dy1nLpX5ycqQP4YQKNQBiTPclKT1iYgNdai33N6AnXUKqOc02qg==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 298 KB
93 KB 103ms
48ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-RH13VY8T2N

Requested by

Host: gt.usembassy.gov
URL: https://gt.usembassy.gov/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

02189a52015a8f835341b3b5200facfdb1ca1ccd9f948aa077737f7e698862f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gt.usembassy.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 03:19:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 95565
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 13 Oct 2023 03:19:17 GMT

GET
H2 200 official-flag.png
gt.usembassy.gov/wp-content/themes/mwp/images/flags/ 526 B
1 KB 101ms
89ms Image
image/png 2600:9000:223c:6e00:3:228f:7440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gt.usembassy.gov/wp-content/themes/mwp/images/flags/official-flag.png

Requested by

Host: gt.usembassy.gov
URL: https://gt.usembassy.gov/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223c:6e00:3:228f:7440:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

6c279cc4e37124eea5498dac89af9392a67bfba3251b3b2bde42c7cd24b91ce9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gt.usembassy.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 12:55:25 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
via: 1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 224632
x-amz-cf-pop: FRA56-P2
x-cache: Hit from cloudfront
last-modified: Mon, 11 Sep 2023 20:46:31 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: https://travel.state.gov
cache-control: max-age=31536000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With, Content-Type, Origin, Authorization, Accept, Client-Security-Token, Accept-Encoding
x-amz-cf-id: Pqx7iTm5sRHGWQiD-yZBVmQvhXJoCngmzuvdElKp3HHly36wKmxnGg==
expires: Wed, 18 Oct 2023 12:55:25 GMT

GET
H2 200 icon-dot-gov.svg
gt.usembassy.gov/wp-content/themes/mwp/images/ 801 B
1 KB 105ms
93ms Image
image/svg+xml 2600:9000:223c:6e00:3:228f:7440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gt.usembassy.gov/wp-content/themes/mwp/images/icon-dot-gov.svg

Requested by

Host: gt.usembassy.gov
URL: https://gt.usembassy.gov/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223c:6e00:3:228f:7440:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

abf32703b4062c09d6fd3f4ffd7f8344f7806f2ed5ff2c1e496950f8a948e0d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gt.usembassy.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
date: Fri, 13 Oct 2023 03:19:17 GMT
via: 1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 237
x-amz-cf-pop: FRA56-P2
x-cache: Hit from cloudfront
last-modified: Fri, 06 Oct 2023 17:12:37 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: https://travel.state.gov
cache-control: max-age=31536000
x-frame-options: SAMEORIGIN
accept-ranges: bytes
access-control-allow-headers: X-Requested-With, Content-Type, Origin, Authorization, Accept, Client-Security-Token, Accept-Encoding
x-amz-cf-id: c90Gono64sh7M4ZepUwhksquMrFcKrVrICRZViIuZtQ_r6x67Nwfjg==
expires: Fri, 13 Oct 2023 03:25:20 GMT

GET
H2 200 icon-https.svg
gt.usembassy.gov/wp-content/themes/mwp/images/ 721 B
1 KB 149ms
137ms Image
image/svg+xml 2600:9000:223c:6e00:3:228f:7440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gt.usembassy.gov/wp-content/themes/mwp/images/icon-https.svg

Requested by

Host: gt.usembassy.gov
URL: https://gt.usembassy.gov/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223c:6e00:3:228f:7440:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

1494e5406e929e7e84bb6cb5e3289d41d1f121a49697af982f692cb54e3ce026

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gt.usembassy.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
date: Fri, 13 Oct 2023 03:19:17 GMT
via: 1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-P2
x-cache: RefreshHit from cloudfront
last-modified: Fri, 06 Oct 2023 17:12:37 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: https://travel.state.gov
cache-control: max-age=31536000
x-frame-options: SAMEORIGIN
accept-ranges: bytes
access-control-allow-headers: X-Requested-With, Content-Type, Origin, Authorization, Accept, Client-Security-Token, Accept-Encoding
x-amz-cf-id: OPSyGicqf6oktGl6oCbKDUnheg0Vc6zXB4dLF4VEzF0sOg6g-CV4DA==
expires: Fri, 13 Oct 2023 03:29:17 GMT

GET
H2 200 use-guatemala-city-seal-24bit.png
uploads.mwp.mprod.getusinfo.com/uploads/sites/40/2022/02/ 15 KB
16 KB 35ms
23ms Image
image/png 2600:9000:2240:1a00:6:d944:3c80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uploads.mwp.mprod.getusinfo.com/uploads/sites/40/2022/02/use-guatemala-city-seal-24bit.png
Requested by: Host: gt.usembassy.gov
URL: https://gt.usembassy.gov/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:1a00:6:d944:3c80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1ca481b34a29c88eb4846fd74664a7f3a4aead233646650224d1f08a3a600709

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gt.usembassy.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 27 May 2023 15:55:10 GMT
x-amz-version-id: EbqtLJ3ICLAvzjCOm9kJRA9Pf9L_fPgr
via: 1.1 cb0a9b0d01a1b0cc9278d9875ce23c92.cloudfront.net (CloudFront)
last-modified: Thu, 03 Feb 2022 07:08:49 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
age: 11964248
etag: "434b927338f671f2c8bf5b136819157f"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 15679
x-amz-cf-id: hs2_3OfaH7iMxvTVz0UkRnGPc6sAT88VZ0ShCy2CKWuORsHv9WGT3w==

GET
H2 200 nav-logo.png
gt.usembassy.gov/wp-content/themes/mwp/images/ 46 KB
46 KB 38ms
36ms Image
image/png 2600:9000:223c:6e00:3:228f:7440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gt.usembassy.gov/wp-content/themes/mwp/images/nav-logo.png

Requested by

Host: gt.usembassy.gov
URL: https://gt.usembassy.gov/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223c:6e00:3:228f:7440:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

941b41c4c47ada4795be098c7f6904457d086843b2b0c8c3683a037b8baf7d7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gt.usembassy.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 12:55:26 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
via: 1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 224631
x-amz-cf-pop: FRA56-P2
x-cache: Hit from cloudfront
last-modified: Mon, 11 Sep 2023 20:46:31 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: https://travel.state.gov
cache-control: max-age=31536000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With, Content-Type, Origin, Authorization, Accept, Client-Security-Token, Accept-Encoding
x-amz-cf-id: 0VyOy-tMWaXXhjg7n1jhzfdIIGo2vWZCwh_uK-fRAsvLV1c5W9IIxw==
expires: Wed, 18 Oct 2023 12:55:26 GMT

GET
H2 200 Website-Banner-Oct-10_v2-6.png
uploads.mwp.mprod.getusinfo.com/uploads/sites/40/2023/10/ 676 KB
677 KB 164ms
9ms Image
image/png 2600:9000:2240:1a00:6:d944:3c80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uploads.mwp.mprod.getusinfo.com/uploads/sites/40/2023/10/Website-Banner-Oct-10_v2-6.png
Requested by: Host: gt.usembassy.gov
URL: https://gt.usembassy.gov/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:1a00:6:d944:3c80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 872a300eab205ed04bac3413d3c9503c157abc5130b73838451062f45461af89

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gt.usembassy.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 21:21:55 GMT
x-amz-version-id: kQYTlDR7k2LrFWS2eJYtSIx86jXVNk_U
via: 1.1 cb0a9b0d01a1b0cc9278d9875ce23c92.cloudfront.net (CloudFront)
last-modified: Wed, 11 Oct 2023 20:56:34 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
age: 107843
etag: "4f54cddea9833c55f8687967fe4877ac"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 692272
x-amz-cf-id: DYpXelVg1Ek5AyvFtGROV8Rhor3oG4-DVrgRmTvCHna-lPhAQgz0JQ==

GET
H2 200 post_no_image_BG.png
gt.usembassy.gov/wp-content/themes/mwp/images/ 4 KB
5 KB 16ms
15ms Image
image/png 2600:9000:223c:6e00:3:228f:7440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gt.usembassy.gov/wp-content/themes/mwp/images/post_no_image_BG.png

Requested by

Host: gt.usembassy.gov
URL: https://gt.usembassy.gov/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223c:6e00:3:228f:7440:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

3be47a6a2507caafd50ffa34bd1b13afa99c863d445e41b3cdf94519057a988b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gt.usembassy.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 07:26:02 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
via: 1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 71595
x-amz-cf-pop: FRA56-P2
x-cache: Hit from cloudfront
last-modified: Fri, 06 Oct 2023 17:12:37 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: https://travel.state.gov
cache-control: max-age=31536000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With, Content-Type, Origin, Authorization, Accept, Client-Security-Token, Accept-Encoding
x-amz-cf-id: y5GlEq9jBWvY7yYOPDL_RgbCFWNZbPryU5Hah98E4QgWHh9AN_WqIA==
expires: Fri, 20 Oct 2023 07:26:02 GMT

GET
H2 200 Pagina-interna-web-9-2.jpg
uploads.mwp.mprod.getusinfo.com/uploads/sites/40/2022/03/ 47 KB
48 KB 24ms
24ms Image
image/jpeg 2600:9000:2240:1a00:6:d944:3c80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uploads.mwp.mprod.getusinfo.com/uploads/sites/40/2022/03/Pagina-interna-web-9-2.jpg
Requested by: Host: gt.usembassy.gov
URL: https://gt.usembassy.gov/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:1a00:6:d944:3c80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: caad511a42b6f2f26d60408c8e9c70f6939396cceba9cc7638c6be0dd14a5d80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gt.usembassy.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 23 May 2023 06:42:46 GMT
x-amz-version-id: kjTbiqc1J9xEoencs0D_H2dKT3.eBmIP
via: 1.1 cb0a9b0d01a1b0cc9278d9875ce23c92.cloudfront.net (CloudFront)
last-modified: Mon, 28 Mar 2022 20:05:02 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
age: 12342992
etag: "22f7b0a39153688f9878434365797476"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 48381
x-amz-cf-id: f290ACMXewKrwr7DcZMpw0Y5Ccw-yoIv_Lqz73nMhOXW54Dv5MTtgA==

GET
H2 200 2.png
uploads.mwp.mprod.getusinfo.com/uploads/sites/40/2022/08/ 284 KB
284 KB 21ms
21ms Image
image/png 2600:9000:2240:1a00:6:d944:3c80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uploads.mwp.mprod.getusinfo.com/uploads/sites/40/2022/08/2.png
Requested by: Host: gt.usembassy.gov
URL: https://gt.usembassy.gov/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:1a00:6:d944:3c80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0a80a277bfe3e9832cd9a2bc0dde39aa851b47aa6ef819f7e02b0c79aecbdf9a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gt.usembassy.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 22:48:48 GMT
x-amz-version-id: 5.bOkc5yrkctKlC2tMDALzyuaudtF3_n
via: 1.1 cb0a9b0d01a1b0cc9278d9875ce23c92.cloudfront.net (CloudFront)
last-modified: Wed, 03 Aug 2022 15:26:11 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
age: 6755430
etag: "6482262814e047f348f8668c0f015f78"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 290465
x-amz-cf-id: 6bW7E2GGXRNcddhfBcwVZaNafewvk8A8aYuvCDc5eEimx_PCsSsDxQ==

GET
H2 200 Message-for-US-Cits.png
uploads.mwp.mprod.getusinfo.com/uploads/sites/40/2022/08/ 288 KB
289 KB 23ms
11ms Image
image/png 2600:9000:2240:1a00:6:d944:3c80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uploads.mwp.mprod.getusinfo.com/uploads/sites/40/2022/08/Message-for-US-Cits.png
Requested by: Host: gt.usembassy.gov
URL: https://gt.usembassy.gov/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:1a00:6:d944:3c80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0e1113b375cdb32913e1d6bb0d7948ee3fa5397927b85650dd198302cae973a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gt.usembassy.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 00:29:09 GMT
x-amz-version-id: .gbIBEaZU4vUeeH4Guh0hUdqvtkNcbSM
via: 1.1 cb0a9b0d01a1b0cc9278d9875ce23c92.cloudfront.net (CloudFront)
last-modified: Wed, 03 Aug 2022 16:23:44 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
age: 5453409
etag: "84936c28f14c65805600d793520d6f97"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 295207
x-amz-cf-id: wWqIKxcDuD40XsHJbD2QIZ7xdrojdwCSZusMBNkuTX9FIJKlb1CZPg==

GET
H2 200 State-Department-Logo-for-website-1140x684-1-1-e1694789724452.png
uploads.mwp.mprod.getusinfo.com/uploads/sites/40/2022/01/ 171 KB
171 KB 26ms
14ms Image
image/png 2600:9000:2240:1a00:6:d944:3c80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uploads.mwp.mprod.getusinfo.com/uploads/sites/40/2022/01/State-Department-Logo-for-website-1140x684-1-1-e1694789724452.png
Requested by: Host: gt.usembassy.gov
URL: https://gt.usembassy.gov/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:1a00:6:d944:3c80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 03762a5393b4899524ca8b6926285cf9761c709938e18559c4fd57f43de5dc3c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gt.usembassy.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:29:56 GMT
x-amz-version-id: VVcwTJFm033kkb.XULrIn1xbuXUlVdPN
via: 1.1 cb0a9b0d01a1b0cc9278d9875ce23c92.cloudfront.net (CloudFront)
last-modified: Fri, 15 Sep 2023 14:55:25 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
age: 2371762
etag: "55cdc7dc6e7d1a80028ee0a581c62efe"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 174874
x-amz-cf-id: 4lkUj1JMPCwV3YyQoptMzRQmj3YEwytJ2NOTj5yy6ljrhkMg1kAd8g==

GET
H2 200 map_pin.svg
gt.usembassy.gov/wp-content/themes/mwp/images/ 1 KB
2 KB 104ms
93ms Image
image/svg+xml 2600:9000:223c:6e00:3:228f:7440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gt.usembassy.gov/wp-content/themes/mwp/images/map_pin.svg

Requested by

Host: gt.usembassy.gov
URL: https://gt.usembassy.gov/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223c:6e00:3:228f:7440:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

a71798d6045a126f7550c88203b389e3b44272542301c3310ac52c39c6da76a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gt.usembassy.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 03:15:20 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
via: 1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 237
x-amz-cf-pop: FRA56-P2
x-cache: Hit from cloudfront
last-modified: Fri, 06 Oct 2023 17:12:37 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: https://travel.state.gov
cache-control: max-age=31536000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With, Content-Type, Origin, Authorization, Accept, Client-Security-Token, Accept-Encoding
x-amz-cf-id: ReY2kPI1j_Y-yy6gBVuZzXq8NuKm7kUkxTLkPfsJpoATw8Agntl9IA==
expires: Fri, 13 Oct 2023 03:25:20 GMT

GET
H2 200 New-Project.png
uploads.mwp.mprod.getusinfo.com/uploads/sites/40/2023/07/ 230 KB
231 KB 35ms
23ms Image
image/png 2600:9000:2240:1a00:6:d944:3c80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uploads.mwp.mprod.getusinfo.com/uploads/sites/40/2023/07/New-Project.png
Requested by: Host: gt.usembassy.gov
URL: https://gt.usembassy.gov/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:1a00:6:d944:3c80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2a43bf825796fd6f024966054ef4e53793a505d4fdde4ec0ea83cd59b3b72d36

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gt.usembassy.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 20:01:53 GMT
x-amz-version-id: OYQlv0Whbxaa5fOI4xqlqR734UhuK.Es
via: 1.1 cb0a9b0d01a1b0cc9278d9875ce23c92.cloudfront.net (CloudFront)
last-modified: Wed, 12 Jul 2023 18:14:06 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
age: 7975045
etag: "580c312babf2f7f0def71d10cf6ded85"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 235829
x-amz-cf-id: vHYjUEojGXFwy-63PFJeXJ5y01yBtkEJGXdbf_CHB1piW6DWlYkVdw==

GET
H2 200 HUMAN-RIGHTS-REPORT.png
uploads.mwp.mprod.getusinfo.com/uploads/sites/40/2023/03/ 107 KB
107 KB 37ms
25ms Image
image/png 2600:9000:2240:1a00:6:d944:3c80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uploads.mwp.mprod.getusinfo.com/uploads/sites/40/2023/03/HUMAN-RIGHTS-REPORT.png
Requested by: Host: gt.usembassy.gov
URL: https://gt.usembassy.gov/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:1a00:6:d944:3c80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d7632e98a95e126e3bbd823b5467e9d8746ff3c3f2c1f05983d639ef91de5f69

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gt.usembassy.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 21:11:20 GMT
x-amz-version-id: ofruXYz1ghVJXqfAeMHgd2excBX59Q9I
via: 1.1 cb0a9b0d01a1b0cc9278d9875ce23c92.cloudfront.net (CloudFront)
last-modified: Tue, 21 Mar 2023 17:33:54 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
age: 17734078
etag: "2db5536ca696e17e8ed748afc22f9e54"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 109455
x-amz-cf-id: DhkKQzbRGZTx0GsExUvY6fvColXJPPAf4H0DDa432XA_W8PFIJhkzg==

GET
H2 200 Screen-Shot-2022-08-12-at-12.40.15-PM.png
uploads.mwp.mprod.getusinfo.com/uploads/sites/40/2022/08/ 1 MB
1 MB 37ms
26ms Image
image/png 2600:9000:2240:1a00:6:d944:3c80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uploads.mwp.mprod.getusinfo.com/uploads/sites/40/2022/08/Screen-Shot-2022-08-12-at-12.40.15-PM.png
Requested by: Host: gt.usembassy.gov
URL: https://gt.usembassy.gov/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:1a00:6:d944:3c80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f119342c30c6bbb02d1d0d3c322722109a40808419ad15c2b1d0bca3a4e8565f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gt.usembassy.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 10:08:04 GMT
x-amz-version-id: WnE8Tk3X4iy8pMDYVzMIXJgqBDOOEVpH
via: 1.1 cb0a9b0d01a1b0cc9278d9875ce23c92.cloudfront.net (CloudFront)
last-modified: Fri, 12 Aug 2022 18:42:37 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
age: 3345073
etag: "2c922614f768194b31dee262e4de2da1"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 1567024
x-amz-cf-id: -UDxOyIzj7P5ZTJnivtnZH8ldsKmobh7ccbophyFP1PBGHZ6-xpluQ==

GET
H2 200 WhatsApp-Image-2022-07-19-at-4.44.12-PM-2-2.jpeg
uploads.mwp.mprod.getusinfo.com/uploads/sites/40/2022/07/ 104 KB
104 KB 37ms
26ms Image
image/jpeg 2600:9000:2240:1a00:6:d944:3c80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uploads.mwp.mprod.getusinfo.com/uploads/sites/40/2022/07/WhatsApp-Image-2022-07-19-at-4.44.12-PM-2-2.jpeg
Requested by: Host: gt.usembassy.gov
URL: https://gt.usembassy.gov/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:1a00:6:d944:3c80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1038a6cf48253f67f263e5b6135ca8f7a8de74bc0e165296ab04f1c177b2b24f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gt.usembassy.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 10:08:05 GMT
x-amz-version-id: QocCGYFCf35giFtYMiBZA0y3JxgXZRny
via: 1.1 cb0a9b0d01a1b0cc9278d9875ce23c92.cloudfront.net (CloudFront)
last-modified: Wed, 20 Jul 2022 00:00:52 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
age: 3345073
etag: "3901afc9fce36fe38d08c88744cea774"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 106403
x-amz-cf-id: kvrZaq43aGn4XLew-XH4HVUKVsNpf3iCX8mV9T9_AB-zgDnmDJzgwg==

GET
H2 200 IRFR-Report-Cover.jpeg
uploads.mwp.mprod.getusinfo.com/uploads/sites/40/2023/06/ 287 KB
287 KB 37ms
26ms Image
image/jpeg 2600:9000:2240:1a00:6:d944:3c80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uploads.mwp.mprod.getusinfo.com/uploads/sites/40/2023/06/IRFR-Report-Cover.jpeg
Requested by: Host: gt.usembassy.gov
URL: https://gt.usembassy.gov/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:1a00:6:d944:3c80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b8e368fc4d526e8918587b7d25894636fb6c7e82fe1dd6f4227ea398ffc479c5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gt.usembassy.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 01 Aug 2023 20:17:17 GMT
x-amz-version-id: xiS.6NnfHHrtE8CF6TbZrMA2qdNYt4OI
via: 1.1 cb0a9b0d01a1b0cc9278d9875ce23c92.cloudfront.net (CloudFront)
last-modified: Wed, 21 Jun 2023 22:20:12 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
age: 6246120
etag: "35afe70935dc173fbb2608d7de0cb693"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 293560
x-amz-cf-id: IKiD13GybxUVM81Q_JS-17Fs6Vq1ihbvIIrPzpWxCXN7c1e7kC4XDA==

GET
H2 200 Screen-Shot-2022-06-28-at-5.51.41-PM.png
uploads.mwp.mprod.getusinfo.com/uploads/sites/40/2022/06/ 145 KB
146 KB 37ms
26ms Image
image/png 2600:9000:2240:1a00:6:d944:3c80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uploads.mwp.mprod.getusinfo.com/uploads/sites/40/2022/06/Screen-Shot-2022-06-28-at-5.51.41-PM.png
Requested by: Host: gt.usembassy.gov
URL: https://gt.usembassy.gov/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:1a00:6:d944:3c80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 90f17d2b1bcf07b7589650fc779426d2cdcb4ad62af6fc156b2c7963a7d08410

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gt.usembassy.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 08:07:53 GMT
x-amz-version-id: IuHvvlFIg81HRaEgV9BYM2O9xsftrQmE
via: 1.1 cb0a9b0d01a1b0cc9278d9875ce23c92.cloudfront.net (CloudFront)
last-modified: Tue, 28 Jun 2022 23:56:08 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
age: 6894685
etag: "50ea96c603c6ff64e8501ca4d25b4104"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 148450
x-amz-cf-id: x_8y8NwxJfemrj1TV9HoSVXJz3XNybKOuizhJJtmxf6rTmJuzt2Fng==

GET
H2 200 2021-TIP-Cover-FINAL-1-scaled-e1625160761827.webp
uploads.mwp.mprod.getusinfo.com/uploads/sites/40/2020/12/ 171 KB
171 KB 37ms
27ms Image
image/webp 2600:9000:2240:1a00:6:d944:3c80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uploads.mwp.mprod.getusinfo.com/uploads/sites/40/2020/12/2021-TIP-Cover-FINAL-1-scaled-e1625160761827.webp
Requested by: Host: gt.usembassy.gov
URL: https://gt.usembassy.gov/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:1a00:6:d944:3c80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 18d5fc4234444c4dbf0aa3b103cadd1dc8a226c92cd5a24dd5205f2be39a81b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gt.usembassy.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 13:00:26 GMT
x-amz-version-id: mVBSLnkYHq1OhesPsfYFQLfdlNrX8mo4
via: 1.1 cb0a9b0d01a1b0cc9278d9875ce23c92.cloudfront.net (CloudFront)
last-modified: Thu, 23 Dec 2021 16:04:31 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
age: 6617931
etag: "fbf0cedf4334122624b859ac8b59169c"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 174750
x-amz-cf-id: 6qN20Qtm2FiefEXekZHswDfPw0nqJXjcLTDPXYK2oyu6KNX17a7k0A==

GET
H2 200 Policy-2000x1333-1.jpg
uploads.mwp.mprod.getusinfo.com/uploads/sites/40/2021/01/ 356 KB
357 KB 117ms
107ms Image
image/jpeg 2600:9000:2240:1a00:6:d944:3c80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uploads.mwp.mprod.getusinfo.com/uploads/sites/40/2021/01/Policy-2000x1333-1.jpg
Requested by: Host: gt.usembassy.gov
URL: https://gt.usembassy.gov/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:1a00:6:d944:3c80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4d1eb2621daa43e4cdd04c6712c7fd5d64db2e58fb2c379d5455c83590f687bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gt.usembassy.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 26 May 2023 17:58:10 GMT
x-amz-version-id: _CkXoxDdESx1VL2kXR9sgnmExY8ivJSr
via: 1.1 cb0a9b0d01a1b0cc9278d9875ce23c92.cloudfront.net (CloudFront)
last-modified: Thu, 23 Dec 2021 16:05:21 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
age: 12043268
etag: "d988c449a474d8f8f4cadc2c3b46555b"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 364947
x-amz-cf-id: fJ0Bf0uFNnm-EJWKpsuv4h2dmYR6lNQbH3uLbWEIZtPTLK9wvU2brQ==

GET
H2 200 History-2000x1246-1.jpg
uploads.mwp.mprod.getusinfo.com/uploads/sites/40/2021/01/ 449 KB
450 KB 125ms
115ms Image
image/jpeg 2600:9000:2240:1a00:6:d944:3c80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uploads.mwp.mprod.getusinfo.com/uploads/sites/40/2021/01/History-2000x1246-1.jpg
Requested by: Host: gt.usembassy.gov
URL: https://gt.usembassy.gov/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:1a00:6:d944:3c80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 30ee1a61e7d79a8e805e5dde8aea875574eba2f49b2c0b0f4b69ebf0f9ec3205

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gt.usembassy.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 13:15:33 GMT
x-amz-version-id: HTiyzGPCnwdYvS7dxVtTT2Ca8Kk0jpMy
via: 1.1 cb0a9b0d01a1b0cc9278d9875ce23c92.cloudfront.net (CloudFront)
last-modified: Thu, 23 Dec 2021 16:05:15 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
age: 10159425
etag: "a634625f9bf6621c495c2b2afb6bac29"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 459352
x-amz-cf-id: b5IVkdPmjuzunhOB-wpI9pir0SdRJ0lP9Hv8DYf2jKBfEpv-q6rN1g==

GET
H2 200 blogroll.min.css
gt.usembassy.gov/wp-content/themes/mwp/css/blocks/ 75 KB
6 KB 32ms
17ms Stylesheet
text/css 2600:9000:223c:6e00:3:228f:7440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gt.usembassy.gov/wp-content/themes/mwp/css/blocks/blogroll.min.css?ver=1696612544

Requested by

Host: gt.usembassy.gov
URL: https://gt.usembassy.gov/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223c:6e00:3:228f:7440:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

7109d22832ec20e1a3fcbc8a82063733f3484f7306cdfa9d5a341ebcbe432c51

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gt.usembassy.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 03:15:20 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
x-content-type-options: nosniff
via: 1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
age: 237
x-amz-cf-pop: FRA56-P2
x-cache: Hit from cloudfront
last-modified: Fri, 06 Oct 2023 17:15:44 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: https://travel.state.gov
cache-control: max-age=691200
x-frame-options: SAMEORIGIN
access-control-allow-headers: X-Requested-With, Content-Type, Origin, Authorization, Accept, Client-Security-Token, Accept-Encoding
x-amz-cf-id: 9mLD9f7iDVluqCu8Jpt7aspwk96ECiF9shOwdsQ1drC5RW35M-QlHw==
expires: Sat, 21 Oct 2023 03:15:20 GMT

GET
H2 200 blogroll-rtl.min.css
gt.usembassy.gov/wp-content/themes/mwp/css/blocks/ 4 KB
1 KB 43ms
28ms Stylesheet
text/css 2600:9000:223c:6e00:3:228f:7440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gt.usembassy.gov/wp-content/themes/mwp/css/blocks/blogroll-rtl.min.css?ver=1696612544

Requested by

Host: gt.usembassy.gov
URL: https://gt.usembassy.gov/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223c:6e00:3:228f:7440:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

13ab1f2ba6f86dd27e2500ac6402318346f385aac257e3d377bf100613516031

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gt.usembassy.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 03:15:20 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
x-content-type-options: nosniff
via: 1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
age: 237
x-amz-cf-pop: FRA56-P2
x-cache: Hit from cloudfront
last-modified: Fri, 06 Oct 2023 17:15:44 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: https://travel.state.gov
cache-control: max-age=691200
x-frame-options: SAMEORIGIN
access-control-allow-headers: X-Requested-With, Content-Type, Origin, Authorization, Accept, Client-Security-Token, Accept-Encoding
x-amz-cf-id: ONgvErpPvKqFzKEjcYaqRrBRGtJsJQTjvHbtfRCDVZS1zT-0vp3QLg==
expires: Sat, 21 Oct 2023 03:15:20 GMT

GET
H2 200 i-want-to.min.css
gt.usembassy.gov/wp-content/themes/mwp/css/blocks/ 2 KB
1 KB 43ms
28ms Stylesheet
text/css 2600:9000:223c:6e00:3:228f:7440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gt.usembassy.gov/wp-content/themes/mwp/css/blocks/i-want-to.min.css?ver=1696612545

Requested by

Host: gt.usembassy.gov
URL: https://gt.usembassy.gov/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223c:6e00:3:228f:7440:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

9e4c673675b25b9fcfae558083927850991ce9b96d2997ea5a232e94dc9ee0da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gt.usembassy.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 03:15:20 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
x-content-type-options: nosniff
via: 1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
age: 237
x-amz-cf-pop: FRA56-P2
x-cache: Hit from cloudfront
last-modified: Fri, 06 Oct 2023 17:15:45 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: https://travel.state.gov
cache-control: max-age=691200
x-frame-options: SAMEORIGIN
access-control-allow-headers: X-Requested-With, Content-Type, Origin, Authorization, Accept, Client-Security-Token, Accept-Encoding
x-amz-cf-id: yypID7ONGNduMoGuhQYdUKdjM-ybCYmbxndgJIZMwGltxDnzkP7vhA==
expires: Sat, 21 Oct 2023 03:15:20 GMT

GET
H2 200 i-want-to-rtl.min.css
gt.usembassy.gov/wp-content/themes/mwp/css/blocks/ 106 B
709 B 47ms
32ms Stylesheet
text/css 2600:9000:223c:6e00:3:228f:7440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gt.usembassy.gov/wp-content/themes/mwp/css/blocks/i-want-to-rtl.min.css?ver=1696612545

Requested by

Host: gt.usembassy.gov
URL: https://gt.usembassy.gov/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223c:6e00:3:228f:7440:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

c4a21e99afbd547fb4eae2509ee2201baaef2227eea1cae41c5cf8e8bd06b762

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gt.usembassy.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 03:15:20 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
via: 1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 237
x-amz-cf-pop: FRA56-P2
x-cache: Hit from cloudfront
content-length: 106
last-modified: Fri, 06 Oct 2023 17:15:45 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: https://travel.state.gov
cache-control: max-age=691200
accept-ranges: bytes
access-control-allow-headers: X-Requested-With, Content-Type, Origin, Authorization, Accept, Client-Security-Token, Accept-Encoding
x-amz-cf-id: D6Wgj5LHocOQaq1mAbnExEzC2IaOqCJ3NXnmtTsONNKB3F8iM0By_w==
expires: Sat, 21 Oct 2023 03:15:20 GMT

GET
H2 200 leadership-carousel.min.css
gt.usembassy.gov/wp-content/themes/mwp/css/blocks/ 19 KB
3 KB 42ms
27ms Stylesheet
text/css 2600:9000:223c:6e00:3:228f:7440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gt.usembassy.gov/wp-content/themes/mwp/css/blocks/leadership-carousel.min.css?ver=1696612545

Requested by

Host: gt.usembassy.gov
URL: https://gt.usembassy.gov/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223c:6e00:3:228f:7440:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

00bc0b01490e3bdfeac269ee62878ce57dd9d0155b4b709f53b8e52dc559f74d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gt.usembassy.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 03:15:20 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
x-content-type-options: nosniff
via: 1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
age: 237
x-amz-cf-pop: FRA56-P2
x-cache: Hit from cloudfront
last-modified: Fri, 06 Oct 2023 17:15:45 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: https://travel.state.gov
cache-control: max-age=691200
x-frame-options: SAMEORIGIN
access-control-allow-headers: X-Requested-With, Content-Type, Origin, Authorization, Accept, Client-Security-Token, Accept-Encoding
x-amz-cf-id: ZX3aIgE5XMoU4OqF3hA4FcrZikgipRoBKRIkQ0OAjUrYh1idHqlE7A==
expires: Sat, 21 Oct 2023 03:15:20 GMT

GET
H2 200 leadership-carousel-rtl.min.css
gt.usembassy.gov/wp-content/themes/mwp/css/blocks/ 2 KB
1 KB 48ms
33ms Stylesheet
text/css 2600:9000:223c:6e00:3:228f:7440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gt.usembassy.gov/wp-content/themes/mwp/css/blocks/leadership-carousel-rtl.min.css?ver=1696612545

Requested by

Host: gt.usembassy.gov
URL: https://gt.usembassy.gov/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223c:6e00:3:228f:7440:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

823248686053150f415f1da1f715ef6f47b6119e28de8fdbc779fdad9479d7fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gt.usembassy.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 03:15:20 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
x-content-type-options: nosniff
via: 1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
age: 237
x-amz-cf-pop: FRA56-P2
x-cache: Hit from cloudfront
last-modified: Fri, 06 Oct 2023 17:15:45 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: https://travel.state.gov
cache-control: max-age=691200
x-frame-options: SAMEORIGIN
access-control-allow-headers: X-Requested-With, Content-Type, Origin, Authorization, Accept, Client-Security-Token, Accept-Encoding
x-amz-cf-id: niVZjy6LxGwmZ96qNT9pWOCFye5dvJGQY8nRWr1eytG1UBg9LhRY3w==
expires: Sat, 21 Oct 2023 03:15:20 GMT

GET
H2 200 sub_header_title.min.css
gt.usembassy.gov/wp-content/themes/mwp/css/blocks/ 2 KB
1 KB 49ms
34ms Stylesheet
text/css 2600:9000:223c:6e00:3:228f:7440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gt.usembassy.gov/wp-content/themes/mwp/css/blocks/sub_header_title.min.css?ver=1696612547

Requested by

Host: gt.usembassy.gov
URL: https://gt.usembassy.gov/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223c:6e00:3:228f:7440:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

81da06154271d084016ad635363e28a96643d9d555e15e8be34ebbdefc118aca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gt.usembassy.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 03:15:20 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
x-content-type-options: nosniff
via: 1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
age: 237
x-amz-cf-pop: FRA56-P2
x-cache: Hit from cloudfront
last-modified: Fri, 06 Oct 2023 17:15:47 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: https://travel.state.gov
cache-control: max-age=691200
x-frame-options: SAMEORIGIN
access-control-allow-headers: X-Requested-With, Content-Type, Origin, Authorization, Accept, Client-Security-Token, Accept-Encoding
x-amz-cf-id: HuQIm_uc7zYd5CJ_phlbylO5VvKLO_aoHuF7tGL_IbKo9SYzlky1kQ==
expires: Sat, 21 Oct 2023 03:15:20 GMT

GET
H2 200 sub_header_title_rtl.min.css
gt.usembassy.gov/wp-content/themes/mwp/css/blocks/ 71 B
672 B 95ms
80ms Stylesheet
text/css 2600:9000:223c:6e00:3:228f:7440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gt.usembassy.gov/wp-content/themes/mwp/css/blocks/sub_header_title_rtl.min.css?ver=1696612547

Requested by

Host: gt.usembassy.gov
URL: https://gt.usembassy.gov/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223c:6e00:3:228f:7440:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

dada3f04a23e88c8a65cfdc241430f593d330e4abe4c51cfc77b78d8f8697064

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gt.usembassy.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 03:15:20 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
via: 1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 237
x-amz-cf-pop: FRA56-P2
x-cache: Hit from cloudfront
content-length: 71
last-modified: Fri, 06 Oct 2023 17:15:47 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: https://travel.state.gov
cache-control: max-age=691200
accept-ranges: bytes
access-control-allow-headers: X-Requested-With, Content-Type, Origin, Authorization, Accept, Client-Security-Token, Accept-Encoding
x-amz-cf-id: yo6-Ypbm3hSnZYtqcwVHcVatnstvnFiAcFb-xEkj6UkgVailXmLQ2Q==
expires: Sat, 21 Oct 2023 03:15:20 GMT

GET
H2 200 locations.min.css
gt.usembassy.gov/wp-content/themes/mwp/css/blocks/ 38 KB
4 KB 48ms
33ms Stylesheet
text/css 2600:9000:223c:6e00:3:228f:7440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gt.usembassy.gov/wp-content/themes/mwp/css/blocks/locations.min.css?ver=1696612545

Requested by

Host: gt.usembassy.gov
URL: https://gt.usembassy.gov/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223c:6e00:3:228f:7440:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

201bfb84beb9d8bae3919bb9b8fbb129a5bf95bbfe577f2706de3885d5ab76dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gt.usembassy.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 03:15:20 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
x-content-type-options: nosniff
via: 1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
age: 237
x-amz-cf-pop: FRA56-P2
x-cache: Hit from cloudfront
last-modified: Fri, 06 Oct 2023 17:15:45 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: https://travel.state.gov
cache-control: max-age=691200
x-frame-options: SAMEORIGIN
access-control-allow-headers: X-Requested-With, Content-Type, Origin, Authorization, Accept, Client-Security-Token, Accept-Encoding
x-amz-cf-id: VU1Zn7suqYgZGOjYg2tkHejBs0mzKd-vCcc4fkkHW5hkO7UCbOUyEw==
expires: Sat, 21 Oct 2023 03:15:20 GMT

GET
H2 200 locations-rtl.min.css
gt.usembassy.gov/wp-content/themes/mwp/css/blocks/ 6 KB
2 KB 96ms
82ms Stylesheet
text/css 2600:9000:223c:6e00:3:228f:7440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gt.usembassy.gov/wp-content/themes/mwp/css/blocks/locations-rtl.min.css?ver=1696612545

Requested by

Host: gt.usembassy.gov
URL: https://gt.usembassy.gov/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223c:6e00:3:228f:7440:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

db592bf5bc055050925694e86a11f39b1205f07b2deda61562f9992d2bf541b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gt.usembassy.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 03:15:20 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
x-content-type-options: nosniff
via: 1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
age: 237
x-amz-cf-pop: FRA56-P2
x-cache: Hit from cloudfront
last-modified: Fri, 06 Oct 2023 17:15:45 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: https://travel.state.gov
cache-control: max-age=691200
x-frame-options: SAMEORIGIN
access-control-allow-headers: X-Requested-With, Content-Type, Origin, Authorization, Accept, Client-Security-Token, Accept-Encoding
x-amz-cf-id: LCNVP4tU6qahtfSIAkr_WPFjzze5Kk1nrgWGTVPFtH_dxX9tYHCPjA==
expires: Sat, 21 Oct 2023 03:15:20 GMT

GET
H2 200 feeds.min.css
gt.usembassy.gov/wp-content/themes/mwp/css/blocks/ 26 KB
3 KB 49ms
35ms Stylesheet
text/css 2600:9000:223c:6e00:3:228f:7440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gt.usembassy.gov/wp-content/themes/mwp/css/blocks/feeds.min.css?ver=1696612544

Requested by

Host: gt.usembassy.gov
URL: https://gt.usembassy.gov/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223c:6e00:3:228f:7440:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

29c4e772c5098dcb8d65f8d04ccf41bc65997b7c8095e3dc1b797ee5c1abceaa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gt.usembassy.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 03:15:20 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
x-content-type-options: nosniff
via: 1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
age: 237
x-amz-cf-pop: FRA56-P2
x-cache: Hit from cloudfront
last-modified: Fri, 06 Oct 2023 17:15:44 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: https://travel.state.gov
cache-control: max-age=691200
x-frame-options: SAMEORIGIN
access-control-allow-headers: X-Requested-With, Content-Type, Origin, Authorization, Accept, Client-Security-Token, Accept-Encoding
x-amz-cf-id: K5imTUWIA6GBm7hG1K3FCnC8WBWsBG35607BKulcOeWdy44ny8YKcg==
expires: Sat, 21 Oct 2023 03:15:20 GMT

GET
H2 200 feeds-rtl.min.css
gt.usembassy.gov/wp-content/themes/mwp/css/blocks/ 3 KB
1 KB 94ms
81ms Stylesheet
text/css 2600:9000:223c:6e00:3:228f:7440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gt.usembassy.gov/wp-content/themes/mwp/css/blocks/feeds-rtl.min.css?ver=1696612544

Requested by

Host: gt.usembassy.gov
URL: https://gt.usembassy.gov/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223c:6e00:3:228f:7440:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

b563ef2ed0b6b3231cf9e62d42fc83b43a425adf442a9d11420e653b205daf1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gt.usembassy.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 07:26:02 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
x-content-type-options: nosniff
via: 1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
age: 71595
x-amz-cf-pop: FRA56-P2
x-cache: Hit from cloudfront
last-modified: Fri, 06 Oct 2023 17:15:44 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: https://travel.state.gov
cache-control: max-age=691200
x-frame-options: SAMEORIGIN
access-control-allow-headers: X-Requested-With, Content-Type, Origin, Authorization, Accept, Client-Security-Token, Accept-Encoding
x-amz-cf-id: tEWX6h25_s_sKYV-NYdIQEqtc7qZbOtHl7wrBTYSQD12glHZ5mUPkg==
expires: Fri, 20 Oct 2023 07:26:02 GMT

GET
H2 200 publications.min.css
gt.usembassy.gov/wp-content/themes/mwp/css/blocks/ 10 KB
2 KB 95ms
81ms Stylesheet
text/css 2600:9000:223c:6e00:3:228f:7440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gt.usembassy.gov/wp-content/themes/mwp/css/blocks/publications.min.css?ver=1696612547

Requested by

Host: gt.usembassy.gov
URL: https://gt.usembassy.gov/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223c:6e00:3:228f:7440:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

c2a26661d8b53be4662d626ff8cca5064b60c214cb1572e22a3748da87eec20c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gt.usembassy.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 03:15:20 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
x-content-type-options: nosniff
via: 1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
age: 237
x-amz-cf-pop: FRA56-P2
x-cache: Hit from cloudfront
last-modified: Fri, 06 Oct 2023 17:15:47 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: https://travel.state.gov
cache-control: max-age=691200
x-frame-options: SAMEORIGIN
access-control-allow-headers: X-Requested-With, Content-Type, Origin, Authorization, Accept, Client-Security-Token, Accept-Encoding
x-amz-cf-id: 63Doxmkog0EvP2HyKy7bwCXaJ-pY59LaK31jqjuvAbrA5hcyp_iQgQ==
expires: Sat, 21 Oct 2023 03:15:20 GMT

GET
H2 200 publications-rtl.min.css
gt.usembassy.gov/wp-content/themes/mwp/css/blocks/ 738 B
1 KB 94ms
81ms Stylesheet
text/css 2600:9000:223c:6e00:3:228f:7440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gt.usembassy.gov/wp-content/themes/mwp/css/blocks/publications-rtl.min.css?ver=1696612547

Requested by

Host: gt.usembassy.gov
URL: https://gt.usembassy.gov/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223c:6e00:3:228f:7440:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

c8852e018565a21b3faafd8e2d7eb02109bc3b38b3b83759b61eb918fdb5a176

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gt.usembassy.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 03:15:20 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
via: 1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 237
x-amz-cf-pop: FRA56-P2
x-cache: Hit from cloudfront
content-length: 738
last-modified: Fri, 06 Oct 2023 17:15:47 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: https://travel.state.gov
cache-control: max-age=691200
accept-ranges: bytes
access-control-allow-headers: X-Requested-With, Content-Type, Origin, Authorization, Accept, Client-Security-Token, Accept-Encoding
x-amz-cf-id: A-4MiQ2gDmvBq1KCdqzZc5nGJlTAFtATw6iqkLP9xz0BCXEN0qmgqw==
expires: Sat, 21 Oct 2023 03:15:20 GMT

GET
H2 200 content_spotlight.min.css
gt.usembassy.gov/wp-content/themes/mwp/css/blocks/ 17 KB
2 KB 96ms
83ms Stylesheet
text/css 2600:9000:223c:6e00:3:228f:7440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gt.usembassy.gov/wp-content/themes/mwp/css/blocks/content_spotlight.min.css?ver=1696612544

Requested by

Host: gt.usembassy.gov
URL: https://gt.usembassy.gov/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223c:6e00:3:228f:7440:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

1866edaa5ce9a66d4424088fb91ae493b1e0bd7de0dc1cc83a848ad4f00800f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gt.usembassy.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 03:15:20 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
x-content-type-options: nosniff
via: 1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
age: 237
x-amz-cf-pop: FRA56-P2
x-cache: Hit from cloudfront
last-modified: Fri, 06 Oct 2023 17:15:44 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: https://travel.state.gov
cache-control: max-age=691200
x-frame-options: SAMEORIGIN
access-control-allow-headers: X-Requested-With, Content-Type, Origin, Authorization, Accept, Client-Security-Token, Accept-Encoding
x-amz-cf-id: 79U4YLHnb4juX_4YCIQx5B7H0dtrbTo9Y-P9Myc-KaG7hV5FeMVcew==
expires: Sat, 21 Oct 2023 03:15:20 GMT

GET
H2 200 content_spotlight_rtl.min.css
gt.usembassy.gov/wp-content/themes/mwp/css/blocks/ 3 KB
1 KB 96ms
83ms Stylesheet
text/css 2600:9000:223c:6e00:3:228f:7440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gt.usembassy.gov/wp-content/themes/mwp/css/blocks/content_spotlight_rtl.min.css?ver=1696612544

Requested by

Host: gt.usembassy.gov
URL: https://gt.usembassy.gov/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223c:6e00:3:228f:7440:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

2b124cb56c81558b73946a182b47f01140acbcb64a4ec723f02399de53c93edc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gt.usembassy.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 03:15:20 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
x-content-type-options: nosniff
via: 1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
age: 237
x-amz-cf-pop: FRA56-P2
x-cache: Hit from cloudfront
last-modified: Fri, 06 Oct 2023 17:15:44 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: https://travel.state.gov
cache-control: max-age=691200
x-frame-options: SAMEORIGIN
access-control-allow-headers: X-Requested-With, Content-Type, Origin, Authorization, Accept, Client-Security-Token, Accept-Encoding
x-amz-cf-id: EZGHjgdlYw9CxkRlCbd2MNQsqacIMe7HBDSmM2KS0IaveTykCk3JtQ==
expires: Sat, 21 Oct 2023 03:15:20 GMT

GET
H2 200 code-block.min.css
gt.usembassy.gov/wp-content/themes/mwp/css/blocks/ 12 KB
2 KB 101ms
88ms Stylesheet
text/css 2600:9000:223c:6e00:3:228f:7440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gt.usembassy.gov/wp-content/themes/mwp/css/blocks/code-block.min.css?ver=1696612544

Requested by

Host: gt.usembassy.gov
URL: https://gt.usembassy.gov/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223c:6e00:3:228f:7440:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

cccc5b8cd8072c7b90e4d63613ec618dc3a23dc44a7f1c70189d068b8589c703

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gt.usembassy.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 07:26:02 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
x-content-type-options: nosniff
via: 1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
age: 71595
x-amz-cf-pop: FRA56-P2
x-cache: Hit from cloudfront
last-modified: Fri, 06 Oct 2023 17:15:44 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: https://travel.state.gov
cache-control: max-age=691200
x-frame-options: SAMEORIGIN
access-control-allow-headers: X-Requested-With, Content-Type, Origin, Authorization, Accept, Client-Security-Token, Accept-Encoding
x-amz-cf-id: vRQGajoNltPGJdvbri2YYBNJEAibJvMrUSScQ8vG0TzO1ylLyouSAw==
expires: Fri, 20 Oct 2023 07:26:02 GMT

GET
H2 200 code-block-rtl.min.css
gt.usembassy.gov/wp-content/themes/mwp/css/blocks/ 3 KB
1 KB 101ms
88ms Stylesheet
text/css 2600:9000:223c:6e00:3:228f:7440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gt.usembassy.gov/wp-content/themes/mwp/css/blocks/code-block-rtl.min.css?ver=1696612544

Requested by

Host: gt.usembassy.gov
URL: https://gt.usembassy.gov/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223c:6e00:3:228f:7440:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

5189bfc9ecfe24ef0ce20ef3b0a8f951d3ed3527717a80f053e5556cf6ceb30b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gt.usembassy.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 07:26:02 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
x-content-type-options: nosniff
via: 1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
age: 71595
x-amz-cf-pop: FRA56-P2
x-cache: Hit from cloudfront
last-modified: Fri, 06 Oct 2023 17:15:44 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: https://travel.state.gov
cache-control: max-age=691200
x-frame-options: SAMEORIGIN
access-control-allow-headers: X-Requested-With, Content-Type, Origin, Authorization, Accept, Client-Security-Token, Accept-Encoding
x-amz-cf-id: 4iQOAbZEnQQ7CBSivSEZHw3m9pqhBWycqJVQJunl90kPTn9TrGaG2w==
expires: Fri, 20 Oct 2023 07:26:02 GMT

GET
H2 200 index.js Show response
gt.usembassy.gov/wp-content/plugins/contact-form-7/includes/swv/js/ 11 KB
4 KB 99ms
89ms Script
application/javascript 2600:9000:223c:6e00:3:228f:7440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gt.usembassy.gov/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.8.1

Requested by

Host: gt.usembassy.gov
URL: https://gt.usembassy.gov/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223c:6e00:3:228f:7440:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

5fe46d2da01452067736578431f6c6e8116a24e616f58c72d9d81fdb2c7c9569

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gt.usembassy.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 04:36:13 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
x-content-type-options: nosniff
via: 1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
age: 81784
x-amz-cf-pop: FRA56-P2
x-cache: Hit from cloudfront
last-modified: Sun, 06 Aug 2023 08:21:30 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: https://travel.state.gov
cache-control: max-age=691200
x-frame-options: SAMEORIGIN
access-control-allow-headers: X-Requested-With, Content-Type, Origin, Authorization, Accept, Client-Security-Token, Accept-Encoding
x-amz-cf-id: E5F4EYLO-nO1J7RocJIpA7zWaxym9OiXZCb-LrDvbq4pevAhnS6D3A==
expires: Fri, 20 Oct 2023 04:36:13 GMT

GET
H2 200 index.js Show response
gt.usembassy.gov/wp-content/plugins/contact-form-7/includes/js/ 13 KB
4 KB 118ms
108ms Script
application/javascript 2600:9000:223c:6e00:3:228f:7440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gt.usembassy.gov/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.8.1

Requested by

Host: gt.usembassy.gov
URL: https://gt.usembassy.gov/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223c:6e00:3:228f:7440:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

1060091178cbd6c843b802f516f230f1a3a1e85f1afbd6ef84d80e5430ba457e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gt.usembassy.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 04:36:13 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
x-content-type-options: nosniff
via: 1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
age: 81784
x-amz-cf-pop: FRA56-P2
x-cache: Hit from cloudfront
last-modified: Fri, 24 Mar 2023 02:33:40 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: https://travel.state.gov
cache-control: max-age=691200
x-frame-options: SAMEORIGIN
access-control-allow-headers: X-Requested-With, Content-Type, Origin, Authorization, Accept, Client-Security-Token, Accept-Encoding
x-amz-cf-id: IT0q8aleoEz_v5IAleeB07HjbOFQGiFYIAJPnuli5p11EMe1OhFdEg==
expires: Fri, 20 Oct 2023 04:36:13 GMT

GET
H2 200 scripts.js Show response
gt.usembassy.gov/wp-content/plugins/cf7-conditional-fields/js/ 136 KB
137 KB 106ms
96ms Script
application/javascript 2600:9000:223c:6e00:3:228f:7440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gt.usembassy.gov/wp-content/plugins/cf7-conditional-fields/js/scripts.js?ver=2.3.10

Requested by

Host: gt.usembassy.gov
URL: https://gt.usembassy.gov/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223c:6e00:3:228f:7440:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

c17ce5d402af6a0208a7832cb2a4c23a3bdf10ec8659b35cf746a3bd3a3e165c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gt.usembassy.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 04:36:13 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
via: 1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 81784
x-amz-cf-pop: FRA56-P2
x-cache: Hit from cloudfront
last-modified: Thu, 13 Apr 2023 16:41:42 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: https://travel.state.gov
cache-control: max-age=691200
accept-ranges: bytes
access-control-allow-headers: X-Requested-With, Content-Type, Origin, Authorization, Accept, Client-Security-Token, Accept-Encoding
x-amz-cf-id: mTSBhdqo2dD0Aeh5TTbZZrMPKqza8Yq36TzBVJ0zEi-phbVkFjgAWA==
expires: Fri, 20 Oct 2023 04:36:13 GMT

GET
H2 200 slick.min.js Show response
cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/ 42 KB
11 KB 39ms
29ms Script
application/javascript 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/slick.min.js?ver=1696612357

Requested by

Host: gt.usembassy.gov
URL: https://gt.usembassy.gov/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gt.usembassy.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 03:19:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 20112340
x-jsd-version: 1.8.1
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230096-FRA, cache-yyz4521-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"a76f-O0GzvJVmhQFaNHoiOOcdsp36Dbs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=on26GXFXTThlZLGU51aRCT5po8%2B1PAtqfCpykeMl2WCcByfTOXxW9ZHgPAv76ewHLdwyp3E47JIs959Kk7nr1M7%2BnvM0NPLlSgmV1CUi0Wl%2FZkHCRXUYVYGh4iuwyCCvLQ4JJCOI8HnR1xyv%2BFI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 815470adbd9a0414-FRA

GET
H2 200 bootstrap.bundle.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/js/ 82 KB
22 KB 40ms
30ms Script
application/javascript 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/js/bootstrap.bundle.min.js?ver=1696612357

Requested by

Host: gt.usembassy.gov
URL: https://gt.usembassy.gov/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b0212543cc5a4a0a31c1b5a9d1e8973261992116b4cfde3e7dfcf33b4e81a97b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gt.usembassy.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 03:19:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 15806297
x-jsd-version: 4.6.0
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230133-FRA, cache-jnb7024-JNB
x-jsd-version-type: version
server: cloudflare
etag: W/"1499a-rsVR5NVzRjCI/KfRT7ZE6zifGDk"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nufk7Va%2BK8Cwq0Zm8lzIdSGzjp3%2FQo%2BAg%2BK9UDajqjyf92b1zrbXYMnstQrE1ct7ZajMR1fYZPiyEjs4Qz8MkuNlrV8o0tUwDw%2BlrqMNEhp0RN1%2FKXIf43Kf3a5ArMuufRfvTtDsVYVRhyWL5L8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 815470adbd9c0414-FRA

GET
H2 200 underscore-before.js Show response
gt.usembassy.gov/wp-content/plugins/the-events-calendar/common/src/resources/js/ 1 KB
2 KB 332ms
322ms Script
application/javascript 2600:9000:223c:6e00:3:228f:7440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gt.usembassy.gov/wp-content/plugins/the-events-calendar/common/src/resources/js/underscore-before.js

Requested by

Host: gt.usembassy.gov
URL: https://gt.usembassy.gov/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223c:6e00:3:228f:7440:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

ae6de183ae9a339fddbc7ca40bbccc092582999e99089fbe7a5b31e0b075445a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gt.usembassy.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 03:19:17 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
via: 1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-P2
x-cache: Miss from cloudfront
last-modified: Thu, 10 Aug 2023 15:54:10 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: https://travel.state.gov
cache-control: max-age=691200
accept-ranges: bytes
access-control-allow-headers: X-Requested-With, Content-Type, Origin, Authorization, Accept, Client-Security-Token, Accept-Encoding
x-amz-cf-id: C2vyRb9RX9C5HRvbiC4pJIGauwS4qMT19-ATswnFqK9vMfn3mh0spg==
expires: Sat, 21 Oct 2023 03:19:17 GMT

GET
H2 200 underscore.min.js Show response
gt.usembassy.gov/wp-includes/js/ 18 KB
19 KB 103ms
94ms Script
application/javascript 2600:9000:223c:6e00:3:228f:7440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gt.usembassy.gov/wp-includes/js/underscore.min.js?ver=1.13.4

Requested by

Host: gt.usembassy.gov
URL: https://gt.usembassy.gov/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223c:6e00:3:228f:7440:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

726b820e44f6ab90ad991d30a4bf26d3a5d71493cbcd1fb1efd0d14e89b9df2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gt.usembassy.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 12:55:25 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
via: 1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 224632
x-amz-cf-pop: FRA56-P2
x-cache: Hit from cloudfront
last-modified: Tue, 29 Aug 2023 14:28:14 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: https://travel.state.gov
cache-control: max-age=691200
accept-ranges: bytes
access-control-allow-headers: X-Requested-With, Content-Type, Origin, Authorization, Accept, Client-Security-Token, Accept-Encoding
x-amz-cf-id: DoBr0jGwR2V6PLLDDkXQ4CdKMJkuDyY4U17AuJNKymSlYhQG9A_B1g==
expires: Wed, 18 Oct 2023 12:55:25 GMT

GET
H2 200 underscore-after.js Show response
gt.usembassy.gov/wp-content/plugins/the-events-calendar/common/src/resources/js/ 928 B
2 KB 101ms
92ms Script
application/javascript 2600:9000:223c:6e00:3:228f:7440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gt.usembassy.gov/wp-content/plugins/the-events-calendar/common/src/resources/js/underscore-after.js

Requested by

Host: gt.usembassy.gov
URL: https://gt.usembassy.gov/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223c:6e00:3:228f:7440:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

28ba1826a2b215bb02c0182c67e01b2a361ed1f3726b45a191c67392f1dcec6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gt.usembassy.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 04:36:13 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
via: 1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 81784
x-amz-cf-pop: FRA56-P2
x-cache: Hit from cloudfront
last-modified: Thu, 10 Aug 2023 15:54:10 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: https://travel.state.gov
cache-control: max-age=691200
accept-ranges: bytes
access-control-allow-headers: X-Requested-With, Content-Type, Origin, Authorization, Accept, Client-Security-Token, Accept-Encoding
x-amz-cf-id: pMDuybRm6OoYrMB9I0mSDIgOs0BAIoKjrYwSsL6ScryY54IbEy8Ipg==
expires: Fri, 20 Oct 2023 04:36:13 GMT

GET
H2 200 backbone.min.js Show response
gt.usembassy.gov/wp-includes/js/ 23 KB
24 KB 103ms
94ms Script
application/javascript 2600:9000:223c:6e00:3:228f:7440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gt.usembassy.gov/wp-includes/js/backbone.min.js?ver=1.4.1

Requested by

Host: gt.usembassy.gov
URL: https://gt.usembassy.gov/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223c:6e00:3:228f:7440:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

b99993143ef5c98b746267c0a19fd2c2f4a6d64af3e1dae82a87573c4b9b1572

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gt.usembassy.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 15:19:23 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
via: 1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 302393
x-amz-cf-pop: FRA56-P2
x-cache: Hit from cloudfront
last-modified: Tue, 29 Aug 2023 14:28:14 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: https://travel.state.gov
cache-control: max-age=691200
accept-ranges: bytes
access-control-allow-headers: X-Requested-With, Content-Type, Origin, Authorization, Accept, Client-Security-Token, Accept-Encoding
x-amz-cf-id: NuUn_HvJkVD6eeo4tGIxV66dOUvACoGYoX5HOY7El7VvX0OGVT4boQ==
expires: Tue, 17 Oct 2023 15:19:23 GMT

GET
H2 200 api-request.min.js Show response
gt.usembassy.gov/wp-includes/js/ 1023 B
2 KB 99ms
90ms Script
application/javascript 2600:9000:223c:6e00:3:228f:7440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gt.usembassy.gov/wp-includes/js/api-request.min.js?ver=947f6f738d8ae398d758626f0d9c2ae3

Requested by

Host: gt.usembassy.gov
URL: https://gt.usembassy.gov/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223c:6e00:3:228f:7440:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

1a234275545ba883616ac6b4151a0f06d9bb097146e806e40317a263bbf1c51e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gt.usembassy.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 12:55:25 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
via: 1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 224632
x-amz-cf-pop: FRA56-P2
x-cache: Hit from cloudfront
last-modified: Tue, 29 Aug 2023 14:28:14 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: https://travel.state.gov
cache-control: max-age=691200
accept-ranges: bytes
access-control-allow-headers: X-Requested-With, Content-Type, Origin, Authorization, Accept, Client-Security-Token, Accept-Encoding
x-amz-cf-id: 5H6L9CLqlpuQVQsuEBwRKpq5ylhSBiZtQkYqwx0G0nWtEXsleIC9mw==
expires: Wed, 18 Oct 2023 12:55:25 GMT

GET
H2 200 wp-api.min.js Show response
gt.usembassy.gov/wp-includes/js/ 14 KB
15 KB 119ms
110ms Script
application/javascript 2600:9000:223c:6e00:3:228f:7440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gt.usembassy.gov/wp-includes/js/wp-api.min.js?ver=947f6f738d8ae398d758626f0d9c2ae3

Requested by

Host: gt.usembassy.gov
URL: https://gt.usembassy.gov/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223c:6e00:3:228f:7440:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

947960adcbb708c908d60c1fb55b6c617e11c93876ecf9f525f13accf7ddb591

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gt.usembassy.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 12:55:25 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
via: 1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 224632
x-amz-cf-pop: FRA56-P2
x-cache: Hit from cloudfront
last-modified: Tue, 29 Aug 2023 14:28:14 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: https://travel.state.gov
cache-control: max-age=691200
accept-ranges: bytes
access-control-allow-headers: X-Requested-With, Content-Type, Origin, Authorization, Accept, Client-Security-Token, Accept-Encoding
x-amz-cf-id: JEXhy_jqVIMvzDNCKerNoavnXi_roeuUWmDHXSpIHehqBlE61AVaiA==
expires: Wed, 18 Oct 2023 12:55:25 GMT

GET
H2 200 wp-util.min.js Show response
gt.usembassy.gov/wp-includes/js/ 1 KB
2 KB 147ms
138ms Script
application/javascript 2600:9000:223c:6e00:3:228f:7440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gt.usembassy.gov/wp-includes/js/wp-util.min.js?ver=947f6f738d8ae398d758626f0d9c2ae3

Requested by

Host: gt.usembassy.gov
URL: https://gt.usembassy.gov/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223c:6e00:3:228f:7440:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

3bc6467a95cec8fa516c6f5f69e1301e37e16f9bb1046fe7756729249f901b95

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gt.usembassy.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 03:19:17 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
via: 1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-P2
x-cache: Miss from cloudfront
last-modified: Tue, 29 Aug 2023 14:28:14 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: https://travel.state.gov
cache-control: max-age=691200
accept-ranges: bytes
access-control-allow-headers: X-Requested-With, Content-Type, Origin, Authorization, Accept, Client-Security-Token, Accept-Encoding
x-amz-cf-id: YGPf2CroczLszYkg3B0zMVwrTaUQP1VDrBOvkoYHeXp0Uy5cPcR74g==
expires: Sat, 21 Oct 2023 03:19:17 GMT

GET
H2 200 mwp.min.js Show response
gt.usembassy.gov/wp-content/themes/mwp/js/ 82 KB
19 KB 117ms
109ms Script
application/javascript 2600:9000:223c:6e00:3:228f:7440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gt.usembassy.gov/wp-content/themes/mwp/js/mwp.min.js?ver=1696612357

Requested by

Host: gt.usembassy.gov
URL: https://gt.usembassy.gov/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223c:6e00:3:228f:7440:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

990dc0a5c2a5dcaa797d8af450680979a28fb91ebce97b5edcdf31c7f90eabe4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gt.usembassy.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 04:36:13 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
x-content-type-options: nosniff
via: 1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
age: 81784
x-amz-cf-pop: FRA56-P2
x-cache: Hit from cloudfront
last-modified: Fri, 06 Oct 2023 17:12:37 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: https://travel.state.gov
cache-control: max-age=691200
x-frame-options: SAMEORIGIN
access-control-allow-headers: X-Requested-With, Content-Type, Origin, Authorization, Accept, Client-Security-Token, Accept-Encoding
x-amz-cf-id: A_wAspTqVwaYdvDBrL6_g6kQ6ucpGH2cRTZcz9SyuU1dLEuT_cpYRw==
expires: Fri, 20 Oct 2023 04:36:13 GMT

GET
H2 200 frontend.min.js Show response
gt.usembassy.gov/wp-content/plugins/thrive-quiz-builder/thrive-dashboard/js/dist/ 2 KB
1 KB 101ms
92ms Script
application/javascript 2600:9000:223c:6e00:3:228f:7440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gt.usembassy.gov/wp-content/plugins/thrive-quiz-builder/thrive-dashboard/js/dist/frontend.min.js?ver=3.37.4

Requested by

Host: gt.usembassy.gov
URL: https://gt.usembassy.gov/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223c:6e00:3:228f:7440:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

ed77fc2cbbcf4cd716fbf7f4ace9c8d1612bf6140a5996e4f38f8caa142edcb8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gt.usembassy.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 04:36:13 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
x-content-type-options: nosniff
via: 1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
age: 81784
x-amz-cf-pop: FRA56-P2
x-cache: Hit from cloudfront
last-modified: Fri, 06 Oct 2023 17:15:27 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: https://travel.state.gov
cache-control: max-age=691200
x-frame-options: SAMEORIGIN
access-control-allow-headers: X-Requested-With, Content-Type, Origin, Authorization, Accept, Client-Security-Token, Accept-Encoding
x-amz-cf-id: CFBL_0hfPklNWET-mW6lYPlhanDY5YtQrMuqFvIQ95KWNQV00NFH4Q==
expires: Fri, 20 Oct 2023 04:36:13 GMT

GET
H2 200 osmapper_leaflet.js Show response
gt.usembassy.gov/wp-content/plugins/osmapper/assets/js/min/ 137 KB
39 KB 107ms
99ms Script
application/javascript 2600:9000:223c:6e00:3:228f:7440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gt.usembassy.gov/wp-content/plugins/osmapper/assets/js/min/osmapper_leaflet.js?ver=2.1.5

Requested by

Host: gt.usembassy.gov
URL: https://gt.usembassy.gov/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223c:6e00:3:228f:7440:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

ac90ad3fa8fd14783a70287782b6d0e558b942c6e15e1d8939d087a9f71c98a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gt.usembassy.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 12:55:25 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
x-content-type-options: nosniff
via: 1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
age: 224632
x-amz-cf-pop: FRA56-P2
x-cache: Hit from cloudfront
last-modified: Mon, 11 Sep 2023 20:48:38 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: https://travel.state.gov
cache-control: max-age=691200
x-frame-options: SAMEORIGIN
access-control-allow-headers: X-Requested-With, Content-Type, Origin, Authorization, Accept, Client-Security-Token, Accept-Encoding
x-amz-cf-id: qA0Np2j_12lb2g9glmbe40NvkKm5sLDIIWZmpzdUZ9TabrVoGKarMA==
expires: Wed, 18 Oct 2023 12:55:25 GMT

GET
H2 200 Leaflet.fullscreen.min.js Show response
gt.usembassy.gov/wp-content/plugins/osmapper/assets/js/min/ 5 KB
5 KB 119ms
110ms Script
application/javascript 2600:9000:223c:6e00:3:228f:7440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gt.usembassy.gov/wp-content/plugins/osmapper/assets/js/min/Leaflet.fullscreen.min.js?ver=2.1.5

Requested by

Host: gt.usembassy.gov
URL: https://gt.usembassy.gov/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223c:6e00:3:228f:7440:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

131a9ea30b81e395a674452ab2a411ba33bc9769531887ba87a035e41b3b4d11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gt.usembassy.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 04:36:13 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
via: 1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 81784
x-amz-cf-pop: FRA56-P2
x-cache: Hit from cloudfront
last-modified: Fri, 06 Oct 2023 17:15:26 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: https://travel.state.gov
cache-control: max-age=691200
accept-ranges: bytes
access-control-allow-headers: X-Requested-With, Content-Type, Origin, Authorization, Accept, Client-Security-Token, Accept-Encoding
x-amz-cf-id: hRMXWZNQlWangzWB0yEaZXr66uCtTxtzhIRFPM48muh276Jyo5XnYQ==
expires: Fri, 20 Oct 2023 04:36:13 GMT

GET
H2 200 osmapper_renderer.js Show response
gt.usembassy.gov/wp-content/plugins/osmapper/assets/js/min/ 7 KB
7 KB 101ms
93ms Script
application/javascript 2600:9000:223c:6e00:3:228f:7440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gt.usembassy.gov/wp-content/plugins/osmapper/assets/js/min/osmapper_renderer.js?ver=2.1.5

Requested by

Host: gt.usembassy.gov
URL: https://gt.usembassy.gov/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223c:6e00:3:228f:7440:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

b422ea03d0f1177be468b21d61f791542b2f508e2fc405baa8b4f14632cb2130

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gt.usembassy.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 15:19:23 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
via: 1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 302394
x-amz-cf-pop: FRA56-P2
x-cache: Hit from cloudfront
last-modified: Mon, 11 Sep 2023 20:48:38 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: https://travel.state.gov
cache-control: max-age=691200
accept-ranges: bytes
access-control-allow-headers: X-Requested-With, Content-Type, Origin, Authorization, Accept, Client-Security-Token, Accept-Encoding
x-amz-cf-id: T2o-_pUqL5D1EFY4dnpLG2JjLCplqe9t4u95BrGqV6pJgGcYhzOEMA==
expires: Tue, 17 Oct 2023 15:19:23 GMT

GET
H2 200 blogroll.min.js Show response
gt.usembassy.gov/wp-content/themes/mwp/js/frontend/ 4 KB
1 KB 119ms
111ms Script
application/javascript 2600:9000:223c:6e00:3:228f:7440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gt.usembassy.gov/wp-content/themes/mwp/js/frontend/blogroll.min.js?ver=1696612357

Requested by

Host: gt.usembassy.gov
URL: https://gt.usembassy.gov/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223c:6e00:3:228f:7440:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

965a46ae986f221e5cd29a9418668b3956cbee6a443f50b9015cf9f8eda55728

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gt.usembassy.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 03:15:20 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
x-content-type-options: nosniff
via: 1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
age: 237
x-amz-cf-pop: FRA56-P2
x-cache: Hit from cloudfront
last-modified: Fri, 06 Oct 2023 17:12:37 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: https://travel.state.gov
cache-control: max-age=691200
x-frame-options: SAMEORIGIN
access-control-allow-headers: X-Requested-With, Content-Type, Origin, Authorization, Accept, Client-Security-Token, Accept-Encoding
x-amz-cf-id: 4Inu-5zoWtCfrdtc5pbE2yCIUcmKJIRFhkdfmMRS6UJSmSScb7zA_w==
expires: Sat, 21 Oct 2023 03:15:20 GMT

GET
H2 200 leadershipslider.min.js Show response
gt.usembassy.gov/wp-content/themes/mwp/js/frontend/ 11 KB
1 KB 104ms
96ms Script
application/javascript 2600:9000:223c:6e00:3:228f:7440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gt.usembassy.gov/wp-content/themes/mwp/js/frontend/leadershipslider.min.js?ver=1696612357

Requested by

Host: gt.usembassy.gov
URL: https://gt.usembassy.gov/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223c:6e00:3:228f:7440:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

13e5c152dec8fd0b455fc1ccdca4bd48d377933f18237811bbe0e1f76b1add79

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gt.usembassy.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 03:15:20 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
x-content-type-options: nosniff
via: 1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
age: 237
x-amz-cf-pop: FRA56-P2
x-cache: Hit from cloudfront
last-modified: Fri, 06 Oct 2023 17:12:37 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: https://travel.state.gov
cache-control: max-age=691200
x-frame-options: SAMEORIGIN
access-control-allow-headers: X-Requested-With, Content-Type, Origin, Authorization, Accept, Client-Security-Token, Accept-Encoding
x-amz-cf-id: xSKFZ1nCwP7wjScG8I667X3KmZYnYVWksjT0E_kuoO59TZiTRNL4eA==
expires: Sat, 21 Oct 2023 03:15:20 GMT

GET
H2 200 locations.min.js Show response
gt.usembassy.gov/wp-content/themes/mwp/js/frontend/ 4 KB
1 KB 109ms
101ms Script
application/javascript 2600:9000:223c:6e00:3:228f:7440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gt.usembassy.gov/wp-content/themes/mwp/js/frontend/locations.min.js?ver=1696612357

Requested by

Host: gt.usembassy.gov
URL: https://gt.usembassy.gov/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223c:6e00:3:228f:7440:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

45e16ed7c857c70ab02411e385431aa2f25c42b8f8587ee19c8a1707b0d95df2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gt.usembassy.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 03:15:20 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
x-content-type-options: nosniff
via: 1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
age: 237
x-amz-cf-pop: FRA56-P2
x-cache: Hit from cloudfront
last-modified: Fri, 06 Oct 2023 17:12:37 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: https://travel.state.gov
cache-control: max-age=691200
x-frame-options: SAMEORIGIN
access-control-allow-headers: X-Requested-With, Content-Type, Origin, Authorization, Accept, Client-Security-Token, Accept-Encoding
x-amz-cf-id: byndBcwltnKo9tn9YNqKWy_dLkRuPsHjzCPvYFObBOLSkh9O2YltUQ==
expires: Sat, 21 Oct 2023 03:15:20 GMT

GET
H2 200 feeds.min.js Show response
gt.usembassy.gov/wp-content/themes/mwp/js/frontend/ 1 KB
1 KB 103ms
96ms Script
application/javascript 2600:9000:223c:6e00:3:228f:7440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gt.usembassy.gov/wp-content/themes/mwp/js/frontend/feeds.min.js?ver=1696612357

Requested by

Host: gt.usembassy.gov
URL: https://gt.usembassy.gov/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223c:6e00:3:228f:7440:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

cf4d34ed170b3a3bdf1cb136e111b1d4216182773d6753517a0aa525f6abd606

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gt.usembassy.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 07:26:02 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
x-content-type-options: nosniff
via: 1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
age: 71595
x-amz-cf-pop: FRA56-P2
x-cache: Hit from cloudfront
last-modified: Fri, 06 Oct 2023 17:12:37 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: https://travel.state.gov
cache-control: max-age=691200
x-frame-options: SAMEORIGIN
access-control-allow-headers: X-Requested-With, Content-Type, Origin, Authorization, Accept, Client-Security-Token, Accept-Encoding
x-amz-cf-id: wC3qsRYigRWcHPHH9eqGVgPbaFbAirIBD_sLs_vy8YV581fRYNFIgQ==
expires: Fri, 20 Oct 2023 07:26:02 GMT

GET
H2 200 publications.min.js Show response
gt.usembassy.gov/wp-content/themes/mwp/js/frontend/ 491 B
1 KB 118ms
111ms Script
application/javascript 2600:9000:223c:6e00:3:228f:7440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gt.usembassy.gov/wp-content/themes/mwp/js/frontend/publications.min.js?ver=1696612357

Requested by

Host: gt.usembassy.gov
URL: https://gt.usembassy.gov/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223c:6e00:3:228f:7440:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

2f2e365b59b74d2d0640829b66f150f9bb7b32eeccdb11fd6aba0bb727ac980b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gt.usembassy.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 03:15:20 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
via: 1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 237
x-amz-cf-pop: FRA56-P2
x-cache: Hit from cloudfront
content-length: 491
last-modified: Fri, 06 Oct 2023 17:12:37 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: https://travel.state.gov
cache-control: max-age=691200
accept-ranges: bytes
access-control-allow-headers: X-Requested-With, Content-Type, Origin, Authorization, Accept, Client-Security-Token, Accept-Encoding
x-amz-cf-id: RkXRg5DB5RruXEVg_td8RdUFkwZDUFtIaoNGdHw4iPBKGSPc2D4iKA==
expires: Sat, 21 Oct 2023 03:15:20 GMT

GET
H2 200 code-block.min.js Show response
gt.usembassy.gov/wp-content/themes/mwp/js/frontend/ 2 KB
853 B 115ms
108ms Script
application/javascript 2600:9000:223c:6e00:3:228f:7440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gt.usembassy.gov/wp-content/themes/mwp/js/frontend/code-block.min.js?ver=1696612357

Requested by

Host: gt.usembassy.gov
URL: https://gt.usembassy.gov/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223c:6e00:3:228f:7440:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

a13662fe0e47432fd37c46e61d6eab9ad070c9c7ef56511c3276a94e2729a24d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gt.usembassy.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 07:26:02 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
x-content-type-options: nosniff
via: 1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
age: 71595
x-amz-cf-pop: FRA56-P2
x-cache: Hit from cloudfront
last-modified: Fri, 06 Oct 2023 17:12:37 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: https://travel.state.gov
cache-control: max-age=691200
x-frame-options: SAMEORIGIN
access-control-allow-headers: X-Requested-With, Content-Type, Origin, Authorization, Accept, Client-Security-Token, Accept-Encoding
x-amz-cf-id: L9Xbr9w2MgSiNY_pkTc_zMrXDYSYfzD0gv-G1i9IDlgIkVQzs9637g==
expires: Fri, 20 Oct 2023 07:26:02 GMT

GET
H2 200 overlay.js Show response
answers-embed.covid19.state.gov.pagescdn.com/ 79 KB
26 KB 119ms
15ms Script
text/javascript 2606:4700::6811:1a54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://answers-embed.covid19.state.gov.pagescdn.com/overlay.js

Requested by

Host: gt.usembassy.gov
URL: https://gt.usembassy.gov/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:1a54 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6df2d3a3fc9c879a48996bb1b642934d9f590395233ef5baac5335b709019da4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gt.usembassy.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 03:19:17 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
x-amz-version-id: null
x-amz-request-id: 626TFKMT97CH4JPT
age: 5906
x-amz-server-side-encryption: AES256
x-yext-subendpoint: static
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 0gM6CSN/wd9IToLckK5XS7JiEU90RECO+lgiuUMTpSc6XBkJ24p1kJFv6Iuivz0i26ES+0ieT88=
surrogate-key: answers-embed.covid19.state.gov answers-embed.covid19.state.gov%2Foverlay.js
last-modified: Fri, 09 Jun 2023 16:46:26 GMT
server: cloudflare
etag: "c1a35765bffb9f2985d483574460078c"-gzip
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
x-yext-site: jp2
cache-control: max-age=0, s-maxage=7200, must-revalidate
cf-ray: 815470ae5b3f3718-FRA
owner: sitescog-12955

GET
BLOB 200
OK 6292771e-87b3-48b1-b300-f79c6aa77133
https://gt.usembassy.gov/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://gt.usembassy.gov/6292771e-87b3-48b1-b300-f79c6aa77133
Requested by: Host: gt.usembassy.gov
URL: https://gt.usembassy.gov/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 214 KB
76 KB 91ms
41ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PP5BNDR

Requested by

Host: gt.usembassy.gov
URL: https://gt.usembassy.gov/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bca1fc5f1cfa27352f0a3c1b6d742df2ebbb27d8026928d089e3b52d9e2f5562

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gt.usembassy.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 03:19:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77023
x-xss-protection: 0
last-modified: Fri, 13 Oct 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 13 Oct 2023 03:19:17 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 70ms
18ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: gt.usembassy.gov
URL: https://gt.usembassy.gov/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gt.usembassy.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 13 Oct 2023 01:49:42 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 5375
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 13 Oct 2023 03:49:42 GMT

GET
H2 200 1A_jEvB3JmU Show response
www.youtube.com/embed/ Frame D7D6 88 KB
38 KB 119ms
59ms Document
text/html 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/1A_jEvB3JmU?feature=oembed&start=0

Requested by

Host: gt.usembassy.gov
URL: https://gt.usembassy.gov/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ea4c2d85f07a2272592f84f3ceaa74988848be701b297b2f7212cd036accf9f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gt.usembassy.gov/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Fri, 13 Oct 2023 03:19:17 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ 156 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c9701ff96675266ed2a8c5c2086ca44d6a0338dc114fe66a58dbdea9f4182e71

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 157 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8d0055e6d8cfd78504ea3bfeb93b24bafd670e051503e4f69c2bd26c72148a7a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 mountain-background.jpg
gt.usembassy.gov/wp-content/themes/mwp/images/ 149 KB
150 KB 98ms
98ms Image
image/jpeg 2600:9000:223c:6e00:3:228f:7440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gt.usembassy.gov/wp-content/themes/mwp/images/mountain-background.jpg

Requested by

Host: gt.usembassy.gov
URL: https://gt.usembassy.gov/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223c:6e00:3:228f:7440:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

96f91a11cbe441d24c47432bc39c635578893b2e83a328ae554c5c349f9ea9c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gt.usembassy.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 03:15:20 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
via: 1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 237
x-amz-cf-pop: FRA56-P2
x-cache: Hit from cloudfront
last-modified: Fri, 06 Oct 2023 17:12:37 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: https://travel.state.gov
cache-control: max-age=31536000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With, Content-Type, Origin, Authorization, Accept, Client-Security-Token, Accept-Encoding
x-amz-cf-id: FjYqFn-N_niK1DT-ZKyQcxcEjkQRMnaAXiKOQzipstF-XWG66n6cDg==
expires: Sat, 21 Oct 2023 03:15:20 GMT

GET
H2 200 fa-solid-900.woff2
use.fontawesome.com/releases/v5.15.3/webfonts/ 76 KB
77 KB 88ms
42ms Font
font/woff2 2606:4700:e0::ac40:660b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.15.3/webfonts/fa-solid-900.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.15.3/css/all.css?ver=5.15.3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:660b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef

Request headers

Referer: https://use.fontawesome.com/releases/v5.15.3/css/all.css?ver=5.15.3
Origin: https://gt.usembassy.gov
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 03:19:17 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: FWV72KJPSVNT4RSW
age: 810886
alt-svc: h3=":443"; ma=86400
content-length: 78196
x-amz-id-2: vOmI2d2SWEKFrFpFL3SvI1ARUk5p1BQRoiQ4jVGGc8PknXm+KR8aanxZ6UJh7I94vUTEdl+sVNc=
last-modified: Wed, 30 Jun 2021 15:41:36 GMT
server: cloudflare
etag: "e8a427e15cc502bef99cfd722b37ea98"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qkYjsmpUVgln7o51IYsu%2B4QDnNpI2XxhYT48xILdaBjXLGe%2FT4vE6komdcpmunJzIHNp9TqPdgTM9aHM3F3tFGzo9j7Xeh0atWKq5%2BDzpNsk0JHh%2F5w4kgJ68d8Ua%2BEJkb1OMaU%2B6EewmslUmyoqSdoc"}],"group":"cf-nel","max_age":604800}
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 815470ae0bcf19af-FRA

GET
H2 200 fa-brands-400.woff2
use.fontawesome.com/releases/v5.15.3/webfonts/ 75 KB
76 KB 78ms
33ms Font
font/woff2 2606:4700:e0::ac40:660b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.15.3/webfonts/fa-brands-400.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.15.3/css/all.css?ver=5.15.3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:660b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 43c072c16c9ee6d67acdfa6c6d6685ff1e74eb4237b7cc3c1348ab1c108b26af

Request headers

Referer: https://use.fontawesome.com/releases/v5.15.3/css/all.css?ver=5.15.3
Origin: https://gt.usembassy.gov
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 03:19:17 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: C19WT57M0CDDXCNE
age: 810885
alt-svc: h3=":443"; ma=86400
content-length: 76764
x-amz-id-2: gfP492956RjdqBotbU5g+afVhHV6mf7bxF/jCCSLJHHW7zqOObCvM5ljGE2LRm6A68t/ZqjziS0=
last-modified: Wed, 30 Jun 2021 15:41:36 GMT
server: cloudflare
etag: "f7307680c7fe85959f3ecf122493ea7d"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sw5udnHQbe%2FKVHlXREbFoTC%2FD%2Fk4dBcSk7mPW1NxssoorrIAmZQDzzQaAaLBclWqQa9lS80eZuc4YhUP9bgQHVHVxBgUpdRdqMyop6R3zjh9jtUYvI3W4am52AhrGtCvBMoM6NgYzIxgbD2ETPhebQ3m"}],"group":"cf-nel","max_age":604800}
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 815470ae0bd019af-FRA

GET
H2 200 Seal_of_the_United_States_Department_of_State-square.png
uploads.mwp.mprod.getusinfo.com/uploads/sites/40/2020/12/ 215 KB
216 KB 89ms
82ms Image
image/png 2600:9000:2240:1a00:6:d944:3c80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uploads.mwp.mprod.getusinfo.com/uploads/sites/40/2020/12/Seal_of_the_United_States_Department_of_State-square.png
Requested by: Host: gt.usembassy.gov
URL: https://gt.usembassy.gov/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:1a00:6:d944:3c80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 12d8b0c545d9418d5365070236bddab1f6a739ef8351a52e7c771e72ac77209b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gt.usembassy.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 13:09:09 GMT
x-amz-version-id: z9HFseNP1B4Wtzx6Rc8XedU82pGH2tvo
via: 1.1 cb0a9b0d01a1b0cc9278d9875ce23c92.cloudfront.net (CloudFront)
last-modified: Wed, 26 Jan 2022 03:28:07 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
age: 6444608
etag: "d18dbd17bb86892fd5bb5452522cc983"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 220022
x-amz-cf-id: -aNoBq6fhMofV6XExbdtkIWH5RlVi0M6DG2WbHUgAMQtfSUS-_f-xQ==

GET
H2 200 DCM-Ventrell-500x600-2.png
uploads.mwp.mprod.getusinfo.com/uploads/sites/40/2020/12/ 569 KB
570 KB 92ms
86ms Image
image/png 2600:9000:2240:1a00:6:d944:3c80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uploads.mwp.mprod.getusinfo.com/uploads/sites/40/2020/12/DCM-Ventrell-500x600-2.png
Requested by: Host: gt.usembassy.gov
URL: https://gt.usembassy.gov/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:1a00:6:d944:3c80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: edaac9900713a4661e0fbfcbdf11460f329e123076f0f196ab0b8eead959944e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gt.usembassy.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 22:23:28 GMT
x-amz-version-id: r90jbJ_.9UVGilM7EEvn.TzUVaHQdpZu
via: 1.1 cb0a9b0d01a1b0cc9278d9875ce23c92.cloudfront.net (CloudFront)
last-modified: Thu, 20 Jul 2023 15:29:15 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
age: 5979349
etag: "a9d0df086253a977c8fc08fec03cc4ae"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 583071
x-amz-cf-id: YL3Vynn4-piGFOVSMz63zhQuEvmhdP8ejamd2deZB0dFxCjfH3vqBQ==

GET
H2 200 DCM-Ventrell-300x300-1.png
uploads.mwp.mprod.getusinfo.com/uploads/sites/40/2020/12/ 119 KB
120 KB 98ms
91ms Image
image/png 2600:9000:2240:1a00:6:d944:3c80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uploads.mwp.mprod.getusinfo.com/uploads/sites/40/2020/12/DCM-Ventrell-300x300-1.png
Requested by: Host: gt.usembassy.gov
URL: https://gt.usembassy.gov/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:1a00:6:d944:3c80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b3d7eac6618a9bfa7093eba1f40bb5686c30484d2c6cc7b52625b6ec6465c285

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gt.usembassy.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 11:48:15 GMT
x-amz-version-id: wkXeVENo73Do4QOgMyfmdJY_5PjIHtl7
via: 1.1 cb0a9b0d01a1b0cc9278d9875ce23c92.cloudfront.net (CloudFront)
last-modified: Thu, 20 Jul 2023 15:29:45 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
age: 5671863
etag: "b228c561fe8383b4539fea584bde3622"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 122106
x-amz-cf-id: hBl9MDMnNxVDwOETAMNKahcPmx6raU6ZrPKA8akkRMqsoWjR_ZjP7g==

GET
H2 200 a5fe257d2b93.js Show response
w.usabilla.com/ Frame 8B0F 35 KB
11 KB 113ms
30ms Script
text/javascript 54.77.171.233
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://w.usabilla.com/a5fe257d2b93.js?lv=1
Requested by: Host: gt.usembassy.gov
URL: https://gt.usembassy.gov/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.171.233 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-171-233.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 9670d45ba8080d2c32b5f0bdbdf9abcb4f1093b0901ff906ed8d6a193d561479

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gt.usembassy.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Oct 2023 03:19:17 GMT
content-encoding: gzip
x-widget-server: 2.1
etag: "63e30320c17b014b0e6677424b743825"
content-type: text/javascript
cache-control: public,max-age=0
content-length: 10946

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v36/ 47 KB
48 KB 46ms
6ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=EB+Garamond:italic,bold,200,400,500,600,700%7COpen+Sans:italic,bold,200,400,500,600,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gt.usembassy.gov
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 18:16:19 GMT
x-content-type-options: nosniff
age: 32578
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48432
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 00:40:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 11 Oct 2024 18:16:19 GMT

GET
H2 200 SlGUmQSNjdsmc35JDF1K5GR1SDk.woff2
fonts.gstatic.com/s/ebgaramond/v27/ 40 KB
40 KB 57ms
18ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ebgaramond/v27/SlGUmQSNjdsmc35JDF1K5GR1SDk.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=EB+Garamond:italic,bold,200,400,500,600,700%7COpen+Sans:italic,bold,200,400,500,600,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d148d2914fa11fce730f994df8fd85a86144887930a13d43e4ad1be20ba6360f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gt.usembassy.gov
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 19:09:02 GMT
x-content-type-options: nosniff
age: 29415
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40776
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:27:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 11 Oct 2024 19:09:02 GMT

GET
H2 200 hispanics_stamps_skateboard_AP23082850522957-1-700x441.jpg
share.america.gov/wp-content/uploads/2023/10/ 97 KB
97 KB 106ms
18ms Image
image/jpeg 2600:9000:2057:dc00:a:248d:16c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://share.america.gov/wp-content/uploads/2023/10/hispanics_stamps_skateboard_AP23082850522957-1-700x441.jpg

Requested by

Host: gt.usembassy.gov
URL: https://gt.usembassy.gov/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:dc00:a:248d:16c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

03569249f023d48bdff1d8f3a797c597c8027456bdda37f4a65e7dd6db11fd18

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gt.usembassy.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 03:15:21 GMT
via: 1.1 78059242182c195ff7f26013772da09a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
last-modified: Tue, 03 Oct 2023 18:44:25 GMT
server: nginx
age: 236
x-amz-cf-pop: FRA6-C1
etag: "18338-606d447b02dd0"
x-frame-options: SAMEORIGIN
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 99128
x-amz-cf-id: tvcJsNr2xqj1CrXmCpP-tyxWIqNwIVjcld9xkv97DcCNyUM6ZOZjRw==

GET
H2 200 www-player.css
www.youtube.com/s/player/5279ebfe/ Frame D7D6 378 KB
48 KB 9ms
7ms Stylesheet
text/css 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/5279ebfe/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/1A_jEvB3JmU?feature=oembed&start=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92223235bd2c02fa3eae38898c1fb05886c7261be48bc661939babfc0c2c59bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/1A_jEvB3JmU?feature=oembed&start=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 01:09:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7787
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48960
x-xss-protection: 0
last-modified: Mon, 09 Oct 2023 01:51:20 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 12 Oct 2024 01:09:30 GMT

GET
H2 200 embed.js Show response
www.youtube.com/s/player/5279ebfe/player_ias.vflset/de_DE/ Frame D7D6 54 KB
17 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/5279ebfe/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/1A_jEvB3JmU?feature=oembed&start=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e246896268f64df82e2d476b0f5697525ff8f3dd9e2a424efe3fdb5086b21050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/1A_jEvB3JmU?feature=oembed&start=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 07:29:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 330583
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17030
x-xss-protection: 0
last-modified: Mon, 09 Oct 2023 01:51:20 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 08 Oct 2024 07:29:34 GMT

GET
H2 200 www-embed-player.js Show response
www.youtube.com/s/player/5279ebfe/www-embed-player.vflset/ Frame D7D6 317 KB
95 KB 11ms
11ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/5279ebfe/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/1A_jEvB3JmU?feature=oembed&start=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e37eef60c8569790974dc21de14333f21105cecae00e1926a7e282f099c8d89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/1A_jEvB3JmU?feature=oembed&start=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 01:30:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6549
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 97098
x-xss-protection: 0
last-modified: Mon, 09 Oct 2023 01:51:20 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 12 Oct 2024 01:30:08 GMT

GET
H2 200 base.js Show response
www.youtube.com/s/player/5279ebfe/player_ias.vflset/de_DE/ Frame D7D6 2 MB
786 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/5279ebfe/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/1A_jEvB3JmU?feature=oembed&start=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4f5980f339ecf49b7e034e5c2efe0fe4a3a7f49c8be1b788d4d000e1f519c8bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/1A_jEvB3JmU?feature=oembed&start=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 07:29:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 330583
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 804675
x-xss-protection: 0
last-modified: Mon, 09 Oct 2023 01:51:20 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 08 Oct 2024 07:29:34 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
210 B 18ms
17ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=256244372&t=pageview&_s=1&dl=https%3A%2F%2Fgt.usembassy.gov%2F&ul=en-us&de=UTF-8&dt=Homepage%20-%20U.S.%20Embassy%20in%20Guatemala&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1850640513&gjid=20499136&cid=1872795470.1697167158&tid=UA-30736178-71&_gid=715569131.1697167158&_r=1&_slc=1&z=513044220

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://gt.usembassy.gov/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 13 Oct 2023 03:19:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://gt.usembassy.gov
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
69 B 23ms
14ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=256244372&t=pageview&_s=1&dl=https%3A%2F%2Fgt.usembassy.gov%2F&ul=en-us&de=UTF-8&dt=Homepage%20-%20U.S.%20Embassy%20in%20Guatemala&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEDAAEABAAAAACAAI~&jid=1140197402&gjid=1622744168&cid=1872795470.1697167158&tid=UA-22995010-20&_gid=715569131.1697167158&_r=1&_slc=1&z=19720012

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://gt.usembassy.gov/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 13 Oct 2023 03:19:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://gt.usembassy.gov
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 19ms
16ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=256244372&t=pageview&_s=1&dl=https%3A%2F%2Fgt.usembassy.gov%2F&ul=en-us&de=UTF-8&dt=Homepage%20-%20U.S.%20Embassy%20in%20Guatemala&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEHAAEABAAAAACAAI~&jid=957493055&gjid=222505344&cid=1872795470.1697167158&tid=UA-22995010-20&_gid=715569131.1697167158&_r=1&z=1471942187

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://gt.usembassy.gov/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 13 Oct 2023 03:19:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://gt.usembassy.gov
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame D7D6 15 KB
15 KB 17ms
0ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/1A_jEvB3JmU?feature=oembed&start=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 02:58:03 GMT
x-content-type-options: nosniff
age: 519674
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 06 Oct 2024 02:58:03 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame D7D6 15 KB
15 KB 17ms
0ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/1A_jEvB3JmU?feature=oembed&start=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 18:06:30 GMT
x-content-type-options: nosniff
age: 33167
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 11 Oct 2024 18:06:30 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 230 KB
80 KB 46ms
31ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-CSLL4ZEK4L

Requested by

Host: dap.digitalgov.gov
URL: https://dap.digitalgov.gov/Universal-Federated-Analytics-Min.js?agency=DOS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c1f52d0c7bbe687d6ff4ea17b30e8933ad9128b734fc72111a4752f2f619aa6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gt.usembassy.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 03:19:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 82165
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 13 Oct 2023 03:19:17 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 271 KB
90 KB 38ms
33ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-S9NN0HV920&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PP5BNDR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c85d34f203361021f6f375787650507e7248a8210aaf6b9e198aaf8e834ac50e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gt.usembassy.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 03:19:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92034
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 13 Oct 2023 03:19:17 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 298 KB
93 KB 49ms
43ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-RH13VY8T2N&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PP5BNDR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5f19f0ebe463c696ee377579739337b5c03e694437022bdb16887ab121399af1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gt.usembassy.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 03:19:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 95618
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 13 Oct 2023 03:19:17 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 3 B
23 B 23ms
18ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=256244372&t=pageview&_s=1&dl=https%3A%2F%2Fgt.usembassy.gov%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Homepage%20-%20U.S.%20Embassy%20in%20Guatemala&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGHACUABBAAAACAAoC~&jid=873177149&gjid=470520885&cid=1872795470.1697167158&tid=UA-33523145-1&_gid=715569131.1697167158&_r=1&_slc=1&cd1=DOS&cd2=gt.usembassy.gov&cd3=20230920%20v6.8%20-%20Dual%20Tracking&cd4=unspecified%3Agt.usembassy.gov&cd5=unspecified%3Agt.usembassy.gov&cd6=https%3A%2F%2Fdap.digitalgov.gov%2FUniversal-Federated-Analytics-Min.js&cd7=https%3A&z=2026879618

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://gt.usembassy.gov/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 13 Oct 2023 03:19:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://gt.usembassy.gov
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 230 KB
80 KB 37ms
31ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-CSLL4ZEK4L&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PP5BNDR

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1749e6ee96ec4ad597c02396abb1e7535c6e6205a61444bae8dd2b7afaafb0ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gt.usembassy.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 03:19:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 82245
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 13 Oct 2023 03:19:17 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
350 B 61ms
21ms XHR
text/plain 2a00:1450:400c:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-30736178-71&cid=1872795470.1697167158&jid=1850640513&gjid=20499136&_gid=715569131.1697167158&_u=IEBAAEAAAAAAACAAI~&z=1505974637

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://gt.usembassy.gov/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 13 Oct 2023 03:19:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://gt.usembassy.gov
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
255 B 46ms
16ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-RH13VY8T2N&gtm=45je3ab0&_p=256244372&_gaz=1&cid=1872795470.1697167158&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1697167158&sct=1&seg=0&dl=https%3A%2F%2Fgt.usembassy.gov%2F&dt=Homepage%20-%20U.S.%20Embassy%20in%20Guatemala&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RH13VY8T2N
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gt.usembassy.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Oct 2023 03:19:18 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://gt.usembassy.gov
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
56 B 25ms
23ms Ping
text/plain 2a00:1450:400c:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-RH13VY8T2N&cid=1872795470.1697167158&gtm=45je3ab0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RH13VY8T2N
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c07::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gt.usembassy.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Oct 2023 03:19:18 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://gt.usembassy.gov
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
45 B 52ms
15ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-477NB7ZBEW&gtm=45je3ab0&_p=256244372&cid=1872795470.1697167158&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1697167158&sct=1&seg=0&dl=https%3A%2F%2Fgt.usembassy.gov%2F&dt=Homepage%20-%20U.S.%20Embassy%20in%20Guatemala&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RH13VY8T2N
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gt.usembassy.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Oct 2023 03:19:18 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://gt.usembassy.gov
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
255 B 47ms
14ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-TL9ZMCQW57&gtm=45je3ab0&_p=256244372&cid=1872795470.1697167158&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1697167158&sct=1&seg=0&dl=https%3A%2F%2Fgt.usembassy.gov%2F&dt=Homepage%20-%20U.S.%20Embassy%20in%20Guatemala&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RH13VY8T2N
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gt.usembassy.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Oct 2023 03:19:18 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://gt.usembassy.gov
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 51ms
19ms Image
image/gif 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-RH13VY8T2N&cid=1872795470.1697167158&gtm=45je3ab0&aip=1&z=1223400937

Requested by

Host: gt.usembassy.gov
URL: https://gt.usembassy.gov/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gt.usembassy.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Oct 2023 03:19:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
gt.usembassy.gov/wp-json/wp/v2/ 326 KB
10 KB 30ms
16ms XHR
application/json 2600:9000:223c:6e00:3:228f:7440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gt.usembassy.gov/wp-json/wp/v2/

Requested by

Host: gt.usembassy.gov
URL: https://gt.usembassy.gov/wp-includes/js/jquery/jquery.min.js?ver=3.7.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223c:6e00:3:228f:7440:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

50ecda5870ebe585e0643eb721fc578e636897fe959f444751ff1e4e60949146

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://gt.usembassy.gov/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 03:15:22 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
content-encoding: br
via: 1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
age: 236
x-amz-cf-pop: FRA56-P2
x-cache: Hit from cloudfront
server: nginx
x-frame-options: SAMEORIGIN
allow: GET
access-control-allow-methods: GET
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://travel.state.gov
access-control-expose-headers: X-WP-Total, X-WP-TotalPages, Link
cache-control: max-age=600
vary: Accept-Encoding
x-robots-tag: noindex
access-control-allow-headers: X-Requested-With, Content-Type, Origin, Authorization, Accept, Client-Security-Token, Accept-Encoding, Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
link: <https://gt.usembassy.gov/wp-json/>; rel="https://api.w.org/"
x-amz-cf-id: 1FUwfrus0XqajotmvEQdGnjHkkSlGu8Ol3v9AL7He9QiFPlpEhRaaQ==
expires: Fri, 13 Oct 2023 03:25:21 GMT

POST
H2 200 admin-ajax.php Show response
gt.usembassy.gov/wp-admin/ 711 B
1 KB 1410ms
1409ms XHR
text/html 2600:9000:223c:6e00:3:228f:7440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gt.usembassy.gov/wp-admin/admin-ajax.php

Requested by

Host: gt.usembassy.gov
URL: https://gt.usembassy.gov/wp-includes/js/jquery/jquery.min.js?ver=3.7.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223c:6e00:3:228f:7440:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

dff4972cc4c4df7ad413012b534136a7298944ccb75f33032a37be9cb0149523

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://gt.usembassy.gov/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Fri, 13 Oct 2023 03:19:19 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
via: 1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
x-cache: Miss from cloudfront
content-length: 711
referrer-policy: strict-origin-when-cross-origin
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://travel.state.gov, https://gt.usembassy.gov
cache-control: no-cache, must-revalidate, max-age=0, no-store
access-control-allow-credentials: true
x-robots-tag: noindex
access-control-allow-headers: X-Requested-With, Content-Type, Origin, Authorization, Accept, Client-Security-Token, Accept-Encoding
x-amz-cf-id: -2eP3F2pDoS-k4LvtNM6KRZW-51NqTZT0eQcyD2LMYeGWEZRhrqmPQ==
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 index.html Show response
answers-embed.covid19.state.gov.pagescdn.com/ Frame 907C 781 KB
176 KB 133ms
130ms Document
text/html 2606:4700::6811:1a54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://answers-embed.covid19.state.gov.pagescdn.com/index.html?referrerPageUrl=https://gt.usembassy.gov/

Requested by

Host: answers-embed.covid19.state.gov.pagescdn.com
URL: https://answers-embed.covid19.state.gov.pagescdn.com/overlay.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:1a54 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8b8f8974f647856e1b145a92d77b5337f6de9c669e1ef6bb1e2fa43f94b162f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://gt.usembassy.gov/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=0, s-maxage=7200, must-revalidate
cf-cache-status: HIT
cf-ray: 815470b28e063718-FRA
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Fri, 13 Oct 2023 03:19:18 GMT
etag: "ed2527a3ffe7a5fed8eedf5bdf97d505"-gzip
last-modified: Fri, 09 Jun 2023 16:46:26 GMT
owner: sitescog-12955
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
surrogate-key: answers-embed.covid19.state.gov answers-embed.covid19.state.gov%2Findex.html
vary: Accept-Encoding
x-amz-id-2: hdR6KnxCqfAWJiaEyIA1B+y4W0rn0vXyyfFlUE68/9x4Eiz8pEAtE56GA1tkQ1NIc1iiuRtYDaM=
x-amz-request-id: F8ER492BF63RKAHX
x-amz-server-side-encryption: AES256
x-amz-version-id: null
x-yext-site: us2
x-yext-subendpoint: static

GET
H2 200 overlay-button.html Show response
answers-embed.covid19.state.gov.pagescdn.com/ Frame 16E3 6 KB
2 KB 23ms
22ms Document
text/html 2606:4700::6811:1a54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://answers-embed.covid19.state.gov.pagescdn.com/overlay-button.html

Requested by

Host: answers-embed.covid19.state.gov.pagescdn.com
URL: https://answers-embed.covid19.state.gov.pagescdn.com/overlay.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:1a54 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dbe2e063e6461ff74638da263835733de879093102659936dcdb47b144eaed6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://gt.usembassy.gov/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 5251
alt-svc: h3=":443"; ma=86400
cache-control: max-age=0, s-maxage=7200, must-revalidate
cf-cache-status: HIT
cf-ray: 815470b28e073718-FRA
content-encoding: gzip
content-length: 1371
content-type: text/html; charset=utf-8
date: Fri, 13 Oct 2023 03:19:18 GMT
etag: "81ee44a5973ccf0ad3139aeb2f230a70"-gzip
last-modified: Fri, 09 Jun 2023 16:46:26 GMT
owner: sitescog-12955
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
surrogate-key: answers-embed.covid19.state.gov answers-embed.covid19.state.gov%2Foverlay-button.html
vary: Accept-Encoding
x-amz-id-2: gFLhf1GoJCzJQhtMf8zI+UnCY15O6TfoHySTvpaKvb1RcsKot6Fy0REvOg4LT5+tBlfbqdsfLQQ=
x-amz-request-id: ZTW6J4ZGK7MVDYRB
x-amz-server-side-encryption: AES256
x-amz-version-id: null
x-yext-site: us2
x-yext-subendpoint: static

GET
H2 200 wp-emoji-release.min.js Show response
gt.usembassy.gov/wp-includes/js/ 18 KB
19 KB 17ms
16ms Script
application/javascript 2600:9000:223c:6e00:3:228f:7440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gt.usembassy.gov/wp-includes/js/wp-emoji-release.min.js?ver=947f6f738d8ae398d758626f0d9c2ae3

Requested by

Host: gt.usembassy.gov
URL: https://gt.usembassy.gov/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223c:6e00:3:228f:7440:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gt.usembassy.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 03:15:21 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
via: 1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 237
x-amz-cf-pop: FRA56-P2
x-cache: Hit from cloudfront
last-modified: Tue, 29 Aug 2023 14:28:14 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: https://travel.state.gov
cache-control: max-age=691200
accept-ranges: bytes
access-control-allow-headers: X-Requested-With, Content-Type, Origin, Authorization, Accept, Client-Security-Token, Accept-Encoding
x-amz-cf-id: cEuVoRxyqDj1Uwa-EooGPivjQycgYOAeA3Pb4oTNab1itkhBznwdzA==
expires: Sat, 21 Oct 2023 03:15:21 GMT

GET
H2 200 loader.gif
gt.usembassy.gov/wp-content/plugins/osmapper/assets/images/ 11 KB
12 KB 15ms
15ms Image
image/gif 2600:9000:223c:6e00:3:228f:7440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gt.usembassy.gov/wp-content/plugins/osmapper/assets/images/loader.gif

Requested by

Host: gt.usembassy.gov
URL: https://gt.usembassy.gov/wp-content/plugins/osmapper/assets/css/ba_map_renderer.css?ver=2.1.5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223c:6e00:3:228f:7440:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

b98ebc2b23c8191d51fb37636f75a3c5086705d2b801ac2b41555029bac83584

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gt.usembassy.gov/wp-content/plugins/osmapper/assets/css/ba_map_renderer.css?ver=2.1.5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 07:18:17 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
via: 1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 417661
x-amz-cf-pop: FRA56-P2
x-cache: Hit from cloudfront
last-modified: Mon, 11 Sep 2023 20:48:38 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: https://travel.state.gov
cache-control: max-age=31536000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With, Content-Type, Origin, Authorization, Accept, Client-Security-Token, Accept-Encoding
x-amz-cf-id: AsLzBP3Pu-Atm6nGdyXH_ZVotP0dRTfRreRLvvGQKO8Z73KIHUGQ5A==
expires: Mon, 16 Oct 2023 07:18:17 GMT

GET
H3 200 ajax-loader.gif
cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/ 4 KB
5 KB 16ms
16ms Image
image/gif 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/ajax-loader.gif

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/slick-theme.min.css?ver=1696612542

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/slick-theme.min.css?ver=1696612542
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 03:19:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 20112337
x-jsd-version: 1.8.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4178
x-served-by: cache-fra-eddf8230118-FRA, cache-jnb7025-JNB
x-jsd-version-type: version
server: cloudflare
etag: W/"1052-ehqkNhQ5Y4K7FeX95XTZzc0haY8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HfwfqWR3xlZnd90Wo75c8%2FuFV6o6vogVT86Skkzgq0pFUccqyVhZhTVNiYgbfnCb4i67t15xa6ZYagDubK1fzJ%2FEZj%2BZ9%2F5Ey8Yqz4qBo1fO1NFNkO29XNz797Lmi8%2BcADFSnhLLmBMP%2F9zwwnU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 815470b32f5990e2-FRA

GET
H2 200 ISS_International_space_station_crew_iss067e274136-700x441.jpg
share.america.gov/wp-content/uploads/2023/09/ 134 KB
134 KB 17ms
17ms Image
image/jpeg 2600:9000:2057:dc00:a:248d:16c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://share.america.gov/wp-content/uploads/2023/09/ISS_International_space_station_crew_iss067e274136-700x441.jpg

Requested by

Host: gt.usembassy.gov
URL: https://gt.usembassy.gov/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:dc00:a:248d:16c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

986fd157b6e7fa840ffb2aabb54ce77a1a7da0ed6b446a8abe8b7f1779f50671

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gt.usembassy.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 03:15:21 GMT
via: 1.1 78059242182c195ff7f26013772da09a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
last-modified: Tue, 26 Sep 2023 16:47:07 GMT
server: nginx
age: 237
x-amz-cf-pop: FRA6-C1
etag: "2169e-60645d34a13e1"
x-frame-options: SAMEORIGIN
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 136862
x-amz-cf-id: HPT60avdHYVoMsKHLUs96Tnfm_VZoEQNYENnNiJe4EClGBUgolBqYg==

GET
H2 200 2021-TIP-Cover-FINAL-1-scaled-e1625160761827.webp
uploads.mwp.mprod.getusinfo.com/uploads/sites/40/2020/12/ 171 KB
171 KB 22ms
16ms Image
image/webp 2600:9000:2240:1a00:6:d944:3c80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uploads.mwp.mprod.getusinfo.com/uploads/sites/40/2020/12/2021-TIP-Cover-FINAL-1-scaled-e1625160761827.webp
Requested by: Host: gt.usembassy.gov
URL: https://gt.usembassy.gov/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:1a00:6:d944:3c80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 18d5fc4234444c4dbf0aa3b103cadd1dc8a226c92cd5a24dd5205f2be39a81b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gt.usembassy.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 13:00:26 GMT
x-amz-version-id: mVBSLnkYHq1OhesPsfYFQLfdlNrX8mo4
via: 1.1 cb0a9b0d01a1b0cc9278d9875ce23c92.cloudfront.net (CloudFront)
last-modified: Thu, 23 Dec 2021 16:04:31 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
age: 6617932
etag: "fbf0cedf4334122624b859ac8b59169c"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 174750
x-amz-cf-id: ki52b350h8a9hisrj7FQ2AYeAuJviIWxyfPtoKgmYvjUB9CaYVN6Gw==

GET
H2 200 Screen-Shot-2022-06-28-at-5.51.41-PM.png
uploads.mwp.mprod.getusinfo.com/uploads/sites/40/2022/06/ 145 KB
146 KB 22ms
16ms Image
image/png 2600:9000:2240:1a00:6:d944:3c80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uploads.mwp.mprod.getusinfo.com/uploads/sites/40/2022/06/Screen-Shot-2022-06-28-at-5.51.41-PM.png
Requested by: Host: gt.usembassy.gov
URL: https://gt.usembassy.gov/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:1a00:6:d944:3c80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 90f17d2b1bcf07b7589650fc779426d2cdcb4ad62af6fc156b2c7963a7d08410

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gt.usembassy.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 08:07:53 GMT
x-amz-version-id: IuHvvlFIg81HRaEgV9BYM2O9xsftrQmE
via: 1.1 cb0a9b0d01a1b0cc9278d9875ce23c92.cloudfront.net (CloudFront)
last-modified: Tue, 28 Jun 2022 23:56:08 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
age: 6894686
etag: "50ea96c603c6ff64e8501ca4d25b4104"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 148450
x-amz-cf-id: lmeqjdwlG3Y6FHoN_q7WBH8g3fgoMwxaxJze95H0_rAewcfupxGaHg==

GET
H2 200 IRFR-Report-Cover.jpeg
uploads.mwp.mprod.getusinfo.com/uploads/sites/40/2023/06/ 287 KB
287 KB 22ms
16ms Image
image/jpeg 2600:9000:2240:1a00:6:d944:3c80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uploads.mwp.mprod.getusinfo.com/uploads/sites/40/2023/06/IRFR-Report-Cover.jpeg
Requested by: Host: gt.usembassy.gov
URL: https://gt.usembassy.gov/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:1a00:6:d944:3c80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b8e368fc4d526e8918587b7d25894636fb6c7e82fe1dd6f4227ea398ffc479c5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gt.usembassy.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 01 Aug 2023 20:17:17 GMT
x-amz-version-id: xiS.6NnfHHrtE8CF6TbZrMA2qdNYt4OI
via: 1.1 cb0a9b0d01a1b0cc9278d9875ce23c92.cloudfront.net (CloudFront)
last-modified: Wed, 21 Jun 2023 22:20:12 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
age: 6246121
etag: "35afe70935dc173fbb2608d7de0cb693"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 293560
x-amz-cf-id: ZeyrgFi1AYY3Ou54K9ayzowN67UhLqcu8gcTnt5-rQu0pOaJ2vI6_Q==

GET
H2 200 WhatsApp-Image-2022-07-19-at-4.44.12-PM-2-2.jpeg
uploads.mwp.mprod.getusinfo.com/uploads/sites/40/2022/07/ 104 KB
104 KB 22ms
16ms Image
image/jpeg 2600:9000:2240:1a00:6:d944:3c80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uploads.mwp.mprod.getusinfo.com/uploads/sites/40/2022/07/WhatsApp-Image-2022-07-19-at-4.44.12-PM-2-2.jpeg
Requested by: Host: gt.usembassy.gov
URL: https://gt.usembassy.gov/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:1a00:6:d944:3c80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1038a6cf48253f67f263e5b6135ca8f7a8de74bc0e165296ab04f1c177b2b24f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gt.usembassy.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 10:08:05 GMT
x-amz-version-id: QocCGYFCf35giFtYMiBZA0y3JxgXZRny
via: 1.1 cb0a9b0d01a1b0cc9278d9875ce23c92.cloudfront.net (CloudFront)
last-modified: Wed, 20 Jul 2022 00:00:52 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
age: 3345074
etag: "3901afc9fce36fe38d08c88744cea774"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 106403
x-amz-cf-id: IvESs1OlEDr23VaYnmhuVpBQGUHUkLuhjUrmrgX2kfd3JjdbdAhGzg==

GET
H2 200 New-Project.png
uploads.mwp.mprod.getusinfo.com/uploads/sites/40/2023/07/ 230 KB
231 KB 54ms
48ms Image
image/png 2600:9000:2240:1a00:6:d944:3c80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uploads.mwp.mprod.getusinfo.com/uploads/sites/40/2023/07/New-Project.png
Requested by: Host: gt.usembassy.gov
URL: https://gt.usembassy.gov/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:1a00:6:d944:3c80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2a43bf825796fd6f024966054ef4e53793a505d4fdde4ec0ea83cd59b3b72d36

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gt.usembassy.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 20:01:53 GMT
x-amz-version-id: OYQlv0Whbxaa5fOI4xqlqR734UhuK.Es
via: 1.1 cb0a9b0d01a1b0cc9278d9875ce23c92.cloudfront.net (CloudFront)
last-modified: Wed, 12 Jul 2023 18:14:06 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
age: 7975046
etag: "580c312babf2f7f0def71d10cf6ded85"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 235829
x-amz-cf-id: dT2jMgEsSMlN8o23yWIoUHa9sRRSBwOFjh4bcyl3neTI7ANieagDDg==

GET
H2 200 HUMAN-RIGHTS-REPORT.png
uploads.mwp.mprod.getusinfo.com/uploads/sites/40/2023/03/ 107 KB
107 KB 37ms
32ms Image
image/png 2600:9000:2240:1a00:6:d944:3c80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uploads.mwp.mprod.getusinfo.com/uploads/sites/40/2023/03/HUMAN-RIGHTS-REPORT.png
Requested by: Host: gt.usembassy.gov
URL: https://gt.usembassy.gov/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:1a00:6:d944:3c80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d7632e98a95e126e3bbd823b5467e9d8746ff3c3f2c1f05983d639ef91de5f69

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gt.usembassy.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 21:11:20 GMT
x-amz-version-id: ofruXYz1ghVJXqfAeMHgd2excBX59Q9I
via: 1.1 cb0a9b0d01a1b0cc9278d9875ce23c92.cloudfront.net (CloudFront)
last-modified: Tue, 21 Mar 2023 17:33:54 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
age: 17734079
etag: "2db5536ca696e17e8ed748afc22f9e54"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 109455
x-amz-cf-id: yoXWZ_hmi7H5fo9dkFiMJCkYniPKKfeM0jGTy3JgaN6Lfq0cMfOZ8w==

GET
H2 200 Screen-Shot-2022-08-12-at-12.40.15-PM.png
uploads.mwp.mprod.getusinfo.com/uploads/sites/40/2022/08/ 1 MB
1 MB 54ms
49ms Image
image/png 2600:9000:2240:1a00:6:d944:3c80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uploads.mwp.mprod.getusinfo.com/uploads/sites/40/2022/08/Screen-Shot-2022-08-12-at-12.40.15-PM.png
Requested by: Host: gt.usembassy.gov
URL: https://gt.usembassy.gov/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:1a00:6:d944:3c80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f119342c30c6bbb02d1d0d3c322722109a40808419ad15c2b1d0bca3a4e8565f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gt.usembassy.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 10:08:04 GMT
x-amz-version-id: WnE8Tk3X4iy8pMDYVzMIXJgqBDOOEVpH
via: 1.1 cb0a9b0d01a1b0cc9278d9875ce23c92.cloudfront.net (CloudFront)
last-modified: Fri, 12 Aug 2022 18:42:37 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
age: 3345074
etag: "2c922614f768194b31dee262e4de2da1"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 1567024
x-amz-cf-id: QsmnEHoXf9vGl_XTGxte5gh0mYJbR-STDGrSsWnQYdyUqqUfHXNbjg==

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 35ms
34ms XHR
text/plain 2a00:1450:400c:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-22995010-20&cid=1872795470.1697167158&jid=1140197402&gjid=1622744168&_gid=715569131.1697167158&_u=IEDAAEABAAAAACAAI~&z=758742301

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c07::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://gt.usembassy.gov/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 13 Oct 2023 03:19:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://gt.usembassy.gov
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 38ms
37ms XHR
text/plain 2a00:1450:400c:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-22995010-20&cid=1872795470.1697167158&jid=957493055&gjid=222505344&_gid=715569131.1697167158&_u=IEHAAEABAAAAACAAI~&z=1314405875

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c07::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://gt.usembassy.gov/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 13 Oct 2023 03:19:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://gt.usembassy.gov
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 overlay-button.js Show response
answers-embed.covid19.state.gov.pagescdn.com/ Frame 16E3 31 KB
13 KB 30ms
29ms Script
text/javascript 2606:4700::6811:1a54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://answers-embed.covid19.state.gov.pagescdn.com/overlay-button.js

Requested by

Host: answers-embed.covid19.state.gov.pagescdn.com
URL: https://answers-embed.covid19.state.gov.pagescdn.com/overlay-button.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:1a54 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a06492aaf1b7f2e082d88422e773d0154d0c7bd812db4d57e3d9af067a4d64fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://answers-embed.covid19.state.gov.pagescdn.com/overlay-button.html
Origin: https://answers-embed.covid19.state.gov.pagescdn.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 03:19:18 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
x-amz-version-id: null
x-amz-request-id: ZTW27KEXB9EHJN1A
age: 5862
x-amz-server-side-encryption: AES256
x-yext-subendpoint: static
alt-svc: h3=":443"; ma=86400
x-amz-id-2: m9T3Vs0MH3Gv0Y7ig4HBWKmNL7dfrVFKK5uJk8HGNMw4J1uswmDWwS1cGBtMg9rtcJ6LVXMdpsw=
surrogate-key: answers-embed.covid19.state.gov answers-embed.covid19.state.gov%2Foverlay-button.js
last-modified: Fri, 09 Jun 2023 16:46:26 GMT
server: cloudflare
etag: "a8d374a99017d430c508b501370d7bd6"-gzip
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
x-yext-site: us2
cache-control: max-age=0, s-maxage=7200, must-revalidate
cf-ray: 815470b3efaf361e-FRA
owner: sitescog-12955

GET
H3 200 overlay-button.css
answers-embed.covid19.state.gov.pagescdn.com/ Frame 16E3 15 KB
3 KB 35ms
35ms Stylesheet
text/css 2606:4700::6811:1a54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://answers-embed.covid19.state.gov.pagescdn.com/overlay-button.css

Requested by

Host: answers-embed.covid19.state.gov.pagescdn.com
URL: https://answers-embed.covid19.state.gov.pagescdn.com/overlay-button.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:1a54 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

75b51e8aa62321ba8c66b6e93ebd571cb80b46101446d1aab62de95f0f124dc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://answers-embed.covid19.state.gov.pagescdn.com/overlay-button.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 03:19:18 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
x-amz-version-id: null
x-amz-request-id: ZTWA9P3SEFCD5YT0
age: 5862
x-amz-server-side-encryption: AES256
x-yext-subendpoint: static
alt-svc: h3=":443"; ma=86400
x-amz-id-2: fP0XRJaO7sFc0UM24mIz3gG1bIu4Z22GkO8YK43/kxYXffstlX6Wop4W3X0EVWT1IGkE6R1aI24=
surrogate-key: answers-embed.covid19.state.gov answers-embed.covid19.state.gov%2Foverlay-button.css
last-modified: Fri, 09 Jun 2023 16:46:26 GMT
server: cloudflare
etag: "fb5bd8fc2c7133e5ff456393f6d4df0c"-gzip
vary: Accept-Encoding
content-type: text/css; charset=utf-8
x-yext-site: us2
cache-control: max-age=0, s-maxage=7200, must-revalidate
cf-ray: 815470b3ffb2361e-FRA
owner: sitescog-12955

GET
H2 200 iframeResizer.contentWindow.min.js Show response
cdnjs.cloudflare.com/ajax/libs/iframe-resizer/4.2.10/ Frame 16E3 13 KB
5 KB 62ms
23ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/iframe-resizer/4.2.10/iframeResizer.contentWindow.min.js

Requested by

Host: answers-embed.covid19.state.gov.pagescdn.com
URL: https://answers-embed.covid19.state.gov.pagescdn.com/overlay-button.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d4a1916cb402e1fba4eed335fb19c68c23a283554f749c23e75dc90ca79bb80f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://answers-embed.covid19.state.gov.pagescdn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 03:19:18 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 17563844
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4395
last-modified: Mon, 04 May 2020 16:11:11 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e9f-348e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rstuI9eNKOgVxIhyndfaofaVC%2BIKrcubPRK4MLzNRv%2FyvkKe8PDyl%2FY6gobPz3qboC84kssUzPGHsyvw46rkomiBK6XHZEBPrcuooRv4IL%2BdEOMeSilmmfWj%2F4lD7ZUy2eIuY3XkFoc%2BCoRoioGyRZX0"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 815470b42dd639c2-FRA
expires: Wed, 02 Oct 2024 03:19:18 GMT

GET
H3 200 source-sans-pro-v14-latin-300.woff
answers-embed.covid19.state.gov.pagescdn.com/ Frame 907C 20 KB
20 KB 41ms
34ms Font
font/woff 2606:4700::6811:1a54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://answers-embed.covid19.state.gov.pagescdn.com/source-sans-pro-v14-latin-300.woff

Requested by

Host: answers-embed.covid19.state.gov.pagescdn.com
URL: https://answers-embed.covid19.state.gov.pagescdn.com/index.html?referrerPageUrl=https://gt.usembassy.gov/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:1a54 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4c24262a87fdf021d377bf7e4d6c08ce81a1862e774facca70713391a4cd3bc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://answers-embed.covid19.state.gov.pagescdn.com/index.html?referrerPageUrl=https://gt.usembassy.gov/
Origin: https://answers-embed.covid19.state.gov.pagescdn.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 03:19:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-version-id: null
cf-cache-status: HIT
x-amz-request-id: F8EJE670WG8D4H2B
age: 4737
x-amz-server-side-encryption: AES256
x-yext-subendpoint: static
alt-svc: h3=":443"; ma=86400
content-length: 20204
x-amz-id-2: 8ClONvMVpKAHYXMUy3InbAw6urwgCPoJ7uDmQaGf4Z86DVEEVxUqmv4GmwSOlbl+M3Xq802m2TQ=
surrogate-key: answers-embed.covid19.state.gov answers-embed.covid19.state.gov%2Fsource-sans-pro-v14-latin-300.woff
last-modified: Fri, 09 Jun 2023 16:46:26 GMT
server: cloudflare
etag: "a5002963b0570a073e28156403c78670"-gzip
vary: Accept-Encoding
content-type: font/woff
x-yext-site: us2
cache-control: max-age=0, s-maxage=7200, must-revalidate
accept-ranges: bytes
cf-ray: 815470b42fd9361e-FRA
owner: sitescog-12955

GET
H3 200 source-sans-pro-v14-latin-600.woff
answers-embed.covid19.state.gov.pagescdn.com/ Frame 907C 20 KB
20 KB 27ms
21ms Font
font/woff 2606:4700::6811:1a54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://answers-embed.covid19.state.gov.pagescdn.com/source-sans-pro-v14-latin-600.woff

Requested by

Host: answers-embed.covid19.state.gov.pagescdn.com
URL: https://answers-embed.covid19.state.gov.pagescdn.com/index.html?referrerPageUrl=https://gt.usembassy.gov/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:1a54 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c08efa91781865d1a2e9fcb030f8ac55c2d8eadbf8822c2ea251556333f99d9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://answers-embed.covid19.state.gov.pagescdn.com/index.html?referrerPageUrl=https://gt.usembassy.gov/
Origin: https://answers-embed.covid19.state.gov.pagescdn.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 03:19:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-version-id: null
cf-cache-status: HIT
x-amz-request-id: F8ETZB3NK6CJHDDV
age: 4737
x-amz-server-side-encryption: AES256
x-yext-subendpoint: static
alt-svc: h3=":443"; ma=86400
content-length: 20096
x-amz-id-2: KF2GtpRQzga5myeT5z3d54B4yetXR6ggDm/CZw7ii7zqytHokahKehX3czFnXOt83hlJbQbBLxI=
surrogate-key: answers-embed.covid19.state.gov answers-embed.covid19.state.gov%2Fsource-sans-pro-v14-latin-600.woff
last-modified: Fri, 09 Jun 2023 16:46:26 GMT
server: cloudflare
etag: "a75563d7b9e5b1db163971b9a2e66216"-gzip
vary: Accept-Encoding
content-type: font/woff
x-yext-site: us2
cache-control: max-age=0, s-maxage=7200, must-revalidate
accept-ranges: bytes
cf-ray: 815470b42fda361e-FRA
owner: sitescog-12955

GET
H3 200 source-sans-pro-v14-latin-700.woff
answers-embed.covid19.state.gov.pagescdn.com/ Frame 907C 19 KB
20 KB 26ms
19ms Font
font/woff 2606:4700::6811:1a54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://answers-embed.covid19.state.gov.pagescdn.com/source-sans-pro-v14-latin-700.woff

Requested by

Host: answers-embed.covid19.state.gov.pagescdn.com
URL: https://answers-embed.covid19.state.gov.pagescdn.com/index.html?referrerPageUrl=https://gt.usembassy.gov/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:1a54 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d8dd0de638293eb62dba15a6e410fb0af9a5b36c35df226237b1b609d573c63e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://answers-embed.covid19.state.gov.pagescdn.com/index.html?referrerPageUrl=https://gt.usembassy.gov/
Origin: https://answers-embed.covid19.state.gov.pagescdn.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 03:19:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-version-id: null
cf-cache-status: HIT
x-amz-request-id: F8EJC1CBXJ92F61V
age: 4737
x-amz-server-side-encryption: AES256
x-yext-subendpoint: static
alt-svc: h3=":443"; ma=86400
content-length: 19896
x-amz-id-2: YVsZoZr6ZG4szWHPNJdwfxiOaUs3dGk9rpuNTYlzi3zaY0AtZ4H1GYM/6k7PyO3EEcTQXpDDnDLk2fR2swRlYg==
surrogate-key: answers-embed.covid19.state.gov answers-embed.covid19.state.gov%2Fsource-sans-pro-v14-latin-700.woff
last-modified: Fri, 09 Jun 2023 16:46:26 GMT
server: cloudflare
etag: "b03f2ec28f8e60e61974dd8c57610e5b"-gzip
vary: Accept-Encoding
content-type: font/woff
x-yext-site: jp2
cache-control: max-age=0, s-maxage=7200, must-revalidate
accept-ranges: bytes
cf-ray: 815470b42fdc361e-FRA
owner: sitescog-12955

GET
H3 200 source-sans-pro-v14-latin-regular.woff
answers-embed.covid19.state.gov.pagescdn.com/ Frame 907C 20 KB
20 KB 42ms
35ms Font
font/woff 2606:4700::6811:1a54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://answers-embed.covid19.state.gov.pagescdn.com/source-sans-pro-v14-latin-regular.woff

Requested by

Host: answers-embed.covid19.state.gov.pagescdn.com
URL: https://answers-embed.covid19.state.gov.pagescdn.com/index.html?referrerPageUrl=https://gt.usembassy.gov/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:1a54 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

38399efe707a8ffc12359a0086e7340315b42194a10fd2e1d1288be12da9e39c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://answers-embed.covid19.state.gov.pagescdn.com/index.html?referrerPageUrl=https://gt.usembassy.gov/
Origin: https://answers-embed.covid19.state.gov.pagescdn.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 03:19:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-version-id: null
cf-cache-status: HIT
x-amz-request-id: F8EKRKHD23AZ6R2N
age: 4737
x-amz-server-side-encryption: AES256
x-yext-subendpoint: static
alt-svc: h3=":443"; ma=86400
content-length: 20180
x-amz-id-2: BBtQMd9UZMSj0s19qDwjcSjb1XOwh0KcsGnuldgMuAA0iw1V4CFh5QFTqLUMFekCK2DqIm2WK30=
surrogate-key: answers-embed.covid19.state.gov answers-embed.covid19.state.gov%2Fsource-sans-pro-v14-latin-regular.woff
last-modified: Fri, 09 Jun 2023 16:46:26 GMT
server: cloudflare
etag: "5cc3aae674ea3b199313b3b83bd795bc"-gzip
vary: Accept-Encoding
content-type: font/woff
x-yext-site: jp2
cache-control: max-age=0, s-maxage=7200, must-revalidate
accept-ranges: bytes
cf-ray: 815470b42fde361e-FRA
owner: sitescog-12955

GET
H2 200 ytag.min.js Show response
assets.sitescdn.net/ytag/ Frame 907C 4 KB
2 KB 84ms
15ms Script
application/javascript 2606:4700::6811:1654
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.sitescdn.net/ytag/ytag.min.js
Requested by: Host: answers-embed.covid19.state.gov.pagescdn.com
URL: https://answers-embed.covid19.state.gov.pagescdn.com/index.html?referrerPageUrl=https://gt.usembassy.gov/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:1654 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 578586db01cc3008d2795d52508fadeaf3862d9aec9dbf0b68879af30aea25d9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://answers-embed.covid19.state.gov.pagescdn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 03:19:18 GMT
x-amz-version-id: sFmziQXksAWyvbTTS5SyCmpY8RVDyjlr
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 28 Oct 2022 14:27:40 GMT
server: cloudflare
x-amz-request-id: NF2HQCNMG11F44B6
age: 5310
etag: W/"7a8859ae57f66afb58af007f8ffb38f8"
vary: Accept-Encoding
content-type: application/javascript
cf-ray: 815470b48f0d0858-FRA
alt-svc: h3=":443"; ma=86400
x-amz-id-2: k7f863nH/uXMqhXHsIRioq3TjaJ8XnYGXnU68HOE63PyR+m235+s5glH9XnFJGkeB3C3ZG6lRm8=

GET
H2 200 iframeResizer.contentWindow.min.js Show response
cdnjs.cloudflare.com/ajax/libs/iframe-resizer/4.2.10/ Frame 907C 13 KB
5 KB 34ms
24ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/iframe-resizer/4.2.10/iframeResizer.contentWindow.min.js

Requested by

Host: answers-embed.covid19.state.gov.pagescdn.com
URL: https://answers-embed.covid19.state.gov.pagescdn.com/index.html?referrerPageUrl=https://gt.usembassy.gov/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d4a1916cb402e1fba4eed335fb19c68c23a283554f749c23e75dc90ca79bb80f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://answers-embed.covid19.state.gov.pagescdn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 03:19:18 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 17563844
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4395
last-modified: Mon, 04 May 2020 16:11:11 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e9f-348e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RVHuTV175oMcbfdAtFBIJChTrFl0pV4XsYjGvwXvtin4SdD92KTkJxt%2B5ju74K2Rmz7RZPyKg8a7nf33zjb%2B41wwm7lDikleYpqffqsQJR4NU%2FJPDNDffFCLscwQNr96LzGmmQeUPw4pwurGsBnqZj3O"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 815470b42dd839c2-FRA
expires: Wed, 02 Oct 2024 03:19:18 GMT

GET
H2 200 answers.css
assets.sitescdn.net/answers/v1.15/ Frame 907C 103 KB
13 KB 88ms
19ms Stylesheet
text/css 2606:4700::6811:1654
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.sitescdn.net/answers/v1.15/answers.css
Requested by: Host: answers-embed.covid19.state.gov.pagescdn.com
URL: https://answers-embed.covid19.state.gov.pagescdn.com/index.html?referrerPageUrl=https://gt.usembassy.gov/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:1654 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 403ec99441cacff48156ea95969e9eb61fa80cdc67019f65b5f51fa903ad752f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://answers-embed.covid19.state.gov.pagescdn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 03:19:18 GMT
x-amz-version-id: GkcB4E9HzZeJZ5NV1gQ_8tGJtwi6oG9S
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 24 Apr 2023 16:25:16 GMT
server: cloudflare
x-amz-request-id: NF2RZVNWC067RVNP
age: 14331
etag: W/"59c959159bd9c9dee3f1e9490d9940fc"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=43200
cf-ray: 815470b48f0c0858-FRA
alt-svc: h3=":443"; ma=86400
x-amz-id-2: Eg1Y3T0Zwso/mOBmFdCew5UmMiENz33dY3fZrIhN2Bmtux6bfqXnUkgZE8w2EGlFIt12fNmBF4E=

GET
H2 200 answerstemplates.compiled.min.js Show response
assets.sitescdn.net/answers/v1.15/ Frame 907C 340 KB
69 KB 20ms
19ms Script
text/javascript 2606:4700::6811:1654
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.sitescdn.net/answers/v1.15/answerstemplates.compiled.min.js
Requested by: Host: answers-embed.covid19.state.gov.pagescdn.com
URL: https://answers-embed.covid19.state.gov.pagescdn.com/index.html?referrerPageUrl=https://gt.usembassy.gov/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:1654 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 06aabdd1e3593a83abf80ce7ca548b00898f61c93e116450094927d6c61e3150

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://answers-embed.covid19.state.gov.pagescdn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 03:19:18 GMT
x-amz-version-id: DsVbYknFvOlVv78NJm59HYDyf7tWEPc7
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 24 Apr 2023 16:25:16 GMT
server: cloudflare
x-amz-request-id: FYZASC3BR3GHX7EZ
age: 2912
etag: W/"5fec3a5dea01e9c65489172f91ced7d8"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=43200
cf-ray: 815470b738620858-FRA
alt-svc: h3=":443"; ma=86400
x-amz-id-2: M3wdQ3ykcz0pgbGo/vBUDGLPzYdP9FwxlqaSwvIdnHyDVcGNDRX9rXA9xHgHi7m+yh8OrwiHuxA=

GET
H2 200 answers-modern.min.js Show response
assets.sitescdn.net/answers/v1.15/ Frame 907C 593 KB
154 KB 87ms
18ms Script
text/javascript 2606:4700::6811:1654
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.sitescdn.net/answers/v1.15/answers-modern.min.js
Requested by: Host: answers-embed.covid19.state.gov.pagescdn.com
URL: https://answers-embed.covid19.state.gov.pagescdn.com/index.html?referrerPageUrl=https://gt.usembassy.gov/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:1654 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2174531636abe76abf27de643659e1bca74a78b75de58cf0687c0b415220662c

Request headers

Referer: https://answers-embed.covid19.state.gov.pagescdn.com/
Origin: https://answers-embed.covid19.state.gov.pagescdn.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 03:19:18 GMT
x-amz-version-id: HDJPZKr.Ry0kMN_kAehkWLgmMeL5HIiY
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: EXFNRTTVHQYRR3WG
age: 28563
alt-svc: h3=":443"; ma=86400
x-amz-id-2: EtyRgjuc0shrKbUuvpQgWZiKmxookHsWQTSdTT9ff+VuUsD3fgJzDsQO79qDrV/WecpSvWixusU=
last-modified: Mon, 24 Apr 2023 16:25:15 GMT
server: cloudflare
etag: W/"193b16491ebc58f2ce6d0f81e2c1bdcf"
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
access-control-allow-origin: *
content-type: text/javascript
cache-control: max-age=43200
cf-ray: 815470b48cc9bbcb-FRA

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 52ms
17ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-30736178-71&cid=1872795470.1697167158&jid=1850640513&_u=IEBAAEAAAAAAACAAI~&z=392585631

Requested by

Host: gt.usembassy.gov
URL: https://gt.usembassy.gov/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gt.usembassy.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Oct 2023 03:19:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 26ms
22ms Image
image/gif 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-30736178-71&cid=1872795470.1697167158&jid=1850640513&_u=IEBAAEAAAAAAACAAI~&z=392585631

Requested by

Host: gt.usembassy.gov
URL: https://gt.usembassy.gov/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gt.usembassy.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Oct 2023 03:19:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 21ms
20ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-22995010-20&cid=1872795470.1697167158&jid=1140197402&_u=IEDAAEABAAAAACAAI~&z=193814668

Requested by

Host: gt.usembassy.gov
URL: https://gt.usembassy.gov/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gt.usembassy.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Oct 2023 03:19:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 21ms
20ms Image
image/gif 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-22995010-20&cid=1872795470.1697167158&jid=1140197402&_u=IEDAAEABAAAAACAAI~&z=193814668

Requested by

Host: gt.usembassy.gov
URL: https://gt.usembassy.gov/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gt.usembassy.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Oct 2023 03:19:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame D7D6
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
242 B

16ms
15ms

XHR
application/json

2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/1A_jEvB3JmU?feature=oembed&start=0

Protocol

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

721b049c5eb3f6935d49b4810ba663600c74e9e9b61de5d8482f9fc435681b64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 03:19:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 13 Oct 2023 03:19:18 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame D7D6 29 B
494 B 56ms
11ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/5279ebfe/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 03:15:32 GMT
x-content-type-options: nosniff
age: 226
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 13 Oct 2023 03:30:32 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 15ms
14ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-S9NN0HV920&gtm=45je3ab0&_p=256244372&_gaz=1&cid=1872795470.1697167158&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1697167158&sct=1&seg=0&dl=https%3A%2F%2Fgt.usembassy.gov%2F&dt=Homepage%20-%20U.S.%20Embassy%20in%20Guatemala&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-S9NN0HV920&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gt.usembassy.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Oct 2023 03:19:18 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://gt.usembassy.gov
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
stats.g.doubleclick.net/g/ 0
17 B 27ms
26ms Ping
text/plain 2a00:1450:400c:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-S9NN0HV920&cid=1872795470.1697167158&gtm=45je3ab0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-S9NN0HV920&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400c:c07::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gt.usembassy.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Oct 2023 03:19:18 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://gt.usembassy.gov
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 25ms
25ms Image
image/gif 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-S9NN0HV920&cid=1872795470.1697167158&gtm=45je3ab0&aip=1&z=492967632

Requested by

Host: gt.usembassy.gov
URL: https://gt.usembassy.gov/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gt.usembassy.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Oct 2023 03:19:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 20ms
17ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-22995010-20&cid=1872795470.1697167158&jid=957493055&_u=IEHAAEABAAAAACAAI~&z=726837712

Requested by

Host: gt.usembassy.gov
URL: https://gt.usembassy.gov/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gt.usembassy.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Oct 2023 03:19:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 22ms
20ms Image
image/gif 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-22995010-20&cid=1872795470.1697167158&jid=957493055&_u=IEHAAEABAAAAACAAI~&z=726837712

Requested by

Host: gt.usembassy.gov
URL: https://gt.usembassy.gov/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gt.usembassy.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Oct 2023 03:19:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 15ms
15ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-CSLL4ZEK4L&gtm=45je3ab0&_p=256244372&ir=0&cid=1872795470.1697167158&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&dl=https%3A%2F%2Fgt.usembassy.gov%2F&sid=1697167158&sct=1&seg=0&dt=Homepage%20-%20U.S.%20Embassy%20in%20Guatemala&en=page_view&_fv=1&_ss=1&_ee=1&ep.agency=DOS&ep.subagency=GT.USEMBASSY.GOV&ep.site_topic=unspecified%3Agt.usembassy.gov&ep.site_platform=unspecified%3Agt.usembassy.gov&ep.script_source=https%3A%2F%2Fdap.digitalgov.gov%2Funiversal-federated-analytics-min.js&ep.version=20230920%20v6.8%20-%20dual%20tracking&ep.protocol=https%3A
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CSLL4ZEK4L
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gt.usembassy.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Oct 2023 03:19:18 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://gt.usembassy.gov
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 269ms
15ms Preflight
text/html 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Fri, 13 Oct 2023 03:19:18 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame D7D6 68 KB
31 KB 20ms
19ms XHR
application/json+protobuf 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/5279ebfe/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c94bd810a6243e2840f3cc568c7a0e5bd22d86daa71356e1c8fafb109456fc52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Fri, 13 Oct 2023 03:19:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31746
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/5279ebfe/player_ias.vflset/de_DE/ Frame D7D6 116 KB
33 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/5279ebfe/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/5279ebfe/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a917be15f33caca7feb38eb3568d482941ca594a08add89b9dc08c61ca0b7297

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/1A_jEvB3JmU?feature=oembed&start=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 07:29:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 330583
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33693
x-xss-protection: 0
last-modified: Mon, 09 Oct 2023 01:51:20 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 08 Oct 2024 07:29:35 GMT

GET
H3 200 tN1enqu6RJ1U6ue374tm5QKBTitrA3t700Hvd2dfLPU.js Show response
www.google.com/js/th/ Frame D7D6 37 KB
14 KB 11ms
11ms Script
text/javascript 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/tN1enqu6RJ1U6ue374tm5QKBTitrA3t700Hvd2dfLPU.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/5279ebfe/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b4dd5e9eabba449d54eae7b7ef8b66e502814e2b6b037b7bd341ef77675f2cf5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 20:05:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26001
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14647
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 13:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 11 Oct 2024 20:05:57 GMT

GET
H2 200 sddefault.webp
i.ytimg.com/vi_webp/1A_jEvB3JmU/ Frame D7D6 7 KB
7 KB 237ms
19ms Image
image/webp 2a00:1450:4001:829::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/1A_jEvB3JmU/sddefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/1A_jEvB3JmU?feature=oembed&start=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

363e1fffdc26686a17e408a3192dee7c8d0461aefff22ae9ea5e99cb50ba213b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 03:19:18 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6864
x-xss-protection: 0
server: sffe
etag: "1674755526"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 13 Oct 2023 05:19:18 GMT

GET
DATA 200
OK truncated
/ Frame D7D6 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 APkrFKYIzdCx6Yv6vdeZhVcEbDIEw6OB91FA3quMW-rdXw=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame D7D6 4 KB
4 KB 45ms
7ms Image
image/jpeg 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/APkrFKYIzdCx6Yv6vdeZhVcEbDIEw6OB91FA3quMW-rdXw=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/1A_jEvB3JmU?feature=oembed&start=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9360a1e5d6d88c97729d3ec48a36c051218273a689245eb91e032d4eb60d254a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 02:04:51 GMT
x-content-type-options: nosniff
age: 4467
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3844
x-xss-protection: 0
server: fife
etag: "vde1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 14 Oct 2023 02:04:51 GMT

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 18ms
18ms Preflight
text/html 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Fri, 13 Oct 2023 03:19:19 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame D7D6 90 B
134 B 19ms
19ms XHR
application/json+protobuf 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/5279ebfe/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

050bd7f2f4cf11334cbd7b53d6b881ee4a2a5641075ca2f0111ab0d9d9ae3ae3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Fri, 13 Oct 2023 03:19:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110
x-xss-protection: 0

GET
H2 200 autocomplete Show response
liveapi.yext.com/v2/accounts/me/answers/ Frame 907C 685 B
878 B 228ms
156ms Fetch
application/json 2606:4700::6811:45f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://liveapi.yext.com/v2/accounts/me/answers/autocomplete?v=20190101&api_key=505b20bfe024d820138df5b38458b894&jsLibVersion=v0.12.1&input=&experienceKey=state_department_config&version=PRODUCTION&locale=en

Requested by

Host: answers-embed.covid19.state.gov.pagescdn.com
URL: https://answers-embed.covid19.state.gov.pagescdn.com/index.html?referrerPageUrl=https://gt.usembassy.gov/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:45f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4d15a83b2d14d0c9ee9698efc2d97ab269e4a5e385b72f59be7f1f13d612f193

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://answers-embed.covid19.state.gov.pagescdn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 03:19:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
cf-cache-status: DYNAMIC
rate-limit-remaining: 99023
rate-limit-reset: 1697169612
referrer-policy: no-referrer
server: cloudflare
yext-uuid: 01HCKGQBYE2S88HK1NK9FVXKJN
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://answers-embed.covid19.state.gov.pagescdn.com
cache-control: no-cache
access-control-allow-credentials: true
rate-limit-limit: 100000
cf-ray: 815470b8cf4d39c4-FRA

POST
H2 200 3163171
realtimeanalytics.yext.com/realtimeanalytics/data/answers/ Frame 907C 0
377 B 162ms
122ms Ping
text/plain 2606:4700::6811:45f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://realtimeanalytics.yext.com/realtimeanalytics/data/answers/3163171
Requested by: Host: assets.sitescdn.net
URL: https://assets.sitescdn.net/answers/v1.15/answers-modern.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:45f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://answers-embed.covid19.state.gov.pagescdn.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 13 Oct 2023 03:19:19 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 815470b8aa7965e1-FRA
content-length: 0

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame D7D6 4 KB
2 KB 49ms
26ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/5279ebfe/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 03:19:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 13 Oct 2023 03:19:19 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame D7D6 0
10 B 7ms
7ms Image
text/plain 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?CwToHg
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/1A_jEvB3JmU?feature=oembed&start=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/1A_jEvB3JmU?feature=oembed&start=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 03:19:19 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/118/ Frame D7D6 50 KB
15 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/118/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8e99e1ceb5d2b6483d5cf48bff61db9da00db6cb806b7aa2e0f22f87a787e0d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 14:48:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 45046
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14707
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 15:06:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Fri, 13 Oct 2023 14:48:33 GMT

GET
H3 200 overlay.js Show response
answers-embed.covid19.state.gov.pagescdn.com/ 79 KB
26 KB 15ms
15ms Script
text/javascript 2606:4700::6811:1a54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://answers-embed.covid19.state.gov.pagescdn.com/overlay.js

Requested by

Host: gt.usembassy.gov
URL: https://gt.usembassy.gov/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:1a54 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6df2d3a3fc9c879a48996bb1b642934d9f590395233ef5baac5335b709019da4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gt.usembassy.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 03:19:19 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
x-amz-version-id: null
x-amz-request-id: 626TFKMT97CH4JPT
age: 5908
x-amz-server-side-encryption: AES256
x-yext-subendpoint: static
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 0gM6CSN/wd9IToLckK5XS7JiEU90RECO+lgiuUMTpSc6XBkJ24p1kJFv6Iuivz0i26ES+0ieT88=
surrogate-key: answers-embed.covid19.state.gov answers-embed.covid19.state.gov%2Foverlay.js
last-modified: Fri, 09 Jun 2023 16:46:26 GMT
server: cloudflare
etag: "c1a35765bffb9f2985d483574460078c"-gzip
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
x-yext-site: jp2
cache-control: max-age=0, s-maxage=7200, must-revalidate
cf-ray: 815470b94aee361e-FRA
owner: sitescog-12955

GET
H/1.1 200
OK usabilla_white_rightSideImprove.png
d6tizftlrpuof.cloudfront.net/live/resources/buttons/ Frame 0B96 2 KB
2 KB 38ms
7ms Image
image/png 52.222.206.40
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d6tizftlrpuof.cloudfront.net/live/resources/buttons/usabilla_white_rightSideImprove.png
Requested by: Host: gt.usembassy.gov
URL: https://gt.usembassy.gov/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.206.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-206-40.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7410b3df529e76455fe1db0cb80191946688840f6f9a802089e5b2c4e01adea2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gt.usembassy.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id: null
Date: Fri, 13 Oct 2023 02:30:48 GMT
Via: 1.1 82514a5a8cf35fb3132b0b5ab9cb724c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-P3
Age: 2912
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 1561
Last-Modified: Thu, 12 Sep 2013 09:08:13 GMT
Server: AmazonS3
ETag: "7b0ab11d4290685ae5d3c90fa98e3742"
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: public, max-age=3600
Accept-Ranges: bytes
X-Amz-Cf-Id: 5wPT6uOt1A8pNiP2X_ngEFbupMzEGHvbQ6EOMXn1hzipeZIaEWVInw==

GET
H2 200 Ukraine_Roller_Feature_1-700x441.jpg
share.america.gov/wp-content/uploads/2022/01/ 49 KB
49 KB 15ms
15ms Image
image/jpeg 2600:9000:2057:dc00:a:248d:16c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://share.america.gov/wp-content/uploads/2022/01/Ukraine_Roller_Feature_1-700x441.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:dc00:a:248d:16c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

c2a7c33a94f659af7fe428a068c7aa77081139cfe22db6f4da526578e5696818

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gt.usembassy.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 03:15:22 GMT
via: 1.1 78059242182c195ff7f26013772da09a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
last-modified: Wed, 05 Apr 2023 18:28:13 GMT
server: nginx
age: 237
x-amz-cf-pop: FRA6-C1
etag: "c37e-5f89af479539f"
x-frame-options: SAMEORIGIN
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 50046
x-amz-cf-id: a5wZJPlWJNCRdyyjVwyjOr_1uFUFjWC3Eny-FiB4VkGUPZB2SsdiZQ==

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 14ms
14ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=256244372&t=event&ni=1&_s=1&dl=https%3A%2F%2Fgt.usembassy.gov%2F&ul=en-us&de=UTF-8&dt=Homepage%20-%20U.S.%20Embassy%20in%20Guatemala&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll&ea=10%25&el=https%3A%2F%2Fgt.usembassy.gov%2F&_u=aGHACUABBAAAACAAoC~&jid=300735946&gjid=111171680&cid=1872795470.1697167158&tid=UA-30736178-71&_gid=715569131.1697167158&_r=1&gtm=45He3ab0n81PP5BNDR&z=975319845

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://gt.usembassy.gov/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 13 Oct 2023 03:19:19 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://gt.usembassy.gov
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PP5BNDR

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gt.usembassy.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 13 Oct 2023 01:49:42 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 5377
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 13 Oct 2023 03:49:42 GMT

GET
H3 200 iframe_api Show response
www.youtube.com/ 993 B
519 B 33ms
33ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PP5BNDR

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b989853e8fe5a3d22d2db42b21371f1b9fefda41bdd9b045fdc81825c165985b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gt.usembassy.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 03:19:19 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type: text/javascript; charset=utf-8
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Fri, 13 Oct 2023 03:19:19 GMT

GET
H3 200 1A_jEvB3JmU Show response
www.youtube.com/embed/ Frame D7D6 89 KB
37 KB 66ms
64ms Document
text/html 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/1A_jEvB3JmU?feature=oembed&start=0&enablejsapi=1&origin=https%3A%2F%2Fgt.usembassy.gov

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

751e9a7afa52c3298801aadd37be530551e8c5da3db35a9a86340a808ca2bf8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gt.usembassy.gov/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Fri, 13 Oct 2023 03:19:19 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame D7D6 28 B
54 B 22ms
22ms XHR
application/json 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/5279ebfe/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
X-Goog-Request-Time: 1697167159291
Content-Type: application/json
X-YouTube-Utc-Offset: 120
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/1A_jEvB3JmU?feature=oembed&start=0
X-YouTube-Client-Version: 1.20231008.00.00
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: CgtZYWRRb1lkaXliQSi17qKpBjIICgJERRICEgA%3D
X-YouTube-Ad-Signals: dt=1697167158387&flash=0&frm=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C380%2C214&vis=1&wgl=true&ca_type=image

Response headers

date: Fri, 13 Oct 2023 03:19:19 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0
expires: Fri, 13 Oct 2023 03:19:19 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 18ms
18ms XHR
text/plain 2a00:1450:400c:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-30736178-71&cid=1872795470.1697167158&jid=300735946&gjid=111171680&_gid=715569131.1697167158&_u=aGHACUABBAAAACAAoC~&z=1018164311

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c07::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://gt.usembassy.gov/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 13 Oct 2023 03:19:19 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://gt.usembassy.gov
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 www-widgetapi.js Show response
www.youtube.com/s/player/5279ebfe/www-widgetapi.vflset/ 213 KB
66 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/5279ebfe/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

03b0c564fb579679c627efd07eaabc7a9c59479b5b7798b4e6c29b3520030fec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gt.usembassy.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 23:23:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14159
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 67184
x-xss-protection: 0
last-modified: Mon, 09 Oct 2023 01:51:20 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 11 Oct 2024 23:23:20 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 18ms
18ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-30736178-71&cid=1872795470.1697167158&jid=300735946&_u=aGHACUABBAAAACAAoC~&z=1555482829

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gt.usembassy.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Oct 2023 03:19:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 20ms
19ms Image
image/gif 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-30736178-71&cid=1872795470.1697167158&jid=300735946&_u=aGHACUABBAAAACAAoC~&z=1555482829

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gt.usembassy.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Oct 2023 03:19:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS log
play.google.com/ Frame 0
0

POST atr
www.youtube.com/api/stats/ Frame D7D6 0
0

POST log
play.google.com/ Frame D7D6 0
0

POST log_event
www.youtube.com/youtubei/v1/ Frame D7D6 0
0

GET
H3 200 www-player.css
www.youtube.com/s/player/5279ebfe/ Frame D7D6 378 KB
48 KB 10ms
9ms Stylesheet
text/css 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/5279ebfe/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/1A_jEvB3JmU?feature=oembed&start=0&enablejsapi=1&origin=https%3A%2F%2Fgt.usembassy.gov

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92223235bd2c02fa3eae38898c1fb05886c7261be48bc661939babfc0c2c59bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/1A_jEvB3JmU?feature=oembed&start=0&enablejsapi=1&origin=https%3A%2F%2Fgt.usembassy.gov
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 01:09:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7789
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48960
x-xss-protection: 0
last-modified: Mon, 09 Oct 2023 01:51:20 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 12 Oct 2024 01:09:30 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/5279ebfe/player_ias.vflset/de_DE/ Frame D7D6 54 KB
17 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/5279ebfe/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/1A_jEvB3JmU?feature=oembed&start=0&enablejsapi=1&origin=https%3A%2F%2Fgt.usembassy.gov

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e246896268f64df82e2d476b0f5697525ff8f3dd9e2a424efe3fdb5086b21050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/1A_jEvB3JmU?feature=oembed&start=0&enablejsapi=1&origin=https%3A%2F%2Fgt.usembassy.gov
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 07:29:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 330585
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17030
x-xss-protection: 0
last-modified: Mon, 09 Oct 2023 01:51:20 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 08 Oct 2024 07:29:34 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/5279ebfe/www-embed-player.vflset/ Frame D7D6 317 KB
95 KB 12ms
12ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/5279ebfe/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/1A_jEvB3JmU?feature=oembed&start=0&enablejsapi=1&origin=https%3A%2F%2Fgt.usembassy.gov

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e37eef60c8569790974dc21de14333f21105cecae00e1926a7e282f099c8d89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/1A_jEvB3JmU?feature=oembed&start=0&enablejsapi=1&origin=https%3A%2F%2Fgt.usembassy.gov
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 01:30:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6551
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 97098
x-xss-protection: 0
last-modified: Mon, 09 Oct 2023 01:51:20 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 12 Oct 2024 01:30:08 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/5279ebfe/player_ias.vflset/de_DE/ Frame D7D6 2 MB
786 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/5279ebfe/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/1A_jEvB3JmU?feature=oembed&start=0&enablejsapi=1&origin=https%3A%2F%2Fgt.usembassy.gov

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4f5980f339ecf49b7e034e5c2efe0fe4a3a7f49c8be1b788d4d000e1f519c8bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/1A_jEvB3JmU?feature=oembed&start=0&enablejsapi=1&origin=https%3A%2F%2Fgt.usembassy.gov
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 07:29:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 330585
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 804675
x-xss-protection: 0
last-modified: Mon, 09 Oct 2023 01:51:20 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 08 Oct 2024 07:29:34 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame D7D6 15 KB
15 KB 12ms
12ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/1A_jEvB3JmU?feature=oembed&start=0&enablejsapi=1&origin=https%3A%2F%2Fgt.usembassy.gov

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 02:58:03 GMT
x-content-type-options: nosniff
age: 519676
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 06 Oct 2024 02:58:03 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame D7D6 15 KB
15 KB 13ms
12ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/1A_jEvB3JmU?feature=oembed&start=0&enablejsapi=1&origin=https%3A%2F%2Fgt.usembassy.gov

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 18:06:30 GMT
x-content-type-options: nosniff
age: 33169
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 11 Oct 2024 18:06:30 GMT

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame D7D6
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

16ms
16ms

XHR
application/json

2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/1A_jEvB3JmU?feature=oembed&start=0&enablejsapi=1&origin=https%3A%2F%2Fgt.usembassy.gov

Protocol

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c81f104eb4f636bb5485fed4417fd0e3ada4df4057c654dabeb4a5901b21786a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 03:19:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 13 Oct 2023 03:19:19 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame D7D6 29 B
92 B 7ms
7ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/5279ebfe/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 03:15:32 GMT
x-content-type-options: nosniff
age: 227
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 13 Oct 2023 03:30:32 GMT

OPTIONS
H3 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 16ms
15ms Preflight
text/html 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Fri, 13 Oct 2023 03:19:19 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame D7D6 68 KB
31 KB 27ms
26ms XHR
application/json+protobuf 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/5279ebfe/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cec73498a5c27e5e21955e742d4b52fca065951ab2c40db81c644008e74cd173

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Fri, 13 Oct 2023 03:19:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31583
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/5279ebfe/player_ias.vflset/de_DE/ Frame D7D6 116 KB
33 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/5279ebfe/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/5279ebfe/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a917be15f33caca7feb38eb3568d482941ca594a08add89b9dc08c61ca0b7297

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/1A_jEvB3JmU?feature=oembed&start=0&enablejsapi=1&origin=https%3A%2F%2Fgt.usembassy.gov
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 07:29:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 330584
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33693
x-xss-protection: 0
last-modified: Mon, 09 Oct 2023 01:51:20 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 08 Oct 2024 07:29:35 GMT

GET
H3 200 tN1enqu6RJ1U6ue374tm5QKBTitrA3t700Hvd2dfLPU.js Show response
www.google.com/js/th/ Frame D7D6 37 KB
14 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/tN1enqu6RJ1U6ue374tm5QKBTitrA3t700Hvd2dfLPU.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/5279ebfe/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b4dd5e9eabba449d54eae7b7ef8b66e502814e2b6b037b7bd341ef77675f2cf5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 20:05:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26002
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14647
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 13:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 11 Oct 2024 20:05:57 GMT

GET
H2 200 sddefault.webp
i.ytimg.com/vi_webp/1A_jEvB3JmU/ Frame D7D6 7 KB
7 KB 21ms
20ms Image
image/webp 2a00:1450:4001:829::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/1A_jEvB3JmU/sddefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/5279ebfe/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

363e1fffdc26686a17e408a3192dee7c8d0461aefff22ae9ea5e99cb50ba213b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 03:19:18 GMT
x-content-type-options: nosniff
age: 1
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6864
x-xss-protection: 0
server: sffe
etag: "1674755526"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 13 Oct 2023 05:19:18 GMT

GET
H2 200 fullscreen.png
gt.usembassy.gov/wp-content/plugins/osmapper/assets/images/ 299 B
901 B 13ms
13ms Image
image/png 2600:9000:223c:6e00:3:228f:7440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gt.usembassy.gov/wp-content/plugins/osmapper/assets/images/fullscreen.png

Requested by

Host: gt.usembassy.gov
URL: https://gt.usembassy.gov/wp-content/plugins/osmapper/assets/css/leaflet.fullscreen.css?ver=2.1.5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223c:6e00:3:228f:7440:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

c83b73f9d863b80a28eaaf71734d3efd7353ac6c045ab37cd293a77857689788

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gt.usembassy.gov/wp-content/plugins/osmapper/assets/css/leaflet.fullscreen.css?ver=2.1.5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 03:15:22 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
via: 1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 237
x-amz-cf-pop: FRA56-P2
x-cache: Hit from cloudfront
last-modified: Fri, 06 Oct 2023 17:15:26 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: https://travel.state.gov
cache-control: max-age=31536000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With, Content-Type, Origin, Authorization, Accept, Client-Security-Token, Accept-Encoding
x-amz-cf-id: DwgwvOTrUwU4qRU7_Pma5ZvrG2SZUHdoE4HWsQbIeUgel8PfH3uICQ==
expires: Sat, 21 Oct 2023 03:15:22 GMT

GET
H2 200 7519.png
basemaps.cartocdn.com/rastertiles/voyager/14/4073/ 27 KB
27 KB 49ms
11ms Image
image/png 151.101.194.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://basemaps.cartocdn.com/rastertiles/voyager/14/4073/7519.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx / Express

Resource Hash

1000d69d2676ecdf89857539f49fbab8781ca013516a453af0317df88e84352a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gt.usembassy.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubdomains
via: 1.1 google, 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
date: Fri, 13 Oct 2023 03:19:19 GMT
age: 3857784
x-powered-by: Express
x-cache: HIT, HIT
content-length: 27613
x-served-by: cache-iad-kjyo7100088-IAD, cache-fra-eddf8230028-FRA
last-modified: Wed, 27 Jul 2022 11:04:31 GMT
server: nginx
x-timer: S1697167160.677335,VS0,VE1
etag: W/"6bdd-PK5zpQjlCZVMPUbnGI04XqVFdZ8"
x-frame-options: DENY
content-type: image/png
access-control-allow-origin: *
x-origin-server: bm-us-east-zz49
cache-control: public,max-age=15552000
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 1653, 1

GET
H2 200 7519.png
basemaps.cartocdn.com/rastertiles/voyager/14/4074/ 21 KB
21 KB 52ms
14ms Image
image/png 151.101.194.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://basemaps.cartocdn.com/rastertiles/voyager/14/4074/7519.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx / Express

Resource Hash

8028b565ee34876ad070640ca416877677e53b5c5a6a4715a8403fc5f570b248

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gt.usembassy.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubdomains
via: 1.1 google, 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
date: Fri, 13 Oct 2023 03:19:19 GMT
age: 2041608
x-powered-by: Express
x-cache: HIT, HIT
content-length: 21346
x-served-by: cache-iad-kiad7000149-IAD, cache-fra-eddf8230028-FRA
last-modified: Wed, 27 Jul 2022 11:04:31 GMT
server: nginx
x-timer: S1697167160.677177,VS0,VE1
etag: W/"5362-VRhK3DP3HEH88rHGda/Tkyc/Sh4"
x-frame-options: DENY
content-type: image/png
access-control-allow-origin: *
x-origin-server: bm-us-east-zxmw
cache-control: public,max-age=15552000
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 460, 1

GET
H2 200 7518.png
basemaps.cartocdn.com/rastertiles/voyager/14/4073/ 27 KB
27 KB 58ms
21ms Image
image/png 151.101.194.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://basemaps.cartocdn.com/rastertiles/voyager/14/4073/7518.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx / Express

Resource Hash

3fea8a2551f12e97e6a61763dcc505d604b51511b50c8c718dfad0990ab05bc1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gt.usembassy.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubdomains
via: 1.1 google, 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
date: Fri, 13 Oct 2023 03:19:19 GMT
age: 865834
x-powered-by: Express
x-cache: HIT, HIT
content-length: 27475
x-served-by: cache-iad-kjyo7100108-IAD, cache-fra-eddf8230028-FRA
last-modified: Wed, 27 Jul 2022 11:04:31 GMT
server: nginx
x-timer: S1697167160.677549,VS0,VE1
etag: W/"6b53-egvuZc1eOE+rHkFejiuUl9a0NPg"
x-frame-options: DENY
content-type: image/png
access-control-allow-origin: *
x-origin-server: bm-us-east-zxmw
cache-control: public,max-age=15552000
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 1463, 1

GET
H2 200 7518.png
basemaps.cartocdn.com/rastertiles/voyager/14/4074/ 14 KB
14 KB 54ms
17ms Image
image/png 151.101.194.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://basemaps.cartocdn.com/rastertiles/voyager/14/4074/7518.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx / Express

Resource Hash

cefd1561b7661914cb50552a13c9b8554d2183c6ed5696e3b8731b46ff787728

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gt.usembassy.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubdomains
via: 1.1 google, 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
date: Fri, 13 Oct 2023 03:19:19 GMT
age: 865834
x-powered-by: Express
x-cache: HIT, HIT
content-length: 14107
x-served-by: cache-iad-kjyo7100160-IAD, cache-fra-eddf8230028-FRA
last-modified: Wed, 27 Jul 2022 11:04:31 GMT
server: nginx
x-timer: S1697167160.677185,VS0,VE1
etag: W/"371b-rDROYEAuP4SMGpU8FvHNjOwWTEE"
x-frame-options: DENY
content-type: image/png
access-control-allow-origin: *
x-origin-server: bm-us-east-zzl5
cache-control: public,max-age=15552000
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 297, 1

GET
H2 200 7520.png
basemaps.cartocdn.com/rastertiles/voyager/14/4073/ 28 KB
29 KB 44ms
7ms Image
image/png 151.101.194.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://basemaps.cartocdn.com/rastertiles/voyager/14/4073/7520.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx / Express

Resource Hash

823cab5ca139e91b5c0b49933c89eab37997f2947c099475d5681fdc508b06bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gt.usembassy.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubdomains
via: 1.1 google, 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
date: Fri, 13 Oct 2023 03:19:19 GMT
age: 1303639
x-powered-by: Express
x-cache: HIT, HIT
content-length: 28872
x-served-by: cache-iad-kiad7000064-IAD, cache-fra-eddf8230028-FRA
last-modified: Wed, 27 Jul 2022 11:04:31 GMT
server: nginx
x-timer: S1697167160.677004,VS0,VE1
etag: W/"70c8-2ijtjlFsIKb6X1LsMZa9WbXwTWE"
x-frame-options: DENY
content-type: image/png
access-control-allow-origin: *
x-origin-server: bm-us-east-zxf9
cache-control: public,max-age=15552000
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 103, 1

GET
H2 200 7520.png
basemaps.cartocdn.com/rastertiles/voyager/14/4074/ 19 KB
20 KB 54ms
17ms Image
image/png 151.101.194.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://basemaps.cartocdn.com/rastertiles/voyager/14/4074/7520.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx / Express

Resource Hash

a0098a649dfef9bb2ab8e19f8e9668669fd26f61ec3aa02951dcf163ffaf04b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gt.usembassy.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubdomains
via: 1.1 google, 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
date: Fri, 13 Oct 2023 03:19:19 GMT
age: 1885737
x-powered-by: Express
x-cache: HIT, HIT
content-length: 19820
x-served-by: cache-iad-kiad7000066-IAD, cache-fra-eddf8230028-FRA
last-modified: Wed, 27 Jul 2022 11:04:31 GMT
server: nginx
x-timer: S1697167160.677196,VS0,VE1
etag: W/"4d6c-pNB7RJV5XG/zuCJg3SRl5SmDUVc"
x-frame-options: DENY
content-type: image/png
access-control-allow-origin: *
x-origin-server: bm-us-east-zzl5
cache-control: public,max-age=15552000
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 322, 1

GET
H2 200 7519.png
basemaps.cartocdn.com/rastertiles/voyager/14/4072/ 30 KB
30 KB 10ms
9ms Image
image/png 151.101.194.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://basemaps.cartocdn.com/rastertiles/voyager/14/4072/7519.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx / Express

Resource Hash

516a8818cf39a14094375a0f5a1a33ce3f9002c9be1ebfa4036e5f616386202a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gt.usembassy.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubdomains
via: 1.1 google, 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
date: Fri, 13 Oct 2023 03:19:19 GMT
age: 4463093
x-powered-by: Express
x-cache: HIT, HIT
content-length: 30799
x-served-by: cache-iad-kiad7000058-IAD, cache-fra-eddf8230028-FRA
last-modified: Wed, 27 Jul 2022 11:04:31 GMT
server: nginx
x-timer: S1697167160.689802,VS0,VE1
etag: W/"784f-7jxEyOc/1O7+8/pzB1ryKpcGWns"
x-frame-options: DENY
content-type: image/png
access-control-allow-origin: *
x-origin-server: bm-us-east-zzll
cache-control: public,max-age=15552000
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 466, 1

GET
H2 200 7519.png
basemaps.cartocdn.com/rastertiles/voyager/14/4075/ 16 KB
16 KB 11ms
10ms Image
image/png 151.101.194.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://basemaps.cartocdn.com/rastertiles/voyager/14/4075/7519.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx / Express

Resource Hash

0fef74df186e010c3635d412e0ed34dc2b04550cf187a9d3c619de8e291274b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gt.usembassy.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubdomains
via: 1.1 google, 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
date: Fri, 13 Oct 2023 03:19:19 GMT
age: 865971
x-powered-by: Express
x-cache: HIT, HIT
content-length: 15902
x-served-by: cache-qpg1266-QPG, cache-fra-eddf8230028-FRA
last-modified: Wed, 27 Jul 2022 11:04:31 GMT
server: nginx
x-timer: S1697167160.690062,VS0,VE1
etag: W/"3e1e-BqYf6NfCXTTNQi6TgHQODrsjAf4"
x-frame-options: DENY
content-type: image/png
access-control-allow-origin: *
x-origin-server: bm-asia-southeast-zzq5
cache-control: public,max-age=15552000
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 5, 1

GET
H2 200 7518.png
basemaps.cartocdn.com/rastertiles/voyager/14/4072/ 29 KB
29 KB 13ms
12ms Image
image/png 151.101.194.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://basemaps.cartocdn.com/rastertiles/voyager/14/4072/7518.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx / Express

Resource Hash

bf403585160479d30f81b48755185375eff5c63bd7a24bd409384f293b06c9a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gt.usembassy.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubdomains
via: 1.1 google, 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
date: Fri, 13 Oct 2023 03:19:19 GMT
age: 480130
x-powered-by: Express
x-cache: HIT, HIT
content-length: 29926
x-served-by: cache-iad-kjyo7100069-IAD, cache-fra-eddf8230028-FRA
last-modified: Wed, 27 Jul 2022 11:04:31 GMT
server: nginx
x-timer: S1697167160.690062,VS0,VE1
etag: W/"74e6-zZASR2p8BxKgzwYUWzWIMsbv20s"
x-frame-options: DENY
content-type: image/png
access-control-allow-origin: *
x-origin-server: bm-us-east-zp0l
cache-control: public,max-age=15552000
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 81, 1

GET
H2 200 7518.png
basemaps.cartocdn.com/rastertiles/voyager/14/4075/ 14 KB
15 KB 11ms
10ms Image
image/png 151.101.194.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://basemaps.cartocdn.com/rastertiles/voyager/14/4075/7518.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx / Express

Resource Hash

d48502629c054955a79b4951ad7888aadf665a24d5abb2ec426f5adb4546fe60

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gt.usembassy.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubdomains
via: 1.1 google, 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
date: Fri, 13 Oct 2023 03:19:19 GMT
age: 1599213
x-powered-by: Express
x-cache: HIT, HIT
content-length: 14477
x-served-by: cache-iad-kcgs7200091-IAD, cache-fra-eddf8230028-FRA
last-modified: Wed, 27 Jul 2022 11:04:31 GMT
server: nginx
x-timer: S1697167160.690044,VS0,VE1
etag: W/"388d-MAzM82iJEPAhHuc+E5akzC+aRgI"
x-frame-options: DENY
content-type: image/png
access-control-allow-origin: *
x-origin-server: bm-us-east-zzl5
cache-control: public,max-age=15552000
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 406, 1

GET
H2 200 7520.png
basemaps.cartocdn.com/rastertiles/voyager/14/4072/ 31 KB
32 KB 15ms
14ms Image
image/png 151.101.194.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://basemaps.cartocdn.com/rastertiles/voyager/14/4072/7520.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx / Express

Resource Hash

1445252fc02d3d5903c1a8908c15a5dd59e0493a5a6ffa5a342191bca89d941c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gt.usembassy.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubdomains
via: 1.1 google, 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
date: Fri, 13 Oct 2023 03:19:19 GMT
age: 1506291
x-powered-by: Express
x-cache: HIT, HIT
content-length: 32122
x-served-by: cache-qpg1230-QPG, cache-fra-eddf8230028-FRA
last-modified: Wed, 27 Jul 2022 11:04:31 GMT
server: nginx
x-timer: S1697167160.690397,VS0,VE1
etag: W/"7d7a-xgvP8d5/yDhTw2LwQNDLwnj+tOM"
x-frame-options: DENY
content-type: image/png
access-control-allow-origin: *
x-origin-server: bm-asia-southeast-zz9n
cache-control: public,max-age=15552000
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 3, 1

GET
H2 200 7520.png
basemaps.cartocdn.com/rastertiles/voyager/14/4075/ 15 KB
15 KB 10ms
10ms Image
image/png 151.101.194.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://basemaps.cartocdn.com/rastertiles/voyager/14/4075/7520.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx / Express

Resource Hash

b7ccced579ce029c7832db9fa995b34c55dfa63b140781cc4d7b0925dc8af3ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gt.usembassy.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubdomains
via: 1.1 google, 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
date: Fri, 13 Oct 2023 03:19:19 GMT
age: 669393
x-powered-by: Express
x-cache: HIT, HIT
content-length: 15161
x-served-by: cache-iad-kcgs7200057-IAD, cache-fra-eddf8230028-FRA
last-modified: Wed, 27 Jul 2022 11:04:31 GMT
server: nginx
x-timer: S1697167160.690217,VS0,VE1
etag: W/"3b39-f1VT+nMVU/xriwdLnEiI6MStCk4"
x-frame-options: DENY
content-type: image/png
access-control-allow-origin: *
x-origin-server: bm-us-east-zzll
cache-control: public,max-age=15552000
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 116, 1

GET
H2 200 pin-1.png
gt.usembassy.gov/wp-content/plugins/osmapper/assets/images/pins/ 2 KB
2 KB 15ms
13ms Image
image/png 2600:9000:223c:6e00:3:228f:7440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gt.usembassy.gov/wp-content/plugins/osmapper/assets/images/pins/pin-1.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223c:6e00:3:228f:7440:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

88dfaa7c532cb9d0890744573b65d45a4a488124cb25529a5747606329643667

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gt.usembassy.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 03:15:22 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
via: 1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 237
x-amz-cf-pop: FRA56-P2
x-cache: Hit from cloudfront
last-modified: Fri, 06 Oct 2023 17:15:26 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: https://travel.state.gov
cache-control: max-age=31536000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With, Content-Type, Origin, Authorization, Accept, Client-Security-Token, Accept-Encoding
x-amz-cf-id: acrw9xM3o0We_xJokaG_z4Pfd9xzvtSE3uDVxGgR89b4jmHew77x_g==
expires: Sat, 21 Oct 2023 03:15:22 GMT

GET
DATA 200
OK truncated
/ Frame D7D6 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 APkrFKYIzdCx6Yv6vdeZhVcEbDIEw6OB91FA3quMW-rdXw=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame D7D6 4 KB
4 KB 9ms
7ms Image
image/jpeg 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/APkrFKYIzdCx6Yv6vdeZhVcEbDIEw6OB91FA3quMW-rdXw=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/1A_jEvB3JmU?feature=oembed&start=0&enablejsapi=1&origin=https%3A%2F%2Fgt.usembassy.gov

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9360a1e5d6d88c97729d3ec48a36c051218273a689245eb91e032d4eb60d254a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 02:04:51 GMT
x-content-type-options: nosniff
age: 4468
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3844
x-xss-protection: 0
server: fife
etag: "vde1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 14 Oct 2023 02:04:51 GMT

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 15ms
15ms Preflight
text/html 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Fri, 13 Oct 2023 03:19:19 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame D7D6 90 B
134 B 19ms
19ms XHR
application/json+protobuf 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/5279ebfe/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d51e5a564964dac1e0780be7433f766f967df49e0f12ea8f9362e1db6358f9eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Fri, 13 Oct 2023 03:19:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110
x-xss-protection: 0

GET
H3 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame D7D6 4 KB
2 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/5279ebfe/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 03:19:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 13 Oct 2023 03:19:19 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame D7D6 0
10 B 7ms
6ms Image
text/plain 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?ybxsuQ
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/1A_jEvB3JmU?feature=oembed&start=0&enablejsapi=1&origin=https%3A%2F%2Fgt.usembassy.gov
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/1A_jEvB3JmU?feature=oembed&start=0&enablejsapi=1&origin=https%3A%2F%2Fgt.usembassy.gov
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 03:19:19 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/118/ Frame D7D6 50 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/118/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8e99e1ceb5d2b6483d5cf48bff61db9da00db6cb806b7aa2e0f22f87a787e0d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 14:48:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 45046
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14707
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 15:06:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Fri, 13 Oct 2023 14:48:33 GMT

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame D7D6 28 B
54 B 21ms
21ms XHR
application/json 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/5279ebfe/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
X-Goog-Request-Time: 1697167161763
Content-Type: application/json
X-YouTube-Utc-Offset: 120
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/1A_jEvB3JmU?feature=oembed&start=0&enablejsapi=1&origin=https%3A%2F%2Fgt.usembassy.gov
X-YouTube-Client-Version: 1.20231008.00.00
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: CgtZYWRRb1lkaXliQSi37qKpBjIICgJERRICEgA%3D
X-YouTube-Ad-Signals: dt=1697167159448&flash=0&frm=2&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C380%2C214&vis=1&wgl=true&ca_type=image

Response headers

date: Fri, 13 Oct 2023 03:19:21 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0
expires: Fri, 13 Oct 2023 03:19:21 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: play.google.com
URL: https://play.google.com/log?format=json&hasfast=true&authuser=0

Domain: www.youtube.com
URL: https://www.youtube.com/api/stats/atr?ns=yt&el=embedded&cpn=bO-qwGehK7Pw8Npd&ver=2&cmt=0&fs=0&rt=0&euri=https%3A%2F%2Fgt.usembassy.gov%2F&lact=772&cl=571789013&mos=0&volume=100&cbr=Chrome&cbrver=118.0.5993.70&c=WEB_EMBEDDED_PLAYER&cver=1.20231008.00.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&epm=1&hl=de_DE&cr=DE&len=117&fexp=v1%2C23983296%2C21348%2C2602%2C73492%2C54572%2C73455%2C230596%2C84737%2C25688%2C9541%2C1089%2C6271%2C250%2C2950%2C18465%2C5%2C26417824%2C3518%2C536%2C1253%2C677%2C6723%2C8050%2C1333%2C2040%2C564%2C4369%2C2295%2C860&feature=oembed&muted=0&docid=1A_jEvB3JmU

Domain: play.google.com
URL: https://play.google.com/log?format=json&hasfast=true&authuser=0

Domain: www.youtube.com
URL: https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Verdicts & Comments Add Verdict or Comment

123 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

21 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.answers-embed.covid19.state.gov.pagescdn.com/	1970-01-20 15:26:08	Name: __cf_bm Value: YaFlEqP.CHMxF0NtYBPPG_MZUFeHm91K2_j3DJ3v3Wk-1697167157-0-ASPJxaCOgDuFvJ0ha5g/MBo0pmAOLnbLLLud1QpM9MXweOtrPBP75gjHyGgZNStC+r0ZPzT9EjnaUhDf+qB7lhE=
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: JBgTsUvEybM
.youtube.com/	1970-01-20 19:45:19	Name: VISITOR_INFO1_LIVE Value: YadQoYdiybA
.usembassy.gov/	1970-01-20 15:27:33	Name: _gid Value: GA1.2.715569131.1697167158
.usembassy.gov/	1970-01-20 15:26:07	Name: _gat Value: 1
.gt.usembassy.gov/	1970-01-21 01:02:07	Name: _ga Value: GA1.3.1872795470.1697167158
.gt.usembassy.gov/	1970-01-20 15:27:33	Name: _gid Value: GA1.3.715569131.1697167158
.gt.usembassy.gov/	1970-01-20 15:26:07	Name: _gat_RegionalTracker Value: 1
.gt.usembassy.gov/	1970-01-20 15:26:07	Name: _gat_GlobalTracker Value: 1
.gt.usembassy.gov/	1970-01-20 15:26:07	Name: _gat_GSA_ENOR0 Value: 1
.usembassy.gov/	1970-01-21 01:02:07	Name: _ga_RH13VY8T2N Value: GS1.1.1697167158.1.0.1697167158.60.0.0
.usembassy.gov/	1970-01-21 01:02:07	Name: _ga_477NB7ZBEW Value: GS1.1.1697167158.1.0.1697167158.0.0.0
.usembassy.gov/	1970-01-21 01:02:07	Name: _ga_TL9ZMCQW57 Value: GS1.1.1697167158.1.0.1697167158.0.0.0
.sitescdn.net/	1970-01-20 15:26:08	Name: __cf_bm Value: I9l7MWaeCFolR.BKPTQK7hhh0xHqVLwBQ2THOB2oMDk-1697167158-0-AQiUTPNb4rLY6Fq7UA+66D+M9nTA7Y59L6nDsTUI1ytp6d8n1MI6evGdP7+yAL17GRAy0tIJI7hdb+vbsdldp+w=
.usembassy.gov/	1970-01-21 01:02:07	Name: _ga_S9NN0HV920 Value: GS1.1.1697167158.1.0.1697167158.60.0.0
.usembassy.gov/	1970-01-21 01:02:07	Name: _ga_CSLL4ZEK4L Value: GS1.1.1697167158.1.0.1697167158.0.0.0
.pagescdn.com/	1970-01-20 17:35:43	Name: _yfpc Value: 1662577404921
realtimeanalytics.yext.com/	1970-01-20 17:35:43	Name: cookieId Value: 1662577404921
.yext.com/	1970-01-20 15:26:08	Name: __cf_bm Value: zNw2vDquLJdy6Gd6wF2ZwxqZUhbjy.A3rmmprrIDOes-1697167159-0-AfTU9bLldqrD98oTYPdsNPOaD4ycuT6w47hpfP3iyeTx54IAwVzmWI+A+pe5lmEmE8qOT5AE64WpXuqyDA3bAlchnBmGOnopB5iUO4VEqcSw
.usembassy.gov/	1970-01-21 01:02:07	Name: _ga Value: GA1.2.1872795470.1697167158
.usembassy.gov/	1970-01-20 15:26:07	Name: _gat_UA-30736178-71 Value: 1

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://gt.usembassy.gov/ Message: Unrecognized feature: 'web-share'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

answers-embed.covid19.state.gov.pagescdn.com
assets.sitescdn.net
basemaps.cartocdn.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
d6tizftlrpuof.cloudfront.net
dap.digitalgov.gov
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gt.usembassy.gov
i.ytimg.com
jnn-pa.googleapis.com
liveapi.yext.com
play.google.com
realtimeanalytics.yext.com
region1.analytics.google.com
region1.google-analytics.com
share.america.gov
static.doubleclick.net
stats.g.doubleclick.net
uploads.mwp.mprod.getusinfo.com
use.fontawesome.com
w.usabilla.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.youtube.com
yt3.ggpht.com
play.google.com
www.youtube.com
151.101.194.132
2001:4860:4802:34::36
2600:9000:2057:dc00:a:248d:16c0:93a1
2600:9000:211e:2e00:5:83ea:ba80:93a1
2600:9000:223c:6e00:3:228f:7440:93a1
2600:9000:223c:f600:3:228f:7440:93a1
2600:9000:2240:1a00:6:d944:3c80:93a1
2606:4700::6810:5814
2606:4700::6811:1654
2606:4700::6811:190e
2606:4700::6811:1a54
2606:4700::6811:45f
2606:4700:e0::ac40:660b
2a00:1450:4001:80b::2003
2a00:1450:4001:80b::200a
2a00:1450:4001:80e::2006
2a00:1450:4001:80e::200a
2a00:1450:4001:80f::2003
2a00:1450:4001:813::200e
2a00:1450:4001:81c::2008
2a00:1450:4001:827::200e
2a00:1450:4001:828::2001
2a00:1450:4001:829::2016
2a00:1450:4001:82b::2003
2a00:1450:4001:830::2002
2a00:1450:4001:830::2004
2a00:1450:400c:c07::9b
52.222.206.40
54.77.171.233
00bc0b01490e3bdfeac269ee62878ce57dd9d0155b4b709f53b8e52dc559f74d
02189a52015a8f835341b3b5200facfdb1ca1ccd9f948aa077737f7e698862f0
03569249f023d48bdff1d8f3a797c597c8027456bdda37f4a65e7dd6db11fd18
03762a5393b4899524ca8b6926285cf9761c709938e18559c4fd57f43de5dc3c
03b0c564fb579679c627efd07eaabc7a9c59479b5b7798b4e6c29b3520030fec
050bd7f2f4cf11334cbd7b53d6b881ee4a2a5641075ca2f0111ab0d9d9ae3ae3
06aabdd1e3593a83abf80ce7ca548b00898f61c93e116450094927d6c61e3150
0a80a277bfe3e9832cd9a2bc0dde39aa851b47aa6ef819f7e02b0c79aecbdf9a
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
0e1113b375cdb32913e1d6bb0d7948ee3fa5397927b85650dd198302cae973a3
0f82fb588f66c83a37186ac3081f27c63e4e0bc4f5a452c98f2327fd33052b80
0fef74df186e010c3635d412e0ed34dc2b04550cf187a9d3c619de8e291274b5
1000d69d2676ecdf89857539f49fbab8781ca013516a453af0317df88e84352a
1038a6cf48253f67f263e5b6135ca8f7a8de74bc0e165296ab04f1c177b2b24f
1060091178cbd6c843b802f516f230f1a3a1e85f1afbd6ef84d80e5430ba457e
12d8b0c545d9418d5365070236bddab1f6a739ef8351a52e7c771e72ac77209b
131a9ea30b81e395a674452ab2a411ba33bc9769531887ba87a035e41b3b4d11
13ab1f2ba6f86dd27e2500ac6402318346f385aac257e3d377bf100613516031
13e5c152dec8fd0b455fc1ccdca4bd48d377933f18237811bbe0e1f76b1add79
14081cbfbe75fa8cffb0a01681eb68a7486ba0ec7837b34926159b6951d8e646
1445252fc02d3d5903c1a8908c15a5dd59e0493a5a6ffa5a342191bca89d941c
1494e5406e929e7e84bb6cb5e3289d41d1f121a49697af982f692cb54e3ce026
15828bb8b056b9a331c6ce02f9b5ac52abba8e04f957d3d892c29f057a2f5f38
1749e6ee96ec4ad597c02396abb1e7535c6e6205a61444bae8dd2b7afaafb0ad
1866edaa5ce9a66d4424088fb91ae493b1e0bd7de0dc1cc83a848ad4f00800f5
18d5fc4234444c4dbf0aa3b103cadd1dc8a226c92cd5a24dd5205f2be39a81b6
19082314f12786c3c514253f2572ec0f8f0927394e59ade62b78dcd5dde1162c
1a234275545ba883616ac6b4151a0f06d9bb097146e806e40317a263bbf1c51e
1ca481b34a29c88eb4846fd74664a7f3a4aead233646650224d1f08a3a600709
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1e37eef60c8569790974dc21de14333f21105cecae00e1926a7e282f099c8d89
201bfb84beb9d8bae3919bb9b8fbb129a5bf95bbfe577f2706de3885d5ab76dc
2174531636abe76abf27de643659e1bca74a78b75de58cf0687c0b415220662c
28ba1826a2b215bb02c0182c67e01b2a361ed1f3726b45a191c67392f1dcec6b
29c4e772c5098dcb8d65f8d04ccf41bc65997b7c8095e3dc1b797ee5c1abceaa
2a43bf825796fd6f024966054ef4e53793a505d4fdde4ec0ea83cd59b3b72d36
2b124cb56c81558b73946a182b47f01140acbcb64a4ec723f02399de53c93edc
2f2e365b59b74d2d0640829b66f150f9bb7b32eeccdb11fd6aba0bb727ac980b
30ee1a61e7d79a8e805e5dde8aea875574eba2f49b2c0b0f4b69ebf0f9ec3205
363e1fffdc26686a17e408a3192dee7c8d0461aefff22ae9ea5e99cb50ba213b
38399efe707a8ffc12359a0086e7340315b42194a10fd2e1d1288be12da9e39c
3bc6467a95cec8fa516c6f5f69e1301e37e16f9bb1046fe7756729249f901b95
3be47a6a2507caafd50ffa34bd1b13afa99c863d445e41b3cdf94519057a988b
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3fea8a2551f12e97e6a61763dcc505d604b51511b50c8c718dfad0990ab05bc1
403ec99441cacff48156ea95969e9eb61fa80cdc67019f65b5f51fa903ad752f
43c072c16c9ee6d67acdfa6c6d6685ff1e74eb4237b7cc3c1348ab1c108b26af
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
45e16ed7c857c70ab02411e385431aa2f25c42b8f8587ee19c8a1707b0d95df2
4c24262a87fdf021d377bf7e4d6c08ce81a1862e774facca70713391a4cd3bc7
4d15a83b2d14d0c9ee9698efc2d97ab269e4a5e385b72f59be7f1f13d612f193
4d1eb2621daa43e4cdd04c6712c7fd5d64db2e58fb2c379d5455c83590f687bc
4f5980f339ecf49b7e034e5c2efe0fe4a3a7f49c8be1b788d4d000e1f519c8bc
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
50ecda5870ebe585e0643eb721fc578e636897fe959f444751ff1e4e60949146
516a8818cf39a14094375a0f5a1a33ce3f9002c9be1ebfa4036e5f616386202a
5189bfc9ecfe24ef0ce20ef3b0a8f951d3ed3527717a80f053e5556cf6ceb30b
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
578586db01cc3008d2795d52508fadeaf3862d9aec9dbf0b68879af30aea25d9
58cbd73dd793a7bba150e4fd727b91f3e5a60efd48c4437554bf3252732d3304
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5aa160ad964402d622c0032f2a12db80a9fa54808305e6ccacf3b4e0db562251
5b0fbe5b7ad705f6a937c4998ad02f73d8f0d976fe231b74aef0ec996990c93a
5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164
5f19f0ebe463c696ee377579739337b5c03e694437022bdb16887ab121399af1
5fe46d2da01452067736578431f6c6e8116a24e616f58c72d9d81fdb2c7c9569
67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6a3166ddd944effa0090cab36a67512a7bccb8ae0c62488c07862568d9f5697c
6c279cc4e37124eea5498dac89af9392a67bfba3251b3b2bde42c7cd24b91ce9
6dd96918803094b8af6983e83552fde86104da7ef2934a6b6393eb286e9c4f2f
6df2d3a3fc9c879a48996bb1b642934d9f590395233ef5baac5335b709019da4
7109d22832ec20e1a3fcbc8a82063733f3484f7306cdfa9d5a341ebcbe432c51
721b049c5eb3f6935d49b4810ba663600c74e9e9b61de5d8482f9fc435681b64
726b820e44f6ab90ad991d30a4bf26d3a5d71493cbcd1fb1efd0d14e89b9df2a
7410b3df529e76455fe1db0cb80191946688840f6f9a802089e5b2c4e01adea2
751e9a7afa52c3298801aadd37be530551e8c5da3db35a9a86340a808ca2bf8f
75b51e8aa62321ba8c66b6e93ebd571cb80b46101446d1aab62de95f0f124dc4
8028b565ee34876ad070640ca416877677e53b5c5a6a4715a8403fc5f570b248
81da06154271d084016ad635363e28a96643d9d555e15e8be34ebbdefc118aca
823248686053150f415f1da1f715ef6f47b6119e28de8fdbc779fdad9479d7fb
823cab5ca139e91b5c0b49933c89eab37997f2947c099475d5681fdc508b06bd
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
872a300eab205ed04bac3413d3c9503c157abc5130b73838451062f45461af89
88dfaa7c532cb9d0890744573b65d45a4a488124cb25529a5747606329643667
8b8f8974f647856e1b145a92d77b5337f6de9c669e1ef6bb1e2fa43f94b162f1
8c10bfd761676feda6e280e0d31794b1a8d21279f437ddb817a708d6fe0b72db
8d0055e6d8cfd78504ea3bfeb93b24bafd670e051503e4f69c2bd26c72148a7a
8e99e1ceb5d2b6483d5cf48bff61db9da00db6cb806b7aa2e0f22f87a787e0d3
90f17d2b1bcf07b7589650fc779426d2cdcb4ad62af6fc156b2c7963a7d08410
92223235bd2c02fa3eae38898c1fb05886c7261be48bc661939babfc0c2c59bc
923eb1c5d1f9ae2c035f60ae755f62612e0a061940f4d3293e718badfd9bc54c
9360a1e5d6d88c97729d3ec48a36c051218273a689245eb91e032d4eb60d254a
941b41c4c47ada4795be098c7f6904457d086843b2b0c8c3683a037b8baf7d7a
947960adcbb708c908d60c1fb55b6c617e11c93876ecf9f525f13accf7ddb591
965a46ae986f221e5cd29a9418668b3956cbee6a443f50b9015cf9f8eda55728
9670d45ba8080d2c32b5f0bdbdf9abcb4f1093b0901ff906ed8d6a193d561479
96f91a11cbe441d24c47432bc39c635578893b2e83a328ae554c5c349f9ea9c5
986fd157b6e7fa840ffb2aabb54ce77a1a7da0ed6b446a8abe8b7f1779f50671
990dc0a5c2a5dcaa797d8af450680979a28fb91ebce97b5edcdf31c7f90eabe4
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
9e4c673675b25b9fcfae558083927850991ce9b96d2997ea5a232e94dc9ee0da
a0098a649dfef9bb2ab8e19f8e9668669fd26f61ec3aa02951dcf163ffaf04b7
a06492aaf1b7f2e082d88422e773d0154d0c7bd812db4d57e3d9af067a4d64fc
a13662fe0e47432fd37c46e61d6eab9ad070c9c7ef56511c3276a94e2729a24d
a71798d6045a126f7550c88203b389e3b44272542301c3310ac52c39c6da76a1
a917be15f33caca7feb38eb3568d482941ca594a08add89b9dc08c61ca0b7297
ab21762c3f447aa08cbefd5ea3866165f925bd5058a9ae19e23721462de6fb60
abf32703b4062c09d6fd3f4ffd7f8344f7806f2ed5ff2c1e496950f8a948e0d8
ac08fa8b565329cd5398c2f7f1cc58ae7d6ffbdb422f6cea1d387200c1226977
ac90ad3fa8fd14783a70287782b6d0e558b942c6e15e1d8939d087a9f71c98a8
ae6de183ae9a339fddbc7ca40bbccc092582999e99089fbe7a5b31e0b075445a
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b0212543cc5a4a0a31c1b5a9d1e8973261992116b4cfde3e7dfcf33b4e81a97b
b3d7eac6618a9bfa7093eba1f40bb5686c30484d2c6cc7b52625b6ec6465c285
b422ea03d0f1177be468b21d61f791542b2f508e2fc405baa8b4f14632cb2130
b4dd5e9eabba449d54eae7b7ef8b66e502814e2b6b037b7bd341ef77675f2cf5
b563ef2ed0b6b3231cf9e62d42fc83b43a425adf442a9d11420e653b205daf1c
b7ccced579ce029c7832db9fa995b34c55dfa63b140781cc4d7b0925dc8af3ea
b8e368fc4d526e8918587b7d25894636fb6c7e82fe1dd6f4227ea398ffc479c5
b989853e8fe5a3d22d2db42b21371f1b9fefda41bdd9b045fdc81825c165985b
b98ebc2b23c8191d51fb37636f75a3c5086705d2b801ac2b41555029bac83584
b99993143ef5c98b746267c0a19fd2c2f4a6d64af3e1dae82a87573c4b9b1572
bca1fc5f1cfa27352f0a3c1b6d742df2ebbb27d8026928d089e3b52d9e2f5562
bf403585160479d30f81b48755185375eff5c63bd7a24bd409384f293b06c9a8
c08efa91781865d1a2e9fcb030f8ac55c2d8eadbf8822c2ea251556333f99d9c
c17ce5d402af6a0208a7832cb2a4c23a3bdf10ec8659b35cf746a3bd3a3e165c
c1f52d0c7bbe687d6ff4ea17b30e8933ad9128b734fc72111a4752f2f619aa6f
c2a26661d8b53be4662d626ff8cca5064b60c214cb1572e22a3748da87eec20c
c2a7c33a94f659af7fe428a068c7aa77081139cfe22db6f4da526578e5696818
c4a21e99afbd547fb4eae2509ee2201baaef2227eea1cae41c5cf8e8bd06b762
c81f104eb4f636bb5485fed4417fd0e3ada4df4057c654dabeb4a5901b21786a
c83b73f9d863b80a28eaaf71734d3efd7353ac6c045ab37cd293a77857689788
c85d34f203361021f6f375787650507e7248a8210aaf6b9e198aaf8e834ac50e
c8852e018565a21b3faafd8e2d7eb02109bc3b38b3b83759b61eb918fdb5a176
c94bd810a6243e2840f3cc568c7a0e5bd22d86daa71356e1c8fafb109456fc52
c9701ff96675266ed2a8c5c2086ca44d6a0338dc114fe66a58dbdea9f4182e71
caad511a42b6f2f26d60408c8e9c70f6939396cceba9cc7638c6be0dd14a5d80
cccc5b8cd8072c7b90e4d63613ec618dc3a23dc44a7f1c70189d068b8589c703
ce54d767f01eb9114389e6ef95a27fe04211a98a4a7a0a4a6a56cb9274656e63
cec73498a5c27e5e21955e742d4b52fca065951ab2c40db81c644008e74cd173
cedc9155263d1f634191e71f3c9ce256b315f833e375739ed0e65087996428cc
cefd1561b7661914cb50552a13c9b8554d2183c6ed5696e3b8731b46ff787728
cf4d34ed170b3a3bdf1cb136e111b1d4216182773d6753517a0aa525f6abd606
d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef
d13950523af91285df5b6bfc9e6089592af57c65c13899afd966e583c533b5ff
d148d2914fa11fce730f994df8fd85a86144887930a13d43e4ad1be20ba6360f
d2d330f53cdfd25a188faebfc07535a76190bcc529946b09c74d0971e84b53cd
d48502629c054955a79b4951ad7888aadf665a24d5abb2ec426f5adb4546fe60
d4a1916cb402e1fba4eed335fb19c68c23a283554f749c23e75dc90ca79bb80f
d51e5a564964dac1e0780be7433f766f967df49e0f12ea8f9362e1db6358f9eb
d7632e98a95e126e3bbd823b5467e9d8746ff3c3f2c1f05983d639ef91de5f69
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d87ddf917b7a1449ab45e2b8e3c98354629bdd65b6659c37e6023bbea1ce1386
d8dd0de638293eb62dba15a6e410fb0af9a5b36c35df226237b1b609d573c63e
dada3f04a23e88c8a65cfdc241430f593d330e4abe4c51cfc77b78d8f8697064
db592bf5bc055050925694e86a11f39b1205f07b2deda61562f9992d2bf541b7
dbe2e063e6461ff74638da263835733de879093102659936dcdb47b144eaed6f
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dff4972cc4c4df7ad413012b534136a7298944ccb75f33032a37be9cb0149523
e246896268f64df82e2d476b0f5697525ff8f3dd9e2a424efe3fdb5086b21050
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b
ea4c2d85f07a2272592f84f3ceaa74988848be701b297b2f7212cd036accf9f3
ed77fc2cbbcf4cd716fbf7f4ace9c8d1612bf6140a5996e4f38f8caa142edcb8
edaac9900713a4661e0fbfcbdf11460f329e123076f0f196ab0b8eead959944e
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f119342c30c6bbb02d1d0d3c322722109a40808419ad15c2b1d0bca3a4e8565f
fe0cd2ebc678fd12559c16cccd9048f8a016eea1be807f550ffa793d0004184c

gt.usembassy.gov Open in urlscan Pro 2600:9000:223c:6e00:3:228f:7440:93a1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

224 Requests

97 %HTTPS

90 %IPv6

23 Domains

31 Subdomains

29 IPs

4 Countries

13699 kBTransfer

22768 kBSize

21 Cookies

223 Outgoing links

Page URL History

Redirected requests

224 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

gt.usembassy.gov Open in urlscan Pro
2600:9000:223c:6e00:3:228f:7440:93a1 Public Scan

Screenshot
Live screenshot

Full Image

224
Requests

97 %
HTTPS

90 %
IPv6

23
Domains

31
Subdomains

29
IPs

4
Countries

13699 kB
Transfer

22768 kB
Size

21
Cookies

224 HTTP transactions
4 data transactions