www.gwr.com Open in urlscan Pro
18.245.31.26 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.gwr.com/
Effective URL:
https://www.gwr.com/
Submission: On June 15 via api (June 15th 2024, 4:58:06 pm UTC) from US — Scanned from DE

Summary HTTP 53 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 13 IPs in 2 countries across 6 domains to perform 53 HTTP transactions. The main IP is 18.245.31.26, located in United States and belongs to AMAZON-02, US. The main domain is www.gwr.com. The Cisco Umbrella rank of the primary domain is 422505.
TLS certificate: Issued by RapidSSL TLS RSA CA G1 on May 15th 2024. Valid for: a year.

This is the only time www.gwr.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	2600:9000:266... 2600:9000:266e:a200:7:3b29:8e40:93a1	16509 (AMAZON-02) (AMAZON-02)
3	18.244.18.86 18.244.18.86	16509 (AMAZON-02) (AMAZON-02)
28	18.245.31.26 18.245.31.26	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
5	13.225.78.57 13.225.78.57	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:267... 2600:9000:2670:7e00:18:8697:62c0:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:803::200e	15169 (GOOGLE) (GOOGLE)
1	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
2 4	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
1	52.222.236.115 52.222.236.115	16509 (AMAZON-02) (AMAZON-02)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	142.250.74.206 142.250.74.206	15169 (GOOGLE) (GOOGLE)
53	13

2 2600:9000:266e:a200:7:3b29:8e40:93a1 (United States)

ASN16509 (AMAZON-02, US)

www.gwr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.244.18.86 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-244-18-86.fra56.r.cloudfront.net

ed9ec42ea38a.d5aa9ad1.eu-central-1.token.awswaf.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 18.245.31.26 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-31-26.fra56.r.cloudfront.net

www.gwr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 13.225.78.57 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-57.fra2.r.cloudfront.net

consent.trustarc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2670:7e00:18:8697:62c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

api.gwr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.130 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.236.115 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-115.fra56.r.cloudfront.net

consent-pref.trustarc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.74.206 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
32	gwr.com www.gwr.com — Cisco Umbrella Rank: 422505 api.gwr.com — Cisco Umbrella Rank: 563874	891 KB
6	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 68 region1.google-analytics.com — Cisco Umbrella Rank: 2347	21 KB
6	trustarc.com consent.trustarc.com — Cisco Umbrella Rank: 3218 consent-pref.trustarc.com — Cisco Umbrella Rank: 15778	35 KB
5	googlesyndication.com 2 redirects pagead2.googlesyndication.com — Cisco Umbrella Rank: 136 ade.googlesyndication.com — Cisco Umbrella Rank: 335	1 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 79	319 KB
3	awswaf.com ed9ec42ea38a.d5aa9ad1.eu-central-1.token.awswaf.com	287 KB
53	6

	Domain	Requested by
30	www.gwr.com	www.gwr.com
5	www.google-analytics.com	www.googletagmanager.com www.gwr.com
5	consent.trustarc.com	www.gwr.com consent.trustarc.com
4	ade.googlesyndication.com	2 redirects www.gwr.com
3	www.googletagmanager.com	www.gwr.com www.googletagmanager.com
3	ed9ec42ea38a.d5aa9ad1.eu-central-1.token.awswaf.com	www.gwr.com ed9ec42ea38a.d5aa9ad1.eu-central-1.token.awswaf.com
2	api.gwr.com	www.gwr.com
1	region1.google-analytics.com	www.googletagmanager.com
1	consent-pref.trustarc.com	consent.trustarc.com
1	pagead2.googlesyndication.com	www.googletagmanager.com
53	10

This site contains links to these domains. Also see Links.

Domain
myaccount.gwr.com
tickets.gwr.com
apps.apple.com
play.google.com
www.gwrsouvenirs.co.uk
twitter.com
www.facebook.com
www.instagram.com
www.youtube.com
www.accessibility-services.co.uk
news.gwr.com

Subject Issuer	Validity	Valid
*.gwr.com RapidSSL TLS RSA CA G1	`2024-05-15` - `2025-05-14`	a year	crt.sh
*.d5aa9ad1.eu-central-1.token.awswaf.com Amazon RSA 2048 M02	`2023-07-26` - `2024-08-23`	a year	crt.sh
*.google-analytics.com WR2	`2024-05-27` - `2024-08-19`	3 months	crt.sh
*.trustarc.com Amazon RSA 2048 M02	`2024-03-16` - `2025-04-14`	a year	crt.sh
*.g.doubleclick.net WR2	`2024-05-27` - `2024-08-19`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://www.gwr.com/
Frame ID: E3CC39EF1C7C7F57D41A6D3D9BD7B74D
Requests: 52 HTTP requests in this frame

Frame: https://consent.trustarc.com/get?name=crossdomain.html&domain=gwr.com
Frame ID: 6077B8ED54221499E1FB006541CC47C2
Requests: 1 HTTP requests in this frame

Frame: https://consent-pref.trustarc.com/?type=gwr&site=gwr.com&country=gb&action=notice&locale=en&behavior=expressed&gtm=1&layout=default_eu&behaviorManager=eu&irm=false&from=https://consent.trustarc.com/&session=fc919278-bc1a-4448-9415-96f9c63b4bc3&userType=NEW
Frame ID: 1A8280CFA41C1E9F405C8F6729096310
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Buy cheap train tickets | Great Western Railway

Page URL History Show full URLs

http://www.gwr.com/ HTTP 307
https://www.gwr.com/ Page URL
https://www.gwr.com/ Page URL

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

TrustArc (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

consent\.trustarc\.com

Page Statistics

53
Requests

96 %
HTTPS

42 %
IPv6

6
Domains

10
Subdomains

13
IPs

2
Countries

1555 kB
Transfer

4750 kB
Size

5
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: https://myaccount.gwr.com/MyAccount/SignIn
Title: My Account

Search URL Search Domain Scan URL

URL: https://tickets.gwr.com/gw/en/JourneyPlanning/Wizard
Title: Accessible booking tool

Search URL Search Domain Scan URL

URL: https://tickets.gwr.com/gw/en/journeyplanning/seasonmixingdeck
Title: Buy season tickets

Search URL Search Domain Scan URL

URL: https://apps.apple.com/gb/app/buy-train-tickets-check-live/id470544879

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.firstgreatwestern

Search URL Search Domain Scan URL

URL: https://www.gwrsouvenirs.co.uk/GWR
Title: GWR gift shop

Search URL Search Domain Scan URL

URL: https://twitter.com/GWRHelp

Search URL Search Domain Scan URL

URL: https://www.facebook.com/gwruk/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/gwruk/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/FGWComms/

Search URL Search Domain Scan URL

URL: https://www.accessibility-services.co.uk/certificates/great-western-railway/
Title: <img alt="ShawTrust Accessible" sizes="100vw" srcSet="/_next/image?url=%2F-%2Fmedia%2Fgwr-sc-website%2Fimg%2Flogos%2Fshawtrust_accessible.jpg%3Fh%3D60%26iar%3D0%26w%3D198%26hash%3D4EF0C5E6DC5E2AE8AA65ED39EE3111D3&w=500&q=75 500w, /_next/image?url=%2F-%2Fmedia%2Fgwr-sc-website%2Fimg%2Flogos%2Fshawtrust_accessible.jpg%3Fh%3D60%26iar%3D0%26w%3D198%26hash%3D4EF0C5E6DC5E2AE8AA65ED39EE3111D3&w=640&q=75 640w, /_next/image?url=%2F-%2Fmedia%2Fgwr-sc-website%2Fimg%2Flogos%2Fshawtrust_accessible.jpg%3Fh%3D60%26iar%3D0%26w%3D198%26hash%3D4EF0C5E6DC5E2AE8AA65ED39EE3111D3&w=750&q=75 750w, /_next/image?url=%2F-%2Fmedia%2Fgwr-sc-website%2Fimg%2Flogos%2Fshawtrust_accessible.jpg%3Fh%3D60%26iar%3D0%26w%3D198%26hash%3D4EF0C5E6DC5E2AE8AA65ED39EE3111D3&w=828&q=75 828w, /_next/image?url=%2F-%2Fmedia%2Fgwr-sc-website%2Fimg%2Flogos%2Fshawtrust_accessible.jpg%3Fh%3D60%26iar%3D0%26w%3D198%26hash%3D4EF0C5E6DC5E2AE8AA65ED39EE3111D3&w=1080&q=75 1080w, /_next/image?url=%2F-%2F

Search URL Search Domain Scan URL

URL: https://news.gwr.com/
Title: Press

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.gwr.com/ HTTP 307
https://www.gwr.com/ Page URL
https://www.gwr.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://www.gwr.com/ HTTP 307
https://www.gwr.com/

Request Chain 43

https://ade.googlesyndication.com/ddm/activity/src=9412799;type=paget0;cat=the7s004;ord=2542504905669;npa=1;gdid=dNTIxZG;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.61%7CGoogle%2520Chrome%3B126.0.6478.61;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=denied;frm=0;gtm=45fe46c0v9181639981z871465634za201zb71465634;gcs=G100;gcd=13q3qPq2q5;dma_cps=-;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwww.gwr.com%2F HTTP 302
https://ade.googlesyndication.com/ddm/activity/src=9412799;dc_pre=CM3diJWK3oYDFTwOogMdCyQP5Q;type=paget0;cat=the7s004;ord=2542504905669;npa=1;gdid=dNTIxZG;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.61%7CGoogle%2520Chrome%3B126.0.6478.61;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=denied;frm=0;gtm=45fe46c0v9181639981z871465634za201zb71465634;gcs=G100;gcd=13q3qPq2q5;dma_cps=-;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwww.gwr.com%2F

Request Chain 44

https://ade.googlesyndication.com/ddm/activity/src=9412799;type=paget0;cat=the7s0;ord=1132618352936;npa=1;u1=https%3A%2F%2Fwww.gwr.com%2F;u2=%2F;gdid=dNTIxZG;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.61%7CGoogle%2520Chrome%3B126.0.6478.61;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=denied;frm=0;gtm=45fe46c0v9181639981z871465634za201zb71465634;gcs=G100;gcd=13q3qPq2q5;dma_cps=-;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwww.gwr.com%2F HTTP 302
https://ade.googlesyndication.com/ddm/activity/src=9412799;dc_pre=CJTZiJWK3oYDFXIOogMdDtIBuQ;type=paget0;cat=the7s0;ord=1132618352936;npa=1;u1=https%3A%2F%2Fwww.gwr.com%2F;u2=%2F;gdid=dNTIxZG;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.61%7CGoogle%2520Chrome%3B126.0.6478.61;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=denied;frm=0;gtm=45fe46c0v9181639981z871465634za201zb71465634;gcs=G100;gcd=13q3qPq2q5;dma_cps=-;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwww.gwr.com%2F

53 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

202

/ Show response
www.gwr.com/
Redirect Chain

http://www.gwr.com/
https://www.gwr.com/

2 KB
3 KB

154ms
42ms

Document
text/html

2600:9000:266e:a200:7:3b29:8e40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gwr.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:266e:a200:7:3b29:8e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: c3b19ec780b3c642a22e4a46984328fb30921358b788e50d09044746818e8905

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-methods: OPTIONS,GET,POST
access-control-allow-origin: *
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400
cache-control: no-store, max-age=0
content-length: 2321
content-type: text/html; charset=UTF-8
date: Sat, 15 Jun 2024 16:57:59 GMT
server: CloudFront
via: 1.1 ebc0709f2918acef5e26208dffcb618c.cloudfront.net (CloudFront)
x-amz-cf-id: tEPMM-MmqMqWH-3gXlpmilXEEAjP_ehrV4yjewcs137rhONM-2Vchw==
x-amz-cf-pop: FRA56-P8
x-amzn-waf-action: challenge
x-cache: Error from cloudfront

Redirect headers

Location: https://www.gwr.com/
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 challenge.js Show response
ed9ec42ea38a.d5aa9ad1.eu-central-1.token.awswaf.com/ed9ec42ea38a/45d08cde14c3/d0974938a39f/ 1 MB
285 KB 142ms
46ms Script
text/javascript 18.244.18.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ed9ec42ea38a.d5aa9ad1.eu-central-1.token.awswaf.com/ed9ec42ea38a/45d08cde14c3/d0974938a39f/challenge.js
Requested by: Host: www.gwr.com
URL: https://www.gwr.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.244.18.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-244-18-86.fra56.r.cloudfront.net
Software: /
Resource Hash: a83016624b85b726206e90f48c95b7595e5bbeca45dd543215adc3393802ae1b

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.gwr.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 15 Jun 2024 16:58:00 GMT
content-encoding: gzip
via: 1.1 012ed5015dc2306833b5abb65b3a0378.cloudfront.net (CloudFront)
last-modified: Sat, 15 Jun 2024 16:58:00 +0000
x-amz-cf-pop: FRA56-P11
vary: Accept-Encoding
x-cache: Miss from cloudfront
x-amzn-waf-challenge-id: Root=1-666dc818-4824f6b67dd6d9cd7fac2f9c
content-type: text/javascript
cache-control: private, max-age=86400, stale-while-revalidate=604800
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: Z7L_PLMi_tjylBgWOmvnSsQ0tmMd0wO30URrxpq4UTFw8ZJZIJ_Img==
expires: 0

POST
H3 200 verify Show response
ed9ec42ea38a.d5aa9ad1.eu-central-1.token.awswaf.com/ed9ec42ea38a/45d08cde14c3/d0974938a39f/ 288 B
635 B 113ms
66ms Fetch
application/json 18.244.18.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ed9ec42ea38a.d5aa9ad1.eu-central-1.token.awswaf.com/ed9ec42ea38a/45d08cde14c3/d0974938a39f/verify
Requested by: Host: ed9ec42ea38a.d5aa9ad1.eu-central-1.token.awswaf.com
URL: https://ed9ec42ea38a.d5aa9ad1.eu-central-1.token.awswaf.com/ed9ec42ea38a/45d08cde14c3/d0974938a39f/challenge.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.244.18.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-244-18-86.fra56.r.cloudfront.net
Software: /
Resource Hash: 3ec21725f70b383960c9e52ce1bb201f63673728b6903078b49984e3bd98515f

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://www.gwr.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 15 Jun 2024 16:58:00 GMT
via: 1.1 cbad29402e4e90baabe7151c3f1203b6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P11
access-control-max-age: 86400
access-control-allow-methods: OPTIONS,GET,POST
content-type: application/json
access-control-allow-origin: *
x-cache: Miss from cloudfront
x-amzn-waf-challenge-id: Root=1-666dc818-17cff1ca392f04bf5f84d38b
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=86400
content-length: 288
x-amz-cf-id: E8QhaWOnW_HkooKdqgxTd806dE_HNvhUR6YttGnK9GAiXGPqIWLDUQ==
expires: 0

GET
H2 404 favicon.ico
www.gwr.com/ 206 KB
42 KB 203ms
202ms Other
text/html 2600:9000:266e:a200:7:3b29:8e40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gwr.com/favicon.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:266e:a200:7:3b29:8e40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

ec7e3f53159bfd2644a1efe002eac5308560b09b23b06b64b80d6fe25379eea9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.gwr.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 16:58:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: gzip
x-permitted-cross-domain-policies: none
via: 1.1 ebc0709f2918acef5e26208dffcb618c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P8
x-cache: Error from cloudfront
alt-svc: h3=":443"; ma=86400
referrer-policy: same-origin
etag: "mqoz7letyn4j5h"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/html; charset=utf-8
cache-control: private, no-cache, no-store, max-age=0, must-revalidate
x-amz-cf-id: ATezIAXVLkoI1MjkOWaKWFZTNMdt3uA6Ju8jB_pE6uCLFkUEQNZz6w==

POST
H3 200 telemetry Show response
ed9ec42ea38a.d5aa9ad1.eu-central-1.token.awswaf.com/ed9ec42ea38a/45d08cde14c3/d0974938a39f/ 856 B
1 KB 45ms
44ms Fetch
application/json 18.244.18.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ed9ec42ea38a.d5aa9ad1.eu-central-1.token.awswaf.com/ed9ec42ea38a/45d08cde14c3/d0974938a39f/telemetry
Requested by: Host: ed9ec42ea38a.d5aa9ad1.eu-central-1.token.awswaf.com
URL: https://ed9ec42ea38a.d5aa9ad1.eu-central-1.token.awswaf.com/ed9ec42ea38a/45d08cde14c3/d0974938a39f/challenge.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.244.18.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-244-18-86.fra56.r.cloudfront.net
Software: /
Resource Hash: 61bc3544b247c88c2cda8e3da5b2e13ddcb0844dd9a6b3097e553f07fd148706

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://www.gwr.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 15 Jun 2024 16:58:00 GMT
via: 1.1 cbad29402e4e90baabe7151c3f1203b6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P11
access-control-max-age: 86400
access-control-allow-methods: OPTIONS,GET,POST
content-type: application/json
access-control-allow-origin: *
x-cache: Miss from cloudfront
x-amzn-waf-challenge-id: Root=1-666dc818-60c88d2200b08b987e752709
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=86400
content-length: 856
x-amz-cf-id: GC3w-ObyP8JSX0to_8lwnoW1pU0kS6rpAgmH-Xir6je2wr1_DII2pQ==
expires: 0

GET
H3 200 Primary Request / Show response
www.gwr.com/ 521 KB
97 KB 406ms
406ms Document
text/html 18.245.31.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gwr.com/

Requested by

Host: www.gwr.com
URL: https://www.gwr.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

18.245.31.26 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-31-26.fra56.r.cloudfront.net

Software

Resource Hash

baf7d60a4cd76e3fda68bf7c350a954cfa076273026a635a5034273478d10724

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.gwr.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sat, 15 Jun 2024 16:58:01 GMT
etag: "ca7uexdgibfs7"
referrer-policy: same-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 67cd7fbfa7b3b35b6217719b3f0167d2.cloudfront.net (CloudFront)
x-amz-cf-id: MPwhwW-JTvZob_Fi3VFZIb6WU0jBw73goO_SyKNEA15HQ1EOhendgw==
x-amz-cf-pop: FRA56-P8
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none

GET
H3 200 glypha_200.woff2
www.gwr.com/fonts/glypha-w01/ 18 KB
18 KB 198ms
197ms Font
font/woff2 18.245.31.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gwr.com/fonts/glypha-w01/glypha_200.woff2

Requested by

Host: www.gwr.com
URL: https://www.gwr.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

18.245.31.26 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-31-26.fra56.r.cloudfront.net

Software

Resource Hash

04f360d807eb412515ec8798c76c01aa4638de575f8d2995b38d9e6200f9f1dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.gwr.com/
Origin: https://www.gwr.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 16:58:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 67cd7fbfa7b3b35b6217719b3f0167d2.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: none
x-amz-cf-pop: FRA56-P8
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 17956
referrer-policy: same-origin
last-modified: Wed, 09 Aug 2023 08:19:11 GMT
etag: W/"4624-189d960dc18"
x-frame-options: SAMEORIGIN
content-type: font/woff2
cache-control: public, max-age=604800, must-revalidate
accept-ranges: bytes
x-amz-cf-id: NFL3k8K9TiQVY_JeM22IRFibiYvTO1_poCQSm1uSGvAr0DQj9qUaSA==

GET
H3 200 glypha_400.woff2
www.gwr.com/fonts/glypha-w01/ 19 KB
19 KB 200ms
199ms Font
font/woff2 18.245.31.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gwr.com/fonts/glypha-w01/glypha_400.woff2

Requested by

Host: www.gwr.com
URL: https://www.gwr.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

18.245.31.26 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-31-26.fra56.r.cloudfront.net

Software

Resource Hash

e1482bf961075010501190a1321dfe7239176ef7c1c96d7ee5fe7ebebd644b0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.gwr.com/
Origin: https://www.gwr.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 16:58:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 67cd7fbfa7b3b35b6217719b3f0167d2.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: none
x-amz-cf-pop: FRA56-P8
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 19572
referrer-policy: same-origin
last-modified: Wed, 09 Aug 2023 08:19:11 GMT
etag: W/"4c74-189d960dc18"
x-frame-options: SAMEORIGIN
content-type: font/woff2
cache-control: public, max-age=604800, must-revalidate
accept-ranges: bytes
x-amz-cf-id: -gc6Uk_kTtjSNUOxKtEMt4s6SA_9UnxsRsBcYnXiz_N0s3177quOvQ==

GET
H3 200 univers_400.woff2
www.gwr.com/fonts/univers-w01/ 19 KB
19 KB 151ms
150ms Font
font/woff2 18.245.31.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gwr.com/fonts/univers-w01/univers_400.woff2

Requested by

Host: www.gwr.com
URL: https://www.gwr.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

18.245.31.26 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-31-26.fra56.r.cloudfront.net

Software

Resource Hash

8cc954d435542d3d2ced741ce3ef403909cfc0030acb3921e67c5a1f738e04ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.gwr.com/
Origin: https://www.gwr.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 16:58:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 67cd7fbfa7b3b35b6217719b3f0167d2.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: none
x-amz-cf-pop: FRA56-P8
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 19572
referrer-policy: same-origin
last-modified: Wed, 09 Aug 2023 08:19:11 GMT
etag: W/"4c74-189d960dc18"
x-frame-options: SAMEORIGIN
content-type: font/woff2
cache-control: public, max-age=604800, must-revalidate
accept-ranges: bytes
x-amz-cf-id: wxlWQXjlleNC5s5JwJRypg5HM6y2-w0YrIFo8NlUSzULhdrsc0RmzA==

GET
H3 200 univers_700.woff2
www.gwr.com/fonts/univers-w01/ 21 KB
22 KB 198ms
197ms Font
font/woff2 18.245.31.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gwr.com/fonts/univers-w01/univers_700.woff2

Requested by

Host: www.gwr.com
URL: https://www.gwr.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

18.245.31.26 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-31-26.fra56.r.cloudfront.net

Software

Resource Hash

6266cf9e881e27427e30812ae535f9d10a245e62c85bc30d71184fd95f9b72e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.gwr.com/
Origin: https://www.gwr.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 16:58:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 67cd7fbfa7b3b35b6217719b3f0167d2.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: none
x-amz-cf-pop: FRA56-P8
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 21920
referrer-policy: same-origin
last-modified: Wed, 09 Aug 2023 08:19:11 GMT
etag: W/"55a0-189d960dc18"
x-frame-options: SAMEORIGIN
content-type: font/woff2
cache-control: public, max-age=604800, must-revalidate
accept-ranges: bytes
x-amz-cf-id: RSoIL5tJAz3kxgmSauvtLcFFY_oREyvvFhDA8CDkPr2SsUQNAmypPQ==

GET
H3 200 image
www.gwr.com/_next/ 45 KB
46 KB 194ms
193ms Image
image/webp 18.245.31.26
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gwr.com/_next/image?url=%2F-%2Fmedia%2Fgwr-sc-website%2Fimg%2Fhomepage%2FGWR-Pullman-Dining-banner-v3.jpg%3Fh%3D1000%26iar%3D0%26w%3D3000%26hash%3DD1B4443BDC586A4DA99E5C9F42CFE6E5&w=1920&q=75

Requested by

Host: www.gwr.com
URL: https://www.gwr.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

18.245.31.26 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-31-26.fra56.r.cloudfront.net

Software

Resource Hash

63d3f86494cc23122bb0c0c0de5c3d6171cdc71fae59fba15cfda0f7ffa9268b

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.gwr.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 16:58:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
via: 1.1 67cd7fbfa7b3b35b6217719b3f0167d2.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: none
x-amz-cf-pop: FRA56-P8
x-cache: Miss from cloudfront
x-nextjs-cache: HIT
content-disposition: inline; filename="GWR-Pullman-Dining-banner-v3.webp"
alt-svc: h3=":443"; ma=86400
content-length: 46376
referrer-policy: same-origin
etag: Y9P4ZJTMIxIrsMDA3lw9YXHNxx+uWfuhXP2g9-+pJos=
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: public, max-age=900, must-revalidate
x-amz-cf-id: vmcEvanL9ryYDjfKSpz4I8LhXWDQ6LDX28JKbjR3Ee5eaZETSUkJhQ==

GET
H3 200 c3aeaf2c7365c232.css
www.gwr.com/_next/static/css/ 790 B
1 KB 145ms
144ms Stylesheet
text/css 18.245.31.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gwr.com/_next/static/css/c3aeaf2c7365c232.css

Requested by

Host: www.gwr.com
URL: https://www.gwr.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

18.245.31.26 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-31-26.fra56.r.cloudfront.net

Software

Resource Hash

75619a94c981f6f83c00106ebdfa50a9f890bda174c2bd091a4a32942fdbe89e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.gwr.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 16:58:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 67cd7fbfa7b3b35b6217719b3f0167d2.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: none
x-amz-cf-pop: FRA56-P8
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 790
referrer-policy: same-origin
last-modified: Mon, 04 Mar 2024 12:05:15 GMT
etag: W/"316-18e095a9478"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
x-amz-cf-id: LTyLrEf_EBek3JyS7raGY2CRk79uzFtAL4ghAlWua1hz4xm-ij3RTw==

GET
H3 200 870.25c9dd3e29ba1917.js Show response
www.gwr.com/_next/static/chunks/ 71 KB
22 KB 151ms
150ms Script
application/javascript 18.245.31.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gwr.com/_next/static/chunks/870.25c9dd3e29ba1917.js

Requested by

Host: www.gwr.com
URL: https://www.gwr.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

18.245.31.26 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-31-26.fra56.r.cloudfront.net

Software

Resource Hash

d976cc6fb6528fc939f9fd5dbe49bb809ab522c44d1d784c115a6e5c0825c58f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.gwr.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 16:58:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: gzip
x-permitted-cross-domain-policies: none
x-amz-cf-pop: FRA56-P8
via: 1.1 67cd7fbfa7b3b35b6217719b3f0167d2.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
referrer-policy: same-origin
last-modified: Mon, 04 Mar 2024 12:05:15 GMT
etag: W/"11ccb-18e095a9478"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
x-amz-cf-id: bwO5vZt6BveBEtltiHBAeHz8dNfT9xYClUXPQR7xfnhcgnHDnYtzQQ==

GET
H3 200 837.e954da3a753f550e.js Show response
www.gwr.com/_next/static/chunks/ 40 KB
14 KB 160ms
158ms Script
application/javascript 18.245.31.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gwr.com/_next/static/chunks/837.e954da3a753f550e.js

Requested by

Host: www.gwr.com
URL: https://www.gwr.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

18.245.31.26 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-31-26.fra56.r.cloudfront.net

Software

Resource Hash

bc36fb068a71b4bb1ff736cc1a21211500ca735a7eaaab5aaee448c0ba872169

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.gwr.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 16:58:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: gzip
x-permitted-cross-domain-policies: none
x-amz-cf-pop: FRA56-P8
via: 1.1 67cd7fbfa7b3b35b6217719b3f0167d2.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
referrer-policy: same-origin
last-modified: Mon, 04 Mar 2024 12:05:15 GMT
etag: W/"a10d-18e095a9478"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
x-amz-cf-id: Ny8rTNDJXzJq4z-AMllP6hylmQO8AKwNoh9UO11W0PWcL5TOQQXYjw==

GET
H3 200 648.b2648254d0c700ba.js Show response
www.gwr.com/_next/static/chunks/ 24 KB
8 KB 160ms
158ms Script
application/javascript 18.245.31.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gwr.com/_next/static/chunks/648.b2648254d0c700ba.js

Requested by

Host: www.gwr.com
URL: https://www.gwr.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

18.245.31.26 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-31-26.fra56.r.cloudfront.net

Software

Resource Hash

8199990c0e692f40ccf08aa2ce9e2bde9253bf732693bef3d1e1333f521df43a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.gwr.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 16:58:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: gzip
x-permitted-cross-domain-policies: none
x-amz-cf-pop: FRA56-P8
via: 1.1 67cd7fbfa7b3b35b6217719b3f0167d2.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
referrer-policy: same-origin
last-modified: Mon, 04 Mar 2024 12:05:15 GMT
etag: W/"5fd4-18e095a9478"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
x-amz-cf-id: RH-bKc314PcLg3xUF4JJIOjSTDfdQOBxr_AYYI9zH4rSq8our_W7tg==

GET
H3 200 977.7589d1292e986c37.js Show response
www.gwr.com/_next/static/chunks/ 21 KB
7 KB 165ms
163ms Script
application/javascript 18.245.31.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gwr.com/_next/static/chunks/977.7589d1292e986c37.js

Requested by

Host: www.gwr.com
URL: https://www.gwr.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

18.245.31.26 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-31-26.fra56.r.cloudfront.net

Software

Resource Hash

5f85dc372e135a31aa7cf4485e795c0d42dc5fea14e5f2e479ca9f25cc698d2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.gwr.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 16:58:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: gzip
x-permitted-cross-domain-policies: none
x-amz-cf-pop: FRA56-P8
via: 1.1 67cd7fbfa7b3b35b6217719b3f0167d2.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
referrer-policy: same-origin
last-modified: Mon, 04 Mar 2024 12:05:15 GMT
etag: W/"5455-18e095a9478"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
x-amz-cf-id: lAWfujKcVRy-00Qk78LUot0ty8jy7mE4sKME1FvN4Cgrw_C9LHEZYA==

GET
H3 200 home.2a5a8407dd350300.js Show response
www.gwr.com/_next/static/chunks/ 57 KB
19 KB 164ms
162ms Script
application/javascript 18.245.31.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gwr.com/_next/static/chunks/home.2a5a8407dd350300.js

Requested by

Host: www.gwr.com
URL: https://www.gwr.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

18.245.31.26 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-31-26.fra56.r.cloudfront.net

Software

Resource Hash

ae144f0099d41887767c49310f70213516eb1903d83f3e4e6a4bdd449d677f5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.gwr.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 16:58:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: gzip
x-permitted-cross-domain-policies: none
x-amz-cf-pop: FRA56-P8
via: 1.1 67cd7fbfa7b3b35b6217719b3f0167d2.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
referrer-policy: same-origin
last-modified: Mon, 04 Mar 2024 12:05:15 GMT
etag: W/"e46d-18e095a9478"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
x-amz-cf-id: 2ZEzQ84kn5SLjEvs9aIQxm5obFleGyJoBGjwqcgADqwSvgRMKvE1oA==

GET
H3 200 webpack-996cc20eba87cd52.js Show response
www.gwr.com/_next/static/chunks/ 4 KB
2 KB 149ms
147ms Script
application/javascript 18.245.31.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gwr.com/_next/static/chunks/webpack-996cc20eba87cd52.js

Requested by

Host: www.gwr.com
URL: https://www.gwr.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

18.245.31.26 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-31-26.fra56.r.cloudfront.net

Software

Resource Hash

81e115985070eec49152ae8ef48628d6916a8b972bd23c2bc8e7c0cbca500c49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.gwr.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 16:58:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: gzip
x-permitted-cross-domain-policies: none
x-amz-cf-pop: FRA56-P8
via: 1.1 67cd7fbfa7b3b35b6217719b3f0167d2.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
referrer-policy: same-origin
last-modified: Mon, 04 Mar 2024 12:05:15 GMT
etag: W/"116b-18e095a9478"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
x-amz-cf-id: _6MeXdtOKIvvVHsErfJsbjNL28YXGvj8TsQ7x7YaHXJp3NOaRUGWBA==

GET
H3 200 framework-bb5c596eafb42b22.js Show response
www.gwr.com/_next/static/chunks/ 127 KB
42 KB 238ms
236ms Script
application/javascript 18.245.31.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gwr.com/_next/static/chunks/framework-bb5c596eafb42b22.js

Requested by

Host: www.gwr.com
URL: https://www.gwr.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

18.245.31.26 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-31-26.fra56.r.cloudfront.net

Software

Resource Hash

7f601b1b258803287386acf9c747b98d5775345193c93dfe2dbdf3e5829a06c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.gwr.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 16:58:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: gzip
x-permitted-cross-domain-policies: none
x-amz-cf-pop: FRA56-P8
via: 1.1 67cd7fbfa7b3b35b6217719b3f0167d2.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
referrer-policy: same-origin
last-modified: Mon, 04 Mar 2024 12:05:15 GMT
etag: W/"1fbd1-18e095a9478"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
x-amz-cf-id: kqzKnWl37HK6LMWndItLloUJB49jcHp98Rxd5oFqCY8lXs0fbqGEDw==

GET
H3 200 main-286dd6b0c668b7a5.js Show response
www.gwr.com/_next/static/chunks/ 119 KB
36 KB 162ms
160ms Script
application/javascript 18.245.31.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gwr.com/_next/static/chunks/main-286dd6b0c668b7a5.js

Requested by

Host: www.gwr.com
URL: https://www.gwr.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

18.245.31.26 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-31-26.fra56.r.cloudfront.net

Software

Resource Hash

0b372d1f41dd32ee8815ce6f83127f49bed92b0b1f186885eb6f92c119ea0a04

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.gwr.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 16:58:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: gzip
x-permitted-cross-domain-policies: none
x-amz-cf-pop: FRA56-P8
via: 1.1 67cd7fbfa7b3b35b6217719b3f0167d2.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
referrer-policy: same-origin
last-modified: Mon, 04 Mar 2024 12:05:15 GMT
etag: W/"1dcf7-18e095a9478"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
x-amz-cf-id: _5hTzv8WncSQA-z2HKFqG5fa_2u2QL50-tF72de7PoE8GVRyauu2gQ==

GET
H3 200 _app-ac09308fceaa42c7.js Show response
www.gwr.com/_next/static/chunks/pages/ 278 KB
84 KB 162ms
161ms Script
application/javascript 18.245.31.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gwr.com/_next/static/chunks/pages/_app-ac09308fceaa42c7.js

Requested by

Host: www.gwr.com
URL: https://www.gwr.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

18.245.31.26 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-31-26.fra56.r.cloudfront.net

Software

Resource Hash

8dacc7d4af46ba7887f4e80942d57ca91bf8024915f30fc3f4fe0d562b43136d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.gwr.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 16:58:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: gzip
x-permitted-cross-domain-policies: none
x-amz-cf-pop: FRA56-P8
via: 1.1 67cd7fbfa7b3b35b6217719b3f0167d2.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
referrer-policy: same-origin
last-modified: Mon, 04 Mar 2024 12:05:15 GMT
etag: W/"45833-18e095a9478"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
x-amz-cf-id: yneC_d4cYsKHwLqSV_l-cYIVNAHM3_pSAW0bGZZPjT7tjPff2oSVUg==

GET
H3 200 211-d11efe882a73d52a.js Show response
www.gwr.com/_next/static/chunks/ 199 KB
64 KB 236ms
234ms Script
application/javascript 18.245.31.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gwr.com/_next/static/chunks/211-d11efe882a73d52a.js

Requested by

Host: www.gwr.com
URL: https://www.gwr.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

18.245.31.26 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-31-26.fra56.r.cloudfront.net

Software

Resource Hash

9860a4543dcf03e8143bd46fec7af9f075cdb99231ff175ea16e8e442f4fb06b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.gwr.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 16:58:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: gzip
x-permitted-cross-domain-policies: none
x-amz-cf-pop: FRA56-P8
via: 1.1 67cd7fbfa7b3b35b6217719b3f0167d2.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
referrer-policy: same-origin
last-modified: Mon, 04 Mar 2024 12:05:15 GMT
etag: W/"31d14-18e095a9478"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
x-amz-cf-id: R-mhwzAEjgxT9hzw5K9AhbiToPqUwXl1Du9ydzw0xoq-d6OpJoCOKA==

GET
H3 200 268-c958d08858c14329.js Show response
www.gwr.com/_next/static/chunks/ 312 KB
93 KB 241ms
240ms Script
application/javascript 18.245.31.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gwr.com/_next/static/chunks/268-c958d08858c14329.js

Requested by

Host: www.gwr.com
URL: https://www.gwr.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

18.245.31.26 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-31-26.fra56.r.cloudfront.net

Software

Resource Hash

039d5f1ce6b539ef97d26af9c695879f55c6339a881a029be2d1d1ff31840c5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.gwr.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 16:58:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: gzip
x-permitted-cross-domain-policies: none
x-amz-cf-pop: FRA56-P8
via: 1.1 67cd7fbfa7b3b35b6217719b3f0167d2.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
referrer-policy: same-origin
last-modified: Mon, 04 Mar 2024 12:05:15 GMT
etag: W/"4ded3-18e095a9478"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
x-amz-cf-id: lI0vuprO-I812DZoCpkmjO9-LoXgoua9fx4N7IlbFzHCI01jbU9xyA==

GET
H3 200 %5B%5B...path%5D%5D-c410d4e2d3b43fce.js Show response
www.gwr.com/_next/static/chunks/pages/ 183 KB
56 KB 161ms
160ms Script
application/javascript 18.245.31.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gwr.com/_next/static/chunks/pages/%5B%5B...path%5D%5D-c410d4e2d3b43fce.js

Requested by

Host: www.gwr.com
URL: https://www.gwr.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

18.245.31.26 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-31-26.fra56.r.cloudfront.net

Software

Resource Hash

a90ae9958c764fda2e5f83d2369bffcfd7267d87a9213f0244f409dae397d6b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.gwr.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 16:58:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: gzip
x-permitted-cross-domain-policies: none
x-amz-cf-pop: FRA56-P8
via: 1.1 67cd7fbfa7b3b35b6217719b3f0167d2.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
referrer-policy: same-origin
last-modified: Mon, 04 Mar 2024 12:05:15 GMT
etag: W/"2daa1-18e095a9478"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
x-amz-cf-id: zdoKWh0CPbvdfufT2IP0KRnY-_gu_CGKx9s82k63MQW5K5BMaRgHAA==

GET
H3 200 _buildManifest.js Show response
www.gwr.com/_next/static/7MBSOQFGhLofh57aOG1Mq/ 951 B
1 KB 157ms
156ms Script
application/javascript 18.245.31.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gwr.com/_next/static/7MBSOQFGhLofh57aOG1Mq/_buildManifest.js

Requested by

Host: www.gwr.com
URL: https://www.gwr.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

18.245.31.26 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-31-26.fra56.r.cloudfront.net

Software

Resource Hash

5fa6989e8265080683d2cb2dce38cefc5351fe231188e492c0295cfcd05b6356

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.gwr.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 16:58:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 67cd7fbfa7b3b35b6217719b3f0167d2.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: none
x-amz-cf-pop: FRA56-P8
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 951
referrer-policy: same-origin
last-modified: Mon, 04 Mar 2024 12:05:15 GMT
etag: W/"3b7-18e095a9478"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
x-amz-cf-id: K3N6qvtN8sKqGXZkYImU2KZ6cF1bgJ3A7nWtjFQjI9s2fljKrA5AAQ==

GET
H3 200 _ssgManifest.js Show response
www.gwr.com/_next/static/7MBSOQFGhLofh57aOG1Mq/ 77 B
496 B 147ms
146ms Script
application/javascript 18.245.31.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gwr.com/_next/static/7MBSOQFGhLofh57aOG1Mq/_ssgManifest.js

Requested by

Host: www.gwr.com
URL: https://www.gwr.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

18.245.31.26 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-31-26.fra56.r.cloudfront.net

Software

Resource Hash

6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.gwr.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 16:58:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 67cd7fbfa7b3b35b6217719b3f0167d2.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: none
x-amz-cf-pop: FRA56-P8
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 77
referrer-policy: same-origin
last-modified: Mon, 04 Mar 2024 12:05:15 GMT
etag: W/"4d-18e095a9478"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
x-amz-cf-id: lpsuJbrY0XhfpQSb3lLbwYiqewgHpngXHD0mls_5sm2k0_hSJ2M-og==

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 200 univers_400_oblique.woff2
www.gwr.com/fonts/univers-w01/ 20 KB
20 KB 206ms
205ms Font
font/woff2 18.245.31.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gwr.com/fonts/univers-w01/univers_400_oblique.woff2

Requested by

Host: www.gwr.com
URL: https://www.gwr.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

18.245.31.26 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-31-26.fra56.r.cloudfront.net

Software

Resource Hash

54fe7676ef4ec04a1c035b1bbb66b68d209b2ee3b443667d2300f9f52b8f9395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.gwr.com/
Origin: https://www.gwr.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 16:58:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 67cd7fbfa7b3b35b6217719b3f0167d2.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: none
x-amz-cf-pop: FRA56-P8
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 20088
referrer-policy: same-origin
last-modified: Wed, 09 Aug 2023 08:19:11 GMT
etag: W/"4e78-189d960dc18"
x-frame-options: SAMEORIGIN
content-type: font/woff2
cache-control: public, max-age=604800, must-revalidate
accept-ranges: bytes
x-amz-cf-id: a3cdTBMySx9aBthlB-QvUuHIM1ozHDTSj5rrKSXlmKf0CNU6XmTt8Q==

GET
H3 200 glypha_700.woff2
www.gwr.com/fonts/glypha-w01/ 19 KB
20 KB 184ms
183ms Font
font/woff2 18.245.31.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gwr.com/fonts/glypha-w01/glypha_700.woff2

Requested by

Host: www.gwr.com
URL: https://www.gwr.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

18.245.31.26 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-31-26.fra56.r.cloudfront.net

Software

Resource Hash

4a35093d1b53bd00fbee83412236aac8d9dda32ec18abafe49d9e3e882be2766

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.gwr.com/
Origin: https://www.gwr.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 16:58:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 67cd7fbfa7b3b35b6217719b3f0167d2.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: none
x-amz-cf-pop: FRA56-P8
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 19756
referrer-policy: same-origin
last-modified: Wed, 09 Aug 2023 08:19:11 GMT
etag: W/"4d2c-189d960dc18"
x-frame-options: SAMEORIGIN
content-type: font/woff2
cache-control: public, max-age=604800, must-revalidate
accept-ranges: bytes
x-amz-cf-id: iObhwafhxSTheSMF3YBty9Rvu-fC82VrfaM49f77MLO9daVMBvYq5A==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 548 KB
145 KB 195ms
100ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5GTL38&gtm_auth=PESnzkKFhUZHgoDBVcStVQ&gtm_preview=env-37&gtm_cookies_win=x

Requested by

Host: www.gwr.com
URL: https://www.gwr.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

640de3f5204e09d7dbc4ac39cc9da0c395d24def684cec4b70a30b6a132421cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 16:58:02 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 148156
x-xss-protection: 0
pragma: no-cache
server: Google Tag Manager
vary: *
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 notice Show response
consent.trustarc.com/ 14 KB
6 KB 172ms
76ms Script
text/javascript 13.225.78.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent.trustarc.com/notice?domain=gwr.com&c=teconsent&country=gb&language=gb&js=nj&noticeType=bb&text=true&gtm=1&pcookie

Requested by

Host: www.gwr.com
URL: https://www.gwr.com/_next/static/chunks/main-286dd6b0c668b7a5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.57 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-57.fra2.r.cloudfront.net

Software

Resource Hash

ba1621e0392f752f4d30dd948fa80308d01f1406ea3f37d08f0bac6ba3b1481e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Origin: https://www.gwr.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 16:58:02 GMT
content-encoding: gzip
via: 1.1 2fcedcc055e24d7ac99fbc19ed8fc8ec.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA2-C2
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: max-age=3600
content-length: 5486
x-amz-cf-id: ic8_R65BG9zA-CL8mO6P3BpH9TRfooJbDRsG6zKY7I1OIGQRd4WicQ==

GET
H/1.1 200
OK railcards Show response
api.gwr.com/rail/ 4 KB
2 KB 346ms
226ms Fetch
application/json 2600:9000:2670:7e00:18:8697:62c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.gwr.com/rail/railcards

Requested by

Host: www.gwr.com
URL: https://www.gwr.com/_next/static/chunks/pages/_app-ac09308fceaa42c7.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2670:7e00:18:8697:62c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

39e49a021fbae64e1dae414f399e66408d190808e54033e7db437bf976aac24e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
accept: application/json;charset=UTF-8
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 15 Jun 2024 16:58:02 GMT
Conversation-Token: 0eadbfb9-18e0-4a2f-bcd8-5f07a96f8597
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
Via: 1.1 f0393fc6725f4d719cff14263a50d286.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-P9
Transfer-Encoding: chunked
X-Cache: Miss from cloudfront
Connection: keep-alive
WL-API-Version: 2.1.38
WL-API-Environment: PROD
ETag: W/"078b4db4-64a5-43cd-8049-012fa386079e"
Vary: Accept-Encoding, Origin
X-Frame-Options: DENY
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.gwr.com
Access-Control-Expose-Headers: Session-Token,Session-Hash,Conversation-Token,Retry-After
Cache-Control: must-revalidate, max-age=86400
Access-Control-Allow-Credentials: true
App-Environment: rh-api-live
X-Amz-Cf-Id: Q-t_vRlsKkrOaLlOB8U_Mfm8hjeZuA9n3qo9GM8MU23VQFvQCk3scw==
App-Version: 1.24.8.0

GET
H/1.1 200
OK basket Show response
api.gwr.com/customer/ 2 KB
2 KB 545ms
464ms Fetch
application/json 2600:9000:2670:7e00:18:8697:62c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.gwr.com/customer/basket?keeppendingreservation=true

Requested by

Host: www.gwr.com
URL: https://www.gwr.com/_next/static/chunks/pages/_app-ac09308fceaa42c7.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2670:7e00:18:8697:62c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

93f10f33441fb6c74442ab3f5cdc3993cfa52a78594c148d378ae12a86952049

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
accept: application/json;charset=UTF-8
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 15 Jun 2024 16:58:03 GMT
Conversation-Token: 10dcde71-f172-42a7-8198-03e21ded711c
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
Via: 1.1 c968eb4bd5f1a91dae1c71eba1ef9d56.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-P9
Transfer-Encoding: chunked
X-Cache: Miss from cloudfront
Connection: keep-alive
Session-Token: 1~7Gg47oYPxswbHCMH7jIA8TvV.tprhbp03z
Pragma: no-cache
WL-API-Version: 2.1.38
WL-API-Environment: PROD
Session-Hash: 866c0a111adfabe67fab0d0cb84a4c77ff9da3b3ff283477751f1096fa19133a
Vary: Accept-Encoding, Origin
X-Frame-Options: DENY
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.gwr.com
Access-Control-Expose-Headers: Session-Token,Session-Hash,Conversation-Token,Retry-After
Cache-Control: no-store, no-cache
Access-Control-Allow-Credentials: true
App-Environment: rh-api-live
X-Amz-Cf-Id: hePkCLRY2VHFbEC0yoSAJwG8GBhOKnii4jln3AGG--gyci5eJVoMUg==
App-Version: 1.24.8.0

GET
H3 200 image
www.gwr.com/_next/ 37 KB
37 KB 169ms
169ms Image
image/webp 18.245.31.26
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gwr.com/_next/image?url=%2F-%2Fmedia%2Fgwr-sc-website%2Fimg%2Fhomepage%2FGroupSave-featured-promo.jpg%3Fh%3D600%26iar%3D0%26w%3D900%26hash%3D0650C6DE27346D9A47BC321DF3BB9CBE&w=640&q=75

Requested by

Host: www.gwr.com
URL: https://www.gwr.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

18.245.31.26 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-31-26.fra56.r.cloudfront.net

Software

Resource Hash

f0756655c39f5d04c072dbd34ce490a8e4c7772599e4c2ee75f75f1d977fac4a

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.gwr.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 16:58:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
via: 1.1 67cd7fbfa7b3b35b6217719b3f0167d2.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: none
x-amz-cf-pop: FRA56-P8
x-cache: Miss from cloudfront
x-nextjs-cache: HIT
content-disposition: inline; filename="GroupSave-featured-promo.webp"
alt-svc: h3=":443"; ma=86400
content-length: 37400
referrer-policy: same-origin
etag: 8HVmVcOfXQTActvTTOSQqOTHdyWZ5MLudfdfHZd-rEo=
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: public, max-age=900, must-revalidate
x-amz-cf-id: RMN1MTmKaZ0JHiol1VCIkBgtJSzrqmf2w0q52H3qCnEJYN4eWtuApQ==

GET
H3 200 image
www.gwr.com/_next/ 31 KB
32 KB 278ms
277ms Image
image/webp 18.245.31.26
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gwr.com/_next/image?url=%2F-%2Fmedia%2Fgwr-sc-website%2Fimg%2Fhomepage%2FPAYG-promo-April-24.jpg%3Fh%3D600%26iar%3D0%26w%3D900%26hash%3D536D2B7C30EC10DB3761A03FD61721C0&w=640&q=75

Requested by

Host: www.gwr.com
URL: https://www.gwr.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

18.245.31.26 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-31-26.fra56.r.cloudfront.net

Software

Resource Hash

2e1f171241f63407f744687aa3fa7364c04d579566caa37df57a40ae5acfe0a0

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.gwr.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 16:58:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
via: 1.1 67cd7fbfa7b3b35b6217719b3f0167d2.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: none
x-amz-cf-pop: FRA56-P8
x-cache: Miss from cloudfront
x-nextjs-cache: STALE
content-disposition: inline; filename="PAYG-promo-April-24.webp"
alt-svc: h3=":443"; ma=86400
content-length: 32008
referrer-policy: same-origin
etag: Lh8XEkH2NAf3RGh6o-pzZMBNV5VmyqN99XpArlrP4KA=
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: public, max-age=900, must-revalidate
x-amz-cf-id: t4Uf_HBEtY3z_ni1b8Ae6nICvTp1-t4xvLibaugz-PNNl23zo8KRVA==

GET
H3 200 image
www.gwr.com/_next/ 30 KB
31 KB 188ms
188ms Image
image/webp 18.245.31.26
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gwr.com/_next/image?url=%2F-%2Fmedia%2Fgwr-sc-website%2Fimg%2Fhomepage%2Fspontraineous-promo.jpg%3Fh%3D600%26iar%3D0%26w%3D900%26hash%3D522FDE60C00203A694654161F0E2D5A7&w=640&q=75

Requested by

Host: www.gwr.com
URL: https://www.gwr.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

18.245.31.26 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-31-26.fra56.r.cloudfront.net

Software

Resource Hash

1b2ec4f1658b59065a2309e7cfd02afe60d1427f09fa0d93e42e29732a9c4085

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.gwr.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 16:58:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
via: 1.1 67cd7fbfa7b3b35b6217719b3f0167d2.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: none
x-amz-cf-pop: FRA56-P8
x-cache: Miss from cloudfront
x-nextjs-cache: HIT
content-disposition: inline; filename="spontraineous-promo.webp"
alt-svc: h3=":443"; ma=86400
content-length: 30812
referrer-policy: same-origin
etag: Gy7E8WWLWQZaIwnnz9Aq-mDRQn8J+g2T5C4pcyqcQIU=
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: public, max-age=900, must-revalidate
x-amz-cf-id: 7QZCL-a57XV_k8jnvKrpZYVwibnQbGBeiudrp_PtyeF9Du24x4TuRQ==

GET
H3 200 image
www.gwr.com/_next/ 30 KB
31 KB 188ms
188ms Image
image/webp 18.245.31.26
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gwr.com/_next/image?url=%2F-%2Fmedia%2Fgwr-sc-website%2Fimg%2Fpromos%2Ftrack-work-day-workmen-promo.jpg%3Fh%3D600%26iar%3D0%26w%3D800%26hash%3DA201C38DAAEB50E6287F5373B2BFE5D5&w=640&q=75

Requested by

Host: www.gwr.com
URL: https://www.gwr.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

18.245.31.26 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-31-26.fra56.r.cloudfront.net

Software

Resource Hash

42407aa3df7a4220b57e3422d7fc35082b902bc05d9ea341b56286b518b6599f

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.gwr.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 16:58:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
via: 1.1 67cd7fbfa7b3b35b6217719b3f0167d2.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: none
x-amz-cf-pop: FRA56-P8
x-cache: Miss from cloudfront
x-nextjs-cache: HIT
content-disposition: inline; filename="track-work-day-workmen-promo.webp"
alt-svc: h3=":443"; ma=86400
content-length: 30896
referrer-policy: same-origin
etag: QkB6o996QiC1fjQi1-w1CCuQK8BdnqNBtWKGtRi2WZ8=
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: public, max-age=900, must-revalidate
x-amz-cf-id: Av6zbJvJlRC-nUQfok82OuL6EHSVf2MSC7ZsOpwkdrjGdFgNqxkOkw==

GET
H2 200 v1.7-518 Show response
consent.trustarc.com/asset/notice.js/v/ 93 KB
27 KB 50ms
50ms Script
text/javascript 13.225.78.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent.trustarc.com/asset/notice.js/v/v1.7-518

Requested by

Host: consent.trustarc.com
URL: https://consent.trustarc.com/notice?domain=gwr.com&c=teconsent&country=gb&language=gb&js=nj&noticeType=bb&text=true&gtm=1&pcookie

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.57 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-57.fra2.r.cloudfront.net

Software

Resource Hash

d7d5fd37104b920289011c87a92c7e3681251179c9fd1ff79a47ab93e128424b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Origin: https://www.gwr.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Sat, 15 Jun 2024 16:38:36 GMT
content-encoding: gzip
via: 1.1 2fcedcc055e24d7ac99fbc19ed8fc8ec.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Thu, 13 Jun 2024 04:06:42 GMT
x-amz-cf-pop: FRA2-C2
age: 1167
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: max-age=2592000
x-amz-cf-id: sXKR3CUrhsqyQwC_-4h-UCr63TI59FA6G0287Y4cqZ7eqf7QAOKtJA==

GET
H2 200 get
consent.trustarc.com/ Frame 6077 0
0 136ms
51ms Document
text/html 13.225.78.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent.trustarc.com/get?name=crossdomain.html&domain=gwr.com

Requested by

Host: consent.trustarc.com
URL: https://consent.trustarc.com/notice?domain=gwr.com&c=teconsent&country=gb&language=gb&js=nj&noticeType=bb&text=true&gtm=1&pcookie

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.57 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-57.fra2.r.cloudfront.net

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

age: 563
cache-control: max-age=2592000
content-encoding: gzip
content-type: text/html
date: Sat, 15 Jun 2024 16:48:40 GMT
pragma: public
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding Origin
via: 1.1 91ba7c34719cd9c69e0357c149b94b90.cloudfront.net (CloudFront)
x-amz-cf-id: gDBbJW6gfnAGDWMdD74KkAqc-yj4aWUeXIj0GPnEFSCE-J6jthaB3g==
x-amz-cf-pop: FRA2-C2
x-cache: Hit from cloudfront

GET
H2 200 log
consent.trustarc.com/ 43 B
1 KB 157ms
70ms Image
image/gif 13.225.78.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent.trustarc.com/log?domain=gwr.com&country=gb&state=&behavior=expressed&session=fc919278-bc1a-4448-9415-96f9c63b4bc3&userType=NEW&c=58b7&referer=https://www.gwr.com

Requested by

Host: www.gwr.com
URL: https://www.gwr.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.57 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-57.fra2.r.cloudfront.net

Software

Resource Hash

98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Security Headers

Name	Value
Content-Security-Policy	object-src 'none'; frame-ancestors https://.trustarc.com https://.prod.internal.trustarc.com https://.trustarc.eu https://.prod.internal.trustarc.eu https://.staging.internal.trustarc.com https://.trustarc-svc.net https://.truste-svc.net https://.qa.truste-svc.net https://.dev.truste-svc.net http://localhost: https://.nymity.com https://.qanym;; upgrade-insecure-requests; block-all-mixed-content; report-uri https://csp-reporter.tools.trustarc-svc.net/report
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 16:58:03 GMT
content-security-policy: object-src 'none'; frame-ancestors https://*.trustarc.com https://*.prod.internal.trustarc.com https://*.trustarc.eu https://*.prod.internal.trustarc.eu https://*.staging.internal.trustarc.com https://*.trustarc-svc.net https://*.truste-svc.net https://*.qa.truste-svc.net https://*.dev.truste-svc.net http://localhost:* https://*.nymity.com https://*.qanym;; upgrade-insecure-requests; block-all-mixed-content; report-uri https://csp-reporter.tools.trustarc-svc.net/report
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 57d93b321db68494cc6755a0d3fb29cc.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: none
x-amz-cf-pop: FRA2-C2
cross-origin-embedder-policy: unsafe-none
x-cache: Miss from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
cross-origin-opener-policy: cross-origin
expect-ct: enforce, max-age=60
x-frame-options: SAMEORIGIN
vary: Origin
content-type: image/gif
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy: geolocation=(), camera=(), speaker=(), microphone=(), vibrate=()
x-amz-cf-id: Yk7UllfUkUIwzMrROe6WXDpR17QEs5Dw0TTmU88k230b926yPL2eJQ==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 282 KB
98 KB 79ms
78ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-ELB0V24W3R&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5GTL38&gtm_auth=PESnzkKFhUZHgoDBVcStVQ&gtm_preview=env-37&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2a30a11c62ab1328af54ffab02d5392c344e5eead5619d4e22580f27c3d5b790

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 16:58:03 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 99696
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 15 Jun 2024 16:58:03 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 200ms
42ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5GTL38&gtm_auth=PESnzkKFhUZHgoDBVcStVQ&gtm_preview=env-37&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 15 Jun 2024 16:29:08 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 1735
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sat, 15 Jun 2024 18:29:08 GMT

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 212 KB
76 KB 71ms
71ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=DC-9412799&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5GTL38&gtm_auth=PESnzkKFhUZHgoDBVcStVQ&gtm_preview=env-37&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a81eab6e0eb75edf2099b24842396acecbdf02c289387af933be2cb699f5d500

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 16:58:03 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 78073
x-xss-protection: 0
last-modified: Sat, 15 Jun 2024 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 15 Jun 2024 16:58:03 GMT

POST
H3 200 landing
pagead2.googlesyndication.com/pagead/ 42 B
64 B 189ms
75ms Ping
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/landing?gcs=G100&gcd=13q3q3q2q5&tag_exp=0&rnd=1093849247.1718470683&url=https%3A%2F%2Fwww.gwr.com%2F&dma_cps=-&dma=1&npa=1&gtm=45He46c0n715GTL38v71465634za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5GTL38&gtm_auth=PESnzkKFhUZHgoDBVcStVQ&gtm_preview=env-37&gtm_cookies_win=x

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 15 Jun 2024 16:58:03 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

src=9412799;dc_pre=CM3diJWK3oYDFTwOogMdCyQP5Q;type=paget0;cat=the7s004;ord=2542504905669;npa=1;gdid=dNTIxZG;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.61%7CGoogle%2520Ch...
ade.googlesyndication.com/ddm/activity/
Redirect Chain

https://ade.googlesyndication.com/ddm/activity/src=9412799;type=paget0;cat=the7s004;ord=2542504905669;npa=1;gdid=dNTIxZG;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.61%7C...
https://ade.googlesyndication.com/ddm/activity/src=9412799;dc_pre=CM3diJWK3oYDFTwOogMdCyQP5Q;type=paget0;cat=the7s004;ord=2542504905669;npa=1;gdid=dNTIxZG;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0...

42 B
107 B

86ms
86ms

Image
image/gif

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/src=9412799;dc_pre=CM3diJWK3oYDFTwOogMdCyQP5Q;type=paget0;cat=the7s004;ord=2542504905669;npa=1;gdid=dNTIxZG;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.61%7CGoogle%2520Chrome%3B126.0.6478.61;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=denied;frm=0;gtm=45fe46c0v9181639981z871465634za201zb71465634;gcs=G100;gcd=13q3qPq2q5;dma_cps=-;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwww.gwr.com%2F?

Requested by

Host: www.gwr.com
URL: https://www.gwr.com/

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Jun 2024 16:58:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 15 Jun 2024 16:58:03 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://ade.googlesyndication.com/ddm/activity/src=9412799;dc_pre=CM3diJWK3oYDFTwOogMdCyQP5Q;type=paget0;cat=the7s004;ord=2542504905669;npa=1;gdid=dNTIxZG;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.61%7CGoogle%2520Chrome%3B126.0.6478.61;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=denied;frm=0;gtm=45fe46c0v9181639981z871465634za201zb71465634;gcs=G100;gcd=13q3qPq2q5;dma_cps=-;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwww.gwr.com%2F?
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

src=9412799;dc_pre=CJTZiJWK3oYDFXIOogMdDtIBuQ;type=paget0;cat=the7s0;ord=1132618352936;npa=1;u1=https%3A%2F%2Fwww.gwr.com%2F;u2=%2F;gdid=dNTIxZG;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChr...
ade.googlesyndication.com/ddm/activity/
Redirect Chain

https://ade.googlesyndication.com/ddm/activity/src=9412799;type=paget0;cat=the7s0;ord=1132618352936;npa=1;u1=https%3A%2F%2Fwww.gwr.com%2F;u2=%2F;gdid=dNTIxZG;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B...
https://ade.googlesyndication.com/ddm/activity/src=9412799;dc_pre=CJTZiJWK3oYDFXIOogMdDtIBuQ;type=paget0;cat=the7s0;ord=1132618352936;npa=1;u1=https%3A%2F%2Fwww.gwr.com%2F;u2=%2F;gdid=dNTIxZG;uaa=x...

42 B
118 B

88ms
85ms

Image
image/gif

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/src=9412799;dc_pre=CJTZiJWK3oYDFXIOogMdDtIBuQ;type=paget0;cat=the7s0;ord=1132618352936;npa=1;u1=https%3A%2F%2Fwww.gwr.com%2F;u2=%2F;gdid=dNTIxZG;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.61%7CGoogle%2520Chrome%3B126.0.6478.61;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=denied;frm=0;gtm=45fe46c0v9181639981z871465634za201zb71465634;gcs=G100;gcd=13q3qPq2q5;dma_cps=-;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwww.gwr.com%2F?

Requested by

Host: www.gwr.com
URL: https://www.gwr.com/

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Jun 2024 16:58:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 15 Jun 2024 16:58:03 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://ade.googlesyndication.com/ddm/activity/src=9412799;dc_pre=CJTZiJWK3oYDFXIOogMdDtIBuQ;type=paget0;cat=the7s0;ord=1132618352936;npa=1;u1=https%3A%2F%2Fwww.gwr.com%2F;u2=%2F;gdid=dNTIxZG;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.61%7CGoogle%2520Chrome%3B126.0.6478.61;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=denied;frm=0;gtm=45fe46c0v9181639981z871465634za201zb71465634;gcs=G100;gcd=13q3qPq2q5;dma_cps=-;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwww.gwr.com%2F?
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
consent-pref.trustarc.com/ Frame 1A82 0
0 170ms
72ms Document
text/html 52.222.236.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/?type=gwr&site=gwr.com&country=gb&action=notice&locale=en&behavior=expressed&gtm=1&layout=default_eu&behaviorManager=eu&irm=false&from=https://consent.trustarc.com/&session=fc919278-bc1a-4448-9415-96f9c63b4bc3&userType=NEW

Requested by

Host: consent.trustarc.com
URL: https://consent.trustarc.com/asset/notice.js/v/v1.7-518

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.115 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-115.fra56.r.cloudfront.net

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: br
content-type: text/html
date: Sat, 15 Jun 2024 16:58:03 GMT
expect-ct: max-age=86400; enforce;
last-modified: Thu, 01 Jan 1970 00:00:01 GMT
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding Origin
via: 1.1 387adc951beb5181d840dfb5d1f09488.cloudfront.net (CloudFront)
x-amz-cf-id: D3LGnd854V6SRbcLWhV4sNkflUXMaFuXBYxctDY9pGO5HD32EaHN0w==
x-amz-cf-pop: FRA56-P4
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-xss-protection: 1

GET
H2 200 noticemsg
consent.trustarc.com/ 43 B
1 KB 86ms
76ms Image
image/gif 13.225.78.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent.trustarc.com/noticemsg?action=consent&domain=gwr.com&behavior=expressed&country=gb&language=en&rand=0.9360192953487603&session=fc919278-bc1a-4448-9415-96f9c63b4bc3&userType=NEW&referer=https://www.gwr.com

Requested by

Host: www.gwr.com
URL: https://www.gwr.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.57 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-57.fra2.r.cloudfront.net

Software

Resource Hash

98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Security Headers

Name	Value
Content-Security-Policy	object-src 'none'; frame-ancestors https://.trustarc.com https://.prod.internal.trustarc.com https://.trustarc.eu https://.prod.internal.trustarc.eu https://.staging.internal.trustarc.com https://.trustarc-svc.net https://.truste-svc.net https://.qa.truste-svc.net https://.dev.truste-svc.net http://localhost: https://.nymity.com https://.qanym;; upgrade-insecure-requests; block-all-mixed-content; report-uri https://csp-reporter.tools.trustarc-svc.net/report
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 16:58:03 GMT
content-security-policy: object-src 'none'; frame-ancestors https://*.trustarc.com https://*.prod.internal.trustarc.com https://*.trustarc.eu https://*.prod.internal.trustarc.eu https://*.staging.internal.trustarc.com https://*.trustarc-svc.net https://*.truste-svc.net https://*.qa.truste-svc.net https://*.dev.truste-svc.net http://localhost:* https://*.nymity.com https://*.qanym;; upgrade-insecure-requests; block-all-mixed-content; report-uri https://csp-reporter.tools.trustarc-svc.net/report
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 57d93b321db68494cc6755a0d3fb29cc.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: none
x-amz-cf-pop: FRA2-C2
cross-origin-embedder-policy: unsafe-none
x-cache: Miss from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
cross-origin-opener-policy: cross-origin
expect-ct: enforce, max-age=60
x-frame-options: SAMEORIGIN
vary: Origin
content-type: image/gif
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy: geolocation=(), camera=(), speaker=(), microphone=(), vibrate=()
x-amz-cf-id: zXV4GDsRatisanagib87ko9vy5ngcTM4lGD2kd_WsVxJBkVu-T0l2Q==
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
252 B 150ms
51ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-ELB0V24W3R&gtm=45je46c0v884244283z871465634za200zb71465634&_p=1718470682542&gcs=G100&gcd=13q3qPq2q5&npa=1&dma_cps=-&dma=1&tag_exp=0&gdid=dNTIxZG&cid=982802134.1718470683&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.61%7CGoogle%2520Chrome%3B126.0.6478.61&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=denied&_s=1&dl=https%3A%2F%2Fwww.gwr.com%2F&dt=Buy%20cheap%20train%20tickets%20%7C%20Great%20Western%20Railway&dr=https%3A%2F%2Fwww.gwr.com%2F&sid=1718470683&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1&ep.content_group=Homepage&tfd=1859
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ELB0V24W3R&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 15 Jun 2024 16:58:03 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.gwr.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
193 B 43ms
40ms Image
image/gif 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=843520800&t=pageview&_s=1&dl=https%3A%2F%2Fwww.gwr.com%2F&dp=%2F&ul=de-de&de=UTF-8&dt=Buy%20cheap%20train%20tickets%20%7C%20Great%20Western%20Railway&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCgAgAABAAAAAAAAIk~&cid=982802134.1718470683&tid=UA-3373558-9&_gid=372994322.1718470683&gtm=45He46c0n715GTL38v71465634za200&cd1=%2F&cd2=false&cd3=1718470682979.fyezrxu8&cd4=2024-06-15T18%3A58%3A02.980%2B02%3A00&cd5=&cd6=https&cd7=%2F&cd9=false&cd28=625&cd29=Live&cd38=null&gcs=G100&gcd=13q3q3q2q5&dma_cps=-&dma=1&tag_exp=0&npa=1&z=1056704584

Requested by

Host: www.gwr.com
URL: https://www.gwr.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 15 Jun 2024 14:26:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 9080
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 43ms
41ms Image
image/gif 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=843520800&t=pageview&_s=1&dl=https%3A%2F%2Fwww.gwr.com%2F&dp=%2F&ul=de-de&de=UTF-8&dt=Buy%20cheap%20train%20tickets%20%7C%20Great%20Western%20Railway&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCgAgAABAAAAAAAAIk~&cid=982802134.1718470683&tid=UA-3373558-4&_gid=451654086.1718470683&gtm=45He46c0n715GTL38v71465634za200&cd1=&cd2=false&cd3=1718470682982.r465d9fq&cd4=2024-06-15T18%3A58%3A02.982%2B02%3A00&cd6=&cd7=https&cd10=false&gcs=G100&gcd=13q3q3q2q5&dma_cps=-&dma=1&tag_exp=0&cd8=&cd35=0&cd36=625&cd37=Live&cd53=null&npa=1&z=782995111

Requested by

Host: www.gwr.com
URL: https://www.gwr.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 15 Jun 2024 14:26:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 9080
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 favicon.ico
www.gwr.com/img/favicons/ 15 KB
2 KB 156ms
152ms Other
image/x-icon 18.245.31.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gwr.com/img/favicons/favicon.ico

Protocol

Security

QUIC, , AES_128_GCM

Server

18.245.31.26 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-31-26.fra56.r.cloudfront.net

Software

Resource Hash

e5d437b0a1af66e2fae90263e360cec78c57e853793c058be1a637a2db02cf7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.gwr.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 16:58:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: gzip
x-permitted-cross-domain-policies: none
x-amz-cf-pop: FRA56-P8
via: 1.1 67cd7fbfa7b3b35b6217719b3f0167d2.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
referrer-policy: same-origin
last-modified: Wed, 09 Aug 2023 08:19:11 GMT
etag: W/"3aee-189d960dc18"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/x-icon
cache-control: public, max-age=604800, must-revalidate
accept-ranges: bytes
x-amz-cf-id: 8uC-IgOXYOIhNe75xXlHlPSWmpxVdXi4QxjQMHL_nurfS6CHOpheXw==

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 43ms
41ms Image
image/gif 142.250.74.206
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=843520800&t=timing&_s=2&dl=https%3A%2F%2Fwww.gwr.com%2F&dp=%2F&ul=de-de&de=UTF-8&dt=Buy%20cheap%20train%20tickets%20%7C%20Great%20Western%20Railway&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=2170&pdt=55&dns=0&rrt=3&srt=405&tcp=0&dit=469&clt=1444&_gst=1650&_gbt=1872&_u=YCgAgAABAAAAAAAAIk~&cid=982802134.1718470683&tid=UA-3373558-9&_gid=372994322.1718470683&gtm=45He46c0n715GTL38v71465634za200&cd1=%2F&cd2=false&cd3=1718470682979.fyezrxu8&cd4=2024-06-15T18%3A58%3A02.980%2B02%3A00&cd5=&cd6=https&cd7=%2F&cd9=false&cd28=625&cd29=Live&cd38=null&gcs=G100&gcd=13q3q3q2q5&dma_cps=-&dma=1&tag_exp=0&npa=1&z=983164748

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.206 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 15 Jun 2024 11:24:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 20034
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 43ms
41ms Image
image/gif 142.250.74.206
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=843520800&t=timing&_s=2&dl=https%3A%2F%2Fwww.gwr.com%2F&dp=%2F&ul=de-de&de=UTF-8&dt=Buy%20cheap%20train%20tickets%20%7C%20Great%20Western%20Railway&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=2170&pdt=55&dns=0&rrt=3&srt=405&tcp=0&dit=469&clt=1444&_gst=1650&_gbt=1872&_u=YCgAgAABAAAAAAAAIk~&cid=982802134.1718470683&tid=UA-3373558-4&_gid=451654086.1718470683&gtm=45He46c0n715GTL38v71465634za200&cd1=&cd2=false&cd3=1718470682982.r465d9fq&cd4=2024-06-15T18%3A58%3A02.982%2B02%3A00&cd6=&cd7=https&cd10=false&gcs=G100&gcd=13q3q3q2q5&dma_cps=-&dma=1&tag_exp=0&cd8=&cd35=0&cd36=625&cd37=Live&cd53=null&npa=1&z=1407156546

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.206 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 15 Jun 2024 11:24:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 20034
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

46 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.gwr.com/	1970-01-20 21:26:56	Name: aws-waf-token Value: 82e9cb9e-1972-4e15-adb1-cff2e7f38c04:CQoAaTJ3RJcAAAAA:hfRm0/Hzt4PXnaj+Hbr5tBfgB5dUfdCMe3OgoSTwCsZ3JAZ8QlPo94lXmp3DFsAHRKki2sbfOHqeYjW9jEoqG05qIZErjkn0BcRd0KCkpLhGjsQJaUHakAcwviWJP1oDPecAvdu3uMVzSVEWQYGdcGxZFxLDpDGBjcxdFeO+sitAp5IsOt2IBX7BIm82VQEUd2Wa1zFYiUtbJGkj8HkKnPbAUa9BhusG4qjX80kgBdEoXfyZZysoqHC1rbTL1eAFyfs=
.gwr.com/	1970-01-20 21:21:12	Name: TAsessionID Value: fc919278-bc1a-4448-9415-96f9c63b4bc3\|NEW
.gwr.com/	1969-12-31 23:59:59	Name: notice_behavior Value: expressed,eu
.gwr.com/	1970-01-20 21:21:13	Name: access_token_v2 Value: 1%7e7Gg47oYPxswbHCMH7jIA8TvV.tprhbp03z
.gwr.com/	1970-01-20 21:21:13	Name: session_hash Value: 866c0a111adfabe67fab0d0cb84a4c77ff9da3b3ff283477751f1096fa19133a

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.gwr.com/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ade.googlesyndication.com
api.gwr.com
consent-pref.trustarc.com
consent.trustarc.com
ed9ec42ea38a.d5aa9ad1.eu-central-1.token.awswaf.com
pagead2.googlesyndication.com
region1.google-analytics.com
www.google-analytics.com
www.googletagmanager.com
www.gwr.com
13.225.78.57
142.250.184.194
142.250.185.130
142.250.74.206
18.244.18.86
18.245.31.26
2001:4860:4802:32::36
2600:9000:266e:a200:7:3b29:8e40:93a1
2600:9000:2670:7e00:18:8697:62c0:93a1
2a00:1450:4001:803::200e
2a00:1450:4001:810::2008
52.222.236.115
039d5f1ce6b539ef97d26af9c695879f55c6339a881a029be2d1d1ff31840c5c
04f360d807eb412515ec8798c76c01aa4638de575f8d2995b38d9e6200f9f1dd
0b372d1f41dd32ee8815ce6f83127f49bed92b0b1f186885eb6f92c119ea0a04
1b2ec4f1658b59065a2309e7cfd02afe60d1427f09fa0d93e42e29732a9c4085
2a30a11c62ab1328af54ffab02d5392c344e5eead5619d4e22580f27c3d5b790
2e1f171241f63407f744687aa3fa7364c04d579566caa37df57a40ae5acfe0a0
39e49a021fbae64e1dae414f399e66408d190808e54033e7db437bf976aac24e
3ec21725f70b383960c9e52ce1bb201f63673728b6903078b49984e3bd98515f
42407aa3df7a4220b57e3422d7fc35082b902bc05d9ea341b56286b518b6599f
4a35093d1b53bd00fbee83412236aac8d9dda32ec18abafe49d9e3e882be2766
54fe7676ef4ec04a1c035b1bbb66b68d209b2ee3b443667d2300f9f52b8f9395
5f85dc372e135a31aa7cf4485e795c0d42dc5fea14e5f2e479ca9f25cc698d2a
5fa6989e8265080683d2cb2dce38cefc5351fe231188e492c0295cfcd05b6356
61bc3544b247c88c2cda8e3da5b2e13ddcb0844dd9a6b3097e553f07fd148706
6266cf9e881e27427e30812ae535f9d10a245e62c85bc30d71184fd95f9b72e6
63d3f86494cc23122bb0c0c0de5c3d6171cdc71fae59fba15cfda0f7ffa9268b
640de3f5204e09d7dbc4ac39cc9da0c395d24def684cec4b70a30b6a132421cc
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
75619a94c981f6f83c00106ebdfa50a9f890bda174c2bd091a4a32942fdbe89e
7f601b1b258803287386acf9c747b98d5775345193c93dfe2dbdf3e5829a06c6
8199990c0e692f40ccf08aa2ce9e2bde9253bf732693bef3d1e1333f521df43a
81e115985070eec49152ae8ef48628d6916a8b972bd23c2bc8e7c0cbca500c49
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8cc954d435542d3d2ced741ce3ef403909cfc0030acb3921e67c5a1f738e04ce
8dacc7d4af46ba7887f4e80942d57ca91bf8024915f30fc3f4fe0d562b43136d
93f10f33441fb6c74442ab3f5cdc3993cfa52a78594c148d378ae12a86952049
9860a4543dcf03e8143bd46fec7af9f075cdb99231ff175ea16e8e442f4fb06b
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
a81eab6e0eb75edf2099b24842396acecbdf02c289387af933be2cb699f5d500
a83016624b85b726206e90f48c95b7595e5bbeca45dd543215adc3393802ae1b
a90ae9958c764fda2e5f83d2369bffcfd7267d87a9213f0244f409dae397d6b9
ae144f0099d41887767c49310f70213516eb1903d83f3e4e6a4bdd449d677f5e
ba1621e0392f752f4d30dd948fa80308d01f1406ea3f37d08f0bac6ba3b1481e
baf7d60a4cd76e3fda68bf7c350a954cfa076273026a635a5034273478d10724
bc36fb068a71b4bb1ff736cc1a21211500ca735a7eaaab5aaee448c0ba872169
c3b19ec780b3c642a22e4a46984328fb30921358b788e50d09044746818e8905
d7d5fd37104b920289011c87a92c7e3681251179c9fd1ff79a47ab93e128424b
d976cc6fb6528fc939f9fd5dbe49bb809ab522c44d1d784c115a6e5c0825c58f
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e1482bf961075010501190a1321dfe7239176ef7c1c96d7ee5fe7ebebd644b0f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5d437b0a1af66e2fae90263e360cec78c57e853793c058be1a637a2db02cf7e
ec7e3f53159bfd2644a1efe002eac5308560b09b23b06b64b80d6fe25379eea9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0756655c39f5d04c072dbd34ce490a8e4c7772599e4c2ee75f75f1d977fac4a

www.gwr.com Open in urlscan Pro 18.245.31.26 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

53 Requests

96 %HTTPS

42 %IPv6

6 Domains

10 Subdomains

13 IPs

2 Countries

1555 kBTransfer

4750 kBSize

5 Cookies

12 Outgoing links

Page URL History

Redirected requests

53 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.gwr.com Open in urlscan Pro
18.245.31.26 Public Scan

Screenshot
Live screenshot

Full Image

53
Requests

96 %
HTTPS

42 %
IPv6

6
Domains

10
Subdomains

13
IPs

2
Countries

1555 kB
Transfer

4750 kB
Size

5
Cookies

53 HTTP transactions
1 data transactions