www.hotsprings.org Open in urlscan Pro
147.182.193.139 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.hotsprings.org/
Effective URL:
https://www.hotsprings.org/
Submission: On March 08 via manual (March 8th 2023, 6:04:50 pm UTC) from US — Scanned from DE

Summary HTTP 91 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 32 IPs in 8 countries across 23 domains to perform 91 HTTP transactions. The main IP is 147.182.193.139, located in Santa Clara, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is www.hotsprings.org. The Cisco Umbrella rank of the primary domain is 884586.
TLS certificate: Issued by R3 on February 7th 2023. Valid for: 3 months.

This is the only time www.hotsprings.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 20	147.182.193.139 147.182.193.139	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2	63.215.202.137 63.215.202.137	41041 (VCLK-EU-SE) (VCLK-EU-SE)
3	2a00:1450:400... 2a00:1450:400d:803::2008	15169 (GOOGLE) (GOOGLE)
2	2606:4700:10:... 2606:4700:10::6816:1896	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	174.36.68.130 174.36.68.130	36351 (SOFTLAYER) (SOFTLAYER)
2	52.54.206.209 52.54.206.209	14618 (AMAZON-AES) (AMAZON-AES)
1	46.228.164.11 46.228.164.11	56396 (AMOBEE) (AMOBEE)
1	2a00:1450:400... 2a00:1450:400d:803::200e	15169 (GOOGLE) (GOOGLE)
13	104.18.72.113 104.18.72.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a02:26f0:11a... 2a02:26f0:11a::217:9a58	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a02:26f0:350... 2a02:26f0:3500:16::215:1495	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 2	142.250.180.230 142.250.180.230	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
4	95.101.23.97 95.101.23.97	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:400d:807::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:1734	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700:e4:... 2606:4700:e4::ac40:a816	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::681a:6b4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	104.16.53.111 104.16.53.111	13335 (CLOUDFLAR...) (CLOUDFLARENET)
91	32

20 147.182.193.139 (Santa Clara, United States) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: 936298.cloudwaysapps.com

www.hotsprings.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.215.202.137 (Amsterdam, Netherlands)

ASN41041 (VCLK-EU-SE, US)
PTR: ams01-nessy-float1.dotomi.com

login.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:803::2008 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:1896 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.lightwidget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 174.36.68.130 (Dallas, United States)

ASN36351 (SOFTLAYER, US)
PTR: server.saveonhotels.com

www.weatherwx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.54.206.209 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-54-206-209.compute-1.amazonaws.com

data.adxcel-ec2.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.228.164.11 (United Kingdom)

ASN56396 (AMOBEE, GB)

r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:803::200e (Ireland)

ASN15169 (GOOGLE, US)

translate.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 104.18.72.113 (None, )

ASN13335 (CLOUDFLARENET, US)

static.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ekr.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:11a::217:9a58 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:1495 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.180.230 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: bud02s34-in-f6.1e100.net

12268554.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 95.101.23.97 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-101-23-97.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:807::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1734 (United States)

ASN13335 (CLOUDFLARENET, US)

kit.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:e4::ac40:a816 (United States)

ASN13335 (CLOUDFLARENET, US)

ka-f.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

translate.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:6b4 (United States)

ASN13335 (CLOUDFLARENET, US)

browser-update.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.16.53.111 (None, )

ASN13335 (CLOUDFLARENET, US)

hotsprings6726.zendesk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	hotsprings.org 1 redirects www.hotsprings.org — Cisco Umbrella Rank: 884586	5 MB
13	zdassets.com static.zdassets.com — Cisco Umbrella Rank: 1818 ekr.zdassets.com — Cisco Umbrella Rank: 2106	325 KB
5	typekit.net use.typekit.net — Cisco Umbrella Rank: 416 p.typekit.net — Cisco Umbrella Rank: 551	45 KB
5	google.com translate.google.com — Cisco Umbrella Rank: 1162 adservice.google.com — Cisco Umbrella Rank: 65 www.google.com — Cisco Umbrella Rank: 2	29 KB
4	gstatic.com www.gstatic.com	12 KB
4	fontawesome.com kit.fontawesome.com — Cisco Umbrella Rank: 1387 ka-f.fontawesome.com — Cisco Umbrella Rank: 2557	23 KB
4	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 728	101 KB
4	doubleclick.net 1 redirects 12268554.fls.doubleclick.net — Cisco Umbrella Rank: 948102 googleads.g.doubleclick.net — Cisco Umbrella Rank: 28 stats.g.doubleclick.net — Cisco Umbrella Rank: 73	3 KB
3	zendesk.com hotsprings6726.zendesk.com	1 KB
3	googleapis.com translate.googleapis.com — Cisco Umbrella Rank: 807	74 KB
3	google.de www.google.de — Cisco Umbrella Rank: 6027 adservice.google.de — Cisco Umbrella Rank: 8682	1 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 343	12 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 24 region1.google-analytics.com — Cisco Umbrella Rank: 2361	20 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 41	216 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 108	216 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 145	136 KB
2	adxcel-ec2.com data.adxcel-ec2.com — Cisco Umbrella Rank: 3792	262 B
2	weatherwx.com www.weatherwx.com — Cisco Umbrella Rank: 149431	5 KB
2	lightwidget.com cdn.lightwidget.com — Cisco Umbrella Rank: 31056	11 KB
2	dotomi.com login.dotomi.com — Cisco Umbrella Rank: 1735	421 B
1	browser-update.org browser-update.org — Cisco Umbrella Rank: 6505	5 KB
1	turn.com r.turn.com — Cisco Umbrella Rank: 3364	398 B
0	eyereturn.com Failed o2.eyereturn.com Failed
91	23

	Domain	Requested by
20	www.hotsprings.org	1 redirects www.hotsprings.org
12	static.zdassets.com	www.hotsprings.org static.zdassets.com
4	www.gstatic.com	www.gstatic.com translate.googleapis.com www.hotsprings.org
4	analytics.tiktok.com	www.hotsprings.org analytics.tiktok.com
4	use.typekit.net	www.hotsprings.org use.typekit.net
3	hotsprings6726.zendesk.com	static.zdassets.com
3	translate.googleapis.com
3	ka-f.fontawesome.com	kit.fontawesome.com
3	www.google.com	www.hotsprings.org
3	bat.bing.com	www.hotsprings.org bat.bing.com
3	www.googletagmanager.com	www.hotsprings.org www.googletagmanager.com
2	www.facebook.com	www.hotsprings.org
2	www.google.de	www.hotsprings.org
2	connect.facebook.net	www.hotsprings.org connect.facebook.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	12268554.fls.doubleclick.net	1 redirects www.hotsprings.org
2	data.adxcel-ec2.com	www.hotsprings.org
2	www.weatherwx.com	www.hotsprings.org
2	cdn.lightwidget.com	www.hotsprings.org
2	login.dotomi.com	www.hotsprings.org www.googletagmanager.com
1	browser-update.org	www.hotsprings.org
1	ekr.zdassets.com	static.zdassets.com
1	kit.fontawesome.com	www.weatherwx.com
1	adservice.google.de	adservice.google.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	region1.google-analytics.com	www.googletagmanager.com
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	adservice.google.com	12268554.fls.doubleclick.net
1	p.typekit.net	use.typekit.net
1	translate.google.com	www.hotsprings.org
1	r.turn.com	www.hotsprings.org
0	o2.eyereturn.com Failed	www.hotsprings.org
91	32

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.youtube.com
www.instagram.com
www.tiktok.com
www.pinterest.com
hotsprings.isolvedhire.com
www.weatherwx.com

Subject Issuer	Validity	Valid
hotsprings.org R3	`2023-02-07` - `2023-05-08`	3 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2022-08-09` - `2023-09-10`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
lightwidget.com R3	`2023-01-03` - `2023-04-03`	3 months	crt.sh
ftp.weatherwx.com R3	`2023-02-23` - `2023-05-24`	3 months	crt.sh
adxcel-ec2.com Amazon RSA 2048 M02	`2023-02-24` - `2023-11-16`	9 months	crt.sh
*.turn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-02` - `2023-04-01`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
zdassets.com Cloudflare Inc ECC CA-3	`2022-11-10` - `2023-11-09`	a year	crt.sh
use.typekit.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-14` - `2023-10-15`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2023-02-16` - `2023-08-16`	6 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-01-10` - `2023-03-16`	2 months	crt.sh
*.tiktok.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-10` - `2023-04-10`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-22` - `2023-12-23`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-12` - `2023-08-12`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
hotsprings6726.zendesk.com Cloudflare Inc ECC CA-3	`2022-06-28` - `2023-06-27`	a year	crt.sh

This page contains 9 frames:

Primary Page: https://www.hotsprings.org/
Frame ID: C9070B790BFE24AEA819C8CE8AE33537
Requests: 76 HTTP requests in this frame

Frame: https://12268554.fls.doubleclick.net/activityi;dc_pre=CKTCgOP1zP0CFdekGAodgaAEmA;src=12268554;type=count0;cat=sitev00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=5040439461767.805
Frame ID: BDE55DFADE95268322A06B7102440AAB
Requests: 1 HTTP requests in this frame

Frame: https://cdn.lightwidget.com/widgets/3bf60f7504d6557f89bac33588bda95b.html
Frame ID: 2F611DC69EF4FDB0D9D408BF7D66029B
Requests: 3 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CKTCgOP1zP0CFdekGAodgaAEmA;src=12268554;type=count0;cat=sitev00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=5040439461767.805;~oref=https://www.hotsprings.org/
Frame ID: 7F6F5DDA54F63C57C9D06493CECDB8B8
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CKTCgOP1zP0CFdekGAodgaAEmA;src=12268554;type=count0;cat=sitev00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=5040439461767.805;~oref=https://www.hotsprings.org/
Frame ID: D45C23C94946BB521E0E0812CA6C013F
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: 42F1E850D06DFC20342EE7D803145ECD
Requests: 1 HTTP requests in this frame

Frame: https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.cYEbrOmw59Q.L.W.O/d=0/rs=AN8SPfpU282joXDlbkUblMtWLWoZn4bb2g/m=el_main_css
Frame ID: 11FAE37358E49E858ECFD25F86EE06E1
Requests: 1 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/latest/web-widget-framework-a70c626a26e60e484a53.js
Frame ID: 91C76AB33F3D361C9753B3BBDBC595FB
Requests: 13 HTTP requests in this frame

Frame: data://truncated
Frame ID: 1C9CA1BC2505E80D1A8A2EF90460498E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Hot Springs, Arkansas | Hot Springs National Park Arkansas

Page URL History Show full URLs

http://www.hotsprings.org/ HTTP 301
https://www.hotsprings.org/ Page URL

Detected technologies

UIKit (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+class="[^"]*(?:uk-container|uk-section)
uikit.*\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
kit\.fontawesome\.com/([0-9a-z]+).js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

91
Requests

98 %
HTTPS

70 %
IPv6

23
Domains

32
Subdomains

32
IPs

8
Countries

6099 kB
Transfer

22418 kB
Size

15
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: http://www.facebook.com/pages/Hot-Springs-Arkansas/196205289477

Search URL Search Domain Scan URL

URL: https://twitter.com/VisitHotSprings

Search URL Search Domain Scan URL

URL: http://www.youtube.com/user/VisitHotSpringsAR

Search URL Search Domain Scan URL

URL: https://www.instagram.com/visithotsprings/

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@visithotsprings

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/VisitHotSprings

Search URL Search Domain Scan URL

URL: https://hotsprings.isolvedhire.com/
Title: Careers

Search URL Search Domain Scan URL

URL: https://www.weatherwx.com/forecast/ar/hot+springs.html
Title: Hot Springs Weather

Search URL Search Domain Scan URL

URL: https://www.weatherwx.com/hourly/ar/hot+springs.html
Title: Hourly

Search URL Search Domain Scan URL

URL: https://www.weatherwx.com/radar_loop/ar/hot+springs.html
Title: Radar

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.hotsprings.org/ HTTP 301
https://www.hotsprings.org/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18

https://12268554.fls.doubleclick.net/activityi;src=12268554;type=count0;cat=sitev00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=5040439461767.805 HTTP 302
https://12268554.fls.doubleclick.net/activityi;dc_pre=CKTCgOP1zP0CFdekGAodgaAEmA;src=12268554;type=count0;cat=sitev00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=5040439461767.805

91 HTTP transactions
9 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.hotsprings.org/
Redirect Chain

http://www.hotsprings.org/
https://www.hotsprings.org/

423 KB
145 KB

1063ms
608ms

Document
text/html

147.182.193.139
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hotsprings.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

147.182.193.139 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

936298.cloudwaysapps.com

Software

nginx / ProcessWire CMS

Resource Hash

4ebecd145a6d638595e1b73920ce1ecfff2599de31b5c12c73694b25fa69e37b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 08 Mar 2023 18:04:33 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: nginx
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-powered-by: ProcessWire CMS
x-xss-protection: 1; mode=block

Redirect headers

Connection: keep-alive
Content-Length: 162
Content-Type: text/html
Date: Wed, 08 Mar 2023 18:04:33 GMT
Location: https://www.hotsprings.org/
Server: nginx

GET
H2 200 screen.css
www.hotsprings.org/site/assets/css/ 287 KB
35 KB 376ms
375ms Stylesheet
text/css 147.182.193.139
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hotsprings.org/site/assets/css/screen.css
Requested by: Host: www.hotsprings.org
URL: https://www.hotsprings.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 147.182.193.139 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 936298.cloudwaysapps.com
Software: nginx /
Resource Hash: bf74b96c019800120222f32176e688bf6e6560e3b2b0a589e3209f17ed45087a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hotsprings.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 18:04:34 GMT
content-encoding: gzip
last-modified: Tue, 07 Feb 2023 14:58:15 GMT
server: nginx
etag: W/"63e26707-47a86"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000

GET
H2 200 uikit.js Show response
www.hotsprings.org/site/templates/uikit-3.7.2/js/ 340 KB
67 KB 376ms
376ms Script
application/javascript 147.182.193.139
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hotsprings.org/site/templates/uikit-3.7.2/js/uikit.js
Requested by: Host: www.hotsprings.org
URL: https://www.hotsprings.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 147.182.193.139 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 936298.cloudwaysapps.com
Software: nginx /
Resource Hash: 8ecff0222bff471f4bf1d925a162a03c9b9a02dc3e7ee476ae49431821726040

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hotsprings.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 18:04:34 GMT
content-encoding: gzip
last-modified: Tue, 07 Feb 2023 14:59:06 GMT
server: nginx
etag: W/"63e2673a-550c7"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000

GET
H2 200 uikit-icons.min.js Show response
www.hotsprings.org/site/templates/uikit-3.7.2/js/ 64 KB
18 KB 377ms
376ms Script
application/javascript 147.182.193.139
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hotsprings.org/site/templates/uikit-3.7.2/js/uikit-icons.min.js
Requested by: Host: www.hotsprings.org
URL: https://www.hotsprings.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 147.182.193.139 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 936298.cloudwaysapps.com
Software: nginx /
Resource Hash: 6fe17af7f7462a7ca0e5a79cfef8935b902c617bf82033587b3ba04a0696697a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hotsprings.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 18:04:34 GMT
content-encoding: gzip
last-modified: Tue, 07 Feb 2023 14:59:06 GMT
server: nginx
etag: W/"63e2673a-ff0b"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000

GET
H2 200 1_0 Show response
login.dotomi.com/profile/visit/js/ 19 B
211 B 210ms
83ms Script
application/javascript 63.215.202.137
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to

Full URL: https://login.dotomi.com/profile/visit/js/1_0?dtm_cid=82190&dtm_cmagic=0cb659&dtm_fid=101&dtm_promo_id=1&cachebuster=[POPULATE_CACHEBUSTER_HERE]
Requested by: Host: www.hotsprings.org
URL: https://www.hotsprings.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 63.215.202.137 Amsterdam, Netherlands, ASN41041 (VCLK-EU-SE, US),
Reverse DNS: ams01-nessy-float1.dotomi.com
Software: nginx /
Resource Hash: 2db1dbcf1a4a6e63576e5f22320949e1ddc87ff4c10ff26ec353abc9540cd228

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hotsprings.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Mar 2023 18:04:34 GMT
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
content-type: application/javascript
cache-control: no-cache, private, max-age=0, no-store
content-length: 19
expires: 0

GET
H2 200 logo-npar.svg
www.hotsprings.org/site/assets/svg/ 6 KB
2 KB 188ms
184ms Image
image/svg+xml 147.182.193.139
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hotsprings.org/site/assets/svg/logo-npar.svg
Requested by: Host: www.hotsprings.org
URL: https://www.hotsprings.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 147.182.193.139 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 936298.cloudwaysapps.com
Software: nginx /
Resource Hash: 9e2bd059c4297e44e8d7b40a6ac838dd4613c67064ad8745c2d92dc01474e717

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hotsprings.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 18:04:35 GMT
content-encoding: gzip
last-modified: Tue, 07 Feb 2023 14:59:05 GMT
server: nginx
etag: W/"63e26739-1756"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000

GET
H2 200 food.jpg
www.hotsprings.org/site/assets/files/1110/ 221 KB
221 KB 188ms
185ms Image
image/jpeg 147.182.193.139
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hotsprings.org/site/assets/files/1110/food.jpg
Requested by: Host: www.hotsprings.org
URL: https://www.hotsprings.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 147.182.193.139 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 936298.cloudwaysapps.com
Software: nginx /
Resource Hash: e8424457fe5135a77da99ff13e0ec3e0030c5d874086d7319325a40d15f99cc0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hotsprings.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 18:04:35 GMT
last-modified: Tue, 07 Feb 2023 14:58:15 GMT
server: nginx
etag: "63e26707-37206"
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 225798

GET
H2 200 mountains.svg
www.hotsprings.org/site/assets/svg/ 4 KB
2 KB 373ms
370ms Image
image/svg+xml 147.182.193.139
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hotsprings.org/site/assets/svg/mountains.svg
Requested by: Host: www.hotsprings.org
URL: https://www.hotsprings.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 147.182.193.139 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 936298.cloudwaysapps.com
Software: nginx /
Resource Hash: 31d350246f252211e16de1431003fef582be68de0a76a214217cec7c0cda26a7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hotsprings.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 18:04:35 GMT
content-encoding: gzip
last-modified: Tue, 07 Feb 2023 14:59:05 GMT
server: nginx
etag: W/"63e26739-e00"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 199 KB
72 KB 213ms
83ms Script
application/javascript 2a00:1450:400d:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TMR89FM

Requested by

Host: www.hotsprings.org
URL: https://www.hotsprings.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e6c4291e607011f17c580201ab16720ab6af372cf388d220ed1566d283f593da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hotsprings.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 18:04:35 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 73050
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 08 Mar 2023 18:04:35 GMT

GET
H2 200 print.css
www.hotsprings.org/site/assets/css/ 960 B
622 B 372ms
371ms Stylesheet
text/css 147.182.193.139
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hotsprings.org/site/assets/css/print.css
Requested by: Host: www.hotsprings.org
URL: https://www.hotsprings.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 147.182.193.139 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 936298.cloudwaysapps.com
Software: nginx /
Resource Hash: fb5d45c41a547177b398f151464c7ddedff63aaa6bc72f2f46bd850f159106c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hotsprings.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 18:04:35 GMT
content-encoding: gzip
last-modified: Tue, 07 Feb 2023 14:58:15 GMT
server: nginx
etag: W/"63e26707-3c0"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000

GET
H2 200 lightwidget.js Show response
cdn.lightwidget.com/widgets/ 757 B
602 B 137ms
46ms Script
application/javascript 2606:4700:10::6816:1896
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.lightwidget.com/widgets/lightwidget.js
Requested by: Host: www.hotsprings.org
URL: https://www.hotsprings.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1896 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce91f4fdaac61f4b527ea79882bf4437560a8420369a33525bfd70662545ffe5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hotsprings.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 18:04:34 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 14 Feb 2023 10:21:31 GMT
server: cloudflare
age: 1431
etag: W/"63eb60ab-2f5"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1382400
cf-ray: 7a4d005dfb7fbb5b-FRA

GET
H2 200 hot+springs.js Show response
www.weatherwx.com/weather-js-current/us/ar/ 2 KB
695 B 1660ms
198ms Script
text/html 174.36.68.130
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://www.weatherwx.com/weather-js-current/us/ar/hot+springs.js
Requested by: Host: www.hotsprings.org
URL: https://www.hotsprings.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 174.36.68.130 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: server.saveonhotels.com
Software: Apache/2 / PHP/5.3.29
Resource Hash: 4c94c4342d2364c0750a446c7e9337deb93d158a11c90d52460c92869778227a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hotsprings.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 18:04:36 GMT
content-encoding: gzip
server: Apache/2
x-powered-by: PHP/5.3.29
content-length: 580
vary: Accept-Encoding,User-Agent
content-type: text/html

GET
H/1.1 200
OK /
data.adxcel-ec2.com/pixel/ 43 B
131 B 506ms
117ms Image
image/gif 52.54.206.209
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.adxcel-ec2.com/pixel/?ad_log=referer&action=content&pixid=e7831f38-6e75-4317-8ad0-997a36a5db53
Requested by: Host: www.hotsprings.org
URL: https://www.hotsprings.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.54.206.209 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-54-206-209.compute-1.amazonaws.com
Software: /
Resource Hash: 693d949d8c3fdc7fd4ace7c340b5f177a9f0c5be7bafee8bc93a7d88b7523d75

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hotsprings.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK /
data.adxcel-ec2.com/pixel/ 43 B
131 B 506ms
117ms Image
image/gif 52.54.206.209
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.adxcel-ec2.com/pixel/?ad_log=referer&action=lead&pixid=e7831f38-6e75-4317-8ad0-997a36a5db53
Requested by: Host: www.hotsprings.org
URL: https://www.hotsprings.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.54.206.209 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-54-206-209.compute-1.amazonaws.com
Software: /
Resource Hash: 693d949d8c3fdc7fd4ace7c340b5f177a9f0c5be7bafee8bc93a7d88b7523d75

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hotsprings.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 beacon
r.turn.com/r/ 43 B
398 B 467ms
51ms Image
image/gif 46.228.164.11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/beacon?b2=DamyJRWTZtAp5LSLrNJb6THaDMwsBHRPGODlhipAIAhqaw5fG-A7jK35R_ML2FIa-wtN-bA9_pzkUBO2U__xNw&cid=
Requested by: Host: www.hotsprings.org
URL: https://www.hotsprings.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 46.228.164.11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hotsprings.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 08 Mar 2023 18:04:35 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2 200 element.js Show response
translate.google.com/translate_a/ 78 KB
28 KB 250ms
86ms Script
text/javascript 2a00:1450:400d:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit

Requested by

Host: www.hotsprings.org
URL: https://www.hotsprings.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f20c568ed9bd113b625e0731e9bc770e6f02e9b0f27bd8a5d90c5247965c8e20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hotsprings.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Mar 2023 18:04:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 snippet.js Show response
static.zdassets.com/ekr/ 23 KB
7 KB 150ms
53ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/ekr/snippet.js?key=fd8bc7e1-e495-4210-af4f-832d14066404

Requested by

Host: www.hotsprings.org
URL: https://www.hotsprings.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c71a7bdc6e1f2f8875556b690007a65be9e5ae1fb285f76d85180c89a3fa52d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hotsprings.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 18:04:35 GMT
x-amz-version-id: TCAqq4sghBBBAAXd3MLZ8Fy8XIds..vO
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: SKC113B8SFZCQ750
age: 46
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: lziHCI+1V4Onu9v44W7pHodPXkayXY+q5IAVjc0fhSmQLfB1jtZ35+NZrTufc1VIDYDuF9fyOu4=
last-modified: Thu, 28 Jul 2022 23:44:02 GMT
server: cloudflare
etag: W/"5cae6ce528dce0c327b2bcbaad459fdb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q%2BxA5pHUox7vqo8VgUSVaYDA0ub7b3%2Fy7x3ZcUoGycHzAVY0MkL0ZLOdJwz3EzZl2wOIvGwt%2BHSFXAfzPoSmxGyQYpHIJc7eQ6VyYYmPAzqp4C2srvqukXrt2rqZp%2B5aPQ7CIt8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=3600, s-maxage=60
cf-ray: 7a4d00607906bbfd-FRA

GET
H2 200 jbt3uaq.css
use.typekit.net/ 3 KB
994 B 349ms
184ms Stylesheet
text/css 2a02:26f0:11a::217:9a58
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/jbt3uaq.css

Requested by

Host: www.hotsprings.org
URL: https://www.hotsprings.org/site/assets/css/screen.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:11a::217:9a58 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

09c43f9b3bf9ced6eafb33946f2db124863011a7e30fb2975899c26126eaebf6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hotsprings.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
date: Wed, 08 Mar 2023 18:04:34 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 762

GET
H2 200 p.css
p.typekit.net/ 5 B
195 B 203ms
40ms Stylesheet
text/css 2a02:26f0:3500:16::215:1495
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=jbt3uaq&ht=tk&f=27918.27954.28025.37516&a=86710840&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/jbt3uaq.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:1495 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://use.typekit.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

unused62: 8096267
date: Wed, 08 Mar 2023 18:04:35 GMT
last-modified: Sat, 16 Oct 2021 08:18:43 GMT
server: nginx
etag: "616a8ae3-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H2

200

activityi;dc_pre=CKTCgOP1zP0CFdekGAodgaAEmA;src=12268554;type=count0;cat=sitev00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;... Show response
12268554.fls.doubleclick.net/ Frame BDE5
Redirect Chain

https://12268554.fls.doubleclick.net/activityi;src=12268554;type=count0;cat=sitev00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%...
https://12268554.fls.doubleclick.net/activityi;dc_pre=CKTCgOP1zP0CFdekGAodgaAEmA;src=12268554;type=count0;cat=sitev00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;...

563 B
481 B

98ms
97ms

Document
text/html

142.250.180.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://12268554.fls.doubleclick.net/activityi;dc_pre=CKTCgOP1zP0CFdekGAodgaAEmA;src=12268554;type=count0;cat=sitev00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=5040439461767.805?

Requested by

Host: www.hotsprings.org
URL: https://www.hotsprings.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.180.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f6.1e100.net

Software

cafe /

Resource Hash

d6772a41f2834b092239d5fc54050d69faa00a51d1f301ecdc251bc3d5fa5d9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hotsprings.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 305
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 08 Mar 2023 18:04:35 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 08 Mar 2023 18:04:35 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://12268554.fls.doubleclick.net/activityi;dc_pre=CKTCgOP1zP0CFdekGAodgaAEmA;src=12268554;type=count0;cat=sitev00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=5040439461767.805?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 l
use.typekit.net/af/0d0f8f/00000000000000007735c199/30/ 13 KB
13 KB 181ms
45ms Font
application/font-woff2 2a02:26f0:11a::217:9a58
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/0d0f8f/00000000000000007735c199/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/jbt3uaq.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:11a::217:9a58 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 60402dd08f25414ec79ade3f4a96d781a80d503e1e41f529ba12e549f2067829

Request headers

Referer: https://use.typekit.net/jbt3uaq.css
Origin: https://www.hotsprings.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 18:04:35 GMT
server: nginx
etag: "d2ee9c1910a413485cb8230e5c2b59ca20f7528e"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 13356

GET
H2 200 l
use.typekit.net/af/2c4aa7/00000000000000007735b4d4/30/ 15 KB
15 KB 193ms
57ms Font
application/font-woff2 2a02:26f0:11a::217:9a58
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/2c4aa7/00000000000000007735b4d4/30/l?subset_id=2&fvd=n5&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/jbt3uaq.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:11a::217:9a58 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 2512f4a3cb4a0bce715c38488251909fb56aee720ef530954b3bd3becc6a83ed

Request headers

Referer: https://use.typekit.net/jbt3uaq.css
Origin: https://www.hotsprings.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 18:04:35 GMT
server: nginx
etag: "90074b7cbedee51333740284b6eb10215fe205c6"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 15272

GET
H2 200 l
use.typekit.net/af/4eeafb/00000000000000007735b4ce/30/ 15 KB
15 KB 193ms
58ms Font
application/font-woff2 2a02:26f0:11a::217:9a58
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/4eeafb/00000000000000007735b4ce/30/l?subset_id=2&fvd=n7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/jbt3uaq.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:11a::217:9a58 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 5e3600892aed78fca97c772d4d1375ba94c1fa5cb2710506f5e078c45896bdef

Request headers

Referer: https://use.typekit.net/jbt3uaq.css
Origin: https://www.hotsprings.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 18:04:35 GMT
server: nginx
etag: "8c7971e0ab849c577f2025090a3030d3b76c29a3"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 15476

GET
H2 200 itinerary.svg Show response
www.hotsprings.org/site/assets/svg/ 2 KB
889 B 315ms
314ms XHR
image/svg+xml 147.182.193.139
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hotsprings.org/site/assets/svg/itinerary.svg
Requested by: Host: www.hotsprings.org
URL: https://www.hotsprings.org/site/templates/uikit-3.7.2/js/uikit.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 147.182.193.139 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 936298.cloudwaysapps.com
Software: nginx /
Resource Hash: 91a4279fd813b1670935a068c77eb12115ced1b3921bf6fce76975d26d7f1a7c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hotsprings.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 18:04:35 GMT
content-encoding: gzip
last-modified: Tue, 07 Feb 2023 14:59:05 GMT
server: nginx
etag: W/"63e26739-6ef"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000

GET
H2 200 logo-npar.svg Show response
www.hotsprings.org/site/assets/svg/ 6 KB
2 KB 316ms
315ms XHR
image/svg+xml 147.182.193.139
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hotsprings.org/site/assets/svg/logo-npar.svg
Requested by: Host: www.hotsprings.org
URL: https://www.hotsprings.org/site/templates/uikit-3.7.2/js/uikit.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 147.182.193.139 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 936298.cloudwaysapps.com
Software: nginx /
Resource Hash: 9e2bd059c4297e44e8d7b40a6ac838dd4613c67064ad8745c2d92dc01474e717

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hotsprings.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 18:04:35 GMT
content-encoding: gzip
last-modified: Tue, 07 Feb 2023 14:59:05 GMT
server: nginx
etag: W/"63e26739-1756"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000

GET
H2 200 mountains.svg Show response
www.hotsprings.org/site/assets/svg/ 4 KB
2 KB 316ms
316ms XHR
image/svg+xml 147.182.193.139
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hotsprings.org/site/assets/svg/mountains.svg
Requested by: Host: www.hotsprings.org
URL: https://www.hotsprings.org/site/templates/uikit-3.7.2/js/uikit.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 147.182.193.139 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 936298.cloudwaysapps.com
Software: nginx /
Resource Hash: 31d350246f252211e16de1431003fef582be68de0a76a214217cec7c0cda26a7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hotsprings.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 18:04:35 GMT
content-encoding: gzip
last-modified: Tue, 07 Feb 2023 14:59:05 GMT
server: nginx
etag: W/"63e26739-e00"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000

GET
H2 206 1.mp4
www.hotsprings.org/site/assets/videos/ 13 MB
0 308ms
308ms Media
video/mp4 147.182.193.139
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hotsprings.org/site/assets/videos/1.mp4
Requested by: Host: www.hotsprings.org
URL: https://www.hotsprings.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 147.182.193.139 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 936298.cloudwaysapps.com
Software: nginx /
Resource Hash

Request headers

Referer: https://www.hotsprings.org/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Range: bytes=0-

Response headers

date: Wed, 08 Mar 2023 18:04:35 GMT
last-modified: Tue, 07 Feb 2023 14:59:05 GMT
server: nginx
etag: "63e26739-22bc117"
content-type: video/mp4
Content-Range: bytes 0-36421910/36421911
cache-control: public, max-age=31536000
Content-Length: 36421911

GET
DATA 200
OK truncated
/ 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 71 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 783b64a2712a53981149bc9cd29d7865d371c3c2b092a80c69d7773d588a8549

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 71 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b85a924f1e83fc59f6d3bd16b1f1cb1e496ffe7c50707112821fa5972505beee

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 71 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cb13af37fe96c44b86f13095251eeb2898867770b47d64e68f7ea43212360fd5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 71 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3032c66b2f4cf8bb1a2425ad22e78e202dfec94762a53e6a7a380a5fcdc5cc74

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 3bf60f7504d6557f89bac33588bda95b.html Show response
cdn.lightwidget.com/widgets/ Frame 2F61 45 KB
10 KB 123ms
122ms Document
text/html 2606:4700:10::6816:1896
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.lightwidget.com/widgets/3bf60f7504d6557f89bac33588bda95b.html
Requested by: Host: www.hotsprings.org
URL: https://www.hotsprings.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1896 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b8ae33589076421b682815c3cefb85468995548f2c5f6e03975051f70433f1c1

Request headers

Referer: https://www.hotsprings.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=1800
cf-cache-status: MISS
cf-ray: 7a4d0060afc4bb5b-FRA
content-encoding: br
content-type: text/html
date: Wed, 08 Mar 2023 18:04:35 GMT
last-modified: Wed, 08 Mar 2023 17:42:05 GMT
server: cloudflare
vary: Accept-Encoding Accept-Encoding

GET
H2 200 logo-npar.svg
www.hotsprings.org/site/assets/svg/ 6 KB
2 KB 254ms
253ms Image
image/svg+xml 147.182.193.139
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hotsprings.org/site/assets/svg/logo-npar.svg
Requested by: Host: www.hotsprings.org
URL: https://www.hotsprings.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 147.182.193.139 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 936298.cloudwaysapps.com
Software: nginx /
Resource Hash: 9e2bd059c4297e44e8d7b40a6ac838dd4613c67064ad8745c2d92dc01474e717

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hotsprings.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 18:04:35 GMT
content-encoding: gzip
last-modified: Tue, 07 Feb 2023 14:59:05 GMT
server: nginx
etag: W/"63e26739-1756"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000

GET
H2 200 diamonds-half.svg
www.hotsprings.org/site/assets/svg/ 8 KB
2 KB 253ms
253ms Image
image/svg+xml 147.182.193.139
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hotsprings.org/site/assets/svg/diamonds-half.svg
Requested by: Host: www.hotsprings.org
URL: https://www.hotsprings.org/site/assets/css/screen.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 147.182.193.139 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 936298.cloudwaysapps.com
Software: nginx /
Resource Hash: 97f4c45dda28cf067efdb9ec87ce3431785cd4b5fe68e1dcc758b8c52136363b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hotsprings.org/site/assets/css/screen.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 18:04:35 GMT
content-encoding: gzip
last-modified: Tue, 07 Feb 2023 14:59:05 GMT
server: nginx
etag: W/"63e26739-1ed1"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000

GET
H2 200 srp_4526.jpg
www.hotsprings.org/site/assets/files/6012/ 1 MB
1 MB 241ms
240ms Image
image/jpeg 147.182.193.139
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hotsprings.org/site/assets/files/6012/srp_4526.jpg
Requested by: Host: www.hotsprings.org
URL: https://www.hotsprings.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 147.182.193.139 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 936298.cloudwaysapps.com
Software: nginx /
Resource Hash: bec9f932a72935b79fb252fcd08b2c6c8ac53106c256c0b2526fbfa77918d515

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hotsprings.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 18:04:35 GMT
last-modified: Tue, 07 Feb 2023 09:15:27 GMT
server: nginx
etag: "63e216af-1177db"
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 1144795

GET
H2 200 seasonal.jpg
www.hotsprings.org/site/assets/files/6014/ 454 KB
455 KB 241ms
240ms Image
image/jpeg 147.182.193.139
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hotsprings.org/site/assets/files/6014/seasonal.jpg
Requested by: Host: www.hotsprings.org
URL: https://www.hotsprings.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 147.182.193.139 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 936298.cloudwaysapps.com
Software: nginx /
Resource Hash: 768a21c18b3e44b382fc0f38332fcc50dd3ba74e2562e47e559c0db5a4306351

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hotsprings.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 18:04:35 GMT
last-modified: Tue, 07 Feb 2023 09:15:27 GMT
server: nginx
etag: "63e216af-71922"
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 465186

GET
H2 200 vacation_guide_homepage.jpg
www.hotsprings.org/site/assets/files/5148/ 1 MB
1 MB 242ms
241ms Image
image/jpeg 147.182.193.139
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hotsprings.org/site/assets/files/5148/vacation_guide_homepage.jpg
Requested by: Host: www.hotsprings.org
URL: https://www.hotsprings.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 147.182.193.139 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 936298.cloudwaysapps.com
Software: nginx /
Resource Hash: 7d43c0a8546bfbf2dbe487b288f330bb4e524c9de85c86fb53e1d18e626aeca4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hotsprings.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 18:04:35 GMT
last-modified: Tue, 07 Feb 2023 09:14:56 GMT
server: nginx
etag: "63e21690-175354"
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 1528660

GET
H2 200 day_trip_2.jpg
www.hotsprings.org/site/assets/files/5798/ 1 MB
1 MB 242ms
241ms Image
image/jpeg 147.182.193.139
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hotsprings.org/site/assets/files/5798/day_trip_2.jpg
Requested by: Host: www.hotsprings.org
URL: https://www.hotsprings.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 147.182.193.139 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 936298.cloudwaysapps.com
Software: nginx /
Resource Hash: 5936235176f1cc291ee298bfe6d45c18d1f9017b12546d209af7d4071ec04ce8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hotsprings.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 18:04:35 GMT
last-modified: Tue, 07 Feb 2023 09:15:17 GMT
server: nginx
etag: "63e216a5-1141ad"
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 1130925

GET
H2 200 weekend_trip.jpg
www.hotsprings.org/site/assets/files/6010/ 402 KB
403 KB 242ms
241ms Image
image/jpeg 147.182.193.139
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hotsprings.org/site/assets/files/6010/weekend_trip.jpg
Requested by: Host: www.hotsprings.org
URL: https://www.hotsprings.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 147.182.193.139 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 936298.cloudwaysapps.com
Software: nginx /
Resource Hash: e22773325ec6e5608aab32e5ddf9f0329245cd6e0f64d13ae8dbb2ebc32be018

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hotsprings.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 18:04:35 GMT
last-modified: Tue, 07 Feb 2023 09:15:27 GMT
server: nginx
etag: "63e216af-6490c"
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 411916

GET
DATA 200
OK truncated
/ Frame 2F61 410 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 19f834c8f5234931dd99be1816074c3f332b5df151f6ae25e24ec446c78698d8

Request headers

Referer
Origin: https://cdn.lightwidget.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 2F61 193 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 896aa78a5bbedcd99bfec4e6d9c06fd3fe5e04853de5427596df403ddaaf30f8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 167ms
39ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TMR89FM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hotsprings.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 Mar 2023 16:14:50 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 6585
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Wed, 08 Mar 2023 18:14:50 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 40 KB
12 KB 156ms
65ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.hotsprings.org
URL: https://www.hotsprings.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

a2137ebfe2b9ff55e1f280dbb1eef301290c50db609c5d6a0494ae8f3c98c253

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hotsprings.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Wed, 08 Mar 2023 18:04:35 GMT
last-modified: Thu, 16 Feb 2023 18:31:53 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 6F5DDD5997CF445CB8EE120EC942A4D5 Ref B: FRA31EDGE0519 Ref C: 2023-03-08T18:04:35Z
etag: "8072cff03442d91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 11894

GET
H2 200 1_0 Show response
login.dotomi.com/profile/visit/js/ 19 B
210 B 42ms
41ms Script
application/javascript 63.215.202.137
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to

Full URL: https://login.dotomi.com/profile/visit/js/1_0?dtm_cid=82190&dtm_cmagic=0cb659&dtm_fid=101&dtm_promo_id=1&cachebuster=519193122
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TMR89FM
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 63.215.202.137 Amsterdam, Netherlands, ASN41041 (VCLK-EU-SE, US),
Reverse DNS: ams01-nessy-float1.dotomi.com
Software: nginx /
Resource Hash: 2db1dbcf1a4a6e63576e5f22320949e1ddc87ff4c10ff26ec353abc9540cd228

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hotsprings.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Mar 2023 18:04:35 GMT
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
content-type: application/javascript
cache-control: no-cache, private, max-age=0, no-store
content-length: 19
expires: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 174 KB
64 KB 82ms
81ms Script
application/javascript 2a00:1450:400d:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-769570144

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TMR89FM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3499de0cfc8b1f78b969cacdad0dc41a28e8ff10624fcc83162b0a57299ba08f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hotsprings.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 18:04:35 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 65920
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 08 Mar 2023 18:04:35 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 107 KB
28 KB 125ms
41ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.hotsprings.org
URL: https://www.hotsprings.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0fca0294cfaf24a4db0852415eee7bcdea7b9766d59e443fb2d5f0c77eb23363

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hotsprings.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 08 Mar 2023 18:04:35 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27907
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: igSR+anikr+9Fe/5fJjTZW/RIN3Ixi2vXkTbDOpxJDZ+dCu0hc+uCfxSaLcWENw7hEmNVBZyUidHeCViSSESSA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 3 KB
2 KB 465ms
151ms Script
application/javascript 95.101.23.97
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CDLC8I3C77UDCMKM7GGG&lib=ttq
Requested by: Host: www.hotsprings.org
URL: https://www.hotsprings.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.23.97 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-23-97.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 8859e716dbf2180aa9750d2b242ef8a54d14e2c1d240863b82c30103dd9b60c6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hotsprings.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-akamai-request-id: 1ee1bea0.f487f71
date: Wed, 08 Mar 2023 18:04:35 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a95-101-23-93.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
x-parent-response-time: 102,95.101.23.93
server-timing: cdn-cache; desc=MISS, edge; dur=98, origin; dur=5, inner; dur=2
content-length: 1319
pragma: no-cache
server: nginx
x-tt-logid: 20230308180435FF362E2B3179D5AA2869
x-cache-remote: TCP_MISS from a23-220-104-19.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 5,23.220.104.19
x-tt-trace-host: 0151bb0d5f93350975933dde147b0a4689d491915d1a54737fc36cbdea82509f6ea7eabb1c9d21f4ba9af0486dd07605df10dd9c1edf87347581427f344e63ab367e0875bebce1c4c3e9dc24542c0b9fecd9ecdf2532f04e6829c7f5e173ff86166173692845e8a06e6f92dbd9bba09145
expires: Wed, 08 Mar 2023 18:04:35 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 234 KB
80 KB 88ms
88ms Script
application/javascript 2a00:1450:400d:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-H5QDX6Q01X&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TMR89FM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

38eb6147aee3dd11a4f68451b1f63f9bec35964849986ade3b309bf780599b61

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hotsprings.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 18:04:35 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81799
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 08 Mar 2023 18:04:35 GMT

GET
H2 200 / Show response
adservice.google.com/ddm/fls/i/dc_pre=CKTCgOP1zP0CFdekGAodgaAEmA;src=12268554;type=count0;cat=sitev00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7... Frame 7F6F 562 B
681 B 654ms
98ms Document
text/html 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CKTCgOP1zP0CFdekGAodgaAEmA;src=12268554;type=count0;cat=sitev00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=5040439461767.805;~oref=https://www.hotsprings.org/

Requested by

Host: 12268554.fls.doubleclick.net
URL: https://12268554.fls.doubleclick.net/activityi;dc_pre=CKTCgOP1zP0CFdekGAodgaAEmA;src=12268554;type=count0;cat=sitev00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=5040439461767.805?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9704e04fee6fe5ff6830c0c9bc31fca2cb04679617e1386be34a628d37413e7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://12268554.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 306
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 08 Mar 2023 18:04:36 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/769570144/ 3 KB
2 KB 261ms
58ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/769570144/?random=1678298675668&cv=11&fst=1678298675668&bg=ffffff&guid=ON&async=1&gtm=45be3360&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.hotsprings.org%2F&tiba=Hot%20Springs%2C%20Arkansas%20%7C%20Hot%20Springs%20National%20Park%20Arkansas&auid=578999141.1678298675&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-769570144

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

413e017783a5184663446eea3b5f761a71e7fa1d8b5d67f4fa4b0128cb7a9848

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hotsprings.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Mar 2023 18:04:35 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1221
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
256 B 221ms
46ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-H5QDX6Q01X&gtm=45je3360&_p=710574201&cid=368567444.1678298676&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1678298675&sct=1&seg=0&dl=https%3A%2F%2Fwww.hotsprings.org%2F&dt=Hot%20Springs%2C%20Arkansas%20%7C%20Hot%20Springs%20National%20Park%20Arkansas&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-H5QDX6Q01X&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hotsprings.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Mar 2023 18:04:35 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.hotsprings.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 26155083.js Show response
bat.bing.com/p/action/ 0
118 B 210ms
210ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/26155083.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hotsprings.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Wed, 08 Mar 2023 18:04:35 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: ABAF65DA63F24A1A8E5EEAB343C411EE Ref B: FRA31EDGE0519 Ref C: 2023-03-08T18:04:35Z
x-cache: CONFIG_NOCACHE

GET
H2 200 1058820657878299 Show response
connect.facebook.net/signals/config/ 378 KB
108 KB 245ms
245ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1058820657878299?v=2.9.98&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d0f21d8287cdcb2bd138949ba1480470cba062f619213acc695ac62b39e11dee

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hotsprings.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 08 Mar 2023 18:04:35 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: jau5xHkc/Yh/jD2nP/enywtF/ZSSoDjoBDLEu6CmqeNGe1sDlqj4EEFuumovantNpfQVSg6+boaTKffxhxwx2Q==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
211 B 98ms
98ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=710574201&t=pageview&_s=1&dl=https%3A%2F%2Fwww.hotsprings.org%2F&ul=en-us&de=UTF-8&dt=Hot%20Springs%2C%20Arkansas%20%7C%20Hot%20Springs%20National%20Park%20Arkansas&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=161947084&gjid=1456035454&cid=368567444.1678298676&tid=UA-1172938-29&_gid=1850231200.1678298676&_r=1&_slc=1&gtm=45He3360n81TMR89FM&z=513191588

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.hotsprings.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 08 Mar 2023 18:04:35 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.hotsprings.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
351 B 146ms
47ms XHR
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-1172938-29&cid=368567444.1678298676&jid=161947084&gjid=1456035454&_gid=1850231200.1678298676&_u=YADAAEAAAAAAACAAI~&z=1772061549

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.hotsprings.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 08 Mar 2023 18:04:35 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.hotsprings.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/769570144/ 42 B
455 B 147ms
50ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/769570144/?random=1678298675668&cv=11&fst=1678298400000&bg=ffffff&guid=ON&async=1&gtm=45be3360&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.hotsprings.org%2F&tiba=Hot%20Springs%2C%20Arkansas%20%7C%20Hot%20Springs%20National%20Park%20Arkansas&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1918480903&rmt_tld=0&ipr=y

Requested by

Host: www.hotsprings.org
URL: https://www.hotsprings.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hotsprings.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Mar 2023 18:04:36 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/769570144/ 42 B
455 B 148ms
52ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/769570144/?random=1678298675668&cv=11&fst=1678298400000&bg=ffffff&guid=ON&async=1&gtm=45be3360&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.hotsprings.org%2F&tiba=Hot%20Springs%2C%20Arkansas%20%7C%20Hot%20Springs%20National%20Park%20Arkansas&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1918480903&rmt_tld=1&ipr=y

Requested by

Host: www.hotsprings.org
URL: https://www.hotsprings.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hotsprings.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Mar 2023 18:04:36 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 112ms
65ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-1172938-29&cid=368567444.1678298676&jid=161947084&_u=YADAAEAAAAAAACAAI~&z=1545327046

Requested by

Host: www.hotsprings.org
URL: https://www.hotsprings.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hotsprings.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Mar 2023 18:04:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 111ms
63ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-1172938-29&cid=368567444.1678298676&jid=161947084&_u=YADAAEAAAAAAACAAI~&z=1545327046

Requested by

Host: www.hotsprings.org
URL: https://www.hotsprings.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hotsprings.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Mar 2023 18:04:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 main.MTE3ZGZjMmFkMQ.js Show response
analytics.tiktok.com/i18n/pixel/static/ 252 KB
67 KB 49ms
48ms Script
application/javascript 95.101.23.97
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTE3ZGZjMmFkMQ.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CDLC8I3C77UDCMKM7GGG&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.23.97 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-23-97.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 4d9074e3fda26a28e6500d3a1cbaa23bddaecd66d2e6129d850f3cdc40884906

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hotsprings.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-akamai-request-id: f488372
date: Wed, 08 Mar 2023 18:04:36 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 202302211453349FF5000290FBAA7BC908
vary: Accept-Encoding
x-cache: TCP_HIT from a95-101-23-93.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01dbd9247ff47f1f63fb30c25626ac8e0ba5c31cd411d01b588cbe3d8528bd74411faf7a7c71f3c7a21d0c6118d9bd2a60e9e759203a0d91321228a4da1b2c64493becfa0683501118c81424174d7874f440213ca9de80aec57f558d55e751040f
server-timing: cdn-cache; desc=HIT, edge; dur=1, inner; dur=2
content-length: 68367

GET
H2 200 identify_cab4d.js Show response
analytics.tiktok.com/i18n/pixel/static/ 114 KB
31 KB 56ms
56ms Script
application/javascript 95.101.23.97
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_cab4d.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTE3ZGZjMmFkMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.23.97 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-23-97.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: cef0a3ffb6993fc1ec7b5b67a16377ec1ec0a858b3cabb834033d7458ff0e4bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hotsprings.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-akamai-request-id: f4887cd
date: Wed, 08 Mar 2023 18:04:36 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 2023022114533445FE0106A99395FA1532
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a95-101-23-93.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 0130af37206f67631ef4f624d6e27fd1ebba4508ee2263968b22b5ba58d9e6c6f85ddde2493b6d5379129c0df5dd3ed3b8621e11935536bcdf1454076d5fe9c813bfe8d5bd9f30c02ad676c2d66132539dec1727a1823a6d0b54d3571a5d8b2e07
server-timing: cdn-cache; desc=HIT, edge; dur=1, inner; dur=2
content-length: 30904

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
693 B 179ms
178ms Ping
text/plain 95.101.23.97
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTE3ZGZjMmFkMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.23.97 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-23-97.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.hotsprings.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 2025346c.f4888b0
date: Wed, 08 Mar 2023 18:04:36 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a95-101-23-93.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
x-parent-response-time: 129,95.101.23.93
server-timing: cdn-cache; desc=MISS, edge; dur=101, origin; dur=31, inner; dur=25
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202303081804367A573CCA3D2BF1D78B18
x-cache-remote: TCP_MISS from a23-220-104-20.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 31,23.220.104.20
x-tt-trace-host: 0151bb0d5f93350975933dde147b0a4689d491915d1a54737fc36cbdea82509f6ed7cb2943335ed99816bb6c2bb4f918d2b72de16c1f1dbaf2cbff698ddce50a3a83169df6f550d54d4022350792d65b31e8055505fa0191ec23810be89c61bc230b6e535d6e7c21bbf8ce9b98068dc727
expires: Wed, 08 Mar 2023 18:04:36 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 126ms
41ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1058820657878299&ev=PageView&dl=https%3A%2F%2Fwww.hotsprings.org%2F&rl=&if=false&ts=1678298676258&sw=1600&sh=1200&v=2.9.98&r=stable&a=tmgoogletagmanager&ec=0&o=30&cs_est=true&fbp=fb.1.1678298676257.52114443&it=1678298675722&coo=false&rqm=GET

Requested by

Host: www.hotsprings.org
URL: https://www.hotsprings.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hotsprings.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 08 Mar 2023 18:04:36 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 / Show response
adservice.google.de/ddm/fls/i/dc_pre=CKTCgOP1zP0CFdekGAodgaAEmA;src=12268554;type=count0;cat=sitev00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7B... Frame D45C 194 B
515 B 167ms
78ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/ddm/fls/i/dc_pre=CKTCgOP1zP0CFdekGAodgaAEmA;src=12268554;type=count0;cat=sitev00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=5040439461767.805;~oref=https://www.hotsprings.org/

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CKTCgOP1zP0CFdekGAodgaAEmA;src=12268554;type=count0;cat=sitev00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=5040439461767.805;~oref=https://www.hotsprings.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 85
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 08 Mar 2023 18:04:36 GMT
expires: Wed, 08 Mar 2023 18:04:36 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 6c1b94d176.js Show response
kit.fontawesome.com/ 11 KB
4 KB 152ms
67ms Script
text/javascript 2606:4700::6812:1734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://kit.fontawesome.com/6c1b94d176.js

Requested by

Host: www.weatherwx.com
URL: https://www.weatherwx.com/weather-js-current/us/ar/hot+springs.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b386a0912d2090e81cab5243ff47c3320da64a3419487e83317f298411843f63

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Referer: https://www.hotsprings.org/
Origin: https://www.hotsprings.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Wed, 08 Mar 2023 18:04:36 GMT
strict-transport-security: max-age=31536000; preload
content-encoding: gzip
cf-cache-status: REVALIDATED
server: cloudflare
access-control-max-age: 3000
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=60, public, must-revalidate
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
cf-ray: 7a4d00692f43362d-FRA
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id: F0jwtQx7uBNfybNOvUJh

GET
H2 200 cloudy.png
www.weatherwx.com/images/64xfcicons/ 4 KB
4 KB 166ms
165ms Image
image/png 174.36.68.130
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.weatherwx.com/images/64xfcicons/cloudy.png
Requested by: Host: www.hotsprings.org
URL: https://www.hotsprings.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 174.36.68.130 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: server.saveonhotels.com
Software: Apache/2 /
Resource Hash: 126a06ad817db118fcb98f98790a8b346bdb536402ac266e64665075d0fafa63

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hotsprings.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 18:04:36 GMT
last-modified: Sat, 04 Nov 2017 02:26:31 GMT
server: Apache/2
accept-ranges: bytes
etag: "110e-55d1ef302c3c0"
content-length: 4366
content-type: image/png

GET
H2 200 free.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ 59 KB
13 KB 138ms
49ms Fetch
text/css 2606:4700:e4::ac40:a816
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free.min.css?token=6c1b94d176
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/6c1b94d176.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a816 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hotsprings.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 18:04:36 GMT
via: 1.1 cbe141923b7469a299306144733821c2.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-C2
age: 1469301
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"a12ec7ebe75a4d59a5dd6b79e2ba2e16"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FrNaJq1AioMgJnq8JaLq03wPsIhKfsm83QICzC4xJS1bJrRyKhN%2BJIld1aZDeNcTvMyv3n7hduWH3fqdCKw2nvcQl5hat8BjGkHlKJ9Ge7XPdwRQyghWV6mHSgYihtJ5WpIgQ8lTNJQgfroKhQNmCJETZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 7a4d006a2de32c62-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: FyT-BUKQFjiGi6YEuI2xT084_LOqAO7xSUJPctSTNdGWW3WbqrI24w==

GET
H2 200 free-v4-shims.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ 26 KB
5 KB 136ms
48ms Fetch
text/css 2606:4700:e4::ac40:a816
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-shims.min.css?token=6c1b94d176
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/6c1b94d176.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a816 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hotsprings.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 18:04:36 GMT
via: 1.1 0a4e8f7c3d348e526848328c55dd452a.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-C2
age: 673105
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"76f34b71fc9fb641507ff6a822cc07f5"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IQYZ2XX5Qi8HOXB6jBtX7lD%2F%2FytjiMT%2Fuxva3ShAe%2BT8fma%2Bmm4IKzhx7l6cY08RoX1klxtbhRKHOUiWJahe%2BjMhcRfr6ALoaGMOZQErJ0iYzY3qhWlN9n97tMrWlWThxaVOdifQ9z7x%2FyZNPBAdxPyLwg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 7a4d006a3de42c62-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: sFJzjleVU4diG84RxgSc-Q7c93a2IdT9k2OhTnaAaWKSNq2x30CO-g==

GET
H2 200 free-v4-font-face.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ 3 KB
1 KB 137ms
48ms Fetch
text/css 2606:4700:e4::ac40:a816
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-font-face.min.css?token=6c1b94d176
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/6c1b94d176.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a816 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hotsprings.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 18:04:36 GMT
via: 1.1 2f72de1f504b6784c7adb04e7fe314f2.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA60-P2
age: 1008293
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"f2e0b2680d9b0bcb6e0039c4424e5a59"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XNRym2KRX1oBu9GTbCntAT042Udq4ogEXgY2nSv7WxebrO%2FC%2FdflYKXrz0E%2BwFgnWunyOE3fOgiu1PxN%2BDazDutXkXpnq8uO7gqKWgsB4Zb7gEGlIx9SEmwnHye0ITrVDMn2RkKIDq0KijyXawpvtziZLA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 7a4d006a3de62c62-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: ot3ihgzRjrlKMOdY5NGPoLWZKisHEF_LI_hR03DsWIQORCcWgUtR1g==

GET /
o2.eyereturn.com/ 0
0

GET
H2 200 m=el_main_css
www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.cYEbrOmw59Q.L.W.O/d=0/rs=AN8SPfpU282joXDlbkUblMtWLWoZn4bb2g/ 25 KB
5 KB 128ms
39ms Stylesheet
text/css 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.cYEbrOmw59Q.L.W.O/d=0/rs=AN8SPfpU282joXDlbkUblMtWLWoZn4bb2g/m=el_main_css

Requested by

Host:
URL: /_/translate_http/_/js/k=translate_http.tr.de.qPmcd-VsyBY.O/d=1/rs=AN8SPfotLGlmRd_MEvMonQLnslVCsElziw/m=el_conf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

be772df30b158452751d2fcd53efb89b37e4e9dc366a1f525f80ab04c8823f10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hotsprings.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 13:04:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18015
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4450
x-xss-protection: 0
last-modified: Wed, 08 Feb 2023 02:19:28 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="rosetta"
vary: Accept-Encoding
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 07 Mar 2024 13:04:21 GMT

GET
H2 200 m=el_main Show response
translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.de.qPmcd-VsyBY.O/d=1/exm=el_conf/ed=1/rs=AN8SPfotLGlmRd_MEvMonQLnslVCsElziw/ 207 KB
74 KB 145ms
39ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.de.qPmcd-VsyBY.O/d=1/exm=el_conf/ed=1/rs=AN8SPfotLGlmRd_MEvMonQLnslVCsElziw/m=el_main

Requested by

Host:
URL: /_/translate_http/_/js/k=translate_http.tr.de.qPmcd-VsyBY.O/d=1/rs=AN8SPfotLGlmRd_MEvMonQLnslVCsElziw/m=el_conf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7bf3ed2e9c6e9352050dbfedd72fd8a472be6538f0fa97cd55deb360481b5b19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hotsprings.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 13:04:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18016
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 75152
x-xss-protection: 0
last-modified: Sat, 04 Mar 2023 04:12:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="rosetta"
vary: Accept-Encoding
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 07 Mar 2024 13:04:20 GMT

GET
H2 200 fd8bc7e1-e495-4210-af4f-832d14066404 Show response
ekr.zdassets.com/compose/ 324 B
1 KB 324ms
225ms XHR
application/json 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ekr.zdassets.com/compose/fd8bc7e1-e495-4210-af4f-832d14066404

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=fd8bc7e1-e495-4210-af4f-832d14066404

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c9b59f6117fbb43905434951436fb506f9f9db1de3b1b93caeb31a390afaa464

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hotsprings.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 18:04:37 GMT
strict-transport-security: max-age=0
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
content-encoding: br
status: 200 OK
cdn-cache-control: max-age=60
x-xss-protection: 1; mode=block
x-request-id: 7a4158ad3994365c-SEA, 7a4158ad3994365c-SEA
x-runtime: 0.003631
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"c9b59f6117fbb43905434951436fb506"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dVauhG1aeFIpM3mjxX9TNr989CShVHvGPmNrzPDwmmBA78LIYZzNCE8%2BrModekryyKe3wGwvYbCM1UwpIa5RBwG7EG7CV3rzcY8uK2a3teylgJFjpKJmkDF1%2BtGPLvZSmfI%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
vary: Accept, Origin, Accept-Encoding
cache-control: max-age=600, public, stale-while-revalidate=600, stale-if-error=21600
content-type: application/json; charset=utf-8
x-zendesk-zorg: yes
cf-ray: 7a4d006a7b7e35f0-FRA

GET
H2 200 update.min.js Show response
browser-update.org/ 9 KB
5 KB 147ms
55ms Script
application/javascript 2606:4700:20::681a:6b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://browser-update.org/update.min.js
Requested by: Host: www.hotsprings.org
URL: https://www.hotsprings.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:6b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ccfe42c28f31052e3c1301b78a0218025bce41a1d76197b230e0c94369f8a938

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hotsprings.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 18:04:36 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 05 Dec 2022 09:45:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 807545
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jI746qpzp3A7AaD8S26h85AEbgR65dNWsDbvAvoyic%2BWBddn%2FBlBgXfKUJs%2Fe9GyDTwqrwA61NnBPAWbABNnk2H4v9VHescqe7f%2BcGf%2FaxpsqbpcBtAmEBSzTPZS8eU2AciDfFoFyVD1%2FOG1viPQmA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=86400
content-disposition: inline; filename=update.min.js
cf-ray: 7a4d006a7e91bb56-FRA
expires: Tue, 28 Feb 2023 09:45:31 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 40ms
40ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1058820657878299&ev=Microdata&dl=https%3A%2F%2Fwww.hotsprings.org%2F&rl=&if=false&ts=1678298676768&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Hot%20Springs%2C%20Arkansas%20%7C%20Hot%20Springs%20National%20Park%20Arkansas%22%2C%22meta%3Adescription%22%3A%22Visit%20Hot%20Springs%2C%20Arkansas%20for%20a%20relaxing%20spa%20vacation%20getaway%20in%20the%20beautiful%20Ouachita%20Mountains%2C%20where%20you%20can%20enjoy%20hiking%2C%20shopping%2C%20boating%2C%20horse%20racing%2C%20sporting%20events%2C%20outdoor%20activities%20and%20much%20more.%22%7D&cd[OpenGraph]=%7B%22og%3Alocale%22%3A%22en_US%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Atitle%22%3A%22Hot%20Springs%2C%20Arkansas%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.hotsprings.org%2F%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fhotsprings.org%2Fsite%2Fassets%2Ffiles%2F1%2Fhotsprings_org_meta_image.jpg%22%2C%22og%3Aimage%3Awidth%22%3A%224746%22%2C%22og%3Aimage%3Aheight%22%3A%222670%22%2C%22og%3Asite_name%22%3A%22Hot%20Springs%20National%20Park%20Arkansas%22%2C%22og%3Adescription%22%3A%22Visit%20Hot%20Springs%2C%20Arkansas%20for%20a%20relaxing%20spa%20vacation%20getaway%20in%20the%20beautiful%20Ouachita%20Mountains%2C%20where%20you%20can%20enjoy%20hiking%2C%20shopping%2C%20boating%2C%20horse%20racing%2C%20sporting%20events%2C%20outdoor%20activities%20and%20much%20more.%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.98&r=stable&a=tmgoogletagmanager&ec=1&o=30&fbp=fb.1.1678298676257.52114443&it=1678298675722&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: www.hotsprings.org
URL: https://www.hotsprings.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hotsprings.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 08 Mar 2023 18:04:36 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 204 0
bat.bing.com/action/ 0
288 B 68ms
68ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=26155083&Ver=2&mid=cc4606bc-1c40-44a0-b6b4-d89e0d506f83&sid=b0106180bddb11ed9dfb3b335cfd04c0&vid=b010ace0bddb11edb07e2d3b99f01823&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Hot%20Springs,%20Arkansas%20%7C%20Hot%20Springs%20National%20Park%20Arkansas&p=https%3A%2F%2Fwww.hotsprings.org%2F&r=&lt=4052&evt=pageLoad&sv=1&rn=404270

Requested by

Host: www.hotsprings.org
URL: https://www.hotsprings.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hotsprings.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 08 Mar 2023 18:04:36 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 3AF91D61EE174F7EB0E955E9AF45611D Ref B: FRA31EDGE0519 Ref C: 2023-03-08T18:04:36Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated Show response
/ Frame 42F1 1 KB
1 KB Document
text/html

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 10908b6e6cfaeb149b47a6dc31aaa65aca0cf22158c74096c384bbc47285914a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Content-Type: text/html;charset=UTF-8

GET
H2 200 translate_24dp.png
www.gstatic.com/images/branding/product/2x/ 2 KB
2 KB 47ms
39ms Image
image/png 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/product/2x/translate_24dp.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.cYEbrOmw59Q.L.W.O/d=0/rs=AN8SPfpU282joXDlbkUblMtWLWoZn4bb2g/m=el_main_css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.cYEbrOmw59Q.L.W.O/d=0/rs=AN8SPfpU282joXDlbkUblMtWLWoZn4bb2g/m=el_main_css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 06:03:02 GMT
x-content-type-options: nosniff
age: 43295
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1842
x-xss-protection: 0
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 07 Mar 2024 06:03:02 GMT

GET
H2 200 m=el_main_css
www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.cYEbrOmw59Q.L.W.O/d=0/rs=AN8SPfpU282joXDlbkUblMtWLWoZn4bb2g/ Frame 11FA 25 KB
4 KB 46ms
39ms Stylesheet
text/css 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.cYEbrOmw59Q.L.W.O/d=0/rs=AN8SPfpU282joXDlbkUblMtWLWoZn4bb2g/m=el_main_css

Requested by

Host: translate.googleapis.com
URL: https://translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.de.qPmcd-VsyBY.O/d=1/exm=el_conf/ed=1/rs=AN8SPfotLGlmRd_MEvMonQLnslVCsElziw/m=el_main

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

be772df30b158452751d2fcd53efb89b37e4e9dc366a1f525f80ab04c8823f10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hotsprings.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 13:04:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18016
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4450
x-xss-protection: 0
last-modified: Wed, 08 Feb 2023 02:19:28 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="rosetta"
vary: Accept-Encoding
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 07 Mar 2024 13:04:21 GMT

GET
H2 200 translate_24dp.png
www.gstatic.com/images/branding/product/1x/ 846 B
936 B 49ms
42ms Image
image/png 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/product/1x/translate_24dp.png

Requested by

Host: www.hotsprings.org
URL: https://www.hotsprings.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hotsprings.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 18:01:18 GMT
x-content-type-options: nosniff
age: 199
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 846
x-xss-protection: 0
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 07 Mar 2024 18:01:18 GMT

GET
H2 200 cleardot.gif
www.google.com/images/ 43 B
320 B 61ms
54ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/cleardot.gif

Requested by

Host: www.hotsprings.org
URL: https://www.hotsprings.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hotsprings.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Mar 2023 18:04:37 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 web-widget-framework-a70c626a26e60e484a53.js Show response
static.zdassets.com/web_widget/latest/ Frame 91C7 158 KB
50 KB 54ms
54ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/web-widget-framework-a70c626a26e60e484a53.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=fd8bc7e1-e495-4210-af4f-832d14066404

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6c8928683a98a1778c321fd4f4704e900525d25143f21f28e84e8a9d1213f8fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 18:04:37 GMT
x-amz-version-id: iqSfnH47yjVicuu9VqfwVNvO6uHKt4ZX
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: 7G0CK9CCKZW8MC02
age: 156683
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: LOeJOR9GpdtEwZtNcpI8GaEMdepOakuihASHRv44JTqEu0sQ/XfkFMcNXwJSFKc8arhqK/tUbRA=
last-modified: Mon, 06 Mar 2023 05:54:35 GMT
server: cloudflare
etag: W/"eedb4cea9560ced37dd5b42f217cd73f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M78valv0%2B1XjAo88K%2FIsXbwWbhUUjbvFaKqYQNTOU56pv1bX6YdrVVGnNRO527lJJ6AodWKJdRkStKw9%2BYJiwirfljKELN4ULP%2FtLSP0%2BYCcxP9BwmFNRAujQvJNgPjhqLtbS1E%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 7a4d006c1a47bbfd-FRA
expires: Tue, 05 Mar 2024 05:54:34 GMT

GET
H2 200 config Show response
hotsprings6726.zendesk.com/embeddable/ Frame 91C7 903 B
1 KB 341ms
224ms Fetch
application/json 104.16.53.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hotsprings6726.zendesk.com/embeddable/config
Requested by: Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-a70c626a26e60e484a53.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e422154e6b384032477aeef25c2b84a6a48be5aa47ddc0d5c908a555b9174300

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 18:04:37 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-zendesk-origin-server: embeddable-app-server-555f9bb46c-6fx2w
x-cached: MISS
x-request-id: 7a4d006d8e93377c-FRA
x-runtime: 0.002129
last-modified: Wed, 08 Mar 2023 18:04:37 GMT
server: cloudflare
access-control-max-age: 7200
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PTN%2BK4SP%2BWZRkeaNmbNwYGJXbxQwuiZZTX68eEYsfhhSqLoJrISixaak7yQwL25G8G2pFdliRbbToarPnGcTInmssEZVJtPDUi5C6MPa2rtncJaqZoruGcjjxQTC7DG8n2hEnrZt%2BRJUngvx"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
cache-control: public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
vary: Origin, Accept-Encoding
cf-ray: 7a4d006d8e93377c-FRA

GET
H2 200 web-widget-messenger-aba356a.js Show response
static.zdassets.com/web_widget/latest/messenger/ Frame 91C7 14 KB
4 KB 51ms
51ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/messenger/web-widget-messenger-aba356a.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-a70c626a26e60e484a53.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

433bd05f9c9dd58ff593495ed5de11c9102b271ed6fbb33f24afebf75891207b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 18:04:37 GMT
x-amz-version-id: RwolwCDFdn7IWqXU38jxIaFHVwwnkq8X
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: VZYPR6V014PJ3H6M
age: 156679
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: r31vfNL0T+004EbbFRMrEaE568uosNLHqh6VQaPHMq4nEHzByGuvuNg0nbhKpTiCFEkUzPgWiIM=
last-modified: Mon, 06 Mar 2023 06:00:20 GMT
server: cloudflare
etag: W/"b1057788b46330a7eb86f4f4a147f246"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mA%2FdtxHbi4MHrT39RnS4o7kTdZ%2B6RahpuLatRJtGW%2BkM1VfGsHJisIyezTCouwHf27R8FLnaVa7dXlVAMWIpl6FNXGngG4KUFXYNZjO1se3FIopvLgvEgietLbF3BTIE1IYRVR4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 7a4d006eee52bbfd-FRA
expires: Tue, 05 Mar 2024 06:00:19 GMT

GET
H2 200 web-widget-5288-aba356a.js Show response
static.zdassets.com/web_widget/latest/messenger/ Frame 91C7 398 KB
127 KB 83ms
82ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/messenger/web-widget-5288-aba356a.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/messenger/web-widget-messenger-aba356a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3425696524cea51da3d1cf490677e302a84ad5fe46eccbf59101a216568a2a6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 18:04:37 GMT
x-amz-version-id: Yh4eCXRFJrfzj1xgDbezAjPaYIhR0i2q
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: VZYXEBYDB4JZGWTN
age: 156679
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: tLe+Eh6QFLm40QXkW6JbNwsihObGu/X35ikxbEzStYvAw800Rn3B+xbzEgO5OS4mWMeK1kpBNxQ=
last-modified: Mon, 06 Mar 2023 06:00:21 GMT
server: cloudflare
etag: W/"99e9c01b71eee6983f99d0032b713391"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PMCaPUwkl0cDOd2VQIEQj1aMcS8LdKTYqqr3MOac0aLs6kW9%2FutD60IvFyzl4A4TQFgNfX%2FTZ8ySfkR5Wt8T6d1sE6QhJxEKJJ8K%2B0zvz%2FFnNxy4biJ7ZwmE8CaVWV0XucckJjk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 7a4d006f4ec2bbfd-FRA
expires: Tue, 05 Mar 2024 06:00:20 GMT

GET
H2 200 web-widget-3646-aba356a.js Show response
static.zdassets.com/web_widget/latest/messenger/ Frame 91C7 295 KB
63 KB 65ms
65ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/messenger/web-widget-3646-aba356a.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/messenger/web-widget-messenger-aba356a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

665010a1cc1354fe31c68a83e4fdab9523477cf182227e52436a2f82b1a34fd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 18:04:37 GMT
x-amz-version-id: uVUJa03MdAHTH43h0AtoLPtDQ4VSGRxp
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: VZYH2AK7SJ00Z2XX
age: 156679
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: mvoBAq6BxoEcjIgkbv61wIpMFA9ES9YIIDuuPq8i9yDEJgOaY3qi/rTKwHAcgHbx41QxjW0TTiI=
last-modified: Mon, 06 Mar 2023 06:00:20 GMT
server: cloudflare
etag: W/"3ae408d2bfb2895d0aee81b12247cd01"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zyFNedCpyN6ue8Rh19Z9yf6irmuRZZaihvphHZjeLD87UoFgc67QBBMja9N4wvrkJLx%2BxMJhcQqrape6pas4b9AjglC5BTJ6mFkuNEbFsIX0e9p6IHbkyG9w41hcrRjKDFQIMjI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 7a4d006f4ec3bbfd-FRA
expires: Tue, 05 Mar 2024 06:00:19 GMT

GET
H2 200 en-us-json-aba356a.js Show response
static.zdassets.com/web_widget/latest/messenger/web-widget-locales/messenger/ Frame 91C7 15 KB
3 KB 52ms
51ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/messenger/web-widget-locales/messenger/en-us-json-aba356a.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/messenger/web-widget-messenger-aba356a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

434a01d199470d8cfee6ddd2e838d39cd7ce4b85efd8132b475d562ca28e236d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 18:04:37 GMT
x-amz-version-id: a4ipCVy7CD4yMj5_J2mxxjJ8H_zkyIFO
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: 91ZHXQ4XKFE6Y9H7
age: 156677
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: SKKPiUzN2Op6eFqekddFSN9SAwGkO+SUIK1O2EJgWdabdiEM1TDuSnkFmEJHuLs7N1CUpCbUXd4=
last-modified: Mon, 06 Mar 2023 06:00:22 GMT
server: cloudflare
etag: W/"9a9170b1cd18619e6615a663123cd223"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vqgm1JpU5chJoQUjf20U273h22ImbLCfiwn8dcxX9%2BzXQ6FmhgvnSSaZRdSUXZPhEMDKMWAoElImqVXTd2A2zpI%2Bs7yK46lBtrJhoagJBkNWzlLHu8Y0MjAavEcrPtsvgK66SEQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 7a4d00706873bbfd-FRA
expires: Tue, 05 Mar 2024 06:00:21 GMT

GET
H2 200 web-widget-4852-aba356a.js Show response
static.zdassets.com/web_widget/latest/messenger/ Frame 91C7 139 KB
47 KB 57ms
56ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/messenger/web-widget-4852-aba356a.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/messenger/web-widget-messenger-aba356a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5d44d7df65de36b9d4864dfac981e5a622ef516b59948a207bc24c64da25a17a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 18:04:37 GMT
x-amz-version-id: QdmcwPubSxIabzHpdV4d_5cQFBgfwDlu
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: VZYV6TRJYJDAT5X2
age: 156679
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: 5VLgVzwcJifF3EXzDtBYkyuLhH4Oi+KPVLGpET0ffwBidwsdlMUclBedUzO6Bt9QyQxmQzIDLuE=
last-modified: Mon, 06 Mar 2023 06:00:21 GMT
server: cloudflare
etag: W/"764679dd09fde5fad327b4eeb283bb68"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q531JpFkdSV%2FtxS%2Fdru%2FqsfeBTD9QnKDG%2F63X5qH%2Fqe0dQg5QsKgSLNno7F%2FMXWPghJ9dNMIfIb7sCVDm0n66PMppOv94SWpMBz96X5QBUeVVhQCqd%2FREJGxvt5hf5%2B%2Fp%2Ft%2BUf0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 7a4d0070d910bbfd-FRA
expires: Tue, 05 Mar 2024 06:00:20 GMT

GET
H2 200 web-widget-1707-aba356a.js Show response
static.zdassets.com/web_widget/latest/messenger/ Frame 91C7 24 KB
8 KB 53ms
53ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/messenger/web-widget-1707-aba356a.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/messenger/web-widget-messenger-aba356a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

65390d5b7859d59c8f35e7b84ae5eea87672e71ca40ad6f4c1f87b0a6c8c7b6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 18:04:37 GMT
x-amz-version-id: 4EsMF0UYa7yTktudRIU4iIN3gaPGL6rF
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: VZYVN7EYSDDVKM9D
age: 156679
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: mC1lGGL9OyBBK2hR3y7AdE/ipM/Rifl1Ph7k7C/8sH7OZc+H3sfuh/9WkrnvAn6b75taUUbZkBo=
last-modified: Mon, 06 Mar 2023 06:00:21 GMT
server: cloudflare
etag: W/"ae451f428ab96456490147d8abff0d53"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=03kSSDVfI7pRXDV3OwZJHJ8CLJ4NCxL%2BthzUreBir8987Nz0VH8OECo2nF4CSlk%2BrOxCU5L3%2BJmywfThZEmfkIulMkhP785WQivaUPytovj71oUeX884LlRwFNZ4SrVAXve81%2Fc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 7a4d0070d911bbfd-FRA
expires: Tue, 05 Mar 2024 06:00:20 GMT

GET
H2 200 web-widget-3017-aba356a.js Show response
static.zdassets.com/web_widget/latest/messenger/ Frame 91C7 4 KB
2 KB 53ms
52ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/messenger/web-widget-3017-aba356a.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/messenger/web-widget-messenger-aba356a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e8269b74e3d03d021428c172b126c784c2279c24e48e807fd91c0bd19ec6e167

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 18:04:37 GMT
x-amz-version-id: xmOvJfM2upHhx7J.JP0n8o7IKXf0augD
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: VZYK75N5XSTBJ5DN
age: 156679
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: oY1RiXxnhQE5PhwTdgiI/2KWqn4KVOrsPZNG+A2n1iN7Gi1V9wGvLgeV+V4QnWLKiel4NRVtY1s=
last-modified: Mon, 06 Mar 2023 06:00:21 GMT
server: cloudflare
etag: W/"40d0e2b632d1b990738af3991e0aecb1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wA1h4LDoUSccj6MQ152MkEVHFui12AgFYa4nLhxkb98Z1aNfNGR3dt9Bx5rFDn7ZdhuSaFJGw8Axo4yFyWmMXUNX08ibCw3Iipc%2FGaG0GzROPHWc7FT9x93hd7XDBrbYIjKDOt4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 7a4d0070d913bbfd-FRA
expires: Tue, 05 Mar 2024 06:00:20 GMT

GET
H2 200 web-widget-3487-aba356a.js Show response
static.zdassets.com/web_widget/latest/messenger/ Frame 91C7 12 KB
4 KB 49ms
49ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/messenger/web-widget-3487-aba356a.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/messenger/web-widget-messenger-aba356a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

47ed6143896c0f8dd405813f76af81ce83ae363a1a1569b2740a6bc3ea064d54

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 18:04:37 GMT
x-amz-version-id: QQqXXh3bXyhAtNfohzzVkXIuO3sA.J4p
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: VZYPCAEW4A09SYST
age: 156679
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: Kg/hJPcdeNWasJGv7WQ+Zw3Oe/KTQW4k0tDVzwibyPjehx9D/7hG4Wh/ev8megNeo8tznWg7sGM=
last-modified: Mon, 06 Mar 2023 06:00:21 GMT
server: cloudflare
etag: W/"0c8db01832a7944f9216416938913926"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=71dLoMHEpQ0MHFliFcxbVXfvGmt6UqybK3%2BUNF1%2B4S7OiEpMNXt5e1a50aa1lT%2B3mkou0iqzv8DYjXk6XM0sn2c4yiT8ygle5LaNZuuJCmuPeXmLFEqwpuQIKYIJaFt5h7wIR4k%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 7a4d0070d914bbfd-FRA
expires: Tue, 05 Mar 2024 06:00:20 GMT

GET
H2 200 web-widget-9770-aba356a.js Show response
static.zdassets.com/web_widget/latest/messenger/ Frame 91C7 9 KB
3 KB 51ms
51ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/messenger/web-widget-9770-aba356a.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/messenger/web-widget-messenger-aba356a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

627453ab9cfefa9d64e5ab54cd41173e51fafa2f522f40b6f77a1c25c71a57a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 18:04:37 GMT
x-amz-version-id: ExLRdsVKGCqEKZrp8j84HtoMOc1Y_VQ.
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: VZYGD7K44BX2PFD6
age: 156679
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: 20bdIeFSHG1wKc5U2DLdKp6RBd/OQgne1HoI+uOky6BTNHwfgp5Ynd/YopAo7XYobTOEccv4HHc=
last-modified: Mon, 06 Mar 2023 06:00:21 GMT
server: cloudflare
etag: W/"541c9386b44343fb89a32eac59b6b780"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xaC0MdR8G5yRs2WbnNRBS6Pt%2Foet9G%2FMUjgB3yUaSDVoPviT7M3jVo%2FR49JEE6DqG5tm4%2BJ9UGcdpn2BpguFbMVdVFzsHMZRIkbqjboGNHj08jg%2Bd6t1mpELEYvqTEencQheJac%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 7a4d0070d915bbfd-FRA
expires: Tue, 05 Mar 2024 06:00:20 GMT

GET
H2 200 web-widget-2519-aba356a.js Show response
static.zdassets.com/web_widget/latest/messenger/ Frame 91C7 21 KB
7 KB 50ms
50ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/messenger/web-widget-2519-aba356a.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/messenger/web-widget-messenger-aba356a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dbfdf7780e88de568dc31ee796c5ffd5f410f4dffbe63119d95f4a3c26cd0f26

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 18:04:37 GMT
x-amz-version-id: xMh4bnST7pfafTqwDM65pKWJ7MYGWZay
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: VZYHAFC53WVY714F
age: 156679
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: LM0hw2kUrrvyyYJHmhp53O2Op75jabSIctnr8vKUbDDau1POgI8UVcYS53WraAdA6e4X0quWX+M=
last-modified: Mon, 06 Mar 2023 06:00:20 GMT
server: cloudflare
etag: W/"c536ec08fa0f0102f4a74cbe38425389"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RbesKyTsKH1tp%2BbYWddqD7Vq4JKF1dgkbI6nyGTKaaa4xZfnu05g6xS0zBOgAhrujd1bzipZ7pyhXhve%2B8Fw4IM7kyMza5hc8E%2BPSvpddNiMRXLGwSKhN1v%2BqTlBEvBZ9P5QPA4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 7a4d0070d916bbfd-FRA
expires: Tue, 05 Mar 2024 06:00:19 GMT

GET
DATA 200
OK truncated
/ Frame 1C9C 370 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b58cf763adace244285a1f020956817d3d8ea8948056c63b783bdb1d4a258d1b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H2 200 pv
hotsprings6726.zendesk.com/frontendevents/ Frame 91C7 0
0 216ms
215ms Fetch 104.16.53.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hotsprings6726.zendesk.com/frontendevents/pv?client=1B752747-577B-429A-A0E0-83861AF69088
Requested by: Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-a70c626a26e60e484a53.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 08 Mar 2023 18:04:38 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-zendesk-zorg: yes
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mv99p%2FdzQt9yQgM7rUym4LfKx8niL97iYRJSLQOMkW9D9hOdqoZkZ6khsYCooFj4JOqnzcaRKNJVJUNaCx1U2K03yz%2B2rfZpdnB4XjPYQVwjhcDf9V%2BycIRUotNrOat2QCc2QKvgnxx%2BQRfa"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 7a4d00743a11377c-FRA
content-length: 0
x-request-id: 7a4d00743a11377c-FRA

OPTIONS
H2 204 pv
hotsprings6726.zendesk.com/frontendevents/ Frame 0
0 531ms
530ms Preflight 104.16.53.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hotsprings6726.zendesk.com/frontendevents/pv?client=1B752747-577B-429A-A0E0-83861AF69088
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.hotsprings.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-origin: *
access-control-max-age: 600
cache-control: max-age=600
cf-cache-status: DYNAMIC
cf-ray: 7a4d0070eb57377c-FRA
date: Wed, 08 Mar 2023 18:04:38 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D8tXa1bSQmRwhUuv1OGZgO2GYcYNivMIkJq29E%2FzgahUoyQCZLS6ueh8g1xyCjg2ZmnMGtCYit3%2FCwVbye%2F%2BnNkuWkuAQ1aYs5cwJtWI0drt2o2gtC22ZZR6e71wzf1eUYhwlqCgpjl4X%2FL4"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
x-request-id: 7a4d0070eb57377c-FRA
x-zendesk-zorg: yes

POST
H3 200 log Show response
translate.googleapis.com/element/ 131 B
155 B 81ms
81ms XHR
text/plain 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/element/log?format=json&hasfast=true&authuser=0

Requested by

Host:
URL: /_/translate_http/_/js/k=translate_http.tr.de.qPmcd-VsyBY.O/d=1/rs=AN8SPfotLGlmRd_MEvMonQLnslVCsElziw/m=el_conf

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Content-Encoding: gzip
Referer: https://www.hotsprings.org/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/binary

Response headers

date: Wed, 08 Mar 2023 18:04:47 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.hotsprings.org
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 08 Mar 2023 18:04:47 GMT

OPTIONS
H3 200 log
translate.googleapis.com/element/ Frame 0
0 243ms
161ms Preflight
text/plain 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/element/log?format=json&hasfast=true&authuser=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-encoding,content-type,x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://www.hotsprings.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,content-encoding,content-type,x-goog-authuser,origin
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://www.hotsprings.org
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 08 Mar 2023 18:04:47 GMT
expires: Wed, 08 Mar 2023 18:04:47 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET vacation_guide_homepage.jpg
www.hotsprings.org/site/assets/files/5148/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: o2.eyereturn.com
URL: https://o2.eyereturn.com/?site=7421&page=generic

Domain: www.hotsprings.org
URL: https://www.hotsprings.org/site/assets/files/5148/vacation_guide_homepage.jpg

Verdicts & Comments Add Verdict or Comment

119 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.hotsprings.org/	1969-12-31 23:59:59	Name: wires Value: rlf3iddjj64cpdl23llnj5h1vk
.hotsprings.org/	1970-01-20 12:21:14	Name: _gcl_au Value: 1.1.578999141.1678298675
.turn.com/	1970-01-20 14:30:50	Name: uid Value: 2535393090514234714
.hotsprings.org/	1970-01-20 19:47:38	Name: _ga_H5QDX6Q01X Value: GS1.1.1678298675.1.0.1678298675.0.0.0
.hotsprings.org/	1970-01-20 19:47:38	Name: _ga Value: GA1.2.368567444.1678298676
.hotsprings.org/	1970-01-20 10:13:05	Name: _gid Value: GA1.2.1850231200.1678298676
.hotsprings.org/	1970-01-20 10:11:38	Name: _gat_UA-1172938-29 Value: 1
.doubleclick.net/	1970-01-20 19:33:14	Name: IDE Value: AHWqTUmFY8LeVvZqG9gWnG6QZ0xDGRKvxcL0TYS8_dws9GKc42OsXG7Hatq_nqXc
.tiktok.com/	1970-01-20 19:33:14	Name: _ttp Value: 2Mk5KTL2Jc76B0ADPNjA5cADYdr
.hotsprings.org/	1970-01-20 19:33:14	Name: _tt_enable_cookie Value: 1
.hotsprings.org/	1970-01-20 19:33:14	Name: _ttp Value: lYZQhlCrnXDD9AodELtvgyICPrX
.hotsprings.org/	1970-01-20 12:21:14	Name: _fbp Value: fb.1.1678298676257.52114443
.hotsprings.org/	1970-01-20 10:13:05	Name: _uetsid Value: b0106180bddb11ed9dfb3b335cfd04c0
.hotsprings.org/	1970-01-20 19:33:14	Name: _uetvid Value: b010ace0bddb11edb07e2d3b99f01823
.bing.com/	1970-01-20 19:33:14	Name: MUID Value: 345091FDCD4E63CD3EF88333CCC562B1

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://www.weatherwx.com/weather-js-current/us/ar/hot+springs.js(Line 19) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://kit.fontawesome.com/6c1b94d176.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.weatherwx.com/weather-js-current/us/ar/hot+springs.js(Line 19) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://kit.fontawesome.com/6c1b94d176.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://o2.eyereturn.com/?site=7421&page=generic Message: Failed to load resource: net::ERR_CONNECTION_RESET

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

12268554.fls.doubleclick.net
adservice.google.com
adservice.google.de
analytics.tiktok.com
bat.bing.com
browser-update.org
cdn.lightwidget.com
connect.facebook.net
data.adxcel-ec2.com
ekr.zdassets.com
googleads.g.doubleclick.net
hotsprings6726.zendesk.com
ka-f.fontawesome.com
kit.fontawesome.com
login.dotomi.com
o2.eyereturn.com
p.typekit.net
r.turn.com
region1.google-analytics.com
static.zdassets.com
stats.g.doubleclick.net
translate.google.com
translate.googleapis.com
use.typekit.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.hotsprings.org
www.weatherwx.com
o2.eyereturn.com
www.hotsprings.org
104.16.53.111
104.18.72.113
142.250.180.230
147.182.193.139
174.36.68.130
2001:4860:4802:34::36
2606:4700:10::6816:1896
2606:4700:20::681a:6b4
2606:4700::6812:1734
2606:4700:e4::ac40:a816
2620:1ec:c11::200
2a00:1450:4001:810::200e
2a00:1450:4001:828::200a
2a00:1450:4001:829::2003
2a00:1450:4001:82a::2002
2a00:1450:4001:830::2002
2a00:1450:4001:830::2003
2a00:1450:4001:830::2004
2a00:1450:400c:c00::9d
2a00:1450:400d:803::2008
2a00:1450:400d:803::200e
2a00:1450:400d:807::2002
2a02:26f0:11a::217:9a58
2a02:26f0:3500:16::215:1495
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
46.228.164.11
52.54.206.209
63.215.202.137
95.101.23.97
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
09c43f9b3bf9ced6eafb33946f2db124863011a7e30fb2975899c26126eaebf6
0fca0294cfaf24a4db0852415eee7bcdea7b9766d59e443fb2d5f0c77eb23363
10908b6e6cfaeb149b47a6dc31aaa65aca0cf22158c74096c384bbc47285914a
126a06ad817db118fcb98f98790a8b346bdb536402ac266e64665075d0fafa63
19f834c8f5234931dd99be1816074c3f332b5df151f6ae25e24ec446c78698d8
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
2512f4a3cb4a0bce715c38488251909fb56aee720ef530954b3bd3becc6a83ed
2db1dbcf1a4a6e63576e5f22320949e1ddc87ff4c10ff26ec353abc9540cd228
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3032c66b2f4cf8bb1a2425ad22e78e202dfec94762a53e6a7a380a5fcdc5cc74
31d350246f252211e16de1431003fef582be68de0a76a214217cec7c0cda26a7
3425696524cea51da3d1cf490677e302a84ad5fe46eccbf59101a216568a2a6f
3499de0cfc8b1f78b969cacdad0dc41a28e8ff10624fcc83162b0a57299ba08f
38eb6147aee3dd11a4f68451b1f63f9bec35964849986ade3b309bf780599b61
413e017783a5184663446eea3b5f761a71e7fa1d8b5d67f4fa4b0128cb7a9848
433bd05f9c9dd58ff593495ed5de11c9102b271ed6fbb33f24afebf75891207b
434a01d199470d8cfee6ddd2e838d39cd7ce4b85efd8132b475d562ca28e236d
47ed6143896c0f8dd405813f76af81ce83ae363a1a1569b2740a6bc3ea064d54
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4c94c4342d2364c0750a446c7e9337deb93d158a11c90d52460c92869778227a
4d9074e3fda26a28e6500d3a1cbaa23bddaecd66d2e6129d850f3cdc40884906
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
4ebecd145a6d638595e1b73920ce1ecfff2599de31b5c12c73694b25fa69e37b
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
5936235176f1cc291ee298bfe6d45c18d1f9017b12546d209af7d4071ec04ce8
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99
5d44d7df65de36b9d4864dfac981e5a622ef516b59948a207bc24c64da25a17a
5e3600892aed78fca97c772d4d1375ba94c1fa5cb2710506f5e078c45896bdef
60402dd08f25414ec79ade3f4a96d781a80d503e1e41f529ba12e549f2067829
627453ab9cfefa9d64e5ab54cd41173e51fafa2f522f40b6f77a1c25c71a57a0
65390d5b7859d59c8f35e7b84ae5eea87672e71ca40ad6f4c1f87b0a6c8c7b6e
665010a1cc1354fe31c68a83e4fdab9523477cf182227e52436a2f82b1a34fd4
693d949d8c3fdc7fd4ace7c340b5f177a9f0c5be7bafee8bc93a7d88b7523d75
6c8928683a98a1778c321fd4f4704e900525d25143f21f28e84e8a9d1213f8fd
6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8
6fe17af7f7462a7ca0e5a79cfef8935b902c617bf82033587b3ba04a0696697a
768a21c18b3e44b382fc0f38332fcc50dd3ba74e2562e47e559c0db5a4306351
783b64a2712a53981149bc9cd29d7865d371c3c2b092a80c69d7773d588a8549
7bf3ed2e9c6e9352050dbfedd72fd8a472be6538f0fa97cd55deb360481b5b19
7d43c0a8546bfbf2dbe487b288f330bb4e524c9de85c86fb53e1d18e626aeca4
7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8859e716dbf2180aa9750d2b242ef8a54d14e2c1d240863b82c30103dd9b60c6
896aa78a5bbedcd99bfec4e6d9c06fd3fe5e04853de5427596df403ddaaf30f8
8ecff0222bff471f4bf1d925a162a03c9b9a02dc3e7ee476ae49431821726040
91a4279fd813b1670935a068c77eb12115ced1b3921bf6fce76975d26d7f1a7c
9704e04fee6fe5ff6830c0c9bc31fca2cb04679617e1386be34a628d37413e7b
97f4c45dda28cf067efdb9ec87ce3431785cd4b5fe68e1dcc758b8c52136363b
9e2bd059c4297e44e8d7b40a6ac838dd4613c67064ad8745c2d92dc01474e717
a2137ebfe2b9ff55e1f280dbb1eef301290c50db609c5d6a0494ae8f3c98c253
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b386a0912d2090e81cab5243ff47c3320da64a3419487e83317f298411843f63
b58cf763adace244285a1f020956817d3d8ea8948056c63b783bdb1d4a258d1b
b85a924f1e83fc59f6d3bd16b1f1cb1e496ffe7c50707112821fa5972505beee
b8ae33589076421b682815c3cefb85468995548f2c5f6e03975051f70433f1c1
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
be772df30b158452751d2fcd53efb89b37e4e9dc366a1f525f80ab04c8823f10
bec9f932a72935b79fb252fcd08b2c6c8ac53106c256c0b2526fbfa77918d515
bf74b96c019800120222f32176e688bf6e6560e3b2b0a589e3209f17ed45087a
c71a7bdc6e1f2f8875556b690007a65be9e5ae1fb285f76d85180c89a3fa52d2
c9b59f6117fbb43905434951436fb506f9f9db1de3b1b93caeb31a390afaa464
cb13af37fe96c44b86f13095251eeb2898867770b47d64e68f7ea43212360fd5
ccfe42c28f31052e3c1301b78a0218025bce41a1d76197b230e0c94369f8a938
ce91f4fdaac61f4b527ea79882bf4437560a8420369a33525bfd70662545ffe5
cef0a3ffb6993fc1ec7b5b67a16377ec1ec0a858b3cabb834033d7458ff0e4bc
d0f21d8287cdcb2bd138949ba1480470cba062f619213acc695ac62b39e11dee
d6772a41f2834b092239d5fc54050d69faa00a51d1f301ecdc251bc3d5fa5d9a
dbfdf7780e88de568dc31ee796c5ffd5f410f4dffbe63119d95f4a3c26cd0f26
e22773325ec6e5608aab32e5ddf9f0329245cd6e0f64d13ae8dbb2ebc32be018
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e422154e6b384032477aeef25c2b84a6a48be5aa47ddc0d5c908a555b9174300
e6c4291e607011f17c580201ab16720ab6af372cf388d220ed1566d283f593da
e8269b74e3d03d021428c172b126c784c2279c24e48e807fd91c0bd19ec6e167
e8424457fe5135a77da99ff13e0ec3e0030c5d874086d7319325a40d15f99cc0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f20c568ed9bd113b625e0731e9bc770e6f02e9b0f27bd8a5d90c5247965c8e20
fb5d45c41a547177b398f151464c7ddedff63aaa6bc72f2f46bd850f159106c1
fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda

www.hotsprings.org Open in urlscan Pro 147.182.193.139 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

91 Requests

98 %HTTPS

70 %IPv6

23 Domains

32 Subdomains

32 IPs

8 Countries

6099 kBTransfer

22418 kBSize

15 Cookies

10 Outgoing links

Page URL History

Redirected requests

91 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 9 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.hotsprings.org Open in urlscan Pro
147.182.193.139 Public Scan

Screenshot
Live screenshot

Full Image

91
Requests

98 %
HTTPS

70 %
IPv6

23
Domains

32
Subdomains

32
IPs

8
Countries

6099 kB
Transfer

22418 kB
Size

15
Cookies

91 HTTP transactions
9 data transactions