urlscan.io logo urlscan.io
SecurityTrails logo

www.galleybayresort.com Open in urlscan Pro
141.193.213.20  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.galleybayresort.com/
Submission: On January 30 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 57 IPs in 9 countries across 57 domains to perform 164 HTTP transactions. The main IP is 141.193.213.20, located in United States and belongs to CLOUDFLARESPECTRUM Cloudflare, Inc., US. The main domain is www.galleybayresort.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 20th 2023. Valid for: a year.
This is the only time www.galleybayresort.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
49 141.193.213.20 209242 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
7 44.210.209.13 14618 (AMAZON-AES)
3 2a00:1450:400... 15169 (GOOGLE)
1 34.138.72.127 396982 (GOOGLE-CL...)
5 2a00:1450:400... 15169 (GOOGLE)
4 35.244.188.9 15169 (GOOGLE)
2 2a00:1288:80:... 203220 (YAHOO-DEB)
7 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 212.82.100.181 34010 (YAHOO-IRD)
3 162.159.128.61 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 107.178.244.119 396982 (GOOGLE-CL...)
2 146.75.122.109 54113 (FASTLY)
1 37.157.5.73 198622 (ADFORM)
2 2a03:2880:f08... 32934 (FACEBOOK)
2 2 142.250.184.198 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 8 37.252.171.149 29990 (ASN-APPNEX)
6 6 142.250.184.194 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 15.197.193.217 16509 (AMAZON-02)
4 14 37.157.3.20 198622 (ADFORM)
1 185.167.164.39 198622 (ADFORM)
5 34.120.202.204 396982 (GOOGLE-CL...)
6 2a02:26f0:310... 20940 (AKAMAI-ASN1)
2 2a03:2880:f17... 32934 (FACEBOOK)
1 37.157.3.26 198622 (ADFORM)
1 54.154.183.156 16509 (AMAZON-02)
1 23.35.237.75 16625 (AKAMAI-AS)
1 69.173.144.139 26667 (RUBICONPR...)
1 3.123.121.226 16509 (AMAZON-02)
1 5.196.111.73 16276 (OVH)
1 2607:ae80:192... 26558 (FREEWHEEL)
1 35.214.149.91 15169 (GOOGLE)
1 2 104.18.36.155 13335 (CLOUDFLAR...)
3 3 77.243.51.121 42697 (NETIC-AS)
3 4 77.243.51.122 42697 (NETIC-AS)
2 2 85.114.159.93 24961 (MYLOC-AS ...)
1 52.57.150.20 16509 (AMAZON-02)
2 2 54.78.254.47 16509 (AMAZON-02)
1 2a02:6ea0:c70... 60068 (CDN77 _)
1 35.244.174.68 396982 (GOOGLE-CL...)
1 108.128.140.222 16509 (AMAZON-02)
2 72.246.169.24 16625 (AKAMAI-AS)
1 35.244.159.8 396982 (GOOGLE-CL...)
1 1 3.248.137.159 16509 (AMAZON-02)
1 52.218.60.51 16509 (AMAZON-02)
4 5 89.163.155.32 24961 (MYLOC-AS ...)
1 1 193.135.9.127 48314 (IP-PROJECTS)
1 1 139.162.141.41 63949 (AKAMAI-LI...)
1 63.32.151.156 16509 (AMAZON-02)
1 198.47.127.205 62713 (AS-PUBMATIC)
1 18.66.192.70 16509 (AMAZON-02)
2 3 54.78.141.128 16509 (AMAZON-02)
2 2 54.72.175.220 16509 (AMAZON-02)
1 1 52.58.65.170 16509 (AMAZON-02)
2 2 35.158.172.152 16509 (AMAZON-02)
1 141.95.98.65 16276 (OVH)
2 2 35.190.24.218 15169 (GOOGLE)
1 2.16.97.41 16625 (AKAMAI-AS)
1 2600:9000:237... 16509 (AMAZON-02)
1 46.19.11.36 51790 (SIEL)
1 76.223.111.18 16509 (AMAZON-02)
1 52.29.105.89 16509 (AMAZON-02)
164 57
49    141.193.213.20 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
www.galleybayresort.com
3    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
7    44.210.209.13 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-210-209-13.compute-1.amazonaws.com
galleybay.eliteislandvacations.com
3    2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    34.138.72.127 (North Charleston, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 127.72.138.34.bc.googleusercontent.com
www.eliteislandresorts.com
5    2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
4    35.244.188.9 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 9.188.244.35.bc.googleusercontent.com
static.sojern.com
2    2a00:1288:80:807::2 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)
s.yimg.com
7    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
4    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    212.82.100.181 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com
sp.analytics.yahoo.com
3    162.159.128.61 (None, )

ASN13335 (CLOUDFLARENET, US)
player.vimeo.com
vimeo.com
1    2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
3    107.178.244.119 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 119.244.178.107.bc.googleusercontent.com
beacon.sojern.com
pixel.sojern.com
2    146.75.122.109 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
f.vimeocdn.com
1    37.157.5.73 (Denmark)

ASN198622 (ADFORM, DK)
s2.adform.net
2    2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    142.250.184.198 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f6.1e100.net
ad.doubleclick.net
1    2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
8    37.252.171.149 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
secure.adnxs.com
ib.adnxs.com
6    142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net
cm.g.doubleclick.net
1    2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fcmatch.google.com
1    2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fcmatch.youtube.com
2    15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
14    37.157.3.20 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
dmp.adform.net
1    185.167.164.39 (Denmark)

ASN198622 (ADFORM, DK)
a2.adform.net
5    34.120.202.204 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 204.202.120.34.bc.googleusercontent.com
fresnel.vimeocdn.com
6    2a02:26f0:3100::1735:2a20 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
74vod-adaptive.akamaized.net
2    2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    37.157.3.26 (Denmark)

ASN198622 (ADFORM, DK)
a1.seadform.net
1    54.154.183.156 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-183-156.eu-west-1.compute.amazonaws.com
ad.360yield.com
1    23.35.237.75 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-75.deploy.static.akamaitechnologies.com
ad.yieldlab.net
1    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
1    3.123.121.226 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-121-226.eu-central-1.compute.amazonaws.com
ih.adscale.de
1    5.196.111.73 (Lille, France)

ASN16276 (OVH, FR)
PTR: ip73.ip-5-196-111.eu
rtb-csync.smartadserver.com
1    2607:ae80:192:1::172 (United States)

ASN26558 (FREEWHEEL, US)
ads.stickyadstv.com
1    35.214.149.91 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 91.149.214.35.bc.googleusercontent.com
x.bidswitch.net
2    104.18.36.155 (None, )

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
3    77.243.51.121 (Aalborg, Denmark)

ASN42697 (NETIC-AS, DK)
uipglob.semasio.net
4    77.243.51.122 (Aalborg, Denmark)

ASN42697 (NETIC-AS, DK)
se.semasio.net
2    85.114.159.93 (Loerrach, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
1    52.57.150.20 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-150-20.eu-central-1.compute.amazonaws.com
ps.eyeota.net
2    54.78.254.47 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
loadm.exelator.com
1    2a02:6ea0:c700::22 (Frankfurt am Main, Germany)

ASN60068 (CDN77 _, GB)
load77.exelator.com
1    35.244.174.68 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 68.174.244.35.bc.googleusercontent.com
idsync.rlcdn.com
1    108.128.140.222 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-108-128-140-222.eu-west-1.compute.amazonaws.com
sync.crwdcntrl.net
2    72.246.169.24 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a72-246-169-24.deploy.static.akamaitechnologies.com
tags.bluekai.com
1    35.244.159.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.159.244.35.bc.googleusercontent.com
eu-u.openx.net
1    3.248.137.159 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-248-137-159.eu-west-1.compute.amazonaws.com
api.adrtx.net
1    52.218.60.51 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: s3-eu-west-1.amazonaws.com
s3-eu-west-1.amazonaws.com
5    89.163.155.32 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: cm50.as.net
cm.adsafety.net
1    193.135.9.127 (Germany)

ASN48314 (IP-PROJECTS, DE)
ads.smartstream.tv
1    139.162.141.41 (Frankfurt am Main, Germany)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: tags1.adsafety.net
tags.adsafety.net
1    63.32.151.156 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-32-151-156.eu-west-1.compute.amazonaws.com
beacon.krxd.net
1    198.47.127.205 (United States)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
1    18.66.192.70 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-192-70.muc50.r.cloudfront.net
pdw-adf.userreport.com
3    54.78.141.128 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-141-128.eu-west-1.compute.amazonaws.com
a.audrte.com
2    54.72.175.220 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-175-220.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    52.58.65.170 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-65-170.eu-central-1.compute.amazonaws.com
aa.agkn.com
2    35.158.172.152 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-172-152.eu-central-1.compute.amazonaws.com
pm.w55c.net
1    141.95.98.65 (France)

ASN16276 (OVH, FR)
PTR: ns3216659.ip-141-95-98.eu
id5-sync.com
2    35.190.24.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.24.190.35.bc.googleusercontent.com
redirect.frontend.weborama.fr
1    2.16.97.41 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-16-97-41.deploy.static.akamaitechnologies.com
sync.teads.tv
1    2600:9000:237d:c000:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
1    46.19.11.36 (Slovenia)

ASN51790 (SIEL, SI)
PTR: ilog.vsn.si
match.contentexchange.me
1    76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
1    52.29.105.89 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-105-89.eu-central-1.compute.amazonaws.com
e1.emxdgt.com
Apex Domain
Subdomains		 Transfer
49 galleybayresort.com
www.galleybayresort.com
3 MB
16 adform.net
s2.adform.net — Cisco Umbrella Rank: 7060
c1.adform.net — Cisco Umbrella Rank: 583
a2.adform.net — Cisco Umbrella Rank: 8943
dmp.adform.net — Cisco Umbrella Rank: 3041
42 KB
11 gstatic.com
fonts.gstatic.com
www.gstatic.com
582 KB
9 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 38
ad.doubleclick.net — Cisco Umbrella Rank: 163
cm.g.doubleclick.net — Cisco Umbrella Rank: 260
6 KB
8 adnxs.com
secure.adnxs.com — Cisco Umbrella Rank: 490
ib.adnxs.com — Cisco Umbrella Rank: 253
8 KB
7 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1382
se.semasio.net — Cisco Umbrella Rank: 18095
4 KB
7 vimeocdn.com
f.vimeocdn.com — Cisco Umbrella Rank: 3581
fresnel.vimeocdn.com — Cisco Umbrella Rank: 3504
105 KB
7 sojern.com
static.sojern.com — Cisco Umbrella Rank: 13605
beacon.sojern.com — Cisco Umbrella Rank: 6406
pixel.sojern.com — Cisco Umbrella Rank: 8511
42 KB
7 google.com
www.google.com — Cisco Umbrella Rank: 2
adservice.google.com — Cisco Umbrella Rank: 98
fcmatch.google.com — Cisco Umbrella Rank: 3365
37 KB
7 eliteislandvacations.com
galleybay.eliteislandvacations.com
374 KB
6 adsafety.net
cm.adsafety.net — Cisco Umbrella Rank: 20357
tags.adsafety.net — Cisco Umbrella Rank: 83214
10 KB
6 akamaized.net
74vod-adaptive.akamaized.net — Cisco Umbrella Rank: 127303
8 MB
3 audrte.com
a.audrte.com — Cisco Umbrella Rank: 2054
2 KB
3 exelator.com
loadm.exelator.com — Cisco Umbrella Rank: 1780
load77.exelator.com — Cisco Umbrella Rank: 4039
2 KB
3 vimeo.com
player.vimeo.com — Cisco Umbrella Rank: 1876
vimeo.com — Cisco Umbrella Rank: 1792
21 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 37
256 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 28
5 KB
2 weborama.fr
redirect.frontend.weborama.fr — Cisco Umbrella Rank: 13701
631 B
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 875
1 KB
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 239
1 KB
2 bluekai.com
tags.bluekai.com — Cisco Umbrella Rank: 727
648 B
2 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1552
928 B
2 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 622
1 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 107
216 B
2 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 357
297 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 174
68 KB
2 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2029
296 B
2 yimg.com
s.yimg.com — Cisco Umbrella Rank: 673
7 KB
1 emxdgt.com
e1.emxdgt.com — Cisco Umbrella Rank: 2112
44 B
1 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 412
140 B
1 contentexchange.me
match.contentexchange.me — Cisco Umbrella Rank: 28504
49 B
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 662
237 B
1 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 1376
163 B
1 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 425
1 KB
1 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 544
489 B
1 userreport.com
pdw-adf.userreport.com — Cisco Umbrella Rank: 23811
444 B
1 pubmatic.com
simage2.pubmatic.com — Cisco Umbrella Rank: 870
225 B
1 krxd.net
beacon.krxd.net — Cisco Umbrella Rank: 784
339 B
1 smartstream.tv
ads.smartstream.tv — Cisco Umbrella Rank: 28629
849 B
1 amazonaws.com
s3-eu-west-1.amazonaws.com
390 B
1 adrtx.net
api.adrtx.net — Cisco Umbrella Rank: 28921
380 B
1 openx.net
eu-u.openx.net — Cisco Umbrella Rank: 2043
264 B
1 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 853
265 B
1 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 451
98 B
1 eyeota.net
ps.eyeota.net — Cisco Umbrella Rank: 1074
344 B
1 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 373
235 B
1 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 562
638 B
1 smartadserver.com
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 669
163 B
1 adscale.de
ih.adscale.de — Cisco Umbrella Rank: 4137
38 B
1 rubiconproject.com
token.rubiconproject.com — Cisco Umbrella Rank: 477
214 B
1 yieldlab.net
ad.yieldlab.net — Cisco Umbrella Rank: 4474
235 B
1 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 698
199 B
1 seadform.net
a1.seadform.net — Cisco Umbrella Rank: 21472
467 B
1 youtube.com
fcmatch.youtube.com — Cisco Umbrella Rank: 3354
432 B
1 google.de
www.google.de — Cisco Umbrella Rank: 6518
455 B
1 yahoo.com
sp.analytics.yahoo.com — Cisco Umbrella Rank: 1451
633 B
1 eliteislandresorts.com
www.eliteislandresorts.com
139 KB
164 57
Domain Requested by
49 www.galleybayresort.com www.galleybayresort.com
11 c1.adform.net 4 redirects a2.adform.net
c1.adform.net
7 fonts.gstatic.com fonts.googleapis.com
www.google.com
7 galleybay.eliteislandvacations.com www.galleybayresort.com
galleybay.eliteislandvacations.com
6 74vod-adaptive.akamaized.net f.vimeocdn.com
6 cm.g.doubleclick.net 6 redirects
6 secure.adnxs.com 3 redirects static.sojern.com
c1.adform.net
5 cm.adsafety.net 4 redirects c1.adform.net
5 fresnel.vimeocdn.com f.vimeocdn.com
5 www.google.com www.galleybayresort.com
www.gstatic.com
www.google.com
4 se.semasio.net 3 redirects c1.adform.net
4 www.gstatic.com www.google.com
www.gstatic.com
4 static.sojern.com www.galleybayresort.com
static.sojern.com
3 dmp.adform.net c1.adform.net
3 a.audrte.com 2 redirects c1.adform.net
3 uipglob.semasio.net 3 redirects
3 www.googletagmanager.com www.galleybayresort.com
3 fonts.googleapis.com www.galleybayresort.com
2 redirect.frontend.weborama.fr 2 redirects
2 pm.w55c.net 2 redirects
2 dpm.demdex.net 2 redirects
2 tags.bluekai.com c1.adform.net
2 loadm.exelator.com 2 redirects
2 dsp.adfarm1.adition.com 2 redirects
2 dsum-sec.casalemedia.com 1 redirects c1.adform.net
2 www.facebook.com static.sojern.com
2 match.adsrvr.org static.sojern.com
c1.adform.net
2 ib.adnxs.com 1 redirects static.sojern.com
2 pixel.sojern.com static.sojern.com
2 ad.doubleclick.net 2 redirects
2 connect.facebook.net beacon.sojern.com
connect.facebook.net
2 f.vimeocdn.com player.vimeo.com
2 region1.google-analytics.com www.googletagmanager.com
2 player.vimeo.com www.galleybayresort.com
2 s.yimg.com www.galleybayresort.com
s.yimg.com
1 e1.emxdgt.com c1.adform.net
1 eb2.3lift.com c1.adform.net
1 match.contentexchange.me c1.adform.net
1 s.ad.smaato.net c1.adform.net
1 sync.teads.tv c1.adform.net
1 id5-sync.com c1.adform.net
1 aa.agkn.com 1 redirects
1 pdw-adf.userreport.com c1.adform.net
1 simage2.pubmatic.com c1.adform.net
1 beacon.krxd.net c1.adform.net
1 tags.adsafety.net 1 redirects
1 ads.smartstream.tv 1 redirects
1 s3-eu-west-1.amazonaws.com c1.adform.net
1 api.adrtx.net 1 redirects
1 eu-u.openx.net c1.adform.net
1 sync.crwdcntrl.net c1.adform.net
1 idsync.rlcdn.com c1.adform.net
1 load77.exelator.com c1.adform.net
1 ps.eyeota.net c1.adform.net
1 x.bidswitch.net c1.adform.net
1 ads.stickyadstv.com c1.adform.net
1 rtb-csync.smartadserver.com c1.adform.net
1 ih.adscale.de c1.adform.net
1 token.rubiconproject.com c1.adform.net
1 ad.yieldlab.net c1.adform.net
1 ad.360yield.com c1.adform.net
1 a1.seadform.net static.sojern.com
1 vimeo.com f.vimeocdn.com
1 a2.adform.net s2.adform.net
1 fcmatch.youtube.com static.sojern.com
1 fcmatch.google.com 1 redirects
1 adservice.google.com static.sojern.com
1 s2.adform.net beacon.sojern.com
1 beacon.sojern.com static.sojern.com
1 www.google.de www.galleybayresort.com
1 googleads.g.doubleclick.net www.googletagmanager.com
1 sp.analytics.yahoo.com www.galleybayresort.com
1 www.eliteislandresorts.com www.galleybayresort.com
164 73
Subject Issuer Validity Valid
www.galleybayresort.com
Cloudflare Inc ECC CA-3		 2023-06-20 -
2024-06-18		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
*.eliteislandvacations.com
Go Daddy Secure Certificate Authority - G2		 2023-06-15 -
2024-07-13		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
www.eliteislandresorts.com
R3		 2023-12-19 -
2024-03-18		 3 months crt.sh
www.google.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
*.sojern.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-17 -
2024-02-17		 a year crt.sh
*.api.fantasysports.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2024-01-22 -
2024-03-13		 2 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
real.sp.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-10-24 -
2024-04-17		 6 months crt.sh
player.vimeo.com
E1		 2024-01-30 -
2024-04-29		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
*.google.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
www.google.de
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
*.vimeocdn.com
GlobalSign Atlas R3 DV TLS CA 2023 Q4		 2023-11-22 -
2024-12-23		 a year crt.sh
track.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-06 -
2024-09-19		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-11-08 -
2024-02-06		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
fresnel.vimeocdn.com
GTS CA 1D4		 2023-12-30 -
2024-03-29		 3 months crt.sh
a248.e.akamai.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-05-16 -
2024-05-15		 a year crt.sh
vimeo.com
Cloudflare Inc ECC CA-3		 2023-08-23 -
2024-08-21		 a year crt.sh
*.seadform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-23 -
2024-11-08		 a year crt.sh
*.360yield.com
Amazon RSA 2048 M01		 2023-05-29 -
2024-06-26		 a year crt.sh
*.yieldlab.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-09-17 -
2024-09-17		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
*.adscale.de
Amazon RSA 2048 M02		 2023-07-18 -
2024-08-15		 a year crt.sh
*.smartadserver.com
DigiCert Global G3 TLS ECC SHA384 2020 CA1		 2024-01-17 -
2025-01-16		 a year crt.sh
*.ads.stickyadstv.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-04-19 -
2024-05-19		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
eyeota.net
GoGetSSL RSA DV CA		 2023-03-08 -
2024-04-07		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2023-02-02 -
2024-03-03		 a year crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M02		 2023-10-08 -
2024-11-06		 a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-11 -
2024-12-11		 a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-14 -
2024-04-12		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2023-04-20 -
2024-05-20		 a year crt.sh
*.userreport.com
Amazon RSA 2048 M02		 2023-11-20 -
2024-12-17		 a year crt.sh
*.id5-sync.com
R3		 2024-01-01 -
2024-03-31		 3 months crt.sh
teads.tv
R3		 2024-01-22 -
2024-04-21		 3 months crt.sh
s.ad.smaato.net
Amazon RSA 2048 M03		 2023-09-04 -
2024-10-02		 a year crt.sh
*.contentexchange.me
Sectigo RSA Domain Validation Secure Server CA		 2023-05-29 -
2024-06-04		 a year crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
*.emxdgt.com
Amazon RSA 2048 M01		 2023-05-03 -
2024-05-31		 a year crt.sh

This page contains 5 frames:

Primary Page: https://www.galleybayresort.com/
Frame ID: F0E2086B5A99AA8EB6D794782E03A02D
Requests: 82 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld2Cf4oAAAAAHrUugitbwFB64R81DdA-e-lXL9X&co=aHR0cHM6Ly93d3cuZ2FsbGV5YmF5cmVzb3J0LmNvbTo0NDM.&hl=de&v=QUpyTKFkX5CIV6EF8TFSWEif&size=invisible&sa=submit&cb=33bf6p9a12o1
Frame ID: 6FB236EC6880787E737D549A83CCC43E
Requests: 8 HTTP requests in this frame

Frame: https://static.sojern.com/cip/c/236.html?f_v=cp_v3_js&p_v=8&version=5&auto_url=https%3A%2F%2Fwww.galleybayresort.com%2F&auto_ccid=hswva-e132y-u19jv-vtzfd-84qaw&auto_ga=&e_eml=null&auto_eml=cHJlc3NAZWxpdGVpc2xhbmRyZXNvcnRzLmNvbQ%253D%253D&auto_eml_count=1&auto_eml_domain=ZWxpdGVpc2xhbmRyZXNvcnRzLmNvbQ%253D%253D&ws=1600x1200&tz=-60&n=tf%3ANGd8MTB8MHw4fDR8ZW4tVVN8ZW4tVVMsZW58V2luMzJ8ZmFsc2V8fDF8MjR8MjR8MTYwMHwxMjAwfDM3NjAwMDAwMDB8RXVyb3BlL0JlcmxpbnxmYWxzZQ%3D%3D&hpid=2&pt=HOME_PAGE&et=
Frame ID: FB460AB49298E1FA1537B74366E5CB3E
Requests: 19 HTTP requests in this frame

Frame: https://player.vimeo.com/video/878791389?loop=1&autoplay=1&title=0&byline=0&portrait=0&background=1&player_id=iframe75264
Frame ID: 6625CCC1F773505259E7319880F62EC0
Requests: 16 HTTP requests in this frame

Frame: https://c1.adform.net/imatch/pixels?bt=0&uid=4224580775014324333&agencyId=8579&advertiserId=2162282&src=tp&rnd=429068
Frame ID: 718342791E915298111003FC1B8D2C2F
Requests: 40 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Galley Bay Resort & Spa - Antigua All Inclusive Adults Only

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • /revslider/[/\w-]+/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • (?:/([\d.]+))?/slick(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

164
Requests

87 %
HTTPS

26 %
IPv6

57
Domains

73
Subdomains

57
IPs

9
Countries

13499 kB
Transfer

17931 kB
Size

63
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 98
  • https://ad.doubleclick.net/ddm/activity/src=8835408;type=homep0;cat=galle0;qty=1;cost=0;u1=s%3Dccid_auto%7Cf_v%3Dcp_v3_js%7Cp_v%3D8%7Cversion%3D5%7Cauto_url%3Dhttps%253A%252F%252Fwww.galleybayresort.com%252F%7Cauto_ccid%3Dhswva-e132y-u19jv-vtzfd-84qaw%7Cauto_ga%3D%7Cauto_eml_count%3D1%7Cws%3D1600x1200%7Ctz%3D-60%7Cn%3Dtf%253ANGd8MTB8MHw4fDR8ZW4tVVN8ZW4tVVMsZW58V2luMzJ8ZmFsc2V8fDF8MjR8MjR8MTYwMHwxMjAwfDM3NjAwMDAwMDB8RXVyb3BlL0JlcmxpbnxmYWxzZQ%253D%253D%7Chpid%3D2%7Cpt%3DHOME_PAGE%7Cet%3D;u2=;u3=;u4=;u5=;u9=;u10=;u11=;u12=;u13=;u16=;u19=2;u20=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;ord=orderID HTTP 302
  • https://ad.doubleclick.net/ddm/activity/src=8835408;dc_pre=CIDVtMefhYQDFShSHgIdjYQJLw;type=homep0;cat=galle0;qty=1;cost=0;u1=s%3Dccid_auto%7Cf_v%3Dcp_v3_js%7Cp_v%3D8%7Cversion%3D5%7Cauto_url%3Dhttps%253A%252F%252Fwww.galleybayresort.com%252F%7Cauto_ccid%3Dhswva-e132y-u19jv-vtzfd-84qaw%7Cauto_ga%3D%7Cauto_eml_count%3D1%7Cws%3D1600x1200%7Ctz%3D-60%7Cn%3Dtf%253ANGd8MTB8MHw4fDR8ZW4tVVN8ZW4tVVMsZW58V2luMzJ8ZmFsc2V8fDF8MjR8MjR8MTYwMHwxMjAwfDM3NjAwMDAwMDB8RXVyb3BlL0JlcmxpbnxmYWxzZQ%253D%253D%7Chpid%3D2%7Cpt%3DHOME_PAGE%7Cet%3D;u2=;u3=;u4=;u5=;u9=;u10=;u11=;u12=;u13=;u16=;u19=2;u20=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;ord=orderID HTTP 302
  • https://adservice.google.com/ddm/fls/z/src=8835408;dc_pre=CIDVtMefhYQDFShSHgIdjYQJLw;type=homep0;cat=galle0;qty=1;cost=0;u1=s%3Dccid_auto%7Cf_v%3Dcp_v3_js%7Cp_v%3D8%7Cversion%3D5%7Cauto_url%3Dhttps%253A%252F%252Fwww.galleybayresort.com%252F%7Cauto_ccid%3Dhswva-e132y-u19jv-vtzfd-84qaw%7Cauto_ga%3D%7Cauto_eml_count%3D1%7Cws%3D1600x1200%7Ctz%3D-60%7Cn%3Dtf%253ANGd8MTB8MHw4fDR8ZW4tVVN8ZW4tVVMsZW58V2luMzJ8ZmFsc2V8fDF8MjR8MjR8MTYwMHwxMjAwfDM3NjAwMDAwMDB8RXVyb3BlL0JlcmxpbnxmYWxzZQ%253D%253D%7Chpid%3D2%7Cpt%3DHOME_PAGE%7Cet%3D;u2=;u3=;u4=;u5=;u9=;u10=;u11=;u12=;u13=;u16=;u19=2;u20=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;ord=orderID
Request Chain 99
  • https://secure.adnxs.com/px?id=1364142&t=1 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1364142%26t%3D1
Request Chain 100
  • https://secure.adnxs.com/seg?add=23505139&t=1 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D23505139%26t%3D1
Request Chain 101
  • https://cm.g.doubleclick.net/pixel?google_cm=true&google_hm=VrVTxxDWiEIcb8t78s960g&google_nid=sojern__adx_open_bidder_seat&google_sc=true&sjrn_id=v2bE6rwGQc1kErWA00butiljO2KdJtVisoxUqmx4V8kbnHjEe8BLkLOy2DXTZ7Iw&sjrn_ula=668469508 HTTP 302
  • https://pixel.sojern.com/idSync/AdX?exchangeProfileId=&sjrn_id=v2bE6rwGQc1kErWA00butiljO2KdJtVisoxUqmx4V8kbnHjEe8BLkLOy2DXTZ7Iw&sjrn_ula=668469508&google_gid=CAESEAPMXbQTk4mb4cF_Yq9mkfg&google_cver=1
Request Chain 102
  • https://cm.g.doubleclick.net/pixel?google_hm=VrVTxxDWiEIcb8t78s960g&google_nid=sojern_adh HTTP 302
  • https://fcmatch.google.com/pixel?google_gm=AMnCDorFklHMuiWWyz6Zdn_y_GM_mnMiNjnRiF5un4NkbBauCHsbocHlRDwsI-d9v4sq4NIHYaoP3cLFJc2Rc0ulmGzKcAtS9TalPjl4E3h2YyOsHCYFnB8 HTTP 302
  • https://fcmatch.youtube.com/pixel?google_gm=AMnCDorFklHMuiWWyz6Zdn_y_GM_mnMiNjnRiF5un4NkbBauCHsbocHlRDwsI-d9v4sq4NIHYaoP3cLFJc2Rc0ulmGzKcAtS9TalPjl4E3h2YyOsHCYFnB8
Request Chain 105
  • https://c1.adform.net/serving/cookie/match?cid=56b553c7-10d6-8842-1c6f-cb7bf2cf7ad2&party=1296 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&cid=56b553c7-10d6-8842-1c6f-cb7bf2cf7ad2&party=1296 HTTP 302
  • https://pixel.sojern.com/idsync/adf?adfid=872656086696207301&cid=56b553c7-10d6-8842-1c6f-cb7bf2cf7ad2
Request Chain 127
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=4224580775014324333&expiration=1707831916 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=4224580775014324333&expiration=1707831916&C=1
Request Chain 128
  • https://uipglob.semasio.net/adform/1/info?sType=sync&sExtCookieId=4224580775014324333&sInitiator=external HTTP 302
  • https://uipglob.semasio.net/adform/1/info2?sType=sync&sExtCookieId=4224580775014324333&sInitiator=external HTTP 302
  • https://se.semasio.net/sync/1/16266044?sExtCookieId=4224580775014324333&gdpr=&sInitiator=external HTTP 302
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fse.semasio.net%2Fsync%2F1%2F647471%3FsExtCookieId%3D%25%25COOKIE%25%25%26sInitiator%3Dinternal&gdpr= HTTP 302
  • https://se.semasio.net/sync/1/647471?sExtCookieId=7329887033871431822&sInitiator=internal&gdpr= HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fse.semasio.net%2Fsync%2F1%2F4354957%3FsExtCookieId%3D%24UID%26sInitiator%3Dinternal&gdpr= HTTP 302
  • https://se.semasio.net/sync/1/4354957?sExtCookieId=3094484365885493439&sInitiator=internal&gdpr= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=semasio_ddp&google_cm&google_hm=OTIyMkY1NzZCMzdCQkVGOQ&gdpr= HTTP 302
  • https://uipglob.semasio.net/dbm/1/info?sType=sync&sExtCookieId=CAESEPSixCMQp3uTFt1sz-yRybY&sInitiator=internal&google_cver=1&gdpr=&google_cver=1 HTTP 302
  • https://se.semasio.net/sync/1/12092831?sExtCookieId=CAESEPSixCMQp3uTFt1sz-yRybY&sInitiator=internal&google_cver=1&gdpr=
Request Chain 130
  • https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=4224580775014324333 HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=4224580775014324333&xl8blockcheck=1 HTTP 302
  • https://load77.exelator.com/pixel.gif
Request Chain 135
  • https://api.adrtx.net/thirdparty/click?p=adfo HTTP 302
  • https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif
Request Chain 136
  • https://cm.adsafety.net/?_cmsrc=adformx&idt=100&did=4224580775014324333 HTTP 302
  • https://ads.smartstream.tv/cm/?cmsrc=cm&cm_uid=CM12024013013ec420c7d68d6725e0e4&redirect=https%3A%2F%2Fcm.adsafety.net%2F%3F_cmsrc%3Dstv%26_chainsrc%3Dcommon&gdpr_consent= HTTP 302
  • https://cm.adsafety.net/?_cmsrc=stv&_chainsrc=common&idt=100&did=ef23be9c4fe60d61318adddbc300af53&idt_did_status=added&gdpr_consent=&gdpr=0 HTTP 302
  • https://tags.adsafety.net/v1/cm?cm_uid=CM12024013013ec420c7d68d6725e0e4&redirect=https%3A%2F%2Fcm.adsafety.net%2F%3F_cmsrc%3Dct%26_chainsrc%3Dcommon%26idt%3D%5B%25IDT%25%5D%26did%3D%5B%25DID%25%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.adsafety.net/?_cmsrc=ct&_chainsrc=common&idt=100&did=ef23be9c4fe60d61318adddbc300af53 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=dataxtrade_dmp&google_cm&google_hm=Q00xMjAyNDAxMzAxM2VjNDIwYzdkNjhkNjcyNWUwZTQ&gdpr_consent=&gdpr=0 HTTP 302
  • https://cm.adsafety.net/?_cmsrc=dbmx&midt=100&mdid=CAESEDLYBWzn75Bw8_KL5Lt6pKU&gdpr_consent=&gdpr=0&google_cver=1 HTTP 302
  • https://c1.adform.net/serving/cookie/match?party=28&cid=CM12024013013ec420c7d68d6725e0e4 HTTP 302
  • https://cm.adsafety.net/?_cmsrc=adform&idt=100&did=4224580775014324333
Request Chain 139
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm&google_ula=1641347&party=1&google_hm=NDIyNDU4MDc3NTAxNDMyNDMzMw HTTP 302
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEHq6t1RkO39U3tHAY9XdfBo&google_cver=1&google_ula=1641347,0
Request Chain 140
  • https://secure.adnxs.com/getuid?https://c1.adform.net/serving/cookie/match?party=3&id=$UID&redirect=1 HTTP 302
  • https://c1.adform.net/serving/cookie/match?party=3&id=3094484365885493439&redirect=1 HTTP 302
  • https://secure.adnxs.com/setuid?entity=91&code=4224580775014324333
Request Chain 143
  • https://a.audrte.com/a?adform_uid=4224580775014324333 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=YjRnTk9OLWJqcUlTdUtXSFUtYjBWdFFjZw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/p
Request Chain 144
  • https://dpm.demdex.net/ibs:dpid=1586&dpuuid=4224580775014324333&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1586&dpuuid=4224580775014324333&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1 HTTP 302
  • https://c1.adform.net/serving/cookie/match?party=1007&cid=33285425135939936434231391224374864392&noredirect=1
Request Chain 145
  • https://aa.agkn.com/adscores/g.pixel?sid=9212269628&_puid=4224580775014324333 HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?party=1014&cid=217163104777002845531
Request Chain 146
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1049%26cid%3D%25%25COOKIE%25%25 HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7329887038139791502
Request Chain 148
  • https://pm.w55c.net/ping_match.gif?st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_ HTTP 302
  • https://c1.adform.net/serving/cookie/match?party=1084&cid=C8Oe6S421RuOqp5
Request Chain 151
  • https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D HTTP 307
  • https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D&bounce=1&random=3589740126 HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?party=1145&cid=kWRyXB5xX8y33NXVE4UkYe

164 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.galleybayresort.com/ 		447 KB
75 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.galleybayresort.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / WP Engine
Resource Hash
626b0bd515ef3d960504f5dd752bfd7009c695acf702240610740abb7a7c8807

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=600, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
84da276f4e88aca4-TXL
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 30 Jan 2024 13:45:13 GMT
link
<https://www.galleybayresort.com/wp-json/>; rel="https://api.w.org/" <https://www.galleybayresort.com/wp-json/wp/v2/pages/4100>; rel="alternate"; type="application/json" <https://www.galleybayresort.com/>; rel=shortlink
server
cloudflare
vary
Accept-Encoding Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
x-cache
HIT: 1
x-cache-group
normal
x-cacheable
SHORT
x-powered-by
WP Engine
style.min.css
www.galleybayresort.com/wp-includes/css/dist/block-library/ 		107 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.galleybayresort.com/wp-includes/css/dist/block-library/style.min.css?ver=6.4.2
Requested by
Host: www.galleybayresort.com
URL: https://www.galleybayresort.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.galleybayresort.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 13:45:13 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sun, 05 Nov 2023 19:40:32 GMT
server
cloudflare
etag
W/"6547efb0-1add3"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
84da2770ca0eaca4-TXL
alt-svc
h3=":443"; ma=86400
cookie-law-info-public.css
www.galleybayresort.com/wp-content/plugins/cookie-law-info/legacy/public/css/ 		3 KB
977 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.galleybayresort.com/wp-content/plugins/cookie-law-info/legacy/public/css/cookie-law-info-public.css?ver=3.1.8
Requested by
Host: www.galleybayresort.com
URL: https://www.galleybayresort.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
fbe820b6140ad28e86f34ffae507d807cf591a22697a05b71958f2014e96a9e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.galleybayresort.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 13:45:13 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 19 Jan 2024 16:43:06 GMT
server
cloudflare
etag
W/"65aaa69a-c22"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
84da2770ca17aca4-TXL
alt-svc
h3=":443"; ma=86400
cookie-law-info-gdpr.css
www.galleybayresort.com/wp-content/plugins/cookie-law-info/legacy/public/css/ 		27 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.galleybayresort.com/wp-content/plugins/cookie-law-info/legacy/public/css/cookie-law-info-gdpr.css?ver=3.1.8
Requested by
Host: www.galleybayresort.com
URL: https://www.galleybayresort.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
655ae452d922f501b62c7028fc35e238138de989387381cc1ed9cea9085864db

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.galleybayresort.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 13:45:13 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 19 Jan 2024 16:43:06 GMT
server
cloudflare
age
356409
etag
W/"65aaa69a-6a71"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
84da2770ca19aca4-TXL
alt-svc
h3=":443"; ma=86400
simple-banner.css
www.galleybayresort.com/wp-content/plugins/simple-banner/ 		470 B
294 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.galleybayresort.com/wp-content/plugins/simple-banner/simple-banner.css?ver=2.17.0
Requested by
Host: www.galleybayresort.com
URL: https://www.galleybayresort.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e52d2896e4826b8b2cc58b53db6c3e4aaea762a718e2a1375b275ff78285060

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.galleybayresort.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 13:45:13 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 19 Jan 2024 16:42:46 GMT
server
cloudflare
etag
W/"65aaa686-1d6"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
84da2770ca1daca4-TXL
alt-svc
h3=":443"; ma=86400
pgc_sgb.min.style.css
www.galleybayresort.com/wp-content/plugins/simply-gallery-block/blocks/ 		2 KB
649 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.galleybayresort.com/wp-content/plugins/simply-gallery-block/blocks/pgc_sgb.min.style.css?ver=3.1.9
Requested by
Host: www.galleybayresort.com
URL: https://www.galleybayresort.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
3029d429260641a00282e68decf6a46e07c688f92d92d195dc8938d07759ae67

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.galleybayresort.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 13:45:13 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 19 Jan 2024 16:42:44 GMT
server
cloudflare
etag
W/"65aaa684-63f"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
84da2770ca1eaca4-TXL
alt-svc
h3=":443"; ma=86400
pgc_sgb_lightbox.min.style.css
www.galleybayresort.com/wp-content/plugins/simply-gallery-block/plugins/ 		16 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.galleybayresort.com/wp-content/plugins/simply-gallery-block/plugins/pgc_sgb_lightbox.min.style.css?ver=3.1.9
Requested by
Host: www.galleybayresort.com
URL: https://www.galleybayresort.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
877b25db9c6bf054b89e03707ea06ce5239ea0bec28bb609a70815bbf682f654

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.galleybayresort.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 13:45:13 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 19 Jan 2024 16:42:44 GMT
server
cloudflare
etag
W/"65aaa684-3f42"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
84da2770ca21aca4-TXL
alt-svc
h3=":443"; ma=86400
pushlabs-vidbg.css
www.galleybayresort.com/wp-content/plugins/video-background/css/ 		1 KB
540 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.galleybayresort.com/wp-content/plugins/video-background/css/pushlabs-vidbg.css?ver=2.7.5
Requested by
Host: www.galleybayresort.com
URL: https://www.galleybayresort.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb0fc98afcbc89e3ba9a97cd44cce5800f344c2eabbca9b9fbf986d18db35fd3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.galleybayresort.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 13:45:13 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 10 Nov 2023 16:59:20 GMT
server
cloudflare
age
356409
etag
W/"654e6168-448"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
84da2770ca23aca4-TXL
alt-svc
h3=":443"; ma=86400
wp-sojern-public.css
www.galleybayresort.com/wp-content/plugins/wp-sojern/public/css/ 		98 B
179 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.galleybayresort.com/wp-content/plugins/wp-sojern/public/css/wp-sojern-public.css?ver=4.5.0
Requested by
Host: www.galleybayresort.com
URL: https://www.galleybayresort.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
547dda3c14b284819be511be1e410da94a5efc6ccc4a9afe1c75394f9333191a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.galleybayresort.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 13:45:13 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 02 Jun 2023 13:54:02 GMT
server
cloudflare
age
356409
etag
W/"6479f47a-62"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
84da2770ca2aaca4-TXL
alt-svc
h3=":443"; ma=86400
style.css
www.galleybayresort.com/wp-content/themes/liber/ 		120 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.galleybayresort.com/wp-content/themes/liber/style.css
Requested by
Host: www.galleybayresort.com
URL: https://www.galleybayresort.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
a023fee6a14009b1849e37f2abbe1da3ce58833e16a767ca5a3372adf3543342

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.galleybayresort.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 13:45:13 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 10 Nov 2023 16:58:39 GMT
server
cloudflare
etag
W/"654e613f-1e1c6"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
84da2770ca2caca4-TXL
alt-svc
h3=":443"; ma=86400
style.css
www.galleybayresort.com/wp-content/themes/galleybay-child-theme/ 		10 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.galleybayresort.com/wp-content/themes/galleybay-child-theme/style.css
Requested by
Host: www.galleybayresort.com
URL: https://www.galleybayresort.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b2a0de34b0c0351b3fff867a20e318a82097e7707846a9732552215de9283ee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.galleybayresort.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 13:45:13 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 10 Nov 2023 16:58:42 GMT
server
cloudflare
etag
W/"654e6142-2892"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
84da2770ca31aca4-TXL
alt-svc
h3=":443"; ma=86400
css
fonts.googleapis.com/ 		27 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C400italic%2C700%2C700italic%7CTeko%3A300%2C400%2C500%2C600%2C700%7CSource%2BSans%2BPro%3A200%2C200i%2C300%2C300i%2C400%2C400i%2C600%2C600i%2C700%2C700i%2C900%2C900i&subset=latin%2Clatin-ext
Requested by
Host: www.galleybayresort.com
URL: https://www.galleybayresort.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8b739e56eb4a1ad0df3cbf8681668157aa52178060e6494118d2d8fbbed48a5b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.galleybayresort.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 30 Jan 2024 13:45:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 30 Jan 2024 13:45:13 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 30 Jan 2024 13:45:13 GMT
genericons.css
www.galleybayresort.com/wp-content/themes/liber/genericons/ 		27 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.galleybayresort.com/wp-content/themes/liber/genericons/genericons.css?ver=1.0
Requested by
Host: www.galleybayresort.com
URL: https://www.galleybayresort.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
298e7d88ffb5e462b32c0eeff712cd62b3419743d287dbf7312214cc1b2f5fad

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.galleybayresort.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 13:45:13 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 10 Nov 2023 16:58:42 GMT
server
cloudflare
age
356409
etag
W/"654e6142-6b83"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
84da2770da3eaca4-TXL
alt-svc
h3=":443"; ma=86400
style.css
www.galleybayresort.com/wp-content/themes/galleybay-child-theme/ 		10 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.galleybayresort.com/wp-content/themes/galleybay-child-theme/style.css?ver=6.4.2
Requested by
Host: www.galleybayresort.com
URL: https://www.galleybayresort.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b2a0de34b0c0351b3fff867a20e318a82097e7707846a9732552215de9283ee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.galleybayresort.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 13:45:13 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 10 Nov 2023 16:58:42 GMT
server
cloudflare
etag
W/"654e6142-2892"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
84da2770da41aca4-TXL
alt-svc
h3=":443"; ma=86400
slick.css
www.galleybayresort.com/wp-content/themes/liber/assets/css/ 		2 KB
593 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.galleybayresort.com/wp-content/themes/liber/assets/css/slick.css?ver=1.0
Requested by
Host: www.galleybayresort.com
URL: https://www.galleybayresort.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
d917660c3d6f7aad32ebc4b0012c6d0bb84a13e201a012e334bcca4b9f4686c9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.galleybayresort.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 13:45:13 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 10 Nov 2023 16:58:42 GMT
server
cloudflare
etag
W/"654e6142-6c1"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
84da2770da42aca4-TXL
alt-svc
h3=":443"; ma=86400
jquery.min.js
www.galleybayresort.com/wp-includes/js/jquery/ 		86 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.galleybayresort.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by
Host: www.galleybayresort.com
URL: https://www.galleybayresort.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.galleybayresort.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 13:45:13 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 28 Aug 2023 17:14:23 GMT
server
cloudflare
age
356409
etag
W/"64ecd5ef-15601"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
84da2770da43aca4-TXL
alt-svc
h3=":443"; ma=86400
jquery-migrate.min.js
www.galleybayresort.com/wp-includes/js/jquery/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.galleybayresort.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by
Host: www.galleybayresort.com
URL: https://www.galleybayresort.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.galleybayresort.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 13:45:13 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 09 Jun 2023 05:49:24 GMT
server
cloudflare
age
356409
etag
W/"6482bd64-3509"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
84da2770da45aca4-TXL
alt-svc
h3=":443"; ma=86400
cookie-law-info-public.js
www.galleybayresort.com/wp-content/plugins/cookie-law-info/legacy/public/js/ 		33 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.galleybayresort.com/wp-content/plugins/cookie-law-info/legacy/public/js/cookie-law-info-public.js?ver=3.1.8
Requested by
Host: www.galleybayresort.com
URL: https://www.galleybayresort.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c52384c7b0641dd1ead85d079c22d39bcc6dc5f2537afb1e6396bb619771a3f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.galleybayresort.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 13:45:13 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 19 Jan 2024 16:43:06 GMT
server
cloudflare
etag
W/"65aaa69a-8583"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
84da2770da47aca4-TXL
alt-svc
h3=":443"; ma=86400
simple-banner.js
www.galleybayresort.com/wp-content/plugins/simple-banner/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.galleybayresort.com/wp-content/plugins/simple-banner/simple-banner.js?ver=2.17.0
Requested by
Host: www.galleybayresort.com
URL: https://www.galleybayresort.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b798e798867301d04ad55df8c4b32c3a26379eebc2ce8ec3f4d1b896a4d259e7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.galleybayresort.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 13:45:13 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 19 Jan 2024 16:42:46 GMT
server
cloudflare
etag
W/"65aaa686-1769"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
84da2770da4aaca4-TXL
alt-svc
h3=":443"; ma=86400
304a562c-a9b2-4743-8ddf-f96ba271e727
https://www.galleybayresort.com/ 		1 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.galleybayresort.com/304a562c-a9b2-4743-8ddf-f96ba271e727
Requested by
Host: www.galleybayresort.com
URL: https://www.galleybayresort.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length
1245
Content-Type
text/javascript
wp-sojern-public.js
www.galleybayresort.com/wp-content/plugins/wp-sojern/public/js/ 		14 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.galleybayresort.com/wp-content/plugins/wp-sojern/public/js/wp-sojern-public.js?ver=4.5.0
Requested by
Host: www.galleybayresort.com
URL: https://www.galleybayresort.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
66dfcf6e0a84c6a90bcc37eaf745194097f0f7da46a86d8f0c13180eed194bb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.galleybayresort.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 13:45:13 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 02 Jun 2023 13:54:02 GMT
server
cloudflare
etag
W/"6479f47a-37c5"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
84da2770da4daca4-TXL
alt-svc
h3=":443"; ma=86400
box.aspx
galleybay.eliteislandvacations.com/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://galleybay.eliteislandvacations.com/box.aspx?ver=6.4.2
Requested by
Host: www.galleybayresort.com
URL: https://www.galleybayresort.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
44.210.209.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-210-209-13.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
70c7536b93e15e6d8b2369df155c582b61306829da9892d1f5de39094d5ef248

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.galleybayresort.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 13:45:14 GMT
content-encoding
gzip
x-aspnetmvc-version
5.2
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private
content-length
6521
themetheme.js
www.galleybayresort.com/wp-content/themes/galleybay-child-theme/ 		4 KB
908 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.galleybayresort.com/wp-content/themes/galleybay-child-theme/themetheme.js?ver=6.4.2
Requested by
Host: www.galleybayresort.com
URL: https://www.galleybayresort.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
17175f3ee7e5a92cba8cc6d8b33b4b043a6d2e922af0db5d5087413dd6a5b651

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.galleybayresort.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 13:45:13 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 10 Nov 2023 16:58:42 GMT
server
cloudflare
etag
W/"654e6142-ebc"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
84da2770da51aca4-TXL
alt-svc
h3=":443"; ma=86400
js
www.googletagmanager.com/gtag/ 		260 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-MMN2ZV07GX
Requested by
Host: www.galleybayresort.com
URL: https://www.galleybayresort.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a58f9c867953412d4ca8c6407e9368e307977ce51666f9c01b29157377227c4a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.galleybayresort.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 13:45:14 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
90008
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 30 Jan 2024 13:45:14 GMT
js
www.googletagmanager.com/gtag/ 		204 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-11045114480
Requested by
Host: www.galleybayresort.com
URL: https://www.galleybayresort.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
72605d5b68a3da97d60b21ea602004084c4691d245707cf6035223f9745060a5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.galleybayresort.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 13:45:14 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
74841
x-xss-protection
0
last-modified
Tue, 30 Jan 2024 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 30 Jan 2024 13:45:14 GMT
js
www.googletagmanager.com/gtag/ 		288 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-ZRRPCF7DFD
Requested by
Host: www.galleybayresort.com
URL: https://www.galleybayresort.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a8b704dccb5094ecebbe1f11d637a5609f6b4d44b9567e6fbea1c2b3ca691f29
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.galleybayresort.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 13:45:14 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
96159
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 30 Jan 2024 13:45:14 GMT
desktop_caribbean_vacation_video_banner.gif
www.eliteislandresorts.com/wp-content/uploads/2023/11/ 		139 KB
139 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.eliteislandresorts.com/wp-content/uploads/2023/11/desktop_caribbean_vacation_video_banner.gif
Requested by
Host: www.galleybayresort.com
URL: https://www.galleybayresort.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.138.72.127 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
127.72.138.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
253d547b03ac59dc9b0f26d24bab04dac1babf7456139d8e0c48c716d1b42bb3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.galleybayresort.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 13:45:13 GMT
last-modified
Sat, 18 Nov 2023 14:50:32 GMT
server
nginx
etag
"6558cf38-22c02"
vary
Accept-Encoding
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
142338
gb_logo_66.png
www.galleybayresort.com/wp-content/uploads/2018/07/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.galleybayresort.com/wp-content/uploads/2018/07/gb_logo_66.png
Requested by
Host: www.galleybayresort.com
URL: https://www.galleybayresort.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
7521d7a552d133301c7b84a28f8df2fb8c6c1113bf8c3a66ce9d19dc2ab291a4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.galleybayresort.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 13:45:14 GMT
cf-cache-status
MISS
last-modified
Fri, 13 Aug 2021 03:18:56 GMT
server
cloudflare
etag
"6115e4a0-503"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
84da27795cba2675-TXL
alt-svc
h3=":443"; ma=86400
content-length
1283
dummy.png
www.galleybayresort.com/wp-content/plugins/revslider/public/assets/assets/ 		68 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.galleybayresort.com/wp-content/plugins/revslider/public/assets/assets/dummy.png
Requested by
Host: www.galleybayresort.com
URL: https://www.galleybayresort.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.galleybayresort.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 13:45:13 GMT
cf-cache-status
MISS
last-modified
Mon, 21 Aug 2023 16:10:49 GMT
server
cloudflare
etag
"64e38c89-44"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
84da2770da53aca4-TXL
alt-svc
h3=":443"; ma=86400
content-length
68
GauguinRestaurant6-scaled.jpg
www.galleybayresort.com/wp-content/uploads/2023/10/ 		954 KB
954 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.galleybayresort.com/wp-content/uploads/2023/10/GauguinRestaurant6-scaled.jpg
Requested by
Host: www.galleybayresort.com
URL: https://www.galleybayresort.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
59a79b601c18c7ddaf002c2aa56b62751c2c9c643d4ffd0d3f80dcf92e68f1b2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.galleybayresort.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 13:45:14 GMT
cf-cache-status
HIT
cf-bgj
imgq:100,h2pri
last-modified
Fri, 10 Nov 2023 16:58:29 GMT
server
cloudflare
cf-polished
origSize=1029434
etag
"654e6135-fb53a"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
84da27795cbc2675-TXL
alt-svc
h3=":443"; ma=86400
content-length
976982
IndulgeSpa1-scaled.jpg
www.galleybayresort.com/wp-content/uploads/2023/10/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.galleybayresort.com/wp-content/uploads/2023/10/IndulgeSpa1-scaled.jpg
Requested by
Host: www.galleybayresort.com
URL: https://www.galleybayresort.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
00377fc1c622febb555a0087762b5a429daceb09087cad16c75bb868ea10f47b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.galleybayresort.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 13:45:14 GMT
cf-cache-status
HIT
age
356407
cf-polished
origSize=1213439
alt-svc
h3=":443"; ma=86400
content-length
1148281
cf-bgj
imgq:100,h2pri
last-modified
Fri, 10 Nov 2023 16:58:31 GMT
server
cloudflare
etag
"654e6137-1283ff"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
84da27795cc02675-TXL
HJ_C9A0316_edit-scaled.jpg
www.galleybayresort.com/wp-content/uploads/2023/10/ 		677 KB
677 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.galleybayresort.com/wp-content/uploads/2023/10/HJ_C9A0316_edit-scaled.jpg
Requested by
Host: www.galleybayresort.com
URL: https://www.galleybayresort.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
4bc10fd542ab5b1d9e5652088e4742c5e83deccfba285b880f983053b120f3c1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.galleybayresort.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 13:45:14 GMT
cf-cache-status
MISS
last-modified
Fri, 10 Nov 2023 16:58:30 GMT
server
cloudflare
etag
"654e6136-a9301"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
84da27795cc32675-TXL
alt-svc
h3=":443"; ma=86400
content-length
692993
14003-ABTA-Antigua-and-Barbuda-Covid-19-certification-badge.png
www.galleybayresort.com/wp-content/uploads/2020/11/ 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.galleybayresort.com/wp-content/uploads/2020/11/14003-ABTA-Antigua-and-Barbuda-Covid-19-certification-badge.png
Requested by
Host: www.galleybayresort.com
URL: https://www.galleybayresort.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
8da131d86b29600a66678fed3ad0c6eb0def9f079b7805855d000e946ce95b5c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.galleybayresort.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 13:45:14 GMT
cf-cache-status
HIT
cf-polished
origFmt=png, origSize=79178
content-disposition
inline; filename="14003-ABTA-Antigua-and-Barbuda-Covid-19-certification-badge.webp"
alt-svc
h3=":443"; ma=86400
content-length
46260
cf-bgj
imgq:100,h2pri
last-modified
Fri, 13 Aug 2021 03:18:56 GMT
server
cloudflare
etag
"6115e4a0-1354a"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
84da27795cc52675-TXL
api.js
www.google.com/recaptcha/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: www.galleybayresort.com
URL: https://www.galleybayresort.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
1de7f36ad7f44f5a484982ade6d03cee45fe311454a8799f25060c27bc88cd22
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.galleybayresort.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 13:45:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Tue, 30 Jan 2024 13:45:13 GMT
css
fonts.googleapis.com/ 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400%7COpen+Sans:400&display=swap
Requested by
Host: www.galleybayresort.com
URL: https://www.galleybayresort.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
bbf418c7349cd4ca4e44bd79d57b8b415ac0ef460fc703f2e0feff216e4281a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.galleybayresort.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 30 Jan 2024 13:45:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 30 Jan 2024 13:40:40 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 30 Jan 2024 13:45:13 GMT
revicons.woff
www.galleybayresort.com/wp-content/plugins/revslider/public/assets/fonts/revicons/ 		7 KB
7 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.galleybayresort.com/wp-content/plugins/revslider/public/assets/fonts/revicons/revicons.woff?5510888
Requested by
Host: www.galleybayresort.com
URL: https://www.galleybayresort.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7b9c3065e55fa3b9e320093612e7b30dcb14355a44ec461247b495a3e729686

Request headers

Referer
https://www.galleybayresort.com/
Origin
https://www.galleybayresort.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 13:45:13 GMT
cf-cache-status
MISS
last-modified
Mon, 21 Aug 2023 16:10:59 GMT
server
cloudflare
etag
"64e38c93-1d70"
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
84da2770ea7daca4-TXL
alt-svc
h3=":443"; ma=86400
content-length
7536
rs6.css
www.galleybayresort.com/wp-content/plugins/revslider/public/assets/css/ 		57 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.galleybayresort.com/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.6.16
Requested by
Host: www.galleybayresort.com
URL: https://www.galleybayresort.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2a7a173045c7ed2c9474ee0edd3ebc0389454132b0a16e55b3eae6402c46a05

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.galleybayresort.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 13:45:14 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 10 Nov 2023 16:59:27 GMT
server
cloudflare
etag
W/"654e616f-e3d7"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
84da27742c692675-TXL
alt-svc
h3=":443"; ma=86400
rbtools.min.js
www.galleybayresort.com/wp-content/plugins/revslider/public/assets/js/ 		161 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.galleybayresort.com/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.6.16
Requested by
Host: www.galleybayresort.com
URL: https://www.galleybayresort.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4596b16b126326b0d8fc2fb8bf91389ad3dc4671a269187913c19a8f2ad1094

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.galleybayresort.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 13:45:14 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 10 Nov 2023 16:59:26 GMT
server
cloudflare
etag
W/"654e616e-285db"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
84da27795cc62675-TXL
alt-svc
h3=":443"; ma=86400
rs6.min.js
www.galleybayresort.com/wp-content/plugins/revslider/public/assets/js/ 		403 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.galleybayresort.com/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.6.16
Requested by
Host: www.galleybayresort.com
URL: https://www.galleybayresort.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
01a3f7860268b6b3b73afda4f0c9aa7c5b1a56b397a31c39138ee7380d8336df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.galleybayresort.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 13:45:14 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 10 Nov 2023 16:59:26 GMT
server
cloudflare
etag
W/"654e616e-64b31"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
84da27795cca2675-TXL
alt-svc
h3=":443"; ma=86400
pgc_sgb_lightbox.min.js
www.galleybayresort.com/wp-content/plugins/simply-gallery-block/plugins/ 		183 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.galleybayresort.com/wp-content/plugins/simply-gallery-block/plugins/pgc_sgb_lightbox.min.js?ver=3.1.9
Requested by
Host: www.galleybayresort.com
URL: https://www.galleybayresort.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
411adf76b50d366bea22f320eeefe67cba9b6bb4e0f5ab8005ec83acfafb4586

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.galleybayresort.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 13:45:14 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 19 Jan 2024 16:42:44 GMT
server
cloudflare
age
356408
etag
W/"65aaa684-2db4b"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
84da277789b92675-TXL
alt-svc
h3=":443"; ma=86400
jquery.scrollTo.js
www.galleybayresort.com/wp-content/themes/liber/js/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.galleybayresort.com/wp-content/themes/liber/js/jquery.scrollTo.js?ver=20151030
Requested by
Host: www.galleybayresort.com
URL: https://www.galleybayresort.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
d6a2ec240f8adc5052cb9df96a33199c65de4c58457de2aca485120f70e53c89

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.galleybayresort.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 13:45:14 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 10 Nov 2023 16:58:40 GMT
server
cloudflare
etag
W/"654e6140-16cc"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
84da2777aa0a2675-TXL
alt-svc
h3=":443"; ma=86400
jquery.waypoints.js
www.galleybayresort.com/wp-content/themes/liber/js/ 		16 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.galleybayresort.com/wp-content/themes/liber/js/jquery.waypoints.js?ver=20150813
Requested by
Host: www.galleybayresort.com
URL: https://www.galleybayresort.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
a4a9d14d69f54d007c509cb60038b301af3726a0c0a4c5fc30b3d06a39d77c5c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.galleybayresort.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 13:45:14 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 10 Nov 2023 16:58:40 GMT
server
cloudflare
age
356407
etag
W/"654e6140-402e"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
84da2777ea612675-TXL
alt-svc
h3=":443"; ma=86400
front-page.js
www.galleybayresort.com/wp-content/themes/liber/js/ 		2 KB
1013 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.galleybayresort.com/wp-content/themes/liber/js/front-page.js?ver=20151030
Requested by
Host: www.galleybayresort.com
URL: https://www.galleybayresort.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b96a78b95a1b812860024e8496acb0129199a28ec2f669ff7a931cfa93329c52

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.galleybayresort.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 13:45:14 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 10 Nov 2023 16:58:40 GMT
server
cloudflare
etag
W/"654e6140-635"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
84da27781aa12675-TXL
alt-svc
h3=":443"; ma=86400
imagesloaded.min.js
www.galleybayresort.com/wp-includes/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.galleybayresort.com/wp-includes/js/imagesloaded.min.js?ver=5.0.0
Requested by
Host: www.galleybayresort.com
URL: https://www.galleybayresort.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b65b3de1bc923b9355248a0d941a0eaee15dfb9a6b8eadb51323a8df6189dcd1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.galleybayresort.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 13:45:14 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 11 Aug 2023 18:18:26 GMT
server
cloudflare
age
356408
etag
W/"64d67b72-1590"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
84da27782acf2675-TXL
alt-svc
h3=":443"; ma=86400
masonry.min.js
www.galleybayresort.com/wp-includes/js/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.galleybayresort.com/wp-includes/js/masonry.min.js?ver=4.2.2
Requested by
Host: www.galleybayresort.com
URL: https://www.galleybayresort.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e00add38134eac2fb8e8e9c09cbfff7bbe57952b210322eb2eecb0a21fc055eb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.galleybayresort.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 13:45:14 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 13 Jun 2020 18:53:27 GMT
server
cloudflare
etag
W/"5ee520a7-5e4a"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
84da27786b302675-TXL
alt-svc
h3=":443"; ma=86400
grid.js
www.galleybayresort.com/wp-content/themes/liber/js/ 		511 B
505 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.galleybayresort.com/wp-content/themes/liber/js/grid.js?ver=6.4.2
Requested by
Host: www.galleybayresort.com
URL: https://www.galleybayresort.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
13be924e3838c7a02c5c5af48c8b94c8202464356bfecd97661c7ea8874fc248

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.galleybayresort.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 13:45:14 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 10 Nov 2023 16:58:40 GMT
server
cloudflare
etag
W/"654e6140-1ff"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
84da27787b432675-TXL
alt-svc
h3=":443"; ma=86400
slick.min.js
www.galleybayresort.com/wp-content/themes/liber/js/ 		41 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.galleybayresort.com/wp-content/themes/liber/js/slick.min.js?ver=1.6.0
Requested by
Host: www.galleybayresort.com
URL: https://www.galleybayresort.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e02af7df9a190d88380e2dcec2050ecaa493ae2d23526dbeec67f6907df3a752

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.galleybayresort.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 13:45:14 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 10 Nov 2023 16:58:40 GMT
server
cloudflare
etag
W/"654e6140-a3e1"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
84da2778bbaf2675-TXL
alt-svc
h3=":443"; ma=86400
featured-slider.js
www.galleybayresort.com/wp-content/themes/liber/js/ 		335 B
412 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.galleybayresort.com/wp-content/themes/liber/js/featured-slider.js?ver=1.0
Requested by
Host: www.galleybayresort.com
URL: https://www.galleybayresort.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
060111c888cd59aa706e28dab73436b1b3ed9640bc1986dfacf7a8ab722d041f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.galleybayresort.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 13:45:14 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 10 Nov 2023 16:58:40 GMT
server
cloudflare
etag
W/"654e6140-14f"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
84da2778cbc12675-TXL
alt-svc
h3=":443"; ma=86400
liber.js
www.galleybayresort.com/wp-content/themes/liber/js/ 		873 B
613 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.galleybayresort.com/wp-content/themes/liber/js/liber.js?ver=20150825
Requested by
Host: www.galleybayresort.com
URL: https://www.galleybayresort.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6f49d4dc4069b95187fa447b4d8571ad0c7ed1aaada51201c48986cf2c1643e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.galleybayresort.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 13:45:14 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 10 Nov 2023 16:58:40 GMT
server
cloudflare
etag
W/"654e6140-369"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
84da27795cb22675-TXL
alt-svc
h3=":443"; ma=86400
navigation.js
www.galleybayresort.com/wp-content/themes/liber/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.galleybayresort.com/wp-content/themes/liber/js/navigation.js?ver=20120206
Requested by
Host: www.galleybayresort.com
URL: https://www.galleybayresort.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e387cb89834b72db06db6827ce4a4f0db39ee8e6f3f84c82105cd5cac224250b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.galleybayresort.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 13:45:14 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 10 Nov 2023 16:58:40 GMT
server
cloudflare
etag
W/"654e6140-8ff"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
84da27795cb52675-TXL
alt-svc
h3=":443"; ma=86400
skip-link-focus-fix.js
www.galleybayresort.com/wp-content/themes/liber/js/ 		922 B
661 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.galleybayresort.com/wp-content/themes/liber/js/skip-link-focus-fix.js?ver=20130115
Requested by
Host: www.galleybayresort.com
URL: https://www.galleybayresort.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
cbc424f37fdb91994b799d75811b672be9832329ff0a7fe06b5c21c21bdaaf58

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.galleybayresort.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 13:45:14 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 10 Nov 2023 16:58:40 GMT
server
cloudflare
etag
W/"654e6140-39a"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
84da27795cb82675-TXL
alt-svc
h3=":443"; ma=86400
css2
fonts.googleapis.com/ 		3 KB
734 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Playfair+Display&family=Ubuntu&display=swap
Requested by
Host: www.galleybayresort.com
URL: https://www.galleybayresort.com/wp-content/themes/galleybay-child-theme/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7a147df94c5bfda6f6220fa67213008b8a1114af4e585381abe36627bd75c098
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.galleybayresort.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 30 Jan 2024 13:45:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 30 Jan 2024 13:45:13 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 30 Jan 2024 13:45:13 GMT
sjrn_autocx.js
static.sojern.com/utils/ 		14 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.sojern.com/utils/sjrn_autocx.js
Requested by
Host: www.galleybayresort.com
URL: https://www.galleybayresort.com/wp-content/plugins/wp-sojern/public/js/wp-sojern-public.js?ver=4.5.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.188.9 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
9.188.244.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
a48afcdd03f4564488705ee1d770061af2c928c8b5ed5653a3dc9c95a8aab1fc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.galleybayresort.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 13:42:30 GMT
age
164
x-guploader-uploadid
ABPtcPqFaHbrFYvyYYsS0mHcwe-eklpaK8q-44zqPl3wd2mIl8s7i7f2GfYKbaZoZy1LnF8ZSdk
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14754
last-modified
Fri, 05 Jan 2024 16:18:13 GMT
server
UploadServer
etag
"dbb1990f7a59a25184dbe4890dded809"
x-goog-generation
1704471493641820
x-goog-hash
crc32c=HftQZQ==, md5=27GZD3pZolGE2+SJDd7YCQ==
content-type
text/javascript
cache-control
public, max-age=3600
x-goog-stored-content-length
14754
accept-ranges
bytes
expires
Tue, 30 Jan 2024 14:42:30 GMT
kendo.common.min.css
galleybay.eliteislandvacations.com//UI/Content/Kendo223/ 		359 KB
58 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://galleybay.eliteislandvacations.com//UI/Content/Kendo223/kendo.common.min.css
Requested by
Host: galleybay.eliteislandvacations.com
URL: https://galleybay.eliteislandvacations.com/box.aspx?ver=6.4.2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
44.210.209.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-210-209-13.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
bf980ee2914592d5353827464b9bfadb6000c1b2edf8dc31a7af979c984e9f34

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.galleybayresort.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 13:45:14 GMT
content-encoding
gzip
last-modified
Mon, 19 Dec 2022 13:21:45 GMT
server
Microsoft-IIS/10.0
etag
"80ba34d7ac13d91:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public,max-age=31536000
accept-ranges
bytes
content-length
59646
kendo.default.min.css
galleybay.eliteislandvacations.com//UI/Content/Kendo223/ 		134 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://galleybay.eliteislandvacations.com//UI/Content/Kendo223/kendo.default.min.css
Requested by
Host: galleybay.eliteislandvacations.com
URL: https://galleybay.eliteislandvacations.com/box.aspx?ver=6.4.2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
44.210.209.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-210-209-13.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e9d444751bf01821fb2579585cffef0b1142e797af825ac2f23a48d167799910

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.galleybayresort.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 13:45:14 GMT
content-encoding
gzip
last-modified
Mon, 19 Dec 2022 10:22:31 GMT
server
Microsoft-IIS/10.0
etag
"808d52cd9313d91:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public,max-age=31536000
accept-ranges
bytes
content-length
18366
strip.css
galleybay.eliteislandvacations.com/Content/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://galleybay.eliteislandvacations.com/Content/strip.css
Requested by
Host: galleybay.eliteislandvacations.com
URL: https://galleybay.eliteislandvacations.com/box.aspx?ver=6.4.2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
44.210.209.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-210-209-13.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
2b0bcbcab929c6afe6caffb3a1e4d51f05a76f2fb7fd6cc7dff8f44fa529d2af

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.galleybayresort.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 13:45:14 GMT
content-encoding
gzip
last-modified
Fri, 20 Oct 2023 16:59:01 GMT
server
Microsoft-IIS/10.0
etag
"803842b9763da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public,max-age=31536000
accept-ranges
bytes
content-length
1283
strip.css
galleybay.eliteislandvacations.com/Content/Template/EIR/ 		79 B
296 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://galleybay.eliteislandvacations.com/Content/Template/EIR/strip.css
Requested by
Host: galleybay.eliteislandvacations.com
URL: https://galleybay.eliteislandvacations.com/box.aspx?ver=6.4.2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
44.210.209.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-210-209-13.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
1567596ad04275212996f16a138a4ba47e171863945d389561254f20e8e23327

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.galleybayresort.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 13:45:14 GMT
content-encoding
gzip
last-modified
Mon, 27 Feb 2023 11:00:39 GMT
server
Microsoft-IIS/10.0
etag
"1aa119ba9a4ad91:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public,max-age=31536000
accept-ranges
bytes
content-length
189
strip.css
galleybay.eliteislandvacations.com/Content/Site/EIG/ 		3 B
231 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://galleybay.eliteislandvacations.com/Content/Site/EIG/strip.css
Requested by
Host: galleybay.eliteislandvacations.com
URL: https://galleybay.eliteislandvacations.com/box.aspx?ver=6.4.2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
44.210.209.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-210-209-13.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.galleybayresort.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 13:45:14 GMT
content-encoding
gzip
last-modified
Fri, 29 May 2020 12:26:17 GMT
server
Microsoft-IIS/10.0
etag
"66ddce59b435d61:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public,max-age=31536000
accept-ranges
bytes
content-length
125
bundle.external.min.js
galleybay.eliteislandvacations.com//Scripts/ 		1 MB
289 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://galleybay.eliteislandvacations.com//Scripts/bundle.external.min.js?v=0126080909
Requested by
Host: www.galleybayresort.com
URL: https://www.galleybayresort.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
44.210.209.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-210-209-13.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
80958c5459618ff5e9a712f384d23d233d9bc2ef7607aed9580f2d9c9035090f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.galleybayresort.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 13:45:14 GMT
content-encoding
gzip
last-modified
Fri, 26 Jan 2024 13:09:09 GMT
server
Microsoft-IIS/10.0
etag
"808811d95850da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000
accept-ranges
bytes
content-length
295406
ytc.js
s.yimg.com/wi/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/wi/ytc.js
Requested by
Host: www.galleybayresort.com
URL: https://www.galleybayresort.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
480b06b23e574b4bf386fde1a91145a4171f97aeb5ee800e4be1850f29b1ad91
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.galleybayresort.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

ats-carp-promotion
1, 1
date
Tue, 30 Jan 2024 12:56:04 GMT
x-amz-version-id
xC6OTTJGIjCqkMTkbrZpmtbXHK5oaZhW
content-encoding
gzip
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-amz-request-id
1MAA646ZE5KM95TN
age
2951
x-amz-server-side-encryption
AES256
content-length
6262
x-amz-id-2
joZFo1QFiBDhlfpQhwk8YWMEDyKYNTlFC7GmKjrhcWKityc1kOPz6jxOVz+sQwoXZNKvQGE2tYc=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
x-amz-expiration
expiry-date="Wed, 31 Jul 2024 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified
Mon, 26 Jun 2023 09:26:35 GMT
server
ATS
etag
"5c6ed25dce803fd84288922b8928409e-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin, Accept-Encoding
content-type
application/javascript
cache-control
public,max-age=3600
accept-ranges
bytes
4iCs6KVjbNBYlgoKfw72.woff2
fonts.gstatic.com/s/ubuntu/v20/ 		34 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ubuntu/v20/4iCs6KVjbNBYlgoKfw72.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Playfair+Display&family=Ubuntu&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.galleybayresort.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 19:39:36 GMT
x-content-type-options
nosniff
age
324338
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34852
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:31:23 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 25 Jan 2025 19:39:36 GMT
LYjNdG7kmE0gfaN9pQ.woff2
fonts.gstatic.com/s/teko/v20/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/teko/v20/LYjNdG7kmE0gfaN9pQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C400italic%2C700%2C700italic%7CTeko%3A300%2C400%2C500%2C600%2C700%7CSource%2BSans%2BPro%3A200%2C200i%2C300%2C300i%2C400%2C400i%2C600%2C600i%2C700%2C700i%2C900%2C900i&subset=latin%2Clatin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
714088bef569d6981bfae79530ef315f4d6505f302a944ce9063601919977e6f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.galleybayresort.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 10:08:40 GMT
x-content-type-options
nosniff
age
99394
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15044
x-xss-protection
0
last-modified
Thu, 24 Aug 2023 21:55:11 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 28 Jan 2025 10:08:40 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 		47 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C400italic%2C700%2C700italic%7CTeko%3A300%2C400%2C500%2C600%2C700%7CSource%2BSans%2BPro%3A200%2C200i%2C300%2C300i%2C400%2C400i%2C600%2C600i%2C700%2C700i%2C900%2C900i&subset=latin%2Clatin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.galleybayresort.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 03:10:01 GMT
x-content-type-options
nosniff
age
38113
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48236
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 29 Jan 2025 03:10:01 GMT
truncated
/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c9ee01ee8903499cb90168df3d5de82fdcf4660511aa12e06207bca6ccfdf064

Request headers

Referer
Origin
https://www.galleybayresort.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
nuFvD-vYSZviVYUb_rj3ij__anPXJzDwcbmjWBN2PKdFvXDXbtM.woff2
fonts.gstatic.com/s/playfairdisplay/v36/ 		21 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/playfairdisplay/v36/nuFvD-vYSZviVYUb_rj3ij__anPXJzDwcbmjWBN2PKdFvXDXbtM.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Playfair+Display&family=Ubuntu&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c49dba84c1cbff67508623a16507105bde5be084f2beabcc276b03c4555968e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.galleybayresort.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 15:41:56 GMT
x-content-type-options
nosniff
age
597798
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21904
x-xss-protection
0
last-modified
Thu, 24 Aug 2023 20:43:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 Jan 2025 15:41:56 GMT
arrow_right.png
www.galleybayresort.com/wp-content/uploads/2017/08/ 		378 B
541 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.galleybayresort.com/wp-content/uploads/2017/08/arrow_right.png
Requested by
Host: www.galleybayresort.com
URL: https://www.galleybayresort.com/wp-content/themes/galleybay-child-theme/style.css?ver=6.4.2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
940084b2ccd34c3b4e4a9ac473eef00b93fa91bea3991bd1212536dbe138a5a4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.galleybayresort.com/wp-content/themes/galleybay-child-theme/style.css?ver=6.4.2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 13:45:14 GMT
cf-cache-status
MISS
last-modified
Fri, 13 Aug 2021 03:18:55 GMT
server
cloudflare
etag
"6115e49f-17a"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
84da27796ce52675-TXL
alt-svc
h3=":443"; ma=86400
content-length
378
arrow_left.png
www.galleybayresort.com/wp-content/uploads/2017/08/ 		417 B
580 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.galleybayresort.com/wp-content/uploads/2017/08/arrow_left.png
Requested by
Host: www.galleybayresort.com
URL: https://www.galleybayresort.com/wp-content/themes/galleybay-child-theme/style.css?ver=6.4.2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6852a7a579517cfd5da4bd237f1d1df6be8da8b5d49e60f315cba3ee42b3434e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.galleybayresort.com/wp-content/themes/galleybay-child-theme/style.css?ver=6.4.2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 13:45:14 GMT
cf-cache-status
MISS
last-modified
Fri, 13 Aug 2021 03:18:55 GMT
server
cloudflare
etag
"6115e49f-1a1"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
84da27796ce72675-TXL
alt-svc
h3=":443"; ma=86400
content-length
417
recaptcha__de.js
www.gstatic.com/recaptcha/releases/QUpyTKFkX5CIV6EF8TFSWEif/ 		485 KB
195 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/QUpyTKFkX5CIV6EF8TFSWEif/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
904a9fb41a8def7934e36f12709f58182802250aaeec2d39b80e285941d47093
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.galleybayresort.com/
Origin
https://www.galleybayresort.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 12:11:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5652
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
198685
x-xss-protection
0
last-modified
Mon, 22 Jan 2024 05:28:49 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 29 Jan 2025 12:11:02 GMT
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v40/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400%7COpen+Sans:400&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e7af9d60d875eb1c1b1037bbbfdec41fcb096d0ebcf98a48717ad8b07906ced6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.galleybayresort.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 06:10:26 GMT
x-content-type-options
nosniff
age
459288
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18668
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:00:39 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 24 Jan 2025 06:10:26 GMT
10192854.json
s.yimg.com/wi/config/ 		2 B
487 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/wi/config/10192854.json
Requested by
Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.galleybayresort.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 13:45:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-request-id
AV8DHZ9YC46WFK16
age
3
content-length
22
x-amz-id-2
LMNlif1VISK2cNq9VskaGywKJ5NcS9KvYvU4/M4xCy+CuL3kFG9crTNXbm/ECkETBQpUS0DJzek=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
server
ATS
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
public,max-age=3600
sp.pl
sp.analytics.yahoo.com/ 		43 B
633 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Tue%2C%2030%20Jan%202024%2013%3A45%3A15%20GMT&n=-1&b=Galley%20Bay%20Resort%20%26%20Spa%20-%20Antigua%20All%20Inclusive%20Adults%20Only&.yp=10192854&f=https%3A%2F%2Fwww.galleybayresort.com%2F&enc=UTF-8&yv=1.15.1
Requested by
Host: www.galleybayresort.com
URL: https://www.galleybayresort.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
spdc.pbp.vip.ir2.yahoo.com
Software
ATS /
Resource Hash
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.galleybayresort.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Jan 2024 13:45:15 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
cache-control
no-cache, private, must-revalidate
accept-ranges
bytes
content-length
43
expires
Tue, 30 Jan 2024 13:45:15 GMT
admin-ajax.php
www.galleybayresort.com/wp-admin/ 		498 B
490 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.galleybayresort.com/wp-admin/admin-ajax.php
Requested by
Host: www.galleybayresort.com
URL: https://www.galleybayresort.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / WP Engine
Resource Hash
852754fd845e27c7a8fa088a1af153384f2f73db0999628f817cebb7b07e882f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache, no-store, must-revalidate
Referer
https://www.galleybayresort.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Tue, 30 Jan 2024 13:45:15 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-powered-by
WP Engine
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css;charset=UTF-8
access-control-allow-origin
https://www.galleybayresort.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
cf-ray
84da277d4bb62675-TXL
expires
Sat, 26 Jul 1997 05:00:00 GMT
wp-emoji-release.min.js
www.galleybayresort.com/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.galleybayresort.com/wp-includes/js/wp-emoji-release.min.js?ver=6.4.2
Requested by
Host: www.galleybayresort.com
URL: https://www.galleybayresort.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.galleybayresort.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 13:45:15 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 02 Feb 2023 00:53:25 GMT
server
cloudflare
age
356406
etag
W/"63db0985-4904"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
84da277d4bb72675-TXL
alt-svc
h3=":443"; ma=86400
anchor
www.google.com/recaptcha/api2/ Frame 6FB2 		45 KB
28 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld2Cf4oAAAAAHrUugitbwFB64R81DdA-e-lXL9X&co=aHR0cHM6Ly93d3cuZ2FsbGV5YmF5cmVzb3J0LmNvbTo0NDM.&hl=de&v=QUpyTKFkX5CIV6EF8TFSWEif&size=invisible&sa=submit&cb=33bf6p9a12o1
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/QUpyTKFkX5CIV6EF8TFSWEif/recaptcha__de.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
a8afd048b61d297aa84949da4a8674dd9ab691cdd5778286e41cb09dcc79f735
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-fhFdNPlhM90m4SxpnlBF5w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.galleybayresort.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-fhFdNPlhM90m4SxpnlBF5w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 30 Jan 2024 13:45:15 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
player.js
player.vimeo.com/api/ 		37 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.vimeo.com/api/player.js
Requested by
Host: www.galleybayresort.com
URL: https://www.galleybayresort.com/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.6.16
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.159.128.61 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6e797fdd37f20f47b0150c3287d7cc0745533bc839426ae0d47532fd2703be5
Security Headers
Name Value
Content-Security-Policy default-src 'none'; style-src 'unsafe-inline'

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.galleybayresort.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Tue, 30 Jan 2024 08:53:43 GMT
Date
Tue, 30 Jan 2024 13:45:15 GMT
content-security-policy
default-src 'none'; style-src 'unsafe-inline'
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
Via
1.1 varnish
Age
1292
X-Cache
HIT
Connection
keep-alive
x-backend-server
player-backend-edge-entry
Content-Length
11228
X-Served-By
cache-cph2320048-CPH
x-player-backend
g
Server
cloudflare
X-Timer
S1706622315.297080,VS0,VE0
Vary
Accept-Encoding
Content-Type
application/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
max-age=1800
x-bapp-server
Accept-Ranges
bytes
CF-RAY
84da277e6e2a4522-TXL
X-Cache-Hits
766
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/11045114480/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11045114480/?random=1706622315234&cv=11&fst=1706622315234&bg=ffffff&guid=ON&async=1&gtm=45be41o0v9128902730&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.galleybayresort.com%2F&hn=www.googleadservices.com&frm=0&tiba=Galley%20Bay%20Resort%20%26%20Spa%20-%20Antigua%20All%20Inclusive%20Adults%20Only&pscdl=noapi&auid=1309644098.1706622315&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-11045114480
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
02511b5b5c24ec7763460ca1635d70f1da7b408aa87fba5d3224771a32cbf137
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.galleybayresort.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Jan 2024 13:45:15 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1297
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-MMN2ZV07GX&gtm=45je41o0v890957323&_p=1706622314441&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1835512317.1706622315&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1706622315&sct=1&seg=0&dl=https%3A%2F%2Fwww.galleybayresort.com%2F&dt=Galley%20Bay%20Resort%20%26%20Spa%20-%20Antigua%20All%20Inclusive%20Adults%20Only&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=3474
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MMN2ZV07GX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.galleybayresort.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Jan 2024 13:45:15 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.galleybayresort.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
251 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-ZRRPCF7DFD&gtm=45je41o0v898508871&_p=1706622314441&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1835512317.1706622315&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1706622315&sct=1&seg=0&dl=https%3A%2F%2Fwww.galleybayresort.com%2F&dt=Galley%20Bay%20Resort%20%26%20Spa%20-%20Antigua%20All%20Inclusive%20Adults%20Only&en=page_view&_fv=1&_ss=1&_ee=1&tfd=3487
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZRRPCF7DFD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.galleybayresort.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Jan 2024 13:45:15 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.galleybayresort.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
236.html
static.sojern.com/cip/c/ Frame FB46 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://static.sojern.com/cip/c/236.html?f_v=cp_v3_js&p_v=8&version=5&auto_url=https%3A%2F%2Fwww.galleybayresort.com%2F&auto_ccid=hswva-e132y-u19jv-vtzfd-84qaw&auto_ga=&e_eml=null&auto_eml=cHJlc3NAZWxpdGVpc2xhbmRyZXNvcnRzLmNvbQ%253D%253D&auto_eml_count=1&auto_eml_domain=ZWxpdGVpc2xhbmRyZXNvcnRzLmNvbQ%253D%253D&ws=1600x1200&tz=-60&n=tf%3ANGd8MTB8MHw4fDR8ZW4tVVN8ZW4tVVMsZW58V2luMzJ8ZmFsc2V8fDF8MjR8MjR8MTYwMHwxMjAwfDM3NjAwMDAwMDB8RXVyb3BlL0JlcmxpbnxmYWxzZQ%3D%3D&hpid=2&pt=HOME_PAGE&et=
Requested by
Host: www.galleybayresort.com
URL: https://www.galleybayresort.com/wp-content/plugins/wp-sojern/public/js/wp-sojern-public.js?ver=4.5.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.188.9 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
9.188.244.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b47d4b5508e8c4756e37d5904890bd67194c62d18e8334acdfde12a81e9371b3

Request headers

Referer
https://www.galleybayresort.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-length
1127
content-type
text/html
date
Tue, 30 Jan 2024 13:45:15 GMT
etag
"ce235531c500cc5d16d0c44e8cd2714e"
expires
Tue, 30 Jan 2024 14:45:15 GMT
last-modified
Wed, 08 Dec 2021 11:09:58 GMT
server
UploadServer
x-goog-generation
1638961798696882
x-goog-hash
crc32c=YMaHyA== md5=ziNVMcUAzF0W0MROjNJxTg==
x-goog-metageneration
1
x-goog-storage-class
STANDARD
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
1127
x-guploader-uploadid
ABPtcPpCjzkp17vyAR-M2815G_vWiKmBiaszSKOmSgsexxNvsaW5yuqVhnzfaEQU6ty6mtWiGRk
878791389
player.vimeo.com/video/ Frame 6625 		0
0
transparent.png
www.galleybayresort.com/wp-content/plugins/revslider/public/assets/assets/ 		115 B
355 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.galleybayresort.com/wp-content/plugins/revslider/public/assets/assets/transparent.png
Requested by
Host: www.galleybayresort.com
URL: https://www.galleybayresort.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
eaf42866abe8a1f17bb85c9929b629337f575d033a7fc925901ae7d1455c42de

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.galleybayresort.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 13:45:15 GMT
cf-cache-status
HIT
cf-polished
origFmt=png, origSize=122
content-disposition
inline; filename="transparent.webp"
alt-svc
h3=":443"; ma=86400
content-length
115
cf-bgj
imgq:100,h2pri
last-modified
Mon, 21 Aug 2023 16:10:49 GMT
server
cloudflare
etag
"64e38c89-7a"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
84da277e8e5c2675-TXL
openhand.cur
www.galleybayresort.com/wp-content/plugins/revslider/public/assets/css/ 		326 B
580 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.galleybayresort.com/wp-content/plugins/revslider/public/assets/css/openhand.cur
Requested by
Host: www.galleybayresort.com
URL: https://www.galleybayresort.com/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.6.16
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
080627fa359156339e79f118fa66a6937f09ff679fe87e8afa473b95c8168d35

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.galleybayresort.com/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.6.16
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 13:45:15 GMT
x-cache-group
normal
cf-cache-status
DYNAMIC
last-modified
Mon, 21 Aug 2023 16:10:50 GMT
x-cacheable
SHORT
server
cloudflare
etag
"64e38c8a-146"
vary
Accept-Encoding,Cookie
x-cache
MISS
content-type
application/octet-stream
cache-control
max-age=600, must-revalidate
accept-ranges
bytes
cf-ray
84da277e9e812675-TXL
alt-svc
h3=":443"; ma=86400
content-length
326
styles__ltr.css
www.gstatic.com/recaptcha/releases/QUpyTKFkX5CIV6EF8TFSWEif/ Frame 6FB2 		55 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/QUpyTKFkX5CIV6EF8TFSWEif/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld2Cf4oAAAAAHrUugitbwFB64R81DdA-e-lXL9X&co=aHR0cHM6Ly93d3cuZ2FsbGV5YmF5cmVzb3J0LmNvbTo0NDM.&hl=de&v=QUpyTKFkX5CIV6EF8TFSWEif&size=invisible&sa=submit&cb=33bf6p9a12o1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 13:24:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1254
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24606
x-xss-protection
0
last-modified
Mon, 22 Jan 2024 05:28:49 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 29 Jan 2025 13:24:21 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/QUpyTKFkX5CIV6EF8TFSWEif/ Frame 6FB2 		485 KB
194 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/QUpyTKFkX5CIV6EF8TFSWEif/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld2Cf4oAAAAAHrUugitbwFB64R81DdA-e-lXL9X&co=aHR0cHM6Ly93d3cuZ2FsbGV5YmF5cmVzb3J0LmNvbTo0NDM.&hl=de&v=QUpyTKFkX5CIV6EF8TFSWEif&size=invisible&sa=submit&cb=33bf6p9a12o1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
904a9fb41a8def7934e36f12709f58182802250aaeec2d39b80e285941d47093
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 12:11:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5653
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
198685
x-xss-protection
0
last-modified
Mon, 22 Jan 2024 05:28:49 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 29 Jan 2025 12:11:02 GMT
loader.gif
www.galleybayresort.com/wp-content/plugins/revslider/public/assets/assets/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.galleybayresort.com/wp-content/plugins/revslider/public/assets/assets/loader.gif
Requested by
Host: www.galleybayresort.com
URL: https://www.galleybayresort.com/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.6.16
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
9034d5d34015e4b05d2c1d1a8dc9f6ec9d59bd96d305eb9e24e24e65c591a645

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.galleybayresort.com/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.6.16
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 13:45:15 GMT
cf-cache-status
MISS
last-modified
Mon, 21 Aug 2023 16:10:49 GMT
server
cloudflare
etag
"64e38c89-9f1"
vary
Accept-Encoding
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
84da277ececb2675-TXL
alt-svc
h3=":443"; ma=86400
content-length
2545
878791389
player.vimeo.com/video/ Frame 6625 		14 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://player.vimeo.com/video/878791389?loop=1&autoplay=1&title=0&byline=0&portrait=0&background=1&player_id=iframe75264
Requested by
Host: www.galleybayresort.com
URL: https://www.galleybayresort.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.159.128.61 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca7122323c9b46ffdea7fef9086e60697d41ea2c3cb4405f33e0767278e3012c
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'self' 'unsafe-inline' https://*.vimeocdn.com 'unsafe-eval' blob: resource: https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://cdn.kollective.app/ https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv; style-src 'self' 'unsafe-inline' https://*.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com https://edge-player5.wirewax.com; connect-src 'self' ws: wss: https://vimeo.com https://api.vimeo.com https://csi.gstatic.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://drm-gke.vhx.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://*.dna-delivery.com https://*.kollective.app https://*.kollective.app:31015 https://*.kollectivecd.com https://*.hivestreaming.com https://mimir.cloud.vimeo.com https://vimeo.magisto.com https://stage-proxy.vimeo.magisto.com https://*.wirewax.com https://*.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com; font-src data: https://edge-assets.wirewax.com https://branding.cdn.magisto.com https://fonts.gstatic.com https://player.vimeo.com; img-src 'self' data: https://player.vimeo.com https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://*.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://i.vimeocdn.com https://duysrfiajusdh.cloudfront.net https://d263mgllkjh2k2.cloudfront.net https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://maps.googleapis.com android-webview-video-poster:; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com; frame-src 'self' https://*; report-uri /_csp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.galleybayresort.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

CF-Cache-Status
DYNAMIC
CF-RAY
84da277edf364522-TXL
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Tue, 30 Jan 2024 13:45:15 GMT
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
Via
1.1 varnish
X-Cache
MISS
X-Cache-Hits
0
X-Served-By
cache-cph2320023-CPH
X-Timer
S1706622315.370787,VS0,VE295
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-security-policy
default-src 'none'; script-src 'self' 'unsafe-inline' https://*.vimeocdn.com 'unsafe-eval' blob: resource: https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://cdn.kollective.app/ https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv; style-src 'self' 'unsafe-inline' https://*.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com https://edge-player5.wirewax.com; connect-src 'self' ws: wss: https://vimeo.com https://api.vimeo.com https://csi.gstatic.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://drm-gke.vhx.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://*.dna-delivery.com https://*.kollective.app https://*.kollective.app:31015 https://*.kollectivecd.com https://*.hivestreaming.com https://mimir.cloud.vimeo.com https://vimeo.magisto.com https://stage-proxy.vimeo.magisto.com https://*.wirewax.com https://*.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com; font-src data: https://edge-assets.wirewax.com https://branding.cdn.magisto.com https://fonts.gstatic.com https://player.vimeo.com; img-src 'self' data: https://player.vimeo.com https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://*.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://i.vimeocdn.com https://duysrfiajusdh.cloudfront.net https://d263mgllkjh2k2.cloudfront.net https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://maps.googleapis.com android-webview-video-poster:; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com; frame-src 'self' https://*; report-uri /_csp
expires
Fri, 15 Dec 1985 19:30:00 GMT
link
<https://fresnel.vimeocdn.com>; rel=preconnect; crossorigin <https://i.vimeocdn.com>; rel=preconnect; crossorigin <https://f.vimeocdn.com>; rel=preconnect; crossorigin
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-backend-server
player-backend-edge-entry
x-bapp-server
player-backend-6b8f8c5887-qmk87
x-content-type-options
nosniff
x-host
player-backend-6b8f8c5887-qmk87
x-player-backend
g
x-xss-protection
1; mode=block
hasher.js
static.sojern.com/cip/ Frame FB46 		18 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.sojern.com/cip/hasher.js
Requested by
Host: static.sojern.com
URL: https://static.sojern.com/cip/c/236.html?f_v=cp_v3_js&p_v=8&version=5&auto_url=https%3A%2F%2Fwww.galleybayresort.com%2F&auto_ccid=hswva-e132y-u19jv-vtzfd-84qaw&auto_ga=&e_eml=null&auto_eml=cHJlc3NAZWxpdGVpc2xhbmRyZXNvcnRzLmNvbQ%253D%253D&auto_eml_count=1&auto_eml_domain=ZWxpdGVpc2xhbmRyZXNvcnRzLmNvbQ%253D%253D&ws=1600x1200&tz=-60&n=tf%3ANGd8MTB8MHw4fDR8ZW4tVVN8ZW4tVVMsZW58V2luMzJ8ZmFsc2V8fDF8MjR8MjR8MTYwMHwxMjAwfDM3NjAwMDAwMDB8RXVyb3BlL0JlcmxpbnxmYWxzZQ%3D%3D&hpid=2&pt=HOME_PAGE&et=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.188.9 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
9.188.244.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
ded6dff29c705adb48c831fe4a652814472affd0e7164d66832b00f594573b7f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.sojern.com/cip/c/236.html?f_v=cp_v3_js&p_v=8&version=5&auto_url=https%3A%2F%2Fwww.galleybayresort.com%2F&auto_ccid=hswva-e132y-u19jv-vtzfd-84qaw&auto_ga=&e_eml=null&auto_eml=cHJlc3NAZWxpdGVpc2xhbmRyZXNvcnRzLmNvbQ%253D%253D&auto_eml_count=1&auto_eml_domain=ZWxpdGVpc2xhbmRyZXNvcnRzLmNvbQ%253D%253D&ws=1600x1200&tz=-60&n=tf%3ANGd8MTB8MHw4fDR8ZW4tVVN8ZW4tVVMsZW58V2luMzJ8ZmFsc2V8fDF8MjR8MjR8MTYwMHwxMjAwfDM3NjAwMDAwMDB8RXVyb3BlL0JlcmxpbnxmYWxzZQ%3D%3D&hpid=2&pt=HOME_PAGE&et=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 13:04:27 GMT
age
2448
x-guploader-uploadid
ABPtcPqVN7S6SPsYMZk4V7oS2BtXYfjPHMvU7lPFpkWyiG-t9oEHdEBmEQFRWCibi1wcGJK9hAA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18469
last-modified
Tue, 07 Dec 2021 16:23:19 GMT
server
UploadServer
etag
"676881567863e15eb1b6aa81b384455c"
x-goog-generation
1638894199335821
x-goog-hash
crc32c=T9fXIw==, md5=Z2iBVnhj4V6xtqqBs4RFXA==
content-type
text/javascript
cache-control
public, max-age=3600
x-goog-stored-content-length
18469
accept-ranges
bytes
expires
Tue, 30 Jan 2024 14:04:27 GMT
create_params.js
static.sojern.com/utils/ Frame FB46 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.sojern.com/utils/create_params.js
Requested by
Host: static.sojern.com
URL: https://static.sojern.com/cip/c/236.html?f_v=cp_v3_js&p_v=8&version=5&auto_url=https%3A%2F%2Fwww.galleybayresort.com%2F&auto_ccid=hswva-e132y-u19jv-vtzfd-84qaw&auto_ga=&e_eml=null&auto_eml=cHJlc3NAZWxpdGVpc2xhbmRyZXNvcnRzLmNvbQ%253D%253D&auto_eml_count=1&auto_eml_domain=ZWxpdGVpc2xhbmRyZXNvcnRzLmNvbQ%253D%253D&ws=1600x1200&tz=-60&n=tf%3ANGd8MTB8MHw4fDR8ZW4tVVN8ZW4tVVMsZW58V2luMzJ8ZmFsc2V8fDF8MjR8MjR8MTYwMHwxMjAwfDM3NjAwMDAwMDB8RXVyb3BlL0JlcmxpbnxmYWxzZQ%3D%3D&hpid=2&pt=HOME_PAGE&et=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.188.9 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
9.188.244.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
2889147edb550aef849e10ba2230d6b1f65a0f8831b45f642bfc0ee185babe38

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.sojern.com/cip/c/236.html?f_v=cp_v3_js&p_v=8&version=5&auto_url=https%3A%2F%2Fwww.galleybayresort.com%2F&auto_ccid=hswva-e132y-u19jv-vtzfd-84qaw&auto_ga=&e_eml=null&auto_eml=cHJlc3NAZWxpdGVpc2xhbmRyZXNvcnRzLmNvbQ%253D%253D&auto_eml_count=1&auto_eml_domain=ZWxpdGVpc2xhbmRyZXNvcnRzLmNvbQ%253D%253D&ws=1600x1200&tz=-60&n=tf%3ANGd8MTB8MHw4fDR8ZW4tVVN8ZW4tVVMsZW58V2luMzJ8ZmFsc2V8fDF8MjR8MjR8MTYwMHwxMjAwfDM3NjAwMDAwMDB8RXVyb3BlL0JlcmxpbnxmYWxzZQ%3D%3D&hpid=2&pt=HOME_PAGE&et=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 13:31:23 GMT
age
832
x-guploader-uploadid
ABPtcPoyuwouZYnV700LoSeq3Xj-GsAZh41ZBuIUIU02m7xmWHuUd3AmdQ9VdQfMiwBWHORJz-HA3Q_xHQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4169
last-modified
Mon, 06 Nov 2023 11:24:16 GMT
server
UploadServer
etag
"2b163d716f1c21a97c6c0251b281d84b"
x-goog-generation
1699269856296451
x-goog-hash
crc32c=/7KU3A==, md5=KxY9cW8cIal8bAJRsoHYSw==
content-type
text/javascript
cache-control
public, max-age=3600
x-goog-stored-content-length
4169
accept-ranges
bytes
expires
Tue, 30 Jan 2024 14:31:23 GMT
/
www.google.com/pagead/1p-user-list/11045114480/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/11045114480/?random=1706622315234&cv=11&fst=1706619600000&bg=ffffff&guid=ON&async=1&gtm=45be41o0v9128902730&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.galleybayresort.com%2F&frm=0&tiba=Galley%20Bay%20Resort%20%26%20Spa%20-%20Antigua%20All%20Inclusive%20Adults%20Only&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_VqnB3I37qoCnz94zYTqfZ-2Bq7LXpw&random=431542575&rmt_tld=0&ipr=y
Requested by
Host: www.galleybayresort.com
URL: https://www.galleybayresort.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.galleybayresort.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Jan 2024 13:45:15 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/11045114480/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/11045114480/?random=1706622315234&cv=11&fst=1706619600000&bg=ffffff&guid=ON&async=1&gtm=45be41o0v9128902730&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.galleybayresort.com%2F&frm=0&tiba=Galley%20Bay%20Resort%20%26%20Spa%20-%20Antigua%20All%20Inclusive%20Adults%20Only&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_VqnB3I37qoCnz94zYTqfZ-2Bq7LXpw&random=431542575&rmt_tld=1&ipr=y
Requested by
Host: www.galleybayresort.com
URL: https://www.galleybayresort.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.galleybayresort.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Jan 2024 13:45:16 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
236
beacon.sojern.com/pixel/cp/ Frame FB46 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://beacon.sojern.com/pixel/cp/236?f_v=cp_v3_js&p_v=4&f_v=cp_v3_js&cid=s%3Dccid_auto%7Cf_v%3Dcp_v3_js%7Cp_v%3D8%7Cversion%3D5%7Cauto_url%3Dhttps%253A%252F%252Fwww.galleybayresort.com%252F%7Cauto_ccid%3Dhswva-e132y-u19jv-vtzfd-84qaw%7Cauto_ga%3D%7Cauto_eml_count%3D1%7Cws%3D1600x1200%7Ctz%3D-60%7Cn%3Dtf%253ANGd8MTB8MHw4fDR8ZW4tVVN8ZW4tVVMsZW58V2luMzJ8ZmFsc2V8fDF8MjR8MjR8MTYwMHwxMjAwfDM3NjAwMDAwMDB8RXVyb3BlL0JlcmxpbnxmYWxzZQ%253D%253D%7Chpid%3D2%7Cpt%3DHOME_PAGE%7Cet%3D&p_v=8&version=5&ws=1600x1200&tz=-60&n=tf%3ANGd8MTB8MHw4fDR8ZW4tVVN8ZW4tVVMsZW58V2luMzJ8ZmFsc2V8fDF8MjR8MjR8MTYwMHwxMjAwfDM3NjAwMDAwMDB8RXVyb3BlL0JlcmxpbnxmYWxzZQ%3D%3D&hpid=2&pt=HOME_PAGE&et=&domain=https%3A%2F%2Fwww.galleybayresort.com%2F&s=ccid_auto&ccid=hswva-e132y-u19jv-vtzfd-84qaw
Requested by
Host: static.sojern.com
URL: https://static.sojern.com/cip/c/236.html?f_v=cp_v3_js&p_v=8&version=5&auto_url=https%3A%2F%2Fwww.galleybayresort.com%2F&auto_ccid=hswva-e132y-u19jv-vtzfd-84qaw&auto_ga=&e_eml=null&auto_eml=cHJlc3NAZWxpdGVpc2xhbmRyZXNvcnRzLmNvbQ%253D%253D&auto_eml_count=1&auto_eml_domain=ZWxpdGVpc2xhbmRyZXNvcnRzLmNvbQ%253D%253D&ws=1600x1200&tz=-60&n=tf%3ANGd8MTB8MHw4fDR8ZW4tVVN8ZW4tVVMsZW58V2luMzJ8ZmFsc2V8fDF8MjR8MjR8MTYwMHwxMjAwfDM3NjAwMDAwMDB8RXVyb3BlL0JlcmxpbnxmYWxzZQ%3D%3D&hpid=2&pt=HOME_PAGE&et=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.178.244.119 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
119.244.178.107.bc.googleusercontent.com
Software
/
Resource Hash
a4da3191cc557675b87417e90bb3f0516bb285eebabc91a22425c2e12caef869

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.sojern.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 13:45:16 GMT
content-encoding
gzip
via
1.1 google
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
MxL-5nwwlOXLnw48P5Qma8MW4lQG7Q2rhXcL3r2wtjE.js
www.google.com/js/bg/ Frame 6FB2 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/bg/MxL-5nwwlOXLnw48P5Qma8MW4lQG7Q2rhXcL3r2wtjE.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/QUpyTKFkX5CIV6EF8TFSWEif/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3312fee67c3094e5cb9f0e3c3f94266bc316e25406ed0dab85770bdebdb0b631
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld2Cf4oAAAAAHrUugitbwFB64R81DdA-e-lXL9X&co=aHR0cHM6Ly93d3cuZ2FsbGV5YmF5cmVzb3J0LmNvbTo0NDM.&hl=de&v=QUpyTKFkX5CIV6EF8TFSWEif&size=invisible&sa=submit&cb=33bf6p9a12o1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 10:15:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
98979
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6929
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 10:00:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 28 Jan 2025 10:15:36 GMT
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 6FB2 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/QUpyTKFkX5CIV6EF8TFSWEif/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/QUpyTKFkX5CIV6EF8TFSWEif/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 19:56:54 GMT
x-content-type-options
nosniff
age
64101
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Mon, 05 Feb 2024 19:56:54 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 6FB2 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld2Cf4oAAAAAHrUugitbwFB64R81DdA-e-lXL9X&co=aHR0cHM6Ly93d3cuZ2FsbGV5YmF5cmVzb3J0LmNvbTo0NDM.&hl=de&v=QUpyTKFkX5CIV6EF8TFSWEif&size=invisible&sa=submit&cb=33bf6p9a12o1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 23:26:56 GMT
x-content-type-options
nosniff
age
397099
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 24 Jan 2025 23:26:56 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 6FB2 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld2Cf4oAAAAAHrUugitbwFB64R81DdA-e-lXL9X&co=aHR0cHM6Ly93d3cuZ2FsbGV5YmF5cmVzb3J0LmNvbTo0NDM.&hl=de&v=QUpyTKFkX5CIV6EF8TFSWEif&size=invisible&sa=submit&cb=33bf6p9a12o1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 10:08:25 GMT
x-content-type-options
nosniff
age
99410
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 28 Jan 2025 10:08:25 GMT
background.js
f.vimeocdn.com/p/4.27.4/js/ Frame 6625 		427 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://f.vimeocdn.com/p/4.27.4/js/background.js
Requested by
Host: player.vimeo.com
URL: https://player.vimeo.com/video/878791389?loop=1&autoplay=1&title=0&byline=0&portrait=0&background=1&player_id=iframe75264
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.122.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
23cae9fee1024e6dcde1b8e545240df0c862f8d2f5ae8e58005e36d53edbd27f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.vimeo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-served-by
cache-iad-kjyo7100165-IAD, cache-fra-etou8220050-FRA
date
Tue, 30 Jan 2024 13:45:16 GMT
content-encoding
br
via
1.1 varnish, 1.1 varnish
age
75402
x-timer
S1706622316.160994,VS0,VE0
vary
Accept-Encoding,x-http-method-override
x-cache
HIT, HIT
content-type
application/javascript
cache-control
max-age=1209600
accept-ranges
bytes
content-length
105320
x-cache-hits
6, 2425
webworker.js
www.google.com/recaptcha/api2/ Frame 6FB2 		102 B
135 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=QUpyTKFkX5CIV6EF8TFSWEif
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld2Cf4oAAAAAHrUugitbwFB64R81DdA-e-lXL9X&co=aHR0cHM6Ly93d3cuZ2FsbGV5YmF5cmVzb3J0LmNvbTo0NDM.&hl=de&v=QUpyTKFkX5CIV6EF8TFSWEif&size=invisible&sa=submit&cb=33bf6p9a12o1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
45f3e73f5b5d8f1accdba00c41a0ac3c0a6fdeee2f7e7d7f517296e8161188bc
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld2Cf4oAAAAAHrUugitbwFB64R81DdA-e-lXL9X&co=aHR0cHM6Ly93d3cuZ2FsbGV5YmF5cmVzb3J0LmNvbTo0NDM.&hl=de&v=QUpyTKFkX5CIV6EF8TFSWEif&size=invisible&sa=submit&cb=33bf6p9a12o1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 13:45:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Tue, 30 Jan 2024 13:45:16 GMT
trackpoint-async.js
s2.adform.net/banners/scripts/st/ Frame FB46 		81 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Requested by
Host: beacon.sojern.com
URL: https://beacon.sojern.com/pixel/cp/236?f_v=cp_v3_js&p_v=4&f_v=cp_v3_js&cid=s%3Dccid_auto%7Cf_v%3Dcp_v3_js%7Cp_v%3D8%7Cversion%3D5%7Cauto_url%3Dhttps%253A%252F%252Fwww.galleybayresort.com%252F%7Cauto_ccid%3Dhswva-e132y-u19jv-vtzfd-84qaw%7Cauto_ga%3D%7Cauto_eml_count%3D1%7Cws%3D1600x1200%7Ctz%3D-60%7Cn%3Dtf%253ANGd8MTB8MHw4fDR8ZW4tVVN8ZW4tVVMsZW58V2luMzJ8ZmFsc2V8fDF8MjR8MjR8MTYwMHwxMjAwfDM3NjAwMDAwMDB8RXVyb3BlL0JlcmxpbnxmYWxzZQ%253D%253D%7Chpid%3D2%7Cpt%3DHOME_PAGE%7Cet%3D&p_v=8&version=5&ws=1600x1200&tz=-60&n=tf%3ANGd8MTB8MHw4fDR8ZW4tVVN8ZW4tVVMsZW58V2luMzJ8ZmFsc2V8fDF8MjR8MjR8MTYwMHwxMjAwfDM3NjAwMDAwMDB8RXVyb3BlL0JlcmxpbnxmYWxzZQ%3D%3D&hpid=2&pt=HOME_PAGE&et=&domain=https%3A%2F%2Fwww.galleybayresort.com%2F&s=ccid_auto&ccid=hswva-e132y-u19jv-vtzfd-84qaw
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
99c28ba77690124b83aea8cdbbb17ab1145ba247c791aeb4bad747b4248ac459

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.sojern.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 13:45:16 GMT
content-encoding
gzip
last-modified
Tue, 23 May 2023 09:56:34 GMT
server
nginx
x-amz-request-id
tx00000ea239e22e83b616b-00646c8ee1-3295d06f-default
etag
W/"f937ab3eef01c118930b200e5087d00d"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-rgw-object-type
Normal
cache-control
public, max-age=604800
fbevents.js
connect.facebook.net/en_US/ Frame FB46 		213 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: beacon.sojern.com
URL: https://beacon.sojern.com/pixel/cp/236?f_v=cp_v3_js&p_v=4&f_v=cp_v3_js&cid=s%3Dccid_auto%7Cf_v%3Dcp_v3_js%7Cp_v%3D8%7Cversion%3D5%7Cauto_url%3Dhttps%253A%252F%252Fwww.galleybayresort.com%252F%7Cauto_ccid%3Dhswva-e132y-u19jv-vtzfd-84qaw%7Cauto_ga%3D%7Cauto_eml_count%3D1%7Cws%3D1600x1200%7Ctz%3D-60%7Cn%3Dtf%253ANGd8MTB8MHw4fDR8ZW4tVVN8ZW4tVVMsZW58V2luMzJ8ZmFsc2V8fDF8MjR8MjR8MTYwMHwxMjAwfDM3NjAwMDAwMDB8RXVyb3BlL0JlcmxpbnxmYWxzZQ%253D%253D%7Chpid%3D2%7Cpt%3DHOME_PAGE%7Cet%3D&p_v=8&version=5&ws=1600x1200&tz=-60&n=tf%3ANGd8MTB8MHw4fDR8ZW4tVVN8ZW4tVVMsZW58V2luMzJ8ZmFsc2V8fDF8MjR8MjR8MTYwMHwxMjAwfDM3NjAwMDAwMDB8RXVyb3BlL0JlcmxpbnxmYWxzZQ%3D%3D&hpid=2&pt=HOME_PAGE&et=&domain=https%3A%2F%2Fwww.galleybayresort.com%2F&s=ccid_auto&ccid=hswva-e132y-u19jv-vtzfd-84qaw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
05e0d95e16595bcc9b3c0e4f2a0f1a455630f8ab577f682676162e3c87aefe20
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.sojern.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 30 Jan 2024 13:45:16 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
57161
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0"
pragma
public
x-fb-debug
Zo1N82jCL4j/3+tHEzMBXKKseDH66rZpnYJ2bPRQumYQhLlmx1+lSaaf5eXh/KSdUZcnMnHmOeC1arXr8rPAqg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
src=8835408;dc_pre=CIDVtMefhYQDFShSHgIdjYQJLw;type=homep0;cat=galle0;qty=1;cost=0;u1=s%3Dccid_auto%7Cf_v%3Dcp_v3_js%7Cp_v%3D8%7Cversion%3D5%7Cauto_url%3Dhttps%253A%252F%252Fwww.galleybayresort.com%...
adservice.google.com/ddm/fls/z/ Frame FB46
Redirect Chain
  • https://ad.doubleclick.net/ddm/activity/src=8835408;type=homep0;cat=galle0;qty=1;cost=0;u1=s%3Dccid_auto%7Cf_v%3Dcp_v3_js%7Cp_v%3D8%7Cversion%3D5%7Cauto_url%3Dhttps%253A%252F%252Fwww.galleybayresor...
  • https://ad.doubleclick.net/ddm/activity/src=8835408;dc_pre=CIDVtMefhYQDFShSHgIdjYQJLw;type=homep0;cat=galle0;qty=1;cost=0;u1=s%3Dccid_auto%7Cf_v%3Dcp_v3_js%7Cp_v%3D8%7Cversion%3D5%7Cauto_url%3Dhttp...
  • https://adservice.google.com/ddm/fls/z/src=8835408;dc_pre=CIDVtMefhYQDFShSHgIdjYQJLw;type=homep0;cat=galle0;qty=1;cost=0;u1=s%3Dccid_auto%7Cf_v%3Dcp_v3_js%7Cp_v%3D8%7Cversion%3D5%7Cauto_url%3Dhttps...
42 B
401 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/src=8835408;dc_pre=CIDVtMefhYQDFShSHgIdjYQJLw;type=homep0;cat=galle0;qty=1;cost=0;u1=s%3Dccid_auto%7Cf_v%3Dcp_v3_js%7Cp_v%3D8%7Cversion%3D5%7Cauto_url%3Dhttps%253A%252F%252Fwww.galleybayresort.com%252F%7Cauto_ccid%3Dhswva-e132y-u19jv-vtzfd-84qaw%7Cauto_ga%3D%7Cauto_eml_count%3D1%7Cws%3D1600x1200%7Ctz%3D-60%7Cn%3Dtf%253ANGd8MTB8MHw4fDR8ZW4tVVN8ZW4tVVMsZW58V2luMzJ8ZmFsc2V8fDF8MjR8MjR8MTYwMHwxMjAwfDM3NjAwMDAwMDB8RXVyb3BlL0JlcmxpbnxmYWxzZQ%253D%253D%7Chpid%3D2%7Cpt%3DHOME_PAGE%7Cet%3D;u2=;u3=;u4=;u5=;u9=;u10=;u11=;u12=;u13=;u16=;u19=2;u20=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;ord=orderID
Requested by
Host: static.sojern.com
URL: https://static.sojern.com/cip/c/236.html?f_v=cp_v3_js&p_v=8&version=5&auto_url=https%3A%2F%2Fwww.galleybayresort.com%2F&auto_ccid=hswva-e132y-u19jv-vtzfd-84qaw&auto_ga=&e_eml=null&auto_eml=cHJlc3NAZWxpdGVpc2xhbmRyZXNvcnRzLmNvbQ%253D%253D&auto_eml_count=1&auto_eml_domain=ZWxpdGVpc2xhbmRyZXNvcnRzLmNvbQ%253D%253D&ws=1600x1200&tz=-60&n=tf%3ANGd8MTB8MHw4fDR8ZW4tVVN8ZW4tVVMsZW58V2luMzJ8ZmFsc2V8fDF8MjR8MjR8MTYwMHwxMjAwfDM3NjAwMDAwMDB8RXVyb3BlL0JlcmxpbnxmYWxzZQ%3D%3D&hpid=2&pt=HOME_PAGE&et=
Protocol
H2
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.sojern.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Jan 2024 13:45:16 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 30 Jan 2024 13:45:16 GMT
attribution-reporting-register-trigger
{"aggregatable_deduplication_keys":[{"deduplication_key":"8809256125956404607"}],"aggregatable_trigger_data":[{"filters":{"14":["7674158"]},"key_piece":"0xb638b08aa63c4f38","source_keys":["1","3","4","5","6","7","8","9","10","11"]},{"key_piece":"0x17d15bd902cbc8a4","not_filters":{"14":["7674158"]},"source_keys":["1","3","4","5","6","7","8","9","10","11"]},{"filters":{"14":["7674158"]},"key_piece":"0xfd78cc992190aa6a","source_keys":["12","13","14","15","16","17","18","19","20","21"]},{"key_piece":"0x72fe672770c1cee2","not_filters":{"14":["7674158"]},"source_keys":["12","13","14","15","16","17","18","19","20","21"]}],"aggregatable_values":{"1":327,"10":327,"11":5570,"12":65,"13":65,"14":65,"15":6356,"16":65,"17":65,"18":6356,"19":65,"20":65,"21":6356,"3":327,"4":327,"5":5570,"6":327,"7":327,"8":5570,"9":327},"debug_key":"9933291014495354145","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"8809256125956404607","filters":{"14":["7674158"],"source_type":["event"]},"priority":"10","trigger_data":"1"},{"deduplication_key":"8809256125956404607","filters":{"14":["7674158"],"source_type":["navigation"]},"priority":"10","trigger_data":"6"},{"deduplication_key":"8809256125956404607","filters":{"source_type":["event"]},"priority":"0","trigger_data":"0"},{"deduplication_key":"8809256125956404607","filters":{"source_type":["navigation"]},"priority":"0","trigger_data":"7"}],"filters":{"8":["8835408"]}}
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
image/png
location
https://adservice.google.com/ddm/fls/z/src=8835408;dc_pre=CIDVtMefhYQDFShSHgIdjYQJLw;type=homep0;cat=galle0;qty=1;cost=0;u1=s%3Dccid_auto%7Cf_v%3Dcp_v3_js%7Cp_v%3D8%7Cversion%3D5%7Cauto_url%3Dhttps%253A%252F%252Fwww.galleybayresort.com%252F%7Cauto_ccid%3Dhswva-e132y-u19jv-vtzfd-84qaw%7Cauto_ga%3D%7Cauto_eml_count%3D1%7Cws%3D1600x1200%7Ctz%3D-60%7Cn%3Dtf%253ANGd8MTB8MHw4fDR8ZW4tVVN8ZW4tVVMsZW58V2luMzJ8ZmFsc2V8fDF8MjR8MjR8MTYwMHwxMjAwfDM3NjAwMDAwMDB8RXVyb3BlL0JlcmxpbnxmYWxzZQ%253D%253D%7Chpid%3D2%7Cpt%3DHOME_PAGE%7Cet%3D;u2=;u3=;u4=;u5=;u9=;u10=;u11=;u12=;u13=;u16=;u19=2;u20=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;ord=orderID
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
bounce
secure.adnxs.com/ Frame FB46
Redirect Chain
  • https://secure.adnxs.com/px?id=1364142&t=1
  • https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1364142%26t%3D1
0
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1364142%26t%3D1
Requested by
Host: static.sojern.com
URL: https://static.sojern.com/cip/c/236.html?f_v=cp_v3_js&p_v=8&version=5&auto_url=https%3A%2F%2Fwww.galleybayresort.com%2F&auto_ccid=hswva-e132y-u19jv-vtzfd-84qaw&auto_ga=&e_eml=null&auto_eml=cHJlc3NAZWxpdGVpc2xhbmRyZXNvcnRzLmNvbQ%253D%253D&auto_eml_count=1&auto_eml_domain=ZWxpdGVpc2xhbmRyZXNvcnRzLmNvbQ%253D%253D&ws=1600x1200&tz=-60&n=tf%3ANGd8MTB8MHw4fDR8ZW4tVVN8ZW4tVVMsZW58V2luMzJ8ZmFsc2V8fDF8MjR8MjR8MTYwMHwxMjAwfDM3NjAwMDAwMDB8RXVyb3BlL0JlcmxpbnxmYWxzZQ%3D%3D&hpid=2&pt=HOME_PAGE&et=
Protocol
H2
Server
37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.sojern.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Jan 2024 13:45:16 GMT
an-x-request-uuid
50c098a3-1828-4e1e-8d11-750eaed32594
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
193.32.248.221; 193.32.248.221; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 30 Jan 2024 13:45:16 GMT
an-x-request-uuid
be62b335-a63c-4757-ac85-8cdb98461e03
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
location
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1364142%26t%3D1
cache-control
no-store, no-cache, private
x-proxy-origin
193.32.248.221; 193.32.248.221; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
bounce
secure.adnxs.com/ Frame FB46
Redirect Chain
  • https://secure.adnxs.com/seg?add=23505139&t=1
  • https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D23505139%26t%3D1
0
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D23505139%26t%3D1
Requested by
Host: static.sojern.com
URL: https://static.sojern.com/cip/c/236.html?f_v=cp_v3_js&p_v=8&version=5&auto_url=https%3A%2F%2Fwww.galleybayresort.com%2F&auto_ccid=hswva-e132y-u19jv-vtzfd-84qaw&auto_ga=&e_eml=null&auto_eml=cHJlc3NAZWxpdGVpc2xhbmRyZXNvcnRzLmNvbQ%253D%253D&auto_eml_count=1&auto_eml_domain=ZWxpdGVpc2xhbmRyZXNvcnRzLmNvbQ%253D%253D&ws=1600x1200&tz=-60&n=tf%3ANGd8MTB8MHw4fDR8ZW4tVVN8ZW4tVVMsZW58V2luMzJ8ZmFsc2V8fDF8MjR8MjR8MTYwMHwxMjAwfDM3NjAwMDAwMDB8RXVyb3BlL0JlcmxpbnxmYWxzZQ%3D%3D&hpid=2&pt=HOME_PAGE&et=
Protocol
H2
Server
37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.sojern.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Jan 2024 13:45:16 GMT
an-x-request-uuid
a82cd501-a86c-4953-aaeb-695666f44e74
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
193.32.248.221; 193.32.248.221; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 30 Jan 2024 13:45:16 GMT
an-x-request-uuid
65dcd31b-876c-4872-a5e9-1f7e0ddb8a63
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D23505139%26t%3D1
x-proxy-origin
193.32.248.221; 193.32.248.221; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
AdX
pixel.sojern.com/idSync/ Frame FB46
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_cm=true&google_hm=VrVTxxDWiEIcb8t78s960g&google_nid=sojern__adx_open_bidder_seat&google_sc=true&sjrn_id=v2bE6rwGQc1kErWA00butiljO2KdJtVisoxUqmx4V8kbnHjEe8B...
  • https://pixel.sojern.com/idSync/AdX?exchangeProfileId=&sjrn_id=v2bE6rwGQc1kErWA00butiljO2KdJtVisoxUqmx4V8kbnHjEe8BLkLOy2DXTZ7Iw&sjrn_ula=668469508&google_gid=CAESEAPMXbQTk4mb4cF_Yq9mkfg&google_cver=1
42 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.sojern.com/idSync/AdX?exchangeProfileId=&sjrn_id=v2bE6rwGQc1kErWA00butiljO2KdJtVisoxUqmx4V8kbnHjEe8BLkLOy2DXTZ7Iw&sjrn_ula=668469508&google_gid=CAESEAPMXbQTk4mb4cF_Yq9mkfg&google_cver=1
Requested by
Host: static.sojern.com
URL: https://static.sojern.com/cip/c/236.html?f_v=cp_v3_js&p_v=8&version=5&auto_url=https%3A%2F%2Fwww.galleybayresort.com%2F&auto_ccid=hswva-e132y-u19jv-vtzfd-84qaw&auto_ga=&e_eml=null&auto_eml=cHJlc3NAZWxpdGVpc2xhbmRyZXNvcnRzLmNvbQ%253D%253D&auto_eml_count=1&auto_eml_domain=ZWxpdGVpc2xhbmRyZXNvcnRzLmNvbQ%253D%253D&ws=1600x1200&tz=-60&n=tf%3ANGd8MTB8MHw4fDR8ZW4tVVN8ZW4tVVMsZW58V2luMzJ8ZmFsc2V8fDF8MjR8MjR8MTYwMHwxMjAwfDM3NjAwMDAwMDB8RXVyb3BlL0JlcmxpbnxmYWxzZQ%3D%3D&hpid=2&pt=HOME_PAGE&et=
Protocol
H2
Server
107.178.244.119 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
119.244.178.107.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.sojern.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 13:45:16 GMT
via
1.1 google
vary
Accept-Encoding
content-type
image/gif
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

pragma
no-cache
date
Tue, 30 Jan 2024 13:45:16 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.sojern.com/idSync/AdX?exchangeProfileId=&sjrn_id=v2bE6rwGQc1kErWA00butiljO2KdJtVisoxUqmx4V8kbnHjEe8BLkLOy2DXTZ7Iw&sjrn_ula=668469508&google_gid=CAESEAPMXbQTk4mb4cF_Yq9mkfg&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
412
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
fcmatch.youtube.com/ Frame FB46
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_hm=VrVTxxDWiEIcb8t78s960g&google_nid=sojern_adh
  • https://fcmatch.google.com/pixel?google_gm=AMnCDorFklHMuiWWyz6Zdn_y_GM_mnMiNjnRiF5un4NkbBauCHsbocHlRDwsI-d9v4sq4NIHYaoP3cLFJc2Rc0ulmGzKcAtS9TalPjl4E3h2YyOsHCYFnB8
  • https://fcmatch.youtube.com/pixel?google_gm=AMnCDorFklHMuiWWyz6Zdn_y_GM_mnMiNjnRiF5un4NkbBauCHsbocHlRDwsI-d9v4sq4NIHYaoP3cLFJc2Rc0ulmGzKcAtS9TalPjl4E3h2YyOsHCYFnB8
170 B
432 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fcmatch.youtube.com/pixel?google_gm=AMnCDorFklHMuiWWyz6Zdn_y_GM_mnMiNjnRiF5un4NkbBauCHsbocHlRDwsI-d9v4sq4NIHYaoP3cLFJc2Rc0ulmGzKcAtS9TalPjl4E3h2YyOsHCYFnB8
Requested by
Host: static.sojern.com
URL: https://static.sojern.com/cip/c/236.html?f_v=cp_v3_js&p_v=8&version=5&auto_url=https%3A%2F%2Fwww.galleybayresort.com%2F&auto_ccid=hswva-e132y-u19jv-vtzfd-84qaw&auto_ga=&e_eml=null&auto_eml=cHJlc3NAZWxpdGVpc2xhbmRyZXNvcnRzLmNvbQ%253D%253D&auto_eml_count=1&auto_eml_domain=ZWxpdGVpc2xhbmRyZXNvcnRzLmNvbQ%253D%253D&ws=1600x1200&tz=-60&n=tf%3ANGd8MTB8MHw4fDR8ZW4tVVN8ZW4tVVMsZW58V2luMzJ8ZmFsc2V8fDF8MjR8MjR8MTYwMHwxMjAwfDM3NjAwMDAwMDB8RXVyb3BlL0JlcmxpbnxmYWxzZQ%3D%3D&hpid=2&pt=HOME_PAGE&et=
Protocol
H2
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.sojern.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Jan 2024 13:45:16 GMT
server
HTTP server (unknown)
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 30 Jan 2024 13:45:16 GMT
server
HTTP server (unknown)
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
https://fcmatch.youtube.com/pixel?google_gm=AMnCDorFklHMuiWWyz6Zdn_y_GM_mnMiNjnRiF5un4NkbBauCHsbocHlRDwsI-d9v4sq4NIHYaoP3cLFJc2Rc0ulmGzKcAtS9TalPjl4E3h2YyOsHCYFnB8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
360
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
getuidnb
ib.adnxs.com/ Frame FB46 		43 B
701 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/getuidnb?https://pixel.sojern.com/idsync/apn?id=$UID&sjrn_id=v2bE6rwGQc1kErWA00butiljO2KdJtVisoxUqmx4V8kbnHjEe8BLkLOy2DXTZ7Iw
Requested by
Host: static.sojern.com
URL: https://static.sojern.com/cip/c/236.html?f_v=cp_v3_js&p_v=8&version=5&auto_url=https%3A%2F%2Fwww.galleybayresort.com%2F&auto_ccid=hswva-e132y-u19jv-vtzfd-84qaw&auto_ga=&e_eml=null&auto_eml=cHJlc3NAZWxpdGVpc2xhbmRyZXNvcnRzLmNvbQ%253D%253D&auto_eml_count=1&auto_eml_domain=ZWxpdGVpc2xhbmRyZXNvcnRzLmNvbQ%253D%253D&ws=1600x1200&tz=-60&n=tf%3ANGd8MTB8MHw4fDR8ZW4tVVN8ZW4tVVMsZW58V2luMzJ8ZmFsc2V8fDF8MjR8MjR8MTYwMHwxMjAwfDM3NjAwMDAwMDB8RXVyb3BlL0JlcmxpbnxmYWxzZQ%3D%3D&hpid=2&pt=HOME_PAGE&et=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.sojern.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Jan 2024 13:45:16 GMT
an-x-request-uuid
842abe63-1e10-401f-a2b3-2cc02628b8ec
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
193.32.248.221; 193.32.248.221; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame FB46 		70 B
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=ombl9hp&ttd_puid=v2bE6rwGQc1kErWA00butiljO2KdJtVisoxUqmx4V8kbnHjEe8BLkLOy2DXTZ7Iw&ttd_tpi=1
Requested by
Host: static.sojern.com
URL: https://static.sojern.com/cip/c/236.html?f_v=cp_v3_js&p_v=8&version=5&auto_url=https%3A%2F%2Fwww.galleybayresort.com%2F&auto_ccid=hswva-e132y-u19jv-vtzfd-84qaw&auto_ga=&e_eml=null&auto_eml=cHJlc3NAZWxpdGVpc2xhbmRyZXNvcnRzLmNvbQ%253D%253D&auto_eml_count=1&auto_eml_domain=ZWxpdGVpc2xhbmRyZXNvcnRzLmNvbQ%253D%253D&ws=1600x1200&tz=-60&n=tf%3ANGd8MTB8MHw4fDR8ZW4tVVN8ZW4tVVMsZW58V2luMzJ8ZmFsc2V8fDF8MjR8MjR8MTYwMHwxMjAwfDM3NjAwMDAwMDB8RXVyb3BlL0JlcmxpbnxmYWxzZQ%3D%3D&hpid=2&pt=HOME_PAGE&et=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.sojern.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 13:45:16 GMT
server
Kestrel
content-length
70
content-type
image/gif
adf
pixel.sojern.com/idsync/ Frame FB46
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?cid=56b553c7-10d6-8842-1c6f-cb7bf2cf7ad2&party=1296
  • https://c1.adform.net/serving/cookie/match?CC=1&cid=56b553c7-10d6-8842-1c6f-cb7bf2cf7ad2&party=1296
  • https://pixel.sojern.com/idsync/adf?adfid=872656086696207301&cid=56b553c7-10d6-8842-1c6f-cb7bf2cf7ad2
0
209 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.sojern.com/idsync/adf?adfid=872656086696207301&cid=56b553c7-10d6-8842-1c6f-cb7bf2cf7ad2
Requested by
Host: static.sojern.com
URL: https://static.sojern.com/cip/c/236.html?f_v=cp_v3_js&p_v=8&version=5&auto_url=https%3A%2F%2Fwww.galleybayresort.com%2F&auto_ccid=hswva-e132y-u19jv-vtzfd-84qaw&auto_ga=&e_eml=null&auto_eml=cHJlc3NAZWxpdGVpc2xhbmRyZXNvcnRzLmNvbQ%253D%253D&auto_eml_count=1&auto_eml_domain=ZWxpdGVpc2xhbmRyZXNvcnRzLmNvbQ%253D%253D&ws=1600x1200&tz=-60&n=tf%3ANGd8MTB8MHw4fDR8ZW4tVVN8ZW4tVVMsZW58V2luMzJ8ZmFsc2V8fDF8MjR8MjR8MTYwMHwxMjAwfDM3NjAwMDAwMDB8RXVyb3BlL0JlcmxpbnxmYWxzZQ%3D%3D&hpid=2&pt=HOME_PAGE&et=
Protocol
H2
Server
107.178.244.119 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
119.244.178.107.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.sojern.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 30 Jan 2024 13:45:16 GMT
via
1.1 google
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
vary
Accept-Encoding

Redirect headers

pragma
no-cache
date
Tue, 30 Jan 2024 13:45:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://pixel.sojern.com/idsync/adf?adfid=872656086696207301&cid=56b553c7-10d6-8842-1c6f-cb7bf2cf7ad2
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
/
a2.adform.net/Serving/TrackPoint/ Frame FB46 		873 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a2.adform.net/Serving/TrackPoint/?pm=3052883&ADFPageName=Galley%20Bay%20Resort%20and%20Spa%20--%20HOME_PAGE%20139051&ADFdivider=%7C&ord=343627513314&ADFtpmode=2&loc=https%3A%2F%2Fstatic.sojern.com%2Fcip%2Fc%2F236.html%3Ff_v%3Dcp_v3_js%26p_v%3D8%26version%3D5%26auto_url%3Dhttps%253A%252F%252Fwww.galleybayresort.com%252F%26auto_ccid%3Dhswva-e132y-u19jv-vtzfd-84qaw%26auto_ga%3D%26e_eml%3Dnull%26auto_eml%3DcHJlc3NAZWxpdGVpc2xhbmRyZXNvcnRzLmNvbQ%25253D%25253D%26auto_eml_count%3D1%26auto_eml_domain%3DZWxpdGVpc2xhbmRyZXNvcnRzLmNvbQ%25253D%25253D%26ws%3D1600x1200%26tz%3D-60%26n%3Dtf%253ANGd8MTB8MHw4fDR8ZW4tVVN8ZW4tVVMsZW58V2luMzJ8ZmFsc2V8fDF8MjR8MjR8MTYwMHwxMjAwfDM3NjAwMDAwMDB8RXVyb3BlL0JlcmxpbnxmYWxzZQ%253D%253D%26hpid%3D2%26pt%3DHOME_PAGE%26et%3D&CPref=https%3A%2F%2Fwww.galleybayresort.com%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24
Requested by
Host: s2.adform.net
URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.167.164.39 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
d41d0f72c68314fd2939342e1b47f2b717a163608b4c319d69519674a6ebfe43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.sojern.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Jan 2024 13:45:16 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
713
expires
-1
251123455744597
connect.facebook.net/signals/config/ Frame FB46 		52 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/251123455744597?v=2.9.143&r=stable&domain=www.galleybayresort.com&hme=1e96626f56fb37feabdb16bd09d3dbece570479b2ec677eec7364c762eaf296e&ex_m=62%2C104%2C92%2C96%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C146%2C149%2C160%2C156%2C157%2C159%2C25%2C89%2C45%2C68%2C158%2C141%2C144%2C153%2C154%2C161%2C113%2C13%2C43%2C165%2C164%2C115%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C93%2C95%2C31%2C94%2C26%2C22%2C142%2C145%2C122%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C91%2C38%2C70%2C60%2C97%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C98
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d37e8a7d59223580623bc23430bd8a56d52771b58219717aa54f42c27d04b624
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.sojern.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 30 Jan 2024 13:45:16 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0"
pragma
public
x-fb-debug
/vIGdtbSVOA3+DsEOgZvURRGjUmY8RjENWEGrqwxTF5k69iMN6gyt6BSL/j1/kd9wy8qGprlZH2SakC5aFOrZw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
player-stats
fresnel.vimeocdn.com/add/ Frame 6625 		0
142 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=d26d48595aaa774352f168ea5837ad6a416d7a101706622315
Requested by
Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.27.4/js/background.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.202.204 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
204.202.120.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://player.vimeo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://player.vimeo.com
date
Tue, 30 Jan 2024 13:45:16 GMT
via
1.1 google
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
master.json
74vod-adaptive.akamaized.net/exp=1706625915~acl=%2F7b007286-e774-49e2-af3e-e63b29f57539%2F%2A~hmac=406b033e5c259b7c47e70bc38a3865de61abd71c15ebbffe967880769037faf1/7b007286-e774-49e2-af3e-e63b29f57... Frame 6625 		13 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://74vod-adaptive.akamaized.net/exp=1706625915~acl=%2F7b007286-e774-49e2-af3e-e63b29f57539%2F%2A~hmac=406b033e5c259b7c47e70bc38a3865de61abd71c15ebbffe967880769037faf1/7b007286-e774-49e2-af3e-e63b29f57539/sep/video/59b28c32,a757f4bc,d47b434b,d5f065d3/master.json?base64_init=1&query_string_ranges=1
Requested by
Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.27.4/js/background.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1735:2a20 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
19871f8acd0559e87c4a8a86a44179bc863ae6bfd06b5368f6c1856bd63981db

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.vimeo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 13:45:16 GMT
content-encoding
gzip
x-vim-cachebc
EP:H11,E:m,TD0:h
akamai-grn
0.1c2a3517.1706622316.123693d5
origin-retrieved-hour
1698850800
akamai-mon-iucid-del
877678
alt-svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
2783
pragma
no-cache
access-control-max-age
86400
vary
Accept-Encoding
aka-c-hit
cache-hit
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
X-VIM-CACHEBC, Akamai-GRN, Akamai-Request-BC
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
timing-allow-origin
*
akamai-request-bc
[a=23.53.42.28,b=305566677,c=g,n=DE_HE_FRANKFURT,o=20940],[c=c,n=DE_HE_FRANKFURT,o=20940]
access-control-allow-headers
Content-Type, Accept-Encoding, Range, X-OTT-Agent,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
vuid.min.js
f.vimeocdn.com/js_opt/modules/utils/ Frame 6625 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://f.vimeocdn.com/js_opt/modules/utils/vuid.min.js
Requested by
Host: player.vimeo.com
URL: https://player.vimeo.com/video/878791389?loop=1&autoplay=1&title=0&byline=0&portrait=0&background=1&player_id=iframe75264
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.122.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c051b8b5eb2a0aef699780f15a449491868faa6f8b39b684b5ae8f64f345b94a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.vimeo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-served-by
cache-iad-kiad7000106-IAD, cache-fra-etou8220050-FRA
date
Tue, 30 Jan 2024 13:45:16 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
809928
x-timer
S1706622316.300431,VS0,VE0
vary
Accept-Encoding,x-http-method-override
x-cache
HIT, HIT
content-type
application/javascript
cache-control
public, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
content-length
985
x-cache-hits
8, 184764
player-stats
fresnel.vimeocdn.com/add/ Frame 6625 		0
40 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=d26d48595aaa774352f168ea5837ad6a416d7a101706622315
Requested by
Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.27.4/js/background.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.202.204 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
204.202.120.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://player.vimeo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://player.vimeo.com
date
Tue, 30 Jan 2024 13:45:16 GMT
via
1.1 google
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
vuid
vimeo.com/ablincoln/ Frame 6625 		0
921 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://vimeo.com/ablincoln/vuid?pid=d26d48595aaa774352f168ea5837ad6a416d7a101706622315
Requested by
Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/js_opt/modules/utils/vuid.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.159.128.61 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.vimeo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Tue, 30 Jan 2024 01:45:16 GMT
Date
Tue, 30 Jan 2024 13:45:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
CF-Cache-Status
DYNAMIC
Via
1.1 varnish, 1.1 varnish
content-security-policy-report-only
default-src https: data: blob: wss: 'unsafe-inline' 'unsafe-eval'; report-uri /_csp
X-Cache
MISS, MISS
Connection
keep-alive
x-xss-protection
1; mode=block
X-Served-By
cache-iad-kcgs7200161-IAD, cache-cph2320046-CPH
x-ua-compatible
IE=edge
x-vimeo-device
d
Server
cloudflare
X-Timer
S1706622316.388877,VS0,VE129
x-backend-proxy
webproxy10
x-frame-options
sameorigin
Vary
User-Agent,x-http-method-override
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-bapp-server
pweb-5bc485f57b-hsc7k
Accept-Ranges
bytes
CF-RAY
84da27854932aca7-TXL
X-Cache-Hits
0, 0
/
www.facebook.com/tr/ Frame FB46 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=251123455744597&ev=PageView&dl=https%3A%2F%2Fstatic.sojern.com%2Fcip%2Fc%2F236.html%3Ff_v%3Dcp_v3_js%26p_v%3D8%26version%3D5%26auto_url%3Dhttps%253A%252F%252Fwww.galleybayresort.com%252F%26auto_ccid%3Dhswva-e132y-u19jv-vtzfd-84qaw%26auto_ga%3D%26e_eml%3Dnull%26auto_eml%3DcHJlc3NAZWxpdGVpc2xhbmRyZXNvcnRzLmNvbQ%25253D%25253D%26auto_eml_count%3D1%26auto_eml_domain%3DZWxpdGVpc2xhbmRyZXNvcnRzLmNvbQ%25253D%25253D%26ws%3D1600x1200%26tz%3D-60%26n%3Dtf%253ANGd8MTB8MHw4fDR8ZW4tVVN8ZW4tVVMsZW58V2luMzJ8ZmFsc2V8fDF8MjR8MjR8MTYwMHwxMjAwfDM3NjAwMDAwMDB8RXVyb3BlL0JlcmxpbnxmYWxzZQ%253D%253D%26hpid%3D2%26pt%3DHOME_PAGE%26et%3D&rl=https%3A%2F%2Fwww.galleybayresort.com%2F&if=true&ts=1706622316425&sw=1600&sh=1200&v=2.9.143&r=stable&a=trplsojern&ec=0&o=4126&ler=other&cdl=API_unavailable&it=1706622316252&coo=false&tm=1&exp=e2&rqm=GET
Requested by
Host: static.sojern.com
URL: https://static.sojern.com/cip/c/236.html?f_v=cp_v3_js&p_v=8&version=5&auto_url=https%3A%2F%2Fwww.galleybayresort.com%2F&auto_ccid=hswva-e132y-u19jv-vtzfd-84qaw&auto_ga=&e_eml=null&auto_eml=cHJlc3NAZWxpdGVpc2xhbmRyZXNvcnRzLmNvbQ%253D%253D&auto_eml_count=1&auto_eml_domain=ZWxpdGVpc2xhbmRyZXNvcnRzLmNvbQ%253D%253D&ws=1600x1200&tz=-60&n=tf%3ANGd8MTB8MHw4fDR8ZW4tVVN8ZW4tVVMsZW58V2luMzJ8ZmFsc2V8fDF8MjR8MjR8MTYwMHwxMjAwfDM3NjAwMDAwMDB8RXVyb3BlL0JlcmxpbnxmYWxzZQ%3D%3D&hpid=2&pt=HOME_PAGE&et=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.sojern.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 30 Jan 2024 13:45:16 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/ Frame FB46 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=251123455744597&ev=HomePage&dl=https%3A%2F%2Fstatic.sojern.com%2Fcip%2Fc%2F236.html%3Ff_v%3Dcp_v3_js%26p_v%3D8%26version%3D5%26auto_url%3Dhttps%253A%252F%252Fwww.galleybayresort.com%252F%26auto_ccid%3Dhswva-e132y-u19jv-vtzfd-84qaw%26auto_ga%3D%26e_eml%3Dnull%26auto_eml%3DcHJlc3NAZWxpdGVpc2xhbmRyZXNvcnRzLmNvbQ%25253D%25253D%26auto_eml_count%3D1%26auto_eml_domain%3DZWxpdGVpc2xhbmRyZXNvcnRzLmNvbQ%25253D%25253D%26ws%3D1600x1200%26tz%3D-60%26n%3Dtf%253ANGd8MTB8MHw4fDR8ZW4tVVN8ZW4tVVMsZW58V2luMzJ8ZmFsc2V8fDF8MjR8MjR8MTYwMHwxMjAwfDM3NjAwMDAwMDB8RXVyb3BlL0JlcmxpbnxmYWxzZQ%253D%253D%26hpid%3D2%26pt%3DHOME_PAGE%26et%3D&rl=https%3A%2F%2Fwww.galleybayresort.com%2F&if=true&ts=1706622316426&cd[content_type]=hotel&cd[content_ids]=%5B%222%22%5D&cd[value]=0&cd[purchase_value]=0&sw=1600&sh=1200&v=2.9.143&r=stable&a=trplsojern&ec=1&o=4126&ler=other&cdl=API_unavailable&it=1706622316252&coo=false&tm=2&exp=e2&rqm=GET
Requested by
Host: static.sojern.com
URL: https://static.sojern.com/cip/c/236.html?f_v=cp_v3_js&p_v=8&version=5&auto_url=https%3A%2F%2Fwww.galleybayresort.com%2F&auto_ccid=hswva-e132y-u19jv-vtzfd-84qaw&auto_ga=&e_eml=null&auto_eml=cHJlc3NAZWxpdGVpc2xhbmRyZXNvcnRzLmNvbQ%253D%253D&auto_eml_count=1&auto_eml_domain=ZWxpdGVpc2xhbmRyZXNvcnRzLmNvbQ%253D%253D&ws=1600x1200&tz=-60&n=tf%3ANGd8MTB8MHw4fDR8ZW4tVVN8ZW4tVVMsZW58V2luMzJ8ZmFsc2V8fDF8MjR8MjR8MTYwMHwxMjAwfDM3NjAwMDAwMDB8RXVyb3BlL0JlcmxpbnxmYWxzZQ%3D%3D&hpid=2&pt=HOME_PAGE&et=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.sojern.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 30 Jan 2024 13:45:16 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
player-stats
fresnel.vimeocdn.com/add/ Frame 6625 		0
40 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=d26d48595aaa774352f168ea5837ad6a416d7a101706622315
Requested by
Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.27.4/js/background.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.202.204 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
204.202.120.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://player.vimeo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://player.vimeo.com
date
Tue, 30 Jan 2024 13:45:16 GMT
via
1.1 google
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
d47b434b.mp4
74vod-adaptive.akamaized.net/exp=1706625915~acl=%2F7b007286-e774-49e2-af3e-e63b29f57539%2F%2A~hmac=406b033e5c259b7c47e70bc38a3865de61abd71c15ebbffe967880769037faf1/7b007286-e774-49e2-af3e-e63b29f57... Frame 6625 		253 KB
254 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://74vod-adaptive.akamaized.net/exp=1706625915~acl=%2F7b007286-e774-49e2-af3e-e63b29f57539%2F%2A~hmac=406b033e5c259b7c47e70bc38a3865de61abd71c15ebbffe967880769037faf1/7b007286-e774-49e2-af3e-e63b29f57539/parcel/video/d47b434b.mp4?r=dXMtY2VudHJhbDE%3D&range=1057-260426
Requested by
Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.27.4/js/background.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1735:2a20 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
parcel /
Resource Hash
e360c60586c4ecaac662443f270ab79a5555c287ab7b190d215ab7d0e5cb3b04

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.vimeo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 13:45:16 GMT
x-vim-cachebc
EP:H11,E:m,TD0:h
akamai-grn
0.1c2a3517.1706622316.123694cb
origin-retrieved-hour
1698850800
akamai-mon-iucid-del
877678
alt-svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
259370
pragma
no-cache
last-modified
Wed, 01 Nov 2023 15:40:17 GMT
server
parcel
access-control-max-age
86400
aka-c-hit
cache-hit
content-type
video/mp4
access-control-allow-origin
*
access-control-expose-headers
X-VIM-CACHEBC, Akamai-GRN, Akamai-Request-BC
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
timing-allow-origin
*
akamai-request-bc
[a=23.53.42.28,b=305566923,c=g,n=DE_HE_FRANKFURT,o=20940],[c=c,n=DE_HE_FRANKFURT,o=20940]
access-control-allow-headers
Content-Type, Accept-Encoding, Range, X-OTT-Agent,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
pixels
c1.adform.net/imatch/ Frame 7183 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/imatch/pixels?bt=0&uid=4224580775014324333&agencyId=8579&advertiserId=2162282&src=tp&rnd=429068
Requested by
Host: a2.adform.net
URL: https://a2.adform.net/Serving/TrackPoint/?pm=3052883&ADFPageName=Galley%20Bay%20Resort%20and%20Spa%20--%20HOME_PAGE%20139051&ADFdivider=%7C&ord=343627513314&ADFtpmode=2&loc=https%3A%2F%2Fstatic.sojern.com%2Fcip%2Fc%2F236.html%3Ff_v%3Dcp_v3_js%26p_v%3D8%26version%3D5%26auto_url%3Dhttps%253A%252F%252Fwww.galleybayresort.com%252F%26auto_ccid%3Dhswva-e132y-u19jv-vtzfd-84qaw%26auto_ga%3D%26e_eml%3Dnull%26auto_eml%3DcHJlc3NAZWxpdGVpc2xhbmRyZXNvcnRzLmNvbQ%25253D%25253D%26auto_eml_count%3D1%26auto_eml_domain%3DZWxpdGVpc2xhbmRyZXNvcnRzLmNvbQ%25253D%25253D%26ws%3D1600x1200%26tz%3D-60%26n%3Dtf%253ANGd8MTB8MHw4fDR8ZW4tVVN8ZW4tVVMsZW58V2luMzJ8ZmFsc2V8fDF8MjR8MjR8MTYwMHwxMjAwfDM3NjAwMDAwMDB8RXVyb3BlL0JlcmxpbnxmYWxzZQ%253D%253D%26hpid%3D2%26pt%3DHOME_PAGE%26et%3D&CPref=https%3A%2F%2Fwww.galleybayresort.com%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.20 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
7e07826006b232c1d8a5a21c783f5a994a09fe2051274019157afc68d20049c6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://static.sojern.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 30 Jan 2024 13:45:16 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
/
a1.seadform.net/serving/cookie/sync/ Frame FB46 		35 B
467 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a1.seadform.net/serving/cookie/sync/?uid=4224580775014324333&stamp=GPAvfsUdRIsDvP-67D9Y4w2
Requested by
Host: static.sojern.com
URL: https://static.sojern.com/cip/c/236.html?f_v=cp_v3_js&p_v=8&version=5&auto_url=https%3A%2F%2Fwww.galleybayresort.com%2F&auto_ccid=hswva-e132y-u19jv-vtzfd-84qaw&auto_ga=&e_eml=null&auto_eml=cHJlc3NAZWxpdGVpc2xhbmRyZXNvcnRzLmNvbQ%253D%253D&auto_eml_count=1&auto_eml_domain=ZWxpdGVpc2xhbmRyZXNvcnRzLmNvbQ%253D%253D&ws=1600x1200&tz=-60&n=tf%3ANGd8MTB8MHw4fDR8ZW4tVVN8ZW4tVVMsZW58V2luMzJ8ZmFsc2V8fDF8MjR8MjR8MTYwMHwxMjAwfDM3NjAwMDAwMDB8RXVyb3BlL0JlcmxpbnxmYWxzZQ%3D%3D&hpid=2&pt=HOME_PAGE&et=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.26 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.sojern.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 13:45:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
plf
c1.adform.net/imatch/ Frame 7183 		0
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c1.adform.net/imatch/plf?name=plff
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=4224580775014324333&agencyId=8579&advertiserId=2162282&src=tp&rnd=429068
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.20 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/imatch/pixels?bt=0&uid=4224580775014324333&agencyId=8579&advertiserId=2162282&src=tp&rnd=429068
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 13:45:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
match
ad.360yield.com/ Frame 7183 		43 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.360yield.com/match?publisher_dsp_id=42&external_user_id=4224580775014324333&Expiration=1707831916
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=4224580775014324333&agencyId=8579&advertiserId=2162282&src=tp&rnd=429068
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.154.183.156 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-154-183-156.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 30 Jan 2024 13:45:16 GMT
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
m
ad.yieldlab.net/ Frame 7183 		0
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.yieldlab.net/m?dt_id=4879&ext_id=4224580775014324333
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=4224580775014324333&agencyId=8579&advertiserId=2162282&src=tp&rnd=429068
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.237.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-75.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 30 Jan 2024 13:45:16 GMT
Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection
keep-alive
Expires
Mon, 29 Jan 2024 13:45:16 GMT
token
token.rubiconproject.com/ Frame 7183 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/token?pid=5232&puid=4224580775014324333
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=4224580775014324333&agencyId=8579&advertiserId=2162282&src=tp&rnd=429068
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
f5982f4f9cc79eb2b489dda8b92e3144
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tpui
ih.adscale.de/adscale-ih/ Frame 7183 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=4224580775014324333&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=4224580775014324333&agencyId=8579&advertiserId=2162282&src=tp&rnd=429068
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.121.226 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-121-226.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 13:45:16 GMT
content-length
0
/
rtb-csync.smartadserver.com/redir/ Frame 7183 		43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=22&partneruserid=4224580775014324333&redirurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d10%26cid%3DSMART_USER_ID
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=4224580775014324333&agencyId=8579&advertiserId=2162282&src=tp&rnd=429068
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
5.196.111.73 Lille, France, ASN16276 (OVH, FR),
Reverse DNS
ip73.ip-5-196-111.eu
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 13:45:16 GMT
transfer-encoding
chunked
content-type
image/gif
user-registering
ads.stickyadstv.com/ Frame 7183 		43 B
638 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.stickyadstv.com/user-registering?dataProviderId=189&userId=4224580775014324333
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=4224580775014324333&agencyId=8579&advertiserId=2162282&src=tp&rnd=429068
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
2607:ae80:192:1::172 , United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 30 Jan 2024 13:45:16 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1706622316807084-395
sync
x.bidswitch.net/ Frame 7183 		43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=70&user_id=4224580775014324333
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=4224580775014324333&agencyId=8579&advertiserId=2162282&src=tp&rnd=429068
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.214.149.91 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
91.149.214.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 30 Jan 2024 13:45:16 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
rum
dsum-sec.casalemedia.com/ Frame 7183
Redirect Chain
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=4224580775014324333&expiration=1707831916
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=4224580775014324333&expiration=1707831916&C=1
43 B
334 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=4224580775014324333&expiration=1707831916&C=1
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=4224580775014324333&agencyId=8579&advertiserId=2162282&src=tp&rnd=429068
Protocol
H2
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Jan 2024 13:45:16 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=husY4C6VKI5f%2BBdM9%2FzVhk7AK1flpW6Oakg79c2FWaUKFSN31KI19rARYehAiQOdRCvwI4PtK3pDCo0JXgMjF4wdSAyVSK3QHryFRs485IhdyFE0acThKvxpDAiX9FlkEa0omzr3VDMp9A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84da2787e86344f2-TXL
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 30 Jan 2024 13:45:16 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6x2N6rXbVe8Jt9GDdAiDDEnqWi2XvsT0LR%2FdscqfE7w4nelcdCn6j0nMbYsP3Ow85v%2Fh3q8ZKraEgX2tV08Uv4tZbeffYiz82WWbf5IEU3rIFLXNCkUvczaAHZAUdcx%2B5jQwLYqSoYkJVg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
/rum?cm_dsp_id=111&external_user_id=4224580775014324333&expiration=1707831916&C=1
cache-control
no-cache
cf-ray
84da27875f2944f2-TXL
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
12092831
se.semasio.net/sync/1/ Frame 7183
Redirect Chain
  • https://uipglob.semasio.net/adform/1/info?sType=sync&sExtCookieId=4224580775014324333&sInitiator=external
  • https://uipglob.semasio.net/adform/1/info2?sType=sync&sExtCookieId=4224580775014324333&sInitiator=external
  • https://se.semasio.net/sync/1/16266044?sExtCookieId=4224580775014324333&gdpr=&sInitiator=external
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fse.semasio.net%2Fsync%2F1%2F647471%3FsExtCookieId%3D%25%25COOKIE%25%25%26sInitiator%3Dinternal&gdpr=
  • https://se.semasio.net/sync/1/647471?sExtCookieId=7329887033871431822&sInitiator=internal&gdpr=
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fse.semasio.net%2Fsync%2F1%2F4354957%3FsExtCookieId%3D%24UID%26sInitiator%3Dinternal&gdpr=
  • https://se.semasio.net/sync/1/4354957?sExtCookieId=3094484365885493439&sInitiator=internal&gdpr=
  • https://cm.g.doubleclick.net/pixel?google_nid=semasio_ddp&google_cm&google_hm=OTIyMkY1NzZCMzdCQkVGOQ&gdpr=
  • https://uipglob.semasio.net/dbm/1/info?sType=sync&sExtCookieId=CAESEPSixCMQp3uTFt1sz-yRybY&sInitiator=internal&google_cver=1&gdpr=&google_cver=1
  • https://se.semasio.net/sync/1/12092831?sExtCookieId=CAESEPSixCMQp3uTFt1sz-yRybY&sInitiator=internal&google_cver=1&gdpr=
0
415 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://se.semasio.net/sync/1/12092831?sExtCookieId=CAESEPSixCMQp3uTFt1sz-yRybY&sInitiator=internal&google_cver=1&gdpr=
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=4224580775014324333&agencyId=8579&advertiserId=2162282&src=tp&rnd=429068
Protocol
HTTP/1.1
Server
77.243.51.122 Aalborg, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Jan 2024 13:45:16 GMT
uip-status
Ok
frontend-id
09
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 30 Jan 2024 13:45:16 GMT
frontend-id
9
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location
https://se.semasio.net/sync/1/12092831?sExtCookieId=CAESEPSixCMQp3uTFt1sz-yRybY&sInitiator=internal&google_cver=1&gdpr=
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
match
ps.eyeota.net/ Frame 7183 		0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/match?uid=4224580775014324333&bid=9gdtmu1
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=4224580775014324333&agencyId=8579&advertiserId=2162282&src=tp&rnd=429068
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.57.150.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-150-20.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 30 Jan 2024 13:45:16 GMT
Content-Length
0
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
pixel.gif
load77.exelator.com/ Frame 7183
Redirect Chain
  • https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=4224580775014324333
  • https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=4224580775014324333&xl8blockcheck=1
  • https://load77.exelator.com/pixel.gif
43 B
461 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://load77.exelator.com/pixel.gif
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=4224580775014324333&agencyId=8579&advertiserId=2162282&src=tp&rnd=429068
Protocol
H2
Server
2a02:6ea0:c700::22 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Tue, 30 Jan 2024 13:45:17 GMT
x-age-lb
573186
x-amz-request-id
tx00000c5cc302da9b09107-0065909fa7-5134150-nyc
x-77-cache
HIT
x-accel-date
1706049131
content-length
43
x-77-nzt
A9RmOLQ3Nzf/Ar8IACUTwjE3Nzexz9PUZsL7wAA
x-accel-expires
@1707085931
x-77-age
573186
x-cache-lb
HIT
last-modified
Sat, 30 Dec 2023 22:32:08 GMT
server
CDN77-Turbo
etag
"fc94fb0c3ed8a8f909dbc7630a0987ff"
x-77-nzt-ray
6d204d116618039d6dfdb8656e698c04
content-type
image/gif
x-rgw-object-type
Normal
accept-ranges
bytes

Redirect headers

date
Tue, 30 Jan 2024 13:45:16 GMT
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location
https://load77.exelator.com/pixel.gif
content-type
image/gif
cache-control
no-cache
access-control-allow-credentials
true
content-length
0
398366.gif
idsync.rlcdn.com/ Frame 7183 		0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/398366.gif?partner_uid=4224580775014324333
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=4224580775014324333&agencyId=8579&advertiserId=2162282&src=tp&rnd=429068
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 13:45:16 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
gdpr_consent=
sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=4224580775014324333/gdpr=/ Frame 7183 		49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=4224580775014324333/gdpr=/gdpr_consent=
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=4224580775014324333&agencyId=8579&advertiserId=2162282&src=tp&rnd=429068
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.128.140.222 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-128-140-222.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Jan 2024 13:45:16 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.7.217
content-length
49
expires
0
29729
tags.bluekai.com/site/ Frame 7183 		62 B
218 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/29729?id=4224580775014324333
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=4224580775014324333&agencyId=8579&advertiserId=2162282&src=tp&rnd=429068
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.246.169.24 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-246-169-24.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date
Tue, 30 Jan 2024 13:45:17 GMT
content-length
62
content-type
image/gif
sd
eu-u.openx.net/w/1.0/ Frame 7183 		43 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4224580775014324333
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=4224580775014324333&agencyId=8579&advertiserId=2162282&src=tp&rnd=429068
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Jan 2024 13:45:16 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT
pixel.gif
s3-eu-west-1.amazonaws.com/adality-cdn-content/ Frame 7183
Redirect Chain
  • https://api.adrtx.net/thirdparty/click?p=adfo
  • https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif
35 B
390 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=4224580775014324333&agencyId=8579&advertiserId=2162282&src=tp&rnd=429068
Protocol
HTTP/1.1
Server
52.218.60.51 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 30 Jan 2024 13:45:18 GMT
Last-Modified
Thu, 29 Oct 2015 16:41:57 GMT
Server
AmazonS3
x-amz-request-id
W08XEBTCW50VDQBX
ETag
"c2196de8ba412c60c22ab491af7b1409"
Content-Type
image/gif
Accept-Ranges
bytes
Content-Length
35
x-amz-id-2
SF8ovXhme8EsG+xfqO+zoSak27eMhi66gf0104OzrpDInm8RqwpXA1sSn3iWs+pTB0pHqU84FCs=

Redirect headers

X-Error-Reason
Missing UserId
Date
Tue, 30 Jan 2024 13:45:16 GMT
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location
https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif
Content-Type
text/html; charset=UTF-8
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
137
/
cm.adsafety.net/ Frame 7183
Redirect Chain
  • https://cm.adsafety.net/?_cmsrc=adformx&idt=100&did=4224580775014324333
  • https://ads.smartstream.tv/cm/?cmsrc=cm&cm_uid=CM12024013013ec420c7d68d6725e0e4&redirect=https%3A%2F%2Fcm.adsafety.net%2F%3F_cmsrc%3Dstv%26_chainsrc%3Dcommon&gdpr_consent=
  • https://cm.adsafety.net/?_cmsrc=stv&_chainsrc=common&idt=100&did=ef23be9c4fe60d61318adddbc300af53&idt_did_status=added&gdpr_consent=&gdpr=0
  • https://tags.adsafety.net/v1/cm?cm_uid=CM12024013013ec420c7d68d6725e0e4&redirect=https%3A%2F%2Fcm.adsafety.net%2F%3F_cmsrc%3Dct%26_chainsrc%3Dcommon%26idt%3D%5B%25IDT%25%5D%26did%3D%5B%25DID%25%5D&...
  • https://cm.adsafety.net/?_cmsrc=ct&_chainsrc=common&idt=100&did=ef23be9c4fe60d61318adddbc300af53
  • https://cm.g.doubleclick.net/pixel?google_nid=dataxtrade_dmp&google_cm&google_hm=Q00xMjAyNDAxMzAxM2VjNDIwYzdkNjhkNjcyNWUwZTQ&gdpr_consent=&gdpr=0
  • https://cm.adsafety.net/?_cmsrc=dbmx&midt=100&mdid=CAESEDLYBWzn75Bw8_KL5Lt6pKU&gdpr_consent=&gdpr=0&google_cver=1
  • https://c1.adform.net/serving/cookie/match?party=28&cid=CM12024013013ec420c7d68d6725e0e4
  • https://cm.adsafety.net/?_cmsrc=adform&idt=100&did=4224580775014324333
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adsafety.net/?_cmsrc=adform&idt=100&did=4224580775014324333
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=4224580775014324333&agencyId=8579&advertiserId=2162282&src=tp&rnd=429068
Protocol
HTTP/1.1
Server
89.163.155.32 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
cm50.as.net
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 30 Jan 2024 13:45:17 GMT
Last-Modified
Tue, 30 Jan 2024 13:45:17 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
must-revalidate, no-cache, no-store, post-check=0, pre-check=0, private
Connection
keep-alive
Expires
Mon, 28 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 30 Jan 2024 13:45:17 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.adsafety.net/?_cmsrc=adform&idt=100&did=4224580775014324333
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
usermatch.gif
beacon.krxd.net/ Frame 7183 		0
339 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=adform&partner_uid=4224580775014324333
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=4224580775014324333&agencyId=8579&advertiserId=2162282&src=tp&rnd=429068
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.32.151.156 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-32-151-156.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-served-by
beacon-n020-dub-prod.krxd.net
date
Tue, 30 Jan 2024 13:45:16 GMT
cache-control
private, no-cache, no-store
x-request-time
D=56 t=1706622316
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
plf
c1.adform.net/imatch/ Frame 7183 		0
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c1.adform.net/imatch/plf?name=plfm
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=4224580775014324333&agencyId=8579&advertiserId=2162282&src=tp&rnd=429068
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.20 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/imatch/pixels?bt=0&uid=4224580775014324333&agencyId=8579&advertiserId=2162282&src=tp&rnd=429068
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 13:45:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
/
c1.adform.net/serving/cookie/match/ Frame 7183
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm&google_ula=1641347&party=1&google_hm=NDIyNDU4MDc3NTAxNDMyNDMzMw
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEHq6t1RkO39U3tHAY9XdfBo&google_cver=1&google_ula=1641347,0
35 B
600 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEHq6t1RkO39U3tHAY9XdfBo&google_cver=1&google_ula=1641347,0
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=4224580775014324333&agencyId=8579&advertiserId=2162282&src=tp&rnd=429068
Protocol
H2
Server
37.157.3.20 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Jan 2024 13:45:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1

Redirect headers

pragma
no-cache
date
Tue, 30 Jan 2024 13:45:16 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEHq6t1RkO39U3tHAY9XdfBo&google_cver=1&google_ula=1641347,0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
334
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
secure.adnxs.com/ Frame 7183
Redirect Chain
  • https://secure.adnxs.com/getuid?https://c1.adform.net/serving/cookie/match?party=3&id=$UID&redirect=1
  • https://c1.adform.net/serving/cookie/match?party=3&id=3094484365885493439&redirect=1
  • https://secure.adnxs.com/setuid?entity=91&code=4224580775014324333
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/setuid?entity=91&code=4224580775014324333
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=4224580775014324333&agencyId=8579&advertiserId=2162282&src=tp&rnd=429068
Protocol
H2
Server
37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Jan 2024 13:45:16 GMT
an-x-request-uuid
9e0f42e5-f7bc-44c4-aeef-5fbf1f03421e
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
193.32.248.221; 193.32.248.221; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 30 Jan 2024 13:45:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://secure.adnxs.com/setuid?entity=91&code=4224580775014324333
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame 7183 		0
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=4224580775014324333
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=4224580775014324333&agencyId=8579&advertiserId=2162282&src=tp&rnd=429068
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Tue, 30 Jan 2024 13:45:16 GMT
cache-control
no-store, no-cache, private
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cs
pdw-adf.userreport.com/ Frame 7183 		43 B
444 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pdw-adf.userreport.com/cs
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=4224580775014324333&agencyId=8579&advertiserId=2162282&src=tp&rnd=429068
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-70.muc50.r.cloudfront.net
Software
nginx/1.22.0 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 20:04:01 GMT
Via
1.1 033e374ece012797cbee0d505e2e61b4.cloudfront.net (CloudFront)
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx/1.22.0
X-Amz-Cf-Pop
MUC50-P1
Age
63676
X-Cache
Hit from cloudfront
Content-Type
image/gif
Connection
keep-alive
Content-Length
43
X-Amz-Cf-Id
982Bz-AhDq66g-Ao6FxJnAVe3wl3pn8BVy2S0fuluwLeH4WON6618g==
p
a.audrte.com/ Frame 7183
Redirect Chain
  • https://a.audrte.com/a?adform_uid=4224580775014324333
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=YjRnTk9OLWJqcUlTdUtXSFUtYjBWdFFjZw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
  • https://a.audrte.com/p
68 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=4224580775014324333&agencyId=8579&advertiserId=2162282&src=tp&rnd=429068
Protocol
HTTP/1.1
Server
54.78.141.128 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-78-141-128.eu-west-1.compute.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 30 Jan 2024 13:45:17 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Tue, 30 Jan 2024 13:45:17 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
match
c1.adform.net/serving/cookie/ Frame 7183
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=1586&dpuuid=4224580775014324333&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1586&dpuuid=4224580775014324333&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredire...
  • https://c1.adform.net/serving/cookie/match?party=1007&cid=33285425135939936434231391224374864392&noredirect=1
35 B
600 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c1.adform.net/serving/cookie/match?party=1007&cid=33285425135939936434231391224374864392&noredirect=1
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=4224580775014324333&agencyId=8579&advertiserId=2162282&src=tp&rnd=429068
Protocol
H2
Server
37.157.3.20 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Jan 2024 13:45:17 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1

Redirect headers

dcs
dcs-prod-irl1-1-v054-04590bf15.edge-irl1.demdex.com 2 ms
pragma
no-cache
date
Tue, 30 Jan 2024 13:45:17 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-tid
xbE+F+oPTfY=
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location
https://c1.adform.net/serving/cookie/match?party=1007&cid=33285425135939936434231391224374864392&noredirect=1
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 UTC
/
dmp.adform.net/serving/cookie/match/ Frame 7183
Redirect Chain
  • https://aa.agkn.com/adscores/g.pixel?sid=9212269628&_puid=4224580775014324333
  • https://dmp.adform.net/serving/cookie/match/?party=1014&cid=217163104777002845531
35 B
600 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.adform.net/serving/cookie/match/?party=1014&cid=217163104777002845531
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=4224580775014324333&agencyId=8579&advertiserId=2162282&src=tp&rnd=429068
Protocol
H2
Server
37.157.3.20 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Jan 2024 13:45:17 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1

Redirect headers

pragma
no-cache
date
Tue, 30 Jan 2024 13:45:17 GMT
server
AAWebServer
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location
https://dmp.adform.net/serving/cookie/match/?party=1014&cid=217163104777002845531
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
expires
0
/
dmp.adform.net/serving/cookie/match/ Frame 7183
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1049%26cid%3D%25%25COOKIE%25%25
  • https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7329887038139791502
35 B
591 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7329887038139791502
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=4224580775014324333&agencyId=8579&advertiserId=2162282&src=tp&rnd=429068
Protocol
H2
Server
37.157.3.20 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Jan 2024 13:45:17 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1

Redirect headers

Location
https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7329887038139791502
Date
Tue, 30 Jan 2024 13:45:17 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
33302
tags.bluekai.com/site/ Frame 7183 		62 B
430 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/33302?id=4224580775014324333
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=4224580775014324333&agencyId=8579&advertiserId=2162282&src=tp&rnd=429068
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.246.169.24 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-246-169-24.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date
Tue, 30 Jan 2024 13:45:17 GMT
content-length
62
content-type
image/gif
match
c1.adform.net/serving/cookie/ Frame 7183
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_
  • https://pm.w55c.net/ping_match.gif?scc=1&st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_
  • https://c1.adform.net/serving/cookie/match?party=1084&cid=C8Oe6S421RuOqp5
35 B
600 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c1.adform.net/serving/cookie/match?party=1084&cid=C8Oe6S421RuOqp5
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=4224580775014324333&agencyId=8579&advertiserId=2162282&src=tp&rnd=429068
Protocol
H2
Server
37.157.3.20 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Jan 2024 13:45:17 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1

Redirect headers

Pragma
no-cache
Date
Tue, 30 Jan 2024 13:45:16 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-801-g0076fb7#rel-ec2-master i-01d275e55739701ae@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location
https://c1.adform.net/serving/cookie/match?party=1084&cid=C8Oe6S421RuOqp5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame 7183 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=71ei9rr&ttd_tpi=1
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=4224580775014324333&agencyId=8579&advertiserId=2162282&src=tp&rnd=429068
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 13:45:16 GMT
server
Kestrel
content-length
70
content-type
image/gif
0.gif
id5-sync.com/s/10/ Frame 7183 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/s/10/0.gif?puid=4224580775014324333
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=4224580775014324333&agencyId=8579&advertiserId=2162282&src=tp&rnd=429068
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Tue, 30 Jan 2024 13:45:17 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="CAO PSA OUR"
/
dmp.adform.net/serving/cookie/match/ Frame 7183
Redirect Chain
  • https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D
  • https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D&bounce=1&random=3589740126
  • https://dmp.adform.net/serving/cookie/match/?party=1145&cid=kWRyXB5xX8y33NXVE4UkYe
35 B
600 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.adform.net/serving/cookie/match/?party=1145&cid=kWRyXB5xX8y33NXVE4UkYe
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=4224580775014324333&agencyId=8579&advertiserId=2162282&src=tp&rnd=429068
Protocol
H2
Server
37.157.3.20 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Jan 2024 13:45:17 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1

Redirect headers

pragma
no-cache
date
Tue, 30 Jan 2024 13:45:16 GMT
via
1.1 google
last-modified
Tue, 30 Jan 2024 13:45:17 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location
https://dmp.adform.net/serving/cookie/match/?party=1145&cid=kWRyXB5xX8y33NXVE4UkYe
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
um
sync.teads.tv/ Frame 7183 		23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=119&uid=4224580775014324333
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=4224580775014324333&agencyId=8579&advertiserId=2162282&src=tp&rnd=429068
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.97.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-16-97-41.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Tue, 30 Jan 2024 13:45:17 GMT
pragma
no-cache
date
Tue, 30 Jan 2024 13:45:17 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif
/
s.ad.smaato.net/c/ Frame 7183 		0
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.ad.smaato.net/c/?dspInit=1001213&dspCookie=4224580775014324333
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=4224580775014324333&agencyId=8579&advertiserId=2162282&src=tp&rnd=429068
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:237d:c000:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 13:45:17 GMT
cache-control
no-cache, must-revalidate
via
1.1 f212784a4dc77817b66a91a042658fa6.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
MUC50-P2
x-amz-cf-id
b3pclw1wukL9DUj6IC69dWPQbC3c-kY9rx8kTHze4oxGZ_OwQzfKdA==
x-cache
Miss from cloudfront
4224580775014324333
match.contentexchange.me/adform/ Frame 7183 		0
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.contentexchange.me/adform/4224580775014324333?redirect_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1219
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=4224580775014324333&agencyId=8579&advertiserId=2162282&src=tp&rnd=429068
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
46.19.11.36 , Slovenia, ASN51790 (SIEL, SI),
Reverse DNS
ilog.vsn.si
Software
nginx/1.16.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 13:45:17 GMT
content-length
0
server
nginx/1.16.1
xuid
eb2.3lift.com/ Frame 7183 		37 B
140 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=7354&xuid=4224580775014324333&dongle=AD20
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=4224580775014324333&agencyId=8579&advertiserId=2162282&src=tp&rnd=429068
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 13:45:17 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
put
e1.emxdgt.com/ Frame 7183 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e1.emxdgt.com/put?d=d52&uid=4224580775014324333
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=4224580775014324333&agencyId=8579&advertiserId=2162282&src=tp&rnd=429068
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.105.89 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-105-89.eu-central-1.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 13:45:17 GMT
server
awselb/2.0
plf
c1.adform.net/imatch/ Frame 7183 		0
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c1.adform.net/imatch/plf?name=plfl
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=4224580775014324333&agencyId=8579&advertiserId=2162282&src=tp&rnd=429068
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.20 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/imatch/pixels?bt=0&uid=4224580775014324333&agencyId=8579&advertiserId=2162282&src=tp&rnd=429068
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 13:45:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
a757f4bc.mp4
74vod-adaptive.akamaized.net/exp=1706625915~acl=%2F7b007286-e774-49e2-af3e-e63b29f57539%2F%2A~hmac=406b033e5c259b7c47e70bc38a3865de61abd71c15ebbffe967880769037faf1/7b007286-e774-49e2-af3e-e63b29f57... Frame 6625 		2 MB
2 MB 		XHR
General
Check archive.org
Download Go to
Full URL
https://74vod-adaptive.akamaized.net/exp=1706625915~acl=%2F7b007286-e774-49e2-af3e-e63b29f57539%2F%2A~hmac=406b033e5c259b7c47e70bc38a3865de61abd71c15ebbffe967880769037faf1/7b007286-e774-49e2-af3e-e63b29f57539/parcel/video/a757f4bc.mp4?r=dXMtY2VudHJhbDE%3D&range=1055-2261496
Requested by
Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.27.4/js/background.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1735:2a20 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
parcel /
Resource Hash
a779d2c11eee8adbe8f4b590aeeafab77d4924427bbbfc3b954dd390da253165

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.vimeo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 13:45:16 GMT
x-vim-cachebc
EP:H11,E:m,TD0:h
akamai-grn
0.1c2a3517.1706622316.12369608
origin-retrieved-hour
1698850800
akamai-mon-iucid-del
877678
alt-svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
2260442
pragma
no-cache
last-modified
Wed, 01 Nov 2023 15:42:08 GMT
server
parcel
access-control-max-age
86400
aka-c-hit
cache-hit
content-type
video/mp4
access-control-allow-origin
*
access-control-expose-headers
X-VIM-CACHEBC, Akamai-GRN, Akamai-Request-BC
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
timing-allow-origin
*
akamai-request-bc
[a=23.53.42.28,b=305567240,c=g,n=DE_HE_FRANKFURT,o=20940],[c=c,n=DE_HE_FRANKFURT,o=20940]
access-control-allow-headers
Content-Type, Accept-Encoding, Range, X-OTT-Agent,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
player-stats
fresnel.vimeocdn.com/add/ Frame 6625 		0
11 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=d26d48595aaa774352f168ea5837ad6a416d7a101706622315
Requested by
Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.27.4/js/background.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.202.204 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
204.202.120.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://player.vimeo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://player.vimeo.com
date
Tue, 30 Jan 2024 13:45:17 GMT
via
1.1 google
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
player-stats
fresnel.vimeocdn.com/add/ Frame 6625 		0
11 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=d26d48595aaa774352f168ea5837ad6a416d7a101706622315
Requested by
Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.27.4/js/background.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.202.204 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
204.202.120.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://player.vimeo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://player.vimeo.com
date
Tue, 30 Jan 2024 13:45:17 GMT
via
1.1 google
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
a757f4bc.mp4
74vod-adaptive.akamaized.net/exp=1706625915~acl=%2F7b007286-e774-49e2-af3e-e63b29f57539%2F%2A~hmac=406b033e5c259b7c47e70bc38a3865de61abd71c15ebbffe967880769037faf1/7b007286-e774-49e2-af3e-e63b29f57... Frame 6625 		2 MB
2 MB 		XHR
General
Check archive.org
Download Go to
Full URL
https://74vod-adaptive.akamaized.net/exp=1706625915~acl=%2F7b007286-e774-49e2-af3e-e63b29f57539%2F%2A~hmac=406b033e5c259b7c47e70bc38a3865de61abd71c15ebbffe967880769037faf1/7b007286-e774-49e2-af3e-e63b29f57539/parcel/video/a757f4bc.mp4?r=dXMtY2VudHJhbDE%3D&range=2261497-4382586
Requested by
Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.27.4/js/background.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1735:2a20 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
parcel /
Resource Hash
b476ee6ec2532dbad957567dcf0109a8847dedac0a85ad1c10fb0b3294de1250

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.vimeo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 13:45:17 GMT
x-vim-cachebc
EP:H11,E:m,TD0:h
akamai-grn
0.1c2a3517.1706622317.12369af4
origin-retrieved-hour
1698850800
akamai-mon-iucid-del
877678
alt-svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
2121090
pragma
no-cache
last-modified
Wed, 01 Nov 2023 15:42:08 GMT
server
parcel
access-control-max-age
86400
aka-c-hit
cache-hit
content-type
video/mp4
access-control-allow-origin
*
access-control-expose-headers
X-VIM-CACHEBC, Akamai-GRN, Akamai-Request-BC
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
timing-allow-origin
*
akamai-request-bc
[a=23.53.42.28,b=305568500,c=g,n=DE_HE_FRANKFURT,o=20940],[c=c,n=DE_HE_FRANKFURT,o=20940]
access-control-allow-headers
Content-Type, Accept-Encoding, Range, X-OTT-Agent,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
a757f4bc.mp4
74vod-adaptive.akamaized.net/exp=1706625915~acl=%2F7b007286-e774-49e2-af3e-e63b29f57539%2F%2A~hmac=406b033e5c259b7c47e70bc38a3865de61abd71c15ebbffe967880769037faf1/7b007286-e774-49e2-af3e-e63b29f57... Frame 6625 		2 MB
2 MB 		XHR
General
Check archive.org
Download Go to
Full URL
https://74vod-adaptive.akamaized.net/exp=1706625915~acl=%2F7b007286-e774-49e2-af3e-e63b29f57539%2F%2A~hmac=406b033e5c259b7c47e70bc38a3865de61abd71c15ebbffe967880769037faf1/7b007286-e774-49e2-af3e-e63b29f57539/parcel/video/a757f4bc.mp4?r=dXMtY2VudHJhbDE%3D&range=4382587-6457564
Requested by
Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.27.4/js/background.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1735:2a20 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
parcel /
Resource Hash
1639f3c02402ec518357f889175ea169e6384e0583d11e6429123d565c5c35b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.vimeo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 13:45:17 GMT
x-vim-cachebc
EP:H11,E:m,TD0:h
akamai-grn
0.1c2a3517.1706622317.12369ba7
origin-retrieved-hour
1698850800
akamai-mon-iucid-del
877678
alt-svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
2074978
pragma
no-cache
last-modified
Wed, 01 Nov 2023 15:42:08 GMT
server
parcel
access-control-max-age
86400
aka-c-hit
cache-hit
content-type
video/mp4
access-control-allow-origin
*
access-control-expose-headers
X-VIM-CACHEBC, Akamai-GRN, Akamai-Request-BC
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
timing-allow-origin
*
akamai-request-bc
[a=23.53.42.28,b=305568679,c=g,n=DE_HE_FRANKFURT,o=20940],[c=c,n=DE_HE_FRANKFURT,o=20940]
access-control-allow-headers
Content-Type, Accept-Encoding, Range, X-OTT-Agent,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
a757f4bc.mp4
74vod-adaptive.akamaized.net/exp=1706625915~acl=%2F7b007286-e774-49e2-af3e-e63b29f57539%2F%2A~hmac=406b033e5c259b7c47e70bc38a3865de61abd71c15ebbffe967880769037faf1/7b007286-e774-49e2-af3e-e63b29f57... Frame 6625 		2 MB
2 MB 		XHR
General
Check archive.org
Download Go to
Full URL
https://74vod-adaptive.akamaized.net/exp=1706625915~acl=%2F7b007286-e774-49e2-af3e-e63b29f57539%2F%2A~hmac=406b033e5c259b7c47e70bc38a3865de61abd71c15ebbffe967880769037faf1/7b007286-e774-49e2-af3e-e63b29f57539/parcel/video/a757f4bc.mp4?r=dXMtY2VudHJhbDE%3D&range=6457565-8458896
Requested by
Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.27.4/js/background.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1735:2a20 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
parcel /
Resource Hash
771eba8c2a0daa4d36ee6a89fe04151a61803dfacb698046e5442ac7ed3d7158

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.vimeo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 13:45:17 GMT
x-vim-cachebc
EP:H11,E:m,TD0:h
akamai-grn
0.1c2a3517.1706622317.12369c3b
origin-retrieved-hour
1698850800
akamai-mon-iucid-del
877678
alt-svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
2001332
pragma
no-cache
last-modified
Wed, 01 Nov 2023 15:42:08 GMT
server
parcel
access-control-max-age
86400
aka-c-hit
cache-hit
content-type
video/mp4
access-control-allow-origin
*
access-control-expose-headers
X-VIM-CACHEBC, Akamai-GRN, Akamai-Request-BC
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
timing-allow-origin
*
akamai-request-bc
[a=23.53.42.28,b=305568827,c=g,n=DE_HE_FRANKFURT,o=20940],[c=c,n=DE_HE_FRANKFURT,o=20940]
access-control-allow-headers
Content-Type, Accept-Encoding, Range, X-OTT-Agent,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
player.vimeo.com
URL
https://player.vimeo.com/video/878791389?loop=1&autoplay=1&title=0&byline=0&portrait=0&api=1&background=1

Verdicts & Comments Add Verdict or Comment

151 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| cf object| wp object| cfgeo object| _wpemojiSettings undefined| $ function| jQuery object| Cli_Data object| cli_cookiebar_settings object| log_object object| CLI_Cookie object| CLI object| cliBlocker string| CLI_ACCEPT_COOKIE_NAME string| CLI_PREFERNCE_COOKIE number| CLI_ACCEPT_COOKIE_EXPIRE boolean| CLI_COOKIEBAR_AS_POPUP object| scriptParams function| hbook_show_accom_list function| hbook_reservation_done function| get_confno function| sojern_be_pixel_call string| siteUrl number| ils object| scriptFile object| cssFile object| sbVinetOpt function| sbVinetonT function| sbVinetdoJ function| sbVinetload function| sbVinetpABox function| sbVinetstrt function| vinetLoginBox object| s undefined| script function| jVinet string| _is_euro function| sbVinetDone function| elite_book_now function| gtag object| dataLayer object| dotq function| setREVStartSize number| RSIW number| RSIH object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client function| onSubmit object| RS_MODULES function| revslider_showDoubleJqueryError object| PGC_SGB_LIGHTBOX function| Waypoint function| EvEmitter function| imagesLoaded function| jQueryBridget function| getSize function| matchesSelector object| fizzyUIUtils function| Outlayer function| Masonry object| YAHOO function| deml function| sjrn_cipher function| sjrn_lfe function| sjrn_wfe function| sjrn_e function| feml function| sjrn_heml function| sjrn_ccid function| sjrn_ga function| sjrn_tz function| sjrn_dclid function| sjrn_wh_token function| sjrn_ft function| sjrn_clid object| sjrn_click_campaign_id function| sjrn_run undefined| sjrn_wfa undefined| sjrn_fs undefined| sjrn_fc undefined| sjrn_su undefined| sjrn_lc undefined| sjrn_sue undefined| sjrn_gu undefined| checkAndFireUrl undefined| sjrn_ceu object| sjrn_elt string| value object| parts object| ga_ids object| matched_set string| first_matched object| matched boolean| domain_match number| referrer_match string| auto_eml_domain object| sjrn_eml object| tz_date object| sjrn_params object| dclid string| wh_token object| sj_wh_token object| sjrnclid function| tpj object| revapi77 object| revapi2 object| revapi74 object| revapi21 object| RSANYID object| RSANYID_sliderID boolean| _R_is_Editor object| gsapVersions object| tpGS object| punchgs string| RSBrowser boolean| isSafari11 object| T boolean| _rs_firefox13 boolean| _rs_firefox boolean| _rs_ie boolean| _rs_ie9 object| google_tag_manager object| google_tag_data object| recaptcha object| closure_lm_217744 object| vinet object| kendo object| KendoLicensing function| URI object| dv boolean| _rs_desktop boolean| rs_addedvim string| currentText string| categoryCookie object| categoryCookieValue object| cli_chkbox_elm string| cli_chkbox_data_id string| cli_chkbox_data_id_trimmed object| GooglebQhCsO function| onYouTubeIframeAPIReady object| gaGlobal object| twemoji object| Vimeo boolean| VimeoPlayerResizeEmbeds_ boolean| VimeoSeoMetadataAppended boolean| VimeoCheckedUrlTimeParam

63 Cookies

Domain/Path Name / Value
.www.galleybayresort.com/ Name: __cf_bm
Value: 4uJ2Qq33DVl_KK4zhslbSAt3569QfwP1A019nuVd4vo-1706622313-1-Ae/JClb5qtWVrJJCoUyxxMzfE6De5dWnvpqb/9m82C3dEo3hvLlxsHx79x4RsZOC2sq/lEdkgJk3hA1awR7oOyA=
www.galleybayresort.com/ Name: cookielawinfo-checkbox-necessary
Value: yes
.galleybayresort.com/ Name: _gcl_au
Value: 1.1.1309644098.1706622315
.yahoo.com/ Name: A3
Value: d=AQABBGv9uGUCEJWc4gpJ0b589x3kNc9C0vcFEgEBAQFOumXCZeAXyiMA_eMAAA&S=AQAAAkCKktv7wEWnXnAmKUeIoAs
.galleybayresort.com/ Name: _ga_MMN2ZV07GX
Value: GS1.1.1706622315.1.0.1706622315.0.0.0
.galleybayresort.com/ Name: _ga
Value: GA1.1.1835512317.1706622315
.galleybayresort.com/ Name: _ga_ZRRPCF7DFD
Value: GS1.1.1706622315.1.0.1706622315.0.0.0
.vimeo.com/ Name: __cf_bm
Value: XlZLiT.jx1ksGKjnWv2adS_ZvVllBtmycFSAj7ML_yI-1706622315-1-AdiXkS5aJBVrB38B9eOBNUpsIRmIybjhU6jXvj7GHcgvkNEt4HovkVdc/sSVIxYR59uKzjBN0cX6DckXuG8g2LY=
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
.adnxs.com/ Name: XANDR_PANID
Value: eM_yZohOKsiWDY6fpFDYY8Ry3hcjHK8uoE5HtHhO_9fsqV1SQtcIAMcVEOZnXYFW8Pm3ZQWTmOtCKj8SMIrkUqIxLyXcab4P0KF6SFZvhL8.
.adnxs.com/ Name: uuid2
Value: 3094484365885493439
.adform.net/ Name: C
Value: 1
.doubleclick.net/ Name: IDE
Value: AHWqTUnJcFlXoT3yWPyJZiQ4yoLJV7KUc2G4PQami-RmEgVyeN8OBuRMrP-0kMIsBs8
.sojern.com/ Name: cid
Value: 56b553c7-10d6-8842-1c6f-cb7bf2cf7ad2#1706572800000
.sojern.com/ Name: adfid
Value: 872656086696207301
.sojern.com/ Name: gid
Value: CAESEAPMXbQTk4mb4cF_Yq9mkfg
.vimeo.com/ Name: vuid
Value: pl1968560741.141037483
.doubleclick.net/ Name: ar_debug
Value: 1
.doubleclick.net/ Name: receive-cookie-deprecation
Value: 1
.adform.net/ Name: uid
Value: 4224580775014324333
.adform.net/ Name: receive-cookie-deprecation
Value: 1
.adform.net/ Name: CM
Value: 1|1
.adform.net/ Name: CM14
Value: 1706708716_1706622316_1706622316_1_Hu7u4e4e4R7u4e4REREeEREREA
.seadform.net/ Name: uid
Value: 4224580775014324333
.adnxs.com/ Name: anj
Value: dTM7k!M4/YD>6NRF']wIg2E?`qlecq!]tbPl1M66+q([OUezA2Sgu(pN`wAoN^Dv-SguCN_.zn=S7Y`23If)y3KL9D3I?-5#vs0C
.semasio.net/ Name: SEUNCY
Value: 9222F576B37BBEF9
.casalemedia.com/ Name: CMID
Value: Zbj9bPF2wySrpclSU8q.aAAA
.casalemedia.com/ Name: CMPS
Value: 3203
.casalemedia.com/ Name: CMPRO
Value: 3203
.eyeota.net/ Name: SERVERID
Value: 17984~DM
.ads.stickyadstv.com/ Name: uid-bp-617
Value: 4224580775014324333
.ads.stickyadstv.com/ Name: UID
Value: a39f32dc47acf585b48bc35b5c7d63
.exelator.com/ Name: EE
Value: "db56f51630fe15429ea7a7f86cf7933d"
cm.adsafety.net/ Name: UID
Value: CM12024013013ec420c7d68d6725e0e4
.adsafety.net/ Name: cm_uid
Value: CM12024013013ec420c7d68d6725e0e4
.exelator.com/ Name: ud
Value: "eJxrXxzq6XKLQSElydQszdTQzNggLdXQ1MTIMjXRPNE8zcIsOc3c0tg4ZXFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDIYEl%252BUWb6IhfXxUUpaQyLSopPBR9b6w8Ap2kqZA%253D%253D"
.krxd.net/ Name: _kuid_
Value: QERVOCen
.adfarm1.adition.com/ Name: UserID1
Value: 7329887038139791502
ads.smartstream.tv/ Name: DID
Value: ef23be9c4fe60d61318adddbc300af53
ads.smartstream.tv/ Name: idt
Value: 100
ads.smartstream.tv/ Name: permanent
Value: 1
ads.smartstream.tv/ Name: cm_uid
Value: CM12024013013ec420c7d68d6725e0e4
.demdex.net/ Name: demdex
Value: 33285425135939936434231391224374864392
cm.adsafety.net/ Name: permanent
Value: 1
.agkn.com/ Name: ab
Value: 0001%3A4HQI6oJZtThwQzb0AJXYPa5qVFgeiDKu
.audrte.com/ Name: arcki2
Value: b4gNON-bjqISuKWHU-b0VtQcg!20220908!1706622317077!ip#193.32.248.221
.audrte.com/ Name: arcki2_adform
Value: 4224580775014324333!20220908!1706622317077
.dpm.demdex.net/ Name: dpm
Value: 33285425135939936434231391224374864392
tags.adsafety.net/ Name: UID
Value: ef23be9c4fe60d61318adddbc300af53
tags.adsafety.net/ Name: DID
Value: ef23be9c4fe60d61318adddbc300af53
tags.adsafety.net/ Name: IDT
Value: 100
tags.adsafety.net/ Name: cookie_ver
Value: 2
tags.adsafety.net/ Name: block_reset
Value: 1
.adsafety.net/ Name: ct_uid
Value: ef23be9c4fe60d61318adddbc300af53
.adsafety.net/ Name: ct_did
Value: ef23be9c4fe60d61318adddbc300af53
.adsafety.net/ Name: ct_idt
Value: 100
.weborama.fr/ Name: AFFICHE_W
Value: IAucIvJBO8Ag84
.bluekai.com/ Name: bku
Value: aG/99sl2rsPH7J66
.bluekai.com/ Name: bkpa
Value: KJy9/Qe5d02pSUHknp1p1p90wtkAwEx01MxNme9lBpDy1Exp1Mxp1p1e9J6DYYL=
.w55c.net/ Name: wfivefivec
Value: C8Oe6S421RuOqp5
.audrte.com/ Name: arcki2_ddp2
Value: b4gNON-bjqISuKWHU-b0VtQcg!20220908!1706622317184
.w55c.net/ Name: matchadform
Value: 5
cm.adsafety.net/ Name: cache0
Value: KzFHSk9wMUZsMkpMMjlsMzBXenlaMFNqeHJKVGV3ZnRvTkRxSG9wTTQxUys1b1ZpWHdoelNGNDVGUmlkMEtQMmFFejQrdzIvckhvcUZIL213cHo3NWQ4Nk5KZitnTGd0NDFJS1J3bUlmeXpBN2pYYU1pVXZLeEgrbEpicTNPN3liYXpkSjVGWE1ITnpUdVk0RnFTcUpGMW1jM1RvSFJVeWx1LzFjdzIzZlhpQkN1RVp4VGhYNVVzRFh6NURMcjYxYnJDWlVLc3ZCbjZ2QXZ6RTlvcm9XUTBCejlkeWpnUTFOa0NZeFdQdUpzUHAyb3RncjEwTjRnd3MxZmQxaVk0eVpzRVEzRkFTR2JQRzJTMHdBaDQrMTlodXI3TXVtaGs3dExKeWJ5dTFac0FpbXlmcHpSK1FqRHR5eXZoRVpBanQyRGs3VFV3cVNFMThmUVNXWExERVAyUmY3TlFlOXQ3SXBKaVZGVUp2dlZrV3Jqb1kzeWRhYmZWbHlpb045Vk54YkJQb0JQS0F2M3QwRmE0RjhuNFZXVERXb1FHb0o0L3FDOFpWWnhXRmRnb3BIY2xGRmVPbGZieEJhRk01ZkxnNEp2UFBDUXZvYU45c2RCSmlEckdZQVI3VFF4dy9Rd1hzZFA5ZGQvRlFiZVhheWZVbDQ0SHBOOW1TNEgvMUYwK05MdXg4YVlJb1dnZlpKNmR1eWFWNlQ2akNsV0dvK1FodmtaM2JSeHlYZjVuVVdxM3BpaktzbnRISUNSMVdVWHVpQzM0aHFKS2hVNkZUV2hheVhLd1pQVDgzSEdDdjJTZ3REOXQrc2szQXkwT1VFRVVpRDA3SFZBRzJ6dkVRcHVwU0pOaFhXTzFhOStOTXJLNUpCSFpocllCTEtvdCtVc2t1QlFHOHhqU0p2cmFJend1cFhvZUh4bkkrL2tTd1JXTHhFVEgzd3lVVWVKRlpuOTJzbmREN1FMU3VIWmFydXN0dmo3c3BISHdMMmZOemQzWU9GMm8vZ3NSMnFyY1Q5VW5tMzZ5WnZjeFVJVFZNb1pta05aMUJlZXRSd1NNVlZZaU9pc1Zpbzl1ZzB1eHBZbVZ4WDFMbzBSTlBJWm9zOWtuWDJkOHFYU0lZdjk0MmNLYkpEd3dLSUE9PQ%3D%3D

4 Console Messages

Source Level URL
Text
other warning URL: https://www.galleybayresort.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1(Line 1)
Message:
Allow attribute will take precedence over 'allowfullscreen'.
other warning URL: https://connect.facebook.net/signals/config/251123455744597?v=2.9.143&r=stable&domain=www.galleybayresort.com&hme=1e96626f56fb37feabdb16bd09d3dbece570479b2ec677eec7364c762eaf296e&ex_m=62%2C104%2C92%2C96%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C146%2C149%2C160%2C156%2C157%2C159%2C25%2C89%2C45%2C68%2C158%2C141%2C144%2C153%2C154%2C161%2C113%2C13%2C43%2C165%2C164%2C115%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C93%2C95%2C31%2C94%2C26%2C22%2C142%2C145%2C122%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C91%2C38%2C70%2C60%2C97%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C98(Line 95)
Message:
Unrecognized feature: 'attribution-reporting'.
network error URL: https://idsync.rlcdn.com/398366.gif?partner_uid=4224580775014324333
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=4224580775014324333/gdpr=/gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

74vod-adaptive.akamaized.net
a.audrte.com
a1.seadform.net
a2.adform.net
aa.agkn.com
ad.360yield.com
ad.doubleclick.net
ad.yieldlab.net
ads.smartstream.tv
ads.stickyadstv.com
adservice.google.com
api.adrtx.net
beacon.krxd.net
beacon.sojern.com
c1.adform.net
cm.adsafety.net
cm.g.doubleclick.net
connect.facebook.net
dmp.adform.net
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
e1.emxdgt.com
eb2.3lift.com
eu-u.openx.net
f.vimeocdn.com
fcmatch.google.com
fcmatch.youtube.com
fonts.googleapis.com
fonts.gstatic.com
fresnel.vimeocdn.com
galleybay.eliteislandvacations.com
googleads.g.doubleclick.net
ib.adnxs.com
id5-sync.com
idsync.rlcdn.com
ih.adscale.de
load77.exelator.com
loadm.exelator.com
match.adsrvr.org
match.contentexchange.me
pdw-adf.userreport.com
pixel.sojern.com
player.vimeo.com
pm.w55c.net
ps.eyeota.net
redirect.frontend.weborama.fr
region1.google-analytics.com
rtb-csync.smartadserver.com
s.ad.smaato.net
s.yimg.com
s2.adform.net
s3-eu-west-1.amazonaws.com
se.semasio.net
secure.adnxs.com
simage2.pubmatic.com
sp.analytics.yahoo.com
static.sojern.com
sync.crwdcntrl.net
sync.teads.tv
tags.adsafety.net
tags.bluekai.com
token.rubiconproject.com
uipglob.semasio.net
vimeo.com
www.eliteislandresorts.com
www.facebook.com
www.galleybayresort.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
x.bidswitch.net
player.vimeo.com
104.18.36.155
107.178.244.119
108.128.140.222
139.162.141.41
141.193.213.20
141.95.98.65
142.250.184.194
142.250.184.198
146.75.122.109
15.197.193.217
162.159.128.61
18.66.192.70
185.167.164.39
193.135.9.127
198.47.127.205
2.16.97.41
2001:4860:4802:32::36
212.82.100.181
23.35.237.75
2600:9000:237d:c000:1b:5138:8a40:93a1
2607:ae80:192:1::172
2a00:1288:80:807::2
2a00:1450:4001:801::2002
2a00:1450:4001:806::2003
2a00:1450:4001:806::200e
2a00:1450:4001:80b::2002
2a00:1450:4001:810::2008
2a00:1450:4001:813::2003
2a00:1450:4001:828::2004
2a00:1450:4001:82a::200a
2a00:1450:4001:82a::200e
2a00:1450:4001:831::2003
2a02:26f0:3100::1735:2a20
2a02:6ea0:c700::22
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
3.123.121.226
3.248.137.159
34.120.202.204
34.138.72.127
35.158.172.152
35.190.24.218
35.214.149.91
35.244.159.8
35.244.174.68
35.244.188.9
37.157.3.20
37.157.3.26
37.157.5.73
37.252.171.149
44.210.209.13
46.19.11.36
5.196.111.73
52.218.60.51
52.29.105.89
52.57.150.20
52.58.65.170
54.154.183.156
54.72.175.220
54.78.141.128
54.78.254.47
63.32.151.156
69.173.144.139
72.246.169.24
76.223.111.18
77.243.51.121
77.243.51.122
85.114.159.93
89.163.155.32
00377fc1c622febb555a0087762b5a429daceb09087cad16c75bb868ea10f47b
01a3f7860268b6b3b73afda4f0c9aa7c5b1a56b397a31c39138ee7380d8336df
02511b5b5c24ec7763460ca1635d70f1da7b408aa87fba5d3224771a32cbf137
05e0d95e16595bcc9b3c0e4f2a0f1a455630f8ab577f682676162e3c87aefe20
060111c888cd59aa706e28dab73436b1b3ed9640bc1986dfacf7a8ab722d041f
080627fa359156339e79f118fa66a6937f09ff679fe87e8afa473b95c8168d35
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
13be924e3838c7a02c5c5af48c8b94c8202464356bfecd97661c7ea8874fc248
1567596ad04275212996f16a138a4ba47e171863945d389561254f20e8e23327
1639f3c02402ec518357f889175ea169e6384e0583d11e6429123d565c5c35b7
17175f3ee7e5a92cba8cc6d8b33b4b043a6d2e922af0db5d5087413dd6a5b651
19871f8acd0559e87c4a8a86a44179bc863ae6bfd06b5368f6c1856bd63981db
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1de7f36ad7f44f5a484982ade6d03cee45fe311454a8799f25060c27bc88cd22
23cae9fee1024e6dcde1b8e545240df0c862f8d2f5ae8e58005e36d53edbd27f
253d547b03ac59dc9b0f26d24bab04dac1babf7456139d8e0c48c716d1b42bb3
2889147edb550aef849e10ba2230d6b1f65a0f8831b45f642bfc0ee185babe38
298e7d88ffb5e462b32c0eeff712cd62b3419743d287dbf7312214cc1b2f5fad
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2b0bcbcab929c6afe6caffb3a1e4d51f05a76f2fb7fd6cc7dff8f44fa529d2af
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3029d429260641a00282e68decf6a46e07c688f92d92d195dc8938d07759ae67
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3312fee67c3094e5cb9f0e3c3f94266bc316e25406ed0dab85770bdebdb0b631
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
411adf76b50d366bea22f320eeefe67cba9b6bb4e0f5ab8005ec83acfafb4586
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
45f3e73f5b5d8f1accdba00c41a0ac3c0a6fdeee2f7e7d7f517296e8161188bc
480b06b23e574b4bf386fde1a91145a4171f97aeb5ee800e4be1850f29b1ad91
4b2a0de34b0c0351b3fff867a20e318a82097e7707846a9732552215de9283ee
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bc10fd542ab5b1d9e5652088e4742c5e83deccfba285b880f983053b120f3c1
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
547dda3c14b284819be511be1e410da94a5efc6ccc4a9afe1c75394f9333191a
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
59a79b601c18c7ddaf002c2aa56b62751c2c9c643d4ffd0d3f80dcf92e68f1b2
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5c49dba84c1cbff67508623a16507105bde5be084f2beabcc276b03c4555968e
5e52d2896e4826b8b2cc58b53db6c3e4aaea762a718e2a1375b275ff78285060
626b0bd515ef3d960504f5dd752bfd7009c695acf702240610740abb7a7c8807
655ae452d922f501b62c7028fc35e238138de989387381cc1ed9cea9085864db
66dfcf6e0a84c6a90bcc37eaf745194097f0f7da46a86d8f0c13180eed194bb7
6852a7a579517cfd5da4bd237f1d1df6be8da8b5d49e60f315cba3ee42b3434e
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7
698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6c52384c7b0641dd1ead85d079c22d39bcc6dc5f2537afb1e6396bb619771a3f
70c7536b93e15e6d8b2369df155c582b61306829da9892d1f5de39094d5ef248
714088bef569d6981bfae79530ef315f4d6505f302a944ce9063601919977e6f
72605d5b68a3da97d60b21ea602004084c4691d245707cf6035223f9745060a5
7521d7a552d133301c7b84a28f8df2fb8c6c1113bf8c3a66ce9d19dc2ab291a4
771eba8c2a0daa4d36ee6a89fe04151a61803dfacb698046e5442ac7ed3d7158
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
7a147df94c5bfda6f6220fa67213008b8a1114af4e585381abe36627bd75c098
7e07826006b232c1d8a5a21c783f5a994a09fe2051274019157afc68d20049c6
7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a
80958c5459618ff5e9a712f384d23d233d9bc2ef7607aed9580f2d9c9035090f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
852754fd845e27c7a8fa088a1af153384f2f73db0999628f817cebb7b07e882f
877b25db9c6bf054b89e03707ea06ce5239ea0bec28bb609a70815bbf682f654
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8b739e56eb4a1ad0df3cbf8681668157aa52178060e6494118d2d8fbbed48a5b
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8da131d86b29600a66678fed3ad0c6eb0def9f079b7805855d000e946ce95b5c
9034d5d34015e4b05d2c1d1a8dc9f6ec9d59bd96d305eb9e24e24e65c591a645
904a9fb41a8def7934e36f12709f58182802250aaeec2d39b80e285941d47093
940084b2ccd34c3b4e4a9ac473eef00b93fa91bea3991bd1212536dbe138a5a4
99c28ba77690124b83aea8cdbbb17ab1145ba247c791aeb4bad747b4248ac459
a023fee6a14009b1849e37f2abbe1da3ce58833e16a767ca5a3372adf3543342
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a48afcdd03f4564488705ee1d770061af2c928c8b5ed5653a3dc9c95a8aab1fc
a4a9d14d69f54d007c509cb60038b301af3726a0c0a4c5fc30b3d06a39d77c5c
a4da3191cc557675b87417e90bb3f0516bb285eebabc91a22425c2e12caef869
a58f9c867953412d4ca8c6407e9368e307977ce51666f9c01b29157377227c4a
a779d2c11eee8adbe8f4b590aeeafab77d4924427bbbfc3b954dd390da253165
a8afd048b61d297aa84949da4a8674dd9ab691cdd5778286e41cb09dcc79f735
a8b704dccb5094ecebbe1f11d637a5609f6b4d44b9567e6fbea1c2b3ca691f29
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b476ee6ec2532dbad957567dcf0109a8847dedac0a85ad1c10fb0b3294de1250
b47d4b5508e8c4756e37d5904890bd67194c62d18e8334acdfde12a81e9371b3
b65b3de1bc923b9355248a0d941a0eaee15dfb9a6b8eadb51323a8df6189dcd1
b798e798867301d04ad55df8c4b32c3a26379eebc2ce8ec3f4d1b896a4d259e7
b96a78b95a1b812860024e8496acb0129199a28ec2f669ff7a931cfa93329c52
bb0fc98afcbc89e3ba9a97cd44cce5800f344c2eabbca9b9fbf986d18db35fd3
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bbf418c7349cd4ca4e44bd79d57b8b415ac0ef460fc703f2e0feff216e4281a2
bf980ee2914592d5353827464b9bfadb6000c1b2edf8dc31a7af979c984e9f34
c051b8b5eb2a0aef699780f15a449491868faa6f8b39b684b5ae8f64f345b94a
c4596b16b126326b0d8fc2fb8bf91389ad3dc4671a269187913c19a8f2ad1094
c9ee01ee8903499cb90168df3d5de82fdcf4660511aa12e06207bca6ccfdf064
ca7122323c9b46ffdea7fef9086e60697d41ea2c3cb4405f33e0767278e3012c
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cbc424f37fdb91994b799d75811b672be9832329ff0a7fe06b5c21c21bdaaf58
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d2a7a173045c7ed2c9474ee0edd3ebc0389454132b0a16e55b3eae6402c46a05
d37e8a7d59223580623bc23430bd8a56d52771b58219717aa54f42c27d04b624
d41d0f72c68314fd2939342e1b47f2b717a163608b4c319d69519674a6ebfe43
d6a2ec240f8adc5052cb9df96a33199c65de4c58457de2aca485120f70e53c89
d917660c3d6f7aad32ebc4b0012c6d0bb84a13e201a012e334bcca4b9f4686c9
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
ded6dff29c705adb48c831fe4a652814472affd0e7164d66832b00f594573b7f
e00add38134eac2fb8e8e9c09cbfff7bbe57952b210322eb2eecb0a21fc055eb
e02af7df9a190d88380e2dcec2050ecaa493ae2d23526dbeec67f6907df3a752
e360c60586c4ecaac662443f270ab79a5555c287ab7b190d215ab7d0e5cb3b04
e387cb89834b72db06db6827ce4a4f0db39ee8e6f3f84c82105cd5cac224250b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6e797fdd37f20f47b0150c3287d7cc0745533bc839426ae0d47532fd2703be5
e7af9d60d875eb1c1b1037bbbfdec41fcb096d0ebcf98a48717ad8b07906ced6
e9d444751bf01821fb2579585cffef0b1142e797af825ac2f23a48d167799910
eaf42866abe8a1f17bb85c9929b629337f575d033a7fc925901ae7d1455c42de
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f6f49d4dc4069b95187fa447b4d8571ad0c7ed1aaada51201c48986cf2c1643e
f7b9c3065e55fa3b9e320093612e7b30dcb14355a44ec461247b495a3e729686
fbe820b6140ad28e86f34ffae507d807cf591a22697a05b71958f2014e96a9e4