www.hotsprings.org Open in urlscan Pro
147.182.193.139 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.hotsprings.org/
Effective URL:
https://www.hotsprings.org/
Submission: On November 10 via api (November 10th 2023, 12:45:34 am UTC) from US — Scanned from DE

Summary HTTP 92 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 34 IPs in 6 countries across 24 domains to perform 92 HTTP transactions. The main IP is 147.182.193.139, located in Santa Clara, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is www.hotsprings.org.
TLS certificate: Issued by R3 on October 13th 2023. Valid for: 3 months.

This is the only time www.hotsprings.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 24	147.182.193.139 147.182.193.139	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
3	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:36::178	15169 (GOOGLE) (GOOGLE)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	63.215.202.137 63.215.202.137	41041 (VCLK-EU-SE) (VCLK-EU-SE)
2	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
5	23.36.163.138 23.36.163.138	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c1d::9b	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
2	2606:4700:10:... 2606:4700:10::6816:1996	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	174.36.68.130 174.36.68.130	36351 (SOFTLAYER) (SOFTLAYER)
2	52.54.117.126 52.54.117.126	14618 (AMAZON-AES) (AMAZON-AES)
1	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
1	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
7	104.18.72.113 104.18.72.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a02:26f0:480... 2a02:26f0:480:f::213:7ee1	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f17... 2a03:2880:f176:84:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a02:26f0:710... 2a02:26f0:7100::1720:ef43	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 2	142.250.186.70 142.250.186.70	15169 (GOOGLE) (GOOGLE)
1	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700:440... 2606:4700:4400::6812:2844	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700:e2:... 2606:4700:e2::ac40:8209	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
1	104.18.70.113 104.18.70.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:20:... 2606:4700:20::681a:6b4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
3	104.16.51.111 104.16.51.111	13335 (CLOUDFLAR...) (CLOUDFLARENET)
92	34

24 147.182.193.139 (Santa Clara, United States) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: 936298.cloudwaysapps.com

www.hotsprings.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:36::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.215.202.137 (Amsterdam, Netherlands)

ASN41041 (VCLK-EU-SE, US)
PTR: ams01-nessy-float1.dotomi.com

login.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.36.163.138 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-36-163-138.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c1d::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:1996 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.lightwidget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 174.36.68.130 (Dallas, United States)

ASN36351 (SOFTLAYER, US)
PTR: server.saveonhotels.com

www.weatherwx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.54.117.126 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-54-117-126.compute-1.amazonaws.com

data.adxcel-ec2.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)

r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

translate.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.18.72.113 (None, )

ASN13335 (CLOUDFLARENET, US)

static.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:26f0:480:f::213:7ee1 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:7100::1720:ef43 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.70 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f6.1e100.net

12268554.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:2844 (United States)

ASN13335 (CLOUDFLARENET, US)

kit.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:e2::ac40:8209 (United States)

ASN13335 (CLOUDFLARENET, US)

ka-f.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

translate.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.70.113 (None, )

ASN13335 (CLOUDFLARENET, US)

ekr.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:6b4 (United States)

ASN13335 (CLOUDFLARENET, US)

browser-update.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.16.51.111 (None, )

ASN13335 (CLOUDFLARENET, US)

hotsprings6726.zendesk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	hotsprings.org 1 redirects www.hotsprings.org	41 MB
8	zdassets.com static.zdassets.com — Cisco Umbrella Rank: 2137 ekr.zdassets.com — Cisco Umbrella Rank: 2470	214 KB
7	google.com region1.analytics.google.com — Cisco Umbrella Rank: 3040 translate.google.com — Cisco Umbrella Rank: 1323 www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 105	32 KB
6	typekit.net use.typekit.net — Cisco Umbrella Rank: 506 p.typekit.net — Cisco Umbrella Rank: 621	62 KB
5	doubleclick.net 1 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 78 googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 12268554.fls.doubleclick.net	3 KB
5	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 742	148 KB
4	gstatic.com www.gstatic.com fonts.gstatic.com	15 KB
4	fontawesome.com kit.fontawesome.com — Cisco Umbrella Rank: 1492 ka-f.fontawesome.com — Cisco Umbrella Rank: 2891	24 KB
3	zendesk.com hotsprings6726.zendesk.com	1 KB
3	googleapis.com translate.googleapis.com — Cisco Umbrella Rank: 960	81 KB
3	google.de www.google.de — Cisco Umbrella Rank: 6862	579 B
3	bing.com bat.bing.com — Cisco Umbrella Rank: 366	14 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	249 KB
2	adxcel-ec2.com data.adxcel-ec2.com — Cisco Umbrella Rank: 4572	262 B
2	weatherwx.com www.weatherwx.com — Cisco Umbrella Rank: 295652	7 KB
2	lightwidget.com cdn.lightwidget.com — Cisco Umbrella Rank: 38348	10 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 174	91 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
1	browser-update.org browser-update.org — Cisco Umbrella Rank: 7487	5 KB
1	adsrvr.org insight.adsrvr.org — Cisco Umbrella Rank: 584	149 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 110	185 B
1	turn.com r.turn.com — Cisco Umbrella Rank: 4121	398 B
1	dotomi.com login.dotomi.com — Cisco Umbrella Rank: 2848	211 B
0	eyereturn.com Failed o2.eyereturn.com Failed
92	24

	Domain	Requested by
24	www.hotsprings.org	1 redirects www.hotsprings.org
7	static.zdassets.com	www.hotsprings.org static.zdassets.com
5	use.typekit.net	www.hotsprings.org use.typekit.net
5	analytics.tiktok.com	www.hotsprings.org analytics.tiktok.com
3	hotsprings6726.zendesk.com	static.zdassets.com
3	translate.googleapis.com
3	www.gstatic.com	www.gstatic.com translate.googleapis.com
3	ka-f.fontawesome.com	kit.fontawesome.com
3	www.google.com	www.hotsprings.org
3	www.google.de	www.hotsprings.org
3	bat.bing.com	www.hotsprings.org bat.bing.com
3	www.googletagmanager.com	www.hotsprings.org www.googletagmanager.com
2	12268554.fls.doubleclick.net	1 redirects www.hotsprings.org
2	data.adxcel-ec2.com	www.hotsprings.org
2	www.weatherwx.com	www.hotsprings.org
2	cdn.lightwidget.com	www.hotsprings.org
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	region1.analytics.google.com	www.googletagmanager.com
2	connect.facebook.net	www.hotsprings.org connect.facebook.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
1	fonts.gstatic.com	www.hotsprings.org
1	browser-update.org	www.hotsprings.org
1	ekr.zdassets.com	static.zdassets.com
1	kit.fontawesome.com	www.weatherwx.com
1	adservice.google.com	12268554.fls.doubleclick.net
1	insight.adsrvr.org	12268554.fls.doubleclick.net
1	p.typekit.net	use.typekit.net
1	www.facebook.com	www.hotsprings.org
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	translate.google.com	www.hotsprings.org
1	r.turn.com	www.hotsprings.org
1	login.dotomi.com	www.googletagmanager.com
0	o2.eyereturn.com Failed	www.hotsprings.org
92	33

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.youtube.com
www.instagram.com
www.tiktok.com
www.pinterest.com
hotsprings.isolvedhire.com
www.weatherwx.com

Subject Issuer	Validity	Valid
hotsprings.org R3	`2023-10-13` - `2024-01-11`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 01	`2023-10-24` - `2024-04-21`	6 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2023-08-15` - `2024-09-15`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-08-19` - `2023-11-17`	3 months	crt.sh
*.tiktok.com RapidSSL ECC CA 2018	`2023-07-14` - `2024-08-13`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
lightwidget.com R3	`2023-09-28` - `2023-12-27`	3 months	crt.sh
ftp.weatherwx.com R3	`2023-10-22` - `2024-01-20`	3 months	crt.sh
adxcel-ec2.com Amazon RSA 2048 M01	`2023-09-18` - `2024-10-17`	a year	crt.sh
*.turn.com RapidSSL TLS RSA CA G1	`2023-03-22` - `2024-03-31`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
zdassets.com E1	`2023-10-23` - `2024-01-21`	3 months	crt.sh
use.typekit.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-21` - `2024-10-21`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-22` - `2023-12-23`	a year	crt.sh
ka-f.fontawesome.com GTS CA 1P5	`2023-11-08` - `2024-02-06`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-06` - `2024-05-05`	a year	crt.sh
hotsprings6726.zendesk.com Cloudflare Inc ECC CA-3	`2023-05-28` - `2024-05-27`	a year	crt.sh

This page contains 6 frames:

Primary Page: https://www.hotsprings.org/
Frame ID: B0D79EE17CEFFB884A4EC9528F0DAF85
Requests: 82 HTTP requests in this frame

Frame: https://12268554.fls.doubleclick.net/activityi;dc_pre=CPLwgY6auIIDFaeQ_QcdLosK3A;src=12268554;type=count0;cat=sitev00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=9868792693251.654
Frame ID: 8674EB9B22D23BB07814D10F717838F3
Requests: 3 HTTP requests in this frame

Frame: https://cdn.lightwidget.com/widgets/3bf60f7504d6557f89bac33588bda95b.html
Frame ID: 0CB0C2A8963653BDA71BB06F1C25FFFE
Requests: 4 HTTP requests in this frame

Frame: data://truncated
Frame ID: 68AB48C127CBEC548BC6A4B6212FE786
Requests: 1 HTTP requests in this frame

Frame: https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.qhDXWpKopYk.L.W.O/am=CAM/d=0/rs=AN8SPfqeKn8wA30q4viup18yaci8udUjKQ/m=el_main_css
Frame ID: EB72538E24890E2041F861F488B1CB8A
Requests: 1 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-0345ad6.js
Frame ID: 9058AF5EA6AB6EB4706FF18FED173C9B
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Hot Springs, Arkansas | Hot Springs National Park Arkansas

Page URL History Show full URLs

http://www.hotsprings.org/ HTTP 301
https://www.hotsprings.org/ Page URL

Detected technologies

UIKit (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+class="[^"]*(?:uk-container|uk-section)
uikit.*\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
kit\.fontawesome\.com/([0-9a-z]+).js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

92
Requests

99 %
HTTPS

69 %
IPv6

24
Domains

33
Subdomains

34
IPs

6
Countries

43123 kB
Transfer

45943 kB
Size

15
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: http://www.facebook.com/pages/Hot-Springs-Arkansas/196205289477

Search URL Search Domain Scan URL

URL: https://twitter.com/VisitHotSprings

Search URL Search Domain Scan URL

URL: http://www.youtube.com/user/VisitHotSpringsAR

Search URL Search Domain Scan URL

URL: https://www.instagram.com/visithotsprings/

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@visithotsprings

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/VisitHotSprings

Search URL Search Domain Scan URL

URL: https://hotsprings.isolvedhire.com/
Title: Careers

Search URL Search Domain Scan URL

URL: https://www.weatherwx.com/forecast/ar/hot+springs.html
Title: Hot Springs WeatherLight RainTemp: 52°F / 11°CWeatherWX.comHourly Radar

Search URL Search Domain Scan URL

URL: https://www.weatherwx.com/hourly/ar/hot+springs.html
Title: Hourly

Search URL Search Domain Scan URL

URL: https://www.weatherwx.com/radar_loop/ar/hot+springs.html
Title: Radar

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.hotsprings.org/ HTTP 301
https://www.hotsprings.org/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 41

https://12268554.fls.doubleclick.net/activityi;src=12268554;type=count0;cat=sitev00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=9868792693251.654 HTTP 302
https://12268554.fls.doubleclick.net/activityi;dc_pre=CPLwgY6auIIDFaeQ_QcdLosK3A;src=12268554;type=count0;cat=sitev00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=9868792693251.654

92 HTTP transactions
9 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.hotsprings.org/
Redirect Chain

http://www.hotsprings.org/
https://www.hotsprings.org/

422 KB
144 KB

932ms
568ms

Document
text/html

147.182.193.139
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hotsprings.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

147.182.193.139 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

936298.cloudwaysapps.com

Software

nginx / ProcessWire CMS

Resource Hash

5df518fc3b7d37d953a92dd22798d72adb7e89735e30756d0160a28fce9f9794

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Fri, 10 Nov 2023 00:45:06 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: nginx
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-powered-by: ProcessWire CMS
x-xss-protection: 1; mode=block

Redirect headers

Connection: keep-alive
Content-Length: 162
Content-Type: text/html
Date: Fri, 10 Nov 2023 00:45:05 GMT
Location: https://www.hotsprings.org/
Server: nginx

GET
H2 200 screen.css
www.hotsprings.org/site/assets/css/ 287 KB
35 KB 357ms
355ms Stylesheet
text/css 147.182.193.139
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hotsprings.org/site/assets/css/screen.css
Requested by: Host: www.hotsprings.org
URL: https://www.hotsprings.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 147.182.193.139 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 936298.cloudwaysapps.com
Software: nginx /
Resource Hash: bf74b96c019800120222f32176e688bf6e6560e3b2b0a589e3209f17ed45087a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hotsprings.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 00:45:06 GMT
content-encoding: gzip
last-modified: Tue, 07 Feb 2023 14:58:15 GMT
server: nginx
etag: W/"63e26707-47a86"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000

GET
H2 200 uikit.js Show response
www.hotsprings.org/site/templates/uikit-3.7.2/js/ 340 KB
67 KB 536ms
535ms Script
application/javascript 147.182.193.139
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hotsprings.org/site/templates/uikit-3.7.2/js/uikit.js
Requested by: Host: www.hotsprings.org
URL: https://www.hotsprings.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 147.182.193.139 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 936298.cloudwaysapps.com
Software: nginx /
Resource Hash: 8ecff0222bff471f4bf1d925a162a03c9b9a02dc3e7ee476ae49431821726040

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hotsprings.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 00:45:06 GMT
content-encoding: gzip
last-modified: Tue, 07 Feb 2023 14:59:06 GMT
server: nginx
etag: W/"63e2673a-550c7"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000

GET
H2 200 uikit-icons.min.js Show response
www.hotsprings.org/site/templates/uikit-3.7.2/js/ 64 KB
18 KB 513ms
513ms Script
application/javascript 147.182.193.139
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hotsprings.org/site/templates/uikit-3.7.2/js/uikit-icons.min.js
Requested by: Host: www.hotsprings.org
URL: https://www.hotsprings.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 147.182.193.139 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 936298.cloudwaysapps.com
Software: nginx /
Resource Hash: 6fe17af7f7462a7ca0e5a79cfef8935b902c617bf82033587b3ba04a0696697a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hotsprings.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 00:45:06 GMT
content-encoding: gzip
last-modified: Tue, 07 Feb 2023 14:59:06 GMT
server: nginx
etag: W/"63e2673a-ff0b"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000

GET
H2 200 logo-npar.svg
www.hotsprings.org/site/assets/svg/ 6 KB
2 KB 358ms
357ms Image
image/svg+xml 147.182.193.139
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hotsprings.org/site/assets/svg/logo-npar.svg
Requested by: Host: www.hotsprings.org
URL: https://www.hotsprings.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 147.182.193.139 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 936298.cloudwaysapps.com
Software: nginx /
Resource Hash: 9e2bd059c4297e44e8d7b40a6ac838dd4613c67064ad8745c2d92dc01474e717

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hotsprings.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 00:45:06 GMT
content-encoding: gzip
last-modified: Tue, 07 Feb 2023 14:59:05 GMT
server: nginx
etag: W/"63e26739-1756"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000

GET
H2 200 outdoors.jpg
www.hotsprings.org/site/assets/files/5171/ 219 KB
219 KB 534ms
534ms Image
image/jpeg 147.182.193.139
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hotsprings.org/site/assets/files/5171/outdoors.jpg
Requested by: Host: www.hotsprings.org
URL: https://www.hotsprings.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 147.182.193.139 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 936298.cloudwaysapps.com
Software: nginx /
Resource Hash: 91170712bf7de7a1dc1d39b05af3d00e053e9e93e6611b77509b14115a767c04

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hotsprings.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 00:45:06 GMT
last-modified: Tue, 07 Feb 2023 14:58:16 GMT
server: nginx
etag: "63e26708-36b21"
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 224033

GET
H2 200 mountains.svg
www.hotsprings.org/site/assets/svg/ 4 KB
2 KB 513ms
512ms Image
image/svg+xml 147.182.193.139
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hotsprings.org/site/assets/svg/mountains.svg
Requested by: Host: www.hotsprings.org
URL: https://www.hotsprings.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 147.182.193.139 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 936298.cloudwaysapps.com
Software: nginx /
Resource Hash: 31d350246f252211e16de1431003fef582be68de0a76a214217cec7c0cda26a7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hotsprings.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 00:45:06 GMT
content-encoding: gzip
last-modified: Tue, 07 Feb 2023 14:59:05 GMT
server: nginx
etag: W/"63e26739-e00"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 235 KB
83 KB 81ms
33ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TMR89FM

Requested by

Host: www.hotsprings.org
URL: https://www.hotsprings.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5b800218ee5ada34969c735efd5777c2ae20cb397256bec5cbcda5d04256db49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hotsprings.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 00:45:06 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 84585
x-xss-protection: 0
last-modified: Fri, 10 Nov 2023 00:24:47 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 10 Nov 2023 00:45:06 GMT

GET
H2 200 print.css
www.hotsprings.org/site/assets/css/ 960 B
622 B 513ms
513ms Stylesheet
text/css 147.182.193.139
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hotsprings.org/site/assets/css/print.css
Requested by: Host: www.hotsprings.org
URL: https://www.hotsprings.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 147.182.193.139 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 936298.cloudwaysapps.com
Software: nginx /
Resource Hash: fb5d45c41a547177b398f151464c7ddedff63aaa6bc72f2f46bd850f159106c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hotsprings.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 00:45:06 GMT
content-encoding: gzip
last-modified: Tue, 07 Feb 2023 14:58:15 GMT
server: nginx
etag: W/"63e26707-3c0"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 286 KB
93 KB 39ms
38ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-H5QDX6Q01X&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TMR89FM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f034d331d5b4b092fe1e3b49495e5c78a688cc7d5ebe65eb346463920c5857cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hotsprings.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 00:45:06 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 95311
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 10 Nov 2023 00:45:06 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 76ms
23ms Script
text/javascript 2001:4860:4802:36::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TMR89FM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hotsprings.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 09 Nov 2023 23:51:31 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 3215
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 10 Nov 2023 01:51:31 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 45 KB
13 KB 114ms
44ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.hotsprings.org
URL: https://www.hotsprings.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

0dc90421cbf6414c9f1ef5e93af3dbe48a4e51899452330f0ae0b2815e38be94

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hotsprings.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Fri, 10 Nov 2023 00:45:06 GMT
last-modified: Fri, 20 Oct 2023 01:13:24 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D88DAD61DB4D48C1AD67F43F1EB1ACC7 Ref B: FRA31EDGE0821 Ref C: 2023-11-10T00:45:06Z
etag: "0125f9ff22da1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13079

GET
H2 200 1_0 Show response
login.dotomi.com/profile/visit/js/ 19 B
211 B 246ms
115ms Script
application/javascript 63.215.202.137
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to

Full URL: https://login.dotomi.com/profile/visit/js/1_0?dtm_cid=82190&dtm_cmagic=0cb659&dtm_fid=101&dtm_promo_id=1&cachebuster=802157925
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TMR89FM
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 63.215.202.137 Amsterdam, Netherlands, ASN41041 (VCLK-EU-SE, US),
Reverse DNS: ams01-nessy-float1.dotomi.com
Software: nginx /
Resource Hash: 2db1dbcf1a4a6e63576e5f22320949e1ddc87ff4c10ff26ec353abc9540cd228

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hotsprings.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 00:45:06 GMT
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
content-type: application/javascript
cache-control: no-cache, private, max-age=0, no-store
content-length: 19
expires: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 199 KB
73 KB 38ms
37ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-769570144

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TMR89FM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e114b1f9f13a530601b7193d440def95c25c4071a9d7b258a6660caa56c2a863

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hotsprings.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 00:45:06 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 74224
x-xss-protection: 0
last-modified: Fri, 10 Nov 2023 00:24:47 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 10 Nov 2023 00:45:06 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 202 KB
54 KB 88ms
19ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.hotsprings.org
URL: https://www.hotsprings.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hotsprings.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 10 Nov 2023 00:45:06 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54273
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: PA7ogXOu1wMuLmyWegXb9+cSj/VXFz5rtgWxYxlSzfrB3A4RdcrZFR8KgUbh4MXv/Rb3NdIbbxCVOs3ScjthYw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 5 KB
3 KB 244ms
130ms Script
application/javascript 23.36.163.138
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CDLC8I3C77UDCMKM7GGG&lib=ttq
Requested by: Host: www.hotsprings.org
URL: https://www.hotsprings.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.138 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-138.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 164ce2ac6619cea8af16103572754ecf4dcfd00783b342fcccc34ddeae06dfa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hotsprings.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 00:45:06 GMT
content-encoding: gzip
x-akamai-request-id: 28f9724a
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server: nginx
x-tt-logid: 20231110004506D3F5CD883681B300E959
vary: Accept-Encoding
x-cache: TCP_MISS from a23-36-161-138.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2-52182464) (-)
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 96,23.36.161.138
x-tt-trace-host: 015d2718a00bc57e667372f5fc17447c774be60aaed806c594d0f35e83b5daf6ba83953b5cb4d4b412eb8bed9168766afb0dab2b55ee8f5471c2aad6f2584b3cde3da42b625aa8c7bd94ec66a0513eb19cf9871d77d102a6ea4bb1fbfd7dfbd255
server-timing: inner; dur=5, cdn-cache; desc=MISS, edge; dur=0, origin; dur=96
expires: Fri, 10 Nov 2023 00:45:06 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
256 B 73ms
25ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-H5QDX6Q01X&gtm=45je3b81v898896493z8810797454&_p=1699577106350&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1729174376.1699577107&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1699577106&sct=1&seg=0&dl=https%3A%2F%2Fwww.hotsprings.org%2F&dt=Hot%20Springs%2C%20Arkansas%20%7C%20Hot%20Springs%20National%20Park%20Arkansas&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1729
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-H5QDX6Q01X&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hotsprings.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 00:45:06 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.hotsprings.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
256 B 82ms
28ms Ping
text/plain 2a00:1450:400c:c1d::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-H5QDX6Q01X&cid=1729174376.1699577107&gtm=45je3b81v898896493z8810797454&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-H5QDX6Q01X&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c1d::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hotsprings.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 00:45:06 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.hotsprings.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 78ms
32ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-H5QDX6Q01X&cid=1729174376.1699577107&gtm=45je3b81v898896493z8810797454&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=1065250787

Requested by

Host: www.hotsprings.org
URL: https://www.hotsprings.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hotsprings.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 00:45:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
211 B 26ms
25ms XHR
text/plain 2001:4860:4802:36::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1194606895&t=pageview&_s=1&dl=https%3A%2F%2Fwww.hotsprings.org%2F&ul=en-us&de=UTF-8&dt=Hot%20Springs%2C%20Arkansas%20%7C%20Hot%20Springs%20National%20Park%20Arkansas&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=1701169818&gjid=1453882345&cid=1729174376.1699577107&tid=UA-1172938-29&_gid=1634160727.1699577107&_r=1&_slc=1&gtm=45He3b81n81TMR89FMv810797454&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=1861869981

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.hotsprings.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 00:45:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.hotsprings.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1058820657878299 Show response
connect.facebook.net/signals/config/ 139 KB
36 KB 86ms
85ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1058820657878299?v=2.9.138&r=stable&domain=www.hotsprings.org

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

96fd680dc80a341396564e2961791c0e924c89682c4c4d39a58808eb8cc582b2

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hotsprings.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 10 Nov 2023 00:45:06 GMT
document-policy: force-load-at-top
content-security-policy-report-only: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: hRsEDh8wg/oW2lRfp2QHsMjmzDJFdA1nW837v6eAgTdCSZWwS+21pJ7aaUuKhGQd1Z1q0ihYQqgdZaJ78Gl5yw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 204 26155083.js Show response
bat.bing.com/p/action/ 0
117 B 41ms
41ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/26155083.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hotsprings.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Fri, 10 Nov 2023 00:45:06 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 33AF67BDE172456B9B8B3F821221AB38 Ref B: FRA31EDGE0821 Ref C: 2023-11-10T00:45:06Z
x-cache: CONFIG_NOCACHE

GET
H2 200 lightwidget.js Show response
cdn.lightwidget.com/widgets/ 757 B
626 B 88ms
26ms Script
application/javascript 2606:4700:10::6816:1996
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.lightwidget.com/widgets/lightwidget.js
Requested by: Host: www.hotsprings.org
URL: https://www.hotsprings.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1996 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce91f4fdaac61f4b527ea79882bf4437560a8420369a33525bfd70662545ffe5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hotsprings.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 00:45:06 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 17 Oct 2023 09:27:20 GMT
server: cloudflare
age: 1446
etag: W/"652e5378-2f5"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1382400
cf-ray: 823a45557c1c1d88-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 hot+springs.js Show response
www.weatherwx.com/weather-js-current/us/ar/ 2 KB
705 B 926ms
173ms Script
text/html 174.36.68.130
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://www.weatherwx.com/weather-js-current/us/ar/hot+springs.js
Requested by: Host: www.hotsprings.org
URL: https://www.hotsprings.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 174.36.68.130 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: server.saveonhotels.com
Software: Apache/2 / PHP/5.3.29
Resource Hash: d452323ce8237257f524524b9e77eba193721ec18375581c2040b17ff7a0a16b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hotsprings.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 00:45:07 GMT
content-encoding: gzip
server: Apache/2
x-powered-by: PHP/5.3.29
content-length: 590
vary: Accept-Encoding,User-Agent
content-type: text/html

GET
H/1.1 200
OK /
data.adxcel-ec2.com/pixel/ 43 B
131 B 586ms
113ms Image
image/gif 52.54.117.126
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.adxcel-ec2.com/pixel/?ad_log=referer&action=content&pixid=e7831f38-6e75-4317-8ad0-997a36a5db53
Requested by: Host: www.hotsprings.org
URL: https://www.hotsprings.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.54.117.126 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-54-117-126.compute-1.amazonaws.com
Software: /
Resource Hash: 693d949d8c3fdc7fd4ace7c340b5f177a9f0c5be7bafee8bc93a7d88b7523d75

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hotsprings.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK /
data.adxcel-ec2.com/pixel/ 43 B
131 B 592ms
119ms Image
image/gif 52.54.117.126
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.adxcel-ec2.com/pixel/?ad_log=referer&action=lead&pixid=e7831f38-6e75-4317-8ad0-997a36a5db53
Requested by: Host: www.hotsprings.org
URL: https://www.hotsprings.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.54.117.126 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-54-117-126.compute-1.amazonaws.com
Software: /
Resource Hash: 693d949d8c3fdc7fd4ace7c340b5f177a9f0c5be7bafee8bc93a7d88b7523d75

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hotsprings.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 beacon
r.turn.com/r/ 43 B
398 B 185ms
36ms Image
image/gif 2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/beacon?b2=DamyJRWTZtAp5LSLrNJb6THaDMwsBHRPGODlhipAIAhqaw5fG-A7jK35R_ML2FIa-wtN-bA9_pzkUBO2U__xNw&cid=
Requested by: Host: www.hotsprings.org
URL: https://www.hotsprings.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hotsprings.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 10 Nov 2023 00:45:06 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2 200 element.js Show response
translate.google.com/translate_a/ 89 KB
31 KB 87ms
42ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit

Requested by

Host: www.hotsprings.org
URL: https://www.hotsprings.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a7ad69d57e6094853a8a54bf1bdc7177462e1048a3e1ab0b514d948ec5518530

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hotsprings.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 00:45:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 snippet.js Show response
static.zdassets.com/ekr/ 10 KB
5 KB 79ms
30ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/ekr/snippet.js?key=fd8bc7e1-e495-4210-af4f-832d14066404

Requested by

Host: www.hotsprings.org
URL: https://www.hotsprings.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9f22f6e9d4852f8be0706b62fbd0eba20f6cb56171def5e387b2d95fcd07df01

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hotsprings.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 00:45:06 GMT
x-amz-version-id: hKEbdq289Xo7bHrM.yPFOdJ37r5nFwfe
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: AENNNW4RTVV2KN9D
age: 56
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: ULqr8Gt/e7TCEkuSp5UAhjxXjJP6/3z8RAZWCFhCJmu2LPko/1kucw0zJ0dJOUmsaCtiUWSSkb4=
last-modified: Wed, 09 Aug 2023 01:01:02 GMT
server: cloudflare
etag: W/"42d94c325a0b012e41f9c3907853625a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kt3XLq0WA9nEZwVEUSR2OHto4czE2YmrBCumbTE%2FUmOYB3QrpRO%2BaiYT5zty267zY1sOEZFbeUMwiDOq6UlinC1kuS0dg2PUKG1tTYeg4NjNM1QUDnj2%2FiX54IemFahWpaxLqyI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=3600, s-maxage=60
cf-ray: 823a45556f002bdf-FRA

GET
H2 200 jbt3uaq.css
use.typekit.net/ 3 KB
985 B 307ms
243ms Stylesheet
text/css 2a02:26f0:480:f::213:7ee1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/jbt3uaq.css

Requested by

Host: www.hotsprings.org
URL: https://www.hotsprings.org/site/assets/css/screen.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7ee1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

2c23d4c1425ec6fea415776cc05eefe1c00753f9620c052a4dca79127c282e0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hotsprings.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
date: Fri, 10 Nov 2023 00:45:07 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 762

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 27ms
26ms XHR
text/plain 2a00:1450:400c:c1d::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-1172938-29&cid=1729174376.1699577107&jid=1701169818&gjid=1453882345&_gid=1634160727.1699577107&_u=YADAAEAAAAAAACAAI~&z=373218380

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1d::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.hotsprings.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 10 Nov 2023 00:45:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.hotsprings.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 main.MTdjYzNiZDU2MQ.js Show response
analytics.tiktok.com/i18n/pixel/static/ 417 KB
108 KB 33ms
33ms Script
application/javascript 23.36.163.138
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MQ.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CDLC8I3C77UDCMKM7GGG&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.138 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-138.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 899b480c61ba64c81eca25d7e37c963401ce6521586c6f42b20648597f20acbd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hotsprings.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-akamai-request-id: 28f9726b
date: Fri, 10 Nov 2023 00:45:06 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20231109073131742C96CA494F13E9D7E3
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a23-36-161-138.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2-52182464) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01ad626358587e2e149c8471cf69985b7d209afee4cb087d067af4f9e0eb2d2626ffef2e65a31484add97792f8689c9fc8e8ff81cb27cb343fb0f8070dd96d654412eec26d6076ed2aec2bafcf8bd84c173265385d4fb93955e9bcb8521f63bc0f
server-timing: cdn-cache; desc=HIT, edge; dur=1, inner; dur=4
content-length: 110417

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/769570144/ 3 KB
2 KB 82ms
30ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/769570144/?random=1699577106771&cv=11&fst=1699577106771&bg=ffffff&guid=ON&async=1&gtm=45be3b81v884180569&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.hotsprings.org%2F&hn=www.googleadservices.com&frm=0&tiba=Hot%20Springs%2C%20Arkansas%20%7C%20Hot%20Springs%20National%20Park%20Arkansas&auid=516584595.1699577106&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-769570144

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

14a31ccedd0d50a0ef8288e97f0ea9e160169fff6fa017b860a06a5bd4f2ede2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hotsprings.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 00:45:06 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1277
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 81ms
30ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-1172938-29&cid=1729174376.1699577107&jid=1701169818&_u=YADAAEAAAAAAACAAI~&z=978809589

Requested by

Host: www.hotsprings.org
URL: https://www.hotsprings.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hotsprings.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 00:45:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 31ms
29ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-1172938-29&cid=1729174376.1699577107&jid=1701169818&_u=YADAAEAAAAAAACAAI~&z=978809589

Requested by

Host: www.hotsprings.org
URL: https://www.hotsprings.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hotsprings.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 00:45:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 61ms
18ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1058820657878299&ev=PageView&dl=https%3A%2F%2Fwww.hotsprings.org%2F&rl=&if=false&ts=1699577106833&sw=1600&sh=1200&v=2.9.138&r=stable&a=tmgoogletagmanager&ec=0&o=4126&fbp=fb.1.1699577106829.1611394816&cs_est=true&ler=empty&it=1699577106713&coo=false&rqm=GET

Requested by

Host: www.hotsprings.org
URL: https://www.hotsprings.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hotsprings.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 10 Nov 2023 00:45:06 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 identify_bb163.js Show response
analytics.tiktok.com/i18n/pixel/static/ 135 KB
36 KB 34ms
34ms Script
application/javascript 23.36.163.138
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_bb163.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.138 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-138.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a1d4b01843b9dad68a10bba7ab416fb60cbe6052a223f6bd74cbad286b812b2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hotsprings.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-akamai-request-id: 28f97288
date: Fri, 10 Nov 2023 00:45:06 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20231109073131FE20E353E3655AFC3BA4
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a23-36-161-138.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2-52182464) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01d08bf2329872d236c8605886a0c814266e69ea2826f16ec8a1bf1b86efa6ad800008cb042155f0b889f9efdc96c336748bde38ac5acf4ddfe279aed0513c28fd2a241dea4d41d8fbb39b2f551904b437b1b1851581af4d8ea7f1c7b44e8d64f9
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=10
content-length: 36232

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
651 B 236ms
236ms Ping
text/plain 23.36.163.138
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.138 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-138.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.hotsprings.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 28f9729a
date: Fri, 10 Nov 2023 00:45:07 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-138.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2-52182464) (-)
server-timing: inner; dur=101, cdn-cache; desc=MISS, edge; dur=6, origin; dur=190
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202311100045070DF0F586B08CCC35F23C
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 191,23.36.161.138
x-tt-trace-host: 015d2718a00bc57e667372f5fc17447c774be60aaed806c594d0f35e83b5daf6baecc683ff55508c0f0d837c80e5dfe73a6ee3c56fe11dd4fe5e1f903a98f5466dbfa986bb9260c243ee09f099a2440eddb1b40775f22e1155cd3b0dd6f509b82d
access-control-allow-headers: Authorization,*
expires: Fri, 10 Nov 2023 00:45:07 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/769570144/ 42 B
154 B 35ms
33ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/769570144/?random=1699577106771&cv=11&fst=1699574400000&bg=ffffff&guid=ON&async=1&gtm=45be3b81v884180569&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.hotsprings.org%2F&frm=0&tiba=Hot%20Springs%2C%20Arkansas%20%7C%20Hot%20Springs%20National%20Park%20Arkansas&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwDICaaNHoDONzXRB9JYkr0K5hdX3yQ0g0QWEA&random=3105085391&rmt_tld=0&ipr=y

Requested by

Host: www.hotsprings.org
URL: https://www.hotsprings.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hotsprings.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 00:45:06 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/769570144/ 42 B
64 B 31ms
30ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/769570144/?random=1699577106771&cv=11&fst=1699574400000&bg=ffffff&guid=ON&async=1&gtm=45be3b81v884180569&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.hotsprings.org%2F&frm=0&tiba=Hot%20Springs%2C%20Arkansas%20%7C%20Hot%20Springs%20National%20Park%20Arkansas&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwDICaaNHoDONzXRB9JYkr0K5hdX3yQ0g0QWEA&random=3105085391&rmt_tld=1&ipr=y

Requested by

Host: www.hotsprings.org
URL: https://www.hotsprings.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hotsprings.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 00:45:06 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 p.css
p.typekit.net/ 5 B
172 B 198ms
19ms Stylesheet
text/css 2a02:26f0:7100::1720:ef43
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=jbt3uaq&ht=tk&f=27918.27954.28025.37516&a=86710840&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/jbt3uaq.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100::1720:ef43 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://use.typekit.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 00:45:07 GMT
last-modified: Fri, 23 Jun 2023 17:09:47 GMT
server: nginx
etag: "6495d1db-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

POST
H2 200 act
analytics.tiktok.com/api/v2/pixel/ 0
650 B 303ms
302ms Ping
text/plain 23.36.163.138
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel/act
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.138 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-138.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.hotsprings.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 28f972d5
date: Fri, 10 Nov 2023 00:45:07 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-138.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2-52182464) (-)
server-timing: inner; dur=149, cdn-cache; desc=MISS, edge; dur=6, origin; dur=241
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20231110004507ACB9254864F2FB351D71
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 241,23.36.161.138
x-tt-trace-host: 015d2718a00bc57e667372f5fc17447c774be60aaed806c594d0f35e83b5daf6bafe50c5d223ae541f99c6aa8e1f7caf97ba1aa15e8e0b3f6ac2585dedee78bb252e63e3c478ce561559127691c94e833655e39fddc3311a51fb3ca6885e63c478
access-control-allow-headers: Authorization,*
expires: Fri, 10 Nov 2023 00:45:07 GMT

GET
H2

200

activityi;dc_pre=CPLwgY6auIIDFaeQ_QcdLosK3A;src=12268554;type=count0;cat=sitev00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;... Show response
12268554.fls.doubleclick.net/ Frame 8674
Redirect Chain

https://12268554.fls.doubleclick.net/activityi;src=12268554;type=count0;cat=sitev00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%...
https://12268554.fls.doubleclick.net/activityi;dc_pre=CPLwgY6auIIDFaeQ_QcdLosK3A;src=12268554;type=count0;cat=sitev00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;...

596 B
672 B

34ms
33ms

Document
text/html

142.250.186.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://12268554.fls.doubleclick.net/activityi;dc_pre=CPLwgY6auIIDFaeQ_QcdLosK3A;src=12268554;type=count0;cat=sitev00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=9868792693251.654?

Requested by

Host: www.hotsprings.org
URL: https://www.hotsprings.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f6.1e100.net

Software

cafe /

Resource Hash

1e8257227c70e84dca70662e504c12127703663fc4073f76c79db2f751c5afd3

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hotsprings.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 334
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 10 Nov 2023 00:45:07 GMT
expires: Fri, 10 Nov 2023 00:45:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 10 Nov 2023 00:45:07 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://12268554.fls.doubleclick.net/activityi;dc_pre=CPLwgY6auIIDFaeQ_QcdLosK3A;src=12268554;type=count0;cat=sitev00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=9868792693251.654?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 206 2.mp4
www.hotsprings.org/site/assets/videos/ 32 MB
32 MB 181ms
180ms Media
video/mp4 147.182.193.139
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hotsprings.org/site/assets/videos/2.mp4
Requested by: Host: www.hotsprings.org
URL: https://www.hotsprings.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 147.182.193.139 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 936298.cloudwaysapps.com
Software: nginx /
Resource Hash

Request headers

Referer: https://www.hotsprings.org/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Range: bytes=0-

Response headers

date: Fri, 10 Nov 2023 00:45:07 GMT
last-modified: Tue, 07 Feb 2023 14:59:05 GMT
server: nginx
etag: "63e26739-1fb3023"
content-type: video/mp4
Content-Range: bytes 0-33239074/33239075
cache-control: public, max-age=31536000
Content-Length: 33239075

GET
H2 200 diamonds-half.svg
www.hotsprings.org/site/assets/svg/ 8 KB
2 KB 366ms
366ms Image
image/svg+xml 147.182.193.139
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hotsprings.org/site/assets/svg/diamonds-half.svg
Requested by: Host: www.hotsprings.org
URL: https://www.hotsprings.org/site/assets/css/screen.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 147.182.193.139 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 936298.cloudwaysapps.com
Software: nginx /
Resource Hash: 97f4c45dda28cf067efdb9ec87ce3431785cd4b5fe68e1dcc758b8c52136363b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hotsprings.org/site/assets/css/screen.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 00:45:07 GMT
content-encoding: gzip
last-modified: Tue, 07 Feb 2023 14:59:05 GMT
server: nginx
etag: W/"63e26739-1ed1"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000

GET
H2 200 l
use.typekit.net/af/2c4aa7/00000000000000007735b4d4/30/ 15 KB
15 KB 77ms
25ms Font
application/font-woff2 2a02:26f0:480:f::213:7ee1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/2c4aa7/00000000000000007735b4d4/30/l?subset_id=2&fvd=n5&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/jbt3uaq.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ee1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 2512f4a3cb4a0bce715c38488251909fb56aee720ef530954b3bd3becc6a83ed

Request headers

Referer: https://use.typekit.net/jbt3uaq.css
Origin: https://www.hotsprings.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 00:45:07 GMT
server: nginx
etag: "90074b7cbedee51333740284b6eb10215fe205c6"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 15272

GET
H2 200 l
use.typekit.net/af/4eeafb/00000000000000007735b4ce/30/ 15 KB
15 KB 76ms
24ms Font
application/font-woff2 2a02:26f0:480:f::213:7ee1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/4eeafb/00000000000000007735b4ce/30/l?subset_id=2&fvd=n7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/jbt3uaq.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ee1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 5e3600892aed78fca97c772d4d1375ba94c1fa5cb2710506f5e078c45896bdef

Request headers

Referer: https://use.typekit.net/jbt3uaq.css
Origin: https://www.hotsprings.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 00:45:07 GMT
server: nginx
etag: "8c7971e0ab849c577f2025090a3030d3b76c29a3"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 15476

GET
H2 200 l
use.typekit.net/af/0d0f8f/00000000000000007735c199/30/ 13 KB
13 KB 70ms
18ms Font
application/font-woff2 2a02:26f0:480:f::213:7ee1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/0d0f8f/00000000000000007735c199/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/jbt3uaq.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ee1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 60402dd08f25414ec79ade3f4a96d781a80d503e1e41f529ba12e549f2067829

Request headers

Referer: https://use.typekit.net/jbt3uaq.css
Origin: https://www.hotsprings.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 00:45:07 GMT
server: nginx
etag: "d2ee9c1910a413485cb8230e5c2b59ca20f7528e"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 13356

GET
H2 200 l
use.typekit.net/af/77b6c1/00000000000000007735b4bd/30/ 17 KB
17 KB 72ms
22ms Font
application/font-woff2 2a02:26f0:480:f::213:7ee1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/77b6c1/00000000000000007735b4bd/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n9&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/jbt3uaq.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ee1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 834166db631f0996be5e8622f76cdda05c0e2a02a270280c4e4c6318796e1293

Request headers

Referer: https://use.typekit.net/jbt3uaq.css
Origin: https://www.hotsprings.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 00:45:07 GMT
server: nginx
etag: "6b0583d78330f1e0a64e3b423ef9075fd010c7d9"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 16952

GET
DATA 200
OK truncated
/ 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 3bf60f7504d6557f89bac33588bda95b.html Show response
cdn.lightwidget.com/widgets/ Frame 0CB0 44 KB
10 KB 93ms
93ms Document
text/html 2606:4700:10::6816:1996
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.lightwidget.com/widgets/3bf60f7504d6557f89bac33588bda95b.html
Requested by: Host: www.hotsprings.org
URL: https://www.hotsprings.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1996 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f784bfd84668cb62f36544d2ed2e6c2246cd8c49330d5387bcd953c487b4cdb

Request headers

Referer: https://www.hotsprings.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=1800
cf-cache-status: MISS
cf-ray: 823a4558ce501d88-FRA
content-encoding: br
content-type: text/html
date: Fri, 10 Nov 2023 00:45:07 GMT
last-modified: Mon, 24 Jul 2023 23:52:30 GMT
server: cloudflare
vary: Accept-Encoding Accept-Encoding

GET
H2 200 /
insight.adsrvr.org/track/pxl/ Frame 8674 70 B
149 B 198ms
45ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/pxl/?adv=ex4a16z&ct=0:a5mqr1b&fmt=3
Requested by: Host: 12268554.fls.doubleclick.net
URL: https://12268554.fls.doubleclick.net/activityi;dc_pre=CPLwgY6auIIDFaeQ_QcdLosK3A;src=12268554;type=count0;cat=sitev00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=9868792693251.654?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://12268554.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 00:45:07 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2 200 dc_pre=CPLwgY6auIIDFaeQ_QcdLosK3A;src=12268554;type=count0;cat=sitev00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=...
adservice.google.com/ddm/fls/z/ Frame 8674 42 B
401 B 129ms
56ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CPLwgY6auIIDFaeQ_QcdLosK3A;src=12268554;type=count0;cat=sitev00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=9868792693251.654

Requested by

Host: 12268554.fls.doubleclick.net
URL: https://12268554.fls.doubleclick.net/activityi;dc_pre=CPLwgY6auIIDFaeQ_QcdLosK3A;src=12268554;type=count0;cat=sitev00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=9868792693251.654?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://12268554.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 00:45:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 0CB0 470 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 47ee76348225ce8e133510267976b0558f325ed229b68cf163cee2bfc07ca17f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 0CB0 410 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 19f834c8f5234931dd99be1816074c3f332b5df151f6ae25e24ec446c78698d8

Request headers

Referer
Origin: https://cdn.lightwidget.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 0CB0 472 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5e59f0327d3fd08b56625fc3d021a859374f0961e920d7114102f35cc0f9a473

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 6c1b94d176.js Show response
kit.fontawesome.com/ 11 KB
5 KB 221ms
145ms Script
text/javascript 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kit.fontawesome.com/6c1b94d176.js
Requested by: Host: www.weatherwx.com
URL: https://www.weatherwx.com/weather-js-current/us/ar/hot+springs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ee789c65d09c137813479c7e027d55a63429021fe5bf110054e0ae73cda483f6

Request headers

Referer: https://www.hotsprings.org/
Origin: https://www.hotsprings.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Fri, 10 Nov 2023 00:45:07 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
server: cloudflare
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
access-control-max-age: 3000
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
content-type: text/javascript
cache-control: max-age=60, public, stale-while-revalidate=30
cf-ray: 823a455b6e00911f-FRA
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id: F5XmrVXS0bmtvxEquMeC

GET
H2 200 showers.png
www.weatherwx.com/images/64fcicons/ 6 KB
6 KB 143ms
142ms Image
image/png 174.36.68.130
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.weatherwx.com/images/64fcicons/showers.png
Requested by: Host: www.hotsprings.org
URL: https://www.hotsprings.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 174.36.68.130 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: server.saveonhotels.com
Software: Apache/2 /
Resource Hash: 1eeb3483d2ba7c1085231cbbc42d8a75e3bfd1806f0e0a78d6dfaadd5bfcbf9b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hotsprings.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 00:45:07 GMT
last-modified: Sun, 29 Dec 2019 09:52:39 GMT
server: Apache/2
accept-ranges: bytes
etag: "182d-59ad4afef67c0"
content-length: 6189
content-type: image/png

GET
H2 200 free.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ 59 KB
13 KB 91ms
30ms Fetch
text/css 2606:4700:e2::ac40:8209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free.min.css?token=6c1b94d176
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/6c1b94d176.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:8209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hotsprings.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 00:45:07 GMT
via: 1.1 7d3c59ee1b45f72158a8cbce053c8978.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-C2
age: 2340094
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"a12ec7ebe75a4d59a5dd6b79e2ba2e16"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5OsOFrruJyqZ3k5UScoJxIaASRsiLLRrxjn7EfDBDcfcKfF0DFCz1ppKd8x4Dfzh7L4cLJpKS6cllbJ%2FyubTDnDlB0oOf2rBOMyE5aeSwMHxtbK7UYoihhX%2BxUKn1WjFjtKYEKOGWMQ5BAw%2B78iZeM0emA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 823a455cb86f3632-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: hUKMKSa-aOtyHr-BsxBlI0CHbKbZUFbHt3pN0kLiQANGhTo0cG9c_g==

GET
H2 200 free-v4-shims.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ 26 KB
4 KB 93ms
32ms Fetch
text/css 2606:4700:e2::ac40:8209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-shims.min.css?token=6c1b94d176
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/6c1b94d176.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:8209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hotsprings.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 00:45:07 GMT
via: 1.1 e6959f77d21557f69683da8f0cd5578a.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-C2
age: 91660
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"76f34b71fc9fb641507ff6a822cc07f5"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PNguEXWHfJokUxWxo8WeJj2eCvjjq0X%2BpMyxZiDYkRyBpExcle2LtcnJQbmuV2Gq0%2FaSAk8JzAEsXkzTbQB9wAtQ71UrZi%2BNDz3AoK9mPGanMO4tvbdFWaI%2FKmQSnWY0cLcqZJQWHOuPVEx95K1buTctuw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 823a455cb8713632-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: tREknaQW-c8Q4_8kPu9kziPTtDAf0l5Zd2xj9MdpRC_NoeI2juStIw==

GET
H2 200 free-v4-font-face.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ 3 KB
1 KB 99ms
38ms Fetch
text/css 2606:4700:e2::ac40:8209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-font-face.min.css?token=6c1b94d176
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/6c1b94d176.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:8209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hotsprings.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 00:45:07 GMT
via: 1.1 8e83c42d247a31c5b365c08a0352d8f8.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-C2
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"f2e0b2680d9b0bcb6e0039c4424e5a59"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NIXhrcm0%2BcmMP2DwGA1cf8UfEVv17twMSouUHRIMZK5RvT3CFWeXOtI%2BIRpQRiZy7swXh%2F9hLLkJwiNU879CPtlXqnyxiWX6vs1oH0fXkdBgo7hvnnymwsYv6E5PtgsUMaCIvm%2FT6duUNrLeoH6pSPrcvg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 823a455cb8703632-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: 3xe5XSHc0n1ERipei-QurKTXDU0DE9YrBNHdrJMn3jPgqrXBlQ960A==

GET /
o2.eyereturn.com/ 0
0

GET
H2 200 m=el_main_css
www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.qhDXWpKopYk.L.W.O/am=CAM/d=0/rs=AN8SPfqeKn8wA30q4viup18yaci8udUjKQ/ 22 KB
5 KB 70ms
21ms Stylesheet
text/css 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.qhDXWpKopYk.L.W.O/am=CAM/d=0/rs=AN8SPfqeKn8wA30q4viup18yaci8udUjKQ/m=el_main_css

Requested by

Host:
URL: /_/translate_http/_/js/k=translate_http.tr.de.ifPgZkqe4bE.O/am=CAM/d=1/rs=AN8SPfrvVj8B_VjKkj2W5LWs6EV7yxLONQ/m=el_conf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

71ca2652e2b3ffd3c0ec966958604714ce6c7af01d961b44adc438518eb58cb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hotsprings.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 22:42:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7383
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4144
x-xss-protection: 0
last-modified: Sat, 15 Jul 2023 01:09:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="rosetta"
vary: Accept-Encoding
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 08 Nov 2024 22:42:04 GMT

GET
H2 200 m=el_main Show response
translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.de.ifPgZkqe4bE.O/d=1/exm=el_conf/ed=1/rs=AN8SPfqLVy9k4S_V9oRxFfKoV4RJ0ivncA/ 228 KB
81 KB 70ms
21ms Script
text/javascript 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.de.ifPgZkqe4bE.O/d=1/exm=el_conf/ed=1/rs=AN8SPfqLVy9k4S_V9oRxFfKoV4RJ0ivncA/m=el_main

Requested by

Host:
URL: /_/translate_http/_/js/k=translate_http.tr.de.ifPgZkqe4bE.O/am=CAM/d=1/rs=AN8SPfrvVj8B_VjKkj2W5LWs6EV7yxLONQ/m=el_conf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

112f08b87c5353387baf521c2a1a779e8c58a20e7c839d246e7443d73f8aeeb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hotsprings.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 18:36:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 22135
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 82441
x-xss-protection: 0
last-modified: Thu, 09 Nov 2023 00:23:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="rosetta"
vary: Accept-Encoding
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 08 Nov 2024 18:36:12 GMT

GET
H2 200 fd8bc7e1-e495-4210-af4f-832d14066404 Show response
ekr.zdassets.com/compose/ 1 KB
2 KB 250ms
196ms Fetch
application/json 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ekr.zdassets.com/compose/fd8bc7e1-e495-4210-af4f-832d14066404

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=fd8bc7e1-e495-4210-af4f-832d14066404

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1c353a0930e41255386113108e37d7c2f05fb91ed71461bda41e367e71be58ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hotsprings.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 00:45:08 GMT
strict-transport-security: max-age=0
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
content-encoding: br
status: 200 OK
cdn-cache-control: max-age=60
x-xss-protection: 1; mode=block
x-request-id: 8231a9ef1f7fb178-SEA, 8231a9ef1f7fb178-SEA
x-runtime: 0.009755
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"1c353a0930e41255386113108e37d7c2"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kZlU8udGwokbFyAJKNFnINZaDaYpzmfAshW4NHENmgCP0i%2B%2FsI58HEhpPCA79sjgJD%2Fe2tqdZ7TuCz4ANwrcKGF91wu2QlwtW2z%2Bda7oI3t6ZRV9GmBTqHka01HnxKEanKk%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
vary: Accept, Origin, Accept-Encoding
cache-control: max-age=300, public, stale-while-revalidate=300, stale-if-error=21600
content-type: application/json; charset=utf-8
x-zendesk-zorg: yes
cf-ray: 823a455cbefc1ac5-FRA

GET
H2 200 update.min.js Show response
browser-update.org/ 9 KB
5 KB 253ms
27ms Script
application/javascript 2606:4700:20::681a:6b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://browser-update.org/update.min.js
Requested by: Host: www.hotsprings.org
URL: https://www.hotsprings.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:6b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cc3ed6fe6c571fcd206ddc31e5bfa22aa77fad2f4ef11cf9c4ef5f3fa3e32df1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hotsprings.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 00:45:08 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 25 Sep 2023 05:32:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 764210
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HOm%2BghIftTFxIAQbrkDEMJB1hRpb4%2B4LjTxbWh4zAB5BeXXrFnav%2BZ8HGmEDZhMMxxtLxbUIi630VsmkcDyKpBeeS82IVBZ4Lhge84EAZQkn%2B40qiKYgLI%2Fj%2FJpgwMmldf0OGh32s92jMVioWAP9SA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=86400
content-disposition: inline; filename=update.min.js
cf-ray: 823a455dec8c9136-FRA
expires: Thu, 02 Nov 2023 04:28:18 GMT

GET
DATA 200
OK truncated
/ 71 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 783b64a2712a53981149bc9cd29d7865d371c3c2b092a80c69d7773d588a8549

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 71 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b85a924f1e83fc59f6d3bd16b1f1cb1e496ffe7c50707112821fa5972505beee

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 71 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cb13af37fe96c44b86f13095251eeb2898867770b47d64e68f7ea43212360fd5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 71 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3032c66b2f4cf8bb1a2425ad22e78e202dfec94762a53e6a7a380a5fcdc5cc74

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 itinerary.svg Show response
www.hotsprings.org/site/assets/svg/ 2 KB
889 B 975ms
974ms XHR
image/svg+xml 147.182.193.139
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hotsprings.org/site/assets/svg/itinerary.svg
Requested by: Host: www.hotsprings.org
URL: https://www.hotsprings.org/site/templates/uikit-3.7.2/js/uikit.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 147.182.193.139 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 936298.cloudwaysapps.com
Software: nginx /
Resource Hash: 91a4279fd813b1670935a068c77eb12115ced1b3921bf6fce76975d26d7f1a7c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hotsprings.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 00:45:08 GMT
content-encoding: gzip
last-modified: Tue, 07 Feb 2023 14:59:05 GMT
server: nginx
etag: W/"63e26739-6ef"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000

GET
H2 200 logo-npar.svg Show response
www.hotsprings.org/site/assets/svg/ 6 KB
2 KB 976ms
975ms XHR
image/svg+xml 147.182.193.139
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hotsprings.org/site/assets/svg/logo-npar.svg
Requested by: Host: www.hotsprings.org
URL: https://www.hotsprings.org/site/templates/uikit-3.7.2/js/uikit.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 147.182.193.139 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 936298.cloudwaysapps.com
Software: nginx /
Resource Hash: 9e2bd059c4297e44e8d7b40a6ac838dd4613c67064ad8745c2d92dc01474e717

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hotsprings.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 00:45:08 GMT
content-encoding: gzip
last-modified: Tue, 07 Feb 2023 14:59:05 GMT
server: nginx
etag: W/"63e26739-1756"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000

GET
H2 200 mountains.svg Show response
www.hotsprings.org/site/assets/svg/ 4 KB
2 KB 976ms
976ms XHR
image/svg+xml 147.182.193.139
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hotsprings.org/site/assets/svg/mountains.svg
Requested by: Host: www.hotsprings.org
URL: https://www.hotsprings.org/site/templates/uikit-3.7.2/js/uikit.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 147.182.193.139 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 936298.cloudwaysapps.com
Software: nginx /
Resource Hash: 31d350246f252211e16de1431003fef582be68de0a76a214217cec7c0cda26a7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hotsprings.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 00:45:08 GMT
content-encoding: gzip
last-modified: Tue, 07 Feb 2023 14:59:05 GMT
server: nginx
etag: W/"63e26739-e00"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000

GET
H2 204 0
bat.bing.com/action/ 0
286 B 92ms
92ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=26155083&Ver=2&mid=53fb52e4-c9cd-467a-9280-2632c2c26ccb&sid=656c6a207f6211eea1592b949841e994&vid=656cb1807f6211ee8e0143bdad97ca8d&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Hot%20Springs,%20Arkansas%20%7C%20Hot%20Springs%20National%20Park%20Arkansas&p=https%3A%2F%2Fwww.hotsprings.org%2F&r=&lt=2992&evt=pageLoad&sv=1&rn=234082

Requested by

Host: www.hotsprings.org
URL: https://www.hotsprings.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hotsprings.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 10 Nov 2023 00:45:07 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 3F55972D8249417A969DC21CE5AAB50F Ref B: FRA31EDGE0821 Ref C: 2023-11-10T00:45:08Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 weekend_trip.jpg
www.hotsprings.org/site/assets/files/6010/ 402 KB
403 KB 914ms
914ms Image
image/jpeg 147.182.193.139
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hotsprings.org/site/assets/files/6010/weekend_trip.jpg
Requested by: Host: www.hotsprings.org
URL: https://www.hotsprings.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 147.182.193.139 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 936298.cloudwaysapps.com
Software: nginx /
Resource Hash: e22773325ec6e5608aab32e5ddf9f0329245cd6e0f64d13ae8dbb2ebc32be018

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hotsprings.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 00:45:08 GMT
last-modified: Tue, 07 Feb 2023 09:15:27 GMT
server: nginx
etag: "63e216af-6490c"
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 411916

GET
H2 200 srp_4526.jpg
www.hotsprings.org/site/assets/files/6012/ 1 MB
1 MB 914ms
913ms Image
image/jpeg 147.182.193.139
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hotsprings.org/site/assets/files/6012/srp_4526.jpg
Requested by: Host: www.hotsprings.org
URL: https://www.hotsprings.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 147.182.193.139 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 936298.cloudwaysapps.com
Software: nginx /
Resource Hash: bec9f932a72935b79fb252fcd08b2c6c8ac53106c256c0b2526fbfa77918d515

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hotsprings.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 00:45:08 GMT
last-modified: Tue, 07 Feb 2023 09:15:27 GMT
server: nginx
etag: "63e216af-1177db"
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 1144795

GET
H2 200 seasonal.jpg
www.hotsprings.org/site/assets/files/6014/ 454 KB
455 KB 914ms
913ms Image
image/jpeg 147.182.193.139
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hotsprings.org/site/assets/files/6014/seasonal.jpg
Requested by: Host: www.hotsprings.org
URL: https://www.hotsprings.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 147.182.193.139 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 936298.cloudwaysapps.com
Software: nginx /
Resource Hash: 768a21c18b3e44b382fc0f38332fcc50dd3ba74e2562e47e559c0db5a4306351

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hotsprings.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 00:45:08 GMT
last-modified: Tue, 07 Feb 2023 09:15:27 GMT
server: nginx
etag: "63e216af-71922"
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 465186

GET
H2 200 day_trip_2.jpg
www.hotsprings.org/site/assets/files/5798/ 1 MB
1 MB 915ms
914ms Image
image/jpeg 147.182.193.139
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hotsprings.org/site/assets/files/5798/day_trip_2.jpg
Requested by: Host: www.hotsprings.org
URL: https://www.hotsprings.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 147.182.193.139 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 936298.cloudwaysapps.com
Software: nginx /
Resource Hash: 5936235176f1cc291ee298bfe6d45c18d1f9017b12546d209af7d4071ec04ce8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hotsprings.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 00:45:08 GMT
last-modified: Tue, 07 Feb 2023 09:15:17 GMT
server: nginx
etag: "63e216a5-1141ad"
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 1130925

GET
H2 200 vacation_guide_homepage.jpg
www.hotsprings.org/site/assets/files/5148/ 1 MB
1 MB 915ms
914ms Image
image/jpeg 147.182.193.139
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hotsprings.org/site/assets/files/5148/vacation_guide_homepage.jpg
Requested by: Host: www.hotsprings.org
URL: https://www.hotsprings.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 147.182.193.139 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 936298.cloudwaysapps.com
Software: nginx /
Resource Hash: 7d43c0a8546bfbf2dbe487b288f330bb4e524c9de85c86fb53e1d18e626aeca4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hotsprings.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 00:45:08 GMT
last-modified: Tue, 07 Feb 2023 09:14:56 GMT
server: nginx
etag: "63e21690-175354"
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 1528660

GET
DATA 200
OK truncated Show response
/ Frame 68AB 1 KB
1 KB Document
text/html

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 31f4e4abd5d8e145d6bd5505ae3ee469f66e6aba53fcc6cf04741d0a802ebc3d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Content-Type: text/html;charset=UTF-8

GET
H2 200 translate_24dp.png
www.gstatic.com/images/branding/product/2x/ 2 KB
2 KB 20ms
19ms Image
image/png 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/product/2x/translate_24dp.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.qhDXWpKopYk.L.W.O/am=CAM/d=0/rs=AN8SPfqeKn8wA30q4viup18yaci8udUjKQ/m=el_main_css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.qhDXWpKopYk.L.W.O/am=CAM/d=0/rs=AN8SPfqeKn8wA30q4viup18yaci8udUjKQ/m=el_main_css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 20:25:19 GMT
x-content-type-options: nosniff
age: 15589
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1842
x-xss-protection: 0
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 08 Nov 2024 20:25:19 GMT

GET
H2 200 m=el_main_css
www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.qhDXWpKopYk.L.W.O/am=CAM/d=0/rs=AN8SPfqeKn8wA30q4viup18yaci8udUjKQ/ Frame EB72 22 KB
4 KB 19ms
18ms Stylesheet
text/css 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.qhDXWpKopYk.L.W.O/am=CAM/d=0/rs=AN8SPfqeKn8wA30q4viup18yaci8udUjKQ/m=el_main_css

Requested by

Host: translate.googleapis.com
URL: https://translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.de.ifPgZkqe4bE.O/d=1/exm=el_conf/ed=1/rs=AN8SPfqLVy9k4S_V9oRxFfKoV4RJ0ivncA/m=el_main

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

71ca2652e2b3ffd3c0ec966958604714ce6c7af01d961b44adc438518eb58cb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hotsprings.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 22:42:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7384
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4144
x-xss-protection: 0
last-modified: Sat, 15 Jul 2023 01:09:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="rosetta"
vary: Accept-Encoding
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 08 Nov 2024 22:42:04 GMT

GET
H2 200 24px.svg
fonts.gstatic.com/s/i/productlogos/translate/v14/ 6 KB
4 KB 72ms
24ms Image
image/svg+xml 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fonts.gstatic.com/s/i/productlogos/translate/v14/24px.svg

Requested by

Host: www.hotsprings.org
URL: https://www.hotsprings.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ab5c23a05e39deed14d9d8262b0dce9f024f86105a27196cad37d14a3f516e09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hotsprings.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 00:22:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 87786
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3340
x-xss-protection: 0
last-modified: Wed, 20 Apr 2022 14:24:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 08 Nov 2024 00:22:02 GMT

GET
H3 200 cleardot.gif
www.google.com/images/ 43 B
65 B 27ms
27ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/cleardot.gif

Requested by

Host: www.hotsprings.org
URL: https://www.hotsprings.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hotsprings.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 00:45:08 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 web-widget-main-0345ad6.js Show response
static.zdassets.com/web_widget/messenger/latest/ Frame 9058 435 KB
136 KB 39ms
39ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-0345ad6.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=fd8bc7e1-e495-4210-af4f-832d14066404

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2c3391b3367fab5d69bc80c43ae6659dac469373c823a7f709147d48fad19bcf

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 00:45:08 GMT
x-amz-version-id: MAWFo55nmJzTCV22.OVVsjgzwIcuk5qx
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: 5NG07683BG19B9SP
age: 90247
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: vBelavEzM+F4Ko+4zGWcfhsix/dqnW0c5dM2hXHExsV321LPz971FRwckA88OeSALRfoF/dRz8w=
last-modified: Mon, 06 Nov 2023 00:52:49 GMT
server: cloudflare
etag: W/"9bf48d8c4bfd9e228c1cfc260b39519b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kfINvGBcbXUljqsGbOu2y9lHIvnXxZRWW2PhnFzlXatdqEu5BsqloEy2q9bHvx13a8qsAlXLUzER2Ul4xZIBeVaZ6KiA9SN4RK1TvLPeOJCM3035jFil0R7L4Mbgd8izpvs2%2B24%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 823a455e8d332bdf-FRA
expires: Tue, 05 Nov 2024 00:52:48 GMT

GET
H2 200 en-us-json-0345ad6.js Show response
static.zdassets.com/web_widget/messenger/latest/web-widget-locales/messenger/ Frame 9058 16 KB
3 KB 30ms
29ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/messenger/latest/web-widget-locales/messenger/en-us-json-0345ad6.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-0345ad6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c7cb8909e7bd8908268de5793534d73028ccceed62364ef9d1b04bf1e40e41ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 00:45:08 GMT
x-amz-version-id: SVieg7ebyluTA_U51KpD8k4UW9CnNoR3
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: 5NGF411GQRJVD72J
age: 90246
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: qZFLuR4kjTOJ4X6pKBpHTui6s7i5iQiwp8gWBhmslcxwoAx9FWXKb9Sc0ZhAo/pqa9sJSapEysNsHH8DC8bD8g==
last-modified: Mon, 06 Nov 2023 00:52:51 GMT
server: cloudflare
etag: W/"2d7a163ff937b4b9ea7ab13e6c8dfadf"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UUDO1Ss5Www%2FQouc5whvox9Efgo4GunjoaxhhkKj25u%2Be8chxepUlSoh3%2B3TFm4uxTo8UCoFt2n7yNv6wS48S1sjk6XPq4K8s1IpMOov7eHUK9NVZ11Iy8RYHUTUz5B5JN2pSrI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 823a455f5dcf2bdf-FRA
expires: Tue, 05 Nov 2024 00:52:50 GMT

GET
H2 200 web-widget-4852-0345ad6.js Show response
static.zdassets.com/web_widget/messenger/latest/ Frame 9058 139 KB
47 KB 34ms
33ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/messenger/latest/web-widget-4852-0345ad6.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-0345ad6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3e53f18a73c934fe1c7f3c4aa74c209a907f0ac4bd954d1747a4e82207591917

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 00:45:08 GMT
x-amz-version-id: LLGa90fsv7bQUGdN2N0k5kLPN0aE.36G
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: 5NGB01KW3BRT43XZ
age: 90246
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: LQZNTgqY1L0ACAf+WD7vnBZnk9RvSC7cBtg1A7zmkMrUHUPZMneUa1EGMUwWSOlCU5eK5oKKD6Q=
last-modified: Mon, 06 Nov 2023 00:52:49 GMT
server: cloudflare
etag: W/"ea51d3eb674c1f286144bbe26ba05c86"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jiESpjbmw5pxlpDRsHSc0UIAVNVbNF55r5SNRQmRJv4BJrQQCnCo5pqURm%2BgNEb8ATlxAirO%2B5yPA9I7A82SeCsoJfnEFopEgEqJ6axtTWDJxJFBFE9O9R578DKOWODqGk7%2FgfQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 823a455f5dd02bdf-FRA
expires: Tue, 05 Nov 2024 00:52:48 GMT

GET
H2 200 web-widget-519-0345ad6.js Show response
static.zdassets.com/web_widget/messenger/latest/ Frame 9058 24 KB
8 KB 33ms
32ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/messenger/latest/web-widget-519-0345ad6.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-0345ad6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5d0142e7dd8eee7b1776ce44b79a5aa7b292d3a509bae832fb438afb2534bbc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 00:45:08 GMT
x-amz-version-id: c3fTu.1VTXTnJfTpV257t3CmA_E19Whc
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: 5NG6CCTNC6ZA2EFR
age: 90246
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: j6IDqdnD3Z47Z5O5sxRHz90vlmuWkZw4kY26Z7bf/hVHE2/z5RqY7xrNr4eYOWgTPdlv4TPkgVw=
last-modified: Mon, 06 Nov 2023 00:52:49 GMT
server: cloudflare
etag: W/"1c9884a2069c7bec6b20dac62004eb1b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xv8T4aMkScxHi%2FLF6Zeqcahfne65hKVz0dG86Vx1%2BtvAGyE1FPg5Chuhz8kig1Oe7aZ5XuiJaeL0VD4VOWwBafDStmE08iJ9OJqOa13aOOHA6pIggEO99yWqWa2slTKrFusoPEw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 823a455f5dd12bdf-FRA
expires: Tue, 05 Nov 2024 00:52:48 GMT

GET
H2 200 web-widget-5178-0345ad6.js Show response
static.zdassets.com/web_widget/messenger/latest/ Frame 9058 24 KB
7 KB 32ms
31ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/messenger/latest/web-widget-5178-0345ad6.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-0345ad6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f5936ea748776aa9d35f5e748d18c78366ef81a770699ca8765457ba8717fd92

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 00:45:08 GMT
x-amz-version-id: WUnw5FU0oRqazTz0z66hJW9BpnBWa3hS
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: 5NGEDWDDF7CRHGKQ
age: 90246
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: Jj5JStxWhYlfR+eKgiItTIEYuvnL7SUb9iZuTn3At0SRbZIxBx2x22m4PUWxdi3pcyuX1bEPqHA=
last-modified: Mon, 06 Nov 2023 00:52:49 GMT
server: cloudflare
etag: W/"11034f049f5eef05b26ed292ac59e1fc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EkweOVN1b6q67iHMS2HvHZLr2h90E12YU0cqMZFiWAQG4XMB%2BZozKjnbcIe%2F%2FvP3VEENjTrTTLLhxnugcdmm7mLEGA0bqxB2VN1VNNR%2Fv45s3CHfPATPDsbWj0TQQUUHxjokssE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 823a455f5dd22bdf-FRA
expires: Tue, 05 Nov 2024 00:52:48 GMT

GET
H2 200 web-widget-9535-0345ad6.js Show response
static.zdassets.com/web_widget/messenger/latest/ Frame 9058 15 KB
6 KB 30ms
29ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/messenger/latest/web-widget-9535-0345ad6.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-0345ad6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0349bc9b3c076b695b88acbf7ef9f770cc1975608d83c51fde327c5e9df3e391

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 00:45:08 GMT
x-amz-version-id: Htn9g_potgdCgt0Ro1y4Ux_z.nUmgxGP
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: 5NG23KKY7BW8A849
age: 90246
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: VBuD2TK5/hOq07jvc1ScqrzANbuG0gpHcJP+pAdy7bNglj4w86Ib98+86vJYmMS2bH0tCEwXn+Q=
last-modified: Mon, 06 Nov 2023 00:52:49 GMT
server: cloudflare
etag: W/"d46547a6c79c8800ac99ed5408528a12"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rel6mmZK%2BfnqGuC6Ygf5hBS1grvnDHE92ib%2F2x44GaLJspMHSiIb%2BGI%2Fafol8ATb2FJVUgLSBL0s%2BB6lMf5VKmwqfv4EDqPpgVstt8lTg66Qmp%2BrNWRHvZNF1zHPyQW%2FYAud8JI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 823a455f5dd42bdf-FRA
expires: Tue, 05 Nov 2024 00:52:48 GMT

OPTIONS
H2 204 pv
hotsprings6726.zendesk.com/frontendevents/ Frame 0
0 262ms
195ms Preflight 104.16.51.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hotsprings6726.zendesk.com/frontendevents/pv?client=1B752747-577B-429A-A0E0-83861AF69088
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.hotsprings.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-origin: *
access-control-max-age: 600
cache-control: max-age=600
cf-cache-status: DYNAMIC
cf-ray: 823a4560290a1e4a-FRA
date: Fri, 10 Nov 2023 00:45:08 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pbLC0MjGJivZNnVxzdgSFInGXLuBDUvITqCvf0DLfimU6QTTjmJMusHioxRaMDABVslOdZxZpwULcLa5t6KFntfjbZlWHXOasqtVUd%2FR41VncIMcOEA%2BWBqehm8uEVQbBdN0eQbmL1Mx99or"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
x-request-id: 823a4560290a1e4a-FRA
x-zendesk-zorg: yes

POST
H2 200 pv
hotsprings6726.zendesk.com/frontendevents/ Frame 9058 0
0 191ms
191ms Fetch 104.16.51.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hotsprings6726.zendesk.com/frontendevents/pv?client=1B752747-577B-429A-A0E0-83861AF69088
Requested by: Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-0345ad6.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 10 Nov 2023 00:45:08 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-zendesk-zorg: yes
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y5LTdXyJg784Qyy%2BELbgDObZHzRN%2Bp6V8QEr%2FejKhKU%2BocQcBv20XfhbR%2FIKw8JpAcb5R6GMJ51O3tQwHR%2FfjhXEOuHzGqCIr0Dno2QFtpTMI2tQkxcvsSdvuG4PQ8Z%2BolOqeZLM8Ann3eIx"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 823a456159e51e4a-FRA
content-length: 0
x-request-id: 823a456159e51e4a-FRA

GET
H2 200 config Show response
hotsprings6726.zendesk.com/embeddable/ Frame 9058 1003 B
1 KB 285ms
218ms Fetch
application/json 104.16.51.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hotsprings6726.zendesk.com/embeddable/config
Requested by: Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-0345ad6.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9938a2a1af0a2cfcb7ac3c643fff6593c905db6ee89246a71a716bbe50ff7251

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 00:45:08 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-zendesk-origin-server: embeddable-app-server-6898d98697-bmtsv
x-cached: MISS
x-request-id: 823a4560290c1e4a-FRA
x-runtime: 0.002105
last-modified: Fri, 10 Nov 2023 00:45:08 GMT
server: cloudflare
access-control-max-age: 7200
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fh%2FYe9pw4dQEUNa%2BbWOuqDj1PRlyAqn6WBEzqCt5lHebQ6uxCLwFrDqQwwP3QuBjUrC6Hz5bEbH51CrsMQBDEOBtPwor59Y9JLaqHyqfajlO9mmChZ7jBAlZTyIyrfjTiUEqAj8UIMdCeimV"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
cache-control: public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
vary: Origin, Accept-Encoding
cf-ray: 823a4560290c1e4a-FRA

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 28ms
28ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-H5QDX6Q01X&gtm=45je3b81v898896493&_p=1699577106350&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1729174376.1699577107&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1699577106&sct=1&seg=0&dl=https%3A%2F%2Fwww.hotsprings.org%2F&dt=Hot%20Springs%2C%20Arkansas%20%7C%20Hot%20Springs%20National%20Park%20Arkansas&en=scroll&epn.percent_scrolled=90&_et=18&tfd=6753
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-H5QDX6Q01X&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hotsprings.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 00:45:11 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.hotsprings.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 weekend_trip.jpg
www.hotsprings.org/site/assets/files/6010/ 402 KB
403 KB 1184ms
1184ms Image
image/jpeg 147.182.193.139
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hotsprings.org/site/assets/files/6010/weekend_trip.jpg
Requested by: Host: www.hotsprings.org
URL: https://www.hotsprings.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 147.182.193.139 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 936298.cloudwaysapps.com
Software: nginx /
Resource Hash: e22773325ec6e5608aab32e5ddf9f0329245cd6e0f64d13ae8dbb2ebc32be018

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hotsprings.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 00:45:11 GMT
last-modified: Tue, 07 Feb 2023 09:15:27 GMT
server: nginx
etag: "63e216af-6490c"
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 411916

GET
H2 200 seasonal.jpg
www.hotsprings.org/site/assets/files/6014/ 454 KB
455 KB 1922ms
1922ms Image
image/jpeg 147.182.193.139
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hotsprings.org/site/assets/files/6014/seasonal.jpg
Requested by: Host: www.hotsprings.org
URL: https://www.hotsprings.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 147.182.193.139 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 936298.cloudwaysapps.com
Software: nginx /
Resource Hash: 768a21c18b3e44b382fc0f38332fcc50dd3ba74e2562e47e559c0db5a4306351

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hotsprings.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 00:45:12 GMT
last-modified: Tue, 07 Feb 2023 09:15:27 GMT
server: nginx
etag: "63e216af-71922"
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 465186

GET
H2 200 srp_4526.jpg
www.hotsprings.org/site/assets/files/6012/ 1 MB
1 MB 1002ms
1001ms Image
image/jpeg 147.182.193.139
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hotsprings.org/site/assets/files/6012/srp_4526.jpg
Requested by: Host: www.hotsprings.org
URL: https://www.hotsprings.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 147.182.193.139 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 936298.cloudwaysapps.com
Software: nginx /
Resource Hash: bec9f932a72935b79fb252fcd08b2c6c8ac53106c256c0b2526fbfa77918d515

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hotsprings.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 00:45:17 GMT
last-modified: Tue, 07 Feb 2023 09:15:27 GMT
server: nginx
etag: "63e216af-1177db"
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 1144795

GET
H2 200 day_trip_2.jpg
www.hotsprings.org/site/assets/files/5798/ 1 MB
1 MB 967ms
965ms Image
image/jpeg 147.182.193.139
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hotsprings.org/site/assets/files/5798/day_trip_2.jpg
Requested by: Host: www.hotsprings.org
URL: https://www.hotsprings.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 147.182.193.139 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 936298.cloudwaysapps.com
Software: nginx /
Resource Hash: 5936235176f1cc291ee298bfe6d45c18d1f9017b12546d209af7d4071ec04ce8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hotsprings.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 00:45:17 GMT
last-modified: Tue, 07 Feb 2023 09:15:17 GMT
server: nginx
etag: "63e216a5-1141ad"
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 1130925

OPTIONS
H3 200 log
translate.googleapis.com/element/ Frame 0
0 74ms
27ms Preflight
text/plain 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/element/log?format=json&hasfast=true&authuser=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-encoding,content-type,x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://www.hotsprings.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,content-encoding,content-type,x-goog-authuser,origin
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://www.hotsprings.org
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Fri, 10 Nov 2023 00:45:18 GMT
expires: Fri, 10 Nov 2023 00:45:18 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
translate.googleapis.com/element/ 131 B
155 B 29ms
29ms XHR
text/plain 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/element/log?format=json&hasfast=true&authuser=0

Requested by

Host:
URL: /_/translate_http/_/js/k=translate_http.tr.de.ifPgZkqe4bE.O/am=CAM/d=1/rs=AN8SPfrvVj8B_VjKkj2W5LWs6EV7yxLONQ/m=el_conf

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Content-Encoding: gzip
Referer: https://www.hotsprings.org/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/binary

Response headers

date: Fri, 10 Nov 2023 00:45:18 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.hotsprings.org
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 10 Nov 2023 00:45:18 GMT

GET
H2 200 vacation_guide_homepage.jpg
www.hotsprings.org/site/assets/files/5148/ 1 MB
1 MB 904ms
904ms Image
image/jpeg 147.182.193.139
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hotsprings.org/site/assets/files/5148/vacation_guide_homepage.jpg
Requested by: Host: www.hotsprings.org
URL: https://www.hotsprings.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 147.182.193.139 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 936298.cloudwaysapps.com
Software: nginx /
Resource Hash: 7d43c0a8546bfbf2dbe487b288f330bb4e524c9de85c86fb53e1d18e626aeca4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hotsprings.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 00:45:21 GMT
last-modified: Tue, 07 Feb 2023 09:14:56 GMT
server: nginx
etag: "63e21690-175354"
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 1528660

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: o2.eyereturn.com
URL: https://o2.eyereturn.com/?site=7421&page=generic

Verdicts & Comments Add Verdict or Comment

120 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.hotsprings.org/	1969-12-31 23:59:59	Name: wires Value: qvjv19394nd62emi9spl0n1jtv
.hotsprings.org/	1970-01-20 18:15:53	Name: _gcl_au Value: 1.1.516584595.1699577106
.hotsprings.org/	1970-01-21 01:42:17	Name: _ga_H5QDX6Q01X Value: GS1.1.1699577106.1.0.1699577106.60.0.0
.hotsprings.org/	1970-01-21 01:42:17	Name: _ga Value: GA1.2.1729174376.1699577107
.hotsprings.org/	1970-01-20 16:07:43	Name: _gid Value: GA1.2.1634160727.1699577107
.hotsprings.org/	1970-01-20 16:06:17	Name: _gat_UA-1172938-29 Value: 1
.tiktok.com/	1970-01-21 01:27:53	Name: _ttp Value: 2XxiPOMNW00eFmZHy6dPfJ9BFVw
.hotsprings.org/	1970-01-20 18:15:53	Name: _fbp Value: fb.1.1699577106829.1611394816
.turn.com/	1970-01-20 20:25:29	Name: uid Value: 8916840989716753399
.hotsprings.org/	1970-01-21 01:27:53	Name: _tt_enable_cookie Value: 1
.hotsprings.org/	1970-01-21 01:27:53	Name: _ttp Value: TIRUDxQqbxhy3pFUSkoVXR1Yk6x
.doubleclick.net/	1970-01-21 01:27:53	Name: IDE Value: AHWqTUkrwKmblwTVG946psQN6Cgp7r81h-SEzG3V0QADS2k6YnBMgZcd_90r-qrhFcY
.hotsprings.org/	1970-01-20 16:07:43	Name: _uetsid Value: 656c6a207f6211eea1592b949841e994
.hotsprings.org/	1970-01-21 01:27:53	Name: _uetvid Value: 656cb1807f6211ee8e0143bdad97ca8d
.bing.com/	1970-01-21 01:27:53	Name: MUID Value: 01796B1F7FA56467019E78DA7E096507

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://www.weatherwx.com/weather-js-current/us/ar/hot+springs.js(Line 19) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://kit.fontawesome.com/6c1b94d176.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.weatherwx.com/weather-js-current/us/ar/hot+springs.js(Line 19) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://kit.fontawesome.com/6c1b94d176.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://o2.eyereturn.com/?site=7421&page=generic Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

12268554.fls.doubleclick.net
adservice.google.com
analytics.tiktok.com
bat.bing.com
browser-update.org
cdn.lightwidget.com
connect.facebook.net
data.adxcel-ec2.com
ekr.zdassets.com
fonts.gstatic.com
googleads.g.doubleclick.net
hotsprings6726.zendesk.com
insight.adsrvr.org
ka-f.fontawesome.com
kit.fontawesome.com
login.dotomi.com
o2.eyereturn.com
p.typekit.net
r.turn.com
region1.analytics.google.com
static.zdassets.com
stats.g.doubleclick.net
translate.google.com
translate.googleapis.com
use.typekit.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.hotsprings.org
www.weatherwx.com
o2.eyereturn.com
104.16.51.111
104.18.70.113
104.18.72.113
142.250.186.70
147.182.193.139
174.36.68.130
2001:4860:4802:32::36
2001:4860:4802:36::178
2001:678:cb4:bbbb::11
23.36.163.138
2606:4700:10::6816:1996
2606:4700:20::681a:6b4
2606:4700:4400::6812:2844
2606:4700:e2::ac40:8209
2620:1ec:c11::200
2a00:1450:4001:801::2003
2a00:1450:4001:806::2003
2a00:1450:4001:806::2008
2a00:1450:4001:80b::2002
2a00:1450:4001:813::2003
2a00:1450:4001:827::200a
2a00:1450:4001:829::2002
2a00:1450:4001:830::200e
2a00:1450:4001:831::2004
2a00:1450:400c:c1d::9b
2a02:26f0:480:f::213:7ee1
2a02:26f0:7100::1720:ef43
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
52.223.40.198
52.54.117.126
63.215.202.137
0349bc9b3c076b695b88acbf7ef9f770cc1975608d83c51fde327c5e9df3e391
0dc90421cbf6414c9f1ef5e93af3dbe48a4e51899452330f0ae0b2815e38be94
112f08b87c5353387baf521c2a1a779e8c58a20e7c839d246e7443d73f8aeeb8
14a31ccedd0d50a0ef8288e97f0ea9e160169fff6fa017b860a06a5bd4f2ede2
164ce2ac6619cea8af16103572754ecf4dcfd00783b342fcccc34ddeae06dfa7
19f834c8f5234931dd99be1816074c3f332b5df151f6ae25e24ec446c78698d8
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1c353a0930e41255386113108e37d7c2f05fb91ed71461bda41e367e71be58ec
1e8257227c70e84dca70662e504c12127703663fc4073f76c79db2f751c5afd3
1eeb3483d2ba7c1085231cbbc42d8a75e3bfd1806f0e0a78d6dfaadd5bfcbf9b
2512f4a3cb4a0bce715c38488251909fb56aee720ef530954b3bd3becc6a83ed
2c23d4c1425ec6fea415776cc05eefe1c00753f9620c052a4dca79127c282e0a
2c3391b3367fab5d69bc80c43ae6659dac469373c823a7f709147d48fad19bcf
2db1dbcf1a4a6e63576e5f22320949e1ddc87ff4c10ff26ec353abc9540cd228
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f784bfd84668cb62f36544d2ed2e6c2246cd8c49330d5387bcd953c487b4cdb
3032c66b2f4cf8bb1a2425ad22e78e202dfec94762a53e6a7a380a5fcdc5cc74
31d350246f252211e16de1431003fef582be68de0a76a214217cec7c0cda26a7
31f4e4abd5d8e145d6bd5505ae3ee469f66e6aba53fcc6cf04741d0a802ebc3d
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
3e53f18a73c934fe1c7f3c4aa74c209a907f0ac4bd954d1747a4e82207591917
47ee76348225ce8e133510267976b0558f325ed229b68cf163cee2bfc07ca17f
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
5936235176f1cc291ee298bfe6d45c18d1f9017b12546d209af7d4071ec04ce8
5b800218ee5ada34969c735efd5777c2ae20cb397256bec5cbcda5d04256db49
5d0142e7dd8eee7b1776ce44b79a5aa7b292d3a509bae832fb438afb2534bbc7
5df518fc3b7d37d953a92dd22798d72adb7e89735e30756d0160a28fce9f9794
5e3600892aed78fca97c772d4d1375ba94c1fa5cb2710506f5e078c45896bdef
5e59f0327d3fd08b56625fc3d021a859374f0961e920d7114102f35cc0f9a473
60402dd08f25414ec79ade3f4a96d781a80d503e1e41f529ba12e549f2067829
693d949d8c3fdc7fd4ace7c340b5f177a9f0c5be7bafee8bc93a7d88b7523d75
6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8
6fe17af7f7462a7ca0e5a79cfef8935b902c617bf82033587b3ba04a0696697a
71ca2652e2b3ffd3c0ec966958604714ce6c7af01d961b44adc438518eb58cb3
768a21c18b3e44b382fc0f38332fcc50dd3ba74e2562e47e559c0db5a4306351
783b64a2712a53981149bc9cd29d7865d371c3c2b092a80c69d7773d588a8549
7d43c0a8546bfbf2dbe487b288f330bb4e524c9de85c86fb53e1d18e626aeca4
7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6
834166db631f0996be5e8622f76cdda05c0e2a02a270280c4e4c6318796e1293
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
899b480c61ba64c81eca25d7e37c963401ce6521586c6f42b20648597f20acbd
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ecff0222bff471f4bf1d925a162a03c9b9a02dc3e7ee476ae49431821726040
91170712bf7de7a1dc1d39b05af3d00e053e9e93e6611b77509b14115a767c04
91a4279fd813b1670935a068c77eb12115ced1b3921bf6fce76975d26d7f1a7c
96fd680dc80a341396564e2961791c0e924c89682c4c4d39a58808eb8cc582b2
97f4c45dda28cf067efdb9ec87ce3431785cd4b5fe68e1dcc758b8c52136363b
9938a2a1af0a2cfcb7ac3c643fff6593c905db6ee89246a71a716bbe50ff7251
9e2bd059c4297e44e8d7b40a6ac838dd4613c67064ad8745c2d92dc01474e717
9f22f6e9d4852f8be0706b62fbd0eba20f6cb56171def5e387b2d95fcd07df01
a1d4b01843b9dad68a10bba7ab416fb60cbe6052a223f6bd74cbad286b812b2a
a7ad69d57e6094853a8a54bf1bdc7177462e1048a3e1ab0b514d948ec5518530
ab5c23a05e39deed14d9d8262b0dce9f024f86105a27196cad37d14a3f516e09
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b85a924f1e83fc59f6d3bd16b1f1cb1e496ffe7c50707112821fa5972505beee
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bec9f932a72935b79fb252fcd08b2c6c8ac53106c256c0b2526fbfa77918d515
bf74b96c019800120222f32176e688bf6e6560e3b2b0a589e3209f17ed45087a
c7cb8909e7bd8908268de5793534d73028ccceed62364ef9d1b04bf1e40e41ad
cb13af37fe96c44b86f13095251eeb2898867770b47d64e68f7ea43212360fd5
cc3ed6fe6c571fcd206ddc31e5bfa22aa77fad2f4ef11cf9c4ef5f3fa3e32df1
ce91f4fdaac61f4b527ea79882bf4437560a8420369a33525bfd70662545ffe5
d452323ce8237257f524524b9e77eba193721ec18375581c2040b17ff7a0a16b
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e114b1f9f13a530601b7193d440def95c25c4071a9d7b258a6660caa56c2a863
e22773325ec6e5608aab32e5ddf9f0329245cd6e0f64d13ae8dbb2ebc32be018
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee789c65d09c137813479c7e027d55a63429021fe5bf110054e0ae73cda483f6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f034d331d5b4b092fe1e3b49495e5c78a688cc7d5ebe65eb346463920c5857cb
f5936ea748776aa9d35f5e748d18c78366ef81a770699ca8765457ba8717fd92
fb5d45c41a547177b398f151464c7ddedff63aaa6bc72f2f46bd850f159106c1
fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda

www.hotsprings.org Open in urlscan Pro 147.182.193.139 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

92 Requests

99 %HTTPS

69 %IPv6

24 Domains

33 Subdomains

34 IPs

6 Countries

43123 kBTransfer

45943 kBSize

15 Cookies

10 Outgoing links

Page URL History

Redirected requests

92 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 9 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.hotsprings.org Open in urlscan Pro
147.182.193.139 Public Scan

Screenshot
Live screenshot

Full Image

92
Requests

99 %
HTTPS

69 %
IPv6

24
Domains

33
Subdomains

34
IPs

6
Countries

43123 kB
Transfer

45943 kB
Size

15
Cookies

92 HTTP transactions
9 data transactions