baltimoreghosttours.com Open in urlscan Pro
192.124.249.134 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://wickedhistorybaltimore.com/
Effective URL:
https://baltimoreghosttours.com/
Submission Tags: phish.gg anti.fish automated Search All
Submission: On July 09 via api (July 9th 2023, 4:19:33 am UTC) from DE — Scanned from DE

Summary HTTP 46 Redirects Links 20 Behaviour Indicators

Summary

This website contacted 8 IPs in 3 countries across 8 domains to perform 46 HTTP transactions. The main IP is 192.124.249.134, located in Menifee, United States and belongs to SUCURI-SEC, US. The main domain is baltimoreghosttours.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on May 22nd 2023. Valid for: a year.

This is the only time baltimoreghosttours.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2607:f1c0:100... 2607:f1c0:100f:f000::200	8560 (IONOS-AS ...) (IONOS-AS This is the joint network for IONOS)
1 12	192.124.249.134 192.124.249.134	30148 (SUCURI-SEC) (SUCURI-SEC)
3	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
13	162.159.135.45 162.159.135.45	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	54.183.90.147 54.183.90.147	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
4	13.32.118.162 13.32.118.162	16509 (AMAZON-02) (AMAZON-02)
5	34.120.195.249 34.120.195.249	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
46	8

1 2607:f1c0:100f:f000::200 (United States) 1 redirects

ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE)

wickedhistorybaltimore.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 192.124.249.134 (Menifee, United States) 1 redirects

ASN30148 (SUCURI-SEC, US)
PTR: cloudproxy10134.sucuri.net

baltimoreghosttours.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 162.159.135.45 (None, )

ASN13335 (CLOUDFLARENET, US)

9ad18d.a2cdn1.secureserver.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 54.183.90.147 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-183-90-147.us-west-1.compute.amazonaws.com

fareharbor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.32.118.162 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-118-162.fra60.r.cloudfront.net

dp58aslhmbcib.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.120.195.249 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 249.195.120.34.bc.googleusercontent.com

o10963.ingest.sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	secureserver.net 9ad18d.a2cdn1.secureserver.net	412 KB
12	baltimoreghosttours.com 1 redirects baltimoreghosttours.com	118 KB
6	fareharbor.com fareharbor.com — Cisco Umbrella Rank: 24207	182 KB
5	sentry.io o10963.ingest.sentry.io — Cisco Umbrella Rank: 35820	561 B
4	cloudfront.net dp58aslhmbcib.cloudfront.net	634 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 63 region1.google-analytics.com — Cisco Umbrella Rank: 1623	21 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 79	222 KB
1	wickedhistorybaltimore.com 1 redirects wickedhistorybaltimore.com	234 B
46	8

	Domain	Requested by
13	9ad18d.a2cdn1.secureserver.net	baltimoreghosttours.com
12	baltimoreghosttours.com	1 redirects baltimoreghosttours.com
6	fareharbor.com	baltimoreghosttours.com fareharbor.com dp58aslhmbcib.cloudfront.net
5	o10963.ingest.sentry.io	dp58aslhmbcib.cloudfront.net
4	dp58aslhmbcib.cloudfront.net	fareharbor.com
3	www.googletagmanager.com	baltimoreghosttours.com www.google-analytics.com fareharbor.com
2	region1.google-analytics.com	www.googletagmanager.com
2	www.google-analytics.com	baltimoreghosttours.com www.google-analytics.com
1	wickedhistorybaltimore.com	1 redirects
46	9

This site contains links to these domains. Also see Links.

Domain
fareharbor.com
www.travelchannel.com
www.nbcwashington.com
baltimore.cbslocal.com
gardenandgun.com
www.authenticbaltimore.org
www.baltimore.org
fellspointmainstreet.org
www.amazon.com
wickedhistorybaltimore.com
www.instagram.com
google.com
www.pinterest.com
twitter.com
www.tripadvisor.com
www.facebook.com
andersnoren.se

Subject Issuer	Validity	Valid
baltimoreghosttours.com Go Daddy Secure Certificate Authority - G2	`2023-05-22` - `2024-05-22`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.a2cdn1.secureserver.net Starfield Secure Certificate Authority - G2	`2022-09-13` - `2023-10-15`	a year	crt.sh
fareharbor.com Amazon RSA 2048 M01	`2023-06-28` - `2024-07-26`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
ingest.sentry.io DigiCert TLS RSA SHA256 2020 CA1	`2022-07-28` - `2023-08-28`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://baltimoreghosttours.com/
Frame ID: 02B61934DA79EB1C82CC42CE75DCA999
Requests: 32 HTTP requests in this frame

Frame: https://fareharbor.com/embeds/cart/?u=b859f625-dcbd-4fbb-b613-ed9c7b75753a&from-ssl=yes&ga=UA-1811733-3,165022073.1688876368%3B&g4=yes&a=no&back=https://baltimoreghosttours.com/
Frame ID: 41B0D8719DA0B223D240D4B27A8C304A
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

About - Baltimore Ghost Tours

Page URL History Show full URLs

http://wickedhistorybaltimore.com/ HTTP 302
http://baltimoreghosttours.com/ HTTP 301
https://baltimoreghosttours.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

FareHarbor (Widgets) Expand

Overall confidence: 100%
Detected patterns

fareharbor\.com/embeds/api/

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

46
Requests

100 %
HTTPS

44 %
IPv6

8
Domains

9
Subdomains

8
IPs

3
Countries

1590 kB
Transfer

5142 kB
Size

5
Cookies

20 Outgoing links

These are links going to different origins than the main page.

URL: https://fareharbor.com/embeds/book/baltimorewickedhistorytour/
Title: Book Now

Search URL Search Domain Scan URL

URL: http://www.travelchannel.com/interests/haunted/articles/haunted-pub-crawls
Title: Haunted Pub Crawls: Imbibe With Spirits on a Paranormal Pub Tour

Search URL Search Domain Scan URL

URL: https://www.travelchannel.com/interests/haunted/photos/top-10-haunted-places-in-baltimore
Title: Top 10 Haunted Places in Baltimore

Search URL Search Domain Scan URL

URL: http://www.nbcwashington.com/blogs/worth-the-trip/Mingling-with-Ghosts-at-the-Fells-Point-Haunted-Pub-Crawl-230733841.html
Title: Mingle With Ghosts at Fells Point Haunted Pub Crawl

Search URL Search Domain Scan URL

URL: http://baltimore.cbslocal.com/top-lists/best-ghost-tours-in-maryland/
Title: Best Ghost Tours in Maryland

Search URL Search Domain Scan URL

URL: https://gardenandgun.com/articles/hair-raising-tales-from-the-souths-most-haunted-cities/
Title: Hair Raising Tales from The South’s Most Haunted Cities

Search URL Search Domain Scan URL

URL: http://www.authenticbaltimore.org/default-old.htm
Title: Certified Authentic Baltimore Tour

Search URL Search Domain Scan URL

URL: http://www.baltimore.org/
Title: Baltimore Convention and Visitors Bureau

Search URL Search Domain Scan URL

URL: https://fellspointmainstreet.org/
Title: Fells Point Main Street

Search URL Search Domain Scan URL

URL: https://www.amazon.com/Baltimores-Harbor-Haunts-Stories-Schiffer/dp/0764323040/ref=sr_1_1?ie=UTF8&qid=1467466185&sr=8-1&keywords=baltimore%27s+harbor+haunts
Title: Baltimore’s Harbor Haunts: True Ghost Stories

Search URL Search Domain Scan URL

URL: http://wickedhistorybaltimore.com/
Title: Baltimore Wicked History Tours

Search URL Search Domain Scan URL

URL: http://wickedhistorybaltimore.com/fells-point-wicked-history-pub-tour/
Title: T

Search URL Search Domain Scan URL

URL: https://www.instagram.com/baltimoreghosttours/

Search URL Search Domain Scan URL

URL: https://google.com/+FellsPointGhostToursBaltimore

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/baltimoreghosts

Search URL Search Domain Scan URL

URL: https://twitter.com/BaltimoreGhosts

Search URL Search Domain Scan URL

URL: https://www.tripadvisor.com/Attraction_Review-g60811-d1500306-Reviews-Baltimore_Ghost_Tours-Baltimore_Maryland.html

Search URL Search Domain Scan URL

URL: https://www.facebook.com/baltimoreghosttours

Search URL Search Domain Scan URL

URL: https://www.instagram.com/baltimoreghosttours

Search URL Search Domain Scan URL

URL: https://andersnoren.se/
Title: Anders Noren

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://wickedhistorybaltimore.com/ HTTP 302
http://baltimoreghosttours.com/ HTTP 301
https://baltimoreghosttours.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

46 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
baltimoreghosttours.com/
Redirect Chain

http://wickedhistorybaltimore.com/
http://baltimoreghosttours.com/
https://baltimoreghosttours.com/

64 KB
14 KB

25ms
7ms

Document
text/html

192.124.249.134
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://baltimoreghosttours.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.134 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10134.sucuri.net

Software

nginx /

Resource Hash

05d7cad8048e94559978788010c30e45328b3b213a663fb1527f5327e7a9f359

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 35322
content-encoding: gzip
content-length: 13697
content-security-policy: upgrade-insecure-requests;
content-type: text/html; charset=UTF-8
date: Sun, 09 Jul 2023 04:19:27 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding, User-Agent
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES:Forced
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff nosniff
x-fawn-proc-count: 1,0,24
x-frame-options: SAMEORIGIN
x-php-version: 8.0
x-sucuri-cache: HIT
x-sucuri-id: 15034
x-xss-protection: 1; mode=block 1; mode=block

Redirect headers

Age: 43341
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 67
Content-Type: text/html; charset=UTF-8
Date: Sun, 09 Jul 2023 04:19:27 GMT
Location: https://baltimoreghosttours.com/
Server: Sucuri/Cloudproxy
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: User-Agent, Accept-Encoding
X-Backend: local
X-Cache: cached
X-Cache-Hit: HIT
X-Cacheable: YES:Forced
X-Cacheproxy-Retries: 0/2
X-Content-Type-Options: nosniff nosniff
X-Fawn-Proc-Count: 1,1,24
X-Frame-Options: SAMEORIGIN
X-Php-Version: 8.0
X-Redirect-By: WordPress
X-Sucuri-Cache: HIT
X-Sucuri-ID: 15034
X-XSS-Protection: 1; mode=block
X-Xss-Protection: 1; mode=block

GET
H2 200 1684788155-css8325771abecdb9680bcedde669a65ae79c95454bc0174e59bbfe4a6e9b2e2.css
baltimoreghosttours.com/wp-content/cache/fvm/min/ 95 KB
13 KB 8ms
7ms Stylesheet
text/css 192.124.249.134
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://baltimoreghosttours.com/wp-content/cache/fvm/min/1684788155-css8325771abecdb9680bcedde669a65ae79c95454bc0174e59bbfe4a6e9b2e2.css

Requested by

Host: baltimoreghosttours.com
URL: https://baltimoreghosttours.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.134 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10134.sucuri.net

Software

nginx /

Resource Hash

4c982cb7a6d28df8be609329043b8c22f1b8b93a30ed646c4dbcc87b92a52448

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://baltimoreghosttours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 09 Jul 2023 04:19:27 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-backend: local
age: 224862
x-cacheable: YES
x-cache: cached
x-sucuri-cache: HIT
x-cacheproxy-retries: 0/2
content-length: 12801
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Thu, 06 Jul 2023 13:33:40 GMT
server: nginx
x-php-version: 8.0
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 15034
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1684788155-css4cc6eb9e567b7caa2557361f984a2f32892a99c7e6f2a9024657e28765cb5.css
baltimoreghosttours.com/wp-content/cache/fvm/min/ 30 KB
7 KB 8ms
7ms Stylesheet
text/css 192.124.249.134
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://baltimoreghosttours.com/wp-content/cache/fvm/min/1684788155-css4cc6eb9e567b7caa2557361f984a2f32892a99c7e6f2a9024657e28765cb5.css

Requested by

Host: baltimoreghosttours.com
URL: https://baltimoreghosttours.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.134 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10134.sucuri.net

Software

nginx /

Resource Hash

8f5e894e941d7167640736f9aebdf1f5f1280a9cc32ef4664d6f70fbab5f7b6f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://baltimoreghosttours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 09 Jul 2023 04:19:27 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-backend: local
age: 224862
x-cacheable: YES
x-cache: cached
x-sucuri-cache: HIT
x-cacheproxy-retries: 0/2
content-length: 7000
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Thu, 06 Jul 2023 13:33:40 GMT
server: nginx
x-php-version: 8.0
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 15034
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1684788155-css09a1b7f9c9058b064cb49cc2d1b613bd8d3ab9798667241c6fa629198c2b6.css
baltimoreghosttours.com/wp-content/cache/fvm/min/ 401 B
827 B 9ms
8ms Stylesheet
text/css 192.124.249.134
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://baltimoreghosttours.com/wp-content/cache/fvm/min/1684788155-css09a1b7f9c9058b064cb49cc2d1b613bd8d3ab9798667241c6fa629198c2b6.css

Requested by

Host: baltimoreghosttours.com
URL: https://baltimoreghosttours.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.134 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10134.sucuri.net

Software

nginx /

Resource Hash

caeb94cba06a2a0f1823f320276db725c85b133c8a06381e0e812f65e6dd8755

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://baltimoreghosttours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 09 Jul 2023 04:19:27 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-backend: local
age: 224862
x-cacheable: YES
x-cache: cached
x-sucuri-cache: HIT
x-cacheproxy-retries: 0/2
content-length: 288
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Thu, 06 Jul 2023 13:33:40 GMT
server: nginx
x-php-version: 8.0
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 15034
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1684788155-css2a7d13c641f4a6ad37530b5914e54cf05f3ba081aeda6ce51f235fad55a5b.css
baltimoreghosttours.com/wp-content/cache/fvm/min/ 1 KB
925 B 9ms
9ms Stylesheet
text/css 192.124.249.134
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://baltimoreghosttours.com/wp-content/cache/fvm/min/1684788155-css2a7d13c641f4a6ad37530b5914e54cf05f3ba081aeda6ce51f235fad55a5b.css

Requested by

Host: baltimoreghosttours.com
URL: https://baltimoreghosttours.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.134 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10134.sucuri.net

Software

nginx /

Resource Hash

9e02a7ddd85e0d51724566705e99a3111dfaf37870d88697732f19786f472a9f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://baltimoreghosttours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 09 Jul 2023 04:19:27 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-backend: local
age: 224862
x-cacheable: YES
x-cache: cached
x-sucuri-cache: HIT
x-cacheproxy-retries: 0/2
content-length: 386
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Thu, 06 Jul 2023 13:33:40 GMT
server: nginx
x-php-version: 8.0
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 15034
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1684788155-cssffb0df57628c522a9604cd605b9b3e4d504f869360fd653a7544aa4029d0a.css
baltimoreghosttours.com/wp-content/cache/fvm/min/ 36 KB
4 KB 10ms
9ms Stylesheet
text/css 192.124.249.134
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://baltimoreghosttours.com/wp-content/cache/fvm/min/1684788155-cssffb0df57628c522a9604cd605b9b3e4d504f869360fd653a7544aa4029d0a.css

Requested by

Host: baltimoreghosttours.com
URL: https://baltimoreghosttours.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.134 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10134.sucuri.net

Software

nginx /

Resource Hash

d298f7a2a61a84cb0b5ce405325ac1d476f91ee7edf7cf97427c5eaded1b48cd

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://baltimoreghosttours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 09 Jul 2023 04:19:27 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-backend: local
age: 223197
x-cacheable: YES
x-cache: cached
x-sucuri-cache: HIT
x-cacheproxy-retries: 0/2
content-length: 3674
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Mon, 22 May 2023 21:20:08 GMT
server: nginx
x-php-version: 8.0
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 15034
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1684788155-css1b74d97a77aec7e19cbfc412cd0b28f3312512296f1b5858f027aadc92c1d.css
baltimoreghosttours.com/wp-content/cache/fvm/min/ 1 KB
862 B 10ms
10ms Stylesheet
text/css 192.124.249.134
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://baltimoreghosttours.com/wp-content/cache/fvm/min/1684788155-css1b74d97a77aec7e19cbfc412cd0b28f3312512296f1b5858f027aadc92c1d.css

Requested by

Host: baltimoreghosttours.com
URL: https://baltimoreghosttours.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.134 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10134.sucuri.net

Software

nginx /

Resource Hash

53b7bbc031db0dcff260ebd58edc3dc63f7fa19e1789a9085b5a5794baecddad

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://baltimoreghosttours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 09 Jul 2023 04:19:27 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-backend: local
age: 224862
x-cacheable: YES
x-cache: cached
x-sucuri-cache: HIT
x-cacheproxy-retries: 0/2
content-length: 323
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Thu, 06 Jul 2023 13:33:40 GMT
server: nginx
x-php-version: 8.0
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 15034
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1684788155-css5e0d51d4fc29ae41bffdf879f7abc8ab20dbdf0450130267917b5bc6b2aac.css
baltimoreghosttours.com/wp-content/cache/fvm/min/ 35 KB
8 KB 12ms
12ms Stylesheet
text/css 192.124.249.134
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://baltimoreghosttours.com/wp-content/cache/fvm/min/1684788155-css5e0d51d4fc29ae41bffdf879f7abc8ab20dbdf0450130267917b5bc6b2aac.css

Requested by

Host: baltimoreghosttours.com
URL: https://baltimoreghosttours.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.134 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10134.sucuri.net

Software

nginx /

Resource Hash

119172dffe1c3da0da87956a3f6e21d33eed6cdb77bc5ba57141b3191ac0af88

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://baltimoreghosttours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 09 Jul 2023 04:19:27 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-backend: local
age: 224862
x-cacheable: YES
x-cache: cached
x-sucuri-cache: HIT
x-cacheproxy-retries: 0/2
content-length: 7869
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Thu, 06 Jul 2023 13:33:40 GMT
server: nginx
x-php-version: 8.0
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 15034
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 209 KB
75 KB 64ms
28ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-M62CKPY7RL

Requested by

Host: baltimoreghosttours.com
URL: https://baltimoreghosttours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

408c3d3cd5dbf5d209949a4ea96814ef111481f89f0d7d29384cccd933365a7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://baltimoreghosttours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 09 Jul 2023 04:19:27 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 76340
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 09 Jul 2023 04:19:27 GMT

GET
H2 200 frontend-gtag.min.js Show response
9ad18d.a2cdn1.secureserver.net/wp-content/plugins/google-analytics-for-wordpress/assets/js/ 11 KB
3 KB 17ms
17ms Script
application/javascript 162.159.135.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://9ad18d.a2cdn1.secureserver.net/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js?ver=8.17&time=1688650154

Requested by

Host: baltimoreghosttours.com
URL: https://baltimoreghosttours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.135.45 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bc7269d642327a2174736fc2b0231d1626e6fff1ca2f57e19c59835e73febe85

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://baltimoreghosttours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 09 Jul 2023 04:19:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
x-cacheable: YES
x-backend: local
age: 1
x-xid: 3445584
x-cache: uncached
x-cache-server: a2nlwpwc032-ssl
content-encoding: br
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-web-server: eac740c7-ac45-a1a2-3c17-5cea746bd320
last-modified: Thu, 29 Jun 2023 23:26:03 GMT
x-php-version: 8.0
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
x-cache-hit: MISS
cache-control: public, max-age=2678400
x-proxy-server: a2nlwpproxy015.prod.iad2.secureserver.net
cf-ray: 7e3dc4d2389f30e2-FRA
expires: Wed, 09 Aug 2023 04:19:27 GMT

GET
H2 200 jquery.min.js Show response
9ad18d.a2cdn1.secureserver.net/wp-includes/js/jquery/ 88 KB
32 KB 55ms
20ms Script
application/javascript 162.159.135.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://9ad18d.a2cdn1.secureserver.net/wp-includes/js/jquery/jquery.min.js?ver=3.6.4&time=1688650154

Requested by

Host: baltimoreghosttours.com
URL: https://baltimoreghosttours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.135.45 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://baltimoreghosttours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 09 Jul 2023 04:19:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
x-cacheable: YES
x-backend: local
age: 2
x-xid: 3445584
x-cache: uncached
x-cache-server: a2nlwpwc032-ssl
content-encoding: br
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-web-server: eac740c7-ac45-a1a2-3c17-5cea746bd320
last-modified: Mon, 03 Jul 2023 08:23:01 GMT
x-php-version: 8.0
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
x-cache-hit: MISS
cache-control: public, max-age=2678400
x-proxy-server: a2nlwpproxy015.prod.iad2.secureserver.net
cf-ray: 7e3dc4d2088130e2-FRA
expires: Wed, 09 Aug 2023 04:19:27 GMT

GET
H2 200 jquery-migrate.min.js Show response
9ad18d.a2cdn1.secureserver.net/wp-includes/js/jquery/ 13 KB
5 KB 27ms
26ms Script
application/javascript 162.159.135.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://9ad18d.a2cdn1.secureserver.net/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.0&time=1688650154

Requested by

Host: baltimoreghosttours.com
URL: https://baltimoreghosttours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.135.45 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://baltimoreghosttours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 09 Jul 2023 04:19:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
x-cacheable: YES
x-backend: local
age: 1
x-xid: 3445584
x-cache: uncached
x-cache-server: a2nlwpwc032-ssl
content-encoding: br
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-web-server: eac740c7-ac45-a1a2-3c17-5cea746bd320
last-modified: Mon, 03 Jul 2023 08:23:01 GMT
x-php-version: 8.0
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
x-cache-hit: MISS
cache-control: public, max-age=2678400
x-proxy-server: a2nlwpproxy014.prod.iad2.secureserver.net
cf-ray: 7e3dc4d248ae30e2-FRA
expires: Wed, 09 Aug 2023 04:19:27 GMT

GET
H2 200 logo-1.png
9ad18d.a2cdn1.secureserver.net/wp-content/uploads/2016/07/ 4 KB
4 KB 27ms
26ms Image
image/png 162.159.135.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://9ad18d.a2cdn1.secureserver.net/wp-content/uploads/2016/07/logo-1.png

Requested by

Host: baltimoreghosttours.com
URL: https://baltimoreghosttours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.135.45 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e6b5be6ad27c115c92bd8554089db610409d9a559c449722a4ded9583527ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://baltimoreghosttours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 09 Jul 2023 04:19:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
x-cacheable: YES
x-backend: local
age: 1
cf-polished: origSize=4372
x-cache: uncached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400
content-length: 3973
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Thu, 28 Sep 2017 12:41:31 GMT
server: cloudflare
x-php-version: 8.0
etag: "1114-55a3f3a4b34c0"
vary: Accept-Encoding
content-type: image/png
x-cache-hit: MISS
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 7e3dc4d248af30e2-FRA
expires: Wed, 09 Aug 2023 04:19:27 GMT

GET
H2 200 / Show response
fareharbor.com/embeds/script/items/baltimorewickedhistorytour/ 34 KB
11 KB 639ms
315ms Script
text/javascript 54.183.90.147
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fareharbor.com/embeds/script/items/baltimorewickedhistorytour/?selected-items=41423%2C27098%2C27097%2C31032&fallback=simple

Requested by

Host: baltimoreghosttours.com
URL: https://baltimoreghosttours.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.183.90.147 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-183-90-147.us-west-1.compute.amazonaws.com

Software

Resource Hash

757f2147fbb6f3ca007450c55e7b3c8ecfe829b6217b701ce0ff5400d142c241

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://baltimoreghosttours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 09 Jul 2023 04:19:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-fh-loadbalancer: production-appservers_docker-a-7
x-amzn-trace-id: Root=1-64aa3550-7112d6dc78f155fd418bd4ab
content-security-policy-report-only: form-action 'self'; script-src 'unsafe-inline' 'unsafe-eval' https://content.fareharbor.me https://js.stripe.com *.adyen.com *.mxpnl.com cdn.mxpnl.com *.filestackapi.com https://js.pusher.com https://www.google.com *.googleapis.com https://ssl.google-analytics.com https://www.google-analytics.com *.adroll.com *.adroll.mgr.consensu.org *.facebook.net *.facebook.com *.cloudflare.com *.hotjar.com https://www.googletagmanager.com https://googleads.g.doubleclick.net https://www.googleadservices.com *.gstatic.com *.paypal.com https://translate.google.com https://*.pusher.com https://ssl.google-analytics.com https://www.google-analytics.com dp58aslhmbcib.cloudfront.net fareharbor.com; frame-src https://js.stripe.com https://hooks.stripe.com *.adyen.com *.filestackapi.com *.googletagmanager.com *.hotjar.com https://www.google.com airtable.com player.vimeo.com facebook.com *.paypal.com https://bid.g.doubleclick.net fareharbor.com; default-src 'none'; base-uri 'self'; object-src 'none'; style-src 'unsafe-inline' content.fareharbor.me *.googleapis.com https://www.gstatic.com dp58aslhmbcib.cloudfront.net fareharbor.com; font-src 'self' data: fh-sites.imgix.net; connect-src wss://ws.pusherapp.com https://api.stripe.com https://www.google-analytics.com https://*.google-analytics.com https://*.analytics.google.com https: fareharbor.com wss:; img-src data: image/svg+xml image/png cdn.filestackcontent.com fh-sites.imgix.net https://www.google-analytics.com www.tripadvisor.com https://www.google.com d.adroll.com facebook.com bat.bing.com www.googletagmanager.com https://googleads.g.doubleclick.net https://www.facebook.com https://www.filepicker.io https//*.gstatic.com dp58aslhmbcib.cloudfront.net d1a2dkr8rai8e2.cloudfront.net fareharbor.com; report-uri /csp-report/
vary: Accept-Encoding, Cookie
content-language: de-de
p3p: CP="This is not a P3P policy."
content-type: text/javascript; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
x-xss-protection: 1; mode=block
expires: 0

GET
H2 200 Leanna_Wordpress.jpg
9ad18d.a2cdn1.secureserver.net/wp-content/uploads/2016/07/ 180 KB
180 KB 17ms
16ms Image
image/jpeg 162.159.135.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://9ad18d.a2cdn1.secureserver.net/wp-content/uploads/2016/07/Leanna_Wordpress.jpg

Requested by

Host: baltimoreghosttours.com
URL: https://baltimoreghosttours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.135.45 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

886cbba056a9b6f34e26208368430636026012b48ffd7f29c7aa3b362e35c75f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://baltimoreghosttours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 09 Jul 2023 04:19:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
x-cacheable: YES
x-backend: local
age: 1
cf-polished: origSize=186291
x-cache: uncached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400
content-length: 184005
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Thu, 28 Sep 2017 12:41:46 GMT
server: cloudflare
x-php-version: 8.0
etag: "2d7b3-55a3f3b301680"
vary: Accept-Encoding
content-type: image/jpeg
x-cache-hit: MISS
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 7e3dc4d248b030e2-FRA
expires: Wed, 09 Aug 2023 04:19:27 GMT

GET
H2 200 / Show response
fareharbor.com/embeds/api/v1/ 34 KB
11 KB 494ms
170ms Script
text/javascript 54.183.90.147
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fareharbor.com/embeds/api/v1/

Requested by

Host: baltimoreghosttours.com
URL: https://baltimoreghosttours.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.183.90.147 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-183-90-147.us-west-1.compute.amazonaws.com

Software

Resource Hash

0fab414d9577ee0bde392a77d546938eb8696b665b8457b98770e6705ae91dba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://baltimoreghosttours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 09 Jul 2023 04:19:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-fh-loadbalancer: production-appservers_docker-a-5
x-amzn-trace-id: Root=1-64aa3550-5d66eba9214243cc179911ac
content-security-policy-report-only: form-action 'self'; script-src 'unsafe-inline' 'unsafe-eval' https://content.fareharbor.me https://js.stripe.com *.adyen.com *.mxpnl.com cdn.mxpnl.com *.filestackapi.com https://js.pusher.com https://www.google.com *.googleapis.com https://ssl.google-analytics.com https://www.google-analytics.com *.adroll.com *.adroll.mgr.consensu.org *.facebook.net *.facebook.com *.cloudflare.com *.hotjar.com https://www.googletagmanager.com https://googleads.g.doubleclick.net https://www.googleadservices.com *.gstatic.com *.paypal.com https://translate.google.com https://*.pusher.com https://ssl.google-analytics.com https://www.google-analytics.com dp58aslhmbcib.cloudfront.net fareharbor.com; frame-src https://js.stripe.com https://hooks.stripe.com *.adyen.com *.filestackapi.com *.googletagmanager.com *.hotjar.com https://www.google.com airtable.com player.vimeo.com facebook.com *.paypal.com https://bid.g.doubleclick.net fareharbor.com; default-src 'none'; base-uri 'self'; object-src 'none'; style-src 'unsafe-inline' content.fareharbor.me *.googleapis.com https://www.gstatic.com dp58aslhmbcib.cloudfront.net fareharbor.com; font-src 'self' data: fh-sites.imgix.net; connect-src wss://ws.pusherapp.com https://api.stripe.com https://www.google-analytics.com https://*.google-analytics.com https://*.analytics.google.com https: fareharbor.com wss:; img-src data: image/svg+xml image/png cdn.filestackcontent.com fh-sites.imgix.net https://www.google-analytics.com www.tripadvisor.com https://www.google.com d.adroll.com facebook.com bat.bing.com www.googletagmanager.com https://googleads.g.doubleclick.net https://www.facebook.com https://www.filepicker.io https//*.gstatic.com dp58aslhmbcib.cloudfront.net d1a2dkr8rai8e2.cloudfront.net fareharbor.com; report-uri /csp-report/
vary: Accept-Encoding, Cookie
content-language: de-de
p3p: CP="This is not a P3P policy."
content-type: text/javascript; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
x-xss-protection: 1; mode=block
expires: 0

GET
H2 200 autoptimize_single_07d4680dcd506330bcb99fd1c192d08c.js Show response
9ad18d.a2cdn1.secureserver.net/wp-content/cache/autoptimize/js/ 2 KB
797 B 27ms
26ms Script
application/javascript 162.159.135.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://9ad18d.a2cdn1.secureserver.net/wp-content/cache/autoptimize/js/autoptimize_single_07d4680dcd506330bcb99fd1c192d08c.js?ver=2.3.2&time=1688650154

Requested by

Host: baltimoreghosttours.com
URL: https://baltimoreghosttours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.135.45 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

155896fea9450076197b3c24ff3c62864125b00515409603a8947a039c4bf0ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://baltimoreghosttours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 09 Jul 2023 04:19:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
x-cacheable: YES
x-backend: local
age: 21101
x-xid: 3445584
x-cache: uncached
x-cache-server: a2nlwpwc032-ssl
content-encoding: br
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-web-server: eac740c7-ac45-a1a2-3c17-5cea746bd320
last-modified: Mon, 22 May 2023 20:51:44 GMT
x-php-version: 8.0
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=30672000
x-cache-hit: MISS
x-proxy-server: a2nlwpproxy014.prod.iad2.secureserver.net
cf-ray: 7e3dc4d248b230e2-FRA
expires: Fri, 28 Jun 2024 04:19:27 GMT

GET
H2 200 comment-reply.min.js Show response
9ad18d.a2cdn1.secureserver.net/wp-includes/js/ 3 KB
1 KB 27ms
26ms Script
application/javascript 162.159.135.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://9ad18d.a2cdn1.secureserver.net/wp-includes/js/comment-reply.min.js?ver=6.2.2&time=1688650154

Requested by

Host: baltimoreghosttours.com
URL: https://baltimoreghosttours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.135.45 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://baltimoreghosttours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 09 Jul 2023 04:19:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
x-cacheable: YES
x-backend: local
age: 21100
x-xid: 3445584
x-cache: uncached
x-cache-server: a2nlwpwc032-ssl
content-encoding: br
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-web-server: eac740c7-ac45-a1a2-3c17-5cea746bd320
last-modified: Mon, 03 Jul 2023 08:23:00 GMT
x-php-version: 8.0
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
x-cache-hit: MISS
cache-control: public, max-age=2678400
x-proxy-server: a2nlwpproxy023.prod.iad2.secureserver.net
cf-ray: 7e3dc4d248b330e2-FRA
expires: Wed, 09 Aug 2023 04:19:27 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 52ms
16ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: baltimoreghosttours.com
URL: https://baltimoreghosttours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://baltimoreghosttours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 09 Jul 2023 03:04:37 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 4490
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sun, 09 Jul 2023 05:04:37 GMT

GET
H3 200 cropped-background_image2.jpg
9ad18d.a2cdn1.secureserver.net/wp-content/uploads/2016/07/ 70 KB
71 KB 20ms
20ms Image
image/jpeg 162.159.135.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://9ad18d.a2cdn1.secureserver.net/wp-content/uploads/2016/07/cropped-background_image2.jpg

Requested by

Host: baltimoreghosttours.com
URL: https://baltimoreghosttours.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.135.45 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

87d87179b5d34c26ef23dad72978d62e74fda4a9d51f825ab9550078fb159bb8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://baltimoreghosttours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 09 Jul 2023 04:19:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
x-cacheable: YES
x-backend: local
age: 21101
cf-polished: origSize=84945
x-cache: uncached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400
content-length: 71921
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Fri, 01 Jul 2016 19:10:39 GMT
server: cloudflare
x-php-version: 8.0
etag: "14bd1-53697bdfd29c0"
vary: Accept-Encoding
content-type: image/jpeg
x-cache-hit: MISS
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 7e3dc4d2498e0394-FRA
expires: Wed, 09 Aug 2023 04:19:27 GMT

GET
H2 200 lato-v23-latin-regular.woff2
baltimoreghosttours.com/wp-content/themes/hemingway/assets/fonts/ 23 KB
24 KB 8ms
7ms Font
font/woff2 192.124.249.134
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://baltimoreghosttours.com/wp-content/themes/hemingway/assets/fonts/lato-v23-latin-regular.woff2

Requested by

Host: baltimoreghosttours.com
URL: https://baltimoreghosttours.com/wp-content/cache/fvm/min/1684788155-css1b74d97a77aec7e19cbfc412cd0b28f3312512296f1b5858f027aadc92c1d.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.134 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10134.sucuri.net

Software

nginx /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Referer: https://baltimoreghosttours.com/wp-content/cache/fvm/min/1684788155-css1b74d97a77aec7e19cbfc412cd0b28f3312512296f1b5858f027aadc92c1d.css
Origin: https://baltimoreghosttours.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 09 Jul 2023 04:19:27 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: local
age: 154269
x-cache: cached
x-sucuri-cache: HIT
x-cacheproxy-retries: 0/2
content-length: 23580
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Mon, 03 Oct 2022 12:34:55 GMT
server: nginx
x-php-version: 8.0
etag: "5c1c-5ea209220bda5"
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 15034
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 lato-v23-latin-700.woff2
baltimoreghosttours.com/wp-content/themes/hemingway/assets/fonts/ 23 KB
23 KB 9ms
8ms Font
font/woff2 192.124.249.134
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://baltimoreghosttours.com/wp-content/themes/hemingway/assets/fonts/lato-v23-latin-700.woff2

Requested by

Host: baltimoreghosttours.com
URL: https://baltimoreghosttours.com/wp-content/cache/fvm/min/1684788155-css1b74d97a77aec7e19cbfc412cd0b28f3312512296f1b5858f027aadc92c1d.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.134 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10134.sucuri.net

Software

nginx /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Referer: https://baltimoreghosttours.com/wp-content/cache/fvm/min/1684788155-css1b74d97a77aec7e19cbfc412cd0b28f3312512296f1b5858f027aadc92c1d.css
Origin: https://baltimoreghosttours.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 09 Jul 2023 04:19:27 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: local
age: 154269
x-cache: cached
x-sucuri-cache: HIT
x-cacheproxy-retries: 0/2
content-length: 23040
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Mon, 03 Oct 2022 12:34:55 GMT
server: nginx
x-php-version: 8.0
etag: "5a00-5ea209220bda5"
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 15034
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 fontawesome-webfont.woff
9ad18d.a2cdn1.secureserver.net/wp-content/plugins/contact-widgets/assets/fonts/ 96 KB
96 KB 36ms
23ms Font
font/woff 162.159.135.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://9ad18d.a2cdn1.secureserver.net/wp-content/plugins/contact-widgets/assets/fonts/fontawesome-webfont.woff

Requested by

Host: baltimoreghosttours.com
URL: https://baltimoreghosttours.com/wp-content/cache/fvm/min/1684788155-css4cc6eb9e567b7caa2557361f984a2f32892a99c7e6f2a9024657e28765cb5.css

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.135.45 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ba0c59deb5450f5cb41b3f93609ee2d0d995415877ddfa223e8a8a7533474f07

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://baltimoreghosttours.com/
Origin: https://baltimoreghosttours.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 09 Jul 2023 04:19:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
x-cacheable: YES
x-backend: local
x-cache: uncached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400
content-length: 98024
x-xss-protection: 1; mode=block
last-modified: Thu, 05 Mar 2020 20:03:29 GMT
x-php-version: 8.0
server: cloudflare
etag: "17ee8-5a02107d02640"
vary: Accept-Encoding
content-type: font/woff
access-control-allow-origin: *
x-cache-hit: MISS
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 7e3dc4d26ece1db0-FRA
expires: Wed, 09 Aug 2023 04:19:27 GMT

GET
H2 200 raleway-v27-latin-700.woff2
baltimoreghosttours.com/wp-content/themes/hemingway/assets/fonts/ 21 KB
22 KB 10ms
9ms Font
font/woff2 192.124.249.134
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://baltimoreghosttours.com/wp-content/themes/hemingway/assets/fonts/raleway-v27-latin-700.woff2

Requested by

Host: baltimoreghosttours.com
URL: https://baltimoreghosttours.com/wp-content/cache/fvm/min/1684788155-css1b74d97a77aec7e19cbfc412cd0b28f3312512296f1b5858f027aadc92c1d.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.134 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10134.sucuri.net

Software

nginx /

Resource Hash

5a6b61a6dec37b97dc483e82526807617e7bf1fb643c89c5bfeff6f92b91fade

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Referer: https://baltimoreghosttours.com/wp-content/cache/fvm/min/1684788155-css1b74d97a77aec7e19cbfc412cd0b28f3312512296f1b5858f027aadc92c1d.css
Origin: https://baltimoreghosttours.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 09 Jul 2023 04:19:27 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: local
age: 188974
x-cache: cached
x-sucuri-cache: HIT
x-cacheproxy-retries: 0/2
content-length: 21456
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Mon, 03 Oct 2022 12:34:55 GMT
server: nginx
x-php-version: 8.0
etag: "53d0-5ea209220b5d5"
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 15034
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 travel_channel_logo.png
9ad18d.a2cdn1.secureserver.net/wp-content/uploads/2016/07/ 6 KB
6 KB 24ms
23ms Image
image/png 162.159.135.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://9ad18d.a2cdn1.secureserver.net/wp-content/uploads/2016/07/travel_channel_logo.png

Requested by

Host: baltimoreghosttours.com
URL: https://baltimoreghosttours.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.135.45 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b60b419f9bd46016fc1b246ca35f2bd004c0d4f668fb40779755075a1d14c94

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://baltimoreghosttours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 09 Jul 2023 04:19:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
x-cacheable: YES
x-backend: local
cf-polished: status=not_needed
x-cache: uncached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400
content-length: 5764
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Thu, 28 Sep 2017 12:41:29 GMT
server: cloudflare
x-php-version: 8.0
etag: "1684-55a3f3a2cb040"
vary: Accept-Encoding
content-type: image/png
x-cache-hit: MISS
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 7e3dc4d269a60394-FRA
expires: Wed, 09 Aug 2023 04:19:27 GMT

GET
H3 200 nbc_logo-300x35.png
9ad18d.a2cdn1.secureserver.net/wp-content/uploads/2016/07/ 6 KB
6 KB 16ms
16ms Image
image/png 162.159.135.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://9ad18d.a2cdn1.secureserver.net/wp-content/uploads/2016/07/nbc_logo-300x35.png

Requested by

Host: baltimoreghosttours.com
URL: https://baltimoreghosttours.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.135.45 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d9333e1b327a8d3930baae0434482df202ffcb05d978c2f08348dddab64ffe55

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://baltimoreghosttours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 09 Jul 2023 04:19:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
x-cacheable: YES
x-backend: local
age: 21100
cf-polished: status=not_needed
x-cache: cached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400
content-length: 5752
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Thu, 28 Sep 2017 12:41:29 GMT
server: cloudflare
x-php-version: 8.0
etag: "1678-55a3f3a2cb040"
vary: Accept-Encoding
content-type: image/png
x-cache-hit: HIT
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 7e3dc4d269a70394-FRA
expires: Wed, 09 Aug 2023 04:19:27 GMT

GET
H3 200 cbs_logo.png
9ad18d.a2cdn1.secureserver.net/wp-content/uploads/2016/07/ 984 B
1 KB 22ms
21ms Image
image/png 162.159.135.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://9ad18d.a2cdn1.secureserver.net/wp-content/uploads/2016/07/cbs_logo.png

Requested by

Host: baltimoreghosttours.com
URL: https://baltimoreghosttours.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.135.45 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4d7e9b24905527200ef5f17129a5b77d0333e15b38964b2d2e72ff3863f0aaa2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://baltimoreghosttours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 09 Jul 2023 04:19:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
x-cacheable: YES
x-backend: local
age: 21102
cf-polished: origSize=1165
x-cache: uncached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400
content-length: 984
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Thu, 28 Sep 2017 12:41:30 GMT
server: cloudflare
x-php-version: 8.0
etag: "48d-55a3f3a3bf280"
vary: Accept-Encoding
content-type: image/png
x-cache-hit: MISS
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 7e3dc4d269a90394-FRA
expires: Wed, 09 Aug 2023 04:19:27 GMT

GET
H3 200 garden_and_gun_logo-300x46.webp
9ad18d.a2cdn1.secureserver.net/wp-content/uploads/2023/05/ 6 KB
6 KB 22ms
22ms Image
image/webp 162.159.135.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://9ad18d.a2cdn1.secureserver.net/wp-content/uploads/2023/05/garden_and_gun_logo-300x46.webp

Requested by

Host: baltimoreghosttours.com
URL: https://baltimoreghosttours.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.135.45 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5076d982838242d887b3451912ff6707262a428f95b4ccec20b065e44e09abf5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://baltimoreghosttours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 09 Jul 2023 04:19:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
x-cacheable: YES:Forced
x-backend: local
age: 21057
x-cache: cached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400
content-length: 5832
x-xss-protection: 1; mode=block
last-modified: Mon, 22 May 2023 21:04:15 GMT
x-php-version: 8.0
server: cloudflare
etag: "16c8-5fc4e9d0b3970"
vary: User-Agent, Accept-Encoding
content-type: image/webp
x-cache-hit: HIT
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 7e3dc4d269aa0394-FRA
expires: Wed, 09 Aug 2023 04:19:27 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
259 B 48ms
17ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-M62CKPY7RL&gtm=45je3750&_p=20834134&gdid=dZGIzZG&cid=165022073.1688876368&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&sid=1688876367&sct=1&seg=0&dl=https%3A%2F%2Fbaltimoreghosttours.com%2F&dt=About%20-%20Baltimore%20Ghost%20Tours&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.forceSSL=true&ep.link_attribution=true
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-M62CKPY7RL
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://baltimoreghosttours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 09 Jul 2023 04:19:27 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://baltimoreghosttours.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
226 B 23ms
22ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=20834134&t=pageview&_s=1&dl=https%3A%2F%2Fbaltimoreghosttours.com%2F&ul=en-us&de=UTF-8&dt=About%20-%20Baltimore%20Ghost%20Tours&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IADAAEABAAAAACAAI~&jid=2041601162&gjid=2033991034&cid=165022073.1688876368&tid=UA-1811733-3&_gid=892769254.1688876368&_r=1&_slc=1&z=184444571

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

f6adc8c273b64b0a322b83a3db4e39caa019596a9b1c2e4f6779f3b36a1c86ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://baltimoreghosttours.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 09 Jul 2023 04:19:27 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://baltimoreghosttours.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 213 KB
76 KB 28ms
28ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-298NQQHJCN&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

45129aa4ccb59792117d0f7e509dd7f7b468c1f3b2e0586fcc84059c186f9cb1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://baltimoreghosttours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 09 Jul 2023 04:19:27 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 78207
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 09 Jul 2023 04:19:27 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 21ms
21ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-298NQQHJCN&gtm=45je3750&_p=20834134&gdid=dZGIzZG&ul=en-us&sr=1600x1200&cid=165022073.1688876368&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=ABA&ngs=1&_s=1&dl=https%3A%2F%2Fbaltimoreghosttours.com%2F&dt=About%20-%20Baltimore%20Ghost%20Tours&sid=1688876367&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-298NQQHJCN&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://baltimoreghosttours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 09 Jul 2023 04:19:27 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://baltimoreghosttours.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
fareharbor.com/embeds/cart/ Frame 41B0 468 KB
117 KB 209ms
209ms Document
text/html 54.183.90.147
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fareharbor.com/embeds/cart/?u=b859f625-dcbd-4fbb-b613-ed9c7b75753a&from-ssl=yes&ga=UA-1811733-3,165022073.1688876368%3B&g4=yes&a=no&back=https://baltimoreghosttours.com/

Requested by

Host: fareharbor.com
URL: https://fareharbor.com/embeds/script/items/baltimorewickedhistorytour/?selected-items=41423%2C27098%2C27097%2C31032&fallback=simple

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.183.90.147 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-183-90-147.us-west-1.compute.amazonaws.com

Software

Resource Hash

888eb13fded755247532c9b51cde671a478040980bfbe748c0ff267b07bfede1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://baltimoreghosttours.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-language: de-de
content-security-policy-report-only: form-action 'self'; script-src 'unsafe-inline' 'unsafe-eval' https://content.fareharbor.me https://js.stripe.com *.adyen.com *.mxpnl.com cdn.mxpnl.com *.filestackapi.com https://js.pusher.com https://www.google.com *.googleapis.com https://ssl.google-analytics.com https://www.google-analytics.com *.adroll.com *.adroll.mgr.consensu.org *.facebook.net *.facebook.com *.cloudflare.com *.hotjar.com https://www.googletagmanager.com https://googleads.g.doubleclick.net https://www.googleadservices.com *.gstatic.com *.paypal.com https://translate.google.com https://*.pusher.com https://ssl.google-analytics.com https://www.google-analytics.com dp58aslhmbcib.cloudfront.net fareharbor.com; frame-src https://js.stripe.com https://hooks.stripe.com *.adyen.com *.filestackapi.com *.googletagmanager.com *.hotjar.com https://www.google.com airtable.com player.vimeo.com facebook.com *.paypal.com https://bid.g.doubleclick.net fareharbor.com; default-src 'none'; base-uri 'self'; object-src 'none'; style-src 'unsafe-inline' content.fareharbor.me *.googleapis.com https://www.gstatic.com dp58aslhmbcib.cloudfront.net fareharbor.com; font-src 'self' data: fh-sites.imgix.net; connect-src wss://ws.pusherapp.com https://api.stripe.com https://www.google-analytics.com https://*.google-analytics.com https://*.analytics.google.com https: fareharbor.com wss:; img-src data: image/svg+xml image/png cdn.filestackcontent.com fh-sites.imgix.net https://www.google-analytics.com www.tripadvisor.com https://www.google.com d.adroll.com facebook.com bat.bing.com www.googletagmanager.com https://googleads.g.doubleclick.net https://www.facebook.com https://www.filepicker.io https//*.gstatic.com dp58aslhmbcib.cloudfront.net d1a2dkr8rai8e2.cloudfront.net fareharbor.com; report-uri /csp-report/
content-type: text/html; charset=utf-8
date: Sun, 09 Jul 2023 04:19:28 GMT
p3p: CP="This is not a P3P policy."
strict-transport-security: max-age=31536000
vary: Accept-Encoding Cookie
x-amzn-trace-id: Root=1-64aa3550-1dd4ea345f8074ed5584294e
x-content-type-options: nosniff
x-fh-loadbalancer: production-appservers_docker-b-7
x-xss-protection: 1; mode=block

GET
H2 200 output.cefdbc5a7881.css
dp58aslhmbcib.cloudfront.net/static/cache/css/ Frame 41B0 185 KB
32 KB 45ms
8ms Stylesheet
text/css 13.32.118.162
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dp58aslhmbcib.cloudfront.net/static/cache/css/output.cefdbc5a7881.css

Requested by

Host: fareharbor.com
URL: https://fareharbor.com/embeds/cart/?u=b859f625-dcbd-4fbb-b613-ed9c7b75753a&from-ssl=yes&ga=UA-1811733-3,165022073.1688876368%3B&g4=yes&a=no&back=https://baltimoreghosttours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.118.162 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-118-162.fra60.r.cloudfront.net

Software

nginx/1.22.1 /

Resource Hash

cefdbc5a7881a93f7df33458894f9cc5d32f529217c5307c9284721756a21a0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fareharbor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 11:45:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
via: 1.1 8eee0c5143f92bd7600d25e3dc25ce5e.cloudfront.net (CloudFront)
x-fh-loadbalancer: production-appservers_docker-b-4
x-amz-cf-pop: FRA60-P1
age: 491660
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
last-modified: Mon, 03 Jul 2023 11:19:05 GMT
server: nginx/1.22.1
etag: "64a2aea9-2e3bb"
vary: Accept-Encoding
content-type: text/css
cache-control: public
x-amz-cf-id: unNJc995PDkO2tf0eqy-67fEyZJDpAgvigSxYYKRhbUPrg5omMz1Zg==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 output.34846959e9a8.css
dp58aslhmbcib.cloudfront.net/static/cache/css/ Frame 41B0 2 KB
825 B 46ms
10ms Stylesheet
text/css 13.32.118.162
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dp58aslhmbcib.cloudfront.net/static/cache/css/output.34846959e9a8.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.118.162 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-118-162.fra60.r.cloudfront.net

Software

nginx/1.22.1 /

Resource Hash

34846959e9a847bbadfeabffaaee9394efbebf1cc4d5045ea1100e28ff19cfb4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fareharbor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 24 May 2023 04:55:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
via: 1.1 8eee0c5143f92bd7600d25e3dc25ce5e.cloudfront.net (CloudFront)
x-fh-loadbalancer: production-appservers_docker-b-2
x-amz-cf-pop: FRA60-P1
age: 3972213
x-cache: Hit from cloudfront
content-length: 332
x-xss-protection: 1; mode=block
last-modified: Tue, 23 May 2023 11:14:29 GMT
server: nginx/1.22.1
etag: "646ca015-9da"
vary: Accept-Encoding
content-type: text/css
cache-control: public
x-amz-cf-id: HTyIXj_Qq9FFHor9CkUipQnlafwNC5CPm-CO64wy2x5s6sILSAAQEw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 output.ab0deb229238.js Show response
dp58aslhmbcib.cloudfront.net/static/cache/js/ Frame 41B0 2 MB
429 KB 44ms
30ms Script
application/javascript 13.32.118.162
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dp58aslhmbcib.cloudfront.net/static/cache/js/output.ab0deb229238.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.118.162 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-118-162.fra60.r.cloudfront.net

Software

nginx/1.22.1 /

Resource Hash

ab0deb22923881eba7159caccfd1450c2ad4cad437c4fb0641beaed9b45aa196

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fareharbor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 04 Jul 2023 14:59:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
via: 1.1 8eee0c5143f92bd7600d25e3dc25ce5e.cloudfront.net (CloudFront)
x-fh-loadbalancer: production-appservers_docker-b-3
x-amz-cf-pop: FRA60-P1
age: 393625
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
last-modified: Tue, 04 Jul 2023 14:19:20 GMT
server: nginx/1.22.1
etag: "64a42a68-21400f"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public
x-amz-cf-id: E0T3y8Elq2ovKQAOG0NTs3TZqLIb39S8fTfLXxMhHxACDyLrKhsSDQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 41B0 192 KB
70 KB 28ms
27ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-6WXE90X597

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

66194716be346d7c402fd64b9e3ad948dd5828c6b2883154e6d144fa7b5ec557

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fareharbor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 09 Jul 2023 04:19:28 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 71960
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 09 Jul 2023 04:19:28 GMT

GET
H2 200 de.js Show response
fareharbor.com/static/jstranslation/momentjs/ Frame 41B0 3 KB
1 KB 161ms
160ms Script
application/javascript 54.183.90.147
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fareharbor.com/static/jstranslation/momentjs/de.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.183.90.147 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-183-90-147.us-west-1.compute.amazonaws.com

Software

nginx/1.22.1 /

Resource Hash

31bb69b3291fe9c0bad2e12129b38ca228d5b1f971e47588aa50a50639c7b450

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fareharbor.com/embeds/cart/?u=b859f625-dcbd-4fbb-b613-ed9c7b75753a&from-ssl=yes&ga=UA-1811733-3,165022073.1688876368%3B&g4=yes&a=no&back=https://baltimoreghosttours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 09 Jul 2023 04:19:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
last-modified: Fri, 07 Jul 2023 20:10:08 GMT
server: nginx/1.22.1
x-fh-loadbalancer: production-appservers_docker-a-6
etag: "64a87120-b11"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public
content-length: 1039
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 djangojs.js Show response
fareharbor.com/static/jstranslation/de/ Frame 41B0 165 KB
42 KB 162ms
161ms Script
application/javascript 54.183.90.147
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fareharbor.com/static/jstranslation/de/djangojs.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.183.90.147 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-183-90-147.us-west-1.compute.amazonaws.com

Software

nginx/1.22.1 /

Resource Hash

50776dadd9d08f2d8969d0096915866db21022df8e0884430416f088cbc44765

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fareharbor.com/embeds/cart/?u=b859f625-dcbd-4fbb-b613-ed9c7b75753a&from-ssl=yes&ga=UA-1811733-3,165022073.1688876368%3B&g4=yes&a=no&back=https://baltimoreghosttours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 09 Jul 2023 04:19:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
last-modified: Fri, 07 Jul 2023 20:10:08 GMT
server: nginx/1.22.1
x-fh-loadbalancer: production-appservers_docker-a-1
etag: "64a87120-292e3"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 output.0b2d5ce9fb0c.js Show response
dp58aslhmbcib.cloudfront.net/static/cache/js/ Frame 41B0 644 KB
172 KB 29ms
15ms Script
application/javascript 13.32.118.162
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dp58aslhmbcib.cloudfront.net/static/cache/js/output.0b2d5ce9fb0c.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.118.162 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-118-162.fra60.r.cloudfront.net

Software

nginx/1.22.1 /

Resource Hash

0b2d5ce9fb0cfa50aedf44ce5f2e8e143157a6bed8408c26a48e5721bc29d25f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fareharbor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 14:11:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
via: 1.1 8eee0c5143f92bd7600d25e3dc25ce5e.cloudfront.net (CloudFront)
x-fh-loadbalancer: production-appservers_docker-a-5
x-amz-cf-pop: FRA60-P1
age: 223663
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
last-modified: Thu, 06 Jul 2023 11:10:27 GMT
server: nginx/1.22.1
etag: "64a6a123-a0e2e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public
x-amz-cf-id: 6JVGXueWvsaIzyN9pho6RerbrHV0JwrspzPON9qKovDedS-nHrBdxw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

POST
H2 200 / Show response
o10963.ingest.sentry.io/api/5933789/envelope/ Frame 41B0 2 B
301 B 69ms
24ms Fetch
application/json 34.120.195.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://o10963.ingest.sentry.io/api/5933789/envelope/?sentry_key=3c9ece80fbdf4edfaf944d2be20b4532&sentry_version=7

Requested by

Host: dp58aslhmbcib.cloudfront.net
URL: https://dp58aslhmbcib.cloudfront.net/static/cache/js/output.ab0deb229238.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://fareharbor.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 09 Jul 2023 04:19:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
server: nginx
vary: origin,access-control-request-method,access-control-request-headers
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

GET
H2 200 / Show response
fareharbor.com/api/v1/persistence/b859f625-dcbd-4fbb-b613-ed9c7b75753a/ Frame 41B0 24 B
355 B 172ms
172ms XHR
application/json 54.183.90.147
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fareharbor.com/api/v1/persistence/b859f625-dcbd-4fbb-b613-ed9c7b75753a/

Requested by

Host: dp58aslhmbcib.cloudfront.net
URL: https://dp58aslhmbcib.cloudfront.net/static/cache/js/output.ab0deb229238.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.183.90.147 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-183-90-147.us-west-1.compute.amazonaws.com

Software

Resource Hash

665dfdc1859f43c9f0626d980a4efe4647c5a5d42c12020ac8d136e42c1b0fb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

X-FH-Target-Language: de-de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://fareharbor.com/embeds/cart/?u=b859f625-dcbd-4fbb-b613-ed9c7b75753a&from-ssl=yes&ga=UA-1811733-3,165022073.1688876368;&g4=yes&a=no&back=https://baltimoreghosttours.com/
X-Requested-With: XMLHttpRequest
X-CSRFToken: nTe2l9GU1UVEW7ymVtxbFwbbM8ozj1KiV1ts6iK82c5VZQmbHAKqVLei7BSZV9KJ
sentry-trace: a4d0d928b68a4353b06ed58fcb7f198e-b36acd817ac53b6c-0

Response headers

date: Sun, 09 Jul 2023 04:19:29 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-fh-loadbalancer: production-appservers_docker-b-9
x-amzn-trace-id: Root=1-64aa3551-2eb5a49f594021263c240030
vary: Accept-Encoding, Cookie
x-frame-options: SAMEORIGIN
content-type: application/json
p3p: CP="This is not a P3P policy."
content-language: de-de
content-length: 24
x-xss-protection: 1; mode=block

POST
H2 200 / Show response
o10963.ingest.sentry.io/api/5933789/envelope/ Frame 41B0 2 B
65 B 23ms
21ms Fetch
application/json 34.120.195.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://o10963.ingest.sentry.io/api/5933789/envelope/?sentry_key=3c9ece80fbdf4edfaf944d2be20b4532&sentry_version=7

Requested by

Host: dp58aslhmbcib.cloudfront.net
URL: https://dp58aslhmbcib.cloudfront.net/static/cache/js/output.ab0deb229238.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://fareharbor.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 09 Jul 2023 04:19:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
server: nginx
vary: origin,access-control-request-method,access-control-request-headers
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

POST
H2 200 / Show response
o10963.ingest.sentry.io/api/5933789/envelope/ Frame 41B0 2 B
65 B 22ms
21ms Fetch
application/json 34.120.195.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://o10963.ingest.sentry.io/api/5933789/envelope/?sentry_key=3c9ece80fbdf4edfaf944d2be20b4532&sentry_version=7

Requested by

Host: dp58aslhmbcib.cloudfront.net
URL: https://dp58aslhmbcib.cloudfront.net/static/cache/js/output.ab0deb229238.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://fareharbor.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 09 Jul 2023 04:19:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
server: nginx
vary: origin,access-control-request-method,access-control-request-headers
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

POST
H2 200 / Show response
o10963.ingest.sentry.io/api/5933789/envelope/ Frame 41B0 2 B
65 B 22ms
22ms Fetch
application/json 34.120.195.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://o10963.ingest.sentry.io/api/5933789/envelope/?sentry_key=3c9ece80fbdf4edfaf944d2be20b4532&sentry_version=7

Requested by

Host: dp58aslhmbcib.cloudfront.net
URL: https://dp58aslhmbcib.cloudfront.net/static/cache/js/output.ab0deb229238.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://fareharbor.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 09 Jul 2023 04:19:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
server: nginx
vary: origin,access-control-request-method,access-control-request-headers
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

POST
H2 200 / Show response
o10963.ingest.sentry.io/api/5933789/envelope/ Frame 41B0 2 B
65 B 22ms
21ms Fetch
application/json 34.120.195.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://o10963.ingest.sentry.io/api/5933789/envelope/?sentry_key=3c9ece80fbdf4edfaf944d2be20b4532&sentry_version=7

Requested by

Host: dp58aslhmbcib.cloudfront.net
URL: https://dp58aslhmbcib.cloudfront.net/static/cache/js/output.ab0deb229238.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://fareharbor.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 09 Jul 2023 04:19:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
server: nginx
vary: origin,access-control-request-method,access-control-request-headers
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

Verdicts & Comments Add Verdict or Comment

33 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.baltimoreghosttours.com/	1970-01-20 22:43:56	Name: _ga_M62CKPY7RL Value: GS1.1.1688876367.1.0.1688876367.0.0.0
.baltimoreghosttours.com/	1970-01-20 22:43:56	Name: _ga Value: GA1.2.165022073.1688876368
.baltimoreghosttours.com/	1970-01-20 13:09:22	Name: _gid Value: GA1.2.892769254.1688876368
.baltimoreghosttours.com/	1970-01-20 13:07:56	Name: _gat Value: 1
.baltimoreghosttours.com/	1970-01-20 22:43:56	Name: _ga_298NQQHJCN Value: GS1.2.1688876367.1.0.1688876367.0.0.0

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://fareharbor.com/embeds/script/items/baltimorewickedhistorytour/?selected-items=41423%2C27098%2C27097%2C31032&fallback=simple(Line 63) Message: Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

9ad18d.a2cdn1.secureserver.net
baltimoreghosttours.com
dp58aslhmbcib.cloudfront.net
fareharbor.com
o10963.ingest.sentry.io
region1.google-analytics.com
wickedhistorybaltimore.com
www.google-analytics.com
www.googletagmanager.com
13.32.118.162
162.159.135.45
192.124.249.134
2001:4860:4802:34::36
2607:f1c0:100f:f000::200
2a00:1450:4001:808::200e
2a00:1450:4001:831::2008
34.120.195.249
54.183.90.147
05d7cad8048e94559978788010c30e45328b3b213a663fb1527f5327e7a9f359
0b2d5ce9fb0cfa50aedf44ce5f2e8e143157a6bed8408c26a48e5721bc29d25f
0fab414d9577ee0bde392a77d546938eb8696b665b8457b98770e6705ae91dba
119172dffe1c3da0da87956a3f6e21d33eed6cdb77bc5ba57141b3191ac0af88
155896fea9450076197b3c24ff3c62864125b00515409603a8947a039c4bf0ff
31bb69b3291fe9c0bad2e12129b38ca228d5b1f971e47588aa50a50639c7b450
34846959e9a847bbadfeabffaaee9394efbebf1cc4d5045ea1100e28ff19cfb4
408c3d3cd5dbf5d209949a4ea96814ef111481f89f0d7d29384cccd933365a7e
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45129aa4ccb59792117d0f7e509dd7f7b468c1f3b2e0586fcc84059c186f9cb1
4c982cb7a6d28df8be609329043b8c22f1b8b93a30ed646c4dbcc87b92a52448
4d7e9b24905527200ef5f17129a5b77d0333e15b38964b2d2e72ff3863f0aaa2
5076d982838242d887b3451912ff6707262a428f95b4ccec20b065e44e09abf5
50776dadd9d08f2d8969d0096915866db21022df8e0884430416f088cbc44765
53b7bbc031db0dcff260ebd58edc3dc63f7fa19e1789a9085b5a5794baecddad
5a6b61a6dec37b97dc483e82526807617e7bf1fb643c89c5bfeff6f92b91fade
66194716be346d7c402fd64b9e3ad948dd5828c6b2883154e6d144fa7b5ec557
665dfdc1859f43c9f0626d980a4efe4647c5a5d42c12020ac8d136e42c1b0fb7
6b60b419f9bd46016fc1b246ca35f2bd004c0d4f668fb40779755075a1d14c94
757f2147fbb6f3ca007450c55e7b3c8ecfe829b6217b701ce0ff5400d142c241
87d87179b5d34c26ef23dad72978d62e74fda4a9d51f825ab9550078fb159bb8
886cbba056a9b6f34e26208368430636026012b48ffd7f29c7aa3b362e35c75f
888eb13fded755247532c9b51cde671a478040980bfbe748c0ff267b07bfede1
8f5e894e941d7167640736f9aebdf1f5f1280a9cc32ef4664d6f70fbab5f7b6f
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3
9e02a7ddd85e0d51724566705e99a3111dfaf37870d88697732f19786f472a9f
ab0deb22923881eba7159caccfd1450c2ad4cad437c4fb0641beaed9b45aa196
afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a
ba0c59deb5450f5cb41b3f93609ee2d0d995415877ddfa223e8a8a7533474f07
bc7269d642327a2174736fc2b0231d1626e6fff1ca2f57e19c59835e73febe85
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
caeb94cba06a2a0f1823f320276db725c85b133c8a06381e0e812f65e6dd8755
cefdbc5a7881a93f7df33458894f9cc5d32f529217c5307c9284721756a21a0c
d298f7a2a61a84cb0b5ce405325ac1d476f91ee7edf7cf97427c5eaded1b48cd
d9333e1b327a8d3930baae0434482df202ffcb05d978c2f08348dddab64ffe55
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6b5be6ad27c115c92bd8554089db610409d9a559c449722a4ded9583527ab9b
f6adc8c273b64b0a322b83a3db4e39caa019596a9b1c2e4f6779f3b36a1c86ea

baltimoreghosttours.com Open in urlscan Pro 192.124.249.134 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

46 Requests

100 %HTTPS

44 %IPv6

8 Domains

9 Subdomains

8 IPs

3 Countries

1590 kBTransfer

5142 kBSize

5 Cookies

20 Outgoing links

Page URL History

Redirected requests

46 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

baltimoreghosttours.com Open in urlscan Pro
192.124.249.134 Public Scan

Screenshot
Live screenshot

Full Image

46
Requests

100 %
HTTPS

44 %
IPv6

8
Domains

9
Subdomains

8
IPs

3
Countries

1590 kB
Transfer

5142 kB
Size

5
Cookies

46 HTTP transactions
0 data transactions