www.grandadventures.com Open in urlscan Pro
195.179.238.248 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://r20.rs6.net/tn.jsp?f=0014WdpTa9X6rENbFFpBKHezN8hp2zGDBtAwat9cUN3WcfZD_46IzC2vQhSYAaAxdwCYIi8pwWH9cdw-fMkw-G0...
Effective URL:
https://www.grandadventures.com/snowmobiling/
Submission: On January 26 via api (January 26th 2024, 9:10:57 am UTC) from CA — Scanned from CA

Summary HTTP 141 Redirects Links 15 Behaviour Indicators

Summary

This website contacted 27 IPs in 1 countries across 25 domains to perform 141 HTTP transactions. The main IP is 195.179.238.248, located in Asheville, United States and belongs to AS-HOSTINGER, CY. The main domain is www.grandadventures.com.
TLS certificate: Issued by R3 on January 10th 2024. Valid for: 3 months.

This is the only time www.grandadventures.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	208.75.122.11 208.75.122.11	40444 (ASN-CC) (ASN-CC)
48	195.179.238.248 195.179.238.248	47583 (AS-HOSTINGER) (AS-HOSTINGER)
4	142.251.16.97 142.251.16.97	15169 (GOOGLE) (GOOGLE)
4	172.64.140.13 172.64.140.13	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	142.251.167.95 142.251.167.95	15169 (GOOGLE) (GOOGLE)
7	172.253.122.95 172.253.122.95	15169 (GOOGLE) (GOOGLE)
3	185.93.1.247 185.93.1.247	60068 (CDN77 ^_^) (CDN77 ^_^)
3	172.253.63.139 172.253.63.139	15169 (GOOGLE) (GOOGLE)
3	172.253.122.155 172.253.122.155	15169 (GOOGLE) (GOOGLE)
1	172.253.63.94 172.253.63.94	15169 (GOOGLE) (GOOGLE)
2	31.13.66.19 31.13.66.19	32934 (FACEBOOK) (FACEBOOK)
2	146.75.28.84 146.75.28.84	54113 (FASTLY) (FASTLY)
5	159.203.125.130 159.203.125.130	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	142.251.111.94 142.251.111.94	15169 (GOOGLE) (GOOGLE)
5	199.232.197.208 199.232.197.208	54113 (FASTLY) (FASTLY)
15	199.36.158.100 199.36.158.100	54113 (FASTLY) (FASTLY)
2	174.137.122.128 174.137.122.128	54668 (MARCHEX-EAST) (MARCHEX-EAST)
7	142.251.163.102 142.251.163.102	15169 (GOOGLE) (GOOGLE)
1	31.13.66.35 31.13.66.35	32934 (FACEBOOK) (FACEBOOK)
1	52.0.243.115 52.0.243.115	14618 (AMAZON-AES) (AMAZON-AES)
6	142.250.31.95 142.250.31.95	15169 (GOOGLE) (GOOGLE)
1	34.110.166.32 34.110.166.32	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
6	151.101.66.79 151.101.66.79	54113 (FASTLY) (FASTLY)
1	151.101.65.26 151.101.65.26	54113 (FASTLY) (FASTLY)
1	151.101.66.137 151.101.66.137	54113 (FASTLY) (FASTLY)
3	162.247.243.30 162.247.243.30	54113 (FASTLY) (FASTLY)
3	23.39.185.6 23.39.185.6	16625 (AKAMAI-AS) (AKAMAI-AS)
141	27

1 208.75.122.11 (United States) 1 redirects

ASN40444 (ASN-CC, US)
PTR: rs6.net

r20.rs6.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

48 195.179.238.248 (Asheville, United States)

ASN47583 (AS-HOSTINGER, CY)

www.grandadventures.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
grandadventures.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.251.16.97 (United States)

ASN15169 (GOOGLE, US)
PTR: bl-in-f97.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.64.140.13 (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.251.167.95 (United States)

ASN15169 (GOOGLE, US)
PTR: ww-in-f95.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 172.253.122.95 (United States)

ASN15169 (GOOGLE, US)
PTR: bh-in-f95.1e100.net

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
firestore.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.93.1.247 (Chicago, United States)

ASN60068 (CDN77 ^_^, GB)
PTR: 185-93-1-247.bunnyinfra.net

fonts.bunny.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.253.63.139 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f139.1e100.net

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.253.122.155 (United States)

ASN15169 (GOOGLE, US)
PTR: bh-in-f155.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.253.63.94 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f94.1e100.net

www.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 31.13.66.19 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-iad3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 146.75.28.84 (Ashburn, United States)

ASN54113 (FASTLY, US)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 159.203.125.130 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

www.boomchatweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.111.94 (United States)

ASN15169 (GOOGLE, US)
PTR: bk-in-f94.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 199.232.197.208 (United States)

ASN54113 (FASTLY, US)

js.peek.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 199.36.158.100 (United States)

ASN54113 (FASTLY, US)

tomis-bot.firebaseapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cloud.tomis.tech	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 174.137.122.128 (United States)

ASN54668 (MARCHEX-EAST, US)

rw1.marchex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.251.163.102 (United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f102.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 31.13.66.35 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-iad3.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.0.243.115 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-0-243-115.compute-1.amazonaws.com

resources.xg4ken.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.31.95 (Oxford, United States)

ASN15169 (GOOGLE, US)
PTR: bj-in-f95.1e100.net

www.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
firebasestorage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.110.166.32 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 32.166.110.34.bc.googleusercontent.com

book.peek.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 151.101.66.79 (United States)

ASN54113 (FASTLY, US)

book12.freetls.fastly.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.26 (United States)

ASN54113 (FASTLY, US)

polyfill.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.66.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 162.247.243.30 (United States)

ASN54113 (FASTLY, US)

bam-cell.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.39.185.6 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-39-185-6.deploy.static.akamaitechnologies.com

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
48	grandadventures.com www.grandadventures.com grandadventures.com	5 MB
18	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 28 ajax.googleapis.com — Cisco Umbrella Rank: 369 www.googleapis.com — Cisco Umbrella Rank: 20 firebasestorage.googleapis.com — Cisco Umbrella Rank: 6821 firestore.googleapis.com — Cisco Umbrella Rank: 1910	38 KB
13	firebaseapp.com tomis-bot.firebaseapp.com — Cisco Umbrella Rank: 604850	564 KB
7	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
6	fastly.net book12.freetls.fastly.net — Cisco Umbrella Rank: 141946	2 MB
6	peek.com js.peek.com — Cisco Umbrella Rank: 102425 book.peek.com — Cisco Umbrella Rank: 157888	74 KB
5	boomchatweb.com www.boomchatweb.com — Cisco Umbrella Rank: 232383	53 KB
4	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 971	82 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 37	290 KB
3	pinterest.com ct.pinterest.com — Cisco Umbrella Rank: 871	2 KB
3	nr-data.net bam-cell.nr-data.net — Cisco Umbrella Rank: 3011	1 KB
3	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 79	421 B
3	google.com analytics.google.com — Cisco Umbrella Rank: 154	331 B
3	bunny.net fonts.bunny.net — Cisco Umbrella Rank: 10105	35 KB
2	tomis.tech cloud.tomis.tech — Cisco Umbrella Rank: 713398	2 KB
2	marchex.io rw1.marchex.io — Cisco Umbrella Rank: 37092	12 KB
2	pinimg.com s.pinimg.com — Cisco Umbrella Rank: 869	21 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 174	70 KB
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 600	17 KB
1	polyfill.io polyfill.io — Cisco Umbrella Rank: 1365	621 B
1	xg4ken.com resources.xg4ken.com — Cisco Umbrella Rank: 7405	4 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	185 B
1	gstatic.com fonts.gstatic.com	48 KB
1	google.ca www.google.ca — Cisco Umbrella Rank: 9185	408 B
1	rs6.net 1 redirects r20.rs6.net — Cisco Umbrella Rank: 7448	363 B
141	25

	Domain	Requested by
44	www.grandadventures.com	www.grandadventures.com
13	tomis-bot.firebaseapp.com	www.grandadventures.com tomis-bot.firebaseapp.com
7	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
6	book12.freetls.fastly.net	book.peek.com
6	firestore.googleapis.com	tomis-bot.firebaseapp.com
5	js.peek.com	www.grandadventures.com js.peek.com
5	www.boomchatweb.com	www.grandadventures.com www.boomchatweb.com
5	fonts.googleapis.com	www.grandadventures.com js.peek.com book12.freetls.fastly.net
4	www.googleapis.com	tomis-bot.firebaseapp.com
4	grandadventures.com	www.grandadventures.com
4	use.fontawesome.com	www.grandadventures.com use.fontawesome.com
4	www.googletagmanager.com	www.grandadventures.com www.googletagmanager.com tomis-bot.firebaseapp.com
3	ct.pinterest.com	s.pinimg.com www.grandadventures.com
3	bam-cell.nr-data.net	book12.freetls.fastly.net
3	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
3	analytics.google.com	www.googletagmanager.com
3	fonts.bunny.net	www.grandadventures.com fonts.bunny.net
2	firebasestorage.googleapis.com	tomis-bot.firebaseapp.com
2	cloud.tomis.tech	tomis-bot.firebaseapp.com
2	rw1.marchex.io	www.googletagmanager.com rw1.marchex.io
2	s.pinimg.com	www.grandadventures.com s.pinimg.com
2	connect.facebook.net	www.grandadventures.com connect.facebook.net
1	js-agent.newrelic.com	book12.freetls.fastly.net
1	polyfill.io	book.peek.com
1	book.peek.com	js.peek.com
1	resources.xg4ken.com	www.grandadventures.com
1	www.facebook.com	www.grandadventures.com
1	fonts.gstatic.com	fonts.googleapis.com
1	www.google.ca	www.grandadventures.com
1	ajax.googleapis.com	www.grandadventures.com
1	r20.rs6.net	1 redirects
141	31

This site contains links to these domains. Also see Links.

Domain
book.peek.com
www.travelexinsurance.com
maps.cotrip.org
www.weather.gov
rapidimagephoto.com
85burger.com
sweetbonanzatr.org
tourmoi.net
realooks.com
www.servetcelik.net
saintinu.com
germanostrattoria.com
radioarcobaleno.org
localexperiencetours.com
wordpress.org

Subject Issuer	Validity	Valid
grandadventures.com R3	`2024-01-10` - `2024-04-09`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
use.fontawesome.com Cloudflare Inc ECC CA-3	`2023-10-12` - `2024-10-10`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
fonts.bunny.net R3	`2024-01-12` - `2024-04-11`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
*.google.ca GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-11-04` - `2024-02-02`	3 months	crt.sh
*.pinterest.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-31` - `2024-08-07`	a year	crt.sh
www.boomchatweb.com R3	`2023-12-12` - `2024-03-11`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
js.peek.com GlobalSign Atlas R3 DV TLS CA 2023 Q2	`2023-07-01` - `2024-08-01`	a year	crt.sh
firebaseapp.com GTS CA 1D4	`2024-01-17` - `2024-04-16`	3 months	crt.sh
*.marchex.io GeoTrust TLS RSA CA G1	`2023-05-24` - `2024-05-23`	a year	crt.sh
codefacto.co.uk GTS CA 1D4	`2024-01-22` - `2024-04-21`	3 months	crt.sh
*.xg4ken.com Go Daddy Secure Certificate Authority - G2	`2023-10-29` - `2024-11-29`	a year	crt.sh
edgecert.googleapis.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
*.peek.com Go Daddy Secure Certificate Authority - G2	`2023-12-30` - `2025-01-30`	a year	crt.sh
*.freetls.fastly.net GlobalSign Atlas R3 DV TLS CA 2023 Q4	`2023-11-09` - `2024-12-10`	a year	crt.sh
polyfill.io Certainly Intermediate R1	`2024-01-11` - `2024-02-10`	a month	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2024 Q1	`2024-01-15` - `2025-02-15`	a year	crt.sh
*.nr-data.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-29` - `2024-10-01`	a year	crt.sh

This page contains 6 frames:

Primary Page: https://www.grandadventures.com/snowmobiling/
Frame ID: 65C9C63E2DC9631558AC398BC8606ABF
Requests: 98 HTTP requests in this frame

Frame: https://tomis-bot.firebaseapp.com/tomis-device-id/index.html
Frame ID: 4C1F44B5E75AA95EB4B33926D0036CAB
Requests: 3 HTTP requests in this frame

Frame: https://tomis-bot.firebaseapp.com/tomis-device-id/index.html
Frame ID: 9278C2DCBD8C11F86637AA1EE41605AA
Requests: 3 HTTP requests in this frame

Frame: https://tomis-bot.firebaseapp.com/bot/index.html?site=grand-adventures&initialParentWidth=1600&initialParentHeight=1200
Frame ID: 41DA7EBF318360DF5D91D36C994B1646
Requests: 19 HTTP requests in this frame

Frame: https://book.peek.com/
Frame ID: 4FE13897C683190B468913B7E2F47E8C
Requests: 14 HTTP requests in this frame

Frame: https://ct.pinterest.com/ct.html
Frame ID: 823A4EDA1B26F940FB0AC04503C7196F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Snowmobiling Colorado | Snowmobile Rentals Colorado

Page URL History Show full URLs

https://r20.rs6.net/tn.jsp?f=0014WdpTa9X6rENbFFpBKHezN8hp2zGDBtAwat9cUN3WcfZD_46IzC2vQhSYAaAxdwC... HTTP 302
https://www.grandadventures.com/snowmobiling/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Peek (Widgets) Expand

Overall confidence: 100%
Detected patterns

js\.peek\.\w+

Polyfill (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/polyfill\.min\.js

Underscore.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

underscore.*\.js(?:\?ver=([\d.]+))?

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

141
Requests

99 %
HTTPS

0 %
IPv6

25
Domains

31
Subdomains

27
IPs

1
Countries

8605 kB
Transfer

18645 kB
Size

14
Cookies

15 Outgoing links

These are links going to different origins than the main page.

URL: https://book.peek.com/s/2bc7462e-fbc3-46d6-853f-04106ef6c15b/0lKDr?gaClientId=2071391441.1706260232&gaSessionId=1706260232
Title: Book Online

Search URL Search Domain Scan URL

URL: https://www.travelexinsurance.com/?location=06-0332GAresemail&go=bp
Title: click here

Search URL Search Domain Scan URL

URL: https://maps.cotrip.org/home
Title: click here

Search URL Search Domain Scan URL

URL: https://www.weather.gov/
Title: click here

Search URL Search Domain Scan URL

URL: http://rapidimagephoto.com/ga/
Title: View your Photos

Search URL Search Domain Scan URL

URL: https://85burger.com/
Title: artemisbet giriş

Search URL Search Domain Scan URL

URL: https://sweetbonanzatr.org/
Title: Sweet Bonanza Oyna

Search URL Search Domain Scan URL

URL: https://tourmoi.net/
Title: Gates Of Olympus

Search URL Search Domain Scan URL

URL: https://realooks.com/
Title: bahis siteleri

Search URL Search Domain Scan URL

URL: https://www.servetcelik.net/
Title: deneme bonusu veren siteler

Search URL Search Domain Scan URL

URL: https://saintinu.com/
Title: 1xbet giriş

Search URL Search Domain Scan URL

URL: https://germanostrattoria.com/
Title: bonus veren siteler

Search URL Search Domain Scan URL

URL: https://radioarcobaleno.org/
Title: casino siteleri

Search URL Search Domain Scan URL

URL: https://localexperiencetours.com/
Title: 1xbet

Search URL Search Domain Scan URL

URL: https://wordpress.org/
Title: Proudly powered by WordPress

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://r20.rs6.net/tn.jsp?f=0014WdpTa9X6rENbFFpBKHezN8hp2zGDBtAwat9cUN3WcfZD_46IzC2vQhSYAaAxdwCYIi8pwWH9cdw-fMkw-G0APU3SD156IGRUkHiy5U25icQCA1KfGpxnacQ0tAVtBbbpNcuiYWo0uU_I4IAkTXXmHV2lpmMjeUvYo58qEaiREhpIDbqTweyFQ==&c=G4SGiYTJOoEBBuZVINTSLkcqH86n500j39BG_gAf5Z7B70Y7_WzIvA==&ch=OR61JWCcraTjifmlnVIWxxHBGNxmhdhAzAEtSiWvSxQDV-cdJ-_2jw== HTTP 302
https://www.grandadventures.com/snowmobiling/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

141 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.grandadventures.com/snowmobiling/
Redirect Chain

https://r20.rs6.net/tn.jsp?f=0014WdpTa9X6rENbFFpBKHezN8hp2zGDBtAwat9cUN3WcfZD_46IzC2vQhSYAaAxdwCYIi8pwWH9cdw-fMkw-G0APU3SD156IGRUkHiy5U25icQCA1KfGpxnacQ0tAVtBbbpNcuiYWo0uU_I4IAkTXXmHV2lpmMjeUvYo58q...
https://www.grandadventures.com/snowmobiling/

78 KB
22 KB

709ms
376ms

Document
text/html

195.179.238.248
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://www.grandadventures.com/snowmobiling/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

195.179.238.248 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed / PHP/7.4.33

Resource Hash

688f842a95527605623171036652de842649e38972f0bf317f8073713bc6d3cc

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding: br
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Fri, 26 Jan 2024 09:10:28 GMT
link: <https://www.grandadventures.com/snowmobiling/wp-json/>; rel="https://api.w.org/" <https://www.grandadventures.com/snowmobiling/wp-json/wp/v2/pages/7>; rel="alternate"; type="application/json" <https://www.grandadventures.com/snowmobiling/>; rel=shortlink
platform: hostinger
server: LiteSpeed
vary: Accept-Encoding
x-powered-by: PHP/7.4.33

Redirect headers

Cache-Control: private, no-cache, no-store, max-age=0, must-revalidate, no-cache="Set-Cookie"
Connection: close
Content-Length: 0
Content-Type: text/html;charset=ISO-8859-1
Date: Fri, 26 Jan 2024 09:10:27 GMT
Location: https://www.grandadventures.com/snowmobiling/
P3P: CP="CAO DSP TAIa OUR NOR UNI"
Pragma: no-cache
Server: Apache

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 198 KB
71 KB 446ms
159ms Script
application/javascript 142.251.16.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T79BRN4

Requested by

Host: www.grandadventures.com
URL: https://www.grandadventures.com/snowmobiling/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.16.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

de4d44064411e050629b0b0c68bb8eb736485484e9e3079f198d4f9085cc6551

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.grandadventures.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 09:10:28 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 72414
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 26 Jan 2024 09:10:28 GMT

GET
H2 200 style.min.css
www.grandadventures.com/snowmobiling/wp-includes/css/dist/block-library/ 107 KB
13 KB 157ms
157ms Stylesheet
text/css 195.179.238.248
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://www.grandadventures.com/snowmobiling/wp-includes/css/dist/block-library/style.min.css?ver=6.4.2

Requested by

Host: www.grandadventures.com
URL: https://www.grandadventures.com/snowmobiling/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

195.179.238.248 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.grandadventures.com/snowmobiling/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 09:10:28 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 06 Jan 2024 10:14:15 GMT
server: LiteSpeed
etag: "1add3-659927f7-d4c6d25dcd4b89ed;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 13320
expires: Fri, 02 Feb 2024 09:10:28 GMT

GET
H2 200 styles.css
www.grandadventures.com/snowmobiling/wp-content/plugins/contact-form-7/includes/css/ 3 KB
973 B 189ms
187ms Stylesheet
text/css 195.179.238.248
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://www.grandadventures.com/snowmobiling/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.8.6

Requested by

Host: www.grandadventures.com
URL: https://www.grandadventures.com/snowmobiling/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

195.179.238.248 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

ccd31ffa708d025833f954b3e0560cedd58df9a0d2706b2ccee5f501c5b2467b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.grandadventures.com/snowmobiling/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 09:10:28 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Fri, 12 Jan 2024 12:14:38 GMT
server: LiteSpeed
etag: "b4e-65a12d2e-af15c5e9ab27329;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 888
expires: Fri, 02 Feb 2024 09:10:28 GMT

GET
H2 200 simple-banner.css
www.grandadventures.com/snowmobiling/wp-content/plugins/simple-banner/ 470 B
287 B 190ms
188ms Stylesheet
text/css 195.179.238.248
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://www.grandadventures.com/snowmobiling/wp-content/plugins/simple-banner/simple-banner.css?ver=2.17.0

Requested by

Host: www.grandadventures.com
URL: https://www.grandadventures.com/snowmobiling/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

195.179.238.248 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

5e52d2896e4826b8b2cc58b53db6c3e4aaea762a718e2a1375b275ff78285060

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.grandadventures.com/snowmobiling/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 09:10:28 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 06 Jan 2024 10:14:14 GMT
server: LiteSpeed
etag: "1d6-659927f6-7f1bcab18aa02864;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 202
expires: Fri, 02 Feb 2024 09:10:28 GMT

GET
H2 200 style.css
www.grandadventures.com/snowmobiling/wp-content/themes/twentysixteen/ 69 KB
12 KB 190ms
188ms Stylesheet
text/css 195.179.238.248
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://www.grandadventures.com/snowmobiling/wp-content/themes/twentysixteen/style.css?ver=6.4.2

Requested by

Host: www.grandadventures.com
URL: https://www.grandadventures.com/snowmobiling/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

195.179.238.248 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

7062d4d70a9e2c563bbefb6a48df092e4af1af2107fc57587cd81c6f1a0d1748

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.grandadventures.com/snowmobiling/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 09:10:28 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Fri, 12 Jan 2024 12:15:10 GMT
server: LiteSpeed
etag: "114fd-65a12d4e-ceac6535374a6e29;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 12383
expires: Fri, 02 Feb 2024 09:10:28 GMT

GET
H2 200 style.css
www.grandadventures.com/snowmobiling/wp-content/themes/twentysixteen-child/ 21 KB
4 KB 243ms
241ms Stylesheet
text/css 195.179.238.248
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://www.grandadventures.com/snowmobiling/wp-content/themes/twentysixteen-child/style.css?ver=6.4.2

Requested by

Host: www.grandadventures.com
URL: https://www.grandadventures.com/snowmobiling/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

195.179.238.248 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

d8ef7a073e446c37d10620ce6d0003dbb1a0ea1f039ac9168464921faa6a422d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.grandadventures.com/snowmobiling/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 09:10:28 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 06 Jan 2024 10:14:15 GMT
server: LiteSpeed
etag: "54c2-659927f7-3593f0c6742c1bd6;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 4347
expires: Fri, 02 Feb 2024 09:10:28 GMT

GET
H2 200 merriweather-plus-montserrat-plus-inconsolata.css
www.grandadventures.com/snowmobiling/wp-content/themes/twentysixteen/fonts/ 19 KB
1 KB 278ms
276ms Stylesheet
text/css 195.179.238.248
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://www.grandadventures.com/snowmobiling/wp-content/themes/twentysixteen/fonts/merriweather-plus-montserrat-plus-inconsolata.css?ver=20230328

Requested by

Host: www.grandadventures.com
URL: https://www.grandadventures.com/snowmobiling/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

195.179.238.248 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

71adc15350145604f7a2794da7be297e14345f3fb31c4ea37c8a97e5e0b2ccd0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.grandadventures.com/snowmobiling/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 09:10:28 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Fri, 12 Jan 2024 12:15:10 GMT
server: LiteSpeed
etag: "4b81-65a12d4e-a11c695253877701;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 1046
expires: Fri, 02 Feb 2024 09:10:28 GMT

GET
H2 200 genericons.css
www.grandadventures.com/snowmobiling/wp-content/themes/twentysixteen/genericons/ 28 KB
16 KB 278ms
277ms Stylesheet
text/css 195.179.238.248
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://www.grandadventures.com/snowmobiling/wp-content/themes/twentysixteen/genericons/genericons.css?ver=20201208

Requested by

Host: www.grandadventures.com
URL: https://www.grandadventures.com/snowmobiling/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

195.179.238.248 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

0d023c6770c50a23f28adac7508c5b86f9b06774933a8d82e5d9d557610a430c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.grandadventures.com/snowmobiling/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 09:10:28 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Fri, 12 Jan 2024 12:15:10 GMT
server: LiteSpeed
etag: "6e6b-65a12d4e-18edaf21255d4ec1;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 15956
expires: Fri, 02 Feb 2024 09:10:28 GMT

GET
H2 200 style.css
www.grandadventures.com/snowmobiling/wp-content/themes/twentysixteen-child/ 21 KB
4 KB 178ms
177ms Stylesheet
text/css 195.179.238.248
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://www.grandadventures.com/snowmobiling/wp-content/themes/twentysixteen-child/style.css?ver=20231107

Requested by

Host: www.grandadventures.com
URL: https://www.grandadventures.com/snowmobiling/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

195.179.238.248 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

d8ef7a073e446c37d10620ce6d0003dbb1a0ea1f039ac9168464921faa6a422d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.grandadventures.com/snowmobiling/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 09:10:28 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 06 Jan 2024 10:14:15 GMT
server: LiteSpeed
etag: "54c2-659927f7-3593f0c6742c1bd6;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 4347
expires: Fri, 02 Feb 2024 09:10:28 GMT

GET
H2 200 blocks.css
www.grandadventures.com/snowmobiling/wp-content/themes/twentysixteen/css/ 9 KB
2 KB 301ms
300ms Stylesheet
text/css 195.179.238.248
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://www.grandadventures.com/snowmobiling/wp-content/themes/twentysixteen/css/blocks.css?ver=20231016

Requested by

Host: www.grandadventures.com
URL: https://www.grandadventures.com/snowmobiling/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

195.179.238.248 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

231bffaa54579ebd76cf57822499451281bbdc1e623172e3df788879be5e3005

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.grandadventures.com/snowmobiling/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 09:10:28 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Fri, 12 Jan 2024 12:15:10 GMT
server: LiteSpeed
etag: "246f-65a12d4e-e83ae583b8c10a55;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 1869
expires: Fri, 02 Feb 2024 09:10:28 GMT

GET
H2 200 js_composer.min.css
www.grandadventures.com/snowmobiling/wp-content/plugins/js_composer/assets/css/ 449 KB
39 KB 302ms
301ms Stylesheet
text/css 195.179.238.248
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://www.grandadventures.com/snowmobiling/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=5.1.1

Requested by

Host: www.grandadventures.com
URL: https://www.grandadventures.com/snowmobiling/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

195.179.238.248 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

014bdcd85899b1e128d977bbb8f899d6c9623e68cfb63b3a637d39f61ff01ff5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.grandadventures.com/snowmobiling/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 09:10:28 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 06 Jan 2024 10:14:14 GMT
server: LiteSpeed
etag: "70240-659927f6-577e9cb1da6861a4;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 40090
expires: Fri, 02 Feb 2024 09:10:28 GMT

GET
H2 200 jquery.min.js Show response
www.grandadventures.com/snowmobiling/wp-includes/js/jquery/ 86 KB
29 KB 334ms
333ms Script
application/x-javascript 195.179.238.248
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://www.grandadventures.com/snowmobiling/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: www.grandadventures.com
URL: https://www.grandadventures.com/snowmobiling/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

195.179.238.248 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.grandadventures.com/snowmobiling/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 09:10:28 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 06 Jan 2024 10:14:16 GMT
server: LiteSpeed
etag: "15601-659927f8-88f5b936e7eded3b;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 29531
expires: Fri, 02 Feb 2024 09:10:28 GMT

GET
H2 200 jquery-migrate.min.js Show response
www.grandadventures.com/snowmobiling/wp-includes/js/jquery/ 13 KB
5 KB 333ms
330ms Script
application/x-javascript 195.179.238.248
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://www.grandadventures.com/snowmobiling/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: www.grandadventures.com
URL: https://www.grandadventures.com/snowmobiling/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

195.179.238.248 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.grandadventures.com/snowmobiling/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 09:10:28 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 06 Jan 2024 10:14:16 GMT
server: LiteSpeed
etag: "3509-659927f8-c5adfb192c078284;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 4671
expires: Fri, 02 Feb 2024 09:10:28 GMT

GET
H2 200 simple-banner.js Show response
www.grandadventures.com/snowmobiling/wp-content/plugins/simple-banner/ 6 KB
1 KB 333ms
330ms Script
application/x-javascript 195.179.238.248
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://www.grandadventures.com/snowmobiling/wp-content/plugins/simple-banner/simple-banner.js?ver=2.17.0

Requested by

Host: www.grandadventures.com
URL: https://www.grandadventures.com/snowmobiling/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

195.179.238.248 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

b798e798867301d04ad55df8c4b32c3a26379eebc2ce8ec3f4d1b896a4d259e7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.grandadventures.com/snowmobiling/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 09:10:28 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 06 Jan 2024 10:14:14 GMT
server: LiteSpeed
etag: "1769-659927f6-43a094edc5cbd8f7;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 1434
expires: Fri, 02 Feb 2024 09:10:28 GMT

GET
H3 200 functions.js Show response
www.grandadventures.com/snowmobiling/wp-content/themes/twentysixteen/js/ 7 KB
2 KB 150ms
149ms Script
application/x-javascript 195.179.238.248
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://www.grandadventures.com/snowmobiling/wp-content/themes/twentysixteen/js/functions.js?ver=20230629

Requested by

Host: www.grandadventures.com
URL: https://www.grandadventures.com/snowmobiling/

Protocol

Security

QUIC, , AES_128_GCM

Server

195.179.238.248 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

7487eaab8afc394d9746bcacd476d1ceef806107b0eab0b2059c2b37d10311f6

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.grandadventures.com/snowmobiling/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 09:10:32 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Fri, 12 Jan 2024 12:15:10 GMT
server: LiteSpeed
etag: "1c9e-65a12d4e-5c31d3dbc1792fa1;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 1903
expires: Fri, 02 Feb 2024 09:10:32 GMT

GET
H2 200 hustle-icons-font.woff2
www.grandadventures.com/snowmobiling/wp-content/plugins/wordpress-popup/assets/hustle-ui/fonts/ 6 KB
6 KB 333ms
330ms Font
font/woff2 195.179.238.248
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://www.grandadventures.com/snowmobiling/wp-content/plugins/wordpress-popup/assets/hustle-ui/fonts/hustle-icons-font.woff2

Requested by

Host: www.grandadventures.com
URL: https://www.grandadventures.com/snowmobiling/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

195.179.238.248 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

69f370353fef12fbaceef8e636067f722fec5761595ad354e6bcea5e07393f01

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://www.grandadventures.com/snowmobiling/
Origin: https://www.grandadventures.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 09:10:28 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 06 Jan 2024 10:14:14 GMT
server: LiteSpeed
etag: "188c-659927f6-5bb98440eef982bc;;;"
content-type: font/woff2
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 6284
expires: Fri, 02 Feb 2024 09:10:28 GMT

GET
H2 200 b434237098.js Show response
use.fontawesome.com/ 9 KB
4 KB 555ms
106ms Script
text/javascript 172.64.140.13
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/b434237098.js
Requested by: Host: www.grandadventures.com
URL: https://www.grandadventures.com/snowmobiling/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.140.13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0905a9dc4d11b5d0714603a117f7d09fcfc2a1d8b04fe348e36fef0db9005baa

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.grandadventures.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 09:10:28 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 22 Sep 2023 01:16:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4090
etag: W/"13b9c753dd39725b95557fffa88f5e30"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0RS3KK%2FXvBM%2BdOCJeuvj%2FdG9XwvO3PzvhYhDz8BF4youzwLZr8N7od49Bh6K6qJHMjogM4l7ZNImoIvjmL5K9BeumJyIGuqADyR92OrrMx3t4yKU2MiKNbwN9hF%2BBL96SPDCj8g3"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=1800
cf-ray: 84b79f7cf90c96a8-SJC
alt-svc: h3=":443"; ma=86400

GET
H2 200 css
fonts.googleapis.com/ 27 KB
2 KB 3832ms
242ms Stylesheet
text/css 142.251.167.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700,800

Requested by

Host: www.grandadventures.com
URL: https://www.grandadventures.com/snowmobiling/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.167.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f95.1e100.net

Software

ESF /

Resource Hash

22215d5fe62312c1ef69f2de8b6b06dd8ea9a44f0e6be7f8ef4fbc742fb51564

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.grandadventures.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 26 Jan 2024 09:10:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 26 Jan 2024 07:38:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 26 Jan 2024 09:10:31 GMT

GET
H2 200 css
fonts.googleapis.com/ 9 KB
1 KB 3831ms
241ms Stylesheet
text/css 142.251.167.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Kaushan+Script|Raleway:200,300,400,700|Roboto:300

Requested by

Host: www.grandadventures.com
URL: https://www.grandadventures.com/snowmobiling/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.167.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f95.1e100.net

Software

ESF /

Resource Hash

cd60d14fcfdbf38a074a04c215ed39a68561ba83619bd40117f4030fa0064a89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.grandadventures.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 26 Jan 2024 09:10:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 26 Jan 2024 09:10:31 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 26 Jan 2024 09:10:31 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.2.1/ 85 KB
30 KB 7628ms
230ms Script
text/javascript 172.253.122.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js

Requested by

Host: www.grandadventures.com
URL: https://www.grandadventures.com/snowmobiling/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.122.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f95.1e100.net

Software

sffe /

Resource Hash

87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.grandadventures.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 17:36:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 56070
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30306
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 24 Jan 2025 17:36:05 GMT

GET
H2 200 bootstrap.min.css
grandadventures.com/snowmobiling/wp-content/themes/twentysixteen-child/css/ 118 KB
18 KB 333ms
331ms Stylesheet
text/css 195.179.238.248
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://grandadventures.com/snowmobiling/wp-content/themes/twentysixteen-child/css/bootstrap.min.css

Requested by

Host: www.grandadventures.com
URL: https://www.grandadventures.com/snowmobiling/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

195.179.238.248 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

540c42cee4d2f317b03d194c0028d2ee68c6f04da8c0e191d9d5f790daf38009

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.grandadventures.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 09:10:28 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 06 Jan 2024 10:14:15 GMT
server: LiteSpeed
etag: "1d983-659927f7-b41ccb4129206dca;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 17916
expires: Fri, 02 Feb 2024 09:10:28 GMT

GET
H2 200 animate.css
grandadventures.com/snowmobiling/wp-content/themes/twentysixteen-child/css/ 71 KB
4 KB 333ms
332ms Stylesheet
text/css 195.179.238.248
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://grandadventures.com/snowmobiling/wp-content/themes/twentysixteen-child/css/animate.css

Requested by

Host: www.grandadventures.com
URL: https://www.grandadventures.com/snowmobiling/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

195.179.238.248 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

d34c3af0d3b74cbb878ca4472668ebae02410ed1bfe8e85b244bb582d1dcb2ea

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.grandadventures.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 09:10:28 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 06 Jan 2024 10:14:15 GMT
server: LiteSpeed
etag: "11a43-659927f7-d54af3d5d043c1ba;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 3976
expires: Fri, 02 Feb 2024 09:10:28 GMT

GET
H2 200 bootstrap.min.js Show response
grandadventures.com/snowmobiling/wp-content/themes/twentysixteen-child/js/ 36 KB
9 KB 333ms
332ms Script
application/x-javascript 195.179.238.248
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://grandadventures.com/snowmobiling/wp-content/themes/twentysixteen-child/js/bootstrap.min.js

Requested by

Host: www.grandadventures.com
URL: https://www.grandadventures.com/snowmobiling/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

195.179.238.248 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.grandadventures.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 09:10:28 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 06 Jan 2024 10:14:15 GMT
server: LiteSpeed
etag: "90b5-659927f7-c3ff45798b50dbe;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 9391
expires: Fri, 02 Feb 2024 09:10:28 GMT

GET
H2 200 wow.js Show response
grandadventures.com/snowmobiling/wp-content/themes/twentysixteen-child/js/ 10 KB
3 KB 333ms
332ms Script
application/x-javascript 195.179.238.248
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://grandadventures.com/snowmobiling/wp-content/themes/twentysixteen-child/js/wow.js

Requested by

Host: www.grandadventures.com
URL: https://www.grandadventures.com/snowmobiling/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

195.179.238.248 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

32c86ff33e0d7801013bb913c8089ecfdc9af5cf08a03caa32b3a062a2e27ecb

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.grandadventures.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 09:10:28 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 06 Jan 2024 10:14:15 GMT
server: LiteSpeed
etag: "28ec-659927f7-969ae7fdb067506c;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 2538
expires: Fri, 02 Feb 2024 09:10:28 GMT

GET
BLOB 200
OK aaa18c57-337f-4281-9628-0feb1644e0ac
https://www.grandadventures.com/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.grandadventures.com/aaa18c57-337f-4281-9628-0feb1644e0ac
Requested by: Host: www.grandadventures.com
URL: https://www.grandadventures.com/snowmobiling/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H2 200 grand-logo-white.png
www.grandadventures.com/snowmobiling/wp-content/uploads/2017/10/ 4 KB
4 KB 302ms
301ms Image
image/png 195.179.238.248
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.grandadventures.com/snowmobiling/wp-content/uploads/2017/10/grand-logo-white.png

Requested by

Host: www.grandadventures.com
URL: https://www.grandadventures.com/snowmobiling/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

195.179.238.248 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

25478d9c8e2b6d115cc3a95162440cbe93f4449f9f0fdaeca5b72c74d94dfeff

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.grandadventures.com/snowmobiling/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 09:10:28 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 06 Jan 2024 10:14:15 GMT
server: LiteSpeed
etag: "1142-659927f7-5d3dcadbc53b19a5;;;"
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 4418
expires: Fri, 02 Feb 2024 09:10:28 GMT

GET
H2 200 snow_BG-2-650x650.png
www.grandadventures.com/snowmobiling/wp-content/uploads/2024/01/ 696 KB
696 KB 302ms
301ms Image
image/png 195.179.238.248
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.grandadventures.com/snowmobiling/wp-content/uploads/2024/01/snow_BG-2-650x650.png

Requested by

Host: www.grandadventures.com
URL: https://www.grandadventures.com/snowmobiling/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

195.179.238.248 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

9a48cd2d5919916d267c538b484cc7f37f9e26d09ec67309c0621e66b1321800

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.grandadventures.com/snowmobiling/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 09:10:28 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Thu, 11 Jan 2024 17:42:12 GMT
server: LiteSpeed
etag: "adee5-65a02874-d92ec1758de74cda;;;"
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 712421
expires: Fri, 02 Feb 2024 09:10:28 GMT

GET
H2 200 GA_1-1024x505.png
www.grandadventures.com/snowmobiling/wp-content/uploads/2024/01/ 926 KB
926 KB 302ms
302ms Image
image/png 195.179.238.248
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.grandadventures.com/snowmobiling/wp-content/uploads/2024/01/GA_1-1024x505.png

Requested by

Host: www.grandadventures.com
URL: https://www.grandadventures.com/snowmobiling/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

195.179.238.248 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

6ce3d98d10c077097c15143ebbe711a965452e2827b6b5e310d042999a397022

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.grandadventures.com/snowmobiling/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 09:10:28 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 10 Jan 2024 16:05:36 GMT
server: LiteSpeed
etag: "e76d1-659ec050-54bbc24a887dad54;;;"
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 947921
expires: Fri, 02 Feb 2024 09:10:28 GMT

GET
H3 200 GA_4-1024x505.png
www.grandadventures.com/snowmobiling/wp-content/uploads/2024/01/ 888 KB
889 KB 150ms
149ms Image
image/png 195.179.238.248
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.grandadventures.com/snowmobiling/wp-content/uploads/2024/01/GA_4-1024x505.png

Requested by

Host: www.grandadventures.com
URL: https://www.grandadventures.com/snowmobiling/

Protocol

Security

QUIC, , AES_128_GCM

Server

195.179.238.248 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

9b32d222e88fe98df453b683782b54c514387cfae9b20ffae807c84b4c51e749

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.grandadventures.com/snowmobiling/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 09:10:28 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 10 Jan 2024 21:42:33 GMT
server: LiteSpeed
etag: "ddfc9-659f0f49-56ffc86983d638eb;;;"
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 909257
expires: Fri, 02 Feb 2024 09:10:28 GMT

GET
H3 200 style.css
www.grandadventures.com/snowmobiling/wp-content/plugins/scroll-to-top-button/assets/css/ 842 B
380 B 149ms
149ms Stylesheet
text/css 195.179.238.248
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://www.grandadventures.com/snowmobiling/wp-content/plugins/scroll-to-top-button/assets/css/style.css?ver=6.4.2

Requested by

Host: www.grandadventures.com
URL: https://www.grandadventures.com/snowmobiling/

Protocol

Security

QUIC, , AES_128_GCM

Server

195.179.238.248 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

10e40d021b750ab87e5b44c60c2e294e423f98ca92864512b2c63f6173da9def

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.grandadventures.com/snowmobiling/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 09:10:28 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 06 Jan 2024 10:14:14 GMT
server: LiteSpeed
etag: "34a-659927f6-acc4e9b3f253731c;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 292
expires: Fri, 02 Feb 2024 09:10:28 GMT

GET
H3 200 hustle-icons.min.css
www.grandadventures.com/snowmobiling/wp-content/plugins/wordpress-popup/assets/hustle-ui/css/ 2 KB
713 B 155ms
155ms Stylesheet
text/css 195.179.238.248
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://www.grandadventures.com/snowmobiling/wp-content/plugins/wordpress-popup/assets/hustle-ui/css/hustle-icons.min.css?ver=4.8.2

Requested by

Host: www.grandadventures.com
URL: https://www.grandadventures.com/snowmobiling/

Protocol

Security

QUIC, , AES_128_GCM

Server

195.179.238.248 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

48c6c4c07ab49a4b051f8fe4f4258e5af8af1d84565f744a9395c0400ec3bd99

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.grandadventures.com/snowmobiling/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 09:10:29 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 06 Jan 2024 10:14:14 GMT
server: LiteSpeed
etag: "9a6-659927f6-97c7e26ef2e6d90;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 615
expires: Fri, 02 Feb 2024 09:10:29 GMT

GET
H3 200 hustle-global.min.css
www.grandadventures.com/snowmobiling/wp-content/plugins/wordpress-popup/assets/hustle-ui/css/ 43 KB
3 KB 150ms
149ms Stylesheet
text/css 195.179.238.248
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://www.grandadventures.com/snowmobiling/wp-content/plugins/wordpress-popup/assets/hustle-ui/css/hustle-global.min.css?ver=4.8.2

Requested by

Host: www.grandadventures.com
URL: https://www.grandadventures.com/snowmobiling/

Protocol

Security

QUIC, , AES_128_GCM

Server

195.179.238.248 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

b07603e7f36dec6eb6a7e3fd36f42521ebfbf9160b24aed9c6cd4473e7857466

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.grandadventures.com/snowmobiling/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 09:10:29 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 06 Jan 2024 10:14:14 GMT
server: LiteSpeed
etag: "ad10-659927f6-c904b096e927de98;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 3040
expires: Fri, 02 Feb 2024 09:10:29 GMT

GET
H3 200 hustle-info.min.css
www.grandadventures.com/snowmobiling/wp-content/plugins/wordpress-popup/assets/hustle-ui/css/ 48 KB
3 KB 149ms
149ms Stylesheet
text/css 195.179.238.248
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://www.grandadventures.com/snowmobiling/wp-content/plugins/wordpress-popup/assets/hustle-ui/css/hustle-info.min.css?ver=4.8.2

Requested by

Host: www.grandadventures.com
URL: https://www.grandadventures.com/snowmobiling/

Protocol

Security

QUIC, , AES_128_GCM

Server

195.179.238.248 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

1fcae8361e08123b6b6ff3192c3e47084d9d9b1069ddac64411538e3f12bb6bd

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.grandadventures.com/snowmobiling/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 09:10:29 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 06 Jan 2024 10:14:14 GMT
server: LiteSpeed
etag: "c158-659927f6-40e69f67aa1242a3;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 3490
expires: Fri, 02 Feb 2024 09:10:29 GMT

GET
H3 200 hustle-popup.min.css
www.grandadventures.com/snowmobiling/wp-content/plugins/wordpress-popup/assets/hustle-ui/css/ 45 KB
3 KB 149ms
149ms Stylesheet
text/css 195.179.238.248
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://www.grandadventures.com/snowmobiling/wp-content/plugins/wordpress-popup/assets/hustle-ui/css/hustle-popup.min.css?ver=4.8.2

Requested by

Host: www.grandadventures.com
URL: https://www.grandadventures.com/snowmobiling/

Protocol

Security

QUIC, , AES_128_GCM

Server

195.179.238.248 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

ae58d8ec32c6aaa8e398c2a1ef338159df7a7fb680372d5c6703f2783f97867b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.grandadventures.com/snowmobiling/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 09:10:29 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 06 Jan 2024 10:14:14 GMT
server: LiteSpeed
etag: "b3f4-659927f6-780f972c8ace2bd5;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 3003
expires: Fri, 02 Feb 2024 09:10:29 GMT

GET
H2 200 css
fonts.bunny.net/ 7 KB
1 KB 2141ms
125ms Stylesheet
text/css 185.93.1.247
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.bunny.net/css?family=Open+Sans%3A900%2Cregular%2C700&display=swap&ver=1.0
Requested by: Host: www.grandadventures.com
URL: https://www.grandadventures.com/snowmobiling/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.93.1.247 Chicago, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 185-93-1-247.bunnyinfra.net
Software: BunnyCDN-IL1-894 /
Resource Hash: 43077b77930eda01adb7a7396b7e9ccfe8ff3b4cf2fbbadb92ff76eabeb8aa0c

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.grandadventures.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 09:10:31 GMT
content-encoding: br
cdn-edgestorageid: 940
cdn-cachedat: 01/06/2024 15:48:35
cdn-pullzone: 781720
last-modified: Sat, 06 Jan 2024 15:48:35 GMT
server: BunnyCDN-IL1-894
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 3a60ca70-b89d-4cd5-a4b5-34a3468d7e0f
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=2592000
cdn-requestid: 28d47357138ae246e58cefb941c5b7d8
cdn-requestcountrycode: CA
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3 200 index.js Show response
www.grandadventures.com/snowmobiling/wp-content/plugins/contact-form-7/includes/swv/js/ 11 KB
3 KB 150ms
149ms Script
application/x-javascript 195.179.238.248
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://www.grandadventures.com/snowmobiling/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.8.6

Requested by

Host: www.grandadventures.com
URL: https://www.grandadventures.com/snowmobiling/

Protocol

Security

QUIC, , AES_128_GCM

Server

195.179.238.248 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

9c1989ecd392a0c54fb799409154242706940a8e6d800542ba579dfda576bb9d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.grandadventures.com/snowmobiling/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 09:10:29 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Fri, 12 Jan 2024 12:14:38 GMT
server: LiteSpeed
etag: "2b6d-65a12d2e-e0837b7634f6cc04;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 3065
expires: Fri, 02 Feb 2024 09:10:29 GMT

GET
H3 200 index.js Show response
www.grandadventures.com/snowmobiling/wp-content/plugins/contact-form-7/includes/js/ 13 KB
4 KB 149ms
149ms Script
application/x-javascript 195.179.238.248
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://www.grandadventures.com/snowmobiling/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.8.6

Requested by

Host: www.grandadventures.com
URL: https://www.grandadventures.com/snowmobiling/

Protocol

Security

QUIC, , AES_128_GCM

Server

195.179.238.248 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

7ee08c60d39f5712a56938fda3e2ab10fe3ef23ec98aeb3c9a29e54f6f31ffe1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.grandadventures.com/snowmobiling/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 09:10:29 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Fri, 12 Jan 2024 12:14:38 GMT
server: LiteSpeed
etag: "337e-65a12d2e-32c50fe5496ac18e;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 3921
expires: Fri, 02 Feb 2024 09:10:29 GMT

GET
H3 200 hustle-ui.min.js Show response
www.grandadventures.com/snowmobiling/wp-content/plugins/wordpress-popup/assets/hustle-ui/js/ 106 KB
27 KB 149ms
149ms Script
application/x-javascript 195.179.238.248
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://www.grandadventures.com/snowmobiling/wp-content/plugins/wordpress-popup/assets/hustle-ui/js/hustle-ui.min.js?ver=4.8.2

Requested by

Host: www.grandadventures.com
URL: https://www.grandadventures.com/snowmobiling/

Protocol

Security

QUIC, , AES_128_GCM

Server

195.179.238.248 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

67a14a59133ef972898d5049626e0cab88ee40943b2053934833afb49284c183

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.grandadventures.com/snowmobiling/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 09:10:29 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 06 Jan 2024 10:14:14 GMT
server: LiteSpeed
etag: "1a6d1-659927f6-e91ab5d966143c84;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 27688
expires: Fri, 02 Feb 2024 09:10:29 GMT

GET
H3 200 underscore.min.js Show response
www.grandadventures.com/snowmobiling/wp-includes/js/ 18 KB
7 KB 149ms
149ms Script
application/x-javascript 195.179.238.248
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://www.grandadventures.com/snowmobiling/wp-includes/js/underscore.min.js?ver=1.13.4

Requested by

Host: www.grandadventures.com
URL: https://www.grandadventures.com/snowmobiling/

Protocol

Security

QUIC, , AES_128_GCM

Server

195.179.238.248 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

726b820e44f6ab90ad991d30a4bf26d3a5d71493cbcd1fb1efd0d14e89b9df2a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.grandadventures.com/snowmobiling/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 09:10:30 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 06 Jan 2024 10:14:16 GMT
server: LiteSpeed
etag: "4991-659927f8-3b48c912dbaa00f1;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 7150
expires: Fri, 02 Feb 2024 09:10:30 GMT

GET
H3 200 front.min.js Show response
www.grandadventures.com/snowmobiling/wp-content/plugins/wordpress-popup/assets/js/ 46 KB
14 KB 149ms
149ms Script
application/x-javascript 195.179.238.248
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://www.grandadventures.com/snowmobiling/wp-content/plugins/wordpress-popup/assets/js/front.min.js?ver=4.8.2

Requested by

Host: www.grandadventures.com
URL: https://www.grandadventures.com/snowmobiling/

Protocol

Security

QUIC, , AES_128_GCM

Server

195.179.238.248 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

9eb8d09282e625962caced51c19324f16a958430a5e486901f9b1ac9b5263e07

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.grandadventures.com/snowmobiling/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 09:10:30 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 06 Jan 2024 10:14:14 GMT
server: LiteSpeed
etag: "b8ba-659927f6-5282a788b84a52fc;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 14398
expires: Fri, 02 Feb 2024 09:10:30 GMT

GET
H3 200 scroll-to-top.js Show response
www.grandadventures.com/snowmobiling/wp-content/plugins/scroll-to-top-button/assets/js/ 882 B
352 B 149ms
149ms Script
application/x-javascript 195.179.238.248
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://www.grandadventures.com/snowmobiling/wp-content/plugins/scroll-to-top-button/assets/js/scroll-to-top.js?ver=6.4.2

Requested by

Host: www.grandadventures.com
URL: https://www.grandadventures.com/snowmobiling/

Protocol

Security

QUIC, , AES_128_GCM

Server

195.179.238.248 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

1a0ce761558dd9dbead3566ec97bc4b25674bb4f5d99514b9fe2423d268f43f4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.grandadventures.com/snowmobiling/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 09:10:30 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 06 Jan 2024 10:14:14 GMT
server: LiteSpeed
etag: "372-659927f6-4332d3c8b0f7fc8c;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 301
expires: Fri, 02 Feb 2024 09:10:30 GMT

GET
H3 200 js_composer_front.min.js Show response
www.grandadventures.com/snowmobiling/wp-content/plugins/js_composer/assets/js/dist/ 18 KB
5 KB 150ms
149ms Script
application/x-javascript 195.179.238.248
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://www.grandadventures.com/snowmobiling/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=5.1.1

Requested by

Host: www.grandadventures.com
URL: https://www.grandadventures.com/snowmobiling/

Protocol

Security

QUIC, , AES_128_GCM

Server

195.179.238.248 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

8d9a46db80c58e316c5594342e8e62bb792d4706ae90d02e4af8a03218335117

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.grandadventures.com/snowmobiling/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 09:10:31 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 06 Jan 2024 10:14:14 GMT
server: LiteSpeed
etag: "49dc-659927f6-647598b4cddd0776;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 5203
expires: Fri, 02 Feb 2024 09:10:31 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 261 KB
89 KB 163ms
162ms Script
application/javascript 142.251.16.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-VP8TMZX230&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T79BRN4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.16.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

cb8ab7b16885343bfd15891bfe5c3a2c39971120fffa223f62161847796c519a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.grandadventures.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 09:10:32 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 90807
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 26 Jan 2024 09:10:32 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
260 B 442ms
152ms Ping
text/plain 172.253.63.139
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-VP8TMZX230&gtm=45je41o0v878535844z8831036365&_p=1706260228124&_gaz=1&gcd=11l1l1l1l1&dma=0&cid=2071391441.1706260232&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1706260232&sct=1&seg=0&dl=https%3A%2F%2Fwww.grandadventures.com%2Fsnowmobiling%2F&dt=Snowmobiling%20Colorado%20%7C%20Snowmobile%20Rentals%20Colorado&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=5670
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VP8TMZX230&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.253.63.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: bi-in-f139.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.grandadventures.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 09:10:32 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.grandadventures.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
251 B 440ms
151ms Ping
text/plain 172.253.122.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-VP8TMZX230&cid=2071391441.1706260232&gtm=45je41o0v878535844z8831036365&aip=1&dma=0&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VP8TMZX230&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.253.122.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: bh-in-f155.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.grandadventures.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 09:10:32 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.grandadventures.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.ca/ads/ 42 B
408 B 443ms
155ms Image
image/gif 172.253.63.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-VP8TMZX230&cid=2071391441.1706260232&gtm=45je41o0v878535844z8831036365&aip=1&dma=0&gcd=11l1l1l1l1&z=461937449

Requested by

Host: www.grandadventures.com
URL: https://www.grandadventures.com/snowmobiling/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.63.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.grandadventures.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 09:10:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 213 KB
57 KB 703ms
151ms Script
application/x-javascript 31.13.66.19
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.grandadventures.com
URL: https://www.grandadventures.com/snowmobiling/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-iad3.fbcdn.net

Software

Resource Hash

4101e4fa9bdc7ecb354caf1649d251f838a10b437009900ecc30321fe472b154

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.grandadventures.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 26 Jan 2024 09:10:36 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57022
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0"
pragma: public
x-fb-debug: 6DBVAHCcpmteark+JRM8S7k54Av8WEu9wbOBfldCCXmiK8iAYraHMXgzM/5S6KLMP3oSLCltFIL2+e43xg8SSg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 5 KB
2 KB 15987ms
219ms Script
application/javascript 146.75.28.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: www.grandadventures.com
URL: https://www.grandadventures.com/snowmobiling/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.28.84 Ashburn, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 005fdfd3685a6dea398449f326f814f2e6de5e7133107b981a90b4e95584f72f

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.grandadventures.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 09:10:51 GMT
content-encoding: br
x-cdn: fastly
etag: "ad1325c16ccac3a8f0f92f032d33fe3c"
x-amz-server-side-encryption: AES256
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: X-CDN
vary: Accept-Encoding, Origin
cache-control: max-age=7200
alt-svc: h3=":443";ma=600
content-length: 1864

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 131 KB
50 KB 171ms
171ms Script
application/javascript 142.251.16.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-19716612-1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T79BRN4

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.16.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

48d969bc0362ace70fa141fc142f2d33ffab783223a613a190359590853e580f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.grandadventures.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 09:10:35 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 51012
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 26 Jan 2024 09:10:35 GMT

GET
H2 200 common_slide.js Show response
www.boomchatweb.com/chat/ 87 KB
20 KB 16056ms
292ms Script
application/javascript 159.203.125.130
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.boomchatweb.com/chat/common_slide.js
Requested by: Host: www.grandadventures.com
URL: https://www.grandadventures.com/snowmobiling/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 159.203.125.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 156eedda294f6aec01e7e462b570ae549c773b18c3a2975093f7535f06d5a705

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.grandadventures.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 09:10:51 GMT
content-encoding: gzip
last-modified: Mon, 20 Nov 2023 22:16:00 GMT
server: Apache/2.4.41 (Ubuntu)
etag: "15de8-60a9cd4c31949-gzip"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 19936

GET
H2 200 /
www.boomchatweb.com/ 0
0 16063ms
300ms Image
text/html 159.203.125.130
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.boomchatweb.com/?page=track_visitor&client_id=22NJv/QbIAGtYLfBH4O4JXCDiY1bXvdypX8Mk7eMk4U=
Requested by: Host: www.grandadventures.com
URL: https://www.grandadventures.com/snowmobiling/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 159.203.125.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.grandadventures.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H3 200 montserrat-latin-700-normal.woff2
www.grandadventures.com/snowmobiling/wp-content/themes/twentysixteen/fonts/montserrat/ 13 KB
13 KB 150ms
149ms Font
font/woff2 195.179.238.248
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://www.grandadventures.com/snowmobiling/wp-content/themes/twentysixteen/fonts/montserrat/montserrat-latin-700-normal.woff2?ver=25

Requested by

Host: www.grandadventures.com
URL: https://www.grandadventures.com/snowmobiling/wp-content/themes/twentysixteen/fonts/merriweather-plus-montserrat-plus-inconsolata.css?ver=20230328

Protocol

Security

QUIC, , AES_128_GCM

Server

195.179.238.248 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

f31b80562610135edd91a86ec7f243c5eeaec2ec08337e6a20c2d135d8e217da

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://www.grandadventures.com/snowmobiling/wp-content/themes/twentysixteen/fonts/merriweather-plus-montserrat-plus-inconsolata.css?ver=20230328
Origin: https://www.grandadventures.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 09:10:35 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Fri, 12 Jan 2024 12:15:10 GMT
server: LiteSpeed
etag: "3230-65a12d4e-a014fe2f4757726c;;;"
content-type: font/woff2
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 12848
expires: Fri, 02 Feb 2024 09:10:35 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
48 KB 1475ms
158ms Font
font/woff2 142.251.111.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.111.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bk-in-f94.1e100.net

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.grandadventures.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 20:57:12 GMT
x-content-type-options: nosniff
age: 130405
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Jan 2025 20:57:12 GMT

GET
H2 200 b434237098.css
use.fontawesome.com/ 1 KB
704 B 177ms
176ms Stylesheet
text/css 172.64.140.13
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/b434237098.css
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/b434237098.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.140.13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ae4bd860d882cb7bc2970827e35d9c07b40b60cab7fc77e8bb0f36e5e7e35c1

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.grandadventures.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 09:10:36 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Fri, 22 Sep 2023 01:16:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"371edef7173dc39c5eedb32bdbe07bc5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=le75FPyzzpbY9zc%2FdHTQiqW6MAVq0c4j8EVLtMbH1wERBzul%2B7sVfJ0TM8TAL%2B6E8vARGSRiKYSc51nn5FDfhH7pYAepzzjKxSVqrYQGi%2FR0M%2BSEIkXr6f9Lgaw0cOFnx4HB8qUt"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=1800
cf-ray: 84b79faa9a9c96a8-SJC
alt-svc: h3=":443"; ma=86400

GET
H2 200 widget_button.js Show response
js.peek.com/ 49 KB
11 KB 8059ms
386ms Script
application/javascript 199.232.197.208
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.peek.com/widget_button.js?ts=0-26

Requested by

Host: www.grandadventures.com
URL: https://www.grandadventures.com/snowmobiling/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.197.208 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx / Express

Resource Hash

721af38c62c4b2db1b1187e4ce7cbc31dff1eaa7a4d9a9906781d50f9e458985

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.grandadventures.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=3600; includeSubDomains
content-encoding: gzip
via: 1.1 google, 1.1 varnish
date: Fri, 26 Jan 2024 09:10:43 GMT
age: 0
x-powered-by: Express
x-cache: MISS
content-length: 11406
x-served-by: cache-yvr1525-YVR
last-modified: Wed, 20 Dec 2023 14:30:15 GMT
server: nginx
x-timer: S1706260244.670301,VS0,VE99
etag: W/"c236-18c87a26165"
vary: Accept-Encoding
access-control-allow-methods: GET, GET
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *, *
cache-control: public, max-age=0
accept-ranges: bytes
access-control-allow-headers: Content-Type, Content-Type
x-cache-hits: 0

GET
H2 200 widget_button.css
js.peek.com/ 269 KB
58 KB 7911ms
239ms Stylesheet
text/css 199.232.197.208
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.peek.com/widget_button.css?ts=0-26

Requested by

Host: www.grandadventures.com
URL: https://www.grandadventures.com/snowmobiling/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.197.208 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx / Express

Resource Hash

b62aa84965dbf9d7f7235bd4012fc653174af3cbdd45f8bc442fea63d49e6e42

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.grandadventures.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=3600; includeSubDomains
content-encoding: gzip
via: 1.1 google, 1.1 varnish
date: Fri, 26 Jan 2024 09:10:43 GMT
age: 0
x-powered-by: Express
x-cache: HIT
content-length: 58570
x-served-by: cache-yvr1525-YVR
last-modified: Wed, 06 Sep 2023 19:16:28 GMT
server: nginx
x-timer: S1706260244.670322,VS0,VE92
etag: W/"43533-18a6becaee0"
vary: Accept-Encoding
access-control-allow-methods: GET, GET
content-type: text/css; charset=UTF-8
access-control-allow-origin: *, *
cache-control: public, max-age=0
accept-ranges: bytes
access-control-allow-headers: Content-Type, Content-Type
x-cache-hits: 1

GET
H3 200 Untitled-3-1.jpg
www.grandadventures.com/snowmobiling/wp-content/uploads/2017/06/ 193 KB
193 KB 150ms
149ms Image
image/jpeg 195.179.238.248
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.grandadventures.com/snowmobiling/wp-content/uploads/2017/06/Untitled-3-1.jpg?id=210

Requested by

Host: www.grandadventures.com
URL: https://www.grandadventures.com/snowmobiling/

Protocol

Security

QUIC, , AES_128_GCM

Server

195.179.238.248 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

012d2f2392a9383ef8cdeac45b2a5561d306cc46bdce1b91be55b7178a4bab07

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.grandadventures.com/snowmobiling/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 09:10:35 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 06 Jan 2024 10:14:15 GMT
server: LiteSpeed
etag: "3035b-659927f7-b9bf112b328ac909;;;"
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 197467
expires: Fri, 02 Feb 2024 09:10:35 GMT

GET
H3 200 border.png
www.grandadventures.com/snowmobiling/wp-content/uploads/2017/06/ 51 KB
51 KB 171ms
170ms Image
image/png 195.179.238.248
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.grandadventures.com/snowmobiling/wp-content/uploads/2017/06/border.png

Requested by

Host: www.grandadventures.com
URL: https://www.grandadventures.com/snowmobiling/wp-content/themes/twentysixteen-child/style.css?ver=20231107

Protocol

Security

QUIC, , AES_128_GCM

Server

195.179.238.248 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

41b198db6af8048ed3f93dbd67ab958e1921ec42b91e2816d911d35280a8fe4d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.grandadventures.com/snowmobiling/wp-content/themes/twentysixteen-child/style.css?ver=20231107
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 09:10:35 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 06 Jan 2024 10:14:15 GMT
server: LiteSpeed
etag: "ca09-659927f7-e6c5bb00c8c10929;;;"
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 51721
expires: Fri, 02 Feb 2024 09:10:35 GMT

GET
H3 200 iceimg.png
www.grandadventures.com/snowmobiling/wp-content/uploads/2017/06/ 44 KB
44 KB 170ms
170ms Image
image/png 195.179.238.248
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.grandadventures.com/snowmobiling/wp-content/uploads/2017/06/iceimg.png

Requested by

Host: www.grandadventures.com
URL: https://www.grandadventures.com/snowmobiling/wp-content/themes/twentysixteen-child/style.css?ver=20231107

Protocol

Security

QUIC, , AES_128_GCM

Server

195.179.238.248 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

b88daf8bc464f01c0315e1e61daee6d9ba613376318a6dba55f3fd3de433cc36

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.grandadventures.com/snowmobiling/wp-content/themes/twentysixteen-child/style.css?ver=20231107
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 09:10:35 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 06 Jan 2024 10:14:15 GMT
server: LiteSpeed
etag: "ae2c-659927f7-1ddc77ceb6ccda18;;;"
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 44588
expires: Fri, 02 Feb 2024 09:10:35 GMT

GET
H3 200 grp_spacial_bg.png
www.grandadventures.com/snowmobiling/wp-content/uploads/2017/06/ 398 KB
398 KB 197ms
197ms Image
image/png 195.179.238.248
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.grandadventures.com/snowmobiling/wp-content/uploads/2017/06/grp_spacial_bg.png

Requested by

Host: www.grandadventures.com
URL: https://www.grandadventures.com/snowmobiling/wp-content/themes/twentysixteen-child/style.css?ver=20231107

Protocol

Security

QUIC, , AES_128_GCM

Server

195.179.238.248 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

3e2221caa5fa5a27c62f5c199056be3fd2174713c857bb3522267437d294903f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.grandadventures.com/snowmobiling/wp-content/themes/twentysixteen-child/style.css?ver=20231107
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 09:10:35 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 06 Jan 2024 10:14:15 GMT
server: LiteSpeed
etag: "636ab-659927f7-5f2b400ef8f4abd0;;;"
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 407211
expires: Fri, 02 Feb 2024 09:10:35 GMT

GET
H3 200 Untitled-1.jpg
www.grandadventures.com/snowmobiling/wp-content/uploads/2017/06/ 73 KB
73 KB 195ms
194ms Image
image/jpeg 195.179.238.248
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.grandadventures.com/snowmobiling/wp-content/uploads/2017/06/Untitled-1.jpg?id=52

Requested by

Host: www.grandadventures.com
URL: https://www.grandadventures.com/snowmobiling/

Protocol

Security

QUIC, , AES_128_GCM

Server

195.179.238.248 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

c1ed0ebdf71029c096e48b3bdd930df7d4848c4ddd6746c8a0105b4e98b8f72a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.grandadventures.com/snowmobiling/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 09:10:35 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 06 Jan 2024 10:14:15 GMT
server: LiteSpeed
etag: "1230c-659927f7-3641031536fe937f;;;"
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 74508
expires: Fri, 02 Feb 2024 09:10:35 GMT

GET
H3 200 footer_border.png
www.grandadventures.com/snowmobiling/wp-content/uploads/2017/06/ 103 KB
103 KB 207ms
206ms Image
image/png 195.179.238.248
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.grandadventures.com/snowmobiling/wp-content/uploads/2017/06/footer_border.png

Requested by

Host: www.grandadventures.com
URL: https://www.grandadventures.com/snowmobiling/wp-content/themes/twentysixteen-child/style.css?ver=20231107

Protocol

Security

QUIC, , AES_128_GCM

Server

195.179.238.248 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

121ff0762f01630d5dd1701f05eb42abcc77ad12d55f4768ffb4951c3ad8b85f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.grandadventures.com/snowmobiling/wp-content/themes/twentysixteen-child/style.css?ver=20231107
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 09:10:35 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 06 Jan 2024 10:14:15 GMT
server: LiteSpeed
etag: "19c7b-659927f7-800e0342fe15d4fa;;;"
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 105595
expires: Fri, 02 Feb 2024 09:10:35 GMT

GET
H3 200 snowstorm-webfont.woff2
www.grandadventures.com/snowmobiling/wp-content/themes/twentysixteen-child/fonts/ 11 KB
11 KB 217ms
217ms Font
font/woff2 195.179.238.248
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://www.grandadventures.com/snowmobiling/wp-content/themes/twentysixteen-child/fonts/snowstorm-webfont.woff2

Requested by

Host: www.grandadventures.com
URL: https://www.grandadventures.com/snowmobiling/wp-content/themes/twentysixteen-child/style.css?ver=6.4.2

Protocol

Security

QUIC, , AES_128_GCM

Server

195.179.238.248 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

9fef7459001111d8d2912849d148bb48b741628d5c69d89b377a7c03b1a682a8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://www.grandadventures.com/snowmobiling/wp-content/themes/twentysixteen-child/style.css?ver=6.4.2
Origin: https://www.grandadventures.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 09:10:35 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 06 Jan 2024 10:14:15 GMT
server: LiteSpeed
etag: "2c7c-659927f7-5a3577fc288f025;;;"
content-type: font/woff2
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 11388
expires: Fri, 02 Feb 2024 09:10:35 GMT

GET
H2 200 open-sans-latin-400-normal.woff2
fonts.bunny.net/open-sans/files/ 16 KB
17 KB 15909ms
223ms Font
font/woff2 185.93.1.247
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.bunny.net/open-sans/files/open-sans-latin-400-normal.woff2
Requested by: Host: fonts.bunny.net
URL: https://fonts.bunny.net/css?family=Open+Sans%3A900%2Cregular%2C700&display=swap&ver=1.0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.93.1.247 Chicago, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 185-93-1-247.bunnyinfra.net
Software: BunnyCDN-IL1-894 /
Resource Hash: b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681

Request headers

Referer: https://fonts.bunny.net/css?family=Open+Sans%3A900%2Cregular%2C700&display=swap&ver=1.0
Origin: https://www.grandadventures.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 09:10:51 GMT
cdn-edgestorageid: 940
cdn-storageserver: NY-267
cdn-cachedat: 10/31/2023 18:54:47
cdn-pullzone: 781720
content-length: 16740
last-modified: Thu, 06 Jul 2023 04:08:18 GMT
server: BunnyCDN-IL1-894
cdn-fileserver: 427
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: "64a63e32-4164"
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 3a60ca70-b89d-4cd5-a4b5-34a3468d7e0f
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=2592000
cdn-requestid: 356c550977f3efb14e8f1671476b37ad
accept-ranges: bytes
cdn-requestcountrycode: CA
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 open-sans-latin-700-normal.woff2
fonts.bunny.net/open-sans/files/ 16 KB
17 KB 15973ms
288ms Font
font/woff2 185.93.1.247
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.bunny.net/open-sans/files/open-sans-latin-700-normal.woff2
Requested by: Host: fonts.bunny.net
URL: https://fonts.bunny.net/css?family=Open+Sans%3A900%2Cregular%2C700&display=swap&ver=1.0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.93.1.247 Chicago, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 185-93-1-247.bunnyinfra.net
Software: BunnyCDN-IL1-894 /
Resource Hash: d1a17abb1a999842fe425e1a4ace9d90f9c18f3595c21a63d89f0611b90cfd72

Request headers

Referer: https://fonts.bunny.net/css?family=Open+Sans%3A900%2Cregular%2C700&display=swap&ver=1.0
Origin: https://www.grandadventures.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 09:10:51 GMT
cdn-edgestorageid: 1067
cdn-storageserver: NY-427
cdn-cachedat: 01/03/2024 13:04:38
cdn-pullzone: 781720
content-length: 16372
last-modified: Thu, 06 Jul 2023 04:08:19 GMT
server: BunnyCDN-IL1-894
cdn-fileserver: 353
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: "64a63e33-3ff4"
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 3a60ca70-b89d-4cd5-a4b5-34a3468d7e0f
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=2592000
cdn-requestid: a415466b969518ec10078513f3917a38
accept-ranges: bytes
cdn-requestcountrycode: CA
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
DATA 200
OK truncated
/ 14 KB
14 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1cfd32e37f8aba263101f06e8f702adfaef55a6601857cf5e2c6dd0b0388dcd6

Request headers

Referer
Origin: https://www.grandadventures.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
H3 200 montserrat-latin-400-normal.woff2
www.grandadventures.com/snowmobiling/wp-content/themes/twentysixteen/fonts/montserrat/ 12 KB
13 KB 200ms
200ms Font
font/woff2 195.179.238.248
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://www.grandadventures.com/snowmobiling/wp-content/themes/twentysixteen/fonts/montserrat/montserrat-latin-400-normal.woff2?ver=25

Requested by

Host: www.grandadventures.com
URL: https://www.grandadventures.com/snowmobiling/wp-content/themes/twentysixteen/fonts/merriweather-plus-montserrat-plus-inconsolata.css?ver=20230328

Protocol

Security

QUIC, , AES_128_GCM

Server

195.179.238.248 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

ddc148b8a0a27b1449fda6033f4a0defac9bd43210117b50d5d7ad1eda09f394

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://www.grandadventures.com/snowmobiling/wp-content/themes/twentysixteen/fonts/merriweather-plus-montserrat-plus-inconsolata.css?ver=20230328
Origin: https://www.grandadventures.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 09:10:36 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Fri, 12 Jan 2024 12:15:10 GMT
server: LiteSpeed
etag: "31a4-65a12d4e-c60f77d069570a7a;;;"
content-type: font/woff2
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 12708
expires: Fri, 02 Feb 2024 09:10:36 GMT

GET
H3 200 GA_2-1024x505.png
www.grandadventures.com/snowmobiling/wp-content/uploads/2024/01/ 1 MB
1 MB 191ms
191ms Image
image/png 195.179.238.248
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.grandadventures.com/snowmobiling/wp-content/uploads/2024/01/GA_2-1024x505.png

Requested by

Host: www.grandadventures.com
URL: https://www.grandadventures.com/snowmobiling/

Protocol

Security

QUIC, , AES_128_GCM

Server

195.179.238.248 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

feea07099f16d10f5f6103b913893508635abb25ffec9bbe9e9171737a5a44ce

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.grandadventures.com/snowmobiling/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 09:10:36 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 10 Jan 2024 16:16:57 GMT
server: LiteSpeed
etag: "103d2a-659ec2f9-2d35f0da91ec346;;;"
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 1064234
expires: Fri, 02 Feb 2024 09:10:36 GMT

GET
H3 200 GA_3-1024x505.png
www.grandadventures.com/snowmobiling/wp-content/uploads/2024/01/ 883 KB
884 KB 214ms
214ms Image
image/png 195.179.238.248
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.grandadventures.com/snowmobiling/wp-content/uploads/2024/01/GA_3-1024x505.png

Requested by

Host: www.grandadventures.com
URL: https://www.grandadventures.com/snowmobiling/

Protocol

Security

QUIC, , AES_128_GCM

Server

195.179.238.248 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

d8d96e0e065e4eacc8f2010743036f63dbb23f82c52bcaf0e916f2310304f264

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.grandadventures.com/snowmobiling/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 09:10:36 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 10 Jan 2024 16:35:46 GMT
server: LiteSpeed
etag: "dccd1-659ec762-83204f39c1fad631;;;"
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 904401
expires: Fri, 02 Feb 2024 09:10:36 GMT

GET
H3 200 wp-emoji-release.min.js Show response
www.grandadventures.com/snowmobiling/wp-includes/js/ 18 KB
5 KB 150ms
150ms Script
application/x-javascript 195.179.238.248
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://www.grandadventures.com/snowmobiling/wp-includes/js/wp-emoji-release.min.js?ver=6.4.2

Requested by

Host: www.grandadventures.com
URL: https://www.grandadventures.com/snowmobiling/

Protocol

Security

QUIC, , AES_128_GCM

Server

195.179.238.248 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.grandadventures.com/snowmobiling/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 09:10:36 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 06 Jan 2024 10:14:16 GMT
server: LiteSpeed
etag: "4904-659927f8-7f89ee0e4aca0761;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 4605
expires: Fri, 02 Feb 2024 09:10:36 GMT

GET
H2 200 index.js Show response
tomis-bot.firebaseapp.com/ 244 KB
59 KB 258ms
80ms Script
text/javascript 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://tomis-bot.firebaseapp.com/index.js

Requested by

Host: www.grandadventures.com
URL: https://www.grandadventures.com/snowmobiling/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a3705cd436da9ea5462fe8b2689b00b01b37beb65bfc73e84af713ba6368867c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.grandadventures.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-served-by: cache-bfi-krnt7300057-BFI
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
date: Fri, 26 Jan 2024 09:10:36 GMT
last-modified: Mon, 15 Jan 2024 17:08:54 GMT
x-timer: S1706260236.206126,VS0,VE1
etag: "b1b88c37ddee299b33ce10e870e43d0ec3d1b980002f3a2e546c0f59c39275e0-br"
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 60187
x-cache-hits: 1

GET
H/1.1 200
OK number-changer.js Show response
rw1.marchex.io/euinc/ 35 KB
10 KB 1464ms
154ms Script
text/javascript 174.137.122.128
MARCHEX-EAST

General

Check archive.org

Show headers Download Go to

Full URL

https://rw1.marchex.io/euinc/number-changer.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T79BRN4

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

174.137.122.128 , United States, ASN54668 (MARCHEX-EAST, US),

Reverse DNS

Software

Apache /

Resource Hash

6493ebe5a8bb3751f00d3c4e48d0c8a8c7dc46be0b79e78d8831f3a2f3f45526

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' www.google-analytics.com privacy-policy.truste.com .marchex.io; script-src 'self' 'unsafe-eval' 'unsafe-inline' www.google-analytics.com privacy-policy.truste.com .marchex.io; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src 'self' privacy-policy.truste.com; font-src 'self' fonts.gstatic.com fonts.googleapis.com; media-src 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.grandadventures.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Fri, 26 Jan 2024 09:10:37 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
Server: Apache
Content-Security-Policy: default-src 'self' www.google-analytics.com privacy-policy.truste.com *.marchex.io; script-src 'self' 'unsafe-eval' 'unsafe-inline' www.google-analytics.com privacy-policy.truste.com *.marchex.io; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src 'self' privacy-policy.truste.com; font-src 'self' fonts.gstatic.com fonts.googleapis.com; media-src 'self';
Referrer-Policy: same-origin
Vary: Accept-Encoding,User-Agent
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript
Transfer-Encoding: chunked
Permissions-Policy: accelerometer=(), autoplay=*, camera=(), cross-origin-isolated=(), display-capture=(), document-domain=*, encrypted-media=*, fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=*, payment=(), picture-in-picture=(), publickey-credentials-get=*, screen-wake-lock=(), sync-xhr=*, usb=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), hid=(), idle-detection=(), serial=(), window-placement=()
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=1, max=199

GET
H2 200 font-awesome-css.min.css
use.fontawesome.com/releases/v4.6.3/css/ 28 KB
7 KB 104ms
103ms Stylesheet
text/css 172.64.140.13
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v4.6.3/css/font-awesome-css.min.css
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/b434237098.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.140.13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 61f7de13520a14ec37ba246b4846f5850ab87ffbc0d5b366709509c1d97d83b5

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://use.fontawesome.com/b434237098.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 09:10:36 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 22 Sep 2023 01:44:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2145986
etag: W/"7937bc10f6c59ceed1ff6e6bbebfcd8d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B62pK7fWigYJ6i%2F%2FdESGvAlQnI8gIskWjQpSjF9h1mhGj3aKI3x0g84w8ZmXxOVO%2B0S16cHNeQjAFAuvAL0Cbwtchue7Thf7iQWp3aP9KJY7hXI11AfNyrbW%2FD6C%2BhjiuFNpQmZ0"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 84b79fabbb8596a8-SJC
alt-svc: h3=":443"; ma=86400

GET
H2 200 fontawesome-webfont.woff2
use.fontawesome.com/releases/v4.6.3/fonts/ 70 KB
71 KB 1327ms
117ms Font
application/octet-stream 172.64.140.13
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v4.6.3/fonts/fontawesome-webfont.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/b434237098.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.140.13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73

Request headers

Referer: https://use.fontawesome.com/b434237098.css
Origin: https://www.grandadventures.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 09:10:37 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1426924
alt-svc: h3=":443"; ma=86400
content-length: 71896
last-modified: Fri, 22 Sep 2023 01:44:05 GMT
server: cloudflare
etag: "e6cf7c6ec7c2d6f670ae9d762604cb0b"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B8rIeKuSB%2FX8egp8vObFgGxffqxtdWdrky3rOWAn3g0nPDbspQ8gyp6fjRlCNCp%2BAA4fcoxjRkFtyWNfbf8JVoMntsSDBZPHeDrSrjgmZRc3VDH39YjRhvQlSLVaRBjBzN1CrhI7"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 84b79fb4099b16a4-SJC

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 684ms
144ms Script
text/javascript 142.251.163.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-19716612-1&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.163.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f102.1e100.net

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.grandadventures.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 26 Jan 2024 09:06:35 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 241
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 26 Jan 2024 11:06:35 GMT

GET
H2 200 index.html Show response
tomis-bot.firebaseapp.com/tomis-device-id/ Frame 4C1F 475 B
293 B 81ms
79ms Document
text/html 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://tomis-bot.firebaseapp.com/tomis-device-id/index.html

Requested by

Host: tomis-bot.firebaseapp.com
URL: https://tomis-bot.firebaseapp.com/index.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

c3cf5693719d153a7068cf1a75a98971ba4273cb0e95a0137e8df5840afe1987

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://www.grandadventures.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control: max-age=3600
content-encoding: br
content-length: 161
content-type: text/html; charset=utf-8
date: Fri, 26 Jan 2024 09:10:36 GMT
etag: "16a8ad553f86f9a571438395f92f59204bbee848746993994735abb1d4a52032-br"
last-modified: Mon, 15 Jan 2024 17:08:54 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
x-cache-hits: 1
x-served-by: cache-bfi-krnt7300057-BFI
x-timer: S1706260236.449177,VS0,VE1

GET
H3 200 index.aeab2270.js Show response
tomis-bot.firebaseapp.com/bot/ Frame 4C1F 16 KB
5 KB 75ms
74ms Script
text/javascript 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://tomis-bot.firebaseapp.com/bot/index.aeab2270.js

Requested by

Host: tomis-bot.firebaseapp.com
URL: https://tomis-bot.firebaseapp.com/tomis-device-id/index.html

Protocol

Security

QUIC, , AES_256_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f700685439656a708fb600daa332669ee86aa1f665a17b7d6d3947403b66e17a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://tomis-bot.firebaseapp.com/tomis-device-id/index.html
Origin: https://tomis-bot.firebaseapp.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-served-by: cache-yvr1530-YVR
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
date: Fri, 26 Jan 2024 09:10:36 GMT
last-modified: Mon, 15 Jan 2024 17:08:54 GMT
x-timer: S1706260237.528406,VS0,VE0
etag: "ea89ba2768b22f5f969bd9d916ed08f98ad4db3026a679570fbfbebe04ffd549-br"
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 4972
x-cache-hits: 2

GET
H3 200 index.b01cceab.js Show response
tomis-bot.firebaseapp.com/tomis-device-id/ Frame 4C1F 901 B
756 B 76ms
75ms Script
text/javascript 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://tomis-bot.firebaseapp.com/tomis-device-id/index.b01cceab.js

Requested by

Host: tomis-bot.firebaseapp.com
URL: https://tomis-bot.firebaseapp.com/tomis-device-id/index.html

Protocol

Security

QUIC, , AES_256_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

86ed8bceec505be7448e97d33b3c627049cc8cb9abeb20cc6a030abf288818b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://tomis-bot.firebaseapp.com/tomis-device-id/index.html
Origin: https://tomis-bot.firebaseapp.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-served-by: cache-yvr1530-YVR
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
date: Fri, 26 Jan 2024 09:10:36 GMT
last-modified: Mon, 15 Jan 2024 17:08:54 GMT
x-timer: S1706260237.528688,VS0,VE0
etag: "7df395c05c62666d83e858abb4d50d9cbf3ca34ed053e13df409246281e0d3e9-br"
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 411
x-cache-hits: 2

GET
H3 200 index.html Show response
tomis-bot.firebaseapp.com/tomis-device-id/ Frame 9278 475 B
482 B 75ms
74ms Document
text/html 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://tomis-bot.firebaseapp.com/tomis-device-id/index.html

Requested by

Host: tomis-bot.firebaseapp.com
URL: https://tomis-bot.firebaseapp.com/index.js

Protocol

Security

QUIC, , AES_256_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

c3cf5693719d153a7068cf1a75a98971ba4273cb0e95a0137e8df5840afe1987

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://www.grandadventures.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control: max-age=3600
content-encoding: br
content-length: 161
content-type: text/html; charset=utf-8
date: Fri, 26 Jan 2024 09:10:36 GMT
etag: "16a8ad553f86f9a571438395f92f59204bbee848746993994735abb1d4a52032-br"
last-modified: Mon, 15 Jan 2024 17:08:54 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
x-cache-hits: 2
x-served-by: cache-yvr1530-YVR
x-timer: S1706260237.612998,VS0,VE0

GET
H3 200 index.aeab2270.js Show response
tomis-bot.firebaseapp.com/bot/ Frame 9278 16 KB
5 KB 75ms
74ms Script
text/javascript 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://tomis-bot.firebaseapp.com/bot/index.aeab2270.js

Requested by

Host: tomis-bot.firebaseapp.com
URL: https://tomis-bot.firebaseapp.com/tomis-device-id/index.html

Protocol

Security

QUIC, , AES_256_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f700685439656a708fb600daa332669ee86aa1f665a17b7d6d3947403b66e17a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://tomis-bot.firebaseapp.com/tomis-device-id/index.html
Origin: https://tomis-bot.firebaseapp.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-served-by: cache-yvr1530-YVR
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
date: Fri, 26 Jan 2024 09:10:36 GMT
last-modified: Mon, 15 Jan 2024 17:08:54 GMT
x-timer: S1706260237.691538,VS0,VE0
etag: "ea89ba2768b22f5f969bd9d916ed08f98ad4db3026a679570fbfbebe04ffd549-br"
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 4972
x-cache-hits: 3

GET
H3 200 index.b01cceab.js Show response
tomis-bot.firebaseapp.com/tomis-device-id/ Frame 9278 901 B
756 B 76ms
75ms Script
text/javascript 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://tomis-bot.firebaseapp.com/tomis-device-id/index.b01cceab.js

Requested by

Host: tomis-bot.firebaseapp.com
URL: https://tomis-bot.firebaseapp.com/tomis-device-id/index.html

Protocol

Security

QUIC, , AES_256_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

86ed8bceec505be7448e97d33b3c627049cc8cb9abeb20cc6a030abf288818b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://tomis-bot.firebaseapp.com/tomis-device-id/index.html
Origin: https://tomis-bot.firebaseapp.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-served-by: cache-yvr1530-YVR
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
date: Fri, 26 Jan 2024 09:10:36 GMT
last-modified: Mon, 15 Jan 2024 17:08:54 GMT
x-timer: S1706260237.691754,VS0,VE0
etag: "7df395c05c62666d83e858abb4d50d9cbf3ca34ed053e13df409246281e0d3e9-br"
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 411
x-cache-hits: 3

GET
H3 200 index.html Show response
tomis-bot.firebaseapp.com/bot/ Frame 41DA 658 B
520 B 127ms
127ms Document
text/html 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://tomis-bot.firebaseapp.com/bot/index.html?site=grand-adventures&initialParentWidth=1600&initialParentHeight=1200

Requested by

Host: tomis-bot.firebaseapp.com
URL: https://tomis-bot.firebaseapp.com/index.js

Protocol

Security

QUIC, , AES_256_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

eb0cfee1d3a68d642b335a5a277be1f9be134e353901f3f0738bc5bf44f4e201

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://www.grandadventures.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control: max-age=3600
content-encoding: br
content-length: 197
content-type: text/html; charset=utf-8
date: Fri, 26 Jan 2024 09:10:36 GMT
etag: "51b0a6fb93baca5507bd69ccac61c851d7f96aba9ae1dabd38f8f63297074971-br"
last-modified: Mon, 15 Jan 2024 17:08:54 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: x-fh-requested-host, accept-encoding
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-yvr1530-YVR
x-timer: S1706260237.772826,VS0,VE52

GET
H2 200 577883952702602 Show response
connect.facebook.net/signals/config/ 62 KB
13 KB 215ms
214ms Script
application/x-javascript 31.13.66.19
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/577883952702602?v=2.9.142&r=stable&domain=www.grandadventures.com&hme=e82209ddce2f5ef9f00773b102465283e977acad712d554991b839c35823b905&ex_m=62%2C103%2C91%2C95%2C53%2C3%2C87%2C61%2C14%2C85%2C78%2C44%2C46%2C145%2C148%2C159%2C155%2C156%2C158%2C25%2C88%2C45%2C68%2C157%2C140%2C143%2C152%2C153%2C160%2C112%2C13%2C43%2C164%2C163%2C114%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C82%2C15%2C12%2C84%2C81%2C80%2C92%2C94%2C31%2C93%2C26%2C22%2C141%2C144%2C121%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C89%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C17%2C4%2C73%2C79%2C72%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C83%2C75%2C2%2C30%2C55%2C34%2C90%2C38%2C70%2C60%2C40%2C39%2C96%2C52%2C51%2C27%2C86%2C50%2C47%2C42%2C69%2C64%2C97

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-iad3.fbcdn.net

Software

Resource Hash

0ef39cc11d5d5f0ae8cca04a9a435acbb62cb99e87922f137a2d336241382a8d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.grandadventures.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 26 Jan 2024 09:10:36 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0"
pragma: public
x-fb-debug: UsWsqL0b2mH+Vx948+QT0G+A/O12MMm6Ytkd4RrWtSz4U499f4CfgB9Bw2AAHCaaOqT6kbCE18pWlYq11oOZRA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 index.aeab2270.js Show response
tomis-bot.firebaseapp.com/bot/ Frame 41DA 16 KB
5 KB 75ms
74ms Script
text/javascript 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://tomis-bot.firebaseapp.com/bot/index.aeab2270.js

Requested by

Host: tomis-bot.firebaseapp.com
URL: https://tomis-bot.firebaseapp.com/bot/index.html?site=grand-adventures&initialParentWidth=1600&initialParentHeight=1200

Protocol

Security

QUIC, , AES_256_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f700685439656a708fb600daa332669ee86aa1f665a17b7d6d3947403b66e17a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://tomis-bot.firebaseapp.com/bot/index.html?site=grand-adventures&initialParentWidth=1600&initialParentHeight=1200
Origin: https://tomis-bot.firebaseapp.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-served-by: cache-yvr1530-YVR
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
date: Fri, 26 Jan 2024 09:10:36 GMT
last-modified: Mon, 15 Jan 2024 17:08:54 GMT
x-timer: S1706260237.904150,VS0,VE0
etag: "ea89ba2768b22f5f969bd9d916ed08f98ad4db3026a679570fbfbebe04ffd549-br"
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 4972
x-cache-hits: 4

GET
H3 200 index.runtime.99f25071.js Show response
tomis-bot.firebaseapp.com/bot/ Frame 41DA 1 KB
945 B 77ms
76ms Script
text/javascript 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://tomis-bot.firebaseapp.com/bot/index.runtime.99f25071.js

Requested by

Host: tomis-bot.firebaseapp.com
URL: https://tomis-bot.firebaseapp.com/bot/index.html?site=grand-adventures&initialParentWidth=1600&initialParentHeight=1200

Protocol

Security

QUIC, , AES_256_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4c95b842b9e5f3ad220ea5b38582d3abcfda388e6930f8dd3f227d4aa4826ac7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://tomis-bot.firebaseapp.com/bot/index.html?site=grand-adventures&initialParentWidth=1600&initialParentHeight=1200
Origin: https://tomis-bot.firebaseapp.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-served-by: cache-yvr1530-YVR
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
date: Fri, 26 Jan 2024 09:10:36 GMT
last-modified: Mon, 15 Jan 2024 17:08:54 GMT
x-timer: S1706260237.904564,VS0,VE1
etag: "ba209f90731354b044b5aac298dbcf9936bd1e6bca57f9e59a02b9a55c264fa8-br"
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 601
x-cache-hits: 1

GET
H3 200 index.97946fcc.css
tomis-bot.firebaseapp.com/bot/ Frame 41DA 60 KB
26 KB 76ms
75ms Stylesheet
text/css 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://tomis-bot.firebaseapp.com/bot/index.97946fcc.css

Requested by

Host: tomis-bot.firebaseapp.com
URL: https://tomis-bot.firebaseapp.com/bot/index.html?site=grand-adventures&initialParentWidth=1600&initialParentHeight=1200

Protocol

Security

QUIC, , AES_256_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

738442ee2431f0669fa6c3c4e71a85d869689fa271203d2a9327cf81dfd72f29

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tomis-bot.firebaseapp.com/bot/index.html?site=grand-adventures&initialParentWidth=1600&initialParentHeight=1200
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-served-by: cache-yvr1530-YVR
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
date: Fri, 26 Jan 2024 09:10:36 GMT
last-modified: Mon, 15 Jan 2024 17:08:54 GMT
x-timer: S1706260237.904884,VS0,VE0
etag: "cad20391ec6a0855d4f3e23bc4d8570b35c6e2111bdce09da526395aca223601-br"
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/css; charset=utf-8
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 26034
x-cache-hits: 663

GET
H3 200 index.b8d5d617.js Show response
tomis-bot.firebaseapp.com/bot/ Frame 41DA 2 MB
458 KB 77ms
76ms Script
text/javascript 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://tomis-bot.firebaseapp.com/bot/index.b8d5d617.js

Requested by

Host: tomis-bot.firebaseapp.com
URL: https://tomis-bot.firebaseapp.com/bot/index.html?site=grand-adventures&initialParentWidth=1600&initialParentHeight=1200

Protocol

Security

QUIC, , AES_256_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

80a7ed1fb6d79bf82ba6868df9da5a02d875644cfa8a7fdc04b9628f40187566

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://tomis-bot.firebaseapp.com/bot/index.html?site=grand-adventures&initialParentWidth=1600&initialParentHeight=1200
Origin: https://tomis-bot.firebaseapp.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-served-by: cache-yvr1530-YVR
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
date: Fri, 26 Jan 2024 09:10:36 GMT
last-modified: Mon, 15 Jan 2024 17:08:54 GMT
x-timer: S1706260237.904888,VS0,VE1
etag: "b29023af64bc06444667919c4725ef38a60240702cb081ee90586a5453fda0b3-br"
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 469038
x-cache-hits: 1

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
213 B 151ms
150ms XHR
text/plain 142.251.163.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=803926470&t=pageview&_s=1&dl=https%3A%2F%2Fwww.grandadventures.com%2Fsnowmobiling%2F&ul=en-us&de=UTF-8&dt=Snowmobiling%20Colorado%20%7C%20Snowmobile%20Rentals%20Colorado&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=252910811&gjid=211943257&cid=2071391441.1706260232&tid=UA-19716612-1&_gid=1128339141.1706260237&_r=1&gtm=457e41o0&gcd=11l1l1l1l1&dma=0&jsscut=1&z=1997586017

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.163.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f102.1e100.net

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.grandadventures.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 09:10:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.grandadventures.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 1482ms
150ms Image
text/plain 31.13.66.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=577883952702602&ev=PageView&dl=https%3A%2F%2Fwww.grandadventures.com%2Fsnowmobiling%2F&rl=&if=false&ts=1706260237030&sw=1600&sh=1200&v=2.9.142&r=stable&ec=0&o=4126&fbp=fb.1.1706260237024.387470053&cs_est=true&ler=empty&it=1706260236781&coo=false&exp=d3&rqm=GET

Requested by

Host: www.grandadventures.com
URL: https://www.grandadventures.com/snowmobiling/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.66.35 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-iad3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.grandadventures.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 26 Jan 2024 09:10:38 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
148 B 152ms
150ms XHR
text/plain 172.253.122.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-19716612-1&cid=2071391441.1706260232&jid=252910811&gjid=211943257&_gid=1128339141.1706260237&_u=YADAAUAAAAAAACAAI~&z=694565205

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.122.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f155.1e100.net

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.grandadventures.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 26 Jan 2024 09:10:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.grandadventures.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 initialize.8dc24352.js Show response
tomis-bot.firebaseapp.com/ Frame 41DA 1 KB
1009 B 77ms
76ms Script
text/javascript 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://tomis-bot.firebaseapp.com/initialize.8dc24352.js

Requested by

Host: tomis-bot.firebaseapp.com
URL: https://tomis-bot.firebaseapp.com/bot/index.b8d5d617.js

Protocol

Security

QUIC, , AES_256_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

883d8523c4786879e165e598162094a30eeb80ca9146a800dc375cbb9f6e9f5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://tomis-bot.firebaseapp.com/bot/index.b8d5d617.js
Origin: https://tomis-bot.firebaseapp.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-served-by: cache-yvr1530-YVR
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
date: Fri, 26 Jan 2024 09:10:37 GMT
last-modified: Mon, 15 Jan 2024 17:08:54 GMT
x-timer: S1706260237.281702,VS0,VE2
etag: "c6b996c28ff02a19d30fe94bdc57b9311bfd7a397f1fb2049344c3c81f5bcde8-br"
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 663
x-cache-hits: 1

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 41DA 233 KB
80 KB 171ms
170ms Script
application/javascript 142.251.16.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-YT7KJT8ZQC

Requested by

Host: tomis-bot.firebaseapp.com
URL: https://tomis-bot.firebaseapp.com/initialize.8dc24352.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.16.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

ff09de6e3ab7dae667d4db1ded49654d2693ae214845ea453a985d896e0a42f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tomis-bot.firebaseapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 09:10:37 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 82351
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 26 Jan 2024 09:10:37 GMT

POST
H2 200 initialize Show response
cloud.tomis.tech/api/webClient/ Frame 41DA 3 KB
2 KB 659ms
658ms Fetch
application/json 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cloud.tomis.tech/api/webClient/initialize

Requested by

Host: tomis-bot.firebaseapp.com
URL: https://tomis-bot.firebaseapp.com/bot/index.b8d5d617.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

fad87ffec66ade8ed160b3d16c662858edee109292993e36e54e8acc02645af3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

accept: application/json
Referer: https://tomis-bot.firebaseapp.com/
x-site-slug: grand-adventures
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: application/json

Response headers

strict-transport-security: max-age=31556926
content-encoding: gzip
date: Fri, 26 Jan 2024 09:10:39 GMT
x-cache: MISS
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-served-by: cache-bfi-kbfi7400051-BFI
server: Google Frontend
x-timer: S1706260239.705443,VS0,VE578
etag: W/"b6d-cZq3bWAZedQuM8aq1bTgbqW6ymg"
vary: cookie,need-authorization, x-fh-requested-host, accept-encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://tomis-bot.firebaseapp.com
x-cloud-trace-context: 6892ccf79a2f13ca85b18ac0f94be840
cache-control: private
access-control-allow-credentials: true
function-execution-id: at7coed7jk7v
accept-ranges: bytes
x-orig-accept-language: en-CA,en;q=0.9
x-country-code: CA
x-cache-hits: 0

OPTIONS
H2 204 initialize
cloud.tomis.tech/api/webClient/ Frame 0
0 1322ms
151ms Preflight
text/html 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cloud.tomis.tech/api/webClient/initialize

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-site-slug
Access-Control-Request-Method: POST
Origin: https://tomis-bot.firebaseapp.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: Authorization, X-TWILIO-SIGNATURE, Content-Type, x-api-key, x-site-slug, x-firebase-token
access-control-allow-methods: POST, OPTIONS, PUT, GET, DELETE
access-control-allow-origin: https://tomis-bot.firebaseapp.com
access-control-max-age: 3600
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control: private
content-type: text/html
date: Fri, 26 Jan 2024 09:10:38 GMT
function-execution-id: at7cnxj48q6y
server: Google Frontend
strict-transport-security: max-age=31556926
vary: cookie,need-authorization, x-fh-requested-host, accept-encoding
x-cache: MISS
x-cache-hits: 0
x-cloud-trace-context: 3863295c7888d21de6e01f9a43c9f1c8;o=1
x-country-code: CA
x-served-by: cache-bfi-kbfi7400051-BFI
x-timer: S1706260239.552989,VS0,VE73

POST
H2 204 collect
analytics.google.com/g/ 0
54 B 152ms
151ms Ping
text/plain 172.253.63.139
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-VP8TMZX230&gtm=45je41o0v878535844&_p=1706260228124&gcd=11l1l1l1l1&dma=0&cid=2071391441.1706260232&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1706260232&sct=1&seg=0&dl=https%3A%2F%2Fwww.grandadventures.com%2Fsnowmobiling%2F&dt=Snowmobiling%20Colorado%20%7C%20Snowmobile%20Rentals%20Colorado&en=scroll&epn.percent_scrolled=90&_et=8&tfd=10679
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VP8TMZX230&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.253.63.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: bi-in-f139.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.grandadventures.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 09:10:37 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.grandadventures.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK getnumdata.js Show response
rw1.marchex.io/euinc/ 249 B
1 KB 145ms
144ms Script
text/javascript 174.137.122.128
MARCHEX-EAST

General

Check archive.org

Show headers Download Go to

Full URL

https://rw1.marchex.io/euinc/getnumdata.js?var=_vsrkpd.d;acc=fwABAV6_xb0dYgAw;cky=rkpd_fwABAV6_xb0dYgAw;ign=1;url=https%3A%2F%2Fwww.grandadventures.com%2Fsnowmobiling%2F;

Requested by

Host: rw1.marchex.io
URL: https://rw1.marchex.io/euinc/number-changer.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

174.137.122.128 , United States, ASN54668 (MARCHEX-EAST, US),

Reverse DNS

Software

Apache /

Resource Hash

315ae3dfa0f0cab137f2eec86a2c740ff43e4047f5380a026e687ee41c281fea

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' www.google-analytics.com privacy-policy.truste.com .marchex.io; script-src 'self' 'unsafe-eval' 'unsafe-inline' www.google-analytics.com privacy-policy.truste.com .marchex.io; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src 'self' privacy-policy.truste.com; font-src 'self' fonts.gstatic.com fonts.googleapis.com; media-src 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.grandadventures.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Fri, 26 Jan 2024 09:10:37 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: default-src 'self' www.google-analytics.com privacy-policy.truste.com *.marchex.io; script-src 'self' 'unsafe-eval' 'unsafe-inline' www.google-analytics.com privacy-policy.truste.com *.marchex.io; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src 'self' privacy-policy.truste.com; font-src 'self' fonts.gstatic.com fonts.googleapis.com; media-src 'self';
Transfer-Encoding: chunked
P3P: CP="NOI COR NID TAI OUR BUS STA"
Connection: Keep-Alive
Referrer-Policy: same-origin
Server: Apache
Vary: Accept-Encoding,User-Agent
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript
Permissions-Policy: accelerometer=(), autoplay=*, camera=(), cross-origin-isolated=(), display-capture=(), document-domain=*, encrypted-media=*, fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=*, payment=(), picture-in-picture=(), publickey-credentials-get=*, screen-wake-lock=(), sync-xhr=*, usb=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), hid=(), idle-detection=(), serial=(), window-placement=()
Accept-Ranges: bytes
Keep-Alive: timeout=1, max=199

GET
H2 200 ktag.js Show response
resources.xg4ken.com/js/v2/ 9 KB
4 KB 795ms
143ms Script
application/javascript 52.0.243.115
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://resources.xg4ken.com/js/v2/ktag.js?tid=KT-N292A-40F

Requested by

Host: www.grandadventures.com
URL: https://www.grandadventures.com/snowmobiling/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.0.243.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-0-243-115.compute-1.amazonaws.com

Software

nginx /

Resource Hash

c34c2d2268ab45d0767257f1b78129246fa17e6051d59f33cbb882228b580df3

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.grandadventures.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 09:10:38 GMT
content-encoding: gzip
last-modified: Wed, 01 Nov 2023 09:09:46 GMT
server: nginx
etag: "654215da-dd8"
content-type: application/javascript
cache-control: max-age=86400, public
content-length: 3544
x-xss-protection: 1; mode=block
expires: Sat, 27 Jan 2024 09:10:38 GMT

POST
H2 200 verifyCustomToken Show response
www.googleapis.com/identitytoolkit/v3/relyingparty/ Frame 41DA 1 KB
1 KB 331ms
330ms XHR
application/json 142.250.31.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleapis.com/identitytoolkit/v3/relyingparty/verifyCustomToken?key=AIzaSyD_Gfc_7uxkBQCYz7KRAVnUW5-K2gONcEk

Requested by

Host: tomis-bot.firebaseapp.com
URL: https://tomis-bot.firebaseapp.com/bot/index.b8d5d617.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.31.95 Oxford, United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f95.1e100.net

Software

ESF /

Resource Hash

5571cb12d8e0e26748e8fd4785292fb6d84e892cf00f87063ad9752d09e3750f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://tomis-bot.firebaseapp.com/
X-Client-Version: Chrome/JsCore/8.10.1/FirebaseCore-web
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 09:10:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://tomis-bot.firebaseapp.com
access-control-expose-headers: date,vary,vary,vary,content-encoding,server,content-length
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1107
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 verifyCustomToken
www.googleapis.com/identitytoolkit/v3/relyingparty/ Frame 0
0 446ms
154ms Preflight
text/html 142.250.31.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleapis.com/identitytoolkit/v3/relyingparty/verifyCustomToken?key=AIzaSyD_Gfc_7uxkBQCYz7KRAVnUW5-K2gONcEk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.31.95 Oxford, United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f95.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-client-version
Access-Control-Request-Method: POST
Origin: https://tomis-bot.firebaseapp.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-headers: content-type,x-client-version
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://tomis-bot.firebaseapp.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Fri, 26 Jan 2024 09:10:39 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 getAccountInfo Show response
www.googleapis.com/identitytoolkit/v3/relyingparty/ Frame 41DA 326 B
253 B 187ms
187ms XHR
application/json 142.250.31.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleapis.com/identitytoolkit/v3/relyingparty/getAccountInfo?key=AIzaSyD_Gfc_7uxkBQCYz7KRAVnUW5-K2gONcEk

Requested by

Host: tomis-bot.firebaseapp.com
URL: https://tomis-bot.firebaseapp.com/bot/index.b8d5d617.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.31.95 Oxford, United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f95.1e100.net

Software

ESF /

Resource Hash

78213e503e747eab06b46ab47dd49182d9171990496c4bb2f3233c0ccee6a5e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://tomis-bot.firebaseapp.com/
X-Client-Version: Chrome/JsCore/8.10.1/FirebaseCore-web
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 09:10:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://tomis-bot.firebaseapp.com
access-control-expose-headers: date,vary,vary,vary,content-encoding,server,content-length
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 228
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

OPTIONS
H3 200 getAccountInfo
www.googleapis.com/identitytoolkit/v3/relyingparty/ Frame 0
0 170ms
170ms Preflight
text/html 142.250.31.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleapis.com/identitytoolkit/v3/relyingparty/getAccountInfo?key=AIzaSyD_Gfc_7uxkBQCYz7KRAVnUW5-K2gONcEk

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.31.95 Oxford, United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f95.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-client-version
Access-Control-Request-Method: POST
Origin: https://tomis-bot.firebaseapp.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-headers: content-type,x-client-version
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://tomis-bot.firebaseapp.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Fri, 26 Jan 2024 09:10:40 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H3 200 bot_icons%2Fgrand-adventures.png Show response
firebasestorage.googleapis.com/v0/b/tomis-bot.appspot.com/o/ Frame 41DA 571 B
590 B 218ms
218ms XHR
application/json 142.250.31.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebasestorage.googleapis.com/v0/b/tomis-bot.appspot.com/o/bot_icons%2Fgrand-adventures.png

Requested by

Host: tomis-bot.firebaseapp.com
URL: https://tomis-bot.firebaseapp.com/bot/index.b8d5d617.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.31.95 Oxford, United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f95.1e100.net

Software

UploadServer /

Resource Hash

63a090c8b7579a362c3ade7401721e1432f2f5bd7612d3ef9aab1277faa8f093

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://tomis-bot.firebaseapp.com/
X-Firebase-Storage-Version: webjs/8.10.1
accept-language: en-CA,en;q=0.9
Authorization: Firebase eyJhbGciOiJSUzI1NiIsImtpZCI6IjViNjAyZTBjYTFmNDdhOGViZmQxMTYwNGQ5Y2JmMDZmNGQ0NWY4MmIiLCJ0eXAiOiJKV1QifQ.eyJzaXRlIjoiZ3JhbmQtYWR2ZW50dXJlcyIsImNvbnZlcnNhdGlvbklkIjoiNTllNDJlZDctODkzOC00MGQ2LWI3ZTktMjAyNDQzYWI5MTNhIiwid2ViU2Vzc2lvbklkIjoiNDhiY2ViOGYtY2RjMC00OTkwLWJlYzQtMDZhNmQzZmQzM2I4IiwiaXNzIjoiaHR0cHM6Ly9zZWN1cmV0b2tlbi5nb29nbGUuY29tL3RvbWlzLWJvdCIsImF1ZCI6InRvbWlzLWJvdCIsImF1dGhfdGltZSI6MTcwNjI2MDI0MCwidXNlcl9pZCI6IjU1OWMwNmM1LWExMjAtNGUzYi05NmY4LTdkNTJkN2M0ZTRkNCIsInN1YiI6IjU1OWMwNmM1LWExMjAtNGUzYi05NmY4LTdkNTJkN2M0ZTRkNCIsImlhdCI6MTcwNjI2MDI0MCwiZXhwIjoxNzA2MjYzODQwLCJmaXJlYmFzZSI6eyJpZGVudGl0aWVzIjp7fSwic2lnbl9pbl9wcm92aWRlciI6ImN1c3RvbSJ9fQ.JyC7ANGQNIzuNNsrHmEPAK9nNOJQqUt8DASMupDGblgYReGYHtT8Z_jPUAX_ENFqI4z1pHHvkCJhjKmJ_F_yhuiyTIJ23TlEoYeVTFjNQBLtYLd_f61CykvrRYSK4LZkMYL5yq-UiNVurEKbnZv31mV8krYQJuENk1WdT2EBjpHT1nh7GLUECs5mw0dyf6OfWFheYzQD1Ymw85CR3cSAKM7MbockWavfgI6lmsA28GQ2QDjp9URxc80b7KLLFDJorzLHxMhHrizT3A7e9tRvlT6MJbW9B-KWblivcVm6-eZfFULP5w6MGvaaEL3NNt8amfBK06KerUYvO1HZG4fDVw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 09:10:40 GMT
x-content-type-options: nosniff
server: UploadServer
x-guploader-uploadid: ABPtcPqthMt9RERveC5PI-HwgIKjRk7QWobTBn8bfpTDLB0EXwUrNKtjjsuvAgLmje6MoH4JFdlLgsVjew
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: Cache-Control, Content-Length, Content-Range, Date, Expires, Server, Transfer-Encoding, X-Firebase-Storage-XSRF, X-GUploader-UploadID, X-Google-Trace
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 571
expires: Fri, 26 Jan 2024 09:10:40 GMT

OPTIONS
H2 200 bot_icons%2Fgrand-adventures.png
firebasestorage.googleapis.com/v0/b/tomis-bot.appspot.com/o/ Frame 0
0 206ms
201ms Preflight
text/html 142.250.31.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://firebasestorage.googleapis.com/v0/b/tomis-bot.appspot.com/o/bot_icons%2Fgrand-adventures.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.31.95 Oxford, United States, ASN15169 (GOOGLE, US),
Reverse DNS: bj-in-f95.1e100.net
Software: UploadServer /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,x-firebase-storage-version
Access-Control-Request-Method: GET
Origin: https://tomis-bot.firebaseapp.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-headers: Authorization, Content-Type, Range, X-Firebase-Storage-Version, X-Firebase-Storage-XSRF, X-Firebase-AppCheck, X-Firebase-GMPID, X-Goog-AuthUser, X-Goog-Upload-Command, X-Goog-Upload-Header-Content-Length, X-Goog-Upload-Header-Content-Type, X-Goog-Upload-Protocol
access-control-allow-methods: POST, GET, HEAD, DELETE, PATCH
access-control-allow-origin: *
access-control-expose-headers: Content-Range, X-Firebase-Storage-XSRF
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 26 Jan 2024 09:10:40 GMT
expires: Fri, 26 Jan 2024 09:10:40 GMT
server: UploadServer
x-guploader-uploadid: ABPtcPotlZJljG0TN-s04xbdvCD8X9OEpH7_AeBgyg46IKgKOSWvPdMFeSSl6-SN_1TpEyyjFwpVoEiqBQ

POST
H2 200 channel Show response
firestore.googleapis.com/google.firestore.v1.Firestore/Listen/ Frame 41DA 54 B
370 B 190ms
188ms XHR
text/plain 172.253.122.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firestore.googleapis.com/google.firestore.v1.Firestore/Listen/channel?database=projects%2Ftomis-bot%2Fdatabases%2F(default)&VER=8&RID=37275&CVER=22&X-HTTP-Session-Id=gsessionid&%24httpHeaders=X-Goog-Api-Client%3Agl-js%2F%20fire%2F8.10.1%0D%0AContent-Type%3Atext%2Fplain%0D%0AX-Firebase-GMPID%3A1%3A620481618393%3Aweb%3Aa168024425db8ced0979c8%0D%0AAuthorization%3ABearer%20eyJhbGciOiJSUzI1NiIsImtpZCI6IjViNjAyZTBjYTFmNDdhOGViZmQxMTYwNGQ5Y2JmMDZmNGQ0NWY4MmIiLCJ0eXAiOiJKV1QifQ.eyJzaXRlIjoiZ3JhbmQtYWR2ZW50dXJlcyIsImNvbnZlcnNhdGlvbklkIjoiNTllNDJlZDctODkzOC00MGQ2LWI3ZTktMjAyNDQzYWI5MTNhIiwid2ViU2Vzc2lvbklkIjoiNDhiY2ViOGYtY2RjMC00OTkwLWJlYzQtMDZhNmQzZmQzM2I4IiwiaXNzIjoiaHR0cHM6Ly9zZWN1cmV0b2tlbi5nb29nbGUuY29tL3RvbWlzLWJvdCIsImF1ZCI6InRvbWlzLWJvdCIsImF1dGhfdGltZSI6MTcwNjI2MDI0MCwidXNlcl9pZCI6IjU1OWMwNmM1LWExMjAtNGUzYi05NmY4LTdkNTJkN2M0ZTRkNCIsInN1YiI6IjU1OWMwNmM1LWExMjAtNGUzYi05NmY4LTdkNTJkN2M0ZTRkNCIsImlhdCI6MTcwNjI2MDI0MCwiZXhwIjoxNzA2MjYzODQwLCJmaXJlYmFzZSI6eyJpZGVudGl0aWVzIjp7fSwic2lnbl9pbl9wcm92aWRlciI6ImN1c3RvbSJ9fQ.JyC7ANGQNIzuNNsrHmEPAK9nNOJQqUt8DASMupDGblgYReGYHtT8Z_jPUAX_ENFqI4z1pHHvkCJhjKmJ_F_yhuiyTIJ23TlEoYeVTFjNQBLtYLd_f61CykvrRYSK4LZkMYL5yq-UiNVurEKbnZv31mV8krYQJuENk1WdT2EBjpHT1nh7GLUECs5mw0dyf6OfWFheYzQD1Ymw85CR3cSAKM7MbockWavfgI6lmsA28GQ2QDjp9URxc80b7KLLFDJorzLHxMhHrizT3A7e9tRvlT6MJbW9B-KWblivcVm6-eZfFULP5w6MGvaaEL3NNt8amfBK06KerUYvO1HZG4fDVw%0D%0A&zx=i1pvtcrfp0r6&t=1

Requested by

Host: tomis-bot.firebaseapp.com
URL: https://tomis-bot.firebaseapp.com/bot/index.b8d5d617.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.122.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f95.1e100.net

Software

ESF /

Resource Hash

3a207b4b005492288c4d9ff65387fa93f85b66ccbee5784019aa1fb2d3af9a79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://tomis-bot.firebaseapp.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 26 Jan 2024 09:10:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-client-wire-protocol: h2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 71
x-xss-protection: 0
server: ESF
x-frame-options: SAMEORIGIN
vary: origin
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://tomis-bot.firebaseapp.com
access-control-expose-headers: x-client-wire-protocol,x-http-session-id
cache-control: private
access-control-allow-credentials: true
x-http-session-id: 76y0-R19t0y__kGzl5nF9nlFUsOCb6lGkEBv1Dw7QGE

GET
H2 200 channel
firestore.googleapis.com/google.firestore.v1.Firestore/Listen/ Frame 41DA 49 KB
0 369ms
368ms XHR
text/plain 172.253.122.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firestore.googleapis.com/google.firestore.v1.Firestore/Listen/channel?database=projects%2Ftomis-bot%2Fdatabases%2F(default)&gsessionid=76y0-R19t0y__kGzl5nF9nlFUsOCb6lGkEBv1Dw7QGE&VER=8&RID=rpc&SID=HG1hpDw7z-gMiDO2WbBPPg&CI=0&AID=0&TYPE=xmlhttp&zx=x3l3j7m33r3q&t=1

Requested by

Host: tomis-bot.firebaseapp.com
URL: https://tomis-bot.firebaseapp.com/bot/index.b8d5d617.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.122.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f95.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tomis-bot.firebaseapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 09:10:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Referer, origin
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://tomis-bot.firebaseapp.com
cache-control: private, max-age=0
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0

POST
H3 204 collect
www.google-analytics.com/g/ Frame 41DA 0
17 B 151ms
151ms Ping
text/plain 142.251.163.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-YT7KJT8ZQC&gtm=45je41o0v874379256&_p=1706260237322&gcd=11l1l1l1l1&dma=0&cid=1483568715.1706260241&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1706260241&sct=1&seg=0&dl=https%3A%2F%2Fwww.grandadventures.com%2Fsnowmobiling%2F&dr=https%3A%2F%2Fwww.grandadventures.com%2F&dt=Snowmobiling%20Colorado%20%7C%20Snowmobile%20Rentals%20Colorado&uid=559c06c5-a120-4e3b-96f8-7d52d7c4e4d4&en=loaded&_fv=1&_nsi=1&_ss=1&_ee=1&ep.version=2.29.7&ep.site=grand-adventures&ep.conversation_id=59e42ed7-8938-40d6-b7e9-202443ab913a&ep.web_session_id=48bceb8f-cdc0-4990-bec4-06a6d3fd33b8&tfd=4367
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-YT7KJT8ZQC
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.251.163.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: wv-in-f102.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tomis-bot.firebaseapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 09:10:41 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://tomis-bot.firebaseapp.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 channel Show response
firestore.googleapis.com/google.firestore.v1.Firestore/Listen/ Frame 41DA 10 B
50 B 418ms
417ms XHR
text/plain 172.253.122.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firestore.googleapis.com/google.firestore.v1.Firestore/Listen/channel?database=projects%2Ftomis-bot%2Fdatabases%2F(default)&VER=8&gsessionid=76y0-R19t0y__kGzl5nF9nlFUsOCb6lGkEBv1Dw7QGE&SID=HG1hpDw7z-gMiDO2WbBPPg&RID=37276&AID=4&zx=mfjp7sw5zib1&t=1

Requested by

Host: tomis-bot.firebaseapp.com
URL: https://tomis-bot.firebaseapp.com/bot/index.b8d5d617.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.122.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f95.1e100.net

Software

ESF /

Resource Hash

06a403fa19b0e23e9e2ef3f493a6a55f68607c5566298f3e0ed7a08dbf11ad82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://tomis-bot.firebaseapp.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 26 Jan 2024 09:10:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
vary: origin
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://tomis-bot.firebaseapp.com
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30
x-xss-protection: 0

POST
H3 200 channel Show response
firestore.googleapis.com/google.firestore.v1.Firestore/Write/ Frame 41DA 54 B
95 B 175ms
174ms XHR
text/plain 172.253.122.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firestore.googleapis.com/google.firestore.v1.Firestore/Write/channel?database=projects%2Ftomis-bot%2Fdatabases%2F(default)&VER=8&RID=78453&CVER=22&X-HTTP-Session-Id=gsessionid&%24httpHeaders=X-Goog-Api-Client%3Agl-js%2F%20fire%2F8.10.1%0D%0AContent-Type%3Atext%2Fplain%0D%0AX-Firebase-GMPID%3A1%3A620481618393%3Aweb%3Aa168024425db8ced0979c8%0D%0AAuthorization%3ABearer%20eyJhbGciOiJSUzI1NiIsImtpZCI6IjViNjAyZTBjYTFmNDdhOGViZmQxMTYwNGQ5Y2JmMDZmNGQ0NWY4MmIiLCJ0eXAiOiJKV1QifQ.eyJzaXRlIjoiZ3JhbmQtYWR2ZW50dXJlcyIsImNvbnZlcnNhdGlvbklkIjoiNTllNDJlZDctODkzOC00MGQ2LWI3ZTktMjAyNDQzYWI5MTNhIiwid2ViU2Vzc2lvbklkIjoiNDhiY2ViOGYtY2RjMC00OTkwLWJlYzQtMDZhNmQzZmQzM2I4IiwiaXNzIjoiaHR0cHM6Ly9zZWN1cmV0b2tlbi5nb29nbGUuY29tL3RvbWlzLWJvdCIsImF1ZCI6InRvbWlzLWJvdCIsImF1dGhfdGltZSI6MTcwNjI2MDI0MCwidXNlcl9pZCI6IjU1OWMwNmM1LWExMjAtNGUzYi05NmY4LTdkNTJkN2M0ZTRkNCIsInN1YiI6IjU1OWMwNmM1LWExMjAtNGUzYi05NmY4LTdkNTJkN2M0ZTRkNCIsImlhdCI6MTcwNjI2MDI0MCwiZXhwIjoxNzA2MjYzODQwLCJmaXJlYmFzZSI6eyJpZGVudGl0aWVzIjp7fSwic2lnbl9pbl9wcm92aWRlciI6ImN1c3RvbSJ9fQ.JyC7ANGQNIzuNNsrHmEPAK9nNOJQqUt8DASMupDGblgYReGYHtT8Z_jPUAX_ENFqI4z1pHHvkCJhjKmJ_F_yhuiyTIJ23TlEoYeVTFjNQBLtYLd_f61CykvrRYSK4LZkMYL5yq-UiNVurEKbnZv31mV8krYQJuENk1WdT2EBjpHT1nh7GLUECs5mw0dyf6OfWFheYzQD1Ymw85CR3cSAKM7MbockWavfgI6lmsA28GQ2QDjp9URxc80b7KLLFDJorzLHxMhHrizT3A7e9tRvlT6MJbW9B-KWblivcVm6-eZfFULP5w6MGvaaEL3NNt8amfBK06KerUYvO1HZG4fDVw%0D%0A&zx=a944q4xw2yw0&t=1

Requested by

Host: tomis-bot.firebaseapp.com
URL: https://tomis-bot.firebaseapp.com/bot/index.b8d5d617.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.122.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f95.1e100.net

Software

ESF /

Resource Hash

94978f4940788559e9f92f5106040691633d60779e184b861051a8e999502ce2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://tomis-bot.firebaseapp.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 26 Jan 2024 09:10:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-client-wire-protocol: h3
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 71
x-xss-protection: 0
server: ESF
x-frame-options: SAMEORIGIN
vary: origin
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://tomis-bot.firebaseapp.com
access-control-expose-headers: x-client-wire-protocol,x-http-session-id
cache-control: private
access-control-allow-credentials: true
x-http-session-id: gpmRzKWrREJts_J_NIMHqQR2L4_NX6oAAcIJ-urI8uw

GET
H3 200 channel
firestore.googleapis.com/google.firestore.v1.Firestore/Write/ Frame 41DA 608 B
0 284ms
283ms XHR
text/plain 172.253.122.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firestore.googleapis.com/google.firestore.v1.Firestore/Write/channel?database=projects%2Ftomis-bot%2Fdatabases%2F(default)&gsessionid=gpmRzKWrREJts_J_NIMHqQR2L4_NX6oAAcIJ-urI8uw&VER=8&RID=rpc&SID=DpfGhW8SjZ0l6RzZ6GjKeg&CI=0&AID=0&TYPE=xmlhttp&zx=6yh8n9b9y8zr&t=1

Requested by

Host: tomis-bot.firebaseapp.com
URL: https://tomis-bot.firebaseapp.com/bot/index.b8d5d617.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.122.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f95.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tomis-bot.firebaseapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 09:10:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Referer, origin
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://tomis-bot.firebaseapp.com
cache-control: private, max-age=0
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0

POST
H3 200 channel Show response
firestore.googleapis.com/google.firestore.v1.Firestore/Write/ Frame 41DA 10 B
50 B 168ms
168ms XHR
text/plain 172.253.122.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firestore.googleapis.com/google.firestore.v1.Firestore/Write/channel?database=projects%2Ftomis-bot%2Fdatabases%2F(default)&VER=8&gsessionid=gpmRzKWrREJts_J_NIMHqQR2L4_NX6oAAcIJ-urI8uw&SID=DpfGhW8SjZ0l6RzZ6GjKeg&RID=78454&AID=1&zx=mifuidgv4bzm&t=1

Requested by

Host: tomis-bot.firebaseapp.com
URL: https://tomis-bot.firebaseapp.com/bot/index.b8d5d617.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.122.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f95.1e100.net

Software

ESF /

Resource Hash

50b25d63fd1264ca73bedc7cb4213e7f2b9f7ba836e969ff2b8ed7d543c8e140

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://tomis-bot.firebaseapp.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 26 Jan 2024 09:10:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
vary: origin
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://tomis-bot.firebaseapp.com
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30
x-xss-protection: 0

GET
H2 200 config.js Show response
js.peek.com/ 19 KB
2 KB 351ms
351ms Script
text/javascript 199.232.197.208
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.peek.com/config.js?key=2bc7462e-fbc3-46d6-853f-04106ef6c15b

Requested by

Host: js.peek.com
URL: https://js.peek.com/widget_button.js?ts=0-26

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.197.208 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx / Express

Resource Hash

73501959f7de5a38f92be0fce1dd445a8ec74d7159dc0662184fb5bf26d81eba

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.grandadventures.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=3600; includeSubDomains
content-encoding: gzip
via: 1.1 google, 1.1 varnish
date: Fri, 26 Jan 2024 09:10:44 GMT
age: 0
x-powered-by: Express
x-cache: MISS
content-length: 2145
x-served-by: cache-yvr1525-YVR
server: nginx
x-timer: S1706260244.035661,VS0,VE271
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
access-control-allow-headers: Content-Type
x-cache-hits: 0

GET
H2 200 h Show response
js.peek.com/ 2 B
329 B 317ms
168ms Fetch
text/plain 199.232.197.208
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.peek.com/h?tls=null&type=sp_page_view&lt=null&tl=null&uid=17062602440082020&src=&apik=2bc7462e-fbc3-46d6-853f-04106ef6c15b&dh=www.grandadventures.com&path=%2Fsnowmobiling%2F&btns=3&bdcnt=0&bucnt=0&ls=null&m=0&cfh=0

Requested by

Host: js.peek.com
URL: https://js.peek.com/widget_button.js?ts=0-26

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.197.208 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx / Express

Resource Hash

565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.grandadventures.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=3600; includeSubDomains
via: 1.1 google, 1.1 varnish
date: Fri, 26 Jan 2024 09:10:44 GMT
age: 0
x-powered-by: Express
x-cache: MISS
content-length: 2
x-served-by: cache-yvr1524-YVR
server: nginx
x-timer: S1706260244.198258,VS0,VE93
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
accept-ranges: bytes
access-control-allow-headers: Content-Type
x-cache-hits: 0

GET
H2 200 / Show response
book.peek.com/ Frame 4FE1 6 KB
3 KB 568ms
153ms Document
text/html 34.110.166.32
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://book.peek.com/

Requested by

Host: js.peek.com
URL: https://js.peek.com/widget_button.js?ts=0-26

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.110.166.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

32.166.110.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

f8b9bbe63f939109b87041417f3d8974edae7aaf6941e1117a18460f1844a083

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600; includeSubDomains

Request headers

Referer: https://www.grandadventures.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Fri, 26 Jan 2024 09:10:44 GMT
etag: W/"17c6-ncgRDh3WK/paHMJkz9/9PzaAU+M"
server: nginx
strict-transport-security: max-age=3600; includeSubDomains
vary: Accept-Encoding
via: 1.1 google

GET
H2 200 css
fonts.googleapis.com/ 3 KB
790 B 170ms
167ms Stylesheet
text/css 142.251.167.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Amiri:400i|Oswald:400

Requested by

Host: js.peek.com
URL: https://js.peek.com/widget_button.js?ts=0-26

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.167.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f95.1e100.net

Software

ESF /

Resource Hash

1ef78674ae4355e8ed0834eaaf576c53038651af1e0a31454b5ff8003968dd17

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.grandadventures.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 26 Jan 2024 09:10:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 26 Jan 2024 09:10:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 26 Jan 2024 09:10:44 GMT

GET
H2 200 h Show response
js.peek.com/ 2 B
65 B 155ms
154ms Fetch
text/plain 199.232.197.208
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.peek.com/h?tls=null&type=sp_embed_load_complete&lt=null&tl=null&uid=17062602440082020&src=&apik=2bc7462e-fbc3-46d6-853f-04106ef6c15b&dh=www.grandadventures.com&path=%2Fsnowmobiling%2F&btns=3&bdcnt=0&bucnt=3&ls=null&m=0&cfh=0

Requested by

Host: js.peek.com
URL: https://js.peek.com/widget_button.js?ts=0-26

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.197.208 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx / Express

Resource Hash

565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.grandadventures.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=3600; includeSubDomains
via: 1.1 google, 1.1 varnish
date: Fri, 26 Jan 2024 09:10:44 GMT
age: 0
x-powered-by: Express
x-cache: MISS
content-length: 2
x-served-by: cache-yvr1524-YVR
server: nginx
x-timer: S1706260244.393161,VS0,VE79
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
accept-ranges: bytes
access-control-allow-headers: Content-Type
x-cache-hits: 0

GET
H2 200 vendor-767607c1c9a8b89d224179328c74a9a9.css
book12.freetls.fastly.net/assets/ Frame 4FE1 42 KB
7 KB 1326ms
150ms Stylesheet
text/css 151.101.66.79
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://book12.freetls.fastly.net/assets/vendor-767607c1c9a8b89d224179328c74a9a9.css

Requested by

Host: book.peek.com
URL: https://book.peek.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.79 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

6c0a6a50d1aae0c1531996320e6922c2393bbe9b0420f77e655684011d518d8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://book.peek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=3600; includeSubDomains
content-encoding: gzip
via: 1.1 google, 1.1 varnish
date: Fri, 26 Jan 2024 09:10:45 GMT
age: 749165
x-cache: HIT
content-length: 7049
x-served-by: cache-bfi-krnt7300114-BFI
last-modified: Wed, 17 Jan 2024 17:04:16 GMT
server: nginx
x-timer: S1706260246.816301,VS0,VE0
etag: W/"a75e-18d18617576"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
access-control-allow-headers: Content-Type
x-cache-hits: 18

GET
H2 200 spinnaker-ca56a36bb3faf246fd051214fb256e88.css
book12.freetls.fastly.net/assets/ Frame 4FE1 137 KB
31 KB 1254ms
78ms Stylesheet
text/css 151.101.66.79
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://book12.freetls.fastly.net/assets/spinnaker-ca56a36bb3faf246fd051214fb256e88.css

Requested by

Host: book.peek.com
URL: https://book.peek.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.79 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

266d3ab010e5666138b27eba3693c7e702a6415d3f42ba8cde6fedad20c14a61

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://book.peek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=3600; includeSubDomains
content-encoding: gzip
via: 1.1 google, 1.1 varnish
date: Fri, 26 Jan 2024 09:10:45 GMT
age: 144704
x-cache: HIT
content-length: 31061
x-served-by: cache-bfi-krnt7300114-BFI
last-modified: Wed, 24 Jan 2024 15:57:05 GMT
server: nginx
x-timer: S1706260246.816105,VS0,VE0
etag: W/"22536-18d3c3077b0"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
access-control-allow-headers: Content-Type
x-cache-hits: 18

GET
H2 200 vendor-ea9287c84c31a25fc090345d1f8f8440.js Show response
book12.freetls.fastly.net/assets/ Frame 4FE1 3 MB
944 KB 1480ms
304ms Script
application/javascript 151.101.66.79
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://book12.freetls.fastly.net/assets/vendor-ea9287c84c31a25fc090345d1f8f8440.js

Requested by

Host: book.peek.com
URL: https://book.peek.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.79 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

21f192e41a0b40bf948db30b01af5eabb1f4e8a9f89ae6f76563e835496c52d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://book.peek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=3600; includeSubDomains
content-encoding: gzip
via: 1.1 google, 1.1 varnish
date: Fri, 26 Jan 2024 09:10:45 GMT
age: 240205
x-cache: HIT
content-length: 966408
x-served-by: cache-bfi-krnt7300114-BFI
last-modified: Tue, 23 Jan 2024 14:14:01 GMT
server: nginx
x-timer: S1706260246.816490,VS0,VE1
etag: W/"31ac10-18d36abbec3"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
access-control-allow-headers: Content-Type
x-cache-hits: 1

GET
H2 200 chunk.765.4f8f044494a78a08e4b7.js Show response
book12.freetls.fastly.net/assets/ Frame 4FE1 2 MB
374 KB 1372ms
197ms Script
application/javascript 151.101.66.79
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://book12.freetls.fastly.net/assets/chunk.765.4f8f044494a78a08e4b7.js

Requested by

Host: book.peek.com
URL: https://book.peek.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.79 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

b58aca43472a98915e27b5ceae079e132c7d396110d4a5aea80bba7ade7574e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://book.peek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=3600; includeSubDomains
content-encoding: gzip
via: 1.1 google, 1.1 varnish
date: Fri, 26 Jan 2024 09:10:45 GMT
age: 749164
x-cache: HIT
content-length: 383020
x-served-by: cache-bfi-krnt7300114-BFI
last-modified: Wed, 17 Jan 2024 17:04:27 GMT
server: nginx
x-timer: S1706260246.816316,VS0,VE1
etag: W/"1e0506-18d1861a0ea"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
access-control-allow-headers: Content-Type
x-cache-hits: 1

GET
H2 200 chunk.143.fcdf8fd18bc3f7e5bfc4.js Show response
book12.freetls.fastly.net/assets/ Frame 4FE1 13 KB
4 KB 1324ms
149ms Script
application/javascript 151.101.66.79
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://book12.freetls.fastly.net/assets/chunk.143.fcdf8fd18bc3f7e5bfc4.js

Requested by

Host: book.peek.com
URL: https://book.peek.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.79 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

de50ecbec16e623d7a8057b5cdfb51edf40b4a8e0a4348ebac4ea7d6fcf59e52

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://book.peek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=3600; includeSubDomains
content-encoding: gzip
via: 1.1 google, 1.1 varnish
date: Fri, 26 Jan 2024 09:10:45 GMT
age: 144704
x-cache: HIT
content-length: 3913
x-served-by: cache-bfi-krnt7300114-BFI
last-modified: Wed, 24 Jan 2024 15:56:55 GMT
server: nginx
x-timer: S1706260246.816295,VS0,VE0
etag: W/"320e-18d3c30512f"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
access-control-allow-headers: Content-Type
x-cache-hits: 18

GET
H2 200 spinnaker-6b7e0af96ba1cd7d53c9d145ec6b2b51.js Show response
book12.freetls.fastly.net/assets/ Frame 4FE1 2 MB
293 KB 1479ms
304ms Script
application/javascript 151.101.66.79
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://book12.freetls.fastly.net/assets/spinnaker-6b7e0af96ba1cd7d53c9d145ec6b2b51.js

Requested by

Host: book.peek.com
URL: https://book.peek.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.79 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

213355b8a39184eb4a9575f55ad295601ded41d90637a120e6783edaca1665c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://book.peek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=3600; includeSubDomains
content-encoding: gzip
via: 1.1 google, 1.1 varnish
date: Fri, 26 Jan 2024 09:10:45 GMT
age: 298545
x-cache: HIT
content-length: 299042
x-served-by: cache-bfi-krnt7300114-BFI
last-modified: Mon, 22 Jan 2024 22:14:43 GMT
server: nginx
x-timer: S1706260246.816524,VS0,VE2
etag: W/"1dc889-18d333d7a86"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
access-control-allow-headers: Content-Type
x-cache-hits: 1

GET
H2 200 polyfill.min.js Show response
polyfill.io/v3/ Frame 4FE1 104 B
621 B 488ms
77ms Script
text/javascript 151.101.65.26
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://polyfill.io/v3/polyfill.min.js?features=Intl

Requested by

Host: book.peek.com
URL: https://book.peek.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.26 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6c68769e8470ce89a0f2270529a5d47db00917e3ef9df946dca202098f09d0a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://book.peek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 26 Jan 2024 09:10:45 GMT
age: 0
detected-user-agent: Chrome Mobile WebView/120.0.6099
server-timing: HIT, fastly;desc="Edge time";dur=0
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 121
referrer-policy: origin-when-cross-origin
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
normalized-user-agent: chrome/120.0.0
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 css2
fonts.googleapis.com/ Frame 4FE1 6 KB
693 B 168ms
168ms Stylesheet
text/css 142.251.167.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Nunito+Sans:wght@400;700;800&display=swap

Requested by

Host: book12.freetls.fastly.net
URL: https://book12.freetls.fastly.net/assets/spinnaker-ca56a36bb3faf246fd051214fb256e88.css

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.167.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f95.1e100.net

Software

ESF /

Resource Hash

2b64689534d65fe7ae646ea3ed57fcc5da651df3e289a0dacbcc3deadb4253b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://book12.freetls.fastly.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 26 Jan 2024 09:10:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 26 Jan 2024 07:50:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 26 Jan 2024 09:10:46 GMT

GET
H3 200 css2
fonts.googleapis.com/ Frame 4FE1 9 KB
725 B 167ms
167ms Stylesheet
text/css 142.251.167.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Source+Sans+3:wght@400;500;600;700&display=swap

Requested by

Host: book12.freetls.fastly.net
URL: https://book12.freetls.fastly.net/assets/vendor-ea9287c84c31a25fc090345d1f8f8440.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.167.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f95.1e100.net

Software

ESF /

Resource Hash

dad9dcc5e663c795771c966889cab11a956752ac49fa24542c9aced042e826f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://book.peek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 26 Jan 2024 09:10:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 26 Jan 2024 07:39:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 26 Jan 2024 09:10:46 GMT

POST
H3 204 collect
www.google-analytics.com/g/ Frame 41DA 0
17 B 152ms
151ms Ping
text/plain 142.251.163.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-YT7KJT8ZQC&gtm=45je41o0v874379256&_p=1706260237322&gcd=11l1l1l1l1&dma=0&cid=1483568715.1706260241&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1706260241&sct=1&seg=0&dl=https%3A%2F%2Fwww.grandadventures.com%2Fsnowmobiling%2F&dr=https%3A%2F%2Fwww.grandadventures.com%2F&dt=Snowmobiling%20Colorado%20%7C%20Snowmobile%20Rentals%20Colorado&uid=559c06c5-a120-4e3b-96f8-7d52d7c4e4d4&en=message_received_automated&_ee=1&ep.version=2.29.7&ep.site=grand-adventures&ep.conversation_id=59e42ed7-8938-40d6-b7e9-202443ab913a&ep.web_session_id=48bceb8f-cdc0-4990-bec4-06a6d3fd33b8&ep.message=%20Hi%20there%20%F0%9F%91%8B%20I%27m%20the%20Grand%20Adventures%20chatbot!%20How%20can%20I%20help%20you%20today%3F&ep.intent_action=input.welcome&ep.intent_display_name=Default%20Welcome%20Intent&ep.intent_name=projects%2Fgrand-adventures-snowmobi-jscq%2Fagent%2Fintents%2F312ea07c-e21c-4826-94de-7c7144bf9105&epn.intent_detection_confidence=1&ep.chat_window_open=false&tfd=9927
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-YT7KJT8ZQC
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.251.163.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: wv-in-f102.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tomis-bot.firebaseapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 09:10:46 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://tomis-bot.firebaseapp.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
analytics.google.com/g/ 0
17 B 152ms
152ms Ping
text/plain 172.253.63.139
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-VP8TMZX230&gtm=45je41o0v878535844&_p=1706260228124&gcd=11l1l1l1l1&dma=0&cid=2071391441.1706260232&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=3&sid=1706260232&sct=1&seg=0&dl=https%3A%2F%2Fwww.grandadventures.com%2Fsnowmobiling%2F&dt=Snowmobiling%20Colorado%20%7C%20Snowmobile%20Rentals%20Colorado&en=chatbot_message_received_automated&_ee=1&ep.site=grand-adventures&ep.conversation_id=59e42ed7-8938-40d6-b7e9-202443ab913a&ep.web_session_id=48bceb8f-cdc0-4990-bec4-06a6d3fd33b8&ep.message=%20Hi%20there%20%F0%9F%91%8B%20I%27m%20the%20Grand%20Adventures%20chatbot!%20How%20can%20I%20help%20you%20today%3F&ep.intent_action=input.welcome&ep.intent_display_name=Default%20Welcome%20Intent&ep.intent_name=projects%2Fgrand-adventures-snowmobi-jscq%2Fagent%2Fintents%2F312ea07c-e21c-4826-94de-7c7144bf9105&epn.intent_detection_confidence=1&ep.chat_window_open=false&ep.chatbot_version=2.29.7&_et=9203&tfd=19918
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VP8TMZX230&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.253.63.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: bi-in-f139.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.grandadventures.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 09:10:46 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.grandadventures.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 nr-spa-1209.min.js Show response
js-agent.newrelic.com/ Frame 4FE1 42 KB
17 KB 236ms
77ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/nr-spa-1209.min.js

Requested by

Host: book12.freetls.fastly.net
URL: https://book12.freetls.fastly.net/assets/vendor-ea9287c84c31a25fc090345d1f8f8440.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

49cd7e514d20a427de78b14e516213d02b2c7ec0cee399584eab79f889c55964

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://book.peek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: KgzCtiOnqYr340UnH7uEeaW1TwZyFYCF
content-encoding: br
via: 1.1 varnish
date: Fri, 26 Jan 2024 09:10:46 GMT
strict-transport-security: max-age=300
x-amz-request-id: M7HEB1941MGETH26
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 16548
x-amz-id-2: eMPrpUNltXky6jAvPEkQQkunUadQ6zHcKUgfPPEn+5nQWyliLH4qyc3LGuepzFVfau4Eaidnse0=
x-served-by: cache-bfi-kbfi7400067-BFI
last-modified: Wed, 18 Oct 2023 21:31:08 GMT
server: AmazonS3
x-timer: S1706260247.870636,VS0,VE0
etag: "0a1d4ac0ed6107cdf844f28cc3ba3b82"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges: bytes
x-cache-hits: 5802

GET
H/1.1 200 9ef8139edb Show response
bam-cell.nr-data.net/1/ Frame 4FE1 56 B
487 B 692ms
232ms Script
text/javascript 162.247.243.30
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bam-cell.nr-data.net/1/9ef8139edb?a=48070244&sa=1&v=1209.f04e2b9&t=Unnamed%20Transaction&rst=2961&ck=1&ref=https://book.peek.com/&be=2433&fe=2648&dc=2479&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1706260244024,%22n%22:0,%22f%22:1,%22dn%22:257,%22dne%22:257,%22c%22:257,%22s%22:331,%22ce%22:416,%22rq%22:417,%22rp%22:570,%22rpe%22:571,%22dl%22:575,%22di%22:2478,%22ds%22:2478,%22de%22:2526,%22dc%22:2647,%22l%22:2647,%22le%22:2648%7D,%22navigation%22:%7B%7D%7D&jsonp=NREUM.setToken
Requested by: Host: book12.freetls.fastly.net
URL: https://book12.freetls.fastly.net/assets/vendor-ea9287c84c31a25fc090345d1f8f8440.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.30 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: f9745c48d0b4c918d466da4acdb3f786ef5cda4c69ac0b6009d76cff67e6325d

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://book.peek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 09:10:47 GMT
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
Connection: keep-alive
Content-Length: 56
x-served-by: cache-yvr1534-YVR

POST
H/1.1 200 9ef8139edb Show response
bam-cell.nr-data.net/events/1/ Frame 4FE1 24 B
332 B 228ms
227ms XHR
image/gif 162.247.243.30
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bam-cell.nr-data.net/events/1/9ef8139edb?a=48070244&sa=1&v=1209.f04e2b9&t=Unnamed%20Transaction&rst=3661&ck=1&ref=https://book.peek.com/
Requested by: Host: book12.freetls.fastly.net
URL: https://book12.freetls.fastly.net/assets/vendor-ea9287c84c31a25fc090345d1f8f8440.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.30 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer: https://book.peek.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: text/plain

Response headers

date: Fri, 26 Jan 2024 09:10:47 GMT
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
content-type: image/gif
access-control-allow-origin: https://book.peek.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 24
x-served-by: cache-yvr1534-YVR

GET
H2 200 main.a6d15c2a.js Show response
s.pinimg.com/ct/lib/ 66 KB
19 KB 147ms
146ms Script
application/javascript 146.75.28.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.a6d15c2a.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.28.84 Ashburn, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: f2966780d964488ce801cd252ec0fcfc01281842f3b8302a6efa22d9ef308d10

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.grandadventures.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 09:10:51 GMT
content-encoding: br
x-cdn: fastly
etag: "d95b98c078431d7b6709ad96c5145472"
x-amz-server-side-encryption: AES256
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: X-CDN
vary: Accept-Encoding, Origin
cache-control: max-age=1209600
alt-svc: h3=":443";ma=600
content-length: 19184

GET
H2 200 jquery-1.8.2.min.js Show response
www.boomchatweb.com/chat/ 91 KB
33 KB 172ms
171ms Script
application/javascript 159.203.125.130
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.boomchatweb.com/chat/jquery-1.8.2.min.js
Requested by: Host: www.boomchatweb.com
URL: https://www.boomchatweb.com/chat/common_slide.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 159.203.125.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: f23d4b309b72743aa8afe1f8c98a25b3ee31246fa572c66d9d8cb1982cae4fbc

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.grandadventures.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 09:10:52 GMT
content-encoding: gzip
last-modified: Wed, 18 Jan 2023 20:29:01 GMT
server: Apache/2.4.41 (Ubuntu)
etag: "16cfc-5f28faab23d14-gzip"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 33401

GET
H2 200 / Show response
ct.pinterest.com/user/ 299 B
718 B 525ms
168ms XHR
application/json 23.39.185.6
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/user/?tid=2613154176292&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&cb=1706260252057&dep=2%2CPAGE_LOAD

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.a6d15c2a.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.39.185.6 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-39-185-6.deploy.static.akamaitechnologies.com

Software

Resource Hash

dc80b6fb08f72ea900d57d716a2370ebfc8b218ade108e1b7b9480b6f520bbc1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.grandadventures.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 09:10:52 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
x-cdn: akamai
akamai-grn: 0.e4c83017.1706260252.4b59c70b
x-envoy-upstream-service-time: 2
alt-svc: h3=":443"; ma=600
content-length: 174
x-pinterest-rid: 4521328731725588
pin-unauth: dWlkPVltRm1OVE5pTkRNdFlUTmhOaTAwWmpBeExXSXhOamd0WWpWa05XTmxaakZqWkRsaA
pragma: no-cache
referrer-policy: origin
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.grandadventures.com
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
pinterest-version: 531b9cd0463f023a295955d14cd84d005b70b1e1
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
456 B 523ms
170ms Image
image/gif 23.39.185.6
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?tid=2613154176292&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.grandadventures.com%2Fsnowmobiling%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%22a6d15c2a%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1706260252061

Requested by

Host: www.grandadventures.com
URL: https://www.grandadventures.com/snowmobiling/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.39.185.6 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-39-185-6.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.grandadventures.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 09:10:52 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
referrer-policy: origin
x-cdn: akamai
akamai-grn: 0.e4c83017.1706260252.4b59c70c
content-type: image/gif
access-control-allow-origin: *
pinterest-version: 531b9cd0463f023a295955d14cd84d005b70b1e1
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 1
content-length: 35
x-pinterest-rid: 1584370504019435
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 151ms
150ms XHR
text/plain 142.251.163.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=803926470&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.grandadventures.com%2Fsnowmobiling%2F&ul=en-us&de=UTF-8&dt=Snowmobiling%20Colorado%20%7C%20Snowmobile%20Rentals%20Colorado&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Chat&ea=Load&el=Chat%20JS%20Loaded&_u=aDDAAUABAAAAACAAI~&jid=89209598&gjid=1239662707&cid=2071391441.1706260232&tid=UA-19716612-1&_gid=1128339141.1706260237&_r=1&_slc=1&z=1535326670

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.163.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f102.1e100.net

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.grandadventures.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 09:10:52 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.grandadventures.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 3 B
23 B 151ms
150ms XHR
text/plain 142.251.163.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=803926470&t=event&_s=1&dl=https%3A%2F%2Fwww.grandadventures.com%2Fsnowmobiling%2F&ul=en-us&de=UTF-8&dt=Snowmobiling%20Colorado%20%7C%20Snowmobile%20Rentals%20Colorado&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Chat&ea=Load&el=Chat%20JS%20Loaded&_u=aDDAAUABAAAAACAAI~&jid=884923865&gjid=1934759628&cid=2071391441.1706260232&tid=UA-165313523-1&_gid=1128339141.1706260237&_r=1&_slc=1&z=940586099

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.163.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f102.1e100.net

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.grandadventures.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 09:10:52 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.grandadventures.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
www.boomchatweb.com/ 32 B
324 B 723ms
165ms XHR
text/html 159.203.125.130
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.boomchatweb.com/?page=ajax_chat&action=getClientIp&_=1706260252618
Requested by: Host: www.boomchatweb.com
URL: https://www.boomchatweb.com/chat/jquery-1.8.2.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 159.203.125.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 80709c93ff612bb1f7044cb207c264fe9f0595b62bb1154691cf515efdcf7981

Request headers

Accept: */*
Referer: https://www.grandadventures.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 09:10:53 GMT
content-encoding: gzip
server: Apache/2.4.41 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
content-length: 52
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 143ms
143ms Image
image/gif 142.251.163.102
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=803926470&t=event&_s=2&dl=https%3A%2F%2Fwww.grandadventures.com%2Fsnowmobiling%2F&ul=en-us&de=UTF-8&dt=Snowmobiling%20Colorado%20%7C%20Snowmobile%20Rentals%20Colorado&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Chat&ea=Chat_JS_Loaded&el=Load&_u=aDDAAUABAAAAACAAI~&jid=&gjid=&cid=2071391441.1706260232&tid=UA-19716612-1&_gid=1128339141.1706260237&gtm=457e41o0&gcd=11l1l1l1l1&dma=0&jsscut=1&z=1375581571

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.163.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f102.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.grandadventures.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 03:40:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 19815
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ct.html Show response
ct.pinterest.com/ Frame 823A 565 B
625 B 189ms
187ms Document
text/html 23.39.185.6
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/ct.html

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.a6d15c2a.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.39.185.6 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-39-185-6.deploy.static.akamaitechnologies.com

Software

Resource Hash

f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Referer: https://www.grandadventures.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

akamai-grn: 0.e4c83017.1706260252.4b59cb8c
cache-control: max-age=86400
content-encoding: gzip
content-length: 323
content-type: text/html; charset=utf-8
date: Fri, 26 Jan 2024 09:10:52 GMT
pinterest-version: 531b9cd0463f023a295955d14cd84d005b70b1e1
referrer-policy: origin
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-cdn: akamai
x-envoy-upstream-service-time: 0
x-pinterest-rid: 1741034832478448

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
22 B 152ms
152ms XHR
text/plain 172.253.122.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-19716612-1&cid=2071391441.1706260232&jid=89209598&gjid=1239662707&_gid=1128339141.1706260237&_u=aDDAAUABAAAAACAAI~&z=2043535978

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.122.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f155.1e100.net

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.grandadventures.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 26 Jan 2024 09:10:52 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.grandadventures.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
www.boomchatweb.com/ 2 KB
783 B 166ms
165ms XHR
text/html 159.203.125.130
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.boomchatweb.com/?page=ajax_chat&action=checkClientAvailable&client_id=22NJv/QbIAGtYLfBH4O4JXCDiY1bXvdypX8Mk7eMk4U=&ipaddress=185.153.179.119
Requested by: Host: www.boomchatweb.com
URL: https://www.boomchatweb.com/chat/common_slide.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 159.203.125.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 10aea4cb04c853fc4b3b8c613ee64b342a3ef1ff5a7265ea23a21578b6a6788f

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.grandadventures.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 09:10:53 GMT
content-encoding: gzip
server: Apache/2.4.41 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
content-length: 653
expires: Thu, 19 Nov 1981 08:52:00 GMT

POST
H/1.1 200 9ef8139edb Show response
bam-cell.nr-data.net/events/1/ Frame 4FE1 24 B
332 B 161ms
161ms XHR
image/gif 162.247.243.30
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bam-cell.nr-data.net/events/1/9ef8139edb?a=48070244&sa=1&v=1209.f04e2b9&t=Unnamed%20Transaction&rst=12960&ck=1&ref=https://book.peek.com/
Requested by: Host: book12.freetls.fastly.net
URL: https://book12.freetls.fastly.net/assets/vendor-ea9287c84c31a25fc090345d1f8f8440.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.30 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer: https://book.peek.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: text/plain

Response headers

date: Fri, 26 Jan 2024 09:10:57 GMT
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
content-type: image/gif
access-control-allow-origin: https://book.peek.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 24
x-served-by: cache-yvr1534-YVR

Verdicts & Comments Add Verdict or Comment

170 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.grandadventures.com/	1970-01-20 20:07:16	Name: _gcl_au Value: 1.1.1908198516.1706260229
.grandadventures.com/	1970-01-21 03:33:40	Name: _ga Value: GA1.2.2071391441.1706260232
.grandadventures.com/	1970-01-20 17:59:06	Name: _gid Value: GA1.2.1128339141.1706260237
.grandadventures.com/	1970-01-20 17:57:40	Name: _gat_gtag_UA_19716612_1 Value: 1
.grandadventures.com/	1970-01-20 20:07:16	Name: _fbp Value: fb.1.1706260237024.387470053
.tomis-bot.firebaseapp.com/	1970-01-21 03:33:40	Name: _ga Value: GA1.1.1483568715.1706260241
.tomis-bot.firebaseapp.com/	1970-01-21 03:33:40	Name: _ga_YT7KJT8ZQC Value: GS1.1.1706260241.1.0.1706260241.0.0.0
.grandadventures.com/	1970-01-21 03:33:40	Name: _ga_VP8TMZX230 Value: GS1.1.1706260232.1.0.1706260241.51.0.0
.nr-data.net/	1969-12-31 23:59:59	Name: JSESSIONID Value: f12388774aa26525
www.boomchatweb.com/	1970-01-21 03:33:40	Name: PHPSESSID Value: 0j6hc85mq9kfiki6en0d6dpeot
.pinterest.com/	1970-01-21 02:43:16	Name: ar_debug Value: 1
.grandadventures.com/	1970-01-21 02:43:16	Name: _pin_unauth Value: dWlkPVltRm1OVE5pTkRNdFlUTmhOaTAwWmpBeExXSXhOamd0WWpWa05XTmxaakZqWkRsaA
.grandadventures.com/	1970-01-20 17:57:40	Name: _gat_boomclient Value: 1
.grandadventures.com/	1970-01-20 17:57:40	Name: _gat_boomchat Value: 1

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://connect.facebook.net/signals/config/577883952702602?v=2.9.142&r=stable&domain=www.grandadventures.com&hme=e82209ddce2f5ef9f00773b102465283e977acad712d554991b839c35823b905&ex_m=62%2C103%2C91%2C95%2C53%2C3%2C87%2C61%2C14%2C85%2C78%2C44%2C46%2C145%2C148%2C159%2C155%2C156%2C158%2C25%2C88%2C45%2C68%2C157%2C140%2C143%2C152%2C153%2C160%2C112%2C13%2C43%2C164%2C163%2C114%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C82%2C15%2C12%2C84%2C81%2C80%2C92%2C94%2C31%2C93%2C26%2C22%2C141%2C144%2C121%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C89%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C17%2C4%2C73%2C79%2C72%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C83%2C75%2C2%2C30%2C55%2C34%2C90%2C38%2C70%2C60%2C40%2C39%2C96%2C52%2C51%2C27%2C86%2C50%2C47%2C42%2C69%2C64%2C97(Line 105) Message: Unrecognized feature: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
analytics.google.com
bam-cell.nr-data.net
book.peek.com
book12.freetls.fastly.net
cloud.tomis.tech
connect.facebook.net
ct.pinterest.com
firebasestorage.googleapis.com
firestore.googleapis.com
fonts.bunny.net
fonts.googleapis.com
fonts.gstatic.com
grandadventures.com
js-agent.newrelic.com
js.peek.com
polyfill.io
r20.rs6.net
resources.xg4ken.com
rw1.marchex.io
s.pinimg.com
stats.g.doubleclick.net
tomis-bot.firebaseapp.com
use.fontawesome.com
www.boomchatweb.com
www.facebook.com
www.google-analytics.com
www.google.ca
www.googleapis.com
www.googletagmanager.com
www.grandadventures.com
142.250.31.95
142.251.111.94
142.251.16.97
142.251.163.102
142.251.167.95
146.75.28.84
151.101.65.26
151.101.66.137
151.101.66.79
159.203.125.130
162.247.243.30
172.253.122.155
172.253.122.95
172.253.63.139
172.253.63.94
172.64.140.13
174.137.122.128
185.93.1.247
195.179.238.248
199.232.197.208
199.36.158.100
208.75.122.11
23.39.185.6
31.13.66.19
31.13.66.35
34.110.166.32
52.0.243.115
005fdfd3685a6dea398449f326f814f2e6de5e7133107b981a90b4e95584f72f
012d2f2392a9383ef8cdeac45b2a5561d306cc46bdce1b91be55b7178a4bab07
014bdcd85899b1e128d977bbb8f899d6c9623e68cfb63b3a637d39f61ff01ff5
06a403fa19b0e23e9e2ef3f493a6a55f68607c5566298f3e0ed7a08dbf11ad82
0905a9dc4d11b5d0714603a117f7d09fcfc2a1d8b04fe348e36fef0db9005baa
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
0d023c6770c50a23f28adac7508c5b86f9b06774933a8d82e5d9d557610a430c
0ef39cc11d5d5f0ae8cca04a9a435acbb62cb99e87922f137a2d336241382a8d
10aea4cb04c853fc4b3b8c613ee64b342a3ef1ff5a7265ea23a21578b6a6788f
10e40d021b750ab87e5b44c60c2e294e423f98ca92864512b2c63f6173da9def
121ff0762f01630d5dd1701f05eb42abcc77ad12d55f4768ffb4951c3ad8b85f
156eedda294f6aec01e7e462b570ae549c773b18c3a2975093f7535f06d5a705
1a0ce761558dd9dbead3566ec97bc4b25674bb4f5d99514b9fe2423d268f43f4
1cfd32e37f8aba263101f06e8f702adfaef55a6601857cf5e2c6dd0b0388dcd6
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1ef78674ae4355e8ed0834eaaf576c53038651af1e0a31454b5ff8003968dd17
1fcae8361e08123b6b6ff3192c3e47084d9d9b1069ddac64411538e3f12bb6bd
213355b8a39184eb4a9575f55ad295601ded41d90637a120e6783edaca1665c5
21f192e41a0b40bf948db30b01af5eabb1f4e8a9f89ae6f76563e835496c52d2
22215d5fe62312c1ef69f2de8b6b06dd8ea9a44f0e6be7f8ef4fbc742fb51564
231bffaa54579ebd76cf57822499451281bbdc1e623172e3df788879be5e3005
25478d9c8e2b6d115cc3a95162440cbe93f4449f9f0fdaeca5b72c74d94dfeff
266d3ab010e5666138b27eba3693c7e702a6415d3f42ba8cde6fedad20c14a61
2b64689534d65fe7ae646ea3ed57fcc5da651df3e289a0dacbcc3deadb4253b4
315ae3dfa0f0cab137f2eec86a2c740ff43e4047f5380a026e687ee41c281fea
32c86ff33e0d7801013bb913c8089ecfdc9af5cf08a03caa32b3a062a2e27ecb
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
3a207b4b005492288c4d9ff65387fa93f85b66ccbee5784019aa1fb2d3af9a79
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3e2221caa5fa5a27c62f5c199056be3fd2174713c857bb3522267437d294903f
4101e4fa9bdc7ecb354caf1649d251f838a10b437009900ecc30321fe472b154
41b198db6af8048ed3f93dbd67ab958e1921ec42b91e2816d911d35280a8fe4d
43077b77930eda01adb7a7396b7e9ccfe8ff3b4cf2fbbadb92ff76eabeb8aa0c
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
48c6c4c07ab49a4b051f8fe4f4258e5af8af1d84565f744a9395c0400ec3bd99
48d969bc0362ace70fa141fc142f2d33ffab783223a613a190359590853e580f
49cd7e514d20a427de78b14e516213d02b2c7ec0cee399584eab79f889c55964
4ae4bd860d882cb7bc2970827e35d9c07b40b60cab7fc77e8bb0f36e5e7e35c1
4c95b842b9e5f3ad220ea5b38582d3abcfda388e6930f8dd3f227d4aa4826ac7
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
50b25d63fd1264ca73bedc7cb4213e7f2b9f7ba836e969ff2b8ed7d543c8e140
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
540c42cee4d2f317b03d194c0028d2ee68c6f04da8c0e191d9d5f790daf38009
5571cb12d8e0e26748e8fd4785292fb6d84e892cf00f87063ad9752d09e3750f
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5e52d2896e4826b8b2cc58b53db6c3e4aaea762a718e2a1375b275ff78285060
61f7de13520a14ec37ba246b4846f5850ab87ffbc0d5b366709509c1d97d83b5
63a090c8b7579a362c3ade7401721e1432f2f5bd7612d3ef9aab1277faa8f093
6493ebe5a8bb3751f00d3c4e48d0c8a8c7dc46be0b79e78d8831f3a2f3f45526
67a14a59133ef972898d5049626e0cab88ee40943b2053934833afb49284c183
688f842a95527605623171036652de842649e38972f0bf317f8073713bc6d3cc
698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340
69f370353fef12fbaceef8e636067f722fec5761595ad354e6bcea5e07393f01
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c0a6a50d1aae0c1531996320e6922c2393bbe9b0420f77e655684011d518d8c
6c68769e8470ce89a0f2270529a5d47db00917e3ef9df946dca202098f09d0a2
6ce3d98d10c077097c15143ebbe711a965452e2827b6b5e310d042999a397022
7062d4d70a9e2c563bbefb6a48df092e4af1af2107fc57587cd81c6f1a0d1748
71adc15350145604f7a2794da7be297e14345f3fb31c4ea37c8a97e5e0b2ccd0
721af38c62c4b2db1b1187e4ce7cbc31dff1eaa7a4d9a9906781d50f9e458985
726b820e44f6ab90ad991d30a4bf26d3a5d71493cbcd1fb1efd0d14e89b9df2a
73501959f7de5a38f92be0fce1dd445a8ec74d7159dc0662184fb5bf26d81eba
738442ee2431f0669fa6c3c4e71a85d869689fa271203d2a9327cf81dfd72f29
7487eaab8afc394d9746bcacd476d1ceef806107b0eab0b2059c2b37d10311f6
78213e503e747eab06b46ab47dd49182d9171990496c4bb2f3233c0ccee6a5e5
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
7ee08c60d39f5712a56938fda3e2ab10fe3ef23ec98aeb3c9a29e54f6f31ffe1
80709c93ff612bb1f7044cb207c264fe9f0595b62bb1154691cf515efdcf7981
80a7ed1fb6d79bf82ba6868df9da5a02d875644cfa8a7fdc04b9628f40187566
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
86ed8bceec505be7448e97d33b3c627049cc8cb9abeb20cc6a030abf288818b7
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
883d8523c4786879e165e598162094a30eeb80ca9146a800dc375cbb9f6e9f5f
8d9a46db80c58e316c5594342e8e62bb792d4706ae90d02e4af8a03218335117
94978f4940788559e9f92f5106040691633d60779e184b861051a8e999502ce2
9a48cd2d5919916d267c538b484cc7f37f9e26d09ec67309c0621e66b1321800
9b32d222e88fe98df453b683782b54c514387cfae9b20ffae807c84b4c51e749
9c1989ecd392a0c54fb799409154242706940a8e6d800542ba579dfda576bb9d
9eb8d09282e625962caced51c19324f16a958430a5e486901f9b1ac9b5263e07
9fef7459001111d8d2912849d148bb48b741628d5c69d89b377a7c03b1a682a8
a3705cd436da9ea5462fe8b2689b00b01b37beb65bfc73e84af713ba6368867c
ae58d8ec32c6aaa8e398c2a1ef338159df7a7fb680372d5c6703f2783f97867b
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b07603e7f36dec6eb6a7e3fd36f42521ebfbf9160b24aed9c6cd4473e7857466
b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681
b58aca43472a98915e27b5ceae079e132c7d396110d4a5aea80bba7ade7574e0
b62aa84965dbf9d7f7235bd4012fc653174af3cbdd45f8bc442fea63d49e6e42
b798e798867301d04ad55df8c4b32c3a26379eebc2ce8ec3f4d1b896a4d259e7
b88daf8bc464f01c0315e1e61daee6d9ba613376318a6dba55f3fd3de433cc36
c1ed0ebdf71029c096e48b3bdd930df7d4848c4ddd6746c8a0105b4e98b8f72a
c34c2d2268ab45d0767257f1b78129246fa17e6051d59f33cbb882228b580df3
c3cf5693719d153a7068cf1a75a98971ba4273cb0e95a0137e8df5840afe1987
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cb8ab7b16885343bfd15891bfe5c3a2c39971120fffa223f62161847796c519a
ccd31ffa708d025833f954b3e0560cedd58df9a0d2706b2ccee5f501c5b2467b
cd60d14fcfdbf38a074a04c215ed39a68561ba83619bd40117f4030fa0064a89
d1a17abb1a999842fe425e1a4ace9d90f9c18f3595c21a63d89f0611b90cfd72
d34c3af0d3b74cbb878ca4472668ebae02410ed1bfe8e85b244bb582d1dcb2ea
d8d96e0e065e4eacc8f2010743036f63dbb23f82c52bcaf0e916f2310304f264
d8ef7a073e446c37d10620ce6d0003dbb1a0ea1f039ac9168464921faa6a422d
dad9dcc5e663c795771c966889cab11a956752ac49fa24542c9aced042e826f3
dc80b6fb08f72ea900d57d716a2370ebfc8b218ade108e1b7b9480b6f520bbc1
ddc148b8a0a27b1449fda6033f4a0defac9bd43210117b50d5d7ad1eda09f394
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de4d44064411e050629b0b0c68bb8eb736485484e9e3079f198d4f9085cc6551
de50ecbec16e623d7a8057b5cdfb51edf40b4a8e0a4348ebac4ea7d6fcf59e52
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb0cfee1d3a68d642b335a5a277be1f9be134e353901f3f0738bc5bf44f4e201
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f23d4b309b72743aa8afe1f8c98a25b3ee31246fa572c66d9d8cb1982cae4fbc
f2966780d964488ce801cd252ec0fcfc01281842f3b8302a6efa22d9ef308d10
f31b80562610135edd91a86ec7f243c5eeaec2ec08337e6a20c2d135d8e217da
f700685439656a708fb600daa332669ee86aa1f665a17b7d6d3947403b66e17a
f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3
f8b9bbe63f939109b87041417f3d8974edae7aaf6941e1117a18460f1844a083
f9745c48d0b4c918d466da4acdb3f786ef5cda4c69ac0b6009d76cff67e6325d
fad87ffec66ade8ed160b3d16c662858edee109292993e36e54e8acc02645af3
feea07099f16d10f5f6103b913893508635abb25ffec9bbe9e9171737a5a44ce
ff09de6e3ab7dae667d4db1ded49654d2693ae214845ea453a985d896e0a42f9

www.grandadventures.com Open in urlscan Pro 195.179.238.248 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

141 Requests

99 %HTTPS

0 %IPv6

25 Domains

31 Subdomains

27 IPs

1 Countries

8605 kBTransfer

18645 kBSize

14 Cookies

15 Outgoing links

Page URL History

Redirected requests

141 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.grandadventures.com Open in urlscan Pro
195.179.238.248 Public Scan

Screenshot
Live screenshot

Full Image

141
Requests

99 %
HTTPS

0 %
IPv6

25
Domains

31
Subdomains

27
IPs

1
Countries

8605 kB
Transfer

18645 kB
Size

14
Cookies

141 HTTP transactions
1 data transactions