www.xcaretgetaway.com Open in urlscan Pro
52.212.68.12 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.xcaretgetaway.com/
Submission Tags: 7578529
Submission: On July 04 via api (July 4th 2022, 10:47:34 pm UTC) from DE — Scanned from JP

Summary HTTP 145 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 21 IPs in 6 countries across 14 domains to perform 145 HTTP transactions. The main IP is 52.212.68.12, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is www.xcaretgetaway.com.
TLS certificate: Issued by R3 on June 22nd 2022. Valid for: 3 months.

This is the only time www.xcaretgetaway.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	52.212.68.12 52.212.68.12	16509 (AMAZON-02) (AMAZON-02)
7	2404:6800:400... 2404:6800:4004:821::200a	15169 (GOOGLE) (GOOGLE)
41	2606:4700:303... 2606:4700:3035::ac43:a6fa	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	52.30.199.88 52.30.199.88	16509 (AMAZON-02) (AMAZON-02)
1	2600:140b:4::... 2600:140b:4::1720:f132	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2404:6800:400... 2404:6800:4004:801::200e	15169 (GOOGLE) (GOOGLE)
12	2404:6800:400... 2404:6800:4004:826::2003	15169 (GOOGLE) (GOOGLE)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:3b	20446 (STACKPATH...) (STACKPATH-CDN)
1	2404:6800:400... 2404:6800:4004:825::200a	15169 (GOOGLE) (GOOGLE)
2	54.194.78.84 54.194.78.84	16509 (AMAZON-02) (AMAZON-02)
34	34.203.158.106 34.203.158.106	14618 (AMAZON-AES) (AMAZON-AES)
20	2404:6800:400... 2404:6800:4004:81c::200e	15169 (GOOGLE) (GOOGLE)
1 2	2404:6800:400... 2404:6800:4004:822::2002	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4004:824::2006	15169 (GOOGLE) (GOOGLE)
4	2404:6800:400... 2404:6800:4004:822::200a	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4004:808::2004	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:4004:823::2001	15169 (GOOGLE) (GOOGLE)
1	158.255.47.17 158.255.47.17	31727 (NODE4-AS) (NODE4-AS)
11	2404:6800:400... 2404:6800:4004:39::7	15169 (GOOGLE) (GOOGLE)
1	34.242.135.119 34.242.135.119	16509 (AMAZON-02) (AMAZON-02)
145	21

1 52.212.68.12 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-68-12.eu-west-1.compute.amazonaws.com

www.xcaretgetaway.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2404:6800:4004:821::200a (Australia)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

41 2606:4700:3035::ac43:a6fa (United States)

ASN13335 (CLOUDFLARENET, US)

styles.assets-landingi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
scripts.assets-landingi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
old.assets-landingi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.assets-landingi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.30.199.88 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-199-88.eu-west-1.compute.amazonaws.com

popups.landingi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:140b:4::1720:f132 (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1, NL)

ucarecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:801::200e (Australia)

ASN15169 (GOOGLE, US)

img.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2404:6800:4004:826::2003 (Australia)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:3b (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:825::200a (Australia)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.194.78.84 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-78-84.eu-west-1.compute.amazonaws.com

stats.landingi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 34.203.158.106 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-203-158-106.compute-1.amazonaws.com

buenocrm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2404:6800:4004:81c::200e (Australia)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4004:822::2002 (Australia) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:824::2006 (Australia)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2404:6800:4004:822::200a (Australia)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:808::2004 (Australia)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4004:823::2001 (Australia)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 158.255.47.17 (United Kingdom)

ASN31727 (NODE4-AS, GB)
PTR: whuk-58394.whukhost.com

resortgetaway.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2404:6800:4004:39::7 (Australia)

ASN15169 (GOOGLE, US)

rr2---sn-oguesnd6.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.242.135.119 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-242-135-119.eu-west-1.compute.amazonaws.com

lightboxes.landingi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
41	assets-landingi.com styles.assets-landingi.com — Cisco Umbrella Rank: 146276 scripts.assets-landingi.com — Cisco Umbrella Rank: 147186 old.assets-landingi.com — Cisco Umbrella Rank: 173384 images.assets-landingi.com — Cisco Umbrella Rank: 220246	567 KB
34	buenocrm.com buenocrm.com	625 KB
21	youtube.com img.youtube.com — Cisco Umbrella Rank: 3565 www.youtube.com — Cisco Umbrella Rank: 107	841 KB
12	gstatic.com fonts.gstatic.com	316 KB
12	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 71 ajax.googleapis.com — Cisco Umbrella Rank: 307 jnn-pa.googleapis.com — Cisco Umbrella Rank: 330	68 KB
11	googlevideo.com rr2---sn-oguesnd6.googlevideo.com — Cisco Umbrella Rank: 430458	4 MB
5	landingi.com popups.landingi.com — Cisco Umbrella Rank: 158729 stats.landingi.com — Cisco Umbrella Rank: 156931 lightboxes.landingi.com — Cisco Umbrella Rank: 233713	16 KB
3	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 54 static.doubleclick.net — Cisco Umbrella Rank: 436	1 KB
2	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 257	6 KB
1	resortgetaway.com resortgetaway.com	1 KB
1	google.com www.google.com — Cisco Umbrella Rank: 8	14 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 630	29 KB
1	ucarecdn.com ucarecdn.com — Cisco Umbrella Rank: 17605	4 KB
1	xcaretgetaway.com www.xcaretgetaway.com	76 KB
145	14

	Domain	Requested by
34	buenocrm.com	www.xcaretgetaway.com buenocrm.com
20	www.youtube.com	scripts.assets-landingi.com www.youtube.com
16	images.assets-landingi.com	www.xcaretgetaway.com styles.assets-landingi.com
12	fonts.gstatic.com	fonts.googleapis.com www.youtube.com
11	rr2---sn-oguesnd6.googlevideo.com	www.youtube.com
10	styles.assets-landingi.com	www.xcaretgetaway.com styles.assets-landingi.com scripts.assets-landingi.com
8	old.assets-landingi.com	www.xcaretgetaway.com scripts.assets-landingi.com
7	scripts.assets-landingi.com	www.xcaretgetaway.com popups.landingi.com
7	fonts.googleapis.com	www.xcaretgetaway.com
4	jnn-pa.googleapis.com	www.youtube.com
2	yt3.ggpht.com	www.youtube.com www.xcaretgetaway.com
2	googleads.g.doubleclick.net	1 redirects www.youtube.com
2	stats.landingi.com	www.xcaretgetaway.com popups.landingi.com
2	popups.landingi.com	www.xcaretgetaway.com popups.landingi.com
1	lightboxes.landingi.com	scripts.assets-landingi.com
1	resortgetaway.com	buenocrm.com
1	www.google.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	ajax.googleapis.com	www.xcaretgetaway.com
1	code.jquery.com	www.xcaretgetaway.com
1	img.youtube.com	www.xcaretgetaway.com
1	ucarecdn.com	www.xcaretgetaway.com
1	www.xcaretgetaway.com
145	23

This site contains links to these domains. Also see Links.

Domain
promo.resortgetaway.com

Subject Issuer	Validity	Valid
www.xcaretgetaway.com R3	`2022-06-22` - `2022-09-20`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-13` - `2023-06-13`	a year	crt.sh
*.landingi.com Certum Domain Validation CA SHA2	`2021-09-13` - `2022-09-13`	a year	crt.sh
ucarecdn.com R3	`2022-05-19` - `2022-08-17`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
buenocrm.com Sectigo RSA Domain Validation Secure Server CA	`2021-09-03` - `2022-09-03`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
resortgetaway.com cPanel, Inc. Certification Authority	`2022-06-23` - `2022-09-21`	3 months	crt.sh
*.c.docs.google.com GTS CA 1C3	`2022-06-21` - `2022-08-30`	2 months	crt.sh

This page contains 3 frames:

Primary Page: https://www.xcaretgetaway.com/
Frame ID: B1DA3BF968600ED81E40C0DF7197343A
Requests: 70 HTTP requests in this frame

Frame: https://www.youtube.com/embed/ynmoTYeNZak?enablejsapi=1&mute=1&disablekb=1&controls=0&title=0&showinfo=0&rel=0&loop=1&autoplay=1&playlist=ynmoTYeNZak
Frame ID: F3044317D64FECE23E4089CC1B23EE78
Requests: 40 HTTP requests in this frame

Frame: https://buenocrm.com/pub/formiu.php?view=frame&form_id=68&widget_user_lang=la&sec=mc8o54&r=1656974847798
Frame ID: 54AB774C186908F2E09BF118D5172B5B
Requests: 34 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

YouTube (Video Players) Expand

Overall confidence: 100%
Detected patterns

<(?:param|embed|iframe)[^>]+youtube(?:-nocookie)?\.com/(?:v|embed)

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Lightbox (JavaScript Libraries) Expand

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

145
Requests

99 %
HTTPS

70 %
IPv6

14
Domains

23
Subdomains

21
IPs

6
Countries

6962 kB
Transfer

10857 kB
Size

4
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://promo.resortgetaway.com/terminos-condiciones
Title: Términos y Condiciones - Política de Privacidad

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 62

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

145 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.xcaretgetaway.com/ 75 KB
76 KB 2710ms
1806ms Document
text/html 52.212.68.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.xcaretgetaway.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.212.68.12 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-212-68-12.eu-west-1.compute.amazonaws.com

Software

Resource Hash

650185f793d3e1c5253c12b9635f706633bfcaa829e845aebed30b336c09c4e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization, apiKey
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
content-type: text/html; charset=utf-8
date: Mon, 04 Jul 2022 22:47:25 GMT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 css
fonts.googleapis.com/ 4 KB
549 B 80ms
39ms Stylesheet
text/css 2404:6800:4004:821::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:300,300i,400,400i,700,700i&subset=latin,latin-ext

Requested by

Host: www.xcaretgetaway.com
URL: https://www.xcaretgetaway.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:821::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f4e10277e91d26c2c9037be02123ca73b93e29f9b91fef7483e6cd234541a35f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.xcaretgetaway.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 04 Jul 2022 22:47:26 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 04 Jul 2022 22:47:26 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 04 Jul 2022 22:47:26 GMT

GET
H2 200 css
fonts.googleapis.com/ 16 KB
960 B 81ms
41ms Stylesheet
text/css 2404:6800:4004:821::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,400,400italic,700,700italic&subset=latin,latin-ext

Requested by

Host: www.xcaretgetaway.com
URL: https://www.xcaretgetaway.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:821::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cce5eda1829f4182f8d9e109bfcbcee2a836992899c862633989526aa300ab59

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.xcaretgetaway.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 04 Jul 2022 22:47:26 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 04 Jul 2022 22:47:26 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 04 Jul 2022 22:47:26 GMT

GET
H2 200 css
fonts.googleapis.com/ 9 KB
743 B 80ms
40ms Stylesheet
text/css 2404:6800:4004:821::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Raleway:300,300i,400,400i,700,700i&subset=latin,latin-ext

Requested by

Host: www.xcaretgetaway.com
URL: https://www.xcaretgetaway.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:821::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f0f9a983a26ee32385f4bd0920f36b78ccc67a58014f208d36c1843492e1a7c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.xcaretgetaway.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 04 Jul 2022 22:47:26 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 04 Jul 2022 22:47:26 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 04 Jul 2022 22:47:26 GMT

GET
H2 200 css
fonts.googleapis.com/ 5 KB
661 B 116ms
76ms Stylesheet
text/css 2404:6800:4004:821::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Comfortaa:300,400,700&subset=latin,latin-ext

Requested by

Host: www.xcaretgetaway.com
URL: https://www.xcaretgetaway.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:821::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b92dd788ddb53149f1c3a8911469c896e8feb453ea8a2a8a3cd1d1fbb39bea9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.xcaretgetaway.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 04 Jul 2022 22:47:26 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 04 Jul 2022 22:47:26 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 04 Jul 2022 22:47:26 GMT

GET
H2 200 css
fonts.googleapis.com/ 12 KB
919 B 113ms
73ms Stylesheet
text/css 2404:6800:4004:821::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,300italic,400,400italic,700,700italic&subset=latin,latin-ext

Requested by

Host: www.xcaretgetaway.com
URL: https://www.xcaretgetaway.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:821::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

591709b12d91ff9bbca46087e12e52534d03f15fcc7c22abff519d8ea359a308

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.xcaretgetaway.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 04 Jul 2022 22:47:26 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 04 Jul 2022 22:47:26 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 04 Jul 2022 22:47:26 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
955 B 78ms
38ms Stylesheet
text/css 2404:6800:4004:821::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Dosis:300,400,700&subset=latin,latin-ext

Requested by

Host: www.xcaretgetaway.com
URL: https://www.xcaretgetaway.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:821::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9bf0575fff126c6608756140ff53b6090f4cb02748462cdeaf4e167413de7c33

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.xcaretgetaway.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 04 Jul 2022 22:47:26 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 04 Jul 2022 22:47:26 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 04 Jul 2022 22:47:26 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
504 B 116ms
77ms Stylesheet
text/css 2404:6800:4004:821::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Signika:300,400,700&subset=latin,latin-ext

Requested by

Host: www.xcaretgetaway.com
URL: https://www.xcaretgetaway.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:821::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a39a7b48501b758f8e6b035c3c28e0c6708bbe26b27f4b4c635014e777d1083c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.xcaretgetaway.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 04 Jul 2022 22:47:26 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 04 Jul 2022 22:47:26 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 04 Jul 2022 22:47:26 GMT

GET
H2 200 2.14-landend-base.css
styles.assets-landingi.com/assets/css/ 71 KB
15 KB 53ms
13ms Stylesheet
text/css 2606:4700:3035::ac43:a6fa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://styles.assets-landingi.com/assets/css/2.14-landend-base.css
Requested by: Host: www.xcaretgetaway.com
URL: https://www.xcaretgetaway.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:a6fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1a9478dc265e8889151ba37d3fa17b14d6bc5921d37c4b084179d0ede6ce9fee

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.xcaretgetaway.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 22:47:26 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4719
cf-polished: origSize=72731
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 5GCDVSDM1XB495TN
x-amz-id-2: z0oV8AiRvF1pGCs6oIX01tu6Rke1c82uMeY7cKeZZzbOm8A9BhSSMAc60a8Z//GFlxh9Em0H+Ps=
last-modified: Wed, 20 Oct 2021 12:28:03 GMT
server: cloudflare
etag: W/"4bd6c0093cdc4a30726bdd4061b1b55c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z7v9aP4WpBwHPzC0dCRtjbEsTvjEXiN7H8uCMPSo3aYfR%2FpqFq2SQWTI2IJwJ9xEkk4zOUumrPdqEY1flP0txjYO7%2F9kF7u1cLKiFyGJcYPzv3H5%2F%2B3kf94MPwha9KcrwqmGJvk67mCoJ6LbGuP7DN%2FmUiTDERr6Gw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 725b6714eaf23481-NRT
cf-bgj: minify

GET
H2 200 base.css
styles.assets-landingi.com/amcbdIfV/ 216 KB
27 KB 52ms
12ms Stylesheet
text/css 2606:4700:3035::ac43:a6fa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://styles.assets-landingi.com/amcbdIfV/base.css
Requested by: Host: www.xcaretgetaway.com
URL: https://www.xcaretgetaway.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:a6fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5006a6ec5843b162d72cc2b373d0f8655e54b184ed63a806aab9c17c520d3aae

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.xcaretgetaway.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 22:47:26 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 635
cf-polished: origSize=238130
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 18ESG7TKM39VNTZ7
x-amz-id-2: 47lurEi7z/laH5PyyotPpL5oKEQZOOr/w1ysqVgW3tYVta/fcCYmgboVg5nlJ4QlC2jZSlnh9hM=
last-modified: Wed, 05 Jan 2022 19:40:13 GMT
server: cloudflare
etag: W/"0d1946831c88b0bf64166595a63b51db"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BqKhcKR7G5hRXZKgI74EoAnBuAbN7QQKdv1wgiR672OZWMhE3Mbi6%2BI7Yr20JHqpDfqlYkTZpFLkbjtYScwf3IV8fFpzXvFYZlv70Yj3NiLX0XYBbCmfg68RjrAWeTu6VxVtf%2Bfyj49m%2BNyiyOcHev2Eosa%2FZ5FrXA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 725b6714eaf43481-NRT
cf-bgj: minify

GET
H2 200 lazysizes.min.js Show response
scripts.assets-landingi.com/landend/ 8 KB
4 KB 13ms
9ms Script
application/javascript 2606:4700:3035::ac43:a6fa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://scripts.assets-landingi.com/landend/lazysizes.min.js
Requested by: Host: www.xcaretgetaway.com
URL: https://www.xcaretgetaway.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:a6fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3d9120fa621da6d613c1698b7014ec6bdf4620366e8f2b7b547059f4b6f6272b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.xcaretgetaway.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 22:47:26 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2703
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 97WE1QJ1JEX3S88C
x-amz-id-2: RGydPQg8XDE/Z5KeSTRAah1sJYKPJBJ2fQ44s/UCg77ja3MBtmJUa1Rnzh6ZAFaNpWXoOhU6QE0=
last-modified: Wed, 24 Nov 2021 13:32:27 GMT
server: cloudflare
etag: W/"45bacd312d5098b4b59f563d8756c15d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=57DdAPxTWs63ocljmvGpcbzw28l7FdYaAoUjyjZxGhHrBa4S9k1oPL%2FmWpUVjhx0Up8taeqtxoZvDQk%2BWNQ0PasuPLxx5zLWYknUO%2FcDM%2FA8heYncMRERIWb4%2B6HM6F2oupsRRYpPB7Tw6I0ud75BWX4Jmfy7VMvOzs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
x-amz-version-id: xYFesKHZrtDnx16Ingq3hvCY6Yz_RWXE
cf-ray: 725b67156b9c3481-NRT

GET
H2 200 install-code Show response
popups.landingi.com/api/v2/landing/ 1 KB
735 B 884ms
285ms Script
text/javascript 52.30.199.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://popups.landingi.com/api/v2/landing/install-code?apikey=ebe2784d-7b41-484d-b88c-754429363433&landing=372045bc01363fbfb165
Requested by: Host: www.xcaretgetaway.com
URL: https://www.xcaretgetaway.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.199.88 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-199-88.eu-west-1.compute.amazonaws.com
Software: nginx / PHP/7.4.3
Resource Hash: 1d4c6c14890a815bf47c82d9d39f0a8d074c40b7a995468fd61a5214cda2afa5

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.xcaretgetaway.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 22:47:27 GMT
cache-control: max-age: 1, public
server: nginx
content-encoding: gzip
x-powered-by: PHP/7.4.3
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8

GET
H2 200 lightbox-render.js Show response
scripts.assets-landingi.com/lightboxes/ 17 KB
5 KB 1368ms
1365ms Script
application/javascript 2606:4700:3035::ac43:a6fa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://scripts.assets-landingi.com/lightboxes/lightbox-render.js?v=1656974845
Requested by: Host: www.xcaretgetaway.com
URL: https://www.xcaretgetaway.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:a6fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 208d112bc0b83943e2938f33d93bcaf0e7f4c0fa124855d371d3aee635fc8479

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.xcaretgetaway.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 22:47:27 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: D3QM600SPK7DDKJ5
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-version-id: Oak5hz6YYqhfs8hnGsp4gGxs7A8poW2I
x-amz-id-2: B8HUW3ipxdPJnfIdp6PNfRc1QBj0z2GpLLHi1P1e2wRe4l64WtS0cRj1m4qzbGKjH88YckTQIB4=
last-modified: Fri, 29 Apr 2022 10:02:51 GMT
server: cloudflare
etag: W/"70b26270c2f22dbc95c6730900e8abfb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6iif7czGUHHYyKZ6JBn7pqYzPh2PUum5Jqca6vuAbE1onhsQgfY2%2FWvTI1KGiTFbz8TfVg%2B2wrOBvfwLitnRdAxVBu9fw%2FVDgv5DaWZRxxMzZ%2F2sL6Cq9PkO6Sct3Wa1qD500L52mgw9W50Pf0v4HP6l1f55ypXmpmA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 725b67156b9a3481-NRT

GET
H2 200 blinkloader.min.js Show response
ucarecdn.com/libs/blinkloader/3.x/ 8 KB
4 KB 615ms
460ms Script
application/javascript 2600:140b:4::1720:f132
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ucarecdn.com/libs/blinkloader/3.x/blinkloader.min.js
Requested by: Host: www.xcaretgetaway.com
URL: https://www.xcaretgetaway.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:140b:4::1720:f132 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 46ef20c3bf16f3011c2c15cfd31558eedc534b0969264691d6ab0ca887f5303f

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.xcaretgetaway.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 22:47:26 GMT
content-encoding: gzip
last-modified: Tue, 03 Nov 2020 14:31:31 GMT
server: nginx
etag: W/"810637653b8b6681622cbbfa20307826"
vary: Accept-Encoding
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=2574
content-length: 3371

GET
H2 200 hqdefault.jpg
img.youtube.com/vi/ynmoTYeNZak/ 29 KB
30 KB 208ms
45ms Image
image/jpeg 2404:6800:4004:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/ynmoTYeNZak/hqdefault.jpg

Requested by

Host: www.xcaretgetaway.com
URL: https://www.xcaretgetaway.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:801::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ead402320e9104d8522b052f89df4180ed3d3630e2449765be3c3e5ce4da82e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.xcaretgetaway.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 22:47:26 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29797
x-xss-protection: 0
server: sffe
etag: "1507764014"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 05 Jul 2022 00:47:26 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v29/ 44 KB
44 KB 45ms
3ms Font
font/woff2 2404:6800:4004:826::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v29/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,400,400italic,700,700italic&subset=latin,latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.xcaretgetaway.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 19:36:35 GMT
x-content-type-options: nosniff
age: 443451
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44800
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:25:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 29 Jun 2023 19:36:35 GMT

GET
H2 200 1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v27/ 46 KB
46 KB 48ms
6ms Font
font/woff2 2404:6800:4004:826::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v27/1Ptug8zYS_SKggPNyC0ITw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:300,300i,400,400i,700,700i&subset=latin,latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2101735d43a8d486dbc5139500a78420766cc673a3610363ce9525526c3f5149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.xcaretgetaway.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 19:33:20 GMT
x-content-type-options: nosniff
age: 443646
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47312
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 15:53:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 29 Jun 2023 19:33:20 GMT

GET
H2 200 fontawesome-webfont.woff2
styles.assets-landingi.com/assets/font-awesome/ 63 KB
64 KB 1410ms
1403ms Font
application/octet-stream 2606:4700:3035::ac43:a6fa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://styles.assets-landingi.com/assets/font-awesome/fontawesome-webfont.woff2?v=4.4.0
Requested by: Host: styles.assets-landingi.com
URL: https://styles.assets-landingi.com/assets/css/2.14-landend-base.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:a6fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019

Request headers

Referer: https://styles.assets-landingi.com/assets/css/2.14-landend-base.css
Origin: https://www.xcaretgetaway.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 22:47:27 GMT
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: D3QZYKM4GGSE9CNA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 64464
x-amz-id-2: j/vU7j2Kna64m40dc3DoRLfHAbCQKYQI7kpsdtc8ncJnsQsuLG03jmAPTmtuRA/TEaKd/tLJyyE=
last-modified: Thu, 24 Aug 2017 17:41:34 GMT
server: cloudflare
etag: "4b5a84aaf1c9485e060c503a0ff8cadb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MuS12aCZ4kmlkkk23Og2%2FZ9wBszcyqDIedmRA2iamZQafhZU1N%2FtCO37lmNicCXkZ1DMMPMVTC%2FTq5v74SrJzXERJ29QBMruuqGtK4AG537V7cyLGY%2BZQ4%2BAIlIE%2FX4CreyRNosk6xl5aKhdZBaMFfebTFGtu4WAoA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 725b671598a6afaf-NRT

GET
H2 200 S6u9w4BMUTPHh7USSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ 23 KB
23 KB 49ms
7ms Font
font/woff2 2404:6800:4004:826::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh7USSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,300i,400,400i,700,700i&subset=latin,latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.xcaretgetaway.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 17:16:16 GMT
x-content-type-options: nosniff
age: 538270
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23236
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 16:04:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 28 Jun 2023 17:16:16 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 21ms
5ms Font
font/woff2 2404:6800:4004:826::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300italic,400,400italic,700,700italic&subset=latin,latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.xcaretgetaway.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 19:32:34 GMT
x-content-type-options: nosniff
age: 443692
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 29 Jun 2023 19:32:34 GMT

GET
H2 200 1Ptsg8LJRfWJmhDAuUs4TYFq.woff2
fonts.gstatic.com/s/comfortaa/v40/ 28 KB
28 KB 24ms
8ms Font
font/woff2 2404:6800:4004:826::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/comfortaa/v40/1Ptsg8LJRfWJmhDAuUs4TYFq.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Comfortaa:300,400,700&subset=latin,latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3295fbcef086eb975b0fdcc4b929f0c59d4daf848dba6982a6aa915eb3011e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.xcaretgetaway.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 02 Jul 2022 02:26:11 GMT
x-content-type-options: nosniff
age: 246075
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28712
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 19:20:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 02 Jul 2023 02:26:11 GMT

GET
H3 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/ 23 KB
23 KB 39ms
3ms Font
font/woff2 2404:6800:4004:826::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,300i,400,400i,700,700i&subset=latin,latin-ext

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.xcaretgetaway.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 17:09:40 GMT
x-content-type-options: nosniff
age: 538666
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 28 Jun 2023 17:09:40 GMT

GET
H3 200 HhyaU5sn9vOmLzloC_U.woff2
fonts.gstatic.com/s/dosis/v26/ 29 KB
29 KB 43ms
8ms Font
font/woff2 2404:6800:4004:826::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/dosis/v26/HhyaU5sn9vOmLzloC_U.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Dosis:300,400,700&subset=latin,latin-ext

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fab8753180b7dd4a5667cfe0d660630ccd52562d245fc6d4294113c37487b084

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.xcaretgetaway.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 23:52:12 GMT
x-content-type-options: nosniff
age: 341714
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29440
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 16:43:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 30 Jun 2023 23:52:12 GMT

GET
H2 200 jquery-2.2.4.min.js Show response
code.jquery.com/ 84 KB
29 KB 343ms
111ms Script
application/javascript 2001:4de0:ac18::1:a:3b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-2.2.4.min.js
Requested by: Host: www.xcaretgetaway.com
URL: https://www.xcaretgetaway.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:3b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Request headers

Referer: https://www.xcaretgetaway.com/
Origin: https://www.xcaretgetaway.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 22:47:26 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-14e4a"
vary: Accept-Encoding
x-hw: 1656974846.dop209.sj3.t,1656974846.cds211.sj3.hn,1656974846.cds214.sj3.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 29811

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.9.1/ 90 KB
33 KB 44ms
2ms Script
text/javascript 2404:6800:4004:825::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js

Requested by

Host: www.xcaretgetaway.com
URL: https://www.xcaretgetaway.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.xcaretgetaway.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 21:11:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 524145
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33018
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 28 Jun 2023 21:11:41 GMT

GET
H2 200 landend.bootstrap.min.js Show response
old.assets-landingi.com/bootstrap/js/ 5 KB
2 KB 15ms
11ms Script
application/x-javascript 2606:4700:3035::ac43:a6fa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://old.assets-landingi.com/bootstrap/js/landend.bootstrap.min.js
Requested by: Host: www.xcaretgetaway.com
URL: https://www.xcaretgetaway.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:a6fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4583cd757370087234ad06c45153007d939ab1da7032cc329b5b4b55681d61c6

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.xcaretgetaway.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 22:47:26 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6400
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 76H23Y78VW0SP2DM
x-amz-id-2: pmLSi205LNMVWWQVq+h1y2wtE1C7R/JD2uLo3Ge9lsnNKaoA5lI7dqqw7DNx65PmpYpi2eyvBF8=
last-modified: Mon, 04 Jul 2016 09:10:55 GMT
server: cloudflare
etag: W/"caae3dfb363221461dc59ab8dca8497b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8uC3q3CdeKqq9fs7N0IyzU7UuPUdq%2Bbpz%2BpyNU2zKGk1CzZsI1DRDyG0JV1pYVp2uUUqslPb6Tp6dLCzhu0mR%2FTXo2rle6JChyOEuwoQ4UrzPv4Fcr5T4DxjzbTXfkRWrZGhyIguAfNNWx3Bnyd7q5cihZ5DlQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: max-age=31536000
cf-ray: 725b67168cb63481-NRT

GET
H3 200 webview.1.0.2.js Show response
scripts.assets-landingi.com/webview/ 2 KB
1 KB 16ms
9ms Script
application/javascript 2606:4700:3035::ac43:a6fa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://scripts.assets-landingi.com/webview/webview.1.0.2.js
Requested by: Host: www.xcaretgetaway.com
URL: https://www.xcaretgetaway.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:a6fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82e87a7fa8439196d6a256c7108740bd6821f5c1e7adfe662cdcb15affee1508

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.xcaretgetaway.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 22:47:26 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3459
cf-polished: origSize=6029
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 92XH98CP7A37A3Z9
x-amz-id-2: ddipHfCNVwPHVhal8eBSeosCqOBfHb179pZ+yFtlqjluBknFJ+SA3lfI6KFHApX+T55E+6Kt0nc=
last-modified: Thu, 04 Nov 2021 13:19:36 GMT
server: cloudflare
etag: W/"bb7f80f96bd0efced0c1d4b05c843206"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zPy9Xktpn48LnJmiVC5W8Xg7v2tTeSl8c0XuETIYwCabfrngiIUWMq9%2BgVxZ%2Futke95ykTHq0u24NmgDe6P8lLa2SzoQLl9mApccB%2B7N8H%2FsyNwJ1fDIMc%2BfZ9AxtXj3Dk%2FWuMxPPRCCwtVC%2BCTtsiC38bL7ND2Ts5s%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
x-amz-version-id: 6Zsd0gNXfIKXod7Bm5xr70f_sZJbDeRp
cf-ray: 725b67169e9933f6-NRT
cf-bgj: minify

GET
H2 200 landend.js Show response
old.assets-landingi.com/assets/js/dist/landend/031121/ 6 KB
2 KB 12ms
8ms Script
application/javascript 2606:4700:3035::ac43:a6fa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://old.assets-landingi.com/assets/js/dist/landend/031121/landend.js
Requested by: Host: www.xcaretgetaway.com
URL: https://www.xcaretgetaway.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:a6fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 109dc8213417c9bc46e49fdaf1a84736016922c8eac18edbe42779ca04131da1

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.xcaretgetaway.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 22:47:26 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4707
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 3HQ24BFR38C8AGKQ
x-amz-id-2: DbksCBzmq3XguYE66VPyiXGCX4VNrgd3vPNo+3lnvO6JVqTa1omICjM2zXYPwHy9ODjnDnlHQfk=
last-modified: Wed, 03 Nov 2021 09:19:23 GMT
server: cloudflare
etag: W/"faa83809714802fc54ed4fcc02032706"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=un53WNAg8xzZGDkp1EbL8gmGE6fH4PkR1YBLSj5NPHqFC0jdfJIcS1j4Wb7Y2OBOZmy4tGqUURkqYpY6AcDtuxo9RdSm5FyYnOB4E4NJw4Fg7JIoSZj0cySvw7aa8vAJzSOLIbnOHu8R2owELtmIpTjuWtJ3XA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 725b67168cb23481-NRT
cf-bgj: minify

GET
H2 200 v02.js Show response
old.assets-landingi.com/assets/js/landend/anchors/ 843 B
866 B 13ms
10ms Script
application/javascript 2606:4700:3035::ac43:a6fa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://old.assets-landingi.com/assets/js/landend/anchors/v02.js
Requested by: Host: www.xcaretgetaway.com
URL: https://www.xcaretgetaway.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:a6fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 24e566e08bc92bce09ed69913bd5099513352eb0f11ae8bd6a307ff1a348b87d

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.xcaretgetaway.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 22:47:26 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2097
cf-polished: origSize=1241
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: B2KQXW6MK31553GK
x-amz-id-2: VLHDY3RNRji2qt5mpKczLQ1oToyH/wBEv4eW0xjf1vcVsYr3WdxZn5ler9URYkyrigL/fN+sk/A=
last-modified: Tue, 18 Sep 2018 10:58:34 GMT
server: cloudflare
etag: W/"30d9f32d29a7f24ae5a2b999323aa424"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TRGovGGz66YPjPnwWNepn0ObDvQQgYN8b809ebOHLzHA3m3VrgP5AGoXWNjanWGL3OIzLroR4nVSCZR4Ze93mdmnTmkoDNQAO0%2BgD4tikYX2yZMGsXKwSozJ3%2FcBwy5j9tRof0JAtNo4UbRKEAMwPbp5oOwabQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 725b67168cb33481-NRT
cf-bgj: minify

GET
H2 200 1143963 Show response
stats.landingi.com/track/ 0
0 863ms
290ms Script
application/json 54.194.78.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.landingi.com/track/1143963
Requested by: Host: www.xcaretgetaway.com
URL: https://www.xcaretgetaway.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.194.78.84 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-194-78-84.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.xcaretgetaway.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET
H3 200 files.js Show response
scripts.assets-landingi.com/landend/160721/ 784 B
1 KB 16ms
10ms Script
application/javascript 2606:4700:3035::ac43:a6fa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://scripts.assets-landingi.com/landend/160721/files.js
Requested by: Host: www.xcaretgetaway.com
URL: https://www.xcaretgetaway.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:a6fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 46bad547480f9d36f1fae5c9e78baa33c70341dbe827afca68a5202c2cb2f7f3

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.xcaretgetaway.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 22:47:26 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4159
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: V03DX9TN4XMA6R40
x-amz-id-2: u6Ysk1ckLKtCbzYszljyXzTAP+Xq+Ni0bx8OB9g1Uv2EalIw+leujgRUmjhtSVlgt+W/KtjYZng=
last-modified: Fri, 16 Jul 2021 09:36:11 GMT
server: cloudflare
etag: W/"e48522cea4e18d818a7222d782aa9932"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PZSsZnKpNEodkOHNIlKfqpWFdWIKXpBpFUP67FLOp46532ml5xnDDk%2BTwHpXobtu2ntMKut2%2BQXIpBxeKtgp7uDbekOPav3bI7x%2B2pHYURGK3%2FxlJqaWdb8Z2hf3hFgQcL%2BhwbCxNy7PZlIS4JOP7wymvQ7LW3YpnW8%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: 5RfD6jWYtaqjAriJk5H8sq5paP.4RgmJ
cache-control: max-age=31536000
cf-ray: 725b67169e9a33f6-NRT
cf-bgj: minify

GET
H2 200 jquery.form.min.js Show response
old.assets-landingi.com/assets/js/vendor/jquery-form/ 17 KB
7 KB 12ms
9ms Script
application/javascript 2606:4700:3035::ac43:a6fa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://old.assets-landingi.com/assets/js/vendor/jquery-form/jquery.form.min.js
Requested by: Host: www.xcaretgetaway.com
URL: https://www.xcaretgetaway.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:a6fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d8f8ebd4e96964c63aa9eb0933af2ddafdfdb7e94c2efc70a5af109518c9ae80

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.xcaretgetaway.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 22:47:26 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6400
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: JMN2BTB49DSX57ZX
x-amz-id-2: g55fyPrbo654cpt/X8fe8aJfK42SRY0oe2UL4qV3An9tuqPlIkPS7Od3VfgMLLqH+ErMZ8/vK1g=
last-modified: Tue, 19 Dec 2017 12:43:57 GMT
server: cloudflare
etag: W/"9e3333ab37cbd7849dc647669aa0ca12"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QOdt67G295HNo7N6TUaXcbR3g5crBOI4qcfcPitJLaUVeB7ZxC4USEWOY1nUSIfW1V5ifuzF8yC6BmXICrlWE8SLDYSMeyR011tcU1cZ%2FIrvm0fmh6YlfHqrtAFQ%2B06ac%2FsdyMTRRLZuCmYh94F5b6qmkEhJYA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 725b67168cb53481-NRT

GET
H3 200 landend.min.js Show response
scripts.assets-landingi.com/landend/290622/ 9 KB
4 KB 17ms
11ms Script
application/javascript 2606:4700:3035::ac43:a6fa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://scripts.assets-landingi.com/landend/290622/landend.min.js
Requested by: Host: www.xcaretgetaway.com
URL: https://www.xcaretgetaway.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:a6fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 960495014a6c7da1a533d57936ac92069271df616a84fe37c7f015b86f2c8087

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.xcaretgetaway.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 22:47:26 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3459
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 2FPAQ44WFEG2PWX9
x-amz-id-2: TlKTz5XxPf2gAZlangSsIaot2Gel98nslCOrmlMlEbV0UoVw/KpjLzxl5RRWb05p1D3Vazi9kn8=
last-modified: Wed, 29 Jun 2022 08:00:49 GMT
server: cloudflare
etag: W/"0247ac78ea1c88c321a4ad5b87ef70cd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aY4ebGnIQSMcvxqVmJiHosv0OsC%2F7Zkt7EmmqRKBFHGlxzmjlnY6hZeW%2FflqbzvPguUououC0t7JSmN%2F67PgUVaNqXLB2djEa%2FEfU4mI8TtfcCe%2FdvRyAyR%2B86Gd7jq9zYE5ZYRdJzzbztGgNDgiMS52KjJebqpU9DQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
x-amz-version-id: rLuZANJIEjQT5pWBAhExvW4O7baa3e0b
cf-ray: 725b67169e9b33f6-NRT

GET
H2 200 validation.js Show response
old.assets-landingi.com/assets/js/landend/260820/ 3 KB
2 KB 12ms
10ms Script
application/javascript 2606:4700:3035::ac43:a6fa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://old.assets-landingi.com/assets/js/landend/260820/validation.js
Requested by: Host: www.xcaretgetaway.com
URL: https://www.xcaretgetaway.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:a6fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 222b64d1120f080670366757751a6e01b1a06c4e3b2f04c6fc21b0fd37b8007b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.xcaretgetaway.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 22:47:26 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2254
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 76H88VWD1DDEB7PW
x-amz-id-2: lSQl168UzcLXYUltHhnCUR31s2fcGMdHDNPD6+bsPYOSr4o7Za0qZm52Qrw3qDt4HXfTsL0553g=
last-modified: Wed, 26 Aug 2020 09:55:21 GMT
server: cloudflare
etag: W/"04525baaa773e84bc814af97fe0a0798"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TpKG13IpF0fjmht0DDkq%2FCAkGPTwC%2BfGQdnCiMv%2Bxs6wi%2BHqeyLZw%2Bc1MYPoWpJF7DeqpWdO%2B8hnLrOh6etvdQJ8J6JU0GfYmPaf%2F7G0g%2B5rOEoS8wAXnUtaKWX91B6o2lNM6%2FA1G3VAzg1bzJ4L%2BxeVvtoXbA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 725b67168cb43481-NRT
cf-bgj: minify

GET
H3 200 iframe.js Show response
scripts.assets-landingi.com/shopify/27072020/ 1011 B
1 KB 15ms
9ms Script
application/javascript 2606:4700:3035::ac43:a6fa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://scripts.assets-landingi.com/shopify/27072020/iframe.js
Requested by: Host: www.xcaretgetaway.com
URL: https://www.xcaretgetaway.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:a6fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5fe71fc75f373e0fd8bd01bd38d62c5d2f645cfa0c47e52349b78c93c451ebd5

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.xcaretgetaway.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 22:47:26 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5319
cf-polished: origSize=1467
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: K7YD52VCBXP2CSME
x-amz-id-2: 9uokBJ5p9mGuQk83w8plvr+qPPHRXt44DrsBKVqlsiRKwOoI+N8Bu+WJoOswhwAVc2ji5izPfqU=
last-modified: Mon, 28 Sep 2020 06:02:21 GMT
server: cloudflare
etag: W/"6a20dacafdc1e33442ba9d93214f3f9c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vpNG6aSSAXZLXtq0%2BNs4ylk4DQXa5UxZUpCFYSFbxS1tFKjZw59QmvPpDq%2BcOHgA8FlmF724xDNXO%2Bdy4pmG76jzIflUAf%2FKi408JKb9Jk6qBNZGuMh27HjJbyX2FU1wXRuELf0befQQzMHfP6%2BfsLVPtHoHvqEmiOw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
x-amz-version-id: 9Dr8ihO9o.XHUkhjF5MfrF9jlbERTXGZ
cf-ray: 725b67169e9c33f6-NRT
cf-bgj: minify

GET
H3 200 vEFR2_JTCgwQ5ejvG1EmBg.woff2
fonts.gstatic.com/s/signika/v19/ 39 KB
39 KB 20ms
6ms Font
font/woff2 2404:6800:4004:826::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/signika/v19/vEFR2_JTCgwQ5ejvG1EmBg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Signika:300,400,700&subset=latin,latin-ext

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

493ff6ec3c4d91b5fe47f694cb2d2b76d978fe7b078a27393072d407b6a6d2a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.xcaretgetaway.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 23:18:42 GMT
x-content-type-options: nosniff
age: 430124
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39900
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:07:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 29 Jun 2023 23:18:42 GMT

GET
H3 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ 23 KB
23 KB 18ms
4ms Font
font/woff2 2404:6800:4004:826::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,300i,400,400i,700,700i&subset=latin,latin-ext

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.xcaretgetaway.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 17:17:39 GMT
x-content-type-options: nosniff
age: 538187
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23040
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:56:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 28 Jun 2023 17:17:39 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 22ms
8ms Font
font/woff2 2404:6800:4004:826::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300italic,400,400italic,700,700italic&subset=latin,latin-ext

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.xcaretgetaway.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 19:36:05 GMT
x-content-type-options: nosniff
age: 443481
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 29 Jun 2023 19:36:05 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 13ms
5ms Font
font/woff2 2404:6800:4004:826::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300italic,400,400italic,700,700italic&subset=latin,latin-ext

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.xcaretgetaway.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 19:32:01 GMT
x-content-type-options: nosniff
age: 443725
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 29 Jun 2023 19:32:01 GMT

GET
H2 200 lo.js Show response
buenocrm.com/ 18 KB
6 KB 819ms
178ms Script
application/javascript 34.203.158.106
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://buenocrm.com/lo.js?1656974846976

Requested by

Host: www.xcaretgetaway.com
URL: https://www.xcaretgetaway.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.203.158.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-203-158-106.compute-1.amazonaws.com

Software

nginx /

Resource Hash

67d9a8d601c8f81f63e9fbef3a42f32dff50208e44222c25566dd54a956c7315

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.xcaretgetaway.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 22:47:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 03 Sep 2020 05:03:17 GMT
server: nginx
etag: W/"5f507915-466e"
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=2592000
expires: Wed, 03 Aug 2022 22:47:27 GMT

GET
H3 200 static.min.js Show response
scripts.assets-landingi.com/popups/local-storage/ 1 KB
1 KB 8ms
8ms Script
application/javascript 2606:4700:3035::ac43:a6fa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://scripts.assets-landingi.com/popups/local-storage/static.min.js
Requested by: Host: popups.landingi.com
URL: https://popups.landingi.com/api/v2/landing/install-code?apikey=ebe2784d-7b41-484d-b88c-754429363433&landing=372045bc01363fbfb165
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:a6fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47b4f0d8060e40b8e7412d369e7c9696613468c24317990a4e134c87ea28db7a

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.xcaretgetaway.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 22:47:27 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5781
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 43A0WCHR52R6KPTC
x-amz-id-2: pduzA3jyGS/Lo4Lh7UGxXlIKgX+MKGGMmuxriXZU1BsnFN1dGS8LcCXF86AHScN3+jJlf2mb3aM=
last-modified: Fri, 25 Oct 2019 09:08:50 GMT
server: cloudflare
etag: W/"d2aec0a38e4d23cf7c1fa11b9d6fc230"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c6%2Fj%2FggfC0U4SXk6BOXMXx%2FryEgX61Q5PgPv77EJ8fH2Ed%2BFdPsM2J9yjewxYzV0%2FJeWocxd%2BtanACtlxUQ9wmEjxEerGR%2Bym5kCvuSBuuIYBGeKFJ5QW4oF4Vi2cMJxhN50UFslRqqxlaqU%2F5nqRbTeM8VszOfkfAY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
x-amz-version-id: null
cf-ray: 725b671c3b0733f6-NRT

GET
H2 200 logo_cancun_png_2.png
images.assets-landingi.com/z7g6CnOSbY3B9Pu6/ 5 KB
6 KB 16ms
11ms Image
image/png 2606:4700:3035::ac43:a6fa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.assets-landingi.com/z7g6CnOSbY3B9Pu6/logo_cancun_png_2.png
Requested by: Host: www.xcaretgetaway.com
URL: https://www.xcaretgetaway.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:a6fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c9bc14072f26e470a4677f215b0b2a42c61395773889b4d8b31690da1b9f73fc

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.xcaretgetaway.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 22:47:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 631
cf-ray: 725b671c49433481-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5607
x-amz-id-2: ptGbdXK6sDWsibIgFS8hXgUn8teFeXP8jfjwOHEp5NJY6S106f3Gz4Sx8yxtPC5xdl4x6sC7jJw=
last-modified: Fri, 30 Jul 2021 18:15:19 GMT
server: cloudflare
etag: "93493510916620defb449a92214d844d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yXJFkJEV%2Fp6oOPrLNAuhbG6EFf6ICuqlxLPlep%2BrMs97uwlrdGzapws4rOaJnMRMgbzIJ0jUDXLJ18L71XKG1dga5ED2RrGNoJXcgRUSlF2zMCMJX65J0EU23z62uSbp7MyJp91%2BUYJu14UO6lGVcns5UgmzH9r2CQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-request-id: 51ZZFYFK7GE7HQRR
cache-control: public, max-age=31536000
x-amz-version-id: null
accept-ranges: bytes
content-type: image/png

GET
H2 200 logo_XC.png
images.assets-landingi.com/2O9PFgKghrPngZhw/ 6 KB
6 KB 15ms
10ms Image
image/png 2606:4700:3035::ac43:a6fa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.assets-landingi.com/2O9PFgKghrPngZhw/logo_XC.png
Requested by: Host: www.xcaretgetaway.com
URL: https://www.xcaretgetaway.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:a6fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b91858c8ee62daeb66c5cfc01e3b9af0f4269a6637f6a2edfe958002c34d9fdb

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.xcaretgetaway.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 22:47:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 631
cf-ray: 725b671c49443481-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6085
x-amz-id-2: fFqzi0HVURYRNibbtyvW2rZFHhsGRbAT4BOnOdVzGQvJAwuBhwStoM7GR0Dq5IFaqVaQcCYBSOA=
last-modified: Fri, 30 Jul 2021 18:15:20 GMT
server: cloudflare
etag: "b0dc872b59848cc5776dd805405dcf71"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nU3ny9YjGqtNr%2BIlNTHn7GUfKwZspM1gqsSVFRv5Vgfl6LgF7OBZqHhpa1EGTYVHD6EG87sCHSa7I7EjT2SLW%2FQi2XA7eXxfsT2Hoy0gYoZRBnl0kG7bvHoebSo%2BqJKIYCyZqVkbYOU1z8%2F9dBqllLJdP4Xv38etAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-request-id: 51ZH1GRMZX2E5EP4
cache-control: public, max-age=31536000
x-amz-version-id: null
accept-ranges: bytes
content-type: image/png

GET
H2 200 starts_.png
images.assets-landingi.com/jI1Odj1jMsZJKdMZ/ 1 KB
2 KB 14ms
10ms Image
image/png 2606:4700:3035::ac43:a6fa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.assets-landingi.com/jI1Odj1jMsZJKdMZ/starts_.png
Requested by: Host: www.xcaretgetaway.com
URL: https://www.xcaretgetaway.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:a6fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe8311f98e071e124acd6f9121657d5b19b098a232bee1625e2c4050cf4557b2

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.xcaretgetaway.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 22:47:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 631
cf-ray: 725b671c49463481-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1229
x-amz-id-2: yDakgfVx1jqhe61X1AuQKWS8FcasnUkDlgBNL14znYylu/lhZeQThj3yLRqAc7PRhjWjxkD+Z8g=
last-modified: Mon, 08 Jun 2020 17:00:44 GMT
server: cloudflare
etag: "6f6f3180d81ec19b780d9fac52c7dc94"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CvOxXKF%2BlA4oN7dZOlKhJUKZ0ea1M7vCX3gCqvanDyVAl91uZ9IyXzUXVI%2BOvzTdLS6zDPHQmPhlGRnTpzA4kY49SHFBHm9WehZ66X5j59Zy74rTtgza%2B7oPFa2S03%2B3M2RweTQZX6Sw09QM3Wo8hcOhKaQxliiHXA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-request-id: 51ZQVPTKD70M37T7
cache-control: public, max-age=31536000
x-amz-version-id: null
accept-ranges: bytes
content-type: image/png

GET
H2 200 c5a45f450c5a779db2fb3f6dc8bb617a_etiqueta_de_mejor_precio_venta.png
images.assets-landingi.com/pBgCdLoJaGf18hXr/ 6 KB
6 KB 14ms
9ms Image
image/png 2606:4700:3035::ac43:a6fa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.assets-landingi.com/pBgCdLoJaGf18hXr/c5a45f450c5a779db2fb3f6dc8bb617a_etiqueta_de_mejor_precio_venta.png
Requested by: Host: www.xcaretgetaway.com
URL: https://www.xcaretgetaway.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:a6fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6c3eeb1c69734be02423ac4f09b2147bc9b9853c99bf4f974fe3008cc41741dc

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.xcaretgetaway.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 22:47:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 631
cf-ray: 725b671c49453481-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5956
x-amz-id-2: mN4raXxh9vzKhNSCXlXrepCGcOj7jKkYChenmhD1IiGGtWOVvX4QMD2cJ0FVYBc+tzVgCBU2vf8=
last-modified: Fri, 30 Jul 2021 18:15:19 GMT
server: cloudflare
etag: "ed350a83e79446e7f06872754c268cd5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lUz2ryoDV3STWLIVE29Fi3i6%2Bz57Q0SNdOeTFOHBNS3BFXhDpWEZYwEHcDupgQx4ASyo1yloavrqK7paH5W1zbGRguVfuid30upREpOrRcAYdZmhmdx6JWEntHpi1Aljsluw3FCFyqdPVeycYLAs8YZVeOi6oIuKVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-request-id: 51ZQZPQPM5SNFA21
cache-control: public, max-age=31536000
x-amz-version-id: null
accept-ranges: bytes
content-type: image/png

GET
H2 200 mejor_precio.png
images.assets-landingi.com/J9HJbh2knRer9CFx/ 6 KB
7 KB 13ms
9ms Image
image/png 2606:4700:3035::ac43:a6fa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.assets-landingi.com/J9HJbh2knRer9CFx/mejor_precio.png
Requested by: Host: www.xcaretgetaway.com
URL: https://www.xcaretgetaway.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:a6fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 67ee3b2d36afaa4703b5a2aedfd6618138933e91ae8373139e7f2e1a3f3c914a

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.xcaretgetaway.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 22:47:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 630
cf-ray: 725b671c49423481-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6410
x-amz-id-2: OKI/H4Dlou0cRvpxdS4p73rpu07zAhyxIiSr7CRI1VdGrUT/mUuPHC85EwJTA8HxpiEVvQfSYhU=
last-modified: Fri, 30 Jul 2021 18:15:19 GMT
server: cloudflare
etag: "7ac2192f7b84cbcf703d8015b998dde9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KbVpCeWcCMRUGB%2Feyc%2Bv0xlP1R%2B%2BrdRjtHPv7CNryRVBl%2BpaCA5K4JcAe0Uot4fpIq4OL31myCQ6lwVPOqJ91O34wuK3jTSaSUwK7ox6zuQVumiMnn0klriiU%2B1eYQpaboonGq4CyUe0AtlC6gKlCn9sN91Dd5twoA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-request-id: MD3SKY9V06QJVN97
cache-control: public, max-age=31536000
x-amz-version-id: null
accept-ranges: bytes
content-type: image/png

POST
H2 200 session Show response
stats.landingi.com/api/v2/ 79 B
244 B 762ms
265ms XHR
application/json 54.194.78.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.landingi.com/api/v2/session
Requested by: Host: popups.landingi.com
URL: https://popups.landingi.com/api/v2/landing/install-code?apikey=ebe2784d-7b41-484d-b88c-754429363433&landing=372045bc01363fbfb165
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.194.78.84 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-194-78-84.eu-west-1.compute.amazonaws.com
Software: nginx / PHP/7.4.11
Resource Hash: 36bd876a1efce703a192245c7719751d248a27f267e8c8e37485f99a2bc92343

Request headers

Referer: https://www.xcaretgetaway.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.xcaretgetaway.com
date: Mon, 04 Jul 2022 22:47:28 GMT
cache-control: no-cache, private
server: nginx
x-powered-by: PHP/7.4.11
content-type: application/json

GET
H2 200 gimme_all.jpg
images.assets-landingi.com/kFRvVNmG/ 170 KB
171 KB 7ms
7ms Image
binary/octet-stream 2606:4700:3035::ac43:a6fa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.assets-landingi.com/kFRvVNmG/gimme_all.jpg
Requested by: Host: styles.assets-landingi.com
URL: https://styles.assets-landingi.com/amcbdIfV/base.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:a6fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a451316921985c5ad3ab8e38ab6a51b8b185d4c9b2d4e8ddaba6f7a8c2a53cf7

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://styles.assets-landingi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 22:47:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 631
content-type: binary/octet-stream
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 174586
x-amz-id-2: Yp46SZiMNoCgtCMVVzyzXdtKcpLuX1bFEKtCWL3z4ZeYNxyZvrBafn4DfftD+xqAuUYOZttclmQ=
last-modified: Tue, 20 Jul 2021 14:59:57 GMT
server: cloudflare
etag: "ec1d8f492afcbc5f3a5474441c522598"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EXG9y4Debbb04LFUe7fpcMRXQaerxI0rBovY9ZRfrK5WFboeF81IJIfDW7gvp3wX9Pt3VPBz6ax8TuUNyvL5Kl7QQZBAtGEfwhJcsCaMLNhmMfIFqRAfKoxx9VYjm3sL%2FoBK2ueIqSbTumLWwSY2utbeVkmKOrzQTw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-request-id: 51ZTFTCMP8AHNNR3
cache-control: max-age=31536000
x-amz-version-id: null
accept-ranges: bytes
cf-ray: 725b671c494b3481-NRT

GET
H2 200 ynmoTYeNZak Show response
www.youtube.com/embed/ Frame F304 64 KB
28 KB 143ms
92ms Document
text/html 2404:6800:4004:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/ynmoTYeNZak?enablejsapi=1&mute=1&disablekb=1&controls=0&title=0&showinfo=0&rel=0&loop=1&autoplay=1&playlist=ynmoTYeNZak

Requested by

Host: scripts.assets-landingi.com
URL: https://scripts.assets-landingi.com/landend/lazysizes.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81c::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4d8aea0f1e9845c8f6512578252b3f6ff9720393baeaf3d1a15c72e84565d6d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xcaretgetaway.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
critical-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
date: Mon, 04 Jul 2022 22:47:27 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=ja for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 xoxi_g.svg
images.assets-landingi.com/vuOssPOI/ 34 KB
10 KB 1279ms
1274ms Image
image/svg+xml 2606:4700:3035::ac43:a6fa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.assets-landingi.com/vuOssPOI/xoxi_g.svg
Requested by: Host: www.xcaretgetaway.com
URL: https://www.xcaretgetaway.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:a6fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 90cf02c3c600082395dda43f9bca568c4a9b0f1ce94bbb776819c2602e59f89d

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.xcaretgetaway.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 22:47:28 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: KQQ0QXM8DGW10Y92
content-disposition: attachment
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-version-id: null
x-amz-id-2: TsiNm4YoU9vjPr8jMI4zIhEd35nFmhsJeg81PUjPggyogChB0bpOVCAPrbZdM3spEUiCW5Lu6qY=
last-modified: Thu, 15 Jul 2021 15:59:14 GMT
server: cloudflare
etag: W/"59a18fb2b841ad79b37dfcf8b4220197"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lVtNRrmlAb%2B8En6xxtrAMWbpIyISY050wDEIYXwSx0eV%2FacxlqwtLQpLLiYOt0D%2FWfXPHbSKzA6%2B4X8FARNjXrEwHmKH%2FznA2NNQXSV1pO%2BXQuj2etYtP%2BzEM95KEWwmLrV9o0qWGhh%2FBK9eo3kMrYqy0euhw88byg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=31536000
cf-ray: 725b671d4bd733f6-NRT

GET
H3 200 xenses_g.svg
images.assets-landingi.com/qriZRQGt/ 20 KB
8 KB 1274ms
1268ms Image
image/svg+xml 2606:4700:3035::ac43:a6fa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.assets-landingi.com/qriZRQGt/xenses_g.svg
Requested by: Host: www.xcaretgetaway.com
URL: https://www.xcaretgetaway.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:a6fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 57f5882577231df7a0c36fbac749fea5254f73f481a25cce4e10ed7fa3347476

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.xcaretgetaway.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 22:47:28 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: KQQ1EBCHZ37669B1
content-disposition: attachment
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-version-id: null
x-amz-id-2: zpOqK8u74FrUcq1TC5wEO9k3v27wy6+eQs0Sl3rUOUdJ8mMQri8EagKgWcWRtYCnGDssDqVLmnA=
last-modified: Thu, 15 Jul 2021 15:59:14 GMT
server: cloudflare
etag: W/"77e23e4d01f34d350b4aed4cdc6dcbe8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LlT0wi3LZVSdfANDUga5fDyOikWRXiVzAT67NnbOCp99PDDP4LAK3bb6TmIi4IXCxROMxbxca2ZZv7w0IDlsZjYnC9j6yRf%2Ft%2FHUxeJ1uDuQ540Z8hnhC7MtYVadlmG5VjC6haYOWw4%2F8ZxmE6hVEhXcOeysDTBa3g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=31536000
cf-ray: 725b671d5bd933f6-NRT

GET
H3 200 xibalba_g.svg
images.assets-landingi.com/lADYOpyT/ 50 KB
20 KB 18ms
12ms Image
image/svg+xml 2606:4700:3035::ac43:a6fa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.assets-landingi.com/lADYOpyT/xibalba_g.svg
Requested by: Host: www.xcaretgetaway.com
URL: https://www.xcaretgetaway.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:a6fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9eb37b4889f4bfe3770669fa99c8d225237342abe3c83660de8ffa9aa5a407ac

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.xcaretgetaway.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 22:47:27 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 631
content-type: image/svg+xml
content-disposition: attachment
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 51ZKDM2TXQGN60YG
x-amz-id-2: AzEVls2NBeg36vjXTUJlRcJFoxg2bM2WL22Q2Wc+6VmrHkZYqO9z9GCLB7BcRXFrLgQyEMw4FbM=
last-modified: Thu, 15 Jul 2021 15:59:14 GMT
server: cloudflare
etag: W/"f287d68994dfd67dca86a7e5dd43ba40"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ljokrbcb3OeDjM9UO9jfZBaxQUcdAeJSTR%2BnsyT%2FeK35MiBP4yKR%2BEFBlr8dbVfP%2F1S8aXmVH0Idu4JldOPe0cD%2FcfB2Rj8w5v%2F%2FOTm9mM0Xx%2B%2FUJVfy5T90qSaFGxXxj9sZ5lAeeZ1rDhAsHyffbR2n2aQP8WkUiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: null
cache-control: max-age=31536000
cf-ray: 725b671d5bda33f6-NRT

GET
H3 200 xcaret_g.svg
images.assets-landingi.com/hAhHHnYB/ 22 KB
8 KB 1303ms
1298ms Image
image/svg+xml 2606:4700:3035::ac43:a6fa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.assets-landingi.com/hAhHHnYB/xcaret_g.svg
Requested by: Host: www.xcaretgetaway.com
URL: https://www.xcaretgetaway.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:a6fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2809d2609496dce0483a9b1ca80c8f6661a0649457521093674da576aebc04ce

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.xcaretgetaway.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 22:47:28 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: KQQ8D17DFY0JA6MS
content-disposition: attachment
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-version-id: null
x-amz-id-2: UtUw59b84jrI281FZvnxQWECgWR5q7XIypSrjnfHSU6f6+fuX2rMwFp4YjMSHa6knipFEhVbVXI=
last-modified: Thu, 15 Jul 2021 15:59:14 GMT
server: cloudflare
etag: W/"5f45786211fea200b4a8463a20756b1a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HGOHmvYL56loEaRA619QL7tZ15bt%2BeV16cEYM2GLFNOBNeDQLnEkor6SEhWUUpFYevsPZHHJ93ePLuuJXEFQaKpnHTBzowl5XNefKxHhVE%2FDuWACZmWLp906WWRLv7puI%2ByxXGskt98OK8gWwuEAVaB6va9oXIpy5g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=31536000
cf-ray: 725b671d5bdb33f6-NRT

GET
H3 200 xavage_g.svg
images.assets-landingi.com/A5OSvZ3I/ 77 KB
33 KB 23ms
17ms Image
image/svg+xml 2606:4700:3035::ac43:a6fa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.assets-landingi.com/A5OSvZ3I/xavage_g.svg
Requested by: Host: www.xcaretgetaway.com
URL: https://www.xcaretgetaway.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:a6fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cc49cf2c3cfe1f2f637d2fa98a5e6a2e9ef97387726405b002062b41ae777476

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.xcaretgetaway.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 22:47:27 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 631
content-type: image/svg+xml
content-disposition: attachment
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 51ZRJ5W8N3VTG28V
x-amz-id-2: JUO7IoQezhEiVAR0UFg6nxWOF3FMuP7ijKSbVl6qHOkVcWkLS67vnyEEbheqwfBfHe9fuKuSP30=
last-modified: Thu, 15 Jul 2021 15:59:15 GMT
server: cloudflare
etag: W/"f15225945888771e7791bf8cd5a544d1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=djWMVxpSs16q55i2pfLPOFUs86PSDuJaB8nNGbQ%2F3ykIIX6ATeQcXvTvPRWuNUvfoAlUMgkqIhI92NKQbiW%2FFZNbpFX5ujCRzck2AJ83ZEh7WBQdSLIvXnE0VnQaY%2Fak8G%2F9xojfGAt7HwA6f6%2FnIf7TI4j7HvbBzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: null
cache-control: max-age=31536000
cf-ray: 725b671d5bdc33f6-NRT

GET
H3 200 xelha_g.svg
images.assets-landingi.com/pAeKowD7/ 45 KB
16 KB 1575ms
1570ms Image
image/svg+xml 2606:4700:3035::ac43:a6fa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.assets-landingi.com/pAeKowD7/xelha_g.svg
Requested by: Host: www.xcaretgetaway.com
URL: https://www.xcaretgetaway.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:a6fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ceb674d27d8ffd144c2cba7a63ba514ea796839612f98a1450e99e8df85b4947

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.xcaretgetaway.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 22:47:29 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: KQQ911N8E7BVTHVP
content-disposition: attachment
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-version-id: null
x-amz-id-2: nRT8AqrEyuaicSNdIm6z8NG3Y/9zpr/38Ee8LlGrv7b0FyC7BeCLtxbrzHyXIdueP7pIk5TcmsY=
last-modified: Thu, 15 Jul 2021 15:59:14 GMT
server: cloudflare
etag: W/"c47d2a01495374b58d27bb60663597ab"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FSj46S8jmZiQel4OzF7kT%2F9fr9acIp742%2FqwFwvwYDNlcKDd%2B8xOcqXbDGxu4fXin5yDcaQbUb6%2F1k6an6uSLo0Vmllugs9cb3zw46jdXzD0FXfcUL02KXQ1tJ%2BaWuCqQGXAbj%2Fgdz99ubklRbsYyPK9uC%2FwFgocqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=31536000
cf-ray: 725b671d5bde33f6-NRT

GET
H3 200 xplorfuego_g.svg
images.assets-landingi.com/Rx6jka0P/ 64 KB
20 KB 1579ms
1574ms Image
image/svg+xml 2606:4700:3035::ac43:a6fa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.assets-landingi.com/Rx6jka0P/xplorfuego_g.svg
Requested by: Host: www.xcaretgetaway.com
URL: https://www.xcaretgetaway.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:a6fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: deec9ab3494ffceca55856ec4229a2b54f0ba478fd03014a16205fb032fdae13

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.xcaretgetaway.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 22:47:29 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: KQQFKA75M2MNACZS
content-disposition: attachment
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-version-id: null
x-amz-id-2: yFdf7vHp6WXPR2TBr0SxUWOUD1oMRDMoMrT6ZhUfvuxLKbbuzDSiOQYRqK6vlaRcXzm21Hnz4Fw=
last-modified: Thu, 15 Jul 2021 15:59:14 GMT
server: cloudflare
etag: W/"7b069300e99ccd743eaa0ab7795142d4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7AATzKNguPZpkyf44a76N7mMvRBI5Ed2SzLDYNBvC%2FkVCtoOpKFaGptBhkXncrGpNm3IaJD4YD2vepbxPvCDVBDEBzL14oUadniv%2FXth9iGqZOsXgh6%2Fi4qtZUzxBGjC7rBrQAjuqaXV%2BLGenjsL5XKXYjrkySAtEw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=31536000
cf-ray: 725b671d5be033f6-NRT

GET
H3 200 1568310581_45558125_644x144_home_logo_shadow.png
images.assets-landingi.com/wtsvFVnOxF2j2QMP/ 2 KB
3 KB 12ms
7ms Image
image/png 2606:4700:3035::ac43:a6fa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.assets-landingi.com/wtsvFVnOxF2j2QMP/1568310581_45558125_644x144_home_logo_shadow.png
Requested by: Host: www.xcaretgetaway.com
URL: https://www.xcaretgetaway.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:a6fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 52af2a717bc4ae11c656b0ebc3aff5ea96d84902151712111b510d19eb66fb16

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.xcaretgetaway.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 22:47:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 631
cf-ray: 725b671d5be133f6-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2464
x-amz-id-2: TFilKLCdlpLxjcZeywVyL86iLdyv21lX7gMFZpu3Oz+GHUhRRBzqZiOfjEKL1gh94jy3ff+FST8=
last-modified: Tue, 20 Jul 2021 17:57:41 GMT
server: cloudflare
etag: "d8c3038123f4125fbeea5e6685e36135"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3XVYVke8PYxK%2FuVyGhlTQWSc%2BfUWSHDMv4HcsaWIOP3Sr1r4i05mONIECQIRmlinhA1DAVsIJCwBftZrf14wF9AcWvFB4lLf2zj0slfaf6e2aH8fnk8JXbgTm9hPMlMukeMT5LKyB12vDZOk%2BORMeIC02AkqMwidQA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-request-id: 51ZH6C8R59BJC6TX
cache-control: public, max-age=31536000
x-amz-version-id: null
accept-ranges: bytes
content-type: image/png

GET
H3 200 Xcaret_sin_getaway.png
images.assets-landingi.com/AXLzBkley562gEkw/ 5 KB
6 KB 13ms
13ms Image
image/png 2606:4700:3035::ac43:a6fa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.assets-landingi.com/AXLzBkley562gEkw/Xcaret_sin_getaway.png
Requested by: Host: www.xcaretgetaway.com
URL: https://www.xcaretgetaway.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:a6fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99f2ffad21cc5aaefd1d5b9ab3a498fccc5e2daffa7700809362973860f5b831

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.xcaretgetaway.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 22:47:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 630
cf-ray: 725b671e1ca033f6-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5058
x-amz-id-2: Qz/j/uzovwPWXgBjUF8CrM7rBKUZ+/h7mKthM/CABOU76AKe1EOvLgxKby85LCChv1ruRlRmqDs=
last-modified: Fri, 30 Jul 2021 18:15:19 GMT
server: cloudflare
etag: "357cd414256519ede11a0119800705f6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cUAehiY2qD%2F2N931gzrBLM0hV%2FM47oEOlcwzh6pAAbpRaQvna%2FAXEyMhNdGmrzIcWSdamOy2YVfYJ9i%2Brm7eU5CAzwu0ScTm6c1pX7SrEbkRCzO2qoFKr7%2BCth9m4XF8PeQWI0bzt9o6VmGh8nC5SnOc9yW4jUBUSw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-request-id: MD3NJ3996JSG26ZD
cache-control: public, max-age=31536000
x-amz-version-id: null
accept-ranges: bytes
content-type: image/png

GET
H3 200 www-player.css
www.youtube.com/s/player/0e7373c2/ Frame F304 339 KB
47 KB 42ms
3ms Stylesheet
text/css 2404:6800:4004:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/0e7373c2/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/ynmoTYeNZak?enablejsapi=1&mute=1&disablekb=1&controls=0&title=0&showinfo=0&rel=0&loop=1&autoplay=1&playlist=ynmoTYeNZak

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81c::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

11148ace6157cd94751922d3c17557609a94b6c2a56ebbf7efcfe1eefba2f27a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.youtube.com/embed/ynmoTYeNZak?enablejsapi=1&mute=1&disablekb=1&controls=0&title=0&showinfo=0&rel=0&loop=1&autoplay=1&playlist=ynmoTYeNZak
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 03 Jul 2022 09:38:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 133741
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47687
x-xss-protection: 0
last-modified: Thu, 30 Jun 2022 00:22:13 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 03 Jul 2023 09:38:26 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/0e7373c2/www-embed-player.vflset/ Frame F304 302 KB
93 KB 47ms
8ms Script
text/javascript 2404:6800:4004:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/0e7373c2/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/ynmoTYeNZak?enablejsapi=1&mute=1&disablekb=1&controls=0&title=0&showinfo=0&rel=0&loop=1&autoplay=1&playlist=ynmoTYeNZak

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81c::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

70a64c9912aae092f9cc15fd4015d474e13b9a08b018c0e761ee183cae873bfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.youtube.com/embed/ynmoTYeNZak?enablejsapi=1&mute=1&disablekb=1&controls=0&title=0&showinfo=0&rel=0&loop=1&autoplay=1&playlist=ynmoTYeNZak
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 02:32:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 332089
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95369
x-xss-protection: 0
last-modified: Thu, 30 Jun 2022 00:22:13 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 01 Jul 2023 02:32:38 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/0e7373c2/player_ias.vflset/ja_JP/ Frame F304 2 MB
557 KB 45ms
7ms Script
text/javascript 2404:6800:4004:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/0e7373c2/player_ias.vflset/ja_JP/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/ynmoTYeNZak?enablejsapi=1&mute=1&disablekb=1&controls=0&title=0&showinfo=0&rel=0&loop=1&autoplay=1&playlist=ynmoTYeNZak

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81c::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

310c1ec254e74d1131cf961c1d06a4c8ec2bd00b1003f3ca96a3ad7a942ef0f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.youtube.com/embed/ynmoTYeNZak?enablejsapi=1&mute=1&disablekb=1&controls=0&title=0&showinfo=0&rel=0&loop=1&autoplay=1&playlist=ynmoTYeNZak
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 02:32:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 332089
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 570450
x-xss-protection: 0
last-modified: Thu, 30 Jun 2022 00:22:13 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 01 Jul 2023 02:32:38 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube.com/s/player/0e7373c2/fetch-polyfill.vflset/ Frame F304 9 KB
3 KB 44ms
6ms Script
text/javascript 2404:6800:4004:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/0e7373c2/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/ynmoTYeNZak?enablejsapi=1&mute=1&disablekb=1&controls=0&title=0&showinfo=0&rel=0&loop=1&autoplay=1&playlist=ynmoTYeNZak

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81c::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.youtube.com/embed/ynmoTYeNZak?enablejsapi=1&mute=1&disablekb=1&controls=0&title=0&showinfo=0&rel=0&loop=1&autoplay=1&playlist=ynmoTYeNZak
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 02:32:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 332089
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2786
x-xss-protection: 0
last-modified: Thu, 30 Jun 2022 00:22:13 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 01 Jul 2023 02:32:38 GMT

GET
H2 200 formiu.php Show response
buenocrm.com/pub/ Frame 54AB 58 KB
13 KB 235ms
235ms Document
text/html 34.203.158.106
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://buenocrm.com/pub/formiu.php?view=frame&form_id=68&widget_user_lang=la&sec=mc8o54&r=1656974847798
Requested by: Host: buenocrm.com
URL: https://buenocrm.com/lo.js?1656974846976
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.203.158.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-203-158-106.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 7a98dfd386597feb75d29ea1eabdf857d6ba1f404eedca90763b8c2f339fd8e4

Request headers

Referer: https://www.xcaretgetaway.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 04 Jul 2022 22:47:27 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
p3p: policyref="/bitrix/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
pragma: no-cache
server: nginx
vary: HTTPS
x-powered-cms: Bitrix Site Manager (3e885b0ae2ca85488adb711248e8ab20)

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame F304
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

74ms
37ms

XHR
application/json

2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/ynmoTYeNZak?enablejsapi=1&mute=1&disablekb=1&controls=0&title=0&showinfo=0&rel=0&loop=1&autoplay=1&playlist=ynmoTYeNZak

Protocol

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0c310eea77824df240b6197c95fd6294e63db43ad427365542b298db4d29d60c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 22:47:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 04 Jul 2022 22:47:27 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame F304 29 B
588 B 45ms
3ms Script
text/javascript 2404:6800:4004:824::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/0e7373c2/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:824::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 22:39:23 GMT
x-content-type-options: nosniff
age: 484
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 04 Jul 2022 22:54:23 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 78ms
37ms Preflight
text/html 2404:6800:4004:822::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:822::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Mon, 04 Jul 2022 22:47:27 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame F304 64 KB
30 KB 86ms
48ms XHR
application/json+protobuf 2404:6800:4004:822::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/0e7373c2/player_ias.vflset/ja_JP/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2dcfbfa68a0bb0095d14c9222d0b845541c7f5b55f470d8d59c443880e993bf6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Mon, 04 Jul 2022 22:47:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 30203
x-xss-protection: 0

POST
H3 200 player Show response
www.youtube.com/youtubei/v1/ Frame F304 68 KB
23 KB 110ms
110ms XHR
application/json 2404:6800:4004:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/player?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8&prettyPrint=false

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/0e7373c2/player_ias.vflset/ja_JP/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81c::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

cb2607d168fdabf7d1f2f37975d7215c64dd6be403c5d8267c5bb1704aec2569

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/ynmoTYeNZak?enablejsapi=1&mute=1&disablekb=1&controls=0&title=0&showinfo=0&rel=0&loop=1&autoplay=1&playlist=ynmoTYeNZak
X-Youtube-Client-Name: 56
X-Youtube-Client-Version: 1.20220629.01.00
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
X-Goog-Visitor-Id: Cgs5cnA5VnNKZEdfSSj_242WBg%3D%3D
Content-Type: application/json

Response headers

date: Mon, 04 Jul 2022 22:47:28 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23028
x-xss-protection: 0

GET
H2 200 iJGTQv2FdKpczbKmCmcADXvJJkQivV5xufAsJBe2f-A.js Show response
www.google.com/js/th/ Frame F304 36 KB
14 KB 43ms
3ms Script
text/javascript 2404:6800:4004:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/iJGTQv2FdKpczbKmCmcADXvJJkQivV5xufAsJBe2f-A.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/0e7373c2/player_ias.vflset/ja_JP/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:808::2004 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88919342fd8574aa5ccdb2a60a67000d7bc9264422bd5e71b9f02c2417b67fe0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 05:47:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 493210
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13993
x-xss-protection: 0
last-modified: Tue, 21 Jun 2022 16:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 29 Jun 2023 05:47:17 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/0e7373c2/player_ias.vflset/ja_JP/ Frame F304 27 KB
8 KB 3ms
3ms Script
text/javascript 2404:6800:4004:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/0e7373c2/player_ias.vflset/ja_JP/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/0e7373c2/player_ias.vflset/ja_JP/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81c::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2c047550f369a5d24cbe85aca012c4169662892c2a84e856e2e5241fd54eff36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.youtube.com/embed/ynmoTYeNZak?enablejsapi=1&mute=1&disablekb=1&controls=0&title=0&showinfo=0&rel=0&loop=1&autoplay=1&playlist=ynmoTYeNZak
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 02:32:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 332088
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8113
x-xss-protection: 0
last-modified: Thu, 30 Jun 2022 00:22:13 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 01 Jul 2023 02:32:39 GMT

GET
DATA 200
OK truncated
/ Frame F304 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AKedOLT90AGkWCN_jvpZxRbDo26-xedvm99J1jzDMmr_o4k=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame F304 2 KB
3 KB 86ms
43ms Image
image/jpeg 2404:6800:4004:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AKedOLT90AGkWCN_jvpZxRbDo26-xedvm99J1jzDMmr_o4k=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/ynmoTYeNZak?enablejsapi=1&mute=1&disablekb=1&controls=0&title=0&showinfo=0&rel=0&loop=1&autoplay=1&playlist=ynmoTYeNZak

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

64bf892369af46f485701e250b746ddd5a71a158f22825a4c1cab8110d32561f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 22:47:28 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2394
x-xss-protection: 0
server: fife
etag: "v49ab"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 04 Jul 2022 06:11:51 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame F304 15 KB
15 KB 3ms
2ms Font
font/woff2 2404:6800:4004:826::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/ynmoTYeNZak?enablejsapi=1&mute=1&disablekb=1&controls=0&title=0&showinfo=0&rel=0&loop=1&autoplay=1&playlist=ynmoTYeNZak

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 03 Jul 2022 19:19:08 GMT
x-content-type-options: nosniff
age: 98899
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Mon, 03 Jul 2023 19:19:08 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame F304 0
9 B 3ms
3ms Image
text/plain 2404:6800:4004:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?1QH-ww
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/ynmoTYeNZak?enablejsapi=1&mute=1&disablekb=1&controls=0&title=0&showinfo=0&rel=0&loop=1&autoplay=1&playlist=ynmoTYeNZak
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:81c::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.youtube.com/embed/ynmoTYeNZak?enablejsapi=1&mute=1&disablekb=1&controls=0&title=0&showinfo=0&rel=0&loop=1&autoplay=1&playlist=ynmoTYeNZak
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 22:47:28 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 kernel_main_v1.css
buenocrm.com/bitrix/cache/css/s1/pub/kernel_main/ Frame 54AB 10 KB
3 KB 180ms
176ms Stylesheet
text/css 34.203.158.106
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://buenocrm.com/bitrix/cache/css/s1/pub/kernel_main/kernel_main_v1.css?16567107049980

Requested by

Host: buenocrm.com
URL: https://buenocrm.com/pub/formiu.php?view=frame&form_id=68&widget_user_lang=la&sec=mc8o54&r=1656974847798

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.203.158.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-203-158-106.compute-1.amazonaws.com

Software

nginx /

Resource Hash

61c840b6433d17b6dddf177ad59dbe2990a13d7f84f1a24bc5070170bf6fbdbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://buenocrm.com/pub/formiu.php?view=frame&form_id=68&widget_user_lang=la&sec=mc8o54&r=1656974847798
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 22:47:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 01 Jul 2022 21:25:04 GMT
server: nginx
etag: W/"62bf6630-26fc"
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=2592000
expires: Wed, 03 Aug 2022 22:47:28 GMT

GET
H2 200 intranet-common.min.css
buenocrm.com/bitrix/js/intranet/ Frame 54AB 59 KB
12 KB 181ms
177ms Stylesheet
text/css 34.203.158.106
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://buenocrm.com/bitrix/js/intranet/intranet-common.min.css?165592178760364

Requested by

Host: buenocrm.com
URL: https://buenocrm.com/pub/formiu.php?view=frame&form_id=68&widget_user_lang=la&sec=mc8o54&r=1656974847798

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.203.158.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-203-158-106.compute-1.amazonaws.com

Software

nginx /

Resource Hash

d5377990b8871ef0aab5eb2d7d7c51aff4c3c5b820ec31f1d0eb424ccee72f08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://buenocrm.com/pub/formiu.php?view=frame&form_id=68&widget_user_lang=la&sec=mc8o54&r=1656974847798
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 22:47:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 22 Jun 2022 18:16:27 GMT
server: nginx
etag: W/"62b35c7b-ebcc"
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=2592000
expires: Wed, 03 Aug 2022 22:47:28 GMT

GET
H2 200 ui.font.opensans.min.css
buenocrm.com/bitrix/js/ui/fonts/opensans/ Frame 54AB 2 KB
546 B 182ms
178ms Stylesheet
text/css 34.203.158.106
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://buenocrm.com/bitrix/js/ui/fonts/opensans/ui.font.opensans.min.css?16559215712320

Requested by

Host: buenocrm.com
URL: https://buenocrm.com/pub/formiu.php?view=frame&form_id=68&widget_user_lang=la&sec=mc8o54&r=1656974847798

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.203.158.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-203-158-106.compute-1.amazonaws.com

Software

nginx /

Resource Hash

47d42f9f412d0c8854bfed1c7b1b433eaf6df4d0d67e7619ee6c9cb7b0289c90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://buenocrm.com/pub/formiu.php?view=frame&form_id=68&widget_user_lang=la&sec=mc8o54&r=1656974847798
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 22:47:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 22 Jun 2022 18:12:51 GMT
server: nginx
etag: W/"62b35ba3-910"
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=2592000
expires: Wed, 03 Aug 2022 22:47:28 GMT

GET
H2 200 main.popup.bundle.min.css
buenocrm.com/bitrix/js/main/popup/dist/ Frame 54AB 23 KB
6 KB 182ms
178ms Stylesheet
text/css 34.203.158.106
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://buenocrm.com/bitrix/js/main/popup/dist/main.popup.bundle.min.css?164139237823804

Requested by

Host: buenocrm.com
URL: https://buenocrm.com/pub/formiu.php?view=frame&form_id=68&widget_user_lang=la&sec=mc8o54&r=1656974847798

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.203.158.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-203-158-106.compute-1.amazonaws.com

Software

nginx /

Resource Hash

f4df22ebc5ca433df193cb0fdaef08fb90820ffc5abd27e06661f496c3ff4ca5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://buenocrm.com/pub/formiu.php?view=frame&form_id=68&widget_user_lang=la&sec=mc8o54&r=1656974847798
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 22:47:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 05 Jan 2022 14:19:38 GMT
server: nginx
etag: W/"61d5a8fa-5cfc"
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=2592000
expires: Wed, 03 Aug 2022 22:47:28 GMT

GET
H2 200 compatibility.min.css
buenocrm.com/bitrix/js/ui/design-tokens/dist/ Frame 54AB 397 B
392 B 183ms
179ms Stylesheet
text/css 34.203.158.106
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://buenocrm.com/bitrix/js/ui/design-tokens/dist/compatibility.min.css?1656710703397

Requested by

Host: buenocrm.com
URL: https://buenocrm.com/pub/formiu.php?view=frame&form_id=68&widget_user_lang=la&sec=mc8o54&r=1656974847798

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.203.158.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-203-158-106.compute-1.amazonaws.com

Software

nginx /

Resource Hash

a97bf45d556983ce245f36cfcf4c78ecd5b6c984635ddc6adb34fca7f6540666

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://buenocrm.com/pub/formiu.php?view=frame&form_id=68&widget_user_lang=la&sec=mc8o54&r=1656974847798
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 22:47:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 01 Jul 2022 21:25:03 GMT
server: nginx
etag: W/"62bf662f-18d"
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=2592000
expires: Wed, 03 Aug 2022 22:47:28 GMT

GET
H2 200 bootstrap.min.css
buenocrm.com/bitrix/css/main/ Frame 54AB 118 KB
25 KB 357ms
354ms Stylesheet
text/css 34.203.158.106
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://buenocrm.com/bitrix/css/main/bootstrap.min.css?1566922349121326

Requested by

Host: buenocrm.com
URL: https://buenocrm.com/pub/formiu.php?view=frame&form_id=68&widget_user_lang=la&sec=mc8o54&r=1656974847798

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.203.158.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-203-158-106.compute-1.amazonaws.com

Software

nginx /

Resource Hash

8c04e9a8d62997a52fbeaa984e88360d0b1dfd6d588c9e8e015056087ba75569

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://buenocrm.com/pub/formiu.php?view=frame&form_id=68&widget_user_lang=la&sec=mc8o54&r=1656974847798
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 22:47:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 27 Aug 2019 16:12:29 GMT
server: nginx
etag: W/"5d65566d-1d9ee"
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=2592000
expires: Wed, 03 Aug 2022 22:47:28 GMT

GET
H2 200 font-awesome.min.css
buenocrm.com/bitrix/css/main/ Frame 54AB 23 KB
6 KB 358ms
354ms Stylesheet
text/css 34.203.158.106
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://buenocrm.com/bitrix/css/main/font-awesome.min.css?156692234923748

Requested by

Host: buenocrm.com
URL: https://buenocrm.com/pub/formiu.php?view=frame&form_id=68&widget_user_lang=la&sec=mc8o54&r=1656974847798

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.203.158.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-203-158-106.compute-1.amazonaws.com

Software

nginx /

Resource Hash

46ed3c06f0c2b150f7284c8697ccc9c198a515f55053da6d36683ba2ed362674

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://buenocrm.com/pub/formiu.php?view=frame&form_id=68&widget_user_lang=la&sec=mc8o54&r=1656974847798
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 22:47:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 27 Aug 2019 16:12:29 GMT
server: nginx
etag: W/"5d65566d-5cc4"
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=2592000
expires: Wed, 03 Aug 2022 22:47:28 GMT

GET
H/1.1 200
OK style6.css
resortgetaway.com/bitrix24/ Frame 54AB 1 KB
1 KB 1501ms
245ms Stylesheet
text/css 158.255.47.17
NODE4-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://resortgetaway.com/bitrix24/style6.css
Requested by: Host: buenocrm.com
URL: https://buenocrm.com/pub/formiu.php?view=frame&form_id=68&widget_user_lang=la&sec=mc8o54&r=1656974847798
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 158.255.47.17 , United Kingdom, ASN31727 (NODE4-AS, GB),
Reverse DNS: whuk-58394.whukhost.com
Software: Apache /
Resource Hash: 3813c7ea017e1d527ec287ea35b1205a11f2f50be920c2f65e1e010d28d616b1

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://buenocrm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 04 Jul 2022 22:47:29 GMT
Last-Modified: Tue, 24 Nov 2020 17:05:34 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 1242

GET
H2 200 resourcebooking.bundle.min.css
buenocrm.com/bitrix/js/calendar/resourcebooking/dist/ Frame 54AB 70 KB
17 KB 359ms
355ms Stylesheet
text/css 34.203.158.106
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://buenocrm.com/bitrix/js/calendar/resourcebooking/dist/resourcebooking.bundle.min.css?164139243971874

Requested by

Host: buenocrm.com
URL: https://buenocrm.com/pub/formiu.php?view=frame&form_id=68&widget_user_lang=la&sec=mc8o54&r=1656974847798

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.203.158.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-203-158-106.compute-1.amazonaws.com

Software

nginx /

Resource Hash

846cd2690a1e4d531d429833fc06774e55639641e0107f2f01d67ebe5e7aa9b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://buenocrm.com/pub/formiu.php?view=frame&form_id=68&widget_user_lang=la&sec=mc8o54&r=1656974847798
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 22:47:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 05 Jan 2022 14:20:39 GMT
server: nginx
etag: W/"61d5a937-118c2"
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=2592000
expires: Wed, 03 Aug 2022 22:47:28 GMT

GET
H2 200 datepick.bundle.min.css
buenocrm.com/bitrix/js/ui/vue/components/datepick/dist/ Frame 54AB 8 KB
2 KB 532ms
529ms Stylesheet
text/css 34.203.158.106
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://buenocrm.com/bitrix/js/ui/vue/components/datepick/dist/datepick.bundle.min.css?15759996018116

Requested by

Host: buenocrm.com
URL: https://buenocrm.com/pub/formiu.php?view=frame&form_id=68&widget_user_lang=la&sec=mc8o54&r=1656974847798

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.203.158.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-203-158-106.compute-1.amazonaws.com

Software

nginx /

Resource Hash

88eb4ccae953543b5a99e2210d4f1ec901d350c73afae4c04f530e13f7085cd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://buenocrm.com/pub/formiu.php?view=frame&form_id=68&widget_user_lang=la&sec=mc8o54&r=1656974847798
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 22:47:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 10 Dec 2019 17:40:01 GMT
server: nginx
etag: W/"5defd871-1fb4"
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=2592000
expires: Wed, 03 Aug 2022 22:47:28 GMT

GET
H2 200 page_130dc075aad8181cf46fb708e5df3280_v1.css
buenocrm.com/bitrix/cache/css/s1/pub/page_130dc075aad8181cf46fb708e5df3280/ Frame 54AB 18 KB
5 KB 533ms
529ms Stylesheet
text/css 34.203.158.106
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://buenocrm.com/bitrix/cache/css/s1/pub/page_130dc075aad8181cf46fb708e5df3280/page_130dc075aad8181cf46fb708e5df3280_v1.css?165671070418721

Requested by

Host: buenocrm.com
URL: https://buenocrm.com/pub/formiu.php?view=frame&form_id=68&widget_user_lang=la&sec=mc8o54&r=1656974847798

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.203.158.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-203-158-106.compute-1.amazonaws.com

Software

nginx /

Resource Hash

841ff3411ee0c6e4f3323b9d8031b711e2c35a7b5e23a4aa1a06f8b7ffdcc554

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://buenocrm.com/pub/formiu.php?view=frame&form_id=68&widget_user_lang=la&sec=mc8o54&r=1656974847798
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 22:47:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 01 Jul 2022 21:25:04 GMT
server: nginx
etag: W/"62bf6630-4921"
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=2592000
expires: Wed, 03 Aug 2022 22:47:28 GMT

GET
H2 200 template_ff567a049b9dd3db80d3edb568c70815_v1.css
buenocrm.com/bitrix/cache/css/s1/pub/template_ff567a049b9dd3db80d3edb568c70815/ Frame 54AB 116 KB
26 KB 533ms
530ms Stylesheet
text/css 34.203.158.106
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://buenocrm.com/bitrix/cache/css/s1/pub/template_ff567a049b9dd3db80d3edb568c70815/template_ff567a049b9dd3db80d3edb568c70815_v1.css?1656710704119042

Requested by

Host: buenocrm.com
URL: https://buenocrm.com/pub/formiu.php?view=frame&form_id=68&widget_user_lang=la&sec=mc8o54&r=1656974847798

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.203.158.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-203-158-106.compute-1.amazonaws.com

Software

nginx /

Resource Hash

366f41f6e41d5f33c3defbc91edac4afc5d5a29db4beb57db0e37fecc6e48d12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://buenocrm.com/pub/formiu.php?view=frame&form_id=68&widget_user_lang=la&sec=mc8o54&r=1656974847798
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 22:47:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 01 Jul 2022 21:25:04 GMT
server: nginx
etag: W/"62bf6630-1d102"
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=2592000
expires: Wed, 03 Aug 2022 22:47:28 GMT

GET
H2 200 core.min.js Show response
buenocrm.com/bitrix/js/main/core/ Frame 54AB 211 KB
74 KB 533ms
530ms Script
application/javascript 34.203.158.106
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://buenocrm.com/bitrix/js/main/core/core.min.js?1655921515216224

Requested by

Host: buenocrm.com
URL: https://buenocrm.com/pub/formiu.php?view=frame&form_id=68&widget_user_lang=la&sec=mc8o54&r=1656974847798

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.203.158.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-203-158-106.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e47eff3e84b90069a12024203cd8b4814e6997c027d0408ecb7f25abe9003994

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://buenocrm.com/pub/formiu.php?view=frame&form_id=68&widget_user_lang=la&sec=mc8o54&r=1656974847798
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 22:47:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 22 Jun 2022 18:11:55 GMT
server: nginx
etag: W/"62b35b6b-34ca0"
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=2592000
expires: Wed, 03 Aug 2022 22:47:28 GMT

GET
H2 200 kernel_main_v1.js Show response
buenocrm.com/bitrix/cache/js/s1/pub/kernel_main/ Frame 54AB 43 KB
13 KB 534ms
531ms Script
application/javascript 34.203.158.106
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://buenocrm.com/bitrix/cache/js/s1/pub/kernel_main/kernel_main_v1.js?165671070443649

Requested by

Host: buenocrm.com
URL: https://buenocrm.com/pub/formiu.php?view=frame&form_id=68&widget_user_lang=la&sec=mc8o54&r=1656974847798

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.203.158.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-203-158-106.compute-1.amazonaws.com

Software

nginx /

Resource Hash

0218addec1b509cab4d98f1468893615b5be8bd4bb50f11469f02a6d4c9a1e0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://buenocrm.com/pub/formiu.php?view=frame&form_id=68&widget_user_lang=la&sec=mc8o54&r=1656974847798
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 22:47:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 01 Jul 2022 21:25:04 GMT
server: nginx
etag: W/"62bf6630-aa81"
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=2592000
expires: Wed, 03 Aug 2022 22:47:28 GMT

GET
H2 200 jquery-1.8.3.min.js Show response
buenocrm.com/bitrix/js/main/jquery/ Frame 54AB 91 KB
38 KB 534ms
531ms Script
application/javascript 34.203.158.106
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://buenocrm.com/bitrix/js/main/jquery/jquery-1.8.3.min.js?156692234893637

Requested by

Host: buenocrm.com
URL: https://buenocrm.com/pub/formiu.php?view=frame&form_id=68&widget_user_lang=la&sec=mc8o54&r=1656974847798

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.203.158.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-203-158-106.compute-1.amazonaws.com

Software

nginx /

Resource Hash

375d351d3e2fce7b3d15a56a43dfdb13ed953fdea6ab707b7f0f7c4a626d31d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://buenocrm.com/pub/formiu.php?view=frame&form_id=68&widget_user_lang=la&sec=mc8o54&r=1656974847798
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 22:47:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 27 Aug 2019 16:12:28 GMT
server: nginx
etag: W/"5d65566c-16dc5"
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=2592000
expires: Wed, 03 Aug 2022 22:47:28 GMT

GET
H2 200 protobuf.min.js Show response
buenocrm.com/bitrix/js/pull/protobuf/ Frame 54AB 75 KB
26 KB 534ms
532ms Script
application/javascript 34.203.158.106
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://buenocrm.com/bitrix/js/pull/protobuf/protobuf.min.js?159607655176433

Requested by

Host: buenocrm.com
URL: https://buenocrm.com/pub/formiu.php?view=frame&form_id=68&widget_user_lang=la&sec=mc8o54&r=1656974847798

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.203.158.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-203-158-106.compute-1.amazonaws.com

Software

nginx /

Resource Hash

33bd1842b7778216197b870e8f3b4e387d9511905c04ea5a07934b3c614ef109

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://buenocrm.com/pub/formiu.php?view=frame&form_id=68&widget_user_lang=la&sec=mc8o54&r=1656974847798
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 22:47:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 30 Jul 2020 02:35:51 GMT
server: nginx
etag: W/"5f223207-12a91"
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=2592000
expires: Wed, 03 Aug 2022 22:47:28 GMT

GET
H2 200 model.min.js Show response
buenocrm.com/bitrix/js/pull/protobuf/ Frame 54AB 14 KB
2 KB 535ms
532ms Script
application/javascript 34.203.158.106
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://buenocrm.com/bitrix/js/pull/protobuf/model.min.js?159607655114190

Requested by

Host: buenocrm.com
URL: https://buenocrm.com/pub/formiu.php?view=frame&form_id=68&widget_user_lang=la&sec=mc8o54&r=1656974847798

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.203.158.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-203-158-106.compute-1.amazonaws.com

Software

nginx /

Resource Hash

6c9b5de3c1416c5aec8d608287ac497758530c4f8228725bc33e49cbeee28382

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://buenocrm.com/pub/formiu.php?view=frame&form_id=68&widget_user_lang=la&sec=mc8o54&r=1656974847798
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 22:47:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 30 Jul 2020 02:35:51 GMT
server: nginx
etag: W/"5f223207-376e"
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=2592000
expires: Wed, 03 Aug 2022 22:47:28 GMT

GET
H2 200 rest.client.min.js Show response
buenocrm.com/bitrix/js/rest/client/ Frame 54AB 9 KB
4 KB 535ms
533ms Script
application/javascript 34.203.158.106
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://buenocrm.com/bitrix/js/rest/client/rest.client.min.js?16064758019240

Requested by

Host: buenocrm.com
URL: https://buenocrm.com/pub/formiu.php?view=frame&form_id=68&widget_user_lang=la&sec=mc8o54&r=1656974847798

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.203.158.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-203-158-106.compute-1.amazonaws.com

Software

nginx /

Resource Hash

5091a00509b006388997b171d01e78296119e41fe88889dfb50f9611bdb17804

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://buenocrm.com/pub/formiu.php?view=frame&form_id=68&widget_user_lang=la&sec=mc8o54&r=1656974847798
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 22:47:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 27 Nov 2020 11:16:41 GMT
server: nginx
etag: W/"5fc0e019-2418"
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=2592000
expires: Wed, 03 Aug 2022 22:47:28 GMT

GET
H2 200 pull.client.min.js Show response
buenocrm.com/bitrix/js/pull/client/ Frame 54AB 44 KB
13 KB 536ms
533ms Script
application/javascript 34.203.158.106
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://buenocrm.com/bitrix/js/pull/client/pull.client.min.js?165592132644545

Requested by

Host: buenocrm.com
URL: https://buenocrm.com/pub/formiu.php?view=frame&form_id=68&widget_user_lang=la&sec=mc8o54&r=1656974847798

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.203.158.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-203-158-106.compute-1.amazonaws.com

Software

nginx /

Resource Hash

2e7d9dab07b533a4c6af203d30e313529b871f2df3b771841def2647c38d17dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://buenocrm.com/pub/formiu.php?view=frame&form_id=68&widget_user_lang=la&sec=mc8o54&r=1656974847798
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 22:47:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 22 Jun 2022 18:08:46 GMT
server: nginx
etag: W/"62b35aae-ae01"
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=2592000
expires: Wed, 03 Aug 2022 22:47:28 GMT

GET
H2 200 main.popup.bundle.min.js Show response
buenocrm.com/bitrix/js/main/popup/dist/ Frame 54AB 62 KB
17 KB 536ms
534ms Script
application/javascript 34.203.158.106
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://buenocrm.com/bitrix/js/main/popup/dist/main.popup.bundle.min.js?165592151563284

Requested by

Host: buenocrm.com
URL: https://buenocrm.com/pub/formiu.php?view=frame&form_id=68&widget_user_lang=la&sec=mc8o54&r=1656974847798

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.203.158.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-203-158-106.compute-1.amazonaws.com

Software

nginx /

Resource Hash

2de5b1a54e4f825d808058cacb6a1d7a54460ef1b391449b31b555c2781f6817

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://buenocrm.com/pub/formiu.php?view=frame&form_id=68&widget_user_lang=la&sec=mc8o54&r=1656974847798
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 22:47:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 22 Jun 2022 18:11:55 GMT
server: nginx
etag: W/"62b35b6b-f734"
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=2592000
expires: Wed, 03 Aug 2022 22:47:28 GMT

GET
H2 200 jquery-2.1.3.min.min.js Show response
buenocrm.com/bitrix/js/main/jquery/ Frame 54AB 82 KB
34 KB 536ms
534ms Script
application/javascript 34.203.158.106
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://buenocrm.com/bitrix/js/main/jquery/jquery-2.1.3.min.min.js?156692234884283

Requested by

Host: buenocrm.com
URL: https://buenocrm.com/pub/formiu.php?view=frame&form_id=68&widget_user_lang=la&sec=mc8o54&r=1656974847798

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.203.158.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-203-158-106.compute-1.amazonaws.com

Software

nginx /

Resource Hash

0cc6510504426a3855b5fd6550938246d97fc691f2992ee3e6a6c6e4580af184

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://buenocrm.com/pub/formiu.php?view=frame&form_id=68&widget_user_lang=la&sec=mc8o54&r=1656974847798
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 22:47:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 27 Aug 2019 16:12:28 GMT
server: nginx
etag: W/"5d65566c-1493b"
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=2592000
expires: Wed, 03 Aug 2022 22:47:28 GMT

GET
H2 200 core_ls.min.js Show response
buenocrm.com/bitrix/js/main/core/ Frame 54AB 7 KB
2 KB 536ms
534ms Script
application/javascript 34.203.158.106
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://buenocrm.com/bitrix/js/main/core/core_ls.min.js?15669223487365

Requested by

Host: buenocrm.com
URL: https://buenocrm.com/pub/formiu.php?view=frame&form_id=68&widget_user_lang=la&sec=mc8o54&r=1656974847798

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.203.158.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-203-158-106.compute-1.amazonaws.com

Software

nginx /

Resource Hash

5ec31e6499b4a461cacb7a73b412769d60223791411f52e610a3c4459a9933cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://buenocrm.com/pub/formiu.php?view=frame&form_id=68&widget_user_lang=la&sec=mc8o54&r=1656974847798
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 22:47:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 27 Aug 2019 16:12:28 GMT
server: nginx
etag: W/"5d65566c-1cc5"
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=2592000
expires: Wed, 03 Aug 2022 22:47:28 GMT

GET
H2 200 resourcebooking.bundle.min.js Show response
buenocrm.com/bitrix/js/calendar/resourcebooking/dist/ Frame 54AB 90 KB
24 KB 537ms
535ms Script
application/javascript 34.203.158.106
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://buenocrm.com/bitrix/js/calendar/resourcebooking/dist/resourcebooking.bundle.min.js?165592177692333

Requested by

Host: buenocrm.com
URL: https://buenocrm.com/pub/formiu.php?view=frame&form_id=68&widget_user_lang=la&sec=mc8o54&r=1656974847798

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.203.158.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-203-158-106.compute-1.amazonaws.com

Software

nginx /

Resource Hash

49a25e804b1631f2cec292b2daf99249657e0a44bc7928323a6390d6d864cc1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://buenocrm.com/pub/formiu.php?view=frame&form_id=68&widget_user_lang=la&sec=mc8o54&r=1656974847798
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 22:47:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 22 Jun 2022 18:16:16 GMT
server: nginx
etag: W/"62b35c70-168ad"
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=2592000
expires: Wed, 03 Aug 2022 22:47:28 GMT

GET
H2 200 vue.bundle.min.js Show response
buenocrm.com/bitrix/js/ui/vue/vue2/prod/dist/ Frame 54AB 111 KB
44 KB 537ms
535ms Script
application/javascript 34.203.158.106
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://buenocrm.com/bitrix/js/ui/vue/vue2/prod/dist/vue.bundle.min.js?1655921564113213

Requested by

Host: buenocrm.com
URL: https://buenocrm.com/pub/formiu.php?view=frame&form_id=68&widget_user_lang=la&sec=mc8o54&r=1656974847798

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.203.158.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-203-158-106.compute-1.amazonaws.com

Software

nginx /

Resource Hash

1bd5e1177b3cef819534401b525646efa7d017d3c3a43d15696d35eb7b6e2f89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://buenocrm.com/pub/formiu.php?view=frame&form_id=68&widget_user_lang=la&sec=mc8o54&r=1656974847798
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 22:47:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 22 Jun 2022 18:12:44 GMT
server: nginx
etag: W/"62b35b9c-1ba3d"
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=2592000
expires: Wed, 03 Aug 2022 22:47:28 GMT

GET
H2 200 datepick.bundle.min.js Show response
buenocrm.com/bitrix/js/ui/vue/components/datepick/dist/ Frame 54AB 20 KB
6 KB 537ms
536ms Script
application/javascript 34.203.158.106
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://buenocrm.com/bitrix/js/ui/vue/components/datepick/dist/datepick.bundle.min.js?165592136520117

Requested by

Host: buenocrm.com
URL: https://buenocrm.com/pub/formiu.php?view=frame&form_id=68&widget_user_lang=la&sec=mc8o54&r=1656974847798

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.203.158.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-203-158-106.compute-1.amazonaws.com

Software

nginx /

Resource Hash

c0b4ff3fb65144eca60723b81af144243f100241acbc1326bb3235d5b57c6b7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://buenocrm.com/pub/formiu.php?view=frame&form_id=68&widget_user_lang=la&sec=mc8o54&r=1656974847798
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 22:47:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 22 Jun 2022 18:09:25 GMT
server: nginx
etag: W/"62b35ad5-4e95"
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=2592000
expires: Wed, 03 Aug 2022 22:47:28 GMT

GET
H2 200 template_8c1f93eef901942a16be6f41d37f5f1c_v1.js Show response
buenocrm.com/bitrix/cache/js/s1/pub/template_8c1f93eef901942a16be6f41d37f5f1c/ Frame 54AB 772 B
663 B 537ms
536ms Script
application/javascript 34.203.158.106
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://buenocrm.com/bitrix/cache/js/s1/pub/template_8c1f93eef901942a16be6f41d37f5f1c/template_8c1f93eef901942a16be6f41d37f5f1c_v1.js?1656710704772

Requested by

Host: buenocrm.com
URL: https://buenocrm.com/pub/formiu.php?view=frame&form_id=68&widget_user_lang=la&sec=mc8o54&r=1656974847798

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.203.158.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-203-158-106.compute-1.amazonaws.com

Software

nginx /

Resource Hash

81bac4a3f8d27107036747bbafe2e72405dd38842f98ca1d68c1a53b7ebe6ea3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://buenocrm.com/pub/formiu.php?view=frame&form_id=68&widget_user_lang=la&sec=mc8o54&r=1656974847798
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 22:47:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 01 Jul 2022 21:25:04 GMT
server: nginx
etag: W/"62bf6630-304"
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=2592000
expires: Wed, 03 Aug 2022 22:47:28 GMT

GET
H2 200 page_53df17e489371e71df246f5b33a07ffd_v1.js Show response
buenocrm.com/bitrix/cache/js/s1/pub/page_53df17e489371e71df246f5b33a07ffd/ Frame 54AB 60 KB
17 KB 538ms
536ms Script
application/javascript 34.203.158.106
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://buenocrm.com/bitrix/cache/js/s1/pub/page_53df17e489371e71df246f5b33a07ffd/page_53df17e489371e71df246f5b33a07ffd_v1.js?165671070461022

Requested by

Host: buenocrm.com
URL: https://buenocrm.com/pub/formiu.php?view=frame&form_id=68&widget_user_lang=la&sec=mc8o54&r=1656974847798

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.203.158.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-203-158-106.compute-1.amazonaws.com

Software

nginx /

Resource Hash

71a8a02c75ec315a6322c660ce0de89ed6a660a01993329d63a3de7c88d8a999

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://buenocrm.com/pub/formiu.php?view=frame&form_id=68&widget_user_lang=la&sec=mc8o54&r=1656974847798
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 22:47:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 01 Jul 2022 21:25:04 GMT
server: nginx
etag: W/"62bf6630-ee5e"
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=2592000
expires: Wed, 03 Aug 2022 22:47:28 GMT

POST
H3 204 qoe Show response
www.youtube.com/api/stats/ Frame F304 0
19 B 42ms
41ms XHR
text/html 2404:6800:4004:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/qoe?fmt=244&afmt=251&cpn=H1WzMviaNVjxFPYc&el=embedded&ns=yt&fexp=23983296%2C24001373%2C24002022%2C24002025%2C24004644%2C24007246%2C24080738%2C24135310%2C24135692%2C24169501%2C24174783%2C24177160%2C24221532%2C24226334%2C24232294%2C24233649%2C24237817%2C24238983%2C24240669&cl=458083588&seq=1&docid=ynmoTYeNZak&ei=_23DYprTOqzHs8IP7o6w2A0&event=streamingstats&plid=AAXjAoU3b1ikXNsQ&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2FynmoTYeNZak%3Fenablejsapi%3D1%26mute%3D1%26disablekb%3D1%26controls%3D0%26title%3D0%26showinfo%3D0%26rel%3D0%26loop%3D1%26autoplay%3D1%26playlist%3DynmoTYeNZak&cbr=Chrome&cbrver=103.0.5060.53&c=WEB_EMBEDDED_PLAYER&cver=1.20220629.01.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&vps=0.000:N,0.008:B,0.149:B,0.149:B&cmt=0.008:0.000,0.149:0.000&afs=0.149:251::i&vfs=0.149:244:247::r&view=0.149:2848:899&bwe=0.149:130000&bat=0.149:1:1&vis=0.149:0&bh=0.149:0.000

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/0e7373c2/player_ias.vflset/ja_JP/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81c::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/ynmoTYeNZak?enablejsapi=1&mute=1&disablekb=1&controls=0&title=0&showinfo=0&rel=0&loop=1&autoplay=1&playlist=ynmoTYeNZak
X-YouTube-Client-Version: 1.20220629.01.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: Cgs5cnA5VnNKZEdfSSj_242WBg%3D%3D
X-YouTube-Ad-Signals: dt=1656974847845&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C2848%2C899&vis=1&wgl=true&ca_type=image

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 22:47:28 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK videoplayback Show response
rr2---sn-oguesnd6.googlevideo.com/ Frame F304 187 KB
188 KB 328ms
180ms Fetch
video/webm 2404:6800:4004:39::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr2---sn-oguesnd6.googlevideo.com/videoplayback?expire=1656996448&ei=_23DYprTOqzHs8IP7o6w2A0&ip=2001%3Aac8%3A40%3Ab4%3A%3A4e&id=o-APj72Fx1mpa3iJkwEFDHhqyT1x-uu9z0PGtoqgZn4cP0&itag=244&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&mh=Y5&mm=31%2C26&mn=sn-oguesnd6%2Csn-npoeenly&ms=au%2Conr&mv=m&mvi=2&pl=48&initcwndbps=1267500&spc=4ocVCyPpSsjwE_QyFgD7dVAfDpjqtLI&vprv=1&mime=video%2Fwebm&ns=Tjp8ChTHuhBV7mk4KCrN7a8G&gir=yes&clen=8819122&dur=104.353&lmt=1538092882330678&mt=1656974222&fvip=4&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5533332&n=_d4ANqXcTtBG5g&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgCbac-NL6TEsugFj8cJvgBOxpbTQF4FXHZDfq_mk4pR4CIBF1vhLQaPQkRgBzDtalm88soD9fT4CXbygCvadhjiGB&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIgUg6Ba3FO-58cuYV0ra8DFHyL5PE3PuGHN-JMLIz5fDACIQCFJieTV4Ik1tGLx2TwZzsq9bbdg_ykZnDZIlC2kuk3zA%3D%3D&alr=yes&cpn=H1WzMviaNVjxFPYc&cver=1.20220629.01.00&range=0-191540&rn=1&rbuf=0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/0e7373c2/player_ias.vflset/ja_JP/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:39::7 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

97ea1134c3445e940ac7073f15bdbae2905a7ecb4ff7d7c49b789b8653578453

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 04 Jul 2022 22:47:28 GMT
X-Restrict-Formats-Hint: None
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 191541
Last-Modified: Fri, 28 Sep 2018 00:01:22 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/webm
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21300
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: https://www.youtube.com
X-Content-Type-Options: nosniff
Expires: Mon, 04 Jul 2022 22:47:28 GMT

GET
H/1.1 200
OK videoplayback Show response
rr2---sn-oguesnd6.googlevideo.com/ Frame F304 64 KB
65 KB 174ms
27ms Fetch
audio/webm 2404:6800:4004:39::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr2---sn-oguesnd6.googlevideo.com/videoplayback?expire=1656996448&ei=_23DYprTOqzHs8IP7o6w2A0&ip=2001%3Aac8%3A40%3Ab4%3A%3A4e&id=o-APj72Fx1mpa3iJkwEFDHhqyT1x-uu9z0PGtoqgZn4cP0&itag=251&source=youtube&requiressl=yes&mh=Y5&mm=31%2C26&mn=sn-oguesnd6%2Csn-npoeenly&ms=au%2Conr&mv=m&mvi=2&pl=48&initcwndbps=1267500&spc=4ocVCyPpSsjwE_QyFgD7dVAfDpjqtLI&vprv=1&mime=audio%2Fwebm&ns=Tjp8ChTHuhBV7mk4KCrN7a8G&gir=yes&clen=1919371&dur=104.381&lmt=1538093178110738&mt=1656974222&fvip=4&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5511222&n=_d4ANqXcTtBG5g&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAKt0PvgKbXNtVntr05Zv5bRvyXkJWQDQ7o6-hFztFqavAiBViHIUbNhG66sKqvQtF1FxCUP1IHGSRiOqyV1FoggfRg%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIgUg6Ba3FO-58cuYV0ra8DFHyL5PE3PuGHN-JMLIz5fDACIQCFJieTV4Ik1tGLx2TwZzsq9bbdg_ykZnDZIlC2kuk3zA%3D%3D&alr=yes&cpn=H1WzMviaNVjxFPYc&cver=1.20220629.01.00&range=0-65978&rn=2&rbuf=0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/0e7373c2/player_ias.vflset/ja_JP/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:39::7 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

01e6ec123c37bc0a0c96afe88d1217dbf3b1c7476a5c1fe8254913f3860fa5e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 04 Jul 2022 22:47:28 GMT
X-Content-Type-Options: nosniff
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 65979
Last-Modified: Fri, 28 Sep 2018 00:06:18 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: audio/webm
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21300
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: https://www.youtube.com
Expires: Mon, 04 Jul 2022 22:47:28 GMT

GET
H3 200 captions.js Show response
www.youtube.com/s/player/0e7373c2/player_ias.vflset/ja_JP/ Frame F304 64 KB
24 KB 4ms
3ms Script
text/javascript 2404:6800:4004:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/0e7373c2/player_ias.vflset/ja_JP/captions.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/0e7373c2/player_ias.vflset/ja_JP/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81c::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

066224dccafa61f56d86825e43e3216be01c2caf45cc4a49c4077797a244e520

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.youtube.com/embed/ynmoTYeNZak?enablejsapi=1&mute=1&disablekb=1&controls=0&title=0&showinfo=0&rel=0&loop=1&autoplay=1&playlist=ynmoTYeNZak
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 02:32:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 332089
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24384
x-xss-protection: 0
last-modified: Thu, 30 Jun 2022 00:22:13 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 01 Jul 2023 02:32:39 GMT

GET
H3 200 endscreen.js Show response
www.youtube.com/s/player/0e7373c2/player_ias.vflset/ja_JP/ Frame F304 29 KB
8 KB 4ms
4ms Script
text/javascript 2404:6800:4004:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/0e7373c2/player_ias.vflset/ja_JP/endscreen.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/0e7373c2/player_ias.vflset/ja_JP/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81c::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1a8d46174e12c8e83b610ef756045d1654b602df9ee51e32213f99ef8341d45f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.youtube.com/embed/ynmoTYeNZak?enablejsapi=1&mute=1&disablekb=1&controls=0&title=0&showinfo=0&rel=0&loop=1&autoplay=1&playlist=ynmoTYeNZak
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 02:32:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 332089
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7903
x-xss-protection: 0
last-modified: Thu, 30 Jun 2022 00:22:13 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 01 Jul 2023 02:32:39 GMT

GET
H3 200 annotations_module.js Show response
www.youtube.com/s/player/0e7373c2/player_ias.vflset/ja_JP/ Frame F304 68 KB
20 KB 5ms
4ms Script
text/javascript 2404:6800:4004:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/0e7373c2/player_ias.vflset/ja_JP/annotations_module.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/0e7373c2/player_ias.vflset/ja_JP/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81c::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3685031902ecdf165555d24ae0fbb9abacf003484565ebf9dc2c213d64b2e09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.youtube.com/embed/ynmoTYeNZak?enablejsapi=1&mute=1&disablekb=1&controls=0&title=0&showinfo=0&rel=0&loop=1&autoplay=1&playlist=ynmoTYeNZak
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 02:33:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 332020
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20379
x-xss-protection: 0
last-modified: Thu, 30 Jun 2022 00:22:13 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 01 Jul 2023 02:33:48 GMT

POST
H3 200 next Show response
www.youtube.com/youtubei/v1/ Frame F304 6 KB
2 KB 168ms
168ms XHR
application/json 2404:6800:4004:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/next?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8&prettyPrint=false

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/0e7373c2/player_ias.vflset/ja_JP/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81c::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

afae54ecc4c673159d89a4c7901a5211c5be6d16d1b8bbb83dccc77d5d16f8d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/ynmoTYeNZak?enablejsapi=1&mute=1&disablekb=1&controls=0&title=0&showinfo=0&rel=0&loop=1&autoplay=1&playlist=ynmoTYeNZak
X-Youtube-Client-Name: 56
X-Youtube-Client-Version: 1.20220629.01.00
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
X-Goog-Visitor-Id: Cgs5cnA5VnNKZEdfSSj_242WBg%3D%3D
Content-Type: application/json

Response headers

date: Mon, 04 Jul 2022 22:47:28 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1979
x-xss-protection: 0

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame F304 98 B
142 B 41ms
41ms XHR
application/json+protobuf 2404:6800:4004:822::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/0e7373c2/player_ias.vflset/ja_JP/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

00ffd4d0cad6c35cec20e9ad87b78e105ef22e93993cd1e3b8913993b346d890

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Mon, 04 Jul 2022 22:47:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 118
x-xss-protection: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 38ms
38ms Preflight
text/html 2404:6800:4004:822::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Mon, 04 Jul 2022 22:47:28 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 add-popups Show response
popups.landingi.com/api/v2/landing/ 32 B
240 B 782ms
272ms XHR
application/json 52.30.199.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://popups.landingi.com/api/v2/landing/add-popups?apikey=ebe2784d-7b41-484d-b88c-754429363433&landing=372045bc01363fbfb165
Requested by: Host: popups.landingi.com
URL: https://popups.landingi.com/api/v2/landing/install-code?apikey=ebe2784d-7b41-484d-b88c-754429363433&landing=372045bc01363fbfb165
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.199.88 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-199-88.eu-west-1.compute.amazonaws.com
Software: nginx / PHP/7.4.3
Resource Hash: 1f7ca3d6dc1c44caa9543bf70d92c43a453df1589d526db676e2b587cfd71d2a

Request headers

Referer: https://www.xcaretgetaway.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.xcaretgetaway.com
date: Mon, 04 Jul 2022 22:47:28 GMT
cache-control: no-cache, private
server: nginx
x-powered-by: PHP/7.4.3
access-control-allow-headers: Access-Control-Allow-Origin
content-type: application/json

GET
H3 200 videoplayback Show response
rr2---sn-oguesnd6.googlevideo.com/ Frame F304 568 B
594 B 540ms
534ms Fetch
video/webm 2404:6800:4004:39::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr2---sn-oguesnd6.googlevideo.com/videoplayback?expire=1656996448&ei=_23DYprTOqzHs8IP7o6w2A0&ip=2001%3Aac8%3A40%3Ab4%3A%3A4e&id=o-APj72Fx1mpa3iJkwEFDHhqyT1x-uu9z0PGtoqgZn4cP0&itag=247&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&mh=Y5&mm=31%2C26&mn=sn-oguesnd6%2Csn-npoeenly&ms=au%2Conr&mv=m&mvi=2&pl=48&initcwndbps=1267500&spc=4ocVCyPpSsjwE_QyFgD7dVAfDpjqtLI&vprv=1&mime=video%2Fwebm&ns=Tjp8ChTHuhBV7mk4KCrN7a8G&gir=yes&clen=16128156&dur=104.353&lmt=1538092882042044&mt=1656974222&fvip=4&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5533332&n=_d4ANqXcTtBG5g&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRgIhANY_6-3tQjVLzbvkQYt_ALpQvNUZ-aA97nCiAK-XQO3VAiEA7vCcLlzNH2-4OX-1orpx-f_z2j8TwfBoaqfDzxgwtZc%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIgUg6Ba3FO-58cuYV0ra8DFHyL5PE3PuGHN-JMLIz5fDACIQCFJieTV4Ik1tGLx2TwZzsq9bbdg_ykZnDZIlC2kuk3zA%3D%3D&alr=yes&cpn=H1WzMviaNVjxFPYc&cver=1.20220629.01.00&range=0-567&rn=3&rbuf=0&pot=GpsBCm4cPuvuS87daxN2YXEAjb0tTDGMDvYlAnCy5K-5nAl6lmzHU5bdXEePIQRLFxqzUzPSLzYIENxeDaZgijNxUotWuehBPk-mjrlwWdIWzB3En7yFq52UVB87El11Ojq4jACE1b2L4FnOPFrSXYamvxIpATwYQQ6r1l2IVcQ_saV7RHFWu78AuLmgSQEleZSevB7fYzR3yOBWpZ4=

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/0e7373c2/player_ias.vflset/ja_JP/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:39::7 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

11d6cf7897a0f13a4d6cf4f8878911e507547bc994e5acb7df4494fe3429d968

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 22:47:28 GMT
x-restrict-formats-hint: None
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 568
client-protocol: quic
last-modified: Fri, 28 Sep 2018 00:01:22 GMT
server: gvs 1.0
vary: Origin
content-type: video/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21300
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
x-content-type-options: nosniff
expires: Mon, 04 Jul 2022 22:47:28 GMT

GET
H3 200 AKedOLT90AGkWCN_jvpZxRbDo26-xedvm99J1jzDMmr_o4k=s88-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame F304 3 KB
3 KB 82ms
44ms Image
image/jpeg 2404:6800:4004:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AKedOLT90AGkWCN_jvpZxRbDo26-xedvm99J1jzDMmr_o4k=s88-c-k-c0x00ffffff-no-rj

Requested by

Host: www.xcaretgetaway.com
URL: https://www.xcaretgetaway.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

5d5e0049458abbefd654d8b877b002a769e0b6e000ad6f719df70a80041de3d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 22:47:28 GMT
x-content-type-options: nosniff
server: fife
etag: "v49ab"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2932
x-xss-protection: 0
expires: Tue, 05 Jul 2022 22:47:28 GMT

GET
H3 200 xoximilco_toast.jpg
images.assets-landingi.com/kJGh39RriTTJEAJM/ 76 KB
77 KB 1524ms
1523ms Image
image/jpeg 2606:4700:3035::ac43:a6fa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.assets-landingi.com/kJGh39RriTTJEAJM/xoximilco_toast.jpg
Requested by: Host: www.xcaretgetaway.com
URL: https://www.xcaretgetaway.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:a6fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 08432b7583371de2d7a60eee10ce9765ec50d26bf85f9e0508601e6624d99f97

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.xcaretgetaway.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 22:47:29 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: QC05YJN7D4JEG643
cf-ray: 725b6721df7633f6-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 77962
x-amz-id-2: fpFl0Uc3QCaAiAhQyXMqmXcCJVhhu1d4brCuzjnnEDVOWFJdzH6QX6byvkhpvvLckBDhlSB3u6o=
last-modified: Mon, 02 Aug 2021 18:00:43 GMT
server: cloudflare
etag: "bd2a382ce567a9763a8267d37dda17fa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W7zcMC4RT%2BIif6wXvH5eR4XOlG7RlyMQ0kcRqamId60Jz0iT%2BxQce%2BKM2o4Ged12kMgJJ2bh3JxeteH6n2YNg2%2BjzawKiEFeJpESuZtWn6NhpPozvzTQvQrvBoniVntvtx%2BvTWfixVw%2F0g4MhQtxGG4Qz8wu3hHpAA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: null
cache-control: public, max-age=31536000
accept-ranges: bytes
content-type: image/jpeg

GET
H3 200 videoplayback Show response
rr2---sn-oguesnd6.googlevideo.com/ Frame F304 186 KB
187 KB 4ms
3ms Fetch
video/webm 2404:6800:4004:39::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/0e7373c2/player_ias.vflset/ja_JP/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:39::7 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

bb88c7538650c6f8ef0500ab9af2a660c29218da5c30a0859e779c7fdd53b1b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 22:47:28 GMT
x-restrict-formats-hint: None
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 190973
client-protocol: quic
last-modified: Fri, 28 Sep 2018 00:01:22 GMT
server: gvs 1.0
vary: Origin
content-type: video/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21300
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
x-content-type-options: nosniff
expires: Mon, 04 Jul 2022 22:47:28 GMT

GET
H3 200 videoplayback Show response
rr2---sn-oguesnd6.googlevideo.com/ Frame F304 64 KB
64 KB 3ms
2ms Fetch
audio/webm 2404:6800:4004:39::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr2---sn-oguesnd6.googlevideo.com/videoplayback?expire=1656996448&ei=_23DYprTOqzHs8IP7o6w2A0&ip=2001%3Aac8%3A40%3Ab4%3A%3A4e&id=o-APj72Fx1mpa3iJkwEFDHhqyT1x-uu9z0PGtoqgZn4cP0&itag=251&source=youtube&requiressl=yes&mh=Y5&mm=31%2C26&mn=sn-oguesnd6%2Csn-npoeenly&ms=au%2Conr&mv=m&mvi=2&pl=48&initcwndbps=1267500&spc=4ocVCyPpSsjwE_QyFgD7dVAfDpjqtLI&vprv=1&mime=audio%2Fwebm&ns=Tjp8ChTHuhBV7mk4KCrN7a8G&gir=yes&clen=1919371&dur=104.381&lmt=1538093178110738&mt=1656974222&fvip=4&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5511222&n=_d4ANqXcTtBG5g&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAKt0PvgKbXNtVntr05Zv5bRvyXkJWQDQ7o6-hFztFqavAiBViHIUbNhG66sKqvQtF1FxCUP1IHGSRiOqyV1FoggfRg%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIgUg6Ba3FO-58cuYV0ra8DFHyL5PE3PuGHN-JMLIz5fDACIQCFJieTV4Ik1tGLx2TwZzsq9bbdg_ykZnDZIlC2kuk3zA%3D%3D&alr=yes&cpn=H1WzMviaNVjxFPYc&cver=1.20220629.01.00&range=65979-131514&rn=5&rbuf=3957&pot=GpsBCm4cPuvuS87daxN2YXEAjb0tTDGMDvYlAnCy5K-5nAl6lmzHU5bdXEePIQRLFxqzUzPSLzYIENxeDaZgijNxUotWuehBPk-mjrlwWdIWzB3En7yFq52UVB87El11Ojq4jACE1b2L4FnOPFrSXYamvxIpATwYQQ6r1l2IVcQ_saV7RHFWu78AuLmgSQEleZSevB7fYzR3yOBWpZ4=

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/0e7373c2/player_ias.vflset/ja_JP/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:39::7 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

012c2a7fb79198d0b0336e3cd8777afdb508f7283f9c09f0a5b8b67428162227

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 22:47:28 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 65536
client-protocol: quic
last-modified: Fri, 28 Sep 2018 00:06:18 GMT
server: gvs 1.0
vary: Origin
content-type: audio/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21300
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Mon, 04 Jul 2022 22:47:28 GMT

GET
H3 200 videoplayback Show response
rr2---sn-oguesnd6.googlevideo.com/ Frame F304 111 KB
111 KB 4ms
4ms Fetch
video/webm 2404:6800:4004:39::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/0e7373c2/player_ias.vflset/ja_JP/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:39::7 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

c3492def7800077874f193667fac86c2e0a74f4f005360573908abe929e67072

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 22:47:28 GMT
x-restrict-formats-hint: None
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113479
client-protocol: quic
last-modified: Fri, 28 Sep 2018 00:01:22 GMT
server: gvs 1.0
vary: Origin
content-type: video/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21300
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
x-content-type-options: nosniff
expires: Mon, 04 Jul 2022 22:47:28 GMT

GET
H3 200 videoplayback Show response
rr2---sn-oguesnd6.googlevideo.com/ Frame F304 433 KB
433 KB 4ms
4ms Fetch
video/webm 2404:6800:4004:39::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/0e7373c2/player_ias.vflset/ja_JP/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:39::7 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

c714531824a6e7530988df5f2e4b79b925fb4d15cacc6bc89490a820586a053b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 22:47:28 GMT
x-restrict-formats-hint: None
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 443651
client-protocol: quic
last-modified: Fri, 28 Sep 2018 00:01:22 GMT
server: gvs 1.0
vary: Origin
content-type: video/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21300
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
x-content-type-options: nosniff
expires: Mon, 04 Jul 2022 22:47:28 GMT

GET
H3 200 videoplayback Show response
rr2---sn-oguesnd6.googlevideo.com/ Frame F304 156 KB
156 KB 3ms
2ms Fetch
audio/webm 2404:6800:4004:39::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr2---sn-oguesnd6.googlevideo.com/videoplayback?expire=1656996448&ei=_23DYprTOqzHs8IP7o6w2A0&ip=2001%3Aac8%3A40%3Ab4%3A%3A4e&id=o-APj72Fx1mpa3iJkwEFDHhqyT1x-uu9z0PGtoqgZn4cP0&itag=251&source=youtube&requiressl=yes&mh=Y5&mm=31%2C26&mn=sn-oguesnd6%2Csn-npoeenly&ms=au%2Conr&mv=m&mvi=2&pl=48&initcwndbps=1267500&spc=4ocVCyPpSsjwE_QyFgD7dVAfDpjqtLI&vprv=1&mime=audio%2Fwebm&ns=Tjp8ChTHuhBV7mk4KCrN7a8G&gir=yes&clen=1919371&dur=104.381&lmt=1538093178110738&mt=1656974222&fvip=4&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5511222&n=_d4ANqXcTtBG5g&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAKt0PvgKbXNtVntr05Zv5bRvyXkJWQDQ7o6-hFztFqavAiBViHIUbNhG66sKqvQtF1FxCUP1IHGSRiOqyV1FoggfRg%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIgUg6Ba3FO-58cuYV0ra8DFHyL5PE3PuGHN-JMLIz5fDACIQCFJieTV4Ik1tGLx2TwZzsq9bbdg_ykZnDZIlC2kuk3zA%3D%3D&alr=yes&cpn=H1WzMviaNVjxFPYc&cver=1.20220629.01.00&range=131515-290988&rn=8&rbuf=7914&pot=GpsBCm4cPuvuS87daxN2YXEAjb0tTDGMDvYlAnCy5K-5nAl6lmzHU5bdXEePIQRLFxqzUzPSLzYIENxeDaZgijNxUotWuehBPk-mjrlwWdIWzB3En7yFq52UVB87El11Ojq4jACE1b2L4FnOPFrSXYamvxIpATwYQQ6r1l2IVcQ_saV7RHFWu78AuLmgSQEleZSevB7fYzR3yOBWpZ4=

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/0e7373c2/player_ias.vflset/ja_JP/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:39::7 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

5de94b5b277d1e22e70fcc784fa3a69ac24dd2ce83123a6ccca3fd55e23b249a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 22:47:28 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 159474
client-protocol: quic
last-modified: Fri, 28 Sep 2018 00:06:18 GMT
server: gvs 1.0
vary: Origin
content-type: audio/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21300
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Mon, 04 Jul 2022 22:47:28 GMT

GET
H3 204 playback Show response
www.youtube.com/api/stats/ Frame F304 0
17 B 43ms
43ms XHR
text/html 2404:6800:4004:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/playback?ns=yt&el=embedded&cpn=H1WzMviaNVjxFPYc&ver=2&cmt=0.041&fmt=244&fs=0&rt=0.73&euri=https%3A%2F%2Fwww.xcaretgetaway.com%2F&lact=758&cl=458083588&mos=1&volume=100&cbr=Chrome&cbrver=103.0.5060.53&c=WEB_EMBEDDED_PLAYER&cver=1.20220629.01.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&autoplay=1&epm=1&delay=4&hl=ja_JP&cr=JP&len=104&fexp=23983296%2C24001373%2C24002022%2C24002025%2C24004644%2C24007246%2C24080738%2C24135310%2C24135692%2C24169501%2C24174783%2C24177160%2C24221532%2C24226334%2C24232294%2C24233649%2C24237817%2C24238983%2C24240669&rtn=3&afmt=251&size=2848%3A899&inview=0&muted=1&docid=ynmoTYeNZak&ei=_23DYprTOqzHs8IP7o6w2A0&plid=AAXjAoU3b1ikXNsQ&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2FynmoTYeNZak%3Fenablejsapi%3D1%26mute%3D1%26disablekb%3D1%26controls%3D0%26title%3D0%26showinfo%3D0%26rel%3D0%26loop%3D1%26autoplay%3D1%26playlist%3DynmoTYeNZak&list=TLGGwMvRHTp1U18wNDA3MjAyMg&of=6i16WOExkD3SE9FbUzGcGA&vm=CAEQABgEOjJBS1JhaHdEY3RMNjUzMUxqdU9IYjg0d2xIRTJaaTZRcklXSHBtZk4ycFI4ZmxPN1A2d2JXQVBta0tESUFWNm1ZZ0Jza0FsYnlTRUpZWkFwbTVVODVFeW1GOVVEMFpDRTFHQzZJZHB0dGpYdlVjTElFME1GTnpJTGU2Xy00TU5ieEVIMDAwUzNSZHR3

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/0e7373c2/player_ias.vflset/ja_JP/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81c::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/ynmoTYeNZak?enablejsapi=1&mute=1&disablekb=1&controls=0&title=0&showinfo=0&rel=0&loop=1&autoplay=1&playlist=ynmoTYeNZak
X-YouTube-Client-Version: 1.20220629.01.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: Cgs5cnA5VnNKZEdfSSj_242WBg%3D%3D
X-YouTube-Ad-Signals: dt=1656974847845&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C2848%2C899&vis=1&wgl=true&ca_type=image

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 22:47:28 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 ptracking Show response
www.youtube.com/ Frame F304 0
17 B 40ms
39ms XHR
text/html 2404:6800:4004:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/ptracking?html5=1&video_id=ynmoTYeNZak&cpn=H1WzMviaNVjxFPYc&ei=_23DYprTOqzHs8IP7o6w2A0&ptk=youtube_single&oid=O9l6RsMPGXaJmzx4ZmECJA&ptchn=CVC4_LH2vlAoHwEqWlVycA&pltype=content

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/0e7373c2/player_ias.vflset/ja_JP/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81c::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/ynmoTYeNZak?enablejsapi=1&mute=1&disablekb=1&controls=0&title=0&showinfo=0&rel=0&loop=1&autoplay=1&playlist=ynmoTYeNZak
X-YouTube-Client-Version: 1.20220629.01.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: Cgs5cnA5VnNKZEdfSSj_242WBg%3D%3D
X-YouTube-Ad-Signals: dt=1656974847845&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C2848%2C899&vis=1&wgl=true&ca_type=image

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 22:47:28 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 qoe Show response
www.youtube.com/api/stats/ Frame F304 0
19 B 43ms
42ms XHR
text/html 2404:6800:4004:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/qoe?fmt=247&afmt=251&cpn=H1WzMviaNVjxFPYc&el=embedded&ns=yt&fexp=23983296%2C24001373%2C24002022%2C24002025%2C24004644%2C24007246%2C24080738%2C24135310%2C24135692%2C24169501%2C24174783%2C24177160%2C24221532%2C24226334%2C24232294%2C24233649%2C24237817%2C24238983%2C24240669&cl=458083588&seq=2&docid=ynmoTYeNZak&ei=_23DYprTOqzHs8IP7o6w2A0&event=streamingstats&plid=AAXjAoU3b1ikXNsQ&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2FynmoTYeNZak%3Fenablejsapi%3D1%26mute%3D1%26disablekb%3D1%26controls%3D0%26title%3D0%26showinfo%3D0%26rel%3D0%26loop%3D1%26autoplay%3D1%26playlist%3DynmoTYeNZak&cbr=Chrome&cbrver=103.0.5060.53&c=WEB_EMBEDDED_PLAYER&cver=1.20220629.01.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&ctmp=streaming:ac.1&cmt=0.651:0.003,1.184:0.491&vps=0.651:PL,1.184:PL,1.184:PL&user_intent=0&vfs=1.184:247:247:244:r&view=1.184:2848:899&bwm=1.184:1231201:1.569&bwe=1.184:10240156&bat=1.184:1:1&bh=1.184:10.243&df=1.184:0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/0e7373c2/player_ias.vflset/ja_JP/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81c::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/ynmoTYeNZak?enablejsapi=1&mute=1&disablekb=1&controls=0&title=0&showinfo=0&rel=0&loop=1&autoplay=1&playlist=ynmoTYeNZak
X-YouTube-Client-Version: 1.20220629.01.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: Cgs5cnA5VnNKZEdfSSj_242WBg%3D%3D
X-YouTube-Ad-Signals: dt=1656974847845&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C2848%2C899&vis=1&wgl=true&ca_type=image

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 22:47:29 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 videoplayback Show response
rr2---sn-oguesnd6.googlevideo.com/ Frame F304 2 MB
2 MB 6ms
5ms Fetch
video/webm 2404:6800:4004:39::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr2---sn-oguesnd6.googlevideo.com/videoplayback?expire=1656996448&ei=_23DYprTOqzHs8IP7o6w2A0&ip=2001%3Aac8%3A40%3Ab4%3A%3A4e&id=o-APj72Fx1mpa3iJkwEFDHhqyT1x-uu9z0PGtoqgZn4cP0&itag=247&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&mh=Y5&mm=31%2C26&mn=sn-oguesnd6%2Csn-npoeenly&ms=au%2Conr&mv=m&mvi=2&pl=48&initcwndbps=1267500&spc=4ocVCyPpSsjwE_QyFgD7dVAfDpjqtLI&vprv=1&mime=video%2Fwebm&ns=Tjp8ChTHuhBV7mk4KCrN7a8G&gir=yes&clen=16128156&dur=104.353&lmt=1538092882042044&mt=1656974222&fvip=4&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5533332&n=_d4ANqXcTtBG5g&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRgIhANY_6-3tQjVLzbvkQYt_ALpQvNUZ-aA97nCiAK-XQO3VAiEA7vCcLlzNH2-4OX-1orpx-f_z2j8TwfBoaqfDzxgwtZc%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIgUg6Ba3FO-58cuYV0ra8DFHyL5PE3PuGHN-JMLIz5fDACIQCFJieTV4Ik1tGLx2TwZzsq9bbdg_ykZnDZIlC2kuk3zA%3D%3D&alr=yes&cpn=H1WzMviaNVjxFPYc&cver=1.20220629.01.00&range=1726234-3303690&rn=9&rbuf=10243&pot=GpsBCm4cPuvuS87daxN2YXEAjb0tTDGMDvYlAnCy5K-5nAl6lmzHU5bdXEePIQRLFxqzUzPSLzYIENxeDaZgijNxUotWuehBPk-mjrlwWdIWzB3En7yFq52UVB87El11Ojq4jACE1b2L4FnOPFrSXYamvxIpATwYQQ6r1l2IVcQ_saV7RHFWu78AuLmgSQEleZSevB7fYzR3yOBWpZ4=

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/0e7373c2/player_ias.vflset/ja_JP/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:39::7 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

de3546bbd8e76739e43899e0dfb21f8e59c45b81898f7fbc4d01a7d9936252a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 22:47:29 GMT
x-restrict-formats-hint: None
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1577457
client-protocol: quic
last-modified: Fri, 28 Sep 2018 00:01:22 GMT
server: gvs 1.0
vary: Origin
content-type: video/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21299
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
x-content-type-options: nosniff
expires: Mon, 04 Jul 2022 22:47:29 GMT

GET
H2 200 OpenSans-Regular.woff
buenocrm.com/bitrix/templates/pub/fonts/ Frame 54AB 66 KB
66 KB 178ms
178ms Font
font/woff 34.203.158.106
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://buenocrm.com/bitrix/templates/pub/fonts/OpenSans-Regular.woff

Requested by

Host: buenocrm.com
URL: https://buenocrm.com/bitrix/cache/css/s1/pub/template_ff567a049b9dd3db80d3edb568c70815/template_ff567a049b9dd3db80d3edb568c70815_v1.css?1656710704119042

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.203.158.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-203-158-106.compute-1.amazonaws.com

Software

nginx /

Resource Hash

3c49d5554bef01dc496ee12c0ff20b46a035fe5625fef7798ec243894cafb5d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://buenocrm.com/bitrix/cache/css/s1/pub/template_ff567a049b9dd3db80d3edb568c70815/template_ff567a049b9dd3db80d3edb568c70815_v1.css?1656710704119042
Origin: https://buenocrm.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 22:47:29 GMT
x-content-type-options: nosniff
last-modified: Tue, 27 Aug 2019 16:14:30 GMT
server: nginx
etag: "5d6556e6-10700"
x-frame-options: SAMEORIGIN
content-type: font/woff
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 67328
expires: Wed, 03 Aug 2022 22:47:29 GMT

GET
H2 200 fontawesome-webfont.woff2
buenocrm.com/bitrix/fonts/ Frame 54AB 55 KB
56 KB 180ms
180ms Font
font/woff2 34.203.158.106
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://buenocrm.com/bitrix/fonts/fontawesome-webfont.woff2?v=4.3.0

Requested by

Host: buenocrm.com
URL: https://buenocrm.com/bitrix/css/main/font-awesome.min.css?156692234923748

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.203.158.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-203-158-106.compute-1.amazonaws.com

Software

nginx /

Resource Hash

aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://buenocrm.com/bitrix/css/main/font-awesome.min.css?156692234923748
Origin: https://buenocrm.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 22:47:29 GMT
x-content-type-options: nosniff
last-modified: Tue, 27 Aug 2019 16:12:29 GMT
server: nginx
etag: "5d65566d-ddcc"
x-frame-options: SAMEORIGIN
content-type: font/woff2
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 56780
expires: Wed, 03 Aug 2022 22:47:29 GMT

POST
H2 200 ajax_counter.php Show response
buenocrm.com/bitrix/tools/conversion/ Frame 54AB 0
419 B 358ms
358ms XHR
text/html 34.203.158.106
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://buenocrm.com/bitrix/tools/conversion/ajax_counter.php

Requested by

Host: buenocrm.com
URL: https://buenocrm.com/pub/formiu.php?view=frame&form_id=68&widget_user_lang=la&sec=mc8o54&r=1656974847798

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.203.158.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-203-158-106.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://buenocrm.com/pub/formiu.php?view=frame&form_id=68&widget_user_lang=la&sec=mc8o54&r=1656974847798
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 22:47:29 GMT
x-content-type-options: nosniff
server: nginx
x-frame-options: SAMEORIGIN
x-powered-cms: Bitrix Site Manager (3e885b0ae2ca85488adb711248e8ab20)
vary: HTTPS
p3p: policyref="/bitrix/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
cache-control: no-store, no-cache, must-revalidate
content-type: text/html; charset=UTF-8
content-length: 0
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 opensans-regular.woff
buenocrm.com/bitrix/js/ui/fonts/opensans/ Frame 54AB 66 KB
66 KB 353ms
353ms Font
font/woff 34.203.158.106
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://buenocrm.com/bitrix/js/ui/fonts/opensans/opensans-regular.woff

Requested by

Host: buenocrm.com
URL: https://buenocrm.com/bitrix/js/ui/fonts/opensans/ui.font.opensans.min.css?16559215712320

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.203.158.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-203-158-106.compute-1.amazonaws.com

Software

nginx /

Resource Hash

3c49d5554bef01dc496ee12c0ff20b46a035fe5625fef7798ec243894cafb5d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://buenocrm.com/bitrix/js/ui/fonts/opensans/ui.font.opensans.min.css?16559215712320
Origin: https://buenocrm.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 22:47:29 GMT
x-content-type-options: nosniff
last-modified: Tue, 27 Aug 2019 16:13:19 GMT
server: nginx
etag: "5d65569f-10700"
x-frame-options: SAMEORIGIN
content-type: font/woff
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 67328
expires: Wed, 03 Aug 2022 22:47:29 GMT

POST
H2 200 form.city.php Show response
buenocrm.com/local/ajax/ Frame 54AB 2 KB
1 KB 348ms
348ms XHR
text/html 34.203.158.106
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://buenocrm.com/local/ajax/form.city.php

Requested by

Host: buenocrm.com
URL: https://buenocrm.com/bitrix/js/main/jquery/jquery-2.1.3.min.min.js?156692234884283

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.203.158.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-203-158-106.compute-1.amazonaws.com

Software

nginx /

Resource Hash

bed752e8e963dbdd59bb47844769dcbf380d0989694ff603001b4f8712c0ec65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://buenocrm.com/pub/formiu.php?view=frame&form_id=68&widget_user_lang=la&sec=mc8o54&r=1656974847798
X-Requested-With: XMLHttpRequest
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 22:47:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
p3p: policyref="/bitrix/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
x-frame-options: SAMEORIGIN
x-powered-cms: Bitrix Site Manager (3e885b0ae2ca85488adb711248e8ab20)
cache-control: no-store, no-cache, must-revalidate
content-type: text/html; charset=UTF-8
vary: HTTPS
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 bootstrap-datepicker.standalone.min.css
old.assets-landingi.com/js/libs/bootstrap-datepicker/dist/css/ 16 KB
3 KB 1029ms
1028ms Stylesheet
text/css 2606:4700:3035::ac43:a6fa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://old.assets-landingi.com/js/libs/bootstrap-datepicker/dist/css/bootstrap-datepicker.standalone.min.css
Requested by: Host: scripts.assets-landingi.com
URL: https://scripts.assets-landingi.com/lightboxes/lightbox-render.js?v=1656974845
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:a6fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 64888b36e7f774ca0ac03146104351b6e99670b7d5ee5b01b15de6fbde1b1dd8

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.xcaretgetaway.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 22:47:31 GMT
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: XANH32R9ZX83DXTK
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: k6qu1SoV2EQELPXYE055FOh5+Ay70EhIBc/8Mb/SStErJ0j1ZpBbtS5Zoa+EiXOrqjdV0eCDr04=
last-modified: Mon, 11 Dec 2017 12:43:20 GMT
server: cloudflare
etag: W/"84c1ffd4a627956197d3757fb94c3eed"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ScDBGtX4U1cs1dZvGhjzbXjc4AJnYWF%2F2V5cr8g0crGG%2BjAc5njQJOaJcvcwjOfertHANiUDXksODTxYem0U7qnMwogZN0fztlTTlTKoREiUCT6Y9ZZQSiqkl%2FdNqgYBi13kpiEJsYISIEwwC8h%2BM6St0Nq%2Faw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 725b672ca85533f6-NRT

GET
H3 200 bootstrap-datepicker.min.js Show response
old.assets-landingi.com/js/libs/bootstrap-datepicker/dist/js/ 29 KB
10 KB 1073ms
1072ms Script
application/javascript 2606:4700:3035::ac43:a6fa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://old.assets-landingi.com/js/libs/bootstrap-datepicker/dist/js/bootstrap-datepicker.min.js
Requested by: Host: scripts.assets-landingi.com
URL: https://scripts.assets-landingi.com/lightboxes/lightbox-render.js?v=1656974845
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:a6fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6f39f3d788c70831d45519da1c119524a729001443d627ae292d750bf0d44c99

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.xcaretgetaway.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 22:47:31 GMT
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: ANBC7FEHKEW8T7DQ
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: XlZ+8p2lCmJphs2umFhRjUXJSa0S7F4wOxk+AhAedcBYl0PsTHoVN2dWdXqspCcxqG6gBIOfduI=
last-modified: Mon, 11 Dec 2017 12:44:04 GMT
server: cloudflare
etag: W/"56af4a1070c0bf5925f71c115c1138bc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d1A7Fel8UOdOTCdlW3MHuQnlnIxAz7ft5Ml45byVbPQvgK0mHTckczcLmaLInI8SYB1KpeA%2Bs3tgniFVVoDMxllDgdCl%2BTBngufXusTISRp40tK9oFLGTCahKzWHSH6FNobji0SYJY1WNIy71ZxKlEHtOUenQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 725b672ca85b33f6-NRT

GET
H3 200 bootstrap-datepicker.en.min.js Show response
old.assets-landingi.com/js/libs/bootstrap-datepicker/dist/locales/ 497 B
957 B 10ms
10ms Script
application/javascript 2606:4700:3035::ac43:a6fa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://old.assets-landingi.com/js/libs/bootstrap-datepicker/dist/locales/bootstrap-datepicker.en.min.js
Requested by: Host: scripts.assets-landingi.com
URL: https://scripts.assets-landingi.com/lightboxes/lightbox-render.js?v=1656974845
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:a6fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb4b4b282db9c7841db44b614a95a41c12b0b8692d2b0c268308f8906c8bd82e

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.xcaretgetaway.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 22:47:30 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3932
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: J84HTPJK7WP47M36
x-amz-id-2: jI00rANeywqWp4uVIt/BO7L8MkU9x94BImBLFkKQwWKZyYSx9ojNPQQT5LeNpbikeA9YmRSFjJo=
last-modified: Mon, 11 Dec 2017 12:44:29 GMT
server: cloudflare
etag: W/"011a9b7c2ec2a6824e542dd74ac45694"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1CFzY8Eg99ULdanCEa7BqD1gfU4n1pBvmkt%2FxVF3U7hiM%2BYmHi5flmvoX%2FdBM6WCwt8ib5ETSh%2BPwo2kjTl%2Ff%2B09vFU6lXBjxTyeFmerDK5ygtqeRDVbpoyQB%2BPkE%2BzBWjJIB8zGnKTEO7bl5Jd%2FqHfsrvl0IA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 725b672ca85c33f6-NRT

GET
H2 200 render Show response
lightboxes.landingi.com/api/v1/ 15 KB
15 KB 1602ms
906ms XHR
application/json 34.242.135.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://lightboxes.landingi.com/api/v1/render?apikey=ebe2784d-7b41-484d-b88c-754429363433&landing_id=1143963&aaf=/
Requested by: Host: scripts.assets-landingi.com
URL: https://scripts.assets-landingi.com/lightboxes/lightbox-render.js?v=1656974845
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.242.135.119 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-242-135-119.eu-west-1.compute.amazonaws.com
Software: nginx / PHP/7.4.3
Resource Hash: 2b4cc35c68bc58632b281aafde2cb145028f5da069adc50ac89cbbdac9d98adb

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.xcaretgetaway.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 04 Jul 2022 22:47:31 GMT
cache-control: no-cache, private
server: nginx
x-powered-by: PHP/7.4.3
content-type: application/json

POST
H2 200 formiu.php Show response
buenocrm.com/pub/ Frame 54AB 84 B
765 B 263ms
263ms XHR
application/json 34.203.158.106
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://buenocrm.com/pub/formiu.php?view=frame&form_id=68&widget_user_lang=la&sec=mc8o54&r=1656974487481
Requested by: Host: buenocrm.com
URL: https://buenocrm.com/bitrix/js/main/core/core.min.js?1655921515216224
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.203.158.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-203-158-106.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 74405329cd7525b0b668712da9e4723aac83ce273f2ad4a71fb0767e313eccea

Request headers

Referer: https://buenocrm.com/pub/formiu.php?view=frame&form_id=68&widget_user_lang=la&sec=mc8o54&r=1656974847798
accept-language: jp-JP,jp;q=0.9
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Bx-ajax: true

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 22:47:30 GMT
server: nginx
x-powered-cms: Bitrix Site Manager (3e885b0ae2ca85488adb711248e8ab20)
vary: HTTPS
p3p: policyref="/bitrix/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
cache-control: no-store, no-cache, must-revalidate
content-type: application/json; charset=UTF-8
content-length: 84
expires: Thu, 19 Nov 1981 08:52:00 GMT

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame F304 28 B
50 B 46ms
46ms XHR
application/json 2404:6800:4004:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/0e7373c2/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81c::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/ynmoTYeNZak?enablejsapi=1&mute=1&disablekb=1&controls=0&title=0&showinfo=0&rel=0&loop=1&autoplay=1&playlist=ynmoTYeNZak
X-YouTube-Client-Version: 1.20220629.01.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: Cgs5cnA5VnNKZEdfSSj_242WBg%3D%3D
X-YouTube-Ad-Signals: dt=1656974847789&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C2848%2C899&vis=1&wgl=true&ca_type=image

Response headers

date: Mon, 04 Jul 2022 22:47:30 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0

GET
H3 204 watchtime Show response
www.youtube.com/api/stats/ Frame F304 0
17 B 42ms
40ms XHR
text/html 2404:6800:4004:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/watchtime?ns=yt&el=embedded&cpn=H1WzMviaNVjxFPYc&ver=2&cmt=2.312&fmt=247&fs=0&rt=3.002&euri=https%3A%2F%2Fwww.xcaretgetaway.com%2F&lact=3029&cl=458083588&state=playing&volume=100%2C100&cbr=Chrome&cbrver=103.0.5060.53&c=WEB_EMBEDDED_PLAYER&cver=1.20220629.01.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&autoplay=1&delay=4&hl=ja_JP&cr=JP&len=104.381&rtn=13&afmt=251&idpj=-8&ldpj=-15&rti=3&size=2848%3A899&inview=0&st=0%2C0.443&et=0.443%2C2.312&muted=1%2C1&docid=ynmoTYeNZak&ei=_23DYprTOqzHs8IP7o6w2A0&plid=AAXjAoU3b1ikXNsQ&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2FynmoTYeNZak%3Fenablejsapi%3D1%26mute%3D1%26disablekb%3D1%26controls%3D0%26title%3D0%26showinfo%3D0%26rel%3D0%26loop%3D1%26autoplay%3D1%26playlist%3DynmoTYeNZak&list=TLGGwMvRHTp1U18wNDA3MjAyMg&of=6i16WOExkD3SE9FbUzGcGA&vm=CAEQABgEOjJBS1JhaHdEY3RMNjUzMUxqdU9IYjg0d2xIRTJaaTZRcklXSHBtZk4ycFI4ZmxPN1A2d2JXQVBta0tESUFWNm1ZZ0Jza0FsYnlTRUpZWkFwbTVVODVFeW1GOVVEMFpDRTFHQzZJZHB0dGpYdlVjTElFME1GTnpJTGU2Xy00TU5ieEVIMDAwUzNSZHR3

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/0e7373c2/player_ias.vflset/ja_JP/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81c::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/ynmoTYeNZak?enablejsapi=1&mute=1&disablekb=1&controls=0&title=0&showinfo=0&rel=0&loop=1&autoplay=1&playlist=ynmoTYeNZak
X-YouTube-Client-Version: 1.20220629.01.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: Cgs5cnA5VnNKZEdfSSj_242WBg%3D%3D
X-YouTube-Ad-Signals: dt=1656974847845&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C2848%2C899&vis=1&wgl=true&ca_type=image

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 22:47:30 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 lightbox_2021_09_23_17_02_57.css
styles.assets-landingi.com/H7iXysjD/ 8 KB
2 KB 9ms
9ms Stylesheet
text/css 2606:4700:3035::ac43:a6fa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://styles.assets-landingi.com/H7iXysjD/lightbox_2021_09_23_17_02_57.css
Requested by: Host: scripts.assets-landingi.com
URL: https://scripts.assets-landingi.com/lightboxes/lightbox-render.js?v=1656974845
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:a6fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: da3f388783a2d5196fae43d6a14afb168462fc4548b4953904ea54be4bc337c7

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.xcaretgetaway.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 22:47:31 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 623
cf-polished: origSize=9577
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 8HR2KT77GHP0W6SX
x-amz-id-2: 6mU3S7gxUcGZIcqIVEnaYF+nj+J0JmaT1RKRTvjNOnVm9Z69hKvd8YsAPypSKEiokhbOZmfhjW8=
last-modified: Thu, 23 Sep 2021 15:02:59 GMT
server: cloudflare
etag: W/"84d6236a4c2ba97e11217478b6ab4d84"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KXT%2FxsRab6CiNEBPEO1%2BjM78urhcqllXJJmWnlYU90JE0ZzxD0P8rl0n4gktltxmDdr4tqwyTLPB0QX6Rw02RwlXELhJq3Sny9oXAX0kCAuHilPtbF0aA%2BpqjCR6En%2BuYxX%2BODqq%2BvJ1UlfZIeqy%2FwXEwbEXEqvFBA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 725b6736b95b33f6-NRT
cf-bgj: minify

GET
H3 200 lightbox_2021_09_23_17_36_37.css
styles.assets-landingi.com/DMMvjk55/ 8 KB
2 KB 10ms
9ms Stylesheet
text/css 2606:4700:3035::ac43:a6fa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://styles.assets-landingi.com/DMMvjk55/lightbox_2021_09_23_17_36_37.css
Requested by: Host: scripts.assets-landingi.com
URL: https://scripts.assets-landingi.com/lightboxes/lightbox-render.js?v=1656974845
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:a6fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 630705dde59562c92c6d98e5389db1808152af91f72bc91c5c33a6bf3e82dfb5

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.xcaretgetaway.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 22:47:31 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 623
cf-polished: origSize=9577
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 8HRF2N6DTVTNDP4M
x-amz-id-2: 5++miU/YRJEnhg2No9khX5lVoyiY2XMymDigjxO6FkxwkgIqv9I3bUZa8fHj2D3vgDbT56gw7YQ=
last-modified: Thu, 23 Sep 2021 15:36:38 GMT
server: cloudflare
etag: W/"e6346e47376144bc6a19af4b78fe883a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W3Qc7a0iNsmy64j6GmKGdJBkzKiArHu5mFt793YS1%2FQx35MhneBcgVVa1W2ADbbn0XWSPDAVei6gjdwMzUv4uL7DuAHltdgz%2BRaMl9EmqtJicJslVYhbci9cyB0oSz0MTFFBp%2BXEn6qgMi1Jf3JZX11vUhDj4%2Fdl7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 725b6736b95c33f6-NRT
cf-bgj: minify

GET
H3 200 lightbox_2021_09_23_05_24_08.css
styles.assets-landingi.com/lZ7xsBWg/ 8 KB
2 KB 10ms
8ms Stylesheet
text/css 2606:4700:3035::ac43:a6fa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://styles.assets-landingi.com/lZ7xsBWg/lightbox_2021_09_23_05_24_08.css
Requested by: Host: scripts.assets-landingi.com
URL: https://scripts.assets-landingi.com/lightboxes/lightbox-render.js?v=1656974845
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:a6fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5ccfe61a3e290f51889f9b55e75974a35465dd9b719cc7cf2fe54b63302cb93c

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.xcaretgetaway.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 22:47:31 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 623
cf-polished: origSize=9577
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 8HR2AJNA7EGT5M24
x-amz-id-2: jdpeAXXoqYUgNVDkW7vCdIk/8wobalsGdr2i+4w7osWCPzTiKks3HedO3f59n6jVAsiYyy+DEEg=
last-modified: Thu, 23 Sep 2021 03:24:09 GMT
server: cloudflare
etag: W/"b28566b99c099d70664ca1bedb048a93"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E3SWzWDXmwLkJlpjuNa%2B%2FqdkFoIXEefQBqEoo671o3LKa24Og5Pb7G44kLtc4yZdIweJbwnlVUwhUHRWmLZ2rzKpTSEpUtsAmetL2LckGBfgIUqhQX0rjeRIp%2B3FPGB0QPcyOiYecsn1o0KM322tuyVkFmiF5y5MRA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 725b6736b95d33f6-NRT
cf-bgj: minify

GET
H3 200 lightbox_2021_09_23_17_04_06.css
styles.assets-landingi.com/OjNoSoEK/ 8 KB
2 KB 13ms
12ms Stylesheet
text/css 2606:4700:3035::ac43:a6fa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://styles.assets-landingi.com/OjNoSoEK/lightbox_2021_09_23_17_04_06.css
Requested by: Host: scripts.assets-landingi.com
URL: https://scripts.assets-landingi.com/lightboxes/lightbox-render.js?v=1656974845
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:a6fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9d56b2b93991d8fb90901884b834101bfa4c2fb73d3c8247f6728bbbfda8c324

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.xcaretgetaway.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 22:47:31 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 623
cf-polished: origSize=9576
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 8HRA8Q8AHGDSGR17
x-amz-id-2: 2xT6SbE9oCIidXQnfa6nHhGpa2oZV76iR7eZ1JLtXVczLyswV5lW2KlIrahfTfy0uOcF7FlKQx0=
last-modified: Thu, 23 Sep 2021 15:04:07 GMT
server: cloudflare
etag: W/"bf9e0e0f103c01958dddcffb39966aae"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jW6Y%2FFZTtyRWnWkjxT2SIDiAYLTg%2BKYAQLLmBF%2F16LqMjGfDJwE68f1pvyeSHyohXnpvNXMmkfb%2FN4qEnOHCilfY1xIH5oBoyx9nVprQYd%2BXZnPWzDQqG%2BALYnz4CQ8ExZU0Rr9o%2BBg1ZfrjZDBsEvwtwnI%2Fh%2BYT0g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 725b6736b95f33f6-NRT
cf-bgj: minify

GET
H3 200 lightbox_2021_09_23_05_22_28.css
styles.assets-landingi.com/maqKs56Y/ 8 KB
2 KB 12ms
11ms Stylesheet
text/css 2606:4700:3035::ac43:a6fa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://styles.assets-landingi.com/maqKs56Y/lightbox_2021_09_23_05_22_28.css
Requested by: Host: scripts.assets-landingi.com
URL: https://scripts.assets-landingi.com/lightboxes/lightbox-render.js?v=1656974845
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:a6fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6b78a69c7f03c62dfd95a6461215c4263cf6e1c63637dd5566a44ecfb29ad4d7

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.xcaretgetaway.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 22:47:31 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 623
cf-polished: origSize=9573
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 8HR1ZVRVK5YQRD5J
x-amz-id-2: oNnnc9gdW3cXhWf1DbggTO8zEosgKum7hk3PEGauV8CVa0SgyBCT+/rHO1MiHfHi1AXsYeMwJz8=
last-modified: Thu, 23 Sep 2021 03:22:29 GMT
server: cloudflare
etag: W/"cc1a5ead9174c5fec393107daa064429"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vl8drFjxYhGlwtYb0759WPkCQU9zn2zDZas8gx1uQI3dTmXCNqPLGiuGmyoPaZ9YQLviwneqQbggajC7LUUbx4aYSkPt%2F9cOk5B6r5Chgc5756caR2RufJ5bGNhzORgOnJIk1M%2BxQZpLPtlicqK1jPzYTgQ3XB%2FUsA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 725b6736b96133f6-NRT
cf-bgj: minify

GET
H3 200 lightbox_2021_09_23_17_03_48.css
styles.assets-landingi.com/Wvlkwr5D/ 8 KB
2 KB 11ms
10ms Stylesheet
text/css 2606:4700:3035::ac43:a6fa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://styles.assets-landingi.com/Wvlkwr5D/lightbox_2021_09_23_17_03_48.css
Requested by: Host: scripts.assets-landingi.com
URL: https://scripts.assets-landingi.com/lightboxes/lightbox-render.js?v=1656974845
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:a6fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b793bf666f77a4cab15034a1f199c32e743ae781140d4557e14d05f70eedaef9

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.xcaretgetaway.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 22:47:31 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 623
cf-polished: origSize=9573
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 8HR3SETB1GD8BA5Q
x-amz-id-2: xhQBdW8OCXg+9kLCBwSpqO0VX6hLZqU0yP7iLuJ88bPKDe0GwJOZFN36W2pJrRyDA+iuAcvCO9Y=
last-modified: Thu, 23 Sep 2021 15:03:49 GMT
server: cloudflare
etag: W/"84709fa3650df46664edb113468ac4bc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qoVle8RaZakaDjuxOBO6rAAMH1bj%2FBcECWerRxQNoKFWcFeVlW4Lym4HvvluHtH%2FtHBFG8ReLu04B1oI1%2BPtRd3sEWAKUGZNsjPxtwmB1DhVN9USPYQKhxpovf%2F9aSFXGR9AZuEogGwLFGaW37jOdd%2BNseWflmyXZg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 725b6736b96233f6-NRT
cf-bgj: minify

GET
H3 200 lightbox_2021_09_23_05_24_19.css
styles.assets-landingi.com/ZDuEoaT2/ 8 KB
2 KB 10ms
9ms Stylesheet
text/css 2606:4700:3035::ac43:a6fa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://styles.assets-landingi.com/ZDuEoaT2/lightbox_2021_09_23_05_24_19.css
Requested by: Host: scripts.assets-landingi.com
URL: https://scripts.assets-landingi.com/lightboxes/lightbox-render.js?v=1656974845
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:a6fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6bd8f093cbba34b70c2d52581c2cc3512abc4ba77129dd4b5570dd6017c1e75c

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.xcaretgetaway.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 22:47:31 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 623
cf-polished: origSize=9574
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 8HR2ACD4HZTQR7MJ
x-amz-id-2: BSsaolv4dvgO3nobqT+5sBQQsI/bJa2dbNF1j7md6+NSfnOKx3DYJYjRdjJNI7YLmi2hfx41uuI=
last-modified: Thu, 23 Sep 2021 03:24:20 GMT
server: cloudflare
etag: W/"712652b7e40df06e34af6076acc714e9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RKW3kQQPijg6xDHo07E4bYIdbxJGY1yE7JDFI57Eime9uzwRVYYwsxyYMpESHSmU1Y2HKotRciqJS%2FjZe1rmRHnttZni56945dOKjRZbqeM0YHL2bdmmQV3vckN%2BwMYxQnqRZj%2BOoKyjOtQApCJF2Guw2Lo1h9yBmg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 725b6736b96333f6-NRT
cf-bgj: minify

GET
H3 204 delayplay Show response
www.youtube.com/api/stats/ Frame F304 0
17 B 43ms
42ms XHR
text/html 2404:6800:4004:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/delayplay?ns=yt&el=embedded&cpn=H1WzMviaNVjxFPYc&ver=2&cmt=4.185&fmt=247&fs=0&rt=4.876&euri=https%3A%2F%2Fwww.xcaretgetaway.com%2F&lact=4904&cl=458083588&mos=1&volume=100&cbr=Chrome&cbrver=103.0.5060.53&c=WEB_EMBEDDED_PLAYER&cver=1.20220629.01.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&autoplay=1&epm=1&delay=4&hl=ja_JP&cr=JP&len=104.381&fexp=23983296%2C24001373%2C24002022%2C24002025%2C24004644%2C24007246%2C24080738%2C24135310%2C24135692%2C24169501%2C24174783%2C24177160%2C24221532%2C24226334%2C24232294%2C24233649%2C24237817%2C24238983%2C24240669&afmt=251&size=2848%3A899&inview=0&muted=1&docid=ynmoTYeNZak&ei=_23DYprTOqzHs8IP7o6w2A0&plid=AAXjAoU3b1ikXNsQ&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2FynmoTYeNZak%3Fenablejsapi%3D1%26mute%3D1%26disablekb%3D1%26controls%3D0%26title%3D0%26showinfo%3D0%26rel%3D0%26loop%3D1%26autoplay%3D1%26playlist%3DynmoTYeNZak&list=TLGGwMvRHTp1U18wNDA3MjAyMg&of=6i16WOExkD3SE9FbUzGcGA&vm=CAEQABgEOjJBS1JhaHdEY3RMNjUzMUxqdU9IYjg0d2xIRTJaaTZRcklXSHBtZk4ycFI4ZmxPN1A2d2JXQVBta0tESUFWNm1ZZ0Jza0FsYnlTRUpZWkFwbTVVODVFeW1GOVVEMFpDRTFHQzZJZHB0dGpYdlVjTElFME1GTnpJTGU2Xy00TU5ieEVIMDAwUzNSZHR3

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/0e7373c2/player_ias.vflset/ja_JP/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81c::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/ynmoTYeNZak?enablejsapi=1&mute=1&disablekb=1&controls=0&title=0&showinfo=0&rel=0&loop=1&autoplay=1&playlist=ynmoTYeNZak
X-YouTube-Client-Version: 1.20220629.01.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: Cgs5cnA5VnNKZEdfSSj_242WBg%3D%3D
X-YouTube-Ad-Signals: dt=1656974847845&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C2848%2C899&vis=1&wgl=true&ca_type=image

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 22:47:32 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 videoplayback Show response
rr2---sn-oguesnd6.googlevideo.com/ Frame F304 240 KB
240 KB 3ms
3ms Fetch
audio/webm 2404:6800:4004:39::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr2---sn-oguesnd6.googlevideo.com/videoplayback?expire=1656996448&ei=_23DYprTOqzHs8IP7o6w2A0&ip=2001%3Aac8%3A40%3Ab4%3A%3A4e&id=o-APj72Fx1mpa3iJkwEFDHhqyT1x-uu9z0PGtoqgZn4cP0&itag=251&source=youtube&requiressl=yes&mh=Y5&mm=31%2C26&mn=sn-oguesnd6%2Csn-npoeenly&ms=au%2Conr&mv=m&mvi=2&pl=48&initcwndbps=1267500&spc=4ocVCyPpSsjwE_QyFgD7dVAfDpjqtLI&vprv=1&mime=audio%2Fwebm&ns=Tjp8ChTHuhBV7mk4KCrN7a8G&gir=yes&clen=1919371&dur=104.381&lmt=1538093178110738&mt=1656974222&fvip=4&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5511222&n=_d4ANqXcTtBG5g&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAKt0PvgKbXNtVntr05Zv5bRvyXkJWQDQ7o6-hFztFqavAiBViHIUbNhG66sKqvQtF1FxCUP1IHGSRiOqyV1FoggfRg%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIgUg6Ba3FO-58cuYV0ra8DFHyL5PE3PuGHN-JMLIz5fDACIQCFJieTV4Ik1tGLx2TwZzsq9bbdg_ykZnDZIlC2kuk3zA%3D%3D&alr=yes&cpn=H1WzMviaNVjxFPYc&cver=1.20220629.01.00&range=290989-536439&rn=10&rbuf=12961&pot=GpsBCm4cPuvuS87daxN2YXEAjb0tTDGMDvYlAnCy5K-5nAl6lmzHU5bdXEePIQRLFxqzUzPSLzYIENxeDaZgijNxUotWuehBPk-mjrlwWdIWzB3En7yFq52UVB87El11Ojq4jACE1b2L4FnOPFrSXYamvxIpATwYQQ6r1l2IVcQ_saV7RHFWu78AuLmgSQEleZSevB7fYzR3yOBWpZ4=

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/0e7373c2/player_ias.vflset/ja_JP/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:39::7 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

32a91a9e08d41b2409bb9295c72511d82cedf9564c600474f5fa56cd3553a92c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 22:47:33 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 245451
client-protocol: quic
last-modified: Fri, 28 Sep 2018 00:06:18 GMT
server: gvs 1.0
vary: Origin
content-type: audio/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21295
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Mon, 04 Jul 2022 22:47:33 GMT

POST
H3 204 atr Show response
www.youtube.com/api/stats/ Frame F304 0
19 B 44ms
44ms XHR
text/html 2404:6800:4004:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/atr?ns=yt&el=embedded&cpn=H1WzMviaNVjxFPYc&ver=2&cmt=4.559&fmt=247&fs=0&rt=5.248&euri=https%3A%2F%2Fwww.xcaretgetaway.com%2F&lact=5275&cl=458083588&mos=1&volume=100&cbr=Chrome&cbrver=103.0.5060.53&c=WEB_EMBEDDED_PLAYER&cver=1.20220629.01.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&autoplay=1&epm=1&delay=4&hl=ja_JP&cr=JP&len=104.381&fexp=23983296%2C24001373%2C24002022%2C24002025%2C24004644%2C24007246%2C24080738%2C24135310%2C24135692%2C24169501%2C24174783%2C24177160%2C24221532%2C24226334%2C24232294%2C24233649%2C24237817%2C24238983%2C24240669&afmt=251&muted=1&docid=ynmoTYeNZak&ei=_23DYprTOqzHs8IP7o6w2A0&plid=AAXjAoU3b1ikXNsQ&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2FynmoTYeNZak%3Fenablejsapi%3D1%26mute%3D1%26disablekb%3D1%26controls%3D0%26title%3D0%26showinfo%3D0%26rel%3D0%26loop%3D1%26autoplay%3D1%26playlist%3DynmoTYeNZak&list=TLGGwMvRHTp1U18wNDA3MjAyMg&of=6i16WOExkD3SE9FbUzGcGA&vm=CAEQABgEOjJBS1JhaHdEY3RMNjUzMUxqdU9IYjg0d2xIRTJaaTZRcklXSHBtZk4ycFI4ZmxPN1A2d2JXQVBta0tESUFWNm1ZZ0Jza0FsYnlTRUpZWkFwbTVVODVFeW1GOVVEMFpDRTFHQzZJZHB0dGpYdlVjTElFME1GTnpJTGU2Xy00TU5ieEVIMDAwUzNSZHR3

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/0e7373c2/player_ias.vflset/ja_JP/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81c::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/ynmoTYeNZak?enablejsapi=1&mute=1&disablekb=1&controls=0&title=0&showinfo=0&rel=0&loop=1&autoplay=1&playlist=ynmoTYeNZak
X-YouTube-Client-Version: 1.20220629.01.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: Cgs5cnA5VnNKZEdfSSj_242WBg%3D%3D
X-YouTube-Ad-Signals: dt=1656974847845&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C2848%2C899&vis=1&wgl=true&ca_type=image

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 22:47:33 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 videoplayback Show response
rr2---sn-oguesnd6.googlevideo.com/ Frame F304 1 MB
1 MB 3ms
3ms Fetch
video/webm 2404:6800:4004:39::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr2---sn-oguesnd6.googlevideo.com/videoplayback?expire=1656996448&ei=_23DYprTOqzHs8IP7o6w2A0&ip=2001%3Aac8%3A40%3Ab4%3A%3A4e&id=o-APj72Fx1mpa3iJkwEFDHhqyT1x-uu9z0PGtoqgZn4cP0&itag=247&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&mh=Y5&mm=31%2C26&mn=sn-oguesnd6%2Csn-npoeenly&ms=au%2Conr&mv=m&mvi=2&pl=48&initcwndbps=1267500&spc=4ocVCyPpSsjwE_QyFgD7dVAfDpjqtLI&vprv=1&mime=video%2Fwebm&ns=Tjp8ChTHuhBV7mk4KCrN7a8G&gir=yes&clen=16128156&dur=104.353&lmt=1538092882042044&mt=1656974222&fvip=4&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5533332&n=_d4ANqXcTtBG5g&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRgIhANY_6-3tQjVLzbvkQYt_ALpQvNUZ-aA97nCiAK-XQO3VAiEA7vCcLlzNH2-4OX-1orpx-f_z2j8TwfBoaqfDzxgwtZc%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIgUg6Ba3FO-58cuYV0ra8DFHyL5PE3PuGHN-JMLIz5fDACIQCFJieTV4Ik1tGLx2TwZzsq9bbdg_ykZnDZIlC2kuk3zA%3D%3D&alr=yes&cpn=H1WzMviaNVjxFPYc&cver=1.20220629.01.00&range=3303691-4751168&rn=11&rbuf=15583&pot=GpsBCm4cPuvuS87daxN2YXEAjb0tTDGMDvYlAnCy5K-5nAl6lmzHU5bdXEePIQRLFxqzUzPSLzYIENxeDaZgijNxUotWuehBPk-mjrlwWdIWzB3En7yFq52UVB87El11Ojq4jACE1b2L4FnOPFrSXYamvxIpATwYQQ6r1l2IVcQ_saV7RHFWu78AuLmgSQEleZSevB7fYzR3yOBWpZ4=

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/0e7373c2/player_ias.vflset/ja_JP/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:39::7 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

a1b4e9489023c3915718a3c2be2d926dd8ff437e200daef74d7deaf34655cdaf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 22:47:34 GMT
x-restrict-formats-hint: None
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1447478
client-protocol: quic
last-modified: Fri, 28 Sep 2018 00:01:22 GMT
server: gvs 1.0
vary: Origin
content-type: video/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21294
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
x-content-type-options: nosniff
expires: Mon, 04 Jul 2022 22:47:34 GMT

Verdicts & Comments Add Verdict or Comment

54 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
stats.landingi.com/	1970-01-20 04:55:11	Name: ls_uid Value: a14b8569
stats.landingi.com/	1970-01-20 04:16:16	Name: ls_sid_1143963 Value: a14b8569
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: RhwT7yGxEsE
.youtube.com/	1970-01-20 08:35:26	Name: VISITOR_INFO1_LIVE Value: 9rp9VsJdG_I

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
buenocrm.com
code.jquery.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
images.assets-landingi.com
img.youtube.com
jnn-pa.googleapis.com
lightboxes.landingi.com
old.assets-landingi.com
popups.landingi.com
resortgetaway.com
rr2---sn-oguesnd6.googlevideo.com
scripts.assets-landingi.com
static.doubleclick.net
stats.landingi.com
styles.assets-landingi.com
ucarecdn.com
www.google.com
www.xcaretgetaway.com
www.youtube.com
yt3.ggpht.com
158.255.47.17
2001:4de0:ac18::1:a:3b
2404:6800:4004:39::7
2404:6800:4004:801::200e
2404:6800:4004:808::2004
2404:6800:4004:81c::200e
2404:6800:4004:821::200a
2404:6800:4004:822::2002
2404:6800:4004:822::200a
2404:6800:4004:823::2001
2404:6800:4004:824::2006
2404:6800:4004:825::200a
2404:6800:4004:826::2003
2600:140b:4::1720:f132
2606:4700:3035::ac43:a6fa
34.203.158.106
34.242.135.119
52.212.68.12
52.30.199.88
54.194.78.84
00ffd4d0cad6c35cec20e9ad87b78e105ef22e93993cd1e3b8913993b346d890
012c2a7fb79198d0b0336e3cd8777afdb508f7283f9c09f0a5b8b67428162227
01e6ec123c37bc0a0c96afe88d1217dbf3b1c7476a5c1fe8254913f3860fa5e0
0218addec1b509cab4d98f1468893615b5be8bd4bb50f11469f02a6d4c9a1e0a
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
066224dccafa61f56d86825e43e3216be01c2caf45cc4a49c4077797a244e520
08432b7583371de2d7a60eee10ce9765ec50d26bf85f9e0508601e6624d99f97
0c310eea77824df240b6197c95fd6294e63db43ad427365542b298db4d29d60c
0cc6510504426a3855b5fd6550938246d97fc691f2992ee3e6a6c6e4580af184
109dc8213417c9bc46e49fdaf1a84736016922c8eac18edbe42779ca04131da1
11148ace6157cd94751922d3c17557609a94b6c2a56ebbf7efcfe1eefba2f27a
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
11d6cf7897a0f13a4d6cf4f8878911e507547bc994e5acb7df4494fe3429d968
1a8d46174e12c8e83b610ef756045d1654b602df9ee51e32213f99ef8341d45f
1a9478dc265e8889151ba37d3fa17b14d6bc5921d37c4b084179d0ede6ce9fee
1bd5e1177b3cef819534401b525646efa7d017d3c3a43d15696d35eb7b6e2f89
1d4c6c14890a815bf47c82d9d39f0a8d074c40b7a995468fd61a5214cda2afa5
1f7ca3d6dc1c44caa9543bf70d92c43a453df1589d526db676e2b587cfd71d2a
208d112bc0b83943e2938f33d93bcaf0e7f4c0fa124855d371d3aee635fc8479
2101735d43a8d486dbc5139500a78420766cc673a3610363ce9525526c3f5149
222b64d1120f080670366757751a6e01b1a06c4e3b2f04c6fc21b0fd37b8007b
24e566e08bc92bce09ed69913bd5099513352eb0f11ae8bd6a307ff1a348b87d
2809d2609496dce0483a9b1ca80c8f6661a0649457521093674da576aebc04ce
2b4cc35c68bc58632b281aafde2cb145028f5da069adc50ac89cbbdac9d98adb
2c047550f369a5d24cbe85aca012c4169662892c2a84e856e2e5241fd54eff36
2dcfbfa68a0bb0095d14c9222d0b845541c7f5b55f470d8d59c443880e993bf6
2de5b1a54e4f825d808058cacb6a1d7a54460ef1b391449b31b555c2781f6817
2e7d9dab07b533a4c6af203d30e313529b871f2df3b771841def2647c38d17dd
310c1ec254e74d1131cf961c1d06a4c8ec2bd00b1003f3ca96a3ad7a942ef0f2
32a91a9e08d41b2409bb9295c72511d82cedf9564c600474f5fa56cd3553a92c
33bd1842b7778216197b870e8f3b4e387d9511905c04ea5a07934b3c614ef109
366f41f6e41d5f33c3defbc91edac4afc5d5a29db4beb57db0e37fecc6e48d12
36bd876a1efce703a192245c7719751d248a27f267e8c8e37485f99a2bc92343
375d351d3e2fce7b3d15a56a43dfdb13ed953fdea6ab707b7f0f7c4a626d31d9
3813c7ea017e1d527ec287ea35b1205a11f2f50be920c2f65e1e010d28d616b1
3c49d5554bef01dc496ee12c0ff20b46a035fe5625fef7798ec243894cafb5d1
3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019
3d9120fa621da6d613c1698b7014ec6bdf4620366e8f2b7b547059f4b6f6272b
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
4583cd757370087234ad06c45153007d939ab1da7032cc329b5b4b55681d61c6
46bad547480f9d36f1fae5c9e78baa33c70341dbe827afca68a5202c2cb2f7f3
46ed3c06f0c2b150f7284c8697ccc9c198a515f55053da6d36683ba2ed362674
46ef20c3bf16f3011c2c15cfd31558eedc534b0969264691d6ab0ca887f5303f
47b4f0d8060e40b8e7412d369e7c9696613468c24317990a4e134c87ea28db7a
47d42f9f412d0c8854bfed1c7b1b433eaf6df4d0d67e7619ee6c9cb7b0289c90
493ff6ec3c4d91b5fe47f694cb2d2b76d978fe7b078a27393072d407b6a6d2a9
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
49a25e804b1631f2cec292b2daf99249657e0a44bc7928323a6390d6d864cc1b
4d8aea0f1e9845c8f6512578252b3f6ff9720393baeaf3d1a15c72e84565d6d7
5006a6ec5843b162d72cc2b373d0f8655e54b184ed63a806aab9c17c520d3aae
5091a00509b006388997b171d01e78296119e41fe88889dfb50f9611bdb17804
52af2a717bc4ae11c656b0ebc3aff5ea96d84902151712111b510d19eb66fb16
57f5882577231df7a0c36fbac749fea5254f73f481a25cce4e10ed7fa3347476
591709b12d91ff9bbca46087e12e52534d03f15fcc7c22abff519d8ea359a308
5ccfe61a3e290f51889f9b55e75974a35465dd9b719cc7cf2fe54b63302cb93c
5d5e0049458abbefd654d8b877b002a769e0b6e000ad6f719df70a80041de3d2
5de94b5b277d1e22e70fcc784fa3a69ac24dd2ce83123a6ccca3fd55e23b249a
5ec31e6499b4a461cacb7a73b412769d60223791411f52e610a3c4459a9933cf
5fe71fc75f373e0fd8bd01bd38d62c5d2f645cfa0c47e52349b78c93c451ebd5
61c840b6433d17b6dddf177ad59dbe2990a13d7f84f1a24bc5070170bf6fbdbc
630705dde59562c92c6d98e5389db1808152af91f72bc91c5c33a6bf3e82dfb5
64888b36e7f774ca0ac03146104351b6e99670b7d5ee5b01b15de6fbde1b1dd8
64bf892369af46f485701e250b746ddd5a71a158f22825a4c1cab8110d32561f
650185f793d3e1c5253c12b9635f706633bfcaa829e845aebed30b336c09c4e1
67d9a8d601c8f81f63e9fbef3a42f32dff50208e44222c25566dd54a956c7315
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
67ee3b2d36afaa4703b5a2aedfd6618138933e91ae8373139e7f2e1a3f3c914a
6b78a69c7f03c62dfd95a6461215c4263cf6e1c63637dd5566a44ecfb29ad4d7
6bd8f093cbba34b70c2d52581c2cc3512abc4ba77129dd4b5570dd6017c1e75c
6c3eeb1c69734be02423ac4f09b2147bc9b9853c99bf4f974fe3008cc41741dc
6c9b5de3c1416c5aec8d608287ac497758530c4f8228725bc33e49cbeee28382
6f39f3d788c70831d45519da1c119524a729001443d627ae292d750bf0d44c99
70a64c9912aae092f9cc15fd4015d474e13b9a08b018c0e761ee183cae873bfa
71a8a02c75ec315a6322c660ce0de89ed6a660a01993329d63a3de7c88d8a999
74405329cd7525b0b668712da9e4723aac83ce273f2ad4a71fb0767e313eccea
7a98dfd386597feb75d29ea1eabdf857d6ba1f404eedca90763b8c2f339fd8e4
81bac4a3f8d27107036747bbafe2e72405dd38842f98ca1d68c1a53b7ebe6ea3
82e87a7fa8439196d6a256c7108740bd6821f5c1e7adfe662cdcb15affee1508
841ff3411ee0c6e4f3323b9d8031b711e2c35a7b5e23a4aa1a06f8b7ffdcc554
846cd2690a1e4d531d429833fc06774e55639641e0107f2f01d67ebe5e7aa9b6
88919342fd8574aa5ccdb2a60a67000d7bc9264422bd5e71b9f02c2417b67fe0
88eb4ccae953543b5a99e2210d4f1ec901d350c73afae4c04f530e13f7085cd2
8c04e9a8d62997a52fbeaa984e88360d0b1dfd6d588c9e8e015056087ba75569
90cf02c3c600082395dda43f9bca568c4a9b0f1ce94bbb776819c2602e59f89d
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
960495014a6c7da1a533d57936ac92069271df616a84fe37c7f015b86f2c8087
97ea1134c3445e940ac7073f15bdbae2905a7ecb4ff7d7c49b789b8653578453
99f2ffad21cc5aaefd1d5b9ab3a498fccc5e2daffa7700809362973860f5b831
9bf0575fff126c6608756140ff53b6090f4cb02748462cdeaf4e167413de7c33
9d56b2b93991d8fb90901884b834101bfa4c2fb73d3c8247f6728bbbfda8c324
9eb37b4889f4bfe3770669fa99c8d225237342abe3c83660de8ffa9aa5a407ac
a1b4e9489023c3915718a3c2be2d926dd8ff437e200daef74d7deaf34655cdaf
a39a7b48501b758f8e6b035c3c28e0c6708bbe26b27f4b4c635014e777d1083c
a451316921985c5ad3ab8e38ab6a51b8b185d4c9b2d4e8ddaba6f7a8c2a53cf7
a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0
a97bf45d556983ce245f36cfcf4c78ecd5b6c984635ddc6adb34fca7f6540666
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
afae54ecc4c673159d89a4c7901a5211c5be6d16d1b8bbb83dccc77d5d16f8d7
b793bf666f77a4cab15034a1f199c32e743ae781140d4557e14d05f70eedaef9
b91858c8ee62daeb66c5cfc01e3b9af0f4269a6637f6a2edfe958002c34d9fdb
b92dd788ddb53149f1c3a8911469c896e8feb453ea8a2a8a3cd1d1fbb39bea9f
bb88c7538650c6f8ef0500ab9af2a660c29218da5c30a0859e779c7fdd53b1b7
bed752e8e963dbdd59bb47844769dcbf380d0989694ff603001b4f8712c0ec65
c0b4ff3fb65144eca60723b81af144243f100241acbc1326bb3235d5b57c6b7a
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
c3492def7800077874f193667fac86c2e0a74f4f005360573908abe929e67072
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c714531824a6e7530988df5f2e4b79b925fb4d15cacc6bc89490a820586a053b
c9bc14072f26e470a4677f215b0b2a42c61395773889b4d8b31690da1b9f73fc
cb2607d168fdabf7d1f2f37975d7215c64dd6be403c5d8267c5bb1704aec2569
cc49cf2c3cfe1f2f637d2fa98a5e6a2e9ef97387726405b002062b41ae777476
cce5eda1829f4182f8d9e109bfcbcee2a836992899c862633989526aa300ab59
ceb674d27d8ffd144c2cba7a63ba514ea796839612f98a1450e99e8df85b4947
d3295fbcef086eb975b0fdcc4b929f0c59d4daf848dba6982a6aa915eb3011e0
d3685031902ecdf165555d24ae0fbb9abacf003484565ebf9dc2c213d64b2e09
d5377990b8871ef0aab5eb2d7d7c51aff4c3c5b820ec31f1d0eb424ccee72f08
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d8f8ebd4e96964c63aa9eb0933af2ddafdfdb7e94c2efc70a5af109518c9ae80
da3f388783a2d5196fae43d6a14afb168462fc4548b4953904ea54be4bc337c7
de3546bbd8e76739e43899e0dfb21f8e59c45b81898f7fbc4d01a7d9936252a8
deec9ab3494ffceca55856ec4229a2b54f0ba478fd03014a16205fb032fdae13
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e47eff3e84b90069a12024203cd8b4814e6997c027d0408ecb7f25abe9003994
ead402320e9104d8522b052f89df4180ed3d3630e2449765be3c3e5ce4da82e6
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
f0f9a983a26ee32385f4bd0920f36b78ccc67a58014f208d36c1843492e1a7c6
f4df22ebc5ca433df193cb0fdaef08fb90820ffc5abd27e06661f496c3ff4ca5
f4e10277e91d26c2c9037be02123ca73b93e29f9b91fef7483e6cd234541a35f
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
fab8753180b7dd4a5667cfe0d660630ccd52562d245fc6d4294113c37487b084
fb4b4b282db9c7841db44b614a95a41c12b0b8692d2b0c268308f8906c8bd82e
fe8311f98e071e124acd6f9121657d5b19b098a232bee1625e2c4050cf4557b2

www.xcaretgetaway.com Open in urlscan Pro 52.212.68.12 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

145 Requests

99 %HTTPS

70 %IPv6

14 Domains

23 Subdomains

21 IPs

6 Countries

6962 kBTransfer

10857 kBSize

4 Cookies

1 Outgoing links

Redirected requests

145 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.xcaretgetaway.com Open in urlscan Pro
52.212.68.12 Public Scan

Screenshot
Live screenshot

Full Image

145
Requests

99 %
HTTPS

70 %
IPv6

14
Domains

23
Subdomains

21
IPs

6
Countries

6962 kB
Transfer

10857 kB
Size

4
Cookies

145 HTTP transactions
1 data transactions