www.castlehillinn.com Open in urlscan Pro
34.139.154.50 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://esop.informz.net/z/cjUucD9taT00MDI2MzYxJnA9MSZ1PTQzMTEwMzU2NiZsaT00MzA3NjQ1Mg/index.html
Effective URL:
https://www.castlehillinn.com/
Submission: On October 10 via api (October 10th 2023, 8:02:32 pm UTC) from US — Scanned from DE

Summary HTTP 182 Redirects Links 13 Behaviour Indicators

Summary

This website contacted 50 IPs in 7 countries across 59 domains to perform 182 HTTP transactions. The main IP is 34.139.154.50, located in North Charleston, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is www.castlehillinn.com.
TLS certificate: Issued by R3 on October 7th 2023. Valid for: 3 months.

This is the only time www.castlehillinn.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	52.54.58.29 52.54.58.29	14618 (AMAZON-AES) (AMAZON-AES)
97	34.139.154.50 34.139.154.50	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	99.86.4.95 99.86.4.95	16509 (AMAZON-02) (AMAZON-02)
7	35.244.188.9 35.244.188.9	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
5	107.178.244.119 107.178.244.119	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
4	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	37.157.5.72 37.157.5.72	198622 (ADFORM) (ADFORM)
2 2	142.250.186.134 142.250.186.134	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
3 6	185.89.210.153 185.89.210.153	29990 (ASN-APPNEX) (ASN-APPNEX)
8 8	216.58.206.34 216.58.206.34	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
3 3	185.89.211.116 185.89.211.116	29990 (ASN-APPNEX) (ASN-APPNEX)
3	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
4 16	37.157.6.237 37.157.6.237	198622 (ADFORM) (ADFORM)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1 2	185.167.164.49 185.167.164.49	198622 (ADFORM) (ADFORM)
2	2a03:2880:f17... 2a03:2880:f177:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:808::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
1	37.157.6.232 37.157.6.232	198622 (ADFORM) (ADFORM)
1	34.249.44.166 34.249.44.166	16509 (AMAZON-02) (AMAZON-02)
1	23.35.237.75 23.35.237.75	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	3.69.90.224 3.69.90.224	16509 (AMAZON-02) (AMAZON-02)
1	185.86.139.101 185.86.139.101	201081 (SMARTADSE...) (SMARTADSERVER)
1	3.71.149.231 3.71.149.231	16509 (AMAZON-02) (AMAZON-02)
1	2.21.20.208 2.21.20.208	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	3.73.31.226 3.73.31.226	16509 (AMAZON-02) (AMAZON-02)
1 2	104.18.26.193 104.18.26.193	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6 7	77.243.51.121 77.243.51.121	42697 (NETIC-AS) (NETIC-AS)
2 2	85.114.159.118 85.114.159.118	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1	3.127.178.105 3.127.178.105	16509 (AMAZON-02) (AMAZON-02)
2 2	34.254.143.3 34.254.143.3	16509 (AMAZON-02) (AMAZON-02)
1	2a02:6ea0:c70... 2a02:6ea0:c700::18	60068 (CDN77 ^_^) (CDN77 ^_^)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1	52.31.175.73 52.31.175.73	16509 (AMAZON-02) (AMAZON-02)
2	69.192.160.219 69.192.160.219	16625 (AKAMAI-AS) (AKAMAI-AS)
1	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	34.252.4.178 34.252.4.178	16509 (AMAZON-02) (AMAZON-02)
1	52.218.0.75 52.218.0.75	16509 (AMAZON-02) (AMAZON-02)
1 1	141.94.171.215 141.94.171.215	16276 (OVH) (OVH)
4 5	89.163.142.91 89.163.142.91	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1 1	139.162.147.24 139.162.147.24	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
1 1	91.210.226.74 91.210.226.74	48314 (IP-PROJECTS) (IP-PROJECTS)
1	52.31.202.102 52.31.202.102	16509 (AMAZON-02) (AMAZON-02)
1	198.47.127.205 198.47.127.205	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
1	65.9.66.113 65.9.66.113	16509 (AMAZON-02) (AMAZON-02)
2 3	54.197.99.246 54.197.99.246	14618 (AMAZON-AES) (AMAZON-AES)
2 2	34.241.182.209 34.241.182.209	16509 (AMAZON-02) (AMAZON-02)
1 1	35.158.89.69 35.158.89.69	16509 (AMAZON-02) (AMAZON-02)
1	184.30.24.207 184.30.24.207	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	3.73.105.217 3.73.105.217	16509 (AMAZON-02) (AMAZON-02)
1	162.19.138.116 162.19.138.116	16276 (OVH) (OVH)
2 2	35.190.24.218 35.190.24.218	15169 (GOOGLE) (GOOGLE)
1	23.192.153.28 23.192.153.28	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2600:9000:211... 2600:9000:211e:7800:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
2 2	34.111.113.62 34.111.113.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	46.19.11.36 46.19.11.36	51790 (SIEL) (SIEL)
1	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
1	52.59.106.121 52.59.106.121	16509 (AMAZON-02) (AMAZON-02)
182	50

1 52.54.58.29 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-54-58-29.compute-1.amazonaws.com

esop.informz.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

97 34.139.154.50 (North Charleston, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 50.154.139.34.bc.googleusercontent.com

www.castlehillinn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.86.4.95 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-95.fra6.r.cloudfront.net

api.mapbox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 35.244.188.9 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 9.188.244.35.bc.googleusercontent.com

static.sojern.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 107.178.244.119 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 119.244.178.107.bc.googleusercontent.com

beacon.sojern.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.sojern.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.5.72 (Denmark)

ASN198622 (ADFORM, DK)

s2.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.134 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.89.210.153 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 216.58.206.34 (United States) 8 redirects

ASN15169 (GOOGLE, US)
PTR: lhr35s10-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

fcmatch.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fcmatch.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.89.211.116 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 37.157.6.237 (Denmark) 4 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dmp.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.167.164.49 (Denmark) 1 redirects

ASN198622 (ADFORM, DK)

a2.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.6.232 (Denmark)

ASN198622 (ADFORM, DK)

a1.seadform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.249.44.166 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-44-166.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.237.75 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-75.deploy.static.akamaitechnologies.com

ad.yieldlab.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.69.90.224 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-69-90-224.eu-central-1.compute.amazonaws.com

ih.adscale.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.139.101 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.71.149.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.21.20.208 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-21-20-208.deploy.static.akamaitechnologies.com

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.73.31.226 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-73-31-226.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.26.193 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 77.243.51.121 (Denmark) 6 redirects

ASN42697 (NETIC-AS, DK)

uipglob.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
se.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 85.114.159.118 (Weil am Rhein, Germany) 2 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.127.178.105 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-178-105.eu-central-1.compute.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.254.143.3 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-143-3.eu-west-1.compute.amazonaws.com

loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::18 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

load77.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.31.175.73 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-175-73.eu-west-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.192.160.219 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-160-219.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.252.4.178 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-252-4-178.eu-west-1.compute.amazonaws.com

api.adrtx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.218.0.75 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: s3-eu-west-1.amazonaws.com

s3-eu-west-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.94.171.215 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: pikafka-eu-9.cloudy.ovh

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 89.163.142.91 (Germany) 4 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: cm40.as.net

cm.adsafety.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.162.147.24 (Frankfurt am Main, Germany) 1 redirects

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: tags2.adsafety.net

tags.adsafety.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.210.226.74 (Germany) 1 redirects

ASN48314 (IP-PROJECTS, DE)

ads.smartstream.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.31.202.102 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-202-102.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.205 (United States)

ASN3257 (GTT-BACKBONE GTT, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.113 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-113.fra56.r.cloudfront.net

pdw-adf.userreport.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.197.99.246 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-197-99-246.compute-1.amazonaws.com

a.audrte.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.241.182.209 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-241-182-209.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.158.89.69 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-89-69.eu-central-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.24.207 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-24-207.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.73.105.217 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-73-105-217.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.116 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533567.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.24.218 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 218.24.190.35.bc.googleusercontent.com

redirect.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.192.153.28 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-192-153-28.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:211e:7800:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.113.62 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.19.11.36 (Slovenia)

ASN51790 (SIEL, SI)
PTR: ilog.vsn.si

match.contentexchange.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.59.106.121 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-106-121.eu-central-1.compute.amazonaws.com

e1.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
97	castlehillinn.com www.castlehillinn.com	3 MB
19	adform.net 5 redirects s2.adform.net — Cisco Umbrella Rank: 7290 c1.adform.net — Cisco Umbrella Rank: 643 a2.adform.net — Cisco Umbrella Rank: 10839 dmp.adform.net — Cisco Umbrella Rank: 3616	44 KB
12	sojern.com static.sojern.com — Cisco Umbrella Rank: 15161 beacon.sojern.com — Cisco Umbrella Rank: 6176 pixel.sojern.com — Cisco Umbrella Rank: 8495	58 KB
11	doubleclick.net 10 redirects ad.doubleclick.net — Cisco Umbrella Rank: 173 cm.g.doubleclick.net — Cisco Umbrella Rank: 255 googleads.g.doubleclick.net — Cisco Umbrella Rank: 45	4 KB
9	adnxs.com 6 redirects secure.adnxs.com — Cisco Umbrella Rank: 542 ib.adnxs.com — Cisco Umbrella Rank: 261	7 KB
7	semasio.net 6 redirects uipglob.semasio.net — Cisco Umbrella Rank: 1270 se.semasio.net — Cisco Umbrella Rank: 22364	4 KB
6	adsafety.net 5 redirects cm.adsafety.net — Cisco Umbrella Rank: 21747 tags.adsafety.net — Cisco Umbrella Rank: 91058	10 KB
4	bing.com bat.bing.com — Cisco Umbrella Rank: 427	14 KB
3	audrte.com 2 redirects a.audrte.com — Cisco Umbrella Rank: 2979	2 KB
3	exelator.com 2 redirects loadm.exelator.com — Cisco Umbrella Rank: 2048 load77.exelator.com — Cisco Umbrella Rank: 3804	2 KB
3	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 402	445 B
3	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 118 fcmatch.google.com — Cisco Umbrella Rank: 4031 www.google.com — Cisco Umbrella Rank: 2	1 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 56	215 KB
2	tapad.com 2 redirects pixel.tapad.com — Cisco Umbrella Rank: 521	1 KB
2	weborama.fr 2 redirects redirect.frontend.weborama.fr — Cisco Umbrella Rank: 14143	632 B
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 1069	1 KB
2	demdex.net 2 redirects dpm.demdex.net — Cisco Umbrella Rank: 242	2 KB
2	bluekai.com tags.bluekai.com — Cisco Umbrella Rank: 734	647 B
2	adition.com 2 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1617	928 B
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 716	1 KB
2	adscale.de 2 redirects ih.adscale.de — Cisco Umbrella Rank: 3185	692 B
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 116	216 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 187	88 KB
2	mapbox.com api.mapbox.com — Cisco Umbrella Rank: 4362	220 KB
1	emxdgt.com e1.emxdgt.com — Cisco Umbrella Rank: 2433	44 B
1	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 434	140 B
1	contentexchange.me match.contentexchange.me — Cisco Umbrella Rank: 29639	49 B
1	smaato.net s.ad.smaato.net — Cisco Umbrella Rank: 893	236 B
1	teads.tv sync.teads.tv — Cisco Umbrella Rank: 1584	163 B
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 470	921 B
1	mathtag.com pixel.mathtag.com — Cisco Umbrella Rank: 2109	417 B
1	agkn.com 1 redirects aa.agkn.com — Cisco Umbrella Rank: 587	489 B
1	userreport.com pdw-adf.userreport.com — Cisco Umbrella Rank: 27221	444 B
1	pubmatic.com simage2.pubmatic.com — Cisco Umbrella Rank: 959	472 B
1	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 903	338 B
1	smartstream.tv 1 redirects ads.smartstream.tv — Cisco Umbrella Rank: 28871	849 B
1	onaudience.com 1 redirects pixel.onaudience.com — Cisco Umbrella Rank: 3315	418 B
1	amazonaws.com s3-eu-west-1.amazonaws.com	390 B
1	adrtx.net 1 redirects api.adrtx.net — Cisco Umbrella Rank: 32266	407 B
1	openx.net eu-u.openx.net — Cisco Umbrella Rank: 2959	264 B
1	crwdcntrl.net sync.crwdcntrl.net — Cisco Umbrella Rank: 1011	266 B
1	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 445	98 B
1	eyeota.net ps.eyeota.net — Cisco Umbrella Rank: 1189	344 B
1	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 387	146 B
1	stickyadstv.com ads.stickyadstv.com — Cisco Umbrella Rank: 620	638 B
1	yahoo.com ups.analytics.yahoo.com — Cisco Umbrella Rank: 363	125 B
1	smartadserver.com rtb-csync.smartadserver.com — Cisco Umbrella Rank: 898	114 B
1	rubiconproject.com token.rubiconproject.com — Cisco Umbrella Rank: 504	214 B
1	yieldlab.net ad.yieldlab.net — Cisco Umbrella Rank: 4701	400 B
1	360yield.com ad.360yield.com — Cisco Umbrella Rank: 761	199 B
1	seadform.net a1.seadform.net — Cisco Umbrella Rank: 25365	457 B
1	google.de www.google.de — Cisco Umbrella Rank: 6147	455 B
1	youtube.com fcmatch.youtube.com — Cisco Umbrella Rank: 4036	244 B
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2250	249 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 49	1 KB
1	informz.net 1 redirects esop.informz.net	795 B
0	e-volution.ai Failed sync.e-volution.ai Failed
0	1dmp.io Failed sync.1dmp.io Failed
0	ib-ibi.com Failed global.ib-ibi.com Failed
182	59

	Domain	Requested by
97	www.castlehillinn.com	www.castlehillinn.com
13	c1.adform.net	4 redirects a2.adform.net c1.adform.net
8	cm.g.doubleclick.net	8 redirects
7	static.sojern.com	www.castlehillinn.com static.sojern.com
6	secure.adnxs.com	3 redirects static.sojern.com c1.adform.net
5	cm.adsafety.net	4 redirects c1.adform.net
4	se.semasio.net	3 redirects c1.adform.net
4	pixel.sojern.com	static.sojern.com c1.adform.net
4	bat.bing.com	beacon.sojern.com bat.bing.com static.sojern.com
3	dmp.adform.net	c1.adform.net
3	a.audrte.com	2 redirects c1.adform.net
3	uipglob.semasio.net	3 redirects
3	match.adsrvr.org	static.sojern.com c1.adform.net
3	ib.adnxs.com	3 redirects
3	www.googletagmanager.com	www.castlehillinn.com www.googletagmanager.com beacon.sojern.com
2	pixel.tapad.com	2 redirects
2	redirect.frontend.weborama.fr	2 redirects
2	pm.w55c.net	2 redirects
2	dpm.demdex.net	2 redirects
2	tags.bluekai.com	c1.adform.net
2	loadm.exelator.com	2 redirects
2	dsp.adfarm1.adition.com	2 redirects
2	dsum-sec.casalemedia.com	1 redirects c1.adform.net
2	ih.adscale.de	2 redirects
2	www.facebook.com	static.sojern.com
2	a2.adform.net	1 redirects static.sojern.com
2	ad.doubleclick.net	2 redirects
2	connect.facebook.net	beacon.sojern.com connect.facebook.net
2	api.mapbox.com	www.castlehillinn.com
1	e1.emxdgt.com	c1.adform.net
1	eb2.3lift.com	c1.adform.net
1	match.contentexchange.me	c1.adform.net
1	s.ad.smaato.net	c1.adform.net
1	sync.teads.tv	c1.adform.net
1	id5-sync.com	c1.adform.net
1	pixel.mathtag.com	c1.adform.net
1	aa.agkn.com	1 redirects
1	pdw-adf.userreport.com	c1.adform.net
1	simage2.pubmatic.com	c1.adform.net
1	beacon.krxd.net	c1.adform.net
1	ads.smartstream.tv	1 redirects
1	tags.adsafety.net	1 redirects
1	pixel.onaudience.com	1 redirects
1	s3-eu-west-1.amazonaws.com	c1.adform.net
1	api.adrtx.net	1 redirects
1	eu-u.openx.net	c1.adform.net
1	sync.crwdcntrl.net	c1.adform.net
1	idsync.rlcdn.com	c1.adform.net
1	load77.exelator.com	c1.adform.net
1	ps.eyeota.net	c1.adform.net
1	x.bidswitch.net	c1.adform.net
1	ads.stickyadstv.com	c1.adform.net
1	ups.analytics.yahoo.com	c1.adform.net
1	rtb-csync.smartadserver.com	c1.adform.net
1	token.rubiconproject.com	c1.adform.net
1	ad.yieldlab.net	c1.adform.net
1	ad.360yield.com	c1.adform.net
1	a1.seadform.net	static.sojern.com
1	www.google.de	static.sojern.com
1	www.google.com	static.sojern.com
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	fcmatch.youtube.com	static.sojern.com
1	fcmatch.google.com	1 redirects
1	adservice.google.com	static.sojern.com
1	s2.adform.net	beacon.sojern.com
1	beacon.sojern.com	static.sojern.com
1	region1.google-analytics.com	www.googletagmanager.com
1	fonts.googleapis.com	www.castlehillinn.com
1	esop.informz.net	1 redirects
0	sync.e-volution.ai Failed	c1.adform.net
0	sync.1dmp.io Failed	c1.adform.net
0	global.ib-ibi.com Failed	c1.adform.net
182	72

This site contains links to these domains. Also see Links.

Domain
www.relaischateaux.com
www.instagram.com
www.newportrestaurantgroup.com
www.facebook.com
bermudarace.com
www.orourkehospitality.com
be.synxis.com

Subject Issuer	Validity	Valid
www.castlehillinn.com R3	`2023-10-07` - `2024-01-05`	3 months	crt.sh
api.mapbox.com Amazon RSA 2048 M02	`2023-03-01` - `2024-01-04`	10 months	crt.sh
*.sojern.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-17` - `2024-02-17`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-07-20` - `2023-10-18`	3 months	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 05	`2023-07-26` - `2024-01-22`	6 months	crt.sh
track.adform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-06` - `2024-09-19`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.seadform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-10-20` - `2023-11-09`	a year	crt.sh
*.360yield.com Amazon RSA 2048 M01	`2023-05-29` - `2024-06-26`	a year	crt.sh
*.yieldlab.net DigiCert TLS RSA SHA256 2020 CA1	`2023-09-17` - `2024-09-17`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-08-03` - `2024-01-24`	6 months	crt.sh
*.ads.stickyadstv.com DigiCert TLS RSA SHA256 2020 CA1	`2023-04-16` - `2024-04-16`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
eyeota.net GoGetSSL RSA DV CA	`2023-03-08` - `2024-04-07`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-02` - `2024-03-03`	a year	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M02	`2023-10-08` - `2024-11-06`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-07` - `2024-02-08`	a year	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2023-04-14` - `2024-04-12`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2023-04-20` - `2024-05-20`	a year	crt.sh
*.userreport.com Amazon RSA 2048 M02	`2023-02-22` - `2024-01-18`	a year	crt.sh
pixel.mathtag.com DigiCert TLS RSA SHA256 2020 CA1	`2023-05-07` - `2024-05-07`	a year	crt.sh
*.id5-sync.com R3	`2023-09-01` - `2023-11-30`	3 months	crt.sh
teads.tv R3	`2023-10-09` - `2024-01-07`	3 months	crt.sh
s.ad.smaato.net Amazon RSA 2048 M03	`2023-09-04` - `2024-10-02`	a year	crt.sh
*.contentexchange.me Sectigo RSA Domain Validation Secure Server CA	`2023-05-29` - `2024-06-04`	a year	crt.sh
*.3lift.com Amazon RSA 2048 M02	`2023-04-13` - `2024-05-11`	a year	crt.sh
*.emxdgt.com Amazon RSA 2048 M01	`2023-05-03` - `2024-05-31`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://www.castlehillinn.com/
Frame ID: 4488A5033B42288BDAEACDD3A117B4EE
Requests: 106 HTTP requests in this frame

Frame: https://static.sojern.com/cip/w/s?id=27232&f_v=v6_js&p_v=2&version=3&auto_url=https%3A%2F%2Fwww.castlehillinn.com%2F&auto_ccid=16a4m-pekwq-vylqj-qsg04-bwu1n&auto_ga=&e_eml=null&auto_eml=&auto_eml_count=0&auto_eml_domain=&auto_eml_list=&ws=1600x1200&tz=-120&sha256_eml=&sha1_eml=&md5_eml=&ccid=&vid=hot&cid=
Frame ID: 421527131B85AA3FC3C2044B809C5277
Requests: 27 HTTP requests in this frame

Frame: https://static.sojern.com/cip/w/splus?id=27232&f_v=v6_js&p_v=2&version=3&auto_url=https%3A%2F%2Fwww.castlehillinn.com%2F&auto_ccid=16a4m-pekwq-vylqj-qsg04-bwu1n&auto_ga=&e_eml=null&auto_eml=&auto_eml_count=0&auto_eml_domain=&auto_eml_list=&ws=1600x1200&tz=-120&sha256_eml=&sha1_eml=&md5_eml=&ccid=&vid=hot&cid=
Frame ID: 30C8DD602897DA79434759D663C58839
Requests: 3 HTTP requests in this frame

Frame: https://c1.adform.net/imatch/pixels?uid=8141816467623654219&agencyId=8579&advertiserId=2160738&src=tp&rnd=665922
Frame ID: 8D976F0A1A66D44ECE322CBA4E9DFF2D
Requests: 48 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Newport, RI Hotels | Relais & Châteaux | Castle Hill Inn

Page URL History Show full URLs

http://esop.informz.net/z/cjUucD9taT00MDI2MzYxJnA9MSZ1PTQzMTEwMzU2NiZsaT00MzA3NjQ1Mg/index.html HTTP 307
https://www.castlehillinn.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Mapbox GL JS (Maps) Expand

Overall confidence: 100%
Detected patterns

mapbox-gl.js

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/slick(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

182
Requests

85 %
HTTPS

20 %
IPv6

59
Domains

72
Subdomains

50
IPs

7
Countries

3342 kB
Transfer

18463 kB
Size

68
Cookies

13 Outgoing links

These are links going to different origins than the main page.

URL: https://www.relaischateaux.com/us/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/CyBsLtavGcY/
Title: View

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/Cx8YcXaupEn/
Title: View

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/Cxs-qrnuOCE/
Title: View

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/CxnaqdyOh4d/
Title: View

Search URL Search Domain Scan URL

URL: https://www.instagram.com/reel/Cw5m4k7uQlf/
Title: View

Search URL Search Domain Scan URL

URL: https://www.newportrestaurantgroup.com/careers?apply=castle+hill+inn
Title: Careers

Search URL Search Domain Scan URL

URL: https://www.facebook.com/CastleHillInn/
Title: FaceBook

Search URL Search Domain Scan URL

URL: https://www.instagram.com/castlehillinn/?hl=en
Title: Instagram

Search URL Search Domain Scan URL

URL: https://bermudarace.com/castle-hill-inn-named-official-luxury-hospitality-sponsor-of-2022-newport-bermuda-race/

Search URL Search Domain Scan URL

URL: https://www.orourkehospitality.com/
Title: Website by O'Rourke Hospitality

Search URL Search Domain Scan URL

URL: https://be.synxis.com/?hotel=22959&chain=8565&adult=1&rooms=1
Title: Book Now

Search URL Search Domain Scan URL

URL: https://www.instagram.com/
Title: Instagram

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://esop.informz.net/z/cjUucD9taT00MDI2MzYxJnA9MSZ1PTQzMTEwMzU2NiZsaT00MzA3NjQ1Mg/index.html HTTP 307
https://www.castlehillinn.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 115

https://ad.doubleclick.net/ddm/activity/src=6479053;type=homep0;cat=castl0;qty=1;cost=0;u1=https%253A%252F%252Fwww.castlehillinn.com%252F;u2=;u3=;u4=;u5=;u6=;u8=;u9=;u10=;u11=;u12=;u13=;u14=;u15=;u16=;u17=;u18=;u19=;u20=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=orderID HTTP 302
https://ad.doubleclick.net/ddm/activity/src=6479053;dc_pre=CNvqn_ui7IEDFR0LogMd9qUBuQ;type=homep0;cat=castl0;qty=1;cost=0;u1=https%253A%252F%252Fwww.castlehillinn.com%252F;u2=;u3=;u4=;u5=;u6=;u8=;u9=;u10=;u11=;u12=;u13=;u14=;u15=;u16=;u17=;u18=;u19=;u20=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=orderID HTTP 302
https://adservice.google.com/ddm/fls/z/src=6479053;dc_pre=CNvqn_ui7IEDFR0LogMd9qUBuQ;type=homep0;cat=castl0;qty=1;cost=0;u1=https%253A%252F%252Fwww.castlehillinn.com%252F;u2=;u3=;u4=;u5=;u6=;u8=;u9=;u10=;u11=;u12=;u13=;u14=;u15=;u16=;u17=;u18=;u19=;u20=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=orderID

Request Chain 116

https://secure.adnxs.com/px?id=1227119&t=1 HTTP 307
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1227119%26t%3D1

Request Chain 117

https://secure.adnxs.com/seg?add=21103008&t=1 HTTP 307
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D21103008%26t%3D1

Request Chain 118

https://cm.g.doubleclick.net/pixel?google_cm=true&google_hm=RkRJK5pdb1p0WmMSXs2D8Q&google_nid=sojern__adx_open_bidder_seat&google_sc=true&sjrn_id=mYeYN0MZyj8M1a48uihPwrj19kZlcA2gnGu2Njgs-OC6WkpGxraw5e2_pygTrumo&sjrn_ula=392743307 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cm=true&google_hm=RkRJK5pdb1p0WmMSXs2D8Q&google_nid=sojern__adx_open_bidder_seat&google_sc=true&sjrn_id=mYeYN0MZyj8M1a48uihPwrj19kZlcA2gnGu2Njgs-OC6WkpGxraw5e2_pygTrumo&sjrn_ula=392743307&google_tc= HTTP 302
https://pixel.sojern.com/idSync/AdX?exchangeProfileId=&sjrn_id=mYeYN0MZyj8M1a48uihPwrj19kZlcA2gnGu2Njgs-OC6WkpGxraw5e2_pygTrumo&sjrn_ula=392743307&google_gid=CAESEAKnP2wBg-xdYhkIivZI6Lg&google_cver=1

Request Chain 119

https://cm.g.doubleclick.net/pixel?google_hm=RkRJK5pdb1p0WmMSXs2D8Q&google_nid=sojern_adh HTTP 302
https://cm.g.doubleclick.net/pixel?google_hm=RkRJK5pdb1p0WmMSXs2D8Q&google_nid=sojern_adh&google_tc= HTTP 302
https://fcmatch.google.com/pixel?google_gm=AMnCDoqoFTOqUiJhMgP-9OY8DcsVevYKBfefPM6_IWcSIBa6Da00RoygksRXipQu_Jsn4i0TKRcHpVI89QYiDWy2Rc3gV4g4JkhabRx3CAX5kF2TJhgTcKg HTTP 302
https://fcmatch.youtube.com/pixel?google_gm=AMnCDoqoFTOqUiJhMgP-9OY8DcsVevYKBfefPM6_IWcSIBa6Da00RoygksRXipQu_Jsn4i0TKRcHpVI89QYiDWy2Rc3gV4g4JkhabRx3CAX5kF2TJhgTcKg

Request Chain 120

https://ib.adnxs.com/getuid?https://pixel.sojern.com/idsync/apn?id=$UID&sjrn_id=mYeYN0MZyj8M1a48uihPwrj19kZlcA2gnGu2Njgs-OC6WkpGxraw5e2_pygTrumo HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fpixel.sojern.com%2Fidsync%2Fapn%3Fid%3D%24UID%26sjrn_id%3DmYeYN0MZyj8M1a48uihPwrj19kZlcA2gnGu2Njgs-OC6WkpGxraw5e2_pygTrumo HTTP 302
https://pixel.sojern.com/idsync/apn?id=5186621193740675632&sjrn_id=mYeYN0MZyj8M1a48uihPwrj19kZlcA2gnGu2Njgs-OC6WkpGxraw5e2_pygTrumo

Request Chain 122

https://c1.adform.net/serving/cookie/match?cid=4644492b-9a5d-6f5a-745a-63125ecd83f1&party=1296 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&cid=4644492b-9a5d-6f5a-745a-63125ecd83f1&party=1296 HTTP 302
https://pixel.sojern.com/idsync/adf?adfid=8141816467623654219&cid=4644492b-9a5d-6f5a-745a-63125ecd83f1

Request Chain 129

https://a2.adform.net/Serving/TrackPoint/?pm=3051329&ADFPageName=Castle%20Hill%20Inn%20--%20HOME_PAGE%2027232&ADFdivider=%7C&ord=569023511420&ADFtpmode=2&loc=https%3A%2F%2Fstatic.sojern.com%2Fcip%2Fw%2Fs%3Fid%3D27232%26f_v%3Dv6_js%26p_v%3D2%26version%3D3%26auto_url%3Dhttps%253A%252F%252Fwww.castlehillinn.com%252F%26auto_ccid%3D16a4m-pekwq-vylqj-qsg04-bwu1n%26auto_ga%3D%26e_eml%3Dnull%26auto_eml%3D%26auto_eml_count%3D0%26auto_eml_domain%3D%26auto_eml_list%3D%26ws%3D1600x1200%26tz%3D-120%26sha256_eml%3D%26sha1_eml%3D%26md5_eml%3D%26ccid%3D%26vid%3Dhot%26cid%3D&CPref=https%3A%2F%2Fwww.castlehillinn.com%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24 HTTP 302
https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=3051329&ADFPageName=Castle%20Hill%20Inn%20--%20HOME_PAGE%2027232&ADFdivider=%7C&ord=569023511420&ADFtpmode=2&loc=https%3A%2F%2Fstatic.sojern.com%2Fcip%2Fw%2Fs%3Fid%3D27232%26f_v%3Dv6_js%26p_v%3D2%26version%3D3%26auto_url%3Dhttps%253A%252F%252Fwww.castlehillinn.com%252F%26auto_ccid%3D16a4m-pekwq-vylqj-qsg04-bwu1n%26auto_ga%3D%26e_eml%3Dnull%26auto_eml%3D%26auto_eml_count%3D0%26auto_eml_domain%3D%26auto_eml_list%3D%26ws%3D1600x1200%26tz%3D-120%26sha256_eml%3D%26sha1_eml%3D%26md5_eml%3D%26ccid%3D%26vid%3Dhot%26cid%3D&CPref=https%3A%2F%2Fwww.castlehillinn.com%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24

Request Chain 140

https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=8141816467623654219&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__ HTTP 302
https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=8141816467623654219&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__&nut&uu=cd727c2947e24faaad3f348156e12f16 HTTP 307
https://c1.adform.net/serving/cookie/match?party=9&uid=465236a33050adb148fc556ae12a67c5b34d281e6fe2bc251dbb689242e4538d

Request Chain 145

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=8141816467623654219&expiration=1698177761 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=8141816467623654219&expiration=1698177761&C=1

Request Chain 146

https://uipglob.semasio.net/adform/1/info?sType=sync&sExtCookieId=8141816467623654219&sInitiator=external HTTP 302
https://uipglob.semasio.net/adform/1/info2?sType=sync&sExtCookieId=8141816467623654219&sInitiator=external HTTP 302
https://se.semasio.net/sync/1/16266044?sExtCookieId=8141816467623654219&gdpr=&sInitiator=external HTTP 302
https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fse.semasio.net%2Fsync%2F1%2F647471%3FsExtCookieId%3D%25%25COOKIE%25%25%26sInitiator%3Dinternal&gdpr= HTTP 302
https://se.semasio.net/sync/1/647471?sExtCookieId=7288422685135141009&sInitiator=internal&gdpr= HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fse.semasio.net%2Fsync%2F1%2F4354957%3FsExtCookieId%3D%24UID%26sInitiator%3Dinternal&gdpr= HTTP 302
https://se.semasio.net/sync/1/4354957?sExtCookieId=5186621193740675632&sInitiator=internal&gdpr= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=semasio_ddp&google_cm&google_hm=NTBBRTAwNzhGQzUyNjJDRQ&gdpr= HTTP 302
https://uipglob.semasio.net/dbm/1/info?sType=sync&sExtCookieId=CAESEFN0Big49srT-EU1nv7g0hQ&sInitiator=internal&google_cver=1&gdpr=&google_cver=1 HTTP 302
https://se.semasio.net/sync/1/12092831?sExtCookieId=CAESEFN0Big49srT-EU1nv7g0hQ&sInitiator=internal&google_cver=1&gdpr=

Request Chain 148

https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=8141816467623654219 HTTP 302
https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=8141816467623654219&xl8blockcheck=1 HTTP 302
https://load77.exelator.com/pixel.gif

Request Chain 153

https://api.adrtx.net/thirdparty/click?p=adfo HTTP 302
https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif

Request Chain 154

https://pixel.onaudience.com/?mapped=8141816467623654219&partner=68 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1

Request Chain 155

https://cm.adsafety.net/?_cmsrc=adformx&idt=100&did=8141816467623654219 HTTP 302
https://tags.adsafety.net/v1/cm?cm_uid=CM120231010201e9a0eb05b2692b1c0a&redirect=https%3A%2F%2Fcm.adsafety.net%2F%3F_cmsrc%3Dct%26_chainsrc%3Dcommon%26idt%3D%5B%25IDT%25%5D%26did%3D%5B%25DID%25%5D&gdpr=0&gdpr_consent= HTTP 302
https://cm.adsafety.net/?_cmsrc=ct&_chainsrc=common&idt=100&did=d6be7ed11f94aa9a39dc9f010620d7b1 HTTP 302
https://ads.smartstream.tv/cm/?cmsrc=cm&cm_uid=CM120231010201e9a0eb05b2692b1c0a&redirect=https%3A%2F%2Fcm.adsafety.net%2F%3F_cmsrc%3Dstv%26_chainsrc%3Dcommon&gdpr_consent= HTTP 302
https://cm.adsafety.net/?_cmsrc=stv&_chainsrc=common&idt=100&did=d6be7ed11f94aa9a39dc9f010620d7b1&idt_did_status=added&gdpr_consent=&gdpr=0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=dataxtrade_dmp&google_cm&google_hm=Q00xMjAyMzEwMTAyMDFlOWEwZWIwNWIyNjkyYjFjMGE&gdpr_consent=&gdpr=0 HTTP 302
https://cm.adsafety.net/?_cmsrc=dbmx&midt=100&mdid=CAESEDk5bmv_CQY0lL96GIOZb-E&gdpr_consent=&gdpr=0&google_cver=1 HTTP 302
https://c1.adform.net/serving/cookie/match?party=28&cid=CM120231010201e9a0eb05b2692b1c0a HTTP 302
https://cm.adsafety.net/?_cmsrc=adform&idt=100&did=8141816467623654219

Request Chain 157

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm&google_ula=1641347&party=1&google_hm=ODE0MTgxNjQ2NzYyMzY1NDIxOQ HTTP 302
https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEEdMGGGB3b4kwYtqCSJRZ9k&google_cver=1&google_ula=1641347,0

Request Chain 158

https://secure.adnxs.com/getuid?https://c1.adform.net/serving/cookie/match?party=3&id=$UID&redirect=1 HTTP 302
https://c1.adform.net/serving/cookie/match?party=3&id=5186621193740675632&redirect=1 HTTP 302
https://secure.adnxs.com/setuid?entity=91&code=8141816467623654219

Request Chain 162

https://a.audrte.com/a?adform_uid=8141816467623654219 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=ZzdiSUphNEs3R21RbWVGY1NOcktaTzY3Zw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
https://a.audrte.com/p

Request Chain 163

https://dpm.demdex.net/ibs:dpid=1586&dpuuid=8141816467623654219&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1586&dpuuid=8141816467623654219&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1 HTTP 302
https://c1.adform.net/serving/cookie/match?party=1007&cid=89752186549842264183447022689673893717&noredirect=1

Request Chain 164

https://aa.agkn.com/adscores/g.pixel?sid=9212269628&_puid=8141816467623654219 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1014&cid=217113104665004817156

Request Chain 165

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1049%26cid%3D%25%25COOKIE%25%25 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7288422685135141009

Request Chain 168

https://pm.w55c.net/ping_match.gif?st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_ HTTP 302
https://c1.adform.net/serving/cookie/match?party=1084&cid=RKygbsGV1QQiVX5

Request Chain 172

https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D HTTP 307
https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D&bounce=1&random=4190346907 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1145&cid=w.Ay3M.w/mI6PXP8rfGHM.

Request Chain 176

https://pixel.tapad.com/idsync/ex/receive?partner_id=2032&partner_device_id=8141816467623654219&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2032&partner_device_id=8141816467623654219&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://c1.adform.net/serving/cookie/match?party=2007&cid=8af682eb-b1c6-4ab8-85fc-9d69a3f6a80e

182 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.castlehillinn.com/
Redirect Chain

http://esop.informz.net/z/cjUucD9taT00MDI2MzYxJnA9MSZ1PTQzMTEwMzU2NiZsaT00MzA3NjQ1Mg/index.html
https://www.castlehillinn.com/

126 KB
23 KB

594ms
223ms

Document
text/html

34.139.154.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.castlehillinn.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.139.154.50 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.154.139.34.bc.googleusercontent.com
Software: nginx / WP Engine
Resource Hash: a6647f89d9b589a5c047c2229d29e88371b5969a53f3b0874c77539ce4b441be

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=600, must-revalidate
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 10 Oct 2023 20:02:21 GMT
link: <https://www.castlehillinn.com/wp-json/>; rel="https://api.w.org/" <https://www.castlehillinn.com/wp-json/wp/v2/pages/12>; rel="alternate"; type="application/json" <https://www.castlehillinn.com/>; rel=shortlink
server: nginx
vary: Accept-Encoding Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
x-cache: HIT: 14
x-cache-group: normal
x-cacheable: SHORT
x-powered-by: WP Engine

Redirect headers

Cache-Control: private
Connection: keep-alive
Content-Length: 0
Content-Type: text/html
Date: Tue, 10 Oct 2023 20:02:20 GMT
Location: https://www.castlehillinn.com/
Server: Microsoft-IIS/10.0
Strict-Transport-Security: max-age=86400

GET
H2 200 sbi-styles.min.css
www.castlehillinn.com/wp-content/plugins/instagram-feed-pro/css/ 63 KB
12 KB 249ms
234ms Stylesheet
text/css 34.139.154.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.castlehillinn.com/wp-content/plugins/instagram-feed-pro/css/sbi-styles.min.css?ver=6.2.4
Requested by: Host: www.castlehillinn.com
URL: https://www.castlehillinn.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.139.154.50 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.154.139.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: bef93e2e8d7aa13c05a55bac632650b0c3ba58397a9da64c02fa138fe7439343

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.castlehillinn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Tue, 10 Oct 2023 20:02:21 GMT
content-encoding: br
last-modified: Thu, 29 Jun 2023 21:02:16 GMT
server: nginx
etag: W/"649df158-fcbf"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 cookie-law-info-public.css
www.castlehillinn.com/wp-content/plugins/cookie-law-info/legacy/public/css/ 3 KB
1 KB 249ms
234ms Stylesheet
text/css 34.139.154.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.castlehillinn.com/wp-content/plugins/cookie-law-info/legacy/public/css/cookie-law-info-public.css?ver=3.0.9
Requested by: Host: www.castlehillinn.com
URL: https://www.castlehillinn.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.139.154.50 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.154.139.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: fbe820b6140ad28e86f34ffae507d807cf591a22697a05b71958f2014e96a9e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.castlehillinn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Tue, 10 Oct 2023 20:02:21 GMT
content-encoding: br
last-modified: Thu, 29 Jun 2023 21:02:18 GMT
server: nginx
etag: W/"649df15a-c22"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 cookie-law-info-gdpr.css
www.castlehillinn.com/wp-content/plugins/cookie-law-info/legacy/public/css/ 27 KB
5 KB 249ms
234ms Stylesheet
text/css 34.139.154.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.castlehillinn.com/wp-content/plugins/cookie-law-info/legacy/public/css/cookie-law-info-gdpr.css?ver=3.0.9
Requested by: Host: www.castlehillinn.com
URL: https://www.castlehillinn.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.139.154.50 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.154.139.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 655ae452d922f501b62c7028fc35e238138de989387381cc1ed9cea9085864db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.castlehillinn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Tue, 10 Oct 2023 20:02:21 GMT
content-encoding: br
last-modified: Thu, 29 Jun 2023 21:02:18 GMT
server: nginx
etag: W/"649df15a-6a71"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 timetable.css
www.castlehillinn.com/wp-content/plugins/weekly-class/assets/front/css/ 146 KB
18 KB 245ms
230ms Stylesheet
text/css 34.139.154.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.castlehillinn.com/wp-content/plugins/weekly-class/assets/front/css/timetable.css?ver=2.5.17
Requested by: Host: www.castlehillinn.com
URL: https://www.castlehillinn.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.139.154.50 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.154.139.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: b348e15070e06d4e82be0df6562970f9f842cce62959670aefbbe703e4377589

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.castlehillinn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Tue, 10 Oct 2023 20:02:21 GMT
content-encoding: br
last-modified: Thu, 29 Jun 2023 21:02:11 GMT
server: nginx
etag: W/"649df153-249d8"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 wpa-style.css
www.castlehillinn.com/wp-content/plugins/wp-accessibility/css/ 5 KB
2 KB 249ms
235ms Stylesheet
text/css 34.139.154.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.castlehillinn.com/wp-content/plugins/wp-accessibility/css/wpa-style.css?ver=2.0.1
Requested by: Host: www.castlehillinn.com
URL: https://www.castlehillinn.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.139.154.50 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.154.139.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 13031d4ec04980984b56e9152739c608e15fcda23007e524117198f054385eb6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.castlehillinn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Tue, 10 Oct 2023 20:02:21 GMT
content-encoding: br
last-modified: Thu, 29 Jun 2023 21:02:09 GMT
server: nginx
etag: W/"649df151-1461"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 bootstrap.min.css
www.castlehillinn.com/wp-content/themes/orourke_parent/css/ 152 KB
24 KB 246ms
232ms Stylesheet
text/css 34.139.154.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.castlehillinn.com/wp-content/themes/orourke_parent/css/bootstrap.min.css?ver=4.3.1
Requested by: Host: www.castlehillinn.com
URL: https://www.castlehillinn.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.139.154.50 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.154.139.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: ae576713bc196098f7438dede6ff1f835a23291c32b745ad7e6fb6db809a719b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.castlehillinn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Tue, 10 Oct 2023 20:02:21 GMT
content-encoding: br
last-modified: Thu, 29 Jun 2023 21:02:08 GMT
server: nginx
etag: W/"649df150-26074"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 slick.min.css
www.castlehillinn.com/wp-content/themes/orourke_parent/css/ 1 KB
677 B 246ms
232ms Stylesheet
text/css 34.139.154.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.castlehillinn.com/wp-content/themes/orourke_parent/css/slick.min.css?ver=1.8.1
Requested by: Host: www.castlehillinn.com
URL: https://www.castlehillinn.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.139.154.50 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.154.139.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 0b242f22c51ecc9aa7dcf05045682faeac07301f788caa18d8a3126d750943cb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.castlehillinn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Tue, 10 Oct 2023 20:02:21 GMT
content-encoding: br
last-modified: Thu, 29 Jun 2023 21:02:08 GMT
server: nginx
etag: W/"649df150-531"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 featherlight.min.css
www.castlehillinn.com/wp-content/themes/orourke_parent/css/ 4 KB
1 KB 247ms
233ms Stylesheet
text/css 34.139.154.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.castlehillinn.com/wp-content/themes/orourke_parent/css/featherlight.min.css?ver=1.7.14
Requested by: Host: www.castlehillinn.com
URL: https://www.castlehillinn.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.139.154.50 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.154.139.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 52ceaa53f396979d10d48a2f785e8c867c77be5bad7aee85a84d2d170cc60cc0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.castlehillinn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Tue, 10 Oct 2023 20:02:21 GMT
content-encoding: br
last-modified: Thu, 29 Jun 2023 21:02:08 GMT
server: nginx
etag: W/"649df150-e58"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 fontawesome.min.css
www.castlehillinn.com/wp-content/themes/orourke_parent/css/ 574 KB
89 KB 133ms
118ms Stylesheet
text/css 34.139.154.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.castlehillinn.com/wp-content/themes/orourke_parent/css/fontawesome.min.css?ver=5.6.3
Requested by: Host: www.castlehillinn.com
URL: https://www.castlehillinn.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.139.154.50 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.154.139.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: e46851a06e1ddb8b26abd7a002c4527b058221a70e85ab643a6d607ad18089f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.castlehillinn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Tue, 10 Oct 2023 20:02:21 GMT
content-encoding: br
last-modified: Thu, 29 Jun 2023 21:02:09 GMT
server: nginx
etag: W/"649df151-8f76b"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 extra-classes.css
www.castlehillinn.com/wp-content/themes/orourke_parent/css/ 36 KB
4 KB 248ms
233ms Stylesheet
text/css 34.139.154.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.castlehillinn.com/wp-content/themes/orourke_parent/css/extra-classes.css?ver=1.0
Requested by: Host: www.castlehillinn.com
URL: https://www.castlehillinn.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.139.154.50 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.154.139.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 5db883d9a24b1416267aab621d4193ef65923298516969e992d6ae2d5af0b05d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.castlehillinn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Tue, 10 Oct 2023 20:02:21 GMT
content-encoding: br
last-modified: Thu, 29 Jun 2023 21:02:08 GMT
server: nginx
etag: W/"649df150-8ead"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 style.css
www.castlehillinn.com/wp-content/themes/orourke_child/ 49 KB
11 KB 248ms
234ms Stylesheet
text/css 34.139.154.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.castlehillinn.com/wp-content/themes/orourke_child/style.css?ver=1688072528
Requested by: Host: www.castlehillinn.com
URL: https://www.castlehillinn.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.139.154.50 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.154.139.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 769e223e862e4191c6fc6ef5e7ee3209f45d7b4077b73162884426c9413a7c1b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.castlehillinn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Tue, 10 Oct 2023 20:02:21 GMT
content-encoding: br
last-modified: Thu, 29 Jun 2023 21:02:08 GMT
server: nginx
etag: W/"649df150-c385"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 bootstrap-datepicker.min.css
www.castlehillinn.com/wp-content/themes/orourke_parent/css/ 19 KB
3 KB 248ms
234ms Stylesheet
text/css 34.139.154.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.castlehillinn.com/wp-content/themes/orourke_parent/css/bootstrap-datepicker.min.css?ver=1.9.0
Requested by: Host: www.castlehillinn.com
URL: https://www.castlehillinn.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.139.154.50 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.154.139.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 39055370eb45972d3e2284b7220b9aa0764ca93eb6507491fc783ba170128aa9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.castlehillinn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Tue, 10 Oct 2023 20:02:21 GMT
content-encoding: br
last-modified: Thu, 29 Jun 2023 21:02:08 GMT
server: nginx
etag: W/"649df150-4bd8"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 style.css
www.castlehillinn.com/wp-content/themes/orourke_parent/ 452 B
535 B 248ms
234ms Stylesheet
text/css 34.139.154.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.castlehillinn.com/wp-content/themes/orourke_parent/style.css?ver=6.3
Requested by: Host: www.castlehillinn.com
URL: https://www.castlehillinn.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.139.154.50 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.154.139.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: c6fecb2fa8355a8f9390c210a8c3920168cbfcb02179fa120a77d97b3a99dd5b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.castlehillinn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Tue, 10 Oct 2023 20:02:21 GMT
content-encoding: br
last-modified: Thu, 29 Jun 2023 21:02:08 GMT
server: nginx
etag: W/"649df150-1c4"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 jquery.min.js Show response
www.castlehillinn.com/wp-includes/js/jquery/ 85 KB
31 KB 248ms
235ms Script
application/javascript 34.139.154.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.castlehillinn.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.0
Requested by: Host: www.castlehillinn.com
URL: https://www.castlehillinn.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.139.154.50 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.154.139.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.castlehillinn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Tue, 10 Oct 2023 20:02:21 GMT
content-encoding: br
last-modified: Fri, 26 May 2023 11:33:35 GMT
server: nginx
etag: W/"6470990f-155ba"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 cookie-law-info-public.js Show response
www.castlehillinn.com/wp-content/plugins/cookie-law-info/legacy/public/js/ 33 KB
8 KB 247ms
235ms Script
application/javascript 34.139.154.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.castlehillinn.com/wp-content/plugins/cookie-law-info/legacy/public/js/cookie-law-info-public.js?ver=3.0.9
Requested by: Host: www.castlehillinn.com
URL: https://www.castlehillinn.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.139.154.50 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.154.139.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 6c52384c7b0641dd1ead85d079c22d39bcc6dc5f2537afb1e6396bb619771a3f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.castlehillinn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Tue, 10 Oct 2023 20:02:21 GMT
content-encoding: br
last-modified: Thu, 29 Jun 2023 21:02:18 GMT
server: nginx
etag: W/"649df15a-8583"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H/1.1 200
OK mapbox-gl.js Show response
api.mapbox.com/mapbox-gl-js/v2.1.1/ 805 KB
215 KB 88ms
9ms Script
application/javascript 99.86.4.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.mapbox.com/mapbox-gl-js/v2.1.1/mapbox-gl.js
Requested by: Host: www.castlehillinn.com
URL: https://www.castlehillinn.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-95.fra6.r.cloudfront.net
Software: / Express
Resource Hash: 8a57270de4d6273497e47517c59912c32166c625a8e00edd8ce1c900b9f31829

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.castlehillinn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

Date: Sun, 23 Jul 2023 03:13:05 GMT
Content-Encoding: gzip
Via: 1.1 78059242182c195ff7f26013772da09a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA6-C1
Age: 6886156
X-Powered-By: Express
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Mon Feb 08 2021 23:01:03 GMT+0000 (Coordinated Universal Time)
ETag: "47e3cbafac192e6ff6fe61c11ed09bae"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Timing-Allow-Origin: *
X-Amz-Cf-Id: fVj44iG4xjiU08lVa5tg0SCz0gKLzsz0TyP8tMC_L4Jal6jmoF0Jjw==

GET
H/1.1 200
OK mapbox-gl.css
api.mapbox.com/mapbox-gl-js/v2.1.1/ 33 KB
5 KB 85ms
9ms Stylesheet
text/css 99.86.4.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.mapbox.com/mapbox-gl-js/v2.1.1/mapbox-gl.css
Requested by: Host: www.castlehillinn.com
URL: https://www.castlehillinn.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-95.fra6.r.cloudfront.net
Software: / Express
Resource Hash: 05ef764a445a127daa8f63973596f1fecd08320f37a6b74297214ea18310075a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.castlehillinn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

Date: Thu, 20 Jul 2023 00:44:44 GMT
Content-Encoding: gzip
Via: 1.1 c05282a87474a55ae2a8dd2aa77d1232.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA6-C1
Age: 7154257
X-Powered-By: Express
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Mon Feb 08 2021 23:01:06 GMT+0000 (Coordinated Universal Time)
ETag: "e61fd47b8b7aa7fb33188e97fd162d6d"
Vary: Accept-Encoding
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Timing-Allow-Origin: *
X-Amz-Cf-Id: -u9cW7jLywpYDX3i9qV6oMH9MSS5ZJvhi2HcajWKth9NFCMbmxhnkA==

GET
H2 200 castle-hill-inn-logo-white.svg
www.castlehillinn.com/wp-content/uploads/ 6 KB
3 KB 211ms
190ms Image
image/svg+xml 34.139.154.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.castlehillinn.com/wp-content/uploads/castle-hill-inn-logo-white.svg
Requested by: Host: www.castlehillinn.com
URL: https://www.castlehillinn.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.139.154.50 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.154.139.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 28cc581836ef5f20ff2c970b495bd1646079becfa554dd435ed378f9621cdbbe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.castlehillinn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Tue, 10 Oct 2023 20:02:22 GMT
content-encoding: br
last-modified: Thu, 29 Jun 2023 21:02:20 GMT
server: nginx
etag: W/"649df15c-194b"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 relais-and-chateau.svg
www.castlehillinn.com/wp-content/themes/orourke_child/images/ 5 KB
2 KB 213ms
192ms Image
image/svg+xml 34.139.154.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.castlehillinn.com/wp-content/themes/orourke_child/images/relais-and-chateau.svg
Requested by: Host: www.castlehillinn.com
URL: https://www.castlehillinn.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.139.154.50 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.154.139.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 7d1dc22caeb1f0babad36190c76a1409d829e201fb49d7d8d506a20d46300f9f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.castlehillinn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Tue, 10 Oct 2023 20:02:22 GMT
content-encoding: br
last-modified: Thu, 29 Jun 2023 21:02:08 GMT
server: nginx
etag: W/"649df150-1276"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 hero_home.jpg
www.castlehillinn.com/wp-content/uploads/ 154 KB
155 KB 210ms
188ms Image
image/jpeg 34.139.154.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.castlehillinn.com/wp-content/uploads/hero_home.jpg
Requested by: Host: www.castlehillinn.com
URL: https://www.castlehillinn.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.139.154.50 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.154.139.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: d3845cb0b0f1579b7d58b43383bdcb28b98f94b0f9a3fe85dd486c8c996f8a37

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.castlehillinn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Tue, 10 Oct 2023 20:02:22 GMT
last-modified: Thu, 29 Jun 2023 21:02:21 GMT
server: nginx
etag: "649df15d-2693c"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 158012

GET
H2 200 Homepage-400-x-534.jpg
www.castlehillinn.com/wp-content/uploads/ 41 KB
41 KB 214ms
193ms Image
image/jpeg 34.139.154.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.castlehillinn.com/wp-content/uploads/Homepage-400-x-534.jpg
Requested by: Host: www.castlehillinn.com
URL: https://www.castlehillinn.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.139.154.50 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.154.139.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 971268bb67f63ed7e7cf72db16220cd1ac89a0870e8b82b82704af4cd9067176

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.castlehillinn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Tue, 10 Oct 2023 20:02:22 GMT
last-modified: Thu, 29 Jun 2023 21:02:07 GMT
server: nginx
etag: "649df14f-a294"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 41620

GET
H2 200 Homepage-300-x-365.jpg
www.castlehillinn.com/wp-content/uploads/ 28 KB
28 KB 223ms
201ms Image
image/jpeg 34.139.154.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.castlehillinn.com/wp-content/uploads/Homepage-300-x-365.jpg
Requested by: Host: www.castlehillinn.com
URL: https://www.castlehillinn.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.139.154.50 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.154.139.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: c9a4132c3234db26aef3813e452af8a2763863e7671464238fdc14822c134991

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.castlehillinn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Tue, 10 Oct 2023 20:02:22 GMT
last-modified: Thu, 29 Jun 2023 21:02:07 GMT
server: nginx
etag: "649df14f-6eb0"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 28336

GET
H2 200 Homepage-400-x-277.jpg
www.castlehillinn.com/wp-content/uploads/ 9 KB
10 KB 225ms
205ms Image
image/jpeg 34.139.154.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.castlehillinn.com/wp-content/uploads/Homepage-400-x-277.jpg
Requested by: Host: www.castlehillinn.com
URL: https://www.castlehillinn.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.139.154.50 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.154.139.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: b314c1b4b19d1aee79e519c083d1da9e99e9bfd1efc3e8e1618a60324bf32e8b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.castlehillinn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Tue, 10 Oct 2023 20:02:22 GMT
last-modified: Thu, 29 Jun 2023 21:02:07 GMT
server: nginx
etag: "649df14f-257b"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 9595

GET
H2 200 Homepage-800-x-775.jpg
www.castlehillinn.com/wp-content/uploads/ 83 KB
83 KB 228ms
207ms Image
image/jpeg 34.139.154.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.castlehillinn.com/wp-content/uploads/Homepage-800-x-775.jpg
Requested by: Host: www.castlehillinn.com
URL: https://www.castlehillinn.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.139.154.50 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.154.139.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 8f8c865e835d0f5f5d4b9d14e7a145f90a6a9747c1a87866a30aeecf6cef7115

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.castlehillinn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Tue, 10 Oct 2023 20:02:22 GMT
last-modified: Thu, 29 Jun 2023 21:02:07 GMT
server: nginx
etag: "649df14f-14b03"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 84739

GET
H2 200 Homepage-740-x-520.jpg
www.castlehillinn.com/wp-content/uploads/ 74 KB
74 KB 228ms
208ms Image
image/jpeg 34.139.154.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.castlehillinn.com/wp-content/uploads/Homepage-740-x-520.jpg
Requested by: Host: www.castlehillinn.com
URL: https://www.castlehillinn.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.139.154.50 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.154.139.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 7e55759b1e07856307851210010f003a5ee9fb5e9aa2a3a1de40b776cbf87299

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.castlehillinn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Tue, 10 Oct 2023 20:02:22 GMT
last-modified: Thu, 29 Jun 2023 21:02:07 GMT
server: nginx
etag: "649df14f-12773"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 75635

GET
H2 200 Homepage-800-x-775-1.jpg
www.castlehillinn.com/wp-content/uploads/ 114 KB
115 KB 228ms
208ms Image
image/jpeg 34.139.154.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.castlehillinn.com/wp-content/uploads/Homepage-800-x-775-1.jpg
Requested by: Host: www.castlehillinn.com
URL: https://www.castlehillinn.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.139.154.50 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.154.139.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: b7bdea1163064fb435a4899d51ddb18f966b96581cdfa62d404f1a4f1ea9afd5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.castlehillinn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Tue, 10 Oct 2023 20:02:22 GMT
last-modified: Thu, 29 Jun 2023 21:02:07 GMT
server: nginx
etag: "649df14f-1c9c8"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 117192

GET
H2 200 Homepage-740-x-520-1.jpg
www.castlehillinn.com/wp-content/uploads/ 55 KB
55 KB 229ms
209ms Image
image/jpeg 34.139.154.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.castlehillinn.com/wp-content/uploads/Homepage-740-x-520-1.jpg
Requested by: Host: www.castlehillinn.com
URL: https://www.castlehillinn.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.139.154.50 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.154.139.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 078d5a4976bacf59c26fe7dac10f9b6564e316116b85763f4efaaca1833b99be

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.castlehillinn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Tue, 10 Oct 2023 20:02:22 GMT
last-modified: Thu, 29 Jun 2023 21:02:07 GMT
server: nginx
etag: "649df14f-dbba"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 56250

GET
H2 200 placeholder.png
www.castlehillinn.com/wp-content/plugins/instagram-feed-pro/img/ 176 B
377 B 205ms
185ms Image
image/png 34.139.154.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.castlehillinn.com/wp-content/plugins/instagram-feed-pro/img/placeholder.png
Requested by: Host: www.castlehillinn.com
URL: https://www.castlehillinn.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.139.154.50 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.154.139.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: f623564c53c2e08780c064012cfbdbde0a80ee56816f4d5d3d52c46ed285cb95

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.castlehillinn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Tue, 10 Oct 2023 20:02:22 GMT
last-modified: Thu, 29 Jun 2023 21:02:16 GMT
server: nginx
etag: "649df158-b0"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 176

GET
H2 200 castle-hill-inn-logo.svg
www.castlehillinn.com/wp-content/uploads/ 6 KB
3 KB 229ms
209ms Image
image/svg+xml 34.139.154.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.castlehillinn.com/wp-content/uploads/castle-hill-inn-logo.svg
Requested by: Host: www.castlehillinn.com
URL: https://www.castlehillinn.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.139.154.50 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.154.139.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: d7c7a0a99ddd2fc6b78a6a217ae99513118d698bac2443185c524bc97922a996

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.castlehillinn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Tue, 10 Oct 2023 20:02:22 GMT
content-encoding: br
last-modified: Thu, 29 Jun 2023 21:02:20 GMT
server: nginx
etag: W/"649df15c-194e"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 2022-newport-bermuda-race-logo-v2.png
www.castlehillinn.com/wp-content/themes/orourke_child/images/ 32 KB
32 KB 238ms
219ms Image
image/png 34.139.154.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.castlehillinn.com/wp-content/themes/orourke_child/images/2022-newport-bermuda-race-logo-v2.png
Requested by: Host: www.castlehillinn.com
URL: https://www.castlehillinn.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.139.154.50 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.154.139.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 598c97e2a994f84119ab48de0c2b54e766b6b3c7fcc05243df872a326b66c360

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.castlehillinn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Tue, 10 Oct 2023 20:02:22 GMT
last-modified: Thu, 29 Jun 2023 21:02:08 GMT
server: nginx
etag: "649df150-7fbb"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 32699

GET
H2 200 icon-phone.png
www.castlehillinn.com/wp-content/themes/orourke_child/images/ 5 KB
5 KB 266ms
247ms Image
image/png 34.139.154.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.castlehillinn.com/wp-content/themes/orourke_child/images/icon-phone.png
Requested by: Host: www.castlehillinn.com
URL: https://www.castlehillinn.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.139.154.50 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.154.139.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: ebbabef14e5c8b0f314c8e9dd8c050f3dcce2df15306c81db26b9ea3c3959d6a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.castlehillinn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Tue, 10 Oct 2023 20:02:22 GMT
last-modified: Thu, 29 Jun 2023 21:02:08 GMT
server: nginx
etag: "649df150-13cd"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 5069

GET
H2 200 icon-map.png
www.castlehillinn.com/wp-content/themes/orourke_child/images/ 5 KB
5 KB 264ms
245ms Image
image/png 34.139.154.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.castlehillinn.com/wp-content/themes/orourke_child/images/icon-map.png
Requested by: Host: www.castlehillinn.com
URL: https://www.castlehillinn.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.139.154.50 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.154.139.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 011c53984f8930f0f5ac591f007c6b547f20e9c1db19f39289e4485cef300307

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.castlehillinn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Tue, 10 Oct 2023 20:02:22 GMT
last-modified: Thu, 29 Jun 2023 21:02:08 GMT
server: nginx
etag: "649df150-131a"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 4890

GET
H2 200 gravity-forms-theme-reset.min.css
www.castlehillinn.com/wp-content/plugins/gravityforms/assets/css/dist/ 2 KB
901 B 170ms
167ms Stylesheet
text/css 34.139.154.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.castlehillinn.com/wp-content/plugins/gravityforms/assets/css/dist/gravity-forms-theme-reset.min.css?ver=2.7.15
Requested by: Host: www.castlehillinn.com
URL: https://www.castlehillinn.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.139.154.50 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.154.139.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: aa8d6712af37bc641d3fec48f39c5cdb1ce205ada5465fdfbfce204ca36032b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.castlehillinn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Tue, 10 Oct 2023 20:02:22 GMT
content-encoding: br
last-modified: Sat, 07 Oct 2023 01:44:07 GMT
server: nginx
etag: W/"6520b7e7-872"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 gravity-forms-theme-foundation.min.css
www.castlehillinn.com/wp-content/plugins/gravityforms/assets/css/dist/ 43 KB
7 KB 182ms
178ms Stylesheet
text/css 34.139.154.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.castlehillinn.com/wp-content/plugins/gravityforms/assets/css/dist/gravity-forms-theme-foundation.min.css?ver=2.7.15
Requested by: Host: www.castlehillinn.com
URL: https://www.castlehillinn.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.139.154.50 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.154.139.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 644fa5affc723ff7b9445c2aa3e6b12966610bd278fbdef1b7a261cb334daec8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.castlehillinn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Tue, 10 Oct 2023 20:02:22 GMT
content-encoding: br
last-modified: Sat, 07 Oct 2023 01:44:07 GMT
server: nginx
etag: W/"6520b7e7-aaed"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 gravity-forms-theme-framework.min.css
www.castlehillinn.com/wp-content/plugins/gravityforms/assets/css/dist/ 355 KB
21 KB 153ms
123ms Stylesheet
text/css 34.139.154.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.castlehillinn.com/wp-content/plugins/gravityforms/assets/css/dist/gravity-forms-theme-framework.min.css?ver=2.7.15
Requested by: Host: www.castlehillinn.com
URL: https://www.castlehillinn.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.139.154.50 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.154.139.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 4f4d66cb0816184c28215d12aa8a822297a4fa6495fc7de55a3558dc2d80ca09

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.castlehillinn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Tue, 10 Oct 2023 20:02:22 GMT
content-encoding: br
last-modified: Sat, 07 Oct 2023 01:44:07 GMT
server: nginx
etag: W/"6520b7e7-58de1"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 gravity-forms-orbital-theme.min.css
www.castlehillinn.com/wp-content/plugins/gravityforms/assets/css/dist/ 0
188 B 156ms
126ms Stylesheet
text/css 34.139.154.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.castlehillinn.com/wp-content/plugins/gravityforms/assets/css/dist/gravity-forms-orbital-theme.min.css?ver=2.7.15
Requested by: Host: www.castlehillinn.com
URL: https://www.castlehillinn.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.139.154.50 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.154.139.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.castlehillinn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Tue, 10 Oct 2023 20:02:22 GMT
last-modified: Sat, 07 Oct 2023 01:44:07 GMT
server: nginx
etag: "6520b7e7-0"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 0

GET
H2 200 basic.min.css
www.castlehillinn.com/wp-content/plugins/gravityforms/assets/css/dist/ 48 KB
8 KB 153ms
123ms Stylesheet
text/css 34.139.154.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.castlehillinn.com/wp-content/plugins/gravityforms/assets/css/dist/basic.min.css?ver=2.7.15
Requested by: Host: www.castlehillinn.com
URL: https://www.castlehillinn.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.139.154.50 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.154.139.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 18f3409182cb278eef9bf26ba606daa10f3e317145921c45100d8dead7e37fb2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.castlehillinn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Tue, 10 Oct 2023 20:02:22 GMT
content-encoding: br
last-modified: Sat, 07 Oct 2023 01:44:07 GMT
server: nginx
etag: W/"6520b7e7-becd"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 theme-components.min.css
www.castlehillinn.com/wp-content/plugins/gravityforms/assets/css/dist/ 0
188 B 156ms
127ms Stylesheet
text/css 34.139.154.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.castlehillinn.com/wp-content/plugins/gravityforms/assets/css/dist/theme-components.min.css?ver=2.7.15
Requested by: Host: www.castlehillinn.com
URL: https://www.castlehillinn.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.139.154.50 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.154.139.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.castlehillinn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Tue, 10 Oct 2023 20:02:22 GMT
last-modified: Sat, 07 Oct 2023 01:44:07 GMT
server: nginx
etag: "6520b7e7-0"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 0

GET
H2 200 theme-ie11.min.css
www.castlehillinn.com/wp-content/plugins/gravityforms/assets/css/dist/ 2 KB
619 B 159ms
130ms Stylesheet
text/css 34.139.154.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.castlehillinn.com/wp-content/plugins/gravityforms/assets/css/dist/theme-ie11.min.css?ver=2.7.15
Requested by: Host: www.castlehillinn.com
URL: https://www.castlehillinn.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.139.154.50 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.154.139.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 032dc89de9e654706c6239447c5fe7e0346209c8319411521ac476b58c7f4f88

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.castlehillinn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Tue, 10 Oct 2023 20:02:22 GMT
content-encoding: br
last-modified: Sat, 07 Oct 2023 01:44:07 GMT
server: nginx
etag: W/"6520b7e7-6d9"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 theme.min.css
www.castlehillinn.com/wp-content/plugins/gravityforms/assets/css/dist/ 29 KB
6 KB 159ms
131ms Stylesheet
text/css 34.139.154.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.castlehillinn.com/wp-content/plugins/gravityforms/assets/css/dist/theme.min.css?ver=2.7.15
Requested by: Host: www.castlehillinn.com
URL: https://www.castlehillinn.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.139.154.50 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.154.139.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: c487387d7e441b4cb0b138137ed47e4d97c0c971cfb4f2d8946184003f08cd22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.castlehillinn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Tue, 10 Oct 2023 20:02:22 GMT
content-encoding: br
last-modified: Sat, 07 Oct 2023 01:44:07 GMT
server: nginx
etag: W/"6520b7e7-758b"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 cookie-law-info-table.css
www.castlehillinn.com/wp-content/plugins/cookie-law-info/legacy/public/css/ 6 KB
2 KB 148ms
119ms Stylesheet
text/css 34.139.154.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.castlehillinn.com/wp-content/plugins/cookie-law-info/legacy/public/css/cookie-law-info-table.css?ver=3.0.9
Requested by: Host: www.castlehillinn.com
URL: https://www.castlehillinn.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.139.154.50 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.154.139.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 2e2f2336b5e6698b628afc75fa9a24c67b73d5872c1d4af99ca436064f636ee0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.castlehillinn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Tue, 10 Oct 2023 20:02:22 GMT
content-encoding: br
last-modified: Thu, 29 Jun 2023 21:02:18 GMT
server: nginx
etag: W/"649df15a-17e1"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 bootstrap.bundle.min.js Show response
www.castlehillinn.com/wp-content/themes/orourke_parent/js/ 77 KB
23 KB 157ms
129ms Script
application/javascript 34.139.154.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.castlehillinn.com/wp-content/themes/orourke_parent/js/bootstrap.bundle.min.js?ver=4.3.1
Requested by: Host: www.castlehillinn.com
URL: https://www.castlehillinn.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.139.154.50 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.154.139.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 5d97e438677a16e845f3c8791a0126448a576e6fa1064168ef8c980cf639adbc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.castlehillinn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Tue, 10 Oct 2023 20:02:22 GMT
content-encoding: br
last-modified: Thu, 29 Jun 2023 21:02:08 GMT
server: nginx
etag: W/"649df150-13331"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 bootstrap-datepicker.min.js Show response
www.castlehillinn.com/wp-content/themes/orourke_parent/js/ 33 KB
11 KB 238ms
210ms Script
application/javascript 34.139.154.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.castlehillinn.com/wp-content/themes/orourke_parent/js/bootstrap-datepicker.min.js?ver=1.9.0
Requested by: Host: www.castlehillinn.com
URL: https://www.castlehillinn.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.139.154.50 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.154.139.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 1eb7ffe44599c86e59ba3e6b5fdf21a7e56a8acf7a707825475dd23bd767a9bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.castlehillinn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Tue, 10 Oct 2023 20:02:22 GMT
content-encoding: br
last-modified: Thu, 29 Jun 2023 21:02:08 GMT
server: nginx
etag: W/"649df150-83a6"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 slick.min.js Show response
www.castlehillinn.com/wp-content/themes/orourke_parent/js/ 42 KB
11 KB 238ms
211ms Script
application/javascript 34.139.154.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.castlehillinn.com/wp-content/themes/orourke_parent/js/slick.min.js?ver=1.8.1
Requested by: Host: www.castlehillinn.com
URL: https://www.castlehillinn.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.139.154.50 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.154.139.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: e1a52c0a06fa9f65e015b02e7ec463fd621211a9d2ae44b6660597900e927fbb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.castlehillinn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Tue, 10 Oct 2023 20:02:22 GMT
content-encoding: br
last-modified: Thu, 29 Jun 2023 21:02:08 GMT
server: nginx
etag: W/"649df150-a770"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 featherlight.min.js Show response
www.castlehillinn.com/wp-content/themes/orourke_parent/js/ 13 KB
5 KB 245ms
218ms Script
application/javascript 34.139.154.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.castlehillinn.com/wp-content/themes/orourke_parent/js/featherlight.min.js?ver=1.7.14
Requested by: Host: www.castlehillinn.com
URL: https://www.castlehillinn.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.139.154.50 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.154.139.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 6fae17660eb633c8cce7f5a3dea0e9a534d0bd598343aa42282c8d7b8a9b0db8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.castlehillinn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Tue, 10 Oct 2023 20:02:22 GMT
content-encoding: br
last-modified: Thu, 29 Jun 2023 21:02:08 GMT
server: nginx
etag: W/"649df150-32ed"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 scrollLock.js Show response
www.castlehillinn.com/wp-content/themes/orourke_parent/js/ 794 B
630 B 208ms
184ms Script
application/javascript 34.139.154.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.castlehillinn.com/wp-content/themes/orourke_parent/js/scrollLock.js?ver=1.0.0
Requested by: Host: www.castlehillinn.com
URL: https://www.castlehillinn.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.139.154.50 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.154.139.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: e4a6e3239c7e3ac91420bdf1f302aa33f006fe455c9ff420df6af67bbc5f97a5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.castlehillinn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Tue, 10 Oct 2023 20:02:22 GMT
content-encoding: br
last-modified: Thu, 29 Jun 2023 21:02:08 GMT
server: nginx
etag: W/"649df150-31a"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 scripts-parent.js Show response
www.castlehillinn.com/wp-content/themes/orourke_parent/js/ 2 KB
931 B 193ms
169ms Script
application/javascript 34.139.154.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.castlehillinn.com/wp-content/themes/orourke_parent/js/scripts-parent.js?ver=1.0
Requested by: Host: www.castlehillinn.com
URL: https://www.castlehillinn.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.139.154.50 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.154.139.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 1c412ca833e4d6309540eddbc3645f90689b23fd5f2902891509cf6df012ef70

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.castlehillinn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Tue, 10 Oct 2023 20:02:22 GMT
content-encoding: br
last-modified: Thu, 29 Jun 2023 21:02:08 GMT
server: nginx
etag: W/"649df150-9c6"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 scripts.js Show response
www.castlehillinn.com/wp-content/themes/orourke_child/js/ 12 KB
3 KB 251ms
227ms Script
application/javascript 34.139.154.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.castlehillinn.com/wp-content/themes/orourke_child/js/scripts.js?ver=1688072528
Requested by: Host: www.castlehillinn.com
URL: https://www.castlehillinn.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.139.154.50 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.154.139.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 45581c9db20c31b3f861f0218046692526264bd45ae5880b547991eba4b09fc2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.castlehillinn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Tue, 10 Oct 2023 20:02:22 GMT
content-encoding: br
last-modified: Thu, 29 Jun 2023 21:02:08 GMT
server: nginx
etag: W/"649df150-30f3"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 wp-accessibility.js Show response
www.castlehillinn.com/wp-content/plugins/wp-accessibility/js/ 11 KB
3 KB 267ms
244ms Script
application/javascript 34.139.154.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.castlehillinn.com/wp-content/plugins/wp-accessibility/js/wp-accessibility.js?ver=2.0.1
Requested by: Host: www.castlehillinn.com
URL: https://www.castlehillinn.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.139.154.50 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.154.139.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 88a7f2522dd8c93c1f5007fcbcd059cff32a895cdab67e4d0398e94e950fbb65

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.castlehillinn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Tue, 10 Oct 2023 20:02:22 GMT
content-encoding: br
last-modified: Thu, 29 Jun 2023 21:02:09 GMT
server: nginx
etag: W/"649df151-2c20"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 longdesc.button.js Show response
www.castlehillinn.com/wp-content/plugins/wp-accessibility/js/ 3 KB
1 KB 266ms
243ms Script
application/javascript 34.139.154.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.castlehillinn.com/wp-content/plugins/wp-accessibility/js/longdesc.button.js?ver=2.0.1
Requested by: Host: www.castlehillinn.com
URL: https://www.castlehillinn.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.139.154.50 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.154.139.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 05c78d6a2624f38e659dfad31d402bbda31897361e2ea1a4ef04bd1e78d41b85

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.castlehillinn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Tue, 10 Oct 2023 20:02:22 GMT
content-encoding: br
last-modified: Thu, 29 Jun 2023 21:02:09 GMT
server: nginx
etag: W/"649df151-cfa"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 sbi-scripts.min.js Show response
www.castlehillinn.com/wp-content/plugins/instagram-feed-pro/js/ 246 KB
65 KB 270ms
247ms Script
application/javascript 34.139.154.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.castlehillinn.com/wp-content/plugins/instagram-feed-pro/js/sbi-scripts.min.js?ver=6.2.4
Requested by: Host: www.castlehillinn.com
URL: https://www.castlehillinn.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.139.154.50 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.154.139.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 21abfcc3a9cada6b310f6618387f735dbdc05011ea5000a56a9fc5a2821c59ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.castlehillinn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Tue, 10 Oct 2023 20:02:22 GMT
content-encoding: br
last-modified: Thu, 29 Jun 2023 21:02:16 GMT
server: nginx
etag: W/"649df158-3d8ab"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 wp-polyfill-inert.min.js Show response
www.castlehillinn.com/wp-includes/js/dist/vendor/ 8 KB
3 KB 269ms
246ms Script
application/javascript 34.139.154.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.castlehillinn.com/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2
Requested by: Host: www.castlehillinn.com
URL: https://www.castlehillinn.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.139.154.50 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.154.139.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.castlehillinn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Tue, 10 Oct 2023 20:02:22 GMT
content-encoding: br
last-modified: Wed, 18 Jan 2023 11:16:33 GMT
server: nginx
etag: W/"63c7d511-1feb"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 regenerator-runtime.min.js Show response
www.castlehillinn.com/wp-includes/js/dist/vendor/ 6 KB
3 KB 269ms
246ms Script
application/javascript 34.139.154.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.castlehillinn.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.11
Requested by: Host: www.castlehillinn.com
URL: https://www.castlehillinn.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.139.154.50 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.154.139.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 6974bfd8fa06b7831f05cb4b25860c851a5ad3f02a6699ebe688987dd7a6ebe6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.castlehillinn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Tue, 10 Oct 2023 20:02:22 GMT
content-encoding: br
last-modified: Tue, 07 Feb 2023 15:56:37 GMT
server: nginx
etag: W/"63e274b5-19cf"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 wp-polyfill.min.js Show response
www.castlehillinn.com/wp-includes/js/dist/vendor/ 16 KB
6 KB 213ms
191ms Script
application/javascript 34.139.154.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.castlehillinn.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
Requested by: Host: www.castlehillinn.com
URL: https://www.castlehillinn.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.139.154.50 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.154.139.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 4c0ced2cb3830d045cdd74f745fd4d6dcb082d8edd3a9fe46e39295e30cb8032

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.castlehillinn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Tue, 10 Oct 2023 20:02:22 GMT
content-encoding: br
last-modified: Tue, 27 Jun 2023 14:24:19 GMT
server: nginx
etag: W/"649af113-3f12"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 dom-ready.min.js Show response
www.castlehillinn.com/wp-includes/js/dist/ 498 B
554 B 267ms
244ms Script
application/javascript 34.139.154.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.castlehillinn.com/wp-includes/js/dist/dom-ready.min.js?ver=392bdd43726760d1f3ca
Requested by: Host: www.castlehillinn.com
URL: https://www.castlehillinn.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.139.154.50 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.154.139.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 166c7c3bb5f76f977a9f2a5490589b3466374eb2b3f064802e56f08bad71fbf0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.castlehillinn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Tue, 10 Oct 2023 20:02:22 GMT
content-encoding: br
last-modified: Mon, 11 Apr 2022 12:04:30 GMT
server: nginx
etag: W/"6254194e-1f2"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 hooks.min.js Show response
www.castlehillinn.com/wp-includes/js/dist/ 5 KB
2 KB 222ms
200ms Script
application/javascript 34.139.154.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.castlehillinn.com/wp-includes/js/dist/hooks.min.js?ver=c6aec9a8d4e5a5d543a1
Requested by: Host: www.castlehillinn.com
URL: https://www.castlehillinn.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.139.154.50 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.154.139.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 7868467c94a5aa0b3f11ef542f45287967f9627b3b5acdc86e47f8f77a126596

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.castlehillinn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Tue, 10 Oct 2023 20:02:22 GMT
content-encoding: br
last-modified: Tue, 27 Jun 2023 14:24:19 GMT
server: nginx
etag: W/"649af113-1213"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 i18n.min.js Show response
www.castlehillinn.com/wp-includes/js/dist/ 9 KB
4 KB 223ms
201ms Script
application/javascript 34.139.154.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.castlehillinn.com/wp-includes/js/dist/i18n.min.js?ver=7701b0c3857f914212ef
Requested by: Host: www.castlehillinn.com
URL: https://www.castlehillinn.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.139.154.50 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.154.139.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 698e93fe491cc7bbf07a470579a33dbd0db53c19142b7be41ebfd39a23aef11f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.castlehillinn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Tue, 10 Oct 2023 20:02:22 GMT
content-encoding: br
last-modified: Wed, 28 Jun 2023 20:08:46 GMT
server: nginx
etag: W/"649c934e-24e5"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 a11y.min.js Show response
www.castlehillinn.com/wp-includes/js/dist/ 2 KB
1 KB 211ms
189ms Script
application/javascript 34.139.154.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.castlehillinn.com/wp-includes/js/dist/a11y.min.js?ver=7032343a947cfccf5608
Requested by: Host: www.castlehillinn.com
URL: https://www.castlehillinn.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.139.154.50 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.154.139.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: d35faa1c0b45cc142295ae07a0c6e6e7824e0e64b58b81a83e7850251586e0df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.castlehillinn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Tue, 10 Oct 2023 20:02:22 GMT
content-encoding: br
last-modified: Tue, 27 Jun 2023 14:24:19 GMT
server: nginx
etag: W/"649af113-990"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 jquery.json.min.js Show response
www.castlehillinn.com/wp-content/plugins/gravityforms/js/ 2 KB
1 KB 266ms
248ms Script
application/javascript 34.139.154.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.castlehillinn.com/wp-content/plugins/gravityforms/js/jquery.json.min.js?ver=2.7.15
Requested by: Host: www.castlehillinn.com
URL: https://www.castlehillinn.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.139.154.50 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.154.139.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 998a575c7b376128a98e6d67e29c42e1726aac3489cf2c0b2aaebf6f6ad0b546

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.castlehillinn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Tue, 10 Oct 2023 20:02:22 GMT
content-encoding: br
last-modified: Sat, 07 Oct 2023 01:44:07 GMT
server: nginx
etag: W/"6520b7e7-72c"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 gravityforms.min.js Show response
www.castlehillinn.com/wp-content/plugins/gravityforms/js/ 46 KB
14 KB 267ms
248ms Script
application/javascript 34.139.154.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.castlehillinn.com/wp-content/plugins/gravityforms/js/gravityforms.min.js?ver=2.7.15
Requested by: Host: www.castlehillinn.com
URL: https://www.castlehillinn.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.139.154.50 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.154.139.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: d6c6eae2059c0d8677d501c6ed9906a63f737f360bb7302c5544d5b6d886d6c6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.castlehillinn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Tue, 10 Oct 2023 20:02:22 GMT
content-encoding: br
last-modified: Sat, 07 Oct 2023 01:44:07 GMT
server: nginx
etag: W/"6520b7e7-b6a5"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 placeholders.jquery.min.js Show response
www.castlehillinn.com/wp-content/plugins/gravityforms/js/ 5 KB
2 KB 264ms
246ms Script
application/javascript 34.139.154.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.castlehillinn.com/wp-content/plugins/gravityforms/js/placeholders.jquery.min.js?ver=2.7.15
Requested by: Host: www.castlehillinn.com
URL: https://www.castlehillinn.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.139.154.50 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.154.139.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: d62a7b7ec5313469ebff5c006b9068dc44d6d1c122cf787ffa29a10113b34060

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.castlehillinn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Tue, 10 Oct 2023 20:02:22 GMT
content-encoding: br
last-modified: Sat, 07 Oct 2023 01:44:07 GMT
server: nginx
etag: W/"6520b7e7-121f"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 utils.min.js Show response
www.castlehillinn.com/wp-content/plugins/gravityforms/assets/js/dist/ 38 KB
12 KB 267ms
249ms Script
application/javascript 34.139.154.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.castlehillinn.com/wp-content/plugins/gravityforms/assets/js/dist/utils.min.js?ver=59d951b75d934ae23e0ea7f9776264aa
Requested by: Host: www.castlehillinn.com
URL: https://www.castlehillinn.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.139.154.50 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.154.139.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 7734306b24719e59158e81abe7849cd4323df1fcee4364b190808b8e761a3255

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.castlehillinn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Tue, 10 Oct 2023 20:02:22 GMT
content-encoding: br
last-modified: Sat, 07 Oct 2023 01:44:07 GMT
server: nginx
etag: W/"6520b7e7-97b8"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 vendor-theme.min.js Show response
www.castlehillinn.com/wp-content/plugins/gravityforms/assets/js/dist/ 17 KB
7 KB 267ms
249ms Script
application/javascript 34.139.154.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.castlehillinn.com/wp-content/plugins/gravityforms/assets/js/dist/vendor-theme.min.js?ver=4ef53fe41c14a48b294541d9fc37387e
Requested by: Host: www.castlehillinn.com
URL: https://www.castlehillinn.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.139.154.50 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.154.139.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: cc039b37e34853a9bef9d693ebc4366b38d9cec1aa91e0109196cd62f870ae52

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.castlehillinn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Tue, 10 Oct 2023 20:02:22 GMT
content-encoding: br
last-modified: Sat, 07 Oct 2023 01:44:07 GMT
server: nginx
etag: W/"6520b7e7-430c"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 scripts-theme.min.js Show response
www.castlehillinn.com/wp-content/plugins/gravityforms/assets/js/dist/ 4 KB
2 KB 268ms
250ms Script
application/javascript 34.139.154.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.castlehillinn.com/wp-content/plugins/gravityforms/assets/js/dist/scripts-theme.min.js?ver=f4d12a887a23a8c5755fd2b956bc8fcf
Requested by: Host: www.castlehillinn.com
URL: https://www.castlehillinn.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.139.154.50 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.154.139.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: a894dbb6e181fc9a70bf4453dc3571e0b5a0b068356310b3139abd081cb80d24

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.castlehillinn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Tue, 10 Oct 2023 20:02:22 GMT
content-encoding: br
last-modified: Sat, 07 Oct 2023 01:44:07 GMT
server: nginx
etag: W/"6520b7e7-101c"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 sjrn_autocx.js Show response
static.sojern.com/utils/ 6 KB
6 KB 77ms
16ms Script
text/javascript 35.244.188.9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.sojern.com/utils/sjrn_autocx.js
Requested by: Host: www.castlehillinn.com
URL: https://www.castlehillinn.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.188.9 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 9.188.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 573df05aa08d415383b527f34ba575f6d58ba0fef033b6da852ce2327f04b0a0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.castlehillinn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Tue, 10 Oct 2023 19:29:51 GMT
age: 1951
x-guploader-uploadid: ADPycdvDV25NNfBHbHc1XaDkA4UTn4fhHwJkvdG0fMRk__xg06vNqAvBA9wcdoNoxeIkAYfgpuXtLgoNUz2OO2RXL6jAo0ioILW1
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6138
last-modified: Fri, 09 Jun 2023 10:52:22 GMT
server: UploadServer
etag: "b0e6a30a07bca6d9e5f647a711382aec"
x-goog-generation: 1686307942516200
x-goog-hash: crc32c=ueAaFw==, md5=sOajCge8ptnl9kenETgq7A==
content-type: text/javascript
cache-control: public, max-age=3600
x-goog-stored-content-length: 6138
accept-ranges: bytes
expires: Tue, 10 Oct 2023 20:29:51 GMT

GET
H2 200 css2
fonts.googleapis.com/ 4 KB
1 KB 134ms
48ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&display=swap

Requested by

Host: www.castlehillinn.com
URL: https://www.castlehillinn.com/wp-content/themes/orourke_parent/css/bootstrap-datepicker.min.css?ver=1.9.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c4ec171d8f202fb90c55007f2dc8ab43a7d089d5e7b717eb03b41fdb3907b261

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.castlehillinn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

strict-transport-security: max-age=31536000
date: Tue, 10 Oct 2023 20:02:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 10 Oct 2023 20:02:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 10 Oct 2023 20:02:21 GMT

GET
H2 200 owl.carousel.min.css
www.castlehillinn.com/wp-content/plugins/weekly-class/assets/libs/owlcarousel/css/ 4 KB
1 KB 117ms
116ms Stylesheet
text/css 34.139.154.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.castlehillinn.com/wp-content/plugins/weekly-class/assets/libs/owlcarousel/css/owl.carousel.min.css
Requested by: Host: www.castlehillinn.com
URL: https://www.castlehillinn.com/wp-content/plugins/weekly-class/assets/front/css/timetable.css?ver=2.5.17
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.139.154.50 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.154.139.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: c738402f238c89e3fab42a4635218102b1ce516f327791d6b801fd0a4e750893

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.castlehillinn.com/wp-content/plugins/weekly-class/assets/front/css/timetable.css?ver=2.5.17
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Tue, 10 Oct 2023 20:02:21 GMT
content-encoding: br
last-modified: Thu, 29 Jun 2023 21:02:11 GMT
server: nginx
etag: W/"649df153-e08"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 owl.theme.default.min.css
www.castlehillinn.com/wp-content/plugins/weekly-class/assets/libs/owlcarousel/css/ 1 KB
583 B 119ms
118ms Stylesheet
text/css 34.139.154.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.castlehillinn.com/wp-content/plugins/weekly-class/assets/libs/owlcarousel/css/owl.theme.default.min.css
Requested by: Host: www.castlehillinn.com
URL: https://www.castlehillinn.com/wp-content/plugins/weekly-class/assets/front/css/timetable.css?ver=2.5.17
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.139.154.50 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.154.139.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: e6e40fa26713134203caed2e8d9362a8c75f5c337f02e25e00723a258eef66ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.castlehillinn.com/wp-content/plugins/weekly-class/assets/front/css/timetable.css?ver=2.5.17
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Tue, 10 Oct 2023 20:02:21 GMT
content-encoding: br
last-modified: Thu, 29 Jun 2023 21:02:11 GMT
server: nginx
etag: W/"649df153-476"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 ladda-themeless.min.css
www.castlehillinn.com/wp-content/plugins/weekly-class/assets/libs/ladda/css/ 8 KB
1 KB 120ms
119ms Stylesheet
text/css 34.139.154.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.castlehillinn.com/wp-content/plugins/weekly-class/assets/libs/ladda/css/ladda-themeless.min.css
Requested by: Host: www.castlehillinn.com
URL: https://www.castlehillinn.com/wp-content/plugins/weekly-class/assets/front/css/timetable.css?ver=2.5.17
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.139.154.50 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.154.139.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 006846141b179dc244a381d2694d3c57da71b7aa99257170443f9ffd26a18566

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.castlehillinn.com/wp-content/plugins/weekly-class/assets/front/css/timetable.css?ver=2.5.17
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Tue, 10 Oct 2023 20:02:21 GMT
content-encoding: br
last-modified: Thu, 29 Jun 2023 21:02:11 GMT
server: nginx
etag: W/"649df153-1e1e"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 themify-icons.css
www.castlehillinn.com/wp-content/plugins/weekly-class/assets/libs/themify/ 16 KB
3 KB 188ms
188ms Stylesheet
text/css 34.139.154.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.castlehillinn.com/wp-content/plugins/weekly-class/assets/libs/themify/themify-icons.css
Requested by: Host: www.castlehillinn.com
URL: https://www.castlehillinn.com/wp-content/plugins/weekly-class/assets/front/css/timetable.css?ver=2.5.17
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.139.154.50 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.154.139.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 62209e75c7fc3bf0fd8f4d208b11686e8233bc0e9b6adb8464c246531f0dd678

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.castlehillinn.com/wp-content/plugins/weekly-class/assets/front/css/timetable.css?ver=2.5.17
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Tue, 10 Oct 2023 20:02:21 GMT
content-encoding: br
last-modified: Thu, 29 Jun 2023 21:02:11 GMT
server: nginx
etag: W/"649df153-3ffd"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
DATA 200
OK truncated
/ 38 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 05632bd17ae6013db11864ba86f363756e305cd5a56ee788fe20774ed6c750f9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

Content-Type: image/webp

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 166 KB
61 KB 164ms
55ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5GNXGWX

Requested by

Host: www.castlehillinn.com
URL: https://www.castlehillinn.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b4448ae30a621b4934bb6a900dd123466e8294aa8fef6026b05124b763848456

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.castlehillinn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Tue, 10 Oct 2023 20:02:22 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61560
x-xss-protection: 0
last-modified: Tue, 10 Oct 2023 18:57:24 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 10 Oct 2023 20:02:22 GMT

GET
H2 200 background-pattern-2.svg
www.castlehillinn.com/wp-content/uploads/ 5 KB
1 KB 245ms
237ms Image
image/svg+xml 34.139.154.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.castlehillinn.com/wp-content/uploads/background-pattern-2.svg
Requested by: Host: www.castlehillinn.com
URL: https://www.castlehillinn.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.139.154.50 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.154.139.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: ba963527ad7c012b3f054891c3850c61621c37a1cb460131c40eb2ef6a72003f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.castlehillinn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Tue, 10 Oct 2023 20:02:22 GMT
content-encoding: br
last-modified: Thu, 29 Jun 2023 21:02:20 GMT
server: nginx
etag: W/"649df15c-128b"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 right-arrow.svg
www.castlehillinn.com/wp-content/themes/orourke_child/images/ 342 B
473 B 245ms
238ms Image
image/svg+xml 34.139.154.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.castlehillinn.com/wp-content/themes/orourke_child/images/right-arrow.svg
Requested by: Host: www.castlehillinn.com
URL: https://www.castlehillinn.com/wp-content/themes/orourke_child/style.css?ver=1688072528
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.139.154.50 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.154.139.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: e17da9ba9823c80b913aa3b3aeb0ef3a99008fa329d72f916068050af6207797

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.castlehillinn.com/wp-content/themes/orourke_child/style.css?ver=1688072528
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Tue, 10 Oct 2023 20:02:22 GMT
content-encoding: br
last-modified: Thu, 29 Jun 2023 21:02:08 GMT
server: nginx
etag: W/"649df150-156"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 Beach-Cottage-Room-660x730-1.jpg
www.castlehillinn.com/wp-content/uploads/ 83 KB
84 KB 257ms
250ms Image
image/jpeg 34.139.154.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.castlehillinn.com/wp-content/uploads/Beach-Cottage-Room-660x730-1.jpg
Requested by: Host: www.castlehillinn.com
URL: https://www.castlehillinn.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.139.154.50 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.154.139.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 69552869561fab91a85bb93b6027dbc2544bfd9c96d43c2bf176d2865bd4eaf2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.castlehillinn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Tue, 10 Oct 2023 20:02:22 GMT
last-modified: Thu, 29 Jun 2023 21:02:01 GMT
server: nginx
etag: "649df149-14dbd"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 85437

GET
H2 200 Beach-House-Rooms-660x730-1.jpg
www.castlehillinn.com/wp-content/uploads/ 78 KB
78 KB 258ms
251ms Image
image/jpeg 34.139.154.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.castlehillinn.com/wp-content/uploads/Beach-House-Rooms-660x730-1.jpg
Requested by: Host: www.castlehillinn.com
URL: https://www.castlehillinn.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.139.154.50 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.154.139.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 6ea7be8c9deb9345146b154cc29c27978d242ec16e8d8555238eb392611243ec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.castlehillinn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Tue, 10 Oct 2023 20:02:22 GMT
last-modified: Thu, 29 Jun 2023 21:02:01 GMT
server: nginx
etag: "649df149-1362d"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 79405

GET
H2 200 Rose-Room-660x730-1.jpg
www.castlehillinn.com/wp-content/uploads/ 81 KB
81 KB 243ms
236ms Image
image/jpeg 34.139.154.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.castlehillinn.com/wp-content/uploads/Rose-Room-660x730-1.jpg
Requested by: Host: www.castlehillinn.com
URL: https://www.castlehillinn.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.139.154.50 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.154.139.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 9c89c1b92202fe2eaa3bd99eb45a07367cc0279e60b587f01f9a71b9ea44fadf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.castlehillinn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Tue, 10 Oct 2023 20:02:22 GMT
last-modified: Thu, 29 Jun 2023 21:02:10 GMT
server: nginx
etag: "649df152-1433e"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 82750

GET
H2 200 Mary-Walsh-Room-660x730-1.jpg
www.castlehillinn.com/wp-content/uploads/ 44 KB
44 KB 241ms
234ms Image
image/jpeg 34.139.154.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.castlehillinn.com/wp-content/uploads/Mary-Walsh-Room-660x730-1.jpg
Requested by: Host: www.castlehillinn.com
URL: https://www.castlehillinn.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.139.154.50 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.154.139.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: ccbe79b50120255e07e0cbc9b2b1bcec6946df1acc32ba06cb4d10a226a5cc5d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.castlehillinn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Tue, 10 Oct 2023 20:02:22 GMT
last-modified: Thu, 29 Jun 2023 21:02:08 GMT
server: nginx
etag: "649df150-b053"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 45139

GET
H2 200 Agassiz-Room-660x730-1.jpg
www.castlehillinn.com/wp-content/uploads/ 76 KB
77 KB 243ms
236ms Image
image/jpeg 34.139.154.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.castlehillinn.com/wp-content/uploads/Agassiz-Room-660x730-1.jpg
Requested by: Host: www.castlehillinn.com
URL: https://www.castlehillinn.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.139.154.50 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.154.139.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: dbd44c6a9f57af7b913411a379c196130f668374d126abd5327a145502ea6491

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.castlehillinn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Tue, 10 Oct 2023 20:02:22 GMT
last-modified: Thu, 29 Jun 2023 21:02:01 GMT
server: nginx
etag: "649df149-13135"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 78133

GET
H2 200 Bridge-Room-660x730-1.jpg
www.castlehillinn.com/wp-content/uploads/ 76 KB
77 KB 241ms
236ms Image
image/jpeg 34.139.154.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.castlehillinn.com/wp-content/uploads/Bridge-Room-660x730-1.jpg
Requested by: Host: www.castlehillinn.com
URL: https://www.castlehillinn.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.139.154.50 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.154.139.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: be47861ed32396c7e691c1a5d32cbd9ab2b1ca345c2910f0e67d2f4361f58ad5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.castlehillinn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Tue, 10 Oct 2023 20:02:22 GMT
last-modified: Thu, 29 Jun 2023 21:02:04 GMT
server: nginx
etag: "649df14c-13167"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 78183

GET
H2 200 Master-Bedroom-660x730-1.jpg
www.castlehillinn.com/wp-content/uploads/ 87 KB
88 KB 242ms
238ms Image
image/jpeg 34.139.154.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.castlehillinn.com/wp-content/uploads/Master-Bedroom-660x730-1.jpg
Requested by: Host: www.castlehillinn.com
URL: https://www.castlehillinn.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.139.154.50 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.154.139.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: d88da38b45bed443afe90bcca1bed96af3cd7503488169c5730649327881ca8a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.castlehillinn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Tue, 10 Oct 2023 20:02:22 GMT
last-modified: Thu, 29 Jun 2023 21:02:04 GMT
server: nginx
etag: "649df14c-15dd5"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 89557

GET
H2 200 Lighthouse-Suite-660x730-1.jpg
www.castlehillinn.com/wp-content/uploads/ 70 KB
70 KB 242ms
238ms Image
image/jpeg 34.139.154.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.castlehillinn.com/wp-content/uploads/Lighthouse-Suite-660x730-1.jpg
Requested by: Host: www.castlehillinn.com
URL: https://www.castlehillinn.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.139.154.50 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.154.139.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: df326bfbc92be49f9016c1fb2b6dd8e37e9d57108bec62a73afdfc7a305cfb2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.castlehillinn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Tue, 10 Oct 2023 20:02:22 GMT
last-modified: Thu, 29 Jun 2023 21:02:02 GMT
server: nginx
etag: "649df14a-11868"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 71784

GET
H2 200 Turret-Suite-660x730-1.jpg
www.castlehillinn.com/wp-content/uploads/ 58 KB
58 KB 253ms
249ms Image
image/jpeg 34.139.154.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.castlehillinn.com/wp-content/uploads/Turret-Suite-660x730-1.jpg
Requested by: Host: www.castlehillinn.com
URL: https://www.castlehillinn.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.139.154.50 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.154.139.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: e2b5ad453b29f7d2246de82d4f7d1c2c3962795b18eef02bd5a2040674935151

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.castlehillinn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Tue, 10 Oct 2023 20:02:22 GMT
last-modified: Thu, 29 Jun 2023 21:02:15 GMT
server: nginx
etag: "649df157-e850"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 59472

GET
H2 200 Harbor-House-660x730-1.jpg
www.castlehillinn.com/wp-content/uploads/ 109 KB
110 KB 253ms
250ms Image
image/jpeg 34.139.154.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.castlehillinn.com/wp-content/uploads/Harbor-House-660x730-1.jpg
Requested by: Host: www.castlehillinn.com
URL: https://www.castlehillinn.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.139.154.50 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.154.139.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: fa1491e711bb08075514fb712f15e8ff9b410a6c79dff0120ca09cebcab40697

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.castlehillinn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Tue, 10 Oct 2023 20:02:22 GMT
last-modified: Thu, 29 Jun 2023 21:02:07 GMT
server: nginx
etag: "649df14f-1b592"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 112018

GET
H2 200 Chalet-Room-660x730-1.jpg
www.castlehillinn.com/wp-content/uploads/ 64 KB
64 KB 255ms
252ms Image
image/jpeg 34.139.154.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.castlehillinn.com/wp-content/uploads/Chalet-Room-660x730-1.jpg
Requested by: Host: www.castlehillinn.com
URL: https://www.castlehillinn.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.139.154.50 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.154.139.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 143d4f545e0ebcd71e9e2fce671b41ff889c56b4848db274d7638fe75d9b1a23

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.castlehillinn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Tue, 10 Oct 2023 20:02:22 GMT
last-modified: Thu, 29 Jun 2023 21:02:06 GMT
server: nginx
etag: "649df14e-10063"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 65635

GET
H2 200 Chalet-Suite-660x730-1.jpg
www.castlehillinn.com/wp-content/uploads/ 65 KB
66 KB 254ms
251ms Image
image/jpeg 34.139.154.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.castlehillinn.com/wp-content/uploads/Chalet-Suite-660x730-1.jpg
Requested by: Host: www.castlehillinn.com
URL: https://www.castlehillinn.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.139.154.50 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.154.139.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 1a4fe9a6778d61b65682a623a908e100d5e29a1d5aa9ec4b36f659c02902db13

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.castlehillinn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Tue, 10 Oct 2023 20:02:22 GMT
last-modified: Thu, 29 Jun 2023 21:02:06 GMT
server: nginx
etag: "649df14e-105b7"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 66999

GET
H2 200 background-pattern-2.svg
www.castlehillinn.com/wp-content/themes/orourke_child/images/ 5 KB
1 KB 253ms
251ms Image
image/svg+xml 34.139.154.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.castlehillinn.com/wp-content/themes/orourke_child/images/background-pattern-2.svg
Requested by: Host: www.castlehillinn.com
URL: https://www.castlehillinn.com/wp-content/themes/orourke_child/style.css?ver=1688072528
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.139.154.50 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.154.139.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: ba963527ad7c012b3f054891c3850c61621c37a1cb460131c40eb2ef6a72003f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.castlehillinn.com/wp-content/themes/orourke_child/style.css?ver=1688072528
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Tue, 10 Oct 2023 20:02:22 GMT
content-encoding: br
last-modified: Thu, 29 Jun 2023 21:02:08 GMT
server: nginx
etag: W/"649df150-128b"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 ChronicleTextG1-Roman.woff2
www.castlehillinn.com/wp-content/themes/orourke_child/fonts/ 26 KB
26 KB 248ms
247ms Font
font/woff2 34.139.154.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.castlehillinn.com/wp-content/themes/orourke_child/fonts/ChronicleTextG1-Roman.woff2
Requested by: Host: www.castlehillinn.com
URL: https://www.castlehillinn.com/wp-content/themes/orourke_child/style.css?ver=1688072528
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.139.154.50 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.154.139.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: ac3f7e0caf10b3f7ed17b38af479e5c5ce68ac39fb37ddc80abef744151fac77

Request headers

Referer: https://www.castlehillinn.com/wp-content/themes/orourke_child/style.css?ver=1688072528
Origin: https://www.castlehillinn.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Tue, 10 Oct 2023 20:02:22 GMT
last-modified: Thu, 29 Jun 2023 21:02:08 GMT
server: nginx
etag: "649df150-662c"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 26156

GET
H2 200 SackersGothicStd-Medium.woff2
www.castlehillinn.com/wp-content/themes/orourke_child/fonts/ 15 KB
15 KB 248ms
247ms Font
font/woff2 34.139.154.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.castlehillinn.com/wp-content/themes/orourke_child/fonts/SackersGothicStd-Medium.woff2
Requested by: Host: www.castlehillinn.com
URL: https://www.castlehillinn.com/wp-content/themes/orourke_child/style.css?ver=1688072528
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.139.154.50 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.154.139.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 3c4eafb177c4ca195e7f369f8d96e8c03655f4af37040ee47135dd5a22d67c20

Request headers

Referer: https://www.castlehillinn.com/wp-content/themes/orourke_child/style.css?ver=1688072528
Origin: https://www.castlehillinn.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Tue, 10 Oct 2023 20:02:22 GMT
last-modified: Thu, 29 Jun 2023 21:02:09 GMT
server: nginx
etag: "649df151-3c44"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 15428

GET
H2 200 SackersHeavyRoman.woff2
www.castlehillinn.com/wp-content/themes/orourke_child/fonts/ 26 KB
26 KB 247ms
246ms Font
font/woff2 34.139.154.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.castlehillinn.com/wp-content/themes/orourke_child/fonts/SackersHeavyRoman.woff2
Requested by: Host: www.castlehillinn.com
URL: https://www.castlehillinn.com/wp-content/themes/orourke_child/style.css?ver=1688072528
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.139.154.50 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.154.139.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 45bb2d08f8adb590e93d1c2690d2182f2ee074332cc52a4d749d108151d234a1

Request headers

Referer: https://www.castlehillinn.com/wp-content/themes/orourke_child/style.css?ver=1688072528
Origin: https://www.castlehillinn.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Tue, 10 Oct 2023 20:02:22 GMT
last-modified: Thu, 29 Jun 2023 21:02:09 GMT
server: nginx
etag: "649df151-6668"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 26216

GET
H2 200 SackersGothicLight.woff2
www.castlehillinn.com/wp-content/themes/orourke_child/fonts/ 18 KB
18 KB 232ms
232ms Font
font/woff2 34.139.154.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.castlehillinn.com/wp-content/themes/orourke_child/fonts/SackersGothicLight.woff2
Requested by: Host: www.castlehillinn.com
URL: https://www.castlehillinn.com/wp-content/themes/orourke_child/style.css?ver=1688072528
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.139.154.50 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.154.139.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: f9ab646cbab04d27ca2f30b47942b270990ad844224616ec7bd85a18f7a1d93e

Request headers

Referer: https://www.castlehillinn.com/wp-content/themes/orourke_child/style.css?ver=1688072528
Origin: https://www.castlehillinn.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Tue, 10 Oct 2023 20:02:22 GMT
last-modified: Thu, 29 Jun 2023 21:02:09 GMT
server: nginx
etag: "649df151-489c"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 18588

GET
H2 206 castle-hill-hero-v2.mp4
www.castlehillinn.com/wp-content/uploads/ 12 MB
0 204ms
203ms Media
video/mp4 34.139.154.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.castlehillinn.com/wp-content/uploads/castle-hill-hero-v2.mp4
Requested by: Host: www.castlehillinn.com
URL: https://www.castlehillinn.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.139.154.50 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.154.139.34.bc.googleusercontent.com
Software: nginx /
Resource Hash

Request headers

Referer: https://www.castlehillinn.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Range: bytes=0-

Response headers

date: Tue, 10 Oct 2023 20:02:22 GMT
last-modified: Thu, 29 Jun 2023 21:02:21 GMT
server: nginx
etag: "649df15d-10971aa"
vary: Accept-Encoding
content-type: video/mp4
access-control-allow-origin: *
Content-Range: bytes 0-17396137/17396138
cache-control: public, max-age=31536000
Content-Length: 17396138

GET
H2 200 fa-brands-400.woff2
www.castlehillinn.com/wp-content/themes/orourke_parent/fonts/ 103 KB
104 KB 183ms
177ms Font
font/woff2 34.139.154.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.castlehillinn.com/wp-content/themes/orourke_parent/fonts/fa-brands-400.woff2
Requested by: Host: www.castlehillinn.com
URL: https://www.castlehillinn.com/wp-content/themes/orourke_parent/css/fontawesome.min.css?ver=5.6.3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.139.154.50 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.154.139.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 3701cbff3acccd80b1f2eede4311050514f7a64c2039eb77a77368fcd6e3de28

Request headers

Referer: https://www.castlehillinn.com/wp-content/themes/orourke_parent/css/fontawesome.min.css?ver=5.6.3
Origin: https://www.castlehillinn.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Tue, 10 Oct 2023 20:02:22 GMT
last-modified: Thu, 29 Jun 2023 21:02:08 GMT
server: nginx
etag: "649df150-19d28"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 105768

GET
H2 200 castle-hill-inn-logo-white.svg Show response
www.castlehillinn.com/wp-content/uploads/ 6 KB
3 KB 207ms
206ms XHR
image/svg+xml 34.139.154.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.castlehillinn.com/wp-content/uploads/castle-hill-inn-logo-white.svg
Requested by: Host: www.castlehillinn.com
URL: https://www.castlehillinn.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.139.154.50 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.154.139.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 28cc581836ef5f20ff2c970b495bd1646079becfa554dd435ed378f9621cdbbe

Request headers

Accept: application/xml, text/xml, */*; q=0.01
Referer: https://www.castlehillinn.com/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Tue, 10 Oct 2023 20:02:22 GMT
content-encoding: br
last-modified: Thu, 29 Jun 2023 21:02:20 GMT
server: nginx
etag: W/"649df15c-194b"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 241 KB
84 KB 55ms
53ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-GYGMMJHZ3W&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5GNXGWX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a61440f07ec3a6fa09982d4b858295d4ef067e1d2803f7b9997928c0dc431532

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.castlehillinn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Tue, 10 Oct 2023 20:02:22 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 85935
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 10 Oct 2023 20:02:22 GMT

GET
H2 200 s Show response
static.sojern.com/cip/w/ Frame 4215 2 KB
2 KB 26ms
25ms Document
text/html 35.244.188.9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.sojern.com/cip/w/s?id=27232&f_v=v6_js&p_v=2&version=3&auto_url=https%3A%2F%2Fwww.castlehillinn.com%2F&auto_ccid=16a4m-pekwq-vylqj-qsg04-bwu1n&auto_ga=&e_eml=null&auto_eml=&auto_eml_count=0&auto_eml_domain=&auto_eml_list=&ws=1600x1200&tz=-120&sha256_eml=&sha1_eml=&md5_eml=&ccid=&vid=hot&cid=
Requested by: Host: www.castlehillinn.com
URL: https://www.castlehillinn.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.188.9 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 9.188.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: d71d12f5c4fb4751dd4aa62557ed9c052881f0d8df2b17f4aa68cc8d80d6c6a0

Request headers

Referer: https://www.castlehillinn.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1659
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-length: 2066
content-type: text/html
date: Tue, 10 Oct 2023 19:34:43 GMT
etag: "5f51e18ad5697e0b4e48c6aba6f6e360"
expires: Tue, 10 Oct 2023 20:34:43 GMT
last-modified: Fri, 04 Aug 2023 14:37:51 GMT
server: UploadServer
x-goog-generation: 1691159871210588
x-goog-hash: crc32c=oFqY1Q== md5=X1HhitVpfgtOSMarpvbjYA==
x-goog-metageneration: 1
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 2066
x-guploader-uploadid: ADPycdvBkQDUTwLDdES8C2tQy1cyrIM0apfvxQKewhaX3lTRJtb5fv5K3L0axBTk2o2s9m4R6CQHPnpFymVNZDJEmQiGOTHdylmV

POST
H2 204 collect
region1.google-analytics.com/g/ 0
249 B 65ms
18ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-GYGMMJHZ3W&gtm=45je3a40&_p=1341946021&cid=623436732.1696968143&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1696968142&sct=1&seg=0&dl=https%3A%2F%2Fwww.castlehillinn.com%2F&dt=Newport%2C%20RI%20Hotels%20%7C%20Relais%20%26%20Ch%C3%A2teaux%20%7C%20Castle%20Hill%20Inn&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GYGMMJHZ3W&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.castlehillinn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

pragma: no-cache
date: Tue, 10 Oct 2023 20:02:22 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.castlehillinn.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 hasher.js Show response
static.sojern.com/cip/ Frame 4215 18 KB
18 KB 25ms
24ms Script
text/javascript 35.244.188.9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.sojern.com/cip/hasher.js
Requested by: Host: static.sojern.com
URL: https://static.sojern.com/cip/w/s?id=27232&f_v=v6_js&p_v=2&version=3&auto_url=https%3A%2F%2Fwww.castlehillinn.com%2F&auto_ccid=16a4m-pekwq-vylqj-qsg04-bwu1n&auto_ga=&e_eml=null&auto_eml=&auto_eml_count=0&auto_eml_domain=&auto_eml_list=&ws=1600x1200&tz=-120&sha256_eml=&sha1_eml=&md5_eml=&ccid=&vid=hot&cid=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.188.9 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 9.188.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: ded6dff29c705adb48c831fe4a652814472affd0e7164d66832b00f594573b7f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.sojern.com/cip/w/s?id=27232&f_v=v6_js&p_v=2&version=3&auto_url=https%3A%2F%2Fwww.castlehillinn.com%2F&auto_ccid=16a4m-pekwq-vylqj-qsg04-bwu1n&auto_ga=&e_eml=null&auto_eml=&auto_eml_count=0&auto_eml_domain=&auto_eml_list=&ws=1600x1200&tz=-120&sha256_eml=&sha1_eml=&md5_eml=&ccid=&vid=hot&cid=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Tue, 10 Oct 2023 19:15:21 GMT
age: 2821
x-guploader-uploadid: ADPycdsZ0fz_6vyeyLYKZwxHLIUDu4ZgYEsXs27gQUeB1op1OenmENgU1YgQzeUybo2l11-JpP-D7p4iAxRpVDX83PX1
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18469
last-modified: Tue, 07 Dec 2021 16:23:19 GMT
server: UploadServer
etag: "676881567863e15eb1b6aa81b384455c"
x-goog-generation: 1638894199335821
x-goog-hash: crc32c=T9fXIw==, md5=Z2iBVnhj4V6xtqqBs4RFXA==
content-type: text/javascript
cache-control: public, max-age=3600
x-goog-stored-content-length: 18469
accept-ranges: bytes
expires: Tue, 10 Oct 2023 20:15:21 GMT

GET
H3 200 create_params.js Show response
static.sojern.com/utils/ Frame 4215 4 KB
4 KB 20ms
19ms Script
text/javascript 35.244.188.9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.sojern.com/utils/create_params.js
Requested by: Host: static.sojern.com
URL: https://static.sojern.com/cip/w/s?id=27232&f_v=v6_js&p_v=2&version=3&auto_url=https%3A%2F%2Fwww.castlehillinn.com%2F&auto_ccid=16a4m-pekwq-vylqj-qsg04-bwu1n&auto_ga=&e_eml=null&auto_eml=&auto_eml_count=0&auto_eml_domain=&auto_eml_list=&ws=1600x1200&tz=-120&sha256_eml=&sha1_eml=&md5_eml=&ccid=&vid=hot&cid=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.188.9 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 9.188.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 3107e5779ba7aef5eb3d38abf73567905761c49a6da871adb8798425745d49db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.sojern.com/cip/w/s?id=27232&f_v=v6_js&p_v=2&version=3&auto_url=https%3A%2F%2Fwww.castlehillinn.com%2F&auto_ccid=16a4m-pekwq-vylqj-qsg04-bwu1n&auto_ga=&e_eml=null&auto_eml=&auto_eml_count=0&auto_eml_domain=&auto_eml_list=&ws=1600x1200&tz=-120&sha256_eml=&sha1_eml=&md5_eml=&ccid=&vid=hot&cid=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Tue, 10 Oct 2023 19:08:22 GMT
age: 3240
x-guploader-uploadid: ADPycdsZMsAPCGwfGAVjWb28-omSkkLmDMbFHCPmxTJOHTwi-KeXxqtVxN4qP2uA2jFLYgsuahULSRH_zK_hYIwr0LvmsrJA9Rvb
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4219
last-modified: Wed, 26 Apr 2023 13:18:45 GMT
server: UploadServer
etag: "c4ca3af5c34884e0dfd4291b07f65037"
x-goog-generation: 1682515125984075
x-goog-hash: crc32c=eNqgAQ==, md5=xMo69cNIhODf1CkbB/ZQNw==
content-type: text/javascript
cache-control: public, max-age=3600
x-goog-stored-content-length: 4219
accept-ranges: bytes
expires: Tue, 10 Oct 2023 20:08:22 GMT

GET
DATA 200
OK truncated
/ 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

Content-Type: image/gif

GET
H2 200 sbi-sprite.png
www.castlehillinn.com/wp-content/plugins/instagram-feed-pro/img/ 4 KB
4 KB 292ms
290ms Image
image/png 34.139.154.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.castlehillinn.com/wp-content/plugins/instagram-feed-pro/img/sbi-sprite.png
Requested by: Host: www.castlehillinn.com
URL: https://www.castlehillinn.com/wp-content/plugins/instagram-feed-pro/css/sbi-styles.min.css?ver=6.2.4
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.139.154.50 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.154.139.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 9de999e7d4aa267a5acee4a0aed70ae6df10838613e9627a97a63cf47feb173e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.castlehillinn.com/wp-content/plugins/instagram-feed-pro/css/sbi-styles.min.css?ver=6.2.4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Tue, 10 Oct 2023 20:02:23 GMT
last-modified: Thu, 29 Jun 2023 21:02:16 GMT
server: nginx
etag: "649df158-f67"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 3943

GET
H2 200 fa-solid-900.woff2
www.castlehillinn.com/wp-content/themes/orourke_parent/fonts/ 321 KB
322 KB 290ms
289ms Font
font/woff2 34.139.154.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.castlehillinn.com/wp-content/themes/orourke_parent/fonts/fa-solid-900.woff2
Requested by: Host: www.castlehillinn.com
URL: https://www.castlehillinn.com/wp-content/themes/orourke_parent/css/fontawesome.min.css?ver=5.6.3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.139.154.50 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.154.139.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: f350c708b5e7748a452b4b98600fa49127166d995686e260ccafb58d51a4ea62

Request headers

Referer: https://www.castlehillinn.com/wp-content/themes/orourke_parent/css/fontawesome.min.css?ver=5.6.3
Origin: https://www.castlehillinn.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Tue, 10 Oct 2023 20:02:23 GMT
last-modified: Thu, 29 Jun 2023 21:02:08 GMT
server: nginx
etag: "649df150-505f4"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 329204

GET
H2 200 385574096_1700399067112168_8235476294376732744_nfull.jpg
www.castlehillinn.com/wp-content/uploads/sb-instagram-feed-images/ 68 KB
69 KB 263ms
261ms Image
image/jpeg 34.139.154.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.castlehillinn.com/wp-content/uploads/sb-instagram-feed-images/385574096_1700399067112168_8235476294376732744_nfull.jpg
Requested by: Host: www.castlehillinn.com
URL: https://www.castlehillinn.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.139.154.50 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.154.139.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: fbe2b61b739a84d88d6043124934b0ab248cfde39722eb9660092192c58bb2b3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.castlehillinn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Tue, 10 Oct 2023 20:02:23 GMT
last-modified: Fri, 06 Oct 2023 05:05:09 GMT
server: nginx
etag: "651f9585-11180"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 70016

GET
H2 200 385539845_1552073935600046_1454930740419817671_nlow.jpg
www.castlehillinn.com/wp-content/uploads/sb-instagram-feed-images/ 14 KB
14 KB 251ms
247ms Image
image/jpeg 34.139.154.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.castlehillinn.com/wp-content/uploads/sb-instagram-feed-images/385539845_1552073935600046_1454930740419817671_nlow.jpg
Requested by: Host: www.castlehillinn.com
URL: https://www.castlehillinn.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.139.154.50 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.154.139.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 789282d2d887755595909320bbed0129d7b331fb70c2f52a289256089b83bc7e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.castlehillinn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Tue, 10 Oct 2023 20:02:23 GMT
last-modified: Tue, 03 Oct 2023 17:01:22 GMT
server: nginx
etag: "651c48e2-37a8"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 14248

GET
H2 200 383064011_325875736644581_7710529441453222684_nlow.jpg
www.castlehillinn.com/wp-content/uploads/sb-instagram-feed-images/ 30 KB
30 KB 252ms
248ms Image
image/jpeg 34.139.154.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.castlehillinn.com/wp-content/uploads/sb-instagram-feed-images/383064011_325875736644581_7710529441453222684_nlow.jpg
Requested by: Host: www.castlehillinn.com
URL: https://www.castlehillinn.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.139.154.50 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.154.139.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: d663561a6bc73e6233e9e4ef3233ef9cc167cb1802535d90bce77a73e5663459

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.castlehillinn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Tue, 10 Oct 2023 20:02:23 GMT
last-modified: Wed, 27 Sep 2023 17:00:21 GMT
server: nginx
etag: "65145fa5-777a"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 30586

GET
H2 200 382539879_693100705636944_4056067231129156875_nlow.jpg
www.castlehillinn.com/wp-content/uploads/sb-instagram-feed-images/ 27 KB
27 KB 253ms
248ms Image
image/jpeg 34.139.154.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.castlehillinn.com/wp-content/uploads/sb-instagram-feed-images/382539879_693100705636944_4056067231129156875_nlow.jpg
Requested by: Host: www.castlehillinn.com
URL: https://www.castlehillinn.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.139.154.50 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.154.139.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 7fdd5e85d0b58a0407182f32f35256c797d1ab27c5016674e17f55678f7222d9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.castlehillinn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Tue, 10 Oct 2023 20:02:23 GMT
last-modified: Mon, 25 Sep 2023 17:01:05 GMT
server: nginx
etag: "6511bcd1-6c05"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 27653

GET
H2 200 375526763_838176084719163_8985825920460754768_nlow.jpg
www.castlehillinn.com/wp-content/uploads/sb-instagram-feed-images/ 13 KB
14 KB 251ms
247ms Image
image/jpeg 34.139.154.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.castlehillinn.com/wp-content/uploads/sb-instagram-feed-images/375526763_838176084719163_8985825920460754768_nlow.jpg
Requested by: Host: www.castlehillinn.com
URL: https://www.castlehillinn.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.139.154.50 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.154.139.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: ca37a328f12a6bfdd850284a16a25f3f5a6c81475be9a902dcbef3661bdf2e6a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.castlehillinn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Tue, 10 Oct 2023 20:02:23 GMT
last-modified: Fri, 08 Sep 2023 05:00:25 GMT
server: nginx
etag: "64faaa69-3530"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 13616

GET
H2 200 27232 Show response
beacon.sojern.com/pixel/p/ Frame 4215 7 KB
2 KB 81ms
23ms Script
application/javascript 107.178.244.119
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.sojern.com/pixel/p/27232?f_v=v6_js&p_v=1&id=27232&cid=https%3A%2F%2Fwww.castlehillinn.com%2F&f_v=v6_js&p_v=2&version=3&ws=1600x1200&tz=-120&sha256_eml=&sha1_eml=&md5_eml=&ccid=16a4m-pekwq-vylqj-qsg04-bwu1n&vid=hot&domain=https%3A%2F%2Fwww.castlehillinn.com%2F&s=ccid_auto&ref=https%3A%2F%2Fwww.castlehillinn.com%2F&et=hc
Requested by: Host: static.sojern.com
URL: https://static.sojern.com/cip/w/s?id=27232&f_v=v6_js&p_v=2&version=3&auto_url=https%3A%2F%2Fwww.castlehillinn.com%2F&auto_ccid=16a4m-pekwq-vylqj-qsg04-bwu1n&auto_ga=&e_eml=null&auto_eml=&auto_eml_count=0&auto_eml_domain=&auto_eml_list=&ws=1600x1200&tz=-120&sha256_eml=&sha1_eml=&md5_eml=&ccid=&vid=hot&cid=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.244.119 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 119.244.178.107.bc.googleusercontent.com
Software: /
Resource Hash: 702caee767f39523ce6914a9e7633f0fa96b4c8504218d90a0c59351fb20fd51

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.sojern.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Tue, 10 Oct 2023 20:02:23 GMT
content-encoding: gzip
via: 1.1 google
vary: Accept-Encoding
content-type: application/javascript
p3p: policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON LAW"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1851

GET
H3 200 splus Show response
static.sojern.com/cip/w/ Frame 30C8 2 KB
2 KB 23ms
17ms Document
text/html 35.244.188.9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.sojern.com/cip/w/splus?id=27232&f_v=v6_js&p_v=2&version=3&auto_url=https%3A%2F%2Fwww.castlehillinn.com%2F&auto_ccid=16a4m-pekwq-vylqj-qsg04-bwu1n&auto_ga=&e_eml=null&auto_eml=&auto_eml_count=0&auto_eml_domain=&auto_eml_list=&ws=1600x1200&tz=-120&sha256_eml=&sha1_eml=&md5_eml=&ccid=&vid=hot&cid=
Requested by: Host: static.sojern.com
URL: https://static.sojern.com/cip/w/s?id=27232&f_v=v6_js&p_v=2&version=3&auto_url=https%3A%2F%2Fwww.castlehillinn.com%2F&auto_ccid=16a4m-pekwq-vylqj-qsg04-bwu1n&auto_ga=&e_eml=null&auto_eml=&auto_eml_count=0&auto_eml_domain=&auto_eml_list=&ws=1600x1200&tz=-120&sha256_eml=&sha1_eml=&md5_eml=&ccid=&vid=hot&cid=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.188.9 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 9.188.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: e887364143c0f8c83b3080f5266d1c5295089a3e96c26f826ef2520104f2f20f

Request headers

Referer: https://static.sojern.com/cip/w/s?id=27232&f_v=v6_js&p_v=2&version=3&auto_url=https%3A%2F%2Fwww.castlehillinn.com%2F&auto_ccid=16a4m-pekwq-vylqj-qsg04-bwu1n&auto_ga=&e_eml=null&auto_eml=&auto_eml_count=0&auto_eml_domain=&auto_eml_list=&ws=1600x1200&tz=-120&sha256_eml=&sha1_eml=&md5_eml=&ccid=&vid=hot&cid=
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2093
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-length: 1710
content-type: text/html
date: Tue, 10 Oct 2023 19:27:30 GMT
etag: "c9e76e09d10a4fa3d08dc404a7c07514"
expires: Tue, 10 Oct 2023 20:27:30 GMT
last-modified: Mon, 17 Jul 2023 15:50:27 GMT
server: UploadServer
x-goog-generation: 1689609027430970
x-goog-hash: crc32c=MFptag== md5=yeduCdEKT6PQjcQEp8B1FA==
x-goog-metageneration: 1
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1710
x-guploader-uploadid: ADPycdvdnNRIYPNHoVulou79EaNUlMhfcchQ4hx3cvVexvA1_bEOrqqHQNzu4x0t5jLOKhHC-9clW-u3zO8gxxXy-sJl_bgP9Ji1

GET
H3 200 hasher.js Show response
static.sojern.com/cip/ Frame 30C8 18 KB
18 KB 23ms
19ms Script
text/javascript 35.244.188.9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.sojern.com/cip/hasher.js
Requested by: Host: static.sojern.com
URL: https://static.sojern.com/cip/w/splus?id=27232&f_v=v6_js&p_v=2&version=3&auto_url=https%3A%2F%2Fwww.castlehillinn.com%2F&auto_ccid=16a4m-pekwq-vylqj-qsg04-bwu1n&auto_ga=&e_eml=null&auto_eml=&auto_eml_count=0&auto_eml_domain=&auto_eml_list=&ws=1600x1200&tz=-120&sha256_eml=&sha1_eml=&md5_eml=&ccid=&vid=hot&cid=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.188.9 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 9.188.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: ded6dff29c705adb48c831fe4a652814472affd0e7164d66832b00f594573b7f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.sojern.com/cip/w/splus?id=27232&f_v=v6_js&p_v=2&version=3&auto_url=https%3A%2F%2Fwww.castlehillinn.com%2F&auto_ccid=16a4m-pekwq-vylqj-qsg04-bwu1n&auto_ga=&e_eml=null&auto_eml=&auto_eml_count=0&auto_eml_domain=&auto_eml_list=&ws=1600x1200&tz=-120&sha256_eml=&sha1_eml=&md5_eml=&ccid=&vid=hot&cid=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Tue, 10 Oct 2023 19:15:21 GMT
age: 2822
x-guploader-uploadid: ADPycdsZ0fz_6vyeyLYKZwxHLIUDu4ZgYEsXs27gQUeB1op1OenmENgU1YgQzeUybo2l11-JpP-D7p4iAxRpVDX83PX1
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18469
last-modified: Tue, 07 Dec 2021 16:23:19 GMT
server: UploadServer
etag: "676881567863e15eb1b6aa81b384455c"
x-goog-generation: 1638894199335821
x-goog-hash: crc32c=T9fXIw==, md5=Z2iBVnhj4V6xtqqBs4RFXA==
content-type: text/javascript
cache-control: public, max-age=3600
x-goog-stored-content-length: 18469
accept-ranges: bytes
expires: Tue, 10 Oct 2023 20:15:21 GMT

GET
H3 200 create_params.js Show response
static.sojern.com/utils/ Frame 30C8 4 KB
4 KB 23ms
19ms Script
text/javascript 35.244.188.9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.sojern.com/utils/create_params.js
Requested by: Host: static.sojern.com
URL: https://static.sojern.com/cip/w/splus?id=27232&f_v=v6_js&p_v=2&version=3&auto_url=https%3A%2F%2Fwww.castlehillinn.com%2F&auto_ccid=16a4m-pekwq-vylqj-qsg04-bwu1n&auto_ga=&e_eml=null&auto_eml=&auto_eml_count=0&auto_eml_domain=&auto_eml_list=&ws=1600x1200&tz=-120&sha256_eml=&sha1_eml=&md5_eml=&ccid=&vid=hot&cid=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.188.9 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 9.188.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 3107e5779ba7aef5eb3d38abf73567905761c49a6da871adb8798425745d49db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.sojern.com/cip/w/splus?id=27232&f_v=v6_js&p_v=2&version=3&auto_url=https%3A%2F%2Fwww.castlehillinn.com%2F&auto_ccid=16a4m-pekwq-vylqj-qsg04-bwu1n&auto_ga=&e_eml=null&auto_eml=&auto_eml_count=0&auto_eml_domain=&auto_eml_list=&ws=1600x1200&tz=-120&sha256_eml=&sha1_eml=&md5_eml=&ccid=&vid=hot&cid=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Tue, 10 Oct 2023 19:08:22 GMT
age: 3241
x-guploader-uploadid: ADPycdsZMsAPCGwfGAVjWb28-omSkkLmDMbFHCPmxTJOHTwi-KeXxqtVxN4qP2uA2jFLYgsuahULSRH_zK_hYIwr0LvmsrJA9Rvb
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4219
last-modified: Wed, 26 Apr 2023 13:18:45 GMT
server: UploadServer
etag: "c4ca3af5c34884e0dfd4291b07f65037"
x-goog-generation: 1682515125984075
x-goog-hash: crc32c=eNqgAQ==, md5=xMo69cNIhODf1CkbB/ZQNw==
content-type: text/javascript
cache-control: public, max-age=3600
x-goog-stored-content-length: 4219
accept-ranges: bytes
expires: Tue, 10 Oct 2023 20:08:22 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame 4215 198 KB
53 KB 29ms
8ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: beacon.sojern.com
URL: https://beacon.sojern.com/pixel/p/27232?f_v=v6_js&p_v=1&id=27232&cid=https%3A%2F%2Fwww.castlehillinn.com%2F&f_v=v6_js&p_v=2&version=3&ws=1600x1200&tz=-120&sha256_eml=&sha1_eml=&md5_eml=&ccid=16a4m-pekwq-vylqj-qsg04-bwu1n&vid=hot&domain=https%3A%2F%2Fwww.castlehillinn.com%2F&s=ccid_auto&ref=https%3A%2F%2Fwww.castlehillinn.com%2F&et=hc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

325fab5a06017764ab5ff18c3e5d6c1625d3524cb2a077e58b902fb8f26d1c9a

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.sojern.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 10 Oct 2023 20:02:23 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 53364
x-xss-protection: 0
pragma: public
x-fb-debug: neRDyIEoesNhJXvTuiLBquUcTmi3CTyCAwHrBBguyxPOrGS+/wEg/7z1ZhTT48zFcn8UTNoaShAP281ZnX4dsw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
x-fb-optimizer: 0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 4215 193 KB
71 KB 81ms
80ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-771219950

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0b7332c65a9970feb6965b4ef0bee946faa8de55fa6a9f1c3f66f61a058fadf4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.sojern.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Tue, 10 Oct 2023 20:02:23 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72205
x-xss-protection: 0
last-modified: Tue, 10 Oct 2023 18:57:24 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 10 Oct 2023 20:02:23 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ Frame 4215 44 KB
13 KB 72ms
47ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

521048c492f2f11e51d0fff32573794ed369b1f2f41fabe88d066cb66709c693

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.sojern.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Tue, 10 Oct 2023 20:02:22 GMT
last-modified: Wed, 06 Sep 2023 22:41:28 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 94718640CF1E4894A023B510E19355FF Ref B: FRAEDGE1317 Ref C: 2023-10-10T20:02:23Z
etag: "09cc4613e1d91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 12981

GET
H2 200 trackpoint-async.js Show response
s2.adform.net/banners/scripts/st/ Frame 4215 81 KB
31 KB 146ms
33ms Script
application/javascript 37.157.5.72
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Requested by: Host: beacon.sojern.com
URL: https://beacon.sojern.com/pixel/p/27232?f_v=v6_js&p_v=1&id=27232&cid=https%3A%2F%2Fwww.castlehillinn.com%2F&f_v=v6_js&p_v=2&version=3&ws=1600x1200&tz=-120&sha256_eml=&sha1_eml=&md5_eml=&ccid=16a4m-pekwq-vylqj-qsg04-bwu1n&vid=hot&domain=https%3A%2F%2Fwww.castlehillinn.com%2F&s=ccid_auto&ref=https%3A%2F%2Fwww.castlehillinn.com%2F&et=hc
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.72 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 99c28ba77690124b83aea8cdbbb17ab1145ba247c791aeb4bad747b4248ac459

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.sojern.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Tue, 10 Oct 2023 20:02:23 GMT
content-encoding: gzip
last-modified: Tue, 23 May 2023 09:56:34 GMT
server: nginx
x-amz-request-id: tx000002a4302a981bc3024-00646c8ee1-3295d04c-default
etag: W/"f937ab3eef01c118930b200e5087d00d"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: public, max-age=604800

GET
H2

200

src=6479053;dc_pre=CNvqn_ui7IEDFR0LogMd9qUBuQ;type=homep0;cat=castl0;qty=1;cost=0;u1=https%253A%252F%252Fwww.castlehillinn.com%252F;u2=;u3=;u4=;u5=;u6=;u8=;u9=;u10=;u11=;u12=;u13=;u14=;u15=;u16=;u1...
adservice.google.com/ddm/fls/z/ Frame 4215
Redirect Chain

https://ad.doubleclick.net/ddm/activity/src=6479053;type=homep0;cat=castl0;qty=1;cost=0;u1=https%253A%252F%252Fwww.castlehillinn.com%252F;u2=;u3=;u4=;u5=;u6=;u8=;u9=;u10=;u11=;u12=;u13=;u14=;u15=;u...
https://ad.doubleclick.net/ddm/activity/src=6479053;dc_pre=CNvqn_ui7IEDFR0LogMd9qUBuQ;type=homep0;cat=castl0;qty=1;cost=0;u1=https%253A%252F%252Fwww.castlehillinn.com%252F;u2=;u3=;u4=;u5=;u6=;u8=;u...
https://adservice.google.com/ddm/fls/z/src=6479053;dc_pre=CNvqn_ui7IEDFR0LogMd9qUBuQ;type=homep0;cat=castl0;qty=1;cost=0;u1=https%253A%252F%252Fwww.castlehillinn.com%252F;u2=;u3=;u4=;u5=;u6=;u8=;u9...

42 B
401 B

343ms
93ms

Image
image/gif

2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/src=6479053;dc_pre=CNvqn_ui7IEDFR0LogMd9qUBuQ;type=homep0;cat=castl0;qty=1;cost=0;u1=https%253A%252F%252Fwww.castlehillinn.com%252F;u2=;u3=;u4=;u5=;u6=;u8=;u9=;u10=;u11=;u12=;u13=;u14=;u15=;u16=;u17=;u18=;u19=;u20=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=orderID

Requested by

Host: static.sojern.com
URL: https://static.sojern.com/cip/w/s?id=27232&f_v=v6_js&p_v=2&version=3&auto_url=https%3A%2F%2Fwww.castlehillinn.com%2F&auto_ccid=16a4m-pekwq-vylqj-qsg04-bwu1n&auto_ga=&e_eml=null&auto_eml=&auto_eml_count=0&auto_eml_domain=&auto_eml_list=&ws=1600x1200&tz=-120&sha256_eml=&sha1_eml=&md5_eml=&ccid=&vid=hot&cid=

Protocol

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.sojern.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

pragma: no-cache
date: Tue, 10 Oct 2023 20:02:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 10 Oct 2023 20:02:23 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://adservice.google.com/ddm/fls/z/src=6479053;dc_pre=CNvqn_ui7IEDFR0LogMd9qUBuQ;type=homep0;cat=castl0;qty=1;cost=0;u1=https%253A%252F%252Fwww.castlehillinn.com%252F;u2=;u3=;u4=;u5=;u6=;u8=;u9=;u10=;u11=;u12=;u13=;u14=;u15=;u16=;u17=;u18=;u19=;u20=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=orderID
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

bounce
secure.adnxs.com/ Frame 4215
Redirect Chain

https://secure.adnxs.com/px?id=1227119&t=1
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1227119%26t%3D1

0
808 B

18ms
18ms

Image
application/javascript

185.89.210.153
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1227119%26t%3D1

Requested by

Protocol

Server

185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.sojern.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

pragma: no-cache
date: Tue, 10 Oct 2023 20:02:23 GMT
an-x-request-uuid: 8df4cc5e-0333-409a-805a-dc644116e2dd
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 185.213.155.134; 185.213.155.134; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 10 Oct 2023 20:02:23 GMT
an-x-request-uuid: d02c1f7b-75c7-4876-8745-68564b36666c
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1227119%26t%3D1
cache-control: no-store, no-cache, private
x-proxy-origin: 185.213.155.134; 185.213.155.134; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

bounce
secure.adnxs.com/ Frame 4215
Redirect Chain

https://secure.adnxs.com/seg?add=21103008&t=1
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D21103008%26t%3D1

0
808 B

19ms
18ms

Image
application/javascript

185.89.210.153
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D21103008%26t%3D1

Requested by

Protocol

Server

185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.sojern.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

pragma: no-cache
date: Tue, 10 Oct 2023 20:02:23 GMT
an-x-request-uuid: 00e20b93-14e3-4fd8-9247-2d911fdbce30
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 185.213.155.134; 185.213.155.134; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 10 Oct 2023 20:02:23 GMT
an-x-request-uuid: c3029aef-7537-4643-8b32-161a0f81ac26
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D21103008%26t%3D1
x-proxy-origin: 185.213.155.134; 185.213.155.134; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

AdX
pixel.sojern.com/idSync/ Frame 4215
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_cm=true&google_hm=RkRJK5pdb1p0WmMSXs2D8Q&google_nid=sojern__adx_open_bidder_seat&google_sc=true&sjrn_id=mYeYN0MZyj8M1a48uihPwrj19kZlcA2gnGu2Njgs-OC6WkpGxra...
https://cm.g.doubleclick.net/pixel?google_cm=true&google_hm=RkRJK5pdb1p0WmMSXs2D8Q&google_nid=sojern__adx_open_bidder_seat&google_sc=true&sjrn_id=mYeYN0MZyj8M1a48uihPwrj19kZlcA2gnGu2Njgs-OC6WkpGxra...
https://pixel.sojern.com/idSync/AdX?exchangeProfileId=&sjrn_id=mYeYN0MZyj8M1a48uihPwrj19kZlcA2gnGu2Njgs-OC6WkpGxraw5e2_pygTrumo&sjrn_ula=392743307&google_gid=CAESEAKnP2wBg-xdYhkIivZI6Lg&google_cver=1

42 B
275 B

28ms
21ms

Image
image/gif

107.178.244.119
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sojern.com/idSync/AdX?exchangeProfileId=&sjrn_id=mYeYN0MZyj8M1a48uihPwrj19kZlcA2gnGu2Njgs-OC6WkpGxraw5e2_pygTrumo&sjrn_ula=392743307&google_gid=CAESEAKnP2wBg-xdYhkIivZI6Lg&google_cver=1
Requested by: Host: static.sojern.com
URL: https://static.sojern.com/cip/w/s?id=27232&f_v=v6_js&p_v=2&version=3&auto_url=https%3A%2F%2Fwww.castlehillinn.com%2F&auto_ccid=16a4m-pekwq-vylqj-qsg04-bwu1n&auto_ga=&e_eml=null&auto_eml=&auto_eml_count=0&auto_eml_domain=&auto_eml_list=&ws=1600x1200&tz=-120&sha256_eml=&sha1_eml=&md5_eml=&ccid=&vid=hot&cid=
Protocol: H2
Server: 107.178.244.119 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 119.244.178.107.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.sojern.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

p3p: policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON LAW"
date: Tue, 10 Oct 2023 20:02:23 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
vary: Accept-Encoding
content-type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 10 Oct 2023 20:02:23 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.sojern.com/idSync/AdX?exchangeProfileId=&sjrn_id=mYeYN0MZyj8M1a48uihPwrj19kZlcA2gnGu2Njgs-OC6WkpGxraw5e2_pygTrumo&sjrn_ula=392743307&google_gid=CAESEAKnP2wBg-xdYhkIivZI6Lg&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 412
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
fcmatch.youtube.com/ Frame 4215
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_hm=RkRJK5pdb1p0WmMSXs2D8Q&google_nid=sojern_adh
https://cm.g.doubleclick.net/pixel?google_hm=RkRJK5pdb1p0WmMSXs2D8Q&google_nid=sojern_adh&google_tc=
https://fcmatch.google.com/pixel?google_gm=AMnCDoqoFTOqUiJhMgP-9OY8DcsVevYKBfefPM6_IWcSIBa6Da00RoygksRXipQu_Jsn4i0TKRcHpVI89QYiDWy2Rc3gV4g4JkhabRx3CAX5kF2TJhgTcKg
https://fcmatch.youtube.com/pixel?google_gm=AMnCDoqoFTOqUiJhMgP-9OY8DcsVevYKBfefPM6_IWcSIBa6Da00RoygksRXipQu_Jsn4i0TKRcHpVI89QYiDWy2Rc3gV4g4JkhabRx3CAX5kF2TJhgTcKg

170 B
244 B

156ms
89ms

Image
image/png

2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fcmatch.youtube.com/pixel?google_gm=AMnCDoqoFTOqUiJhMgP-9OY8DcsVevYKBfefPM6_IWcSIBa6Da00RoygksRXipQu_Jsn4i0TKRcHpVI89QYiDWy2Rc3gV4g4JkhabRx3CAX5kF2TJhgTcKg

Requested by

Protocol

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.sojern.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

pragma: no-cache
date: Tue, 10 Oct 2023 20:02:24 GMT
server: HTTP server (unknown)
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 10 Oct 2023 20:02:23 GMT
server: HTTP server (unknown)
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://fcmatch.youtube.com/pixel?google_gm=AMnCDoqoFTOqUiJhMgP-9OY8DcsVevYKBfefPM6_IWcSIBa6Da00RoygksRXipQu_Jsn4i0TKRcHpVI89QYiDWy2Rc3gV4g4JkhabRx3CAX5kF2TJhgTcKg
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 360
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

apn
pixel.sojern.com/idsync/ Frame 4215
Redirect Chain

https://ib.adnxs.com/getuid?https://pixel.sojern.com/idsync/apn?id=$UID&sjrn_id=mYeYN0MZyj8M1a48uihPwrj19kZlcA2gnGu2Njgs-OC6WkpGxraw5e2_pygTrumo
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fpixel.sojern.com%2Fidsync%2Fapn%3Fid%3D%24UID%26sjrn_id%3DmYeYN0MZyj8M1a48uihPwrj19kZlcA2gnGu2Njgs-OC6WkpGxraw5e2_pygTrumo
https://pixel.sojern.com/idsync/apn?id=5186621193740675632&sjrn_id=mYeYN0MZyj8M1a48uihPwrj19kZlcA2gnGu2Njgs-OC6WkpGxraw5e2_pygTrumo

42 B
256 B

22ms
20ms

Image
image/gif

107.178.244.119
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sojern.com/idsync/apn?id=5186621193740675632&sjrn_id=mYeYN0MZyj8M1a48uihPwrj19kZlcA2gnGu2Njgs-OC6WkpGxraw5e2_pygTrumo
Requested by: Host: static.sojern.com
URL: https://static.sojern.com/cip/w/s?id=27232&f_v=v6_js&p_v=2&version=3&auto_url=https%3A%2F%2Fwww.castlehillinn.com%2F&auto_ccid=16a4m-pekwq-vylqj-qsg04-bwu1n&auto_ga=&e_eml=null&auto_eml=&auto_eml_count=0&auto_eml_domain=&auto_eml_list=&ws=1600x1200&tz=-120&sha256_eml=&sha1_eml=&md5_eml=&ccid=&vid=hot&cid=
Protocol: H2
Server: 107.178.244.119 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 119.244.178.107.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.sojern.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

p3p: policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON LAW"
date: Tue, 10 Oct 2023 20:02:23 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
vary: Accept-Encoding
content-type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 10 Oct 2023 20:02:23 GMT
an-x-request-uuid: 69d382a0-07f4-467b-9758-00f857802624
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://pixel.sojern.com/idsync/apn?id=5186621193740675632&sjrn_id=mYeYN0MZyj8M1a48uihPwrj19kZlcA2gnGu2Njgs-OC6WkpGxraw5e2_pygTrumo
x-proxy-origin: 185.213.155.134; 185.213.155.134; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 4215 70 B
149 B 152ms
42ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=ombl9hp&ttd_puid=mYeYN0MZyj8M1a48uihPwrj19kZlcA2gnGu2Njgs-OC6WkpGxraw5e2_pygTrumo&ttd_tpi=1
Requested by: Host: static.sojern.com
URL: https://static.sojern.com/cip/w/s?id=27232&f_v=v6_js&p_v=2&version=3&auto_url=https%3A%2F%2Fwww.castlehillinn.com%2F&auto_ccid=16a4m-pekwq-vylqj-qsg04-bwu1n&auto_ga=&e_eml=null&auto_eml=&auto_eml_count=0&auto_eml_domain=&auto_eml_list=&ws=1600x1200&tz=-120&sha256_eml=&sha1_eml=&md5_eml=&ccid=&vid=hot&cid=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.sojern.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Tue, 10 Oct 2023 20:02:23 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H3

202

adf
pixel.sojern.com/idsync/ Frame 4215
Redirect Chain

https://c1.adform.net/serving/cookie/match?cid=4644492b-9a5d-6f5a-745a-63125ecd83f1&party=1296
https://c1.adform.net/serving/cookie/match?CC=1&cid=4644492b-9a5d-6f5a-745a-63125ecd83f1&party=1296
https://pixel.sojern.com/idsync/adf?adfid=8141816467623654219&cid=4644492b-9a5d-6f5a-745a-63125ecd83f1

0
13 B

27ms
23ms

Image
text/plain

107.178.244.119
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sojern.com/idsync/adf?adfid=8141816467623654219&cid=4644492b-9a5d-6f5a-745a-63125ecd83f1
Requested by: Host: static.sojern.com
URL: https://static.sojern.com/cip/w/s?id=27232&f_v=v6_js&p_v=2&version=3&auto_url=https%3A%2F%2Fwww.castlehillinn.com%2F&auto_ccid=16a4m-pekwq-vylqj-qsg04-bwu1n&auto_ga=&e_eml=null&auto_eml=&auto_eml_count=0&auto_eml_domain=&auto_eml_list=&ws=1600x1200&tz=-120&sha256_eml=&sha1_eml=&md5_eml=&ccid=&vid=hot&cid=
Protocol: H3
Server: 107.178.244.119 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 119.244.178.107.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.sojern.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Tue, 10 Oct 2023 20:02:23 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON LAW"

Redirect headers

pragma: no-cache
date: Tue, 10 Oct 2023 20:02:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://pixel.sojern.com/idsync/adf?adfid=8141816467623654219&cid=4644492b-9a5d-6f5a-745a-63125ecd83f1
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 1889750437999589 Show response
connect.facebook.net/signals/config/ Frame 4215 131 KB
34 KB 186ms
170ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1889750437999589?v=2.9.133&r=stable&domain=www.castlehillinn.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

629526bf6609c6375405d4ad67ab7498400de4b15c9b6214badd3d1a9fe127fb

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.sojern.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 10 Oct 2023 20:02:23 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: nx+830vx5zh0Kble8HzQl1ClOUkZ5BGWg6EhiReunOqLTuYRoKBf0wgp8Q0ImsIVINTA3MwYKDJFMlX9QH3tAQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 204 26031051.js Show response
bat.bing.com/p/action/ Frame 4215 0
115 B 55ms
54ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/26031051.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.sojern.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Tue, 10 Oct 2023 20:02:22 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: BE307154A83843028271EEE149AA2303 Ref B: FRAEDGE1317 Ref C: 2023-10-10T20:02:23Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ Frame 4215 0
229 B 52ms
51ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=26031051&Ver=2&mid=289411c3-417a-4b04-95fc-3cd36e30cff4&sid=ed41007067a711eeb1b3f75f5d6c6264&vid=ed411e9067a711eeb61d9b731cb2f666&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Standard%20Pixel&p=https%3A%2F%2Fwww.castlehillinn.com%2F&r=&lt=151&evt=pageLoad&ifm=1&sv=1&rn=230452

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.sojern.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 10 Oct 2023 20:02:22 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D95CDE43583B4760AA5A074E0DA86A77 Ref B: FRAEDGE1317 Ref C: 2023-10-10T20:02:23Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 0
bat.bing.com/action/ Frame 4215 0
285 B 51ms
50ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=26031051&Ver=2&mid=289411c3-417a-4b04-95fc-3cd36e30cff4&sid=ed41007067a711eeb1b3f75f5d6c6264&vid=ed411e9067a711eeb61d9b731cb2f666&vids=0&msclkid=N&ec=HOME_PAGE&ea=HOME_PAGE&p=https%3A%2F%2Fwww.castlehillinn.com%2F&sw=1600&sh=1200&sc=24&evt=custom&ifm=1&rn=631508

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.sojern.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 10 Oct 2023 20:02:22 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 58CBF77E369D49589D480A4E17C5684B Ref B: FRAEDGE1317 Ref C: 2023-10-10T20:02:23Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 375526763_838176084719163_8985825920460754768_nfull.jpg
www.castlehillinn.com/wp-content/uploads/sb-instagram-feed-images/ 44 KB
44 KB 514ms
511ms Image
image/jpeg 34.139.154.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.castlehillinn.com/wp-content/uploads/sb-instagram-feed-images/375526763_838176084719163_8985825920460754768_nfull.jpg
Requested by: Host: www.castlehillinn.com
URL: https://www.castlehillinn.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.139.154.50 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.154.139.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 6ec9c9a05465294dc5a136f5cd3334d1029a876578c4091448fcb99239453334

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.castlehillinn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Tue, 10 Oct 2023 20:02:23 GMT
last-modified: Fri, 08 Sep 2023 05:00:24 GMT
server: nginx
etag: "64faaa68-af53"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 44883

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/771219950/ Frame 4215 3 KB
2 KB 155ms
55ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/771219950/?random=1696968143389&cv=11&fst=1696968143389&bg=ffffff&guid=ON&async=1&gtm=45be3a90h2&u_w=1600&u_h=1200&url=https%3A%2F%2Fstatic.sojern.com%2Fcip%2Fw%2Fs%3Fid%3D27232%26f_v%3Dv6_js%26p_v%3D2%26version%3D3%26auto_url%3Dhttps%253A%252F%252Fwww.castlehillinn.com%252F%26auto_ccid%3D16a4m-pekwq-vylqj-qsg04-bwu1n%26auto_ga%3D%26e_eml%3Dnull%26auto_eml%3D%26auto_eml_count%3D0%26auto_eml_domain%3D%26auto_eml_list%3D%26ws%3D1600x1200%26tz%3D-120%26sha256_eml%3D%26sha1_eml%3D%26md5_eml%3D%26ccid%3D%26vid%3Dhot%26cid%3D&ref=https%3A%2F%2Fwww.castlehillinn.com%2F&hn=www.googleadservices.com&frm=2&tiba=Standard%20Pixel&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-771219950

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c81828b53edfa30a2fc894fa592dde395f3f49e6e08f62f1d006424acbaedb5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.sojern.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

pragma: no-cache
date: Tue, 10 Oct 2023 20:02:23 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1401
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/ Show response
a2.adform.net/Serving/TrackPoint/ Frame 4215
Redirect Chain

https://a2.adform.net/Serving/TrackPoint/?pm=3051329&ADFPageName=Castle%20Hill%20Inn%20--%20HOME_PAGE%2027232&ADFdivider=%7C&ord=569023511420&ADFtpmode=2&loc=https%3A%2F%2Fstatic.sojern.com%2Fcip%2...
https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=3051329&ADFPageName=Castle%20Hill%20Inn%20--%20HOME_PAGE%2027232&ADFdivider=%7C&ord=569023511420&ADFtpmode=2&loc=https%3A%2F%2Fstatic.sojern.com%2F...

857 B
1 KB

106ms
93ms

Script
text/javascript

185.167.164.49
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=3051329&ADFPageName=Castle%20Hill%20Inn%20--%20HOME_PAGE%2027232&ADFdivider=%7C&ord=569023511420&ADFtpmode=2&loc=https%3A%2F%2Fstatic.sojern.com%2Fcip%2Fw%2Fs%3Fid%3D27232%26f_v%3Dv6_js%26p_v%3D2%26version%3D3%26auto_url%3Dhttps%253A%252F%252Fwww.castlehillinn.com%252F%26auto_ccid%3D16a4m-pekwq-vylqj-qsg04-bwu1n%26auto_ga%3D%26e_eml%3Dnull%26auto_eml%3D%26auto_eml_count%3D0%26auto_eml_domain%3D%26auto_eml_list%3D%26ws%3D1600x1200%26tz%3D-120%26sha256_eml%3D%26sha1_eml%3D%26md5_eml%3D%26ccid%3D%26vid%3Dhot%26cid%3D&CPref=https%3A%2F%2Fwww.castlehillinn.com%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24

Requested by

Protocol

Server

185.167.164.49 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

dac6ac6d105bd1e1eb828c1dc507d6e55dbdaeecabca3eb24288bc574103e171

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.sojern.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

pragma: no-cache
date: Tue, 10 Oct 2023 20:02:23 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 699
expires: -1

Redirect headers

pragma: no-cache
date: Tue, 10 Oct 2023 20:02:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
content-type: text/html; charset=utf-8
location: https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=3051329&ADFPageName=Castle%20Hill%20Inn%20--%20HOME_PAGE%2027232&ADFdivider=%7C&ord=569023511420&ADFtpmode=2&loc=https%3A%2F%2Fstatic.sojern.com%2Fcip%2Fw%2Fs%3Fid%3D27232%26f_v%3Dv6_js%26p_v%3D2%26version%3D3%26auto_url%3Dhttps%253A%252F%252Fwww.castlehillinn.com%252F%26auto_ccid%3D16a4m-pekwq-vylqj-qsg04-bwu1n%26auto_ga%3D%26e_eml%3Dnull%26auto_eml%3D%26auto_eml_count%3D0%26auto_eml_domain%3D%26auto_eml_list%3D%26ws%3D1600x1200%26tz%3D-120%26sha256_eml%3D%26sha1_eml%3D%26md5_eml%3D%26ccid%3D%26vid%3Dhot%26cid%3D&CPref=https%3A%2F%2Fwww.castlehillinn.com%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1

GET
H2 200 /
www.facebook.com/tr/ Frame 4215 0
185 B 235ms
7ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1889750437999589&ev=PageView&dl=https%3A%2F%2Fstatic.sojern.com%2Fcip%2Fw%2Fs%3Fid%3D27232%26f_v%3Dv6_js%26p_v%3D2%26version%3D3%26auto_url%3Dhttps%253A%252F%252Fwww.castlehillinn.com%252F%26auto_ccid%3D16a4m-pekwq-vylqj-qsg04-bwu1n%26auto_ga%3D%26e_eml%3Dnull%26auto_eml%3D%26auto_eml_count%3D0%26auto_eml_domain%3D%26auto_eml_list%3D%26ws%3D1600x1200%26tz%3D-120%26sha256_eml%3D%26sha1_eml%3D%26md5_eml%3D%26ccid%3D%26vid%3Dhot%26cid%3D&rl=https%3A%2F%2Fwww.castlehillinn.com%2F&if=true&ts=1696968143509&sw=1600&sh=1200&v=2.9.133&r=stable&a=trplsojern&ec=0&o=30&ler=other&it=1696968143237&coo=false&tm=1&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.sojern.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 10 Oct 2023 20:02:23 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ Frame 4215 0
31 B 235ms
8ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1889750437999589&ev=HomePage&dl=https%3A%2F%2Fstatic.sojern.com%2Fcip%2Fw%2Fs%3Fid%3D27232%26f_v%3Dv6_js%26p_v%3D2%26version%3D3%26auto_url%3Dhttps%253A%252F%252Fwww.castlehillinn.com%252F%26auto_ccid%3D16a4m-pekwq-vylqj-qsg04-bwu1n%26auto_ga%3D%26e_eml%3Dnull%26auto_eml%3D%26auto_eml_count%3D0%26auto_eml_domain%3D%26auto_eml_list%3D%26ws%3D1600x1200%26tz%3D-120%26sha256_eml%3D%26sha1_eml%3D%26md5_eml%3D%26ccid%3D%26vid%3Dhot%26cid%3D&rl=https%3A%2F%2Fwww.castlehillinn.com%2F&if=true&ts=1696968143525&cd[content_type]=hotel&cd[value]=0&cd[purchase_value]=0&sw=1600&sh=1200&v=2.9.133&r=stable&a=trplsojern&ec=1&o=30&ler=other&it=1696968143237&coo=false&tm=2&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.sojern.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 10 Oct 2023 20:02:23 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.google.com/pagead/1p-user-list/771219950/ Frame 4215 42 B
455 B 247ms
53ms Image
image/gif 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/771219950/?random=1696968143389&cv=11&fst=1696968000000&bg=ffffff&guid=ON&async=1&gtm=45be3a90h2&u_w=1600&u_h=1200&url=https%3A%2F%2Fstatic.sojern.com%2Fcip%2Fw%2Fs%3Fid%3D27232%26f_v%3Dv6_js%26p_v%3D2%26version%3D3%26auto_url%3Dhttps%253A%252F%252Fwww.castlehillinn.com%252F%26auto_ccid%3D16a4m-pekwq-vylqj-qsg04-bwu1n%26auto_ga%3D%26e_eml%3Dnull%26auto_eml%3D%26auto_eml_count%3D0%26auto_eml_domain%3D%26auto_eml_list%3D%26ws%3D1600x1200%26tz%3D-120%26sha256_eml%3D%26sha1_eml%3D%26md5_eml%3D%26ccid%3D%26vid%3Dhot%26cid%3D&ref=https%3A%2F%2Fwww.castlehillinn.com%2F&frm=2&tiba=Standard%20Pixel&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=12224929&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.sojern.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

pragma: no-cache
date: Tue, 10 Oct 2023 20:02:23 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/771219950/ Frame 4215 42 B
455 B 246ms
52ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/771219950/?random=1696968143389&cv=11&fst=1696968000000&bg=ffffff&guid=ON&async=1&gtm=45be3a90h2&u_w=1600&u_h=1200&url=https%3A%2F%2Fstatic.sojern.com%2Fcip%2Fw%2Fs%3Fid%3D27232%26f_v%3Dv6_js%26p_v%3D2%26version%3D3%26auto_url%3Dhttps%253A%252F%252Fwww.castlehillinn.com%252F%26auto_ccid%3D16a4m-pekwq-vylqj-qsg04-bwu1n%26auto_ga%3D%26e_eml%3Dnull%26auto_eml%3D%26auto_eml_count%3D0%26auto_eml_domain%3D%26auto_eml_list%3D%26ws%3D1600x1200%26tz%3D-120%26sha256_eml%3D%26sha1_eml%3D%26md5_eml%3D%26ccid%3D%26vid%3Dhot%26cid%3D&ref=https%3A%2F%2Fwww.castlehillinn.com%2F&frm=2&tiba=Standard%20Pixel&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=12224929&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.sojern.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

pragma: no-cache
date: Tue, 10 Oct 2023 20:02:23 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixels Show response
c1.adform.net/imatch/ Frame 8D97 5 KB
2 KB 50ms
50ms Document
text/html 37.157.6.237
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/imatch/pixels?uid=8141816467623654219&agencyId=8579&advertiserId=2160738&src=tp&rnd=665922

Requested by

Host: a2.adform.net
URL: https://a2.adform.net/Serving/TrackPoint/?pm=3051329&ADFPageName=Castle%20Hill%20Inn%20--%20HOME_PAGE%2027232&ADFdivider=%7C&ord=569023511420&ADFtpmode=2&loc=https%3A%2F%2Fstatic.sojern.com%2Fcip%2Fw%2Fs%3Fid%3D27232%26f_v%3Dv6_js%26p_v%3D2%26version%3D3%26auto_url%3Dhttps%253A%252F%252Fwww.castlehillinn.com%252F%26auto_ccid%3D16a4m-pekwq-vylqj-qsg04-bwu1n%26auto_ga%3D%26e_eml%3Dnull%26auto_eml%3D%26auto_eml_count%3D0%26auto_eml_domain%3D%26auto_eml_list%3D%26ws%3D1600x1200%26tz%3D-120%26sha256_eml%3D%26sha1_eml%3D%26md5_eml%3D%26ccid%3D%26vid%3Dhot%26cid%3D&CPref=https%3A%2F%2Fwww.castlehillinn.com%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.237 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

b906cb78cf22843df9040298e76dc2f5877563465b9139d15510f3a49a7b5063

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://static.sojern.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 10 Oct 2023 20:02:24 GMT
expires: -1
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding

GET
H2 200 /
a1.seadform.net/serving/cookie/sync/ Frame 4215 35 B
457 B 472ms
23ms Image
image/gif 37.157.6.232
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a1.seadform.net/serving/cookie/sync/?uid=8141816467623654219&stamp=U03un7N3JA8DvP-67D9Y4w2

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.232 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.sojern.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Tue, 10 Oct 2023 20:02:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
content-type: image/gif
cache-control: private

GET
H2 200 plf
c1.adform.net/imatch/ Frame 8D97 0
384 B 141ms
20ms Image
text/plain 37.157.6.237
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/imatch/plf?name=plff

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8141816467623654219&agencyId=8579&advertiserId=2160738&src=tp&rnd=665922

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.237 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/imatch/pixels?uid=8141816467623654219&agencyId=8579&advertiserId=2160738&src=tp&rnd=665922
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Tue, 10 Oct 2023 20:02:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET
H2 200 match
ad.360yield.com/ Frame 8D97 43 B
199 B 670ms
183ms Image
image/gif 34.249.44.166
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/match?publisher_dsp_id=42&external_user_id=8141816467623654219&Expiration=1698177761
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8141816467623654219&agencyId=8579&advertiserId=2160738&src=tp&rnd=665922
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.249.44.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-249-44-166.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

access-control-allow-origin: *
date: Tue, 10 Oct 2023 20:02:24 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame 8D97 0
400 B 507ms
40ms Image
text/plain 23.35.237.75
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.yieldlab.net/m?dt_id=4879&ext_id=8141816467623654219
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8141816467623654219&agencyId=8579&advertiserId=2160738&src=tp&rnd=665922
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.237.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-75.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

Pragma: no-cache
Date: Tue, 10 Oct 2023 20:02:24 GMT
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
Expires: Mon, 09 Oct 2023 20:02:24 GMT

GET
H/1.1 204
No Content token
token.rubiconproject.com/ Frame 8D97 0
214 B 494ms
23ms Image
text/plain 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=5232&puid=8141816467623654219
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8141816467623654219&agencyId=8579&advertiserId=2160738&src=tp&rnd=665922
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

Expires: 0
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 54ae5f20a7acdd83fd00ddb00e96a2c1
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame 8D97
Redirect Chain

https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=8141816467623654219&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__
https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=8141816467623654219&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__&nut&uu=cd727c2947e24faaa...
https://c1.adform.net/serving/cookie/match?party=9&uid=465236a33050adb148fc556ae12a67c5b34d281e6fe2bc251dbb689242e4538d

35 B
590 B

50ms
35ms

Image
image/gif

37.157.6.237
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=9&uid=465236a33050adb148fc556ae12a67c5b34d281e6fe2bc251dbb689242e4538d

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8141816467623654219&agencyId=8579&advertiserId=2160738&src=tp&rnd=665922

Protocol

Server

37.157.6.237 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

pragma: no-cache
date: Tue, 10 Oct 2023 20:02:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

location: https://c1.adform.net/serving/cookie/match?party=9&uid=465236a33050adb148fc556ae12a67c5b34d281e6fe2bc251dbb689242e4538d
date: Tue, 10 Oct 2023 20:02:24 GMT
content-length: 0
p3p: CP=NOI PSA OUR

GET
H2 200 /
rtb-csync.smartadserver.com/redir/ Frame 8D97 43 B
114 B 547ms
66ms Image
image/gif 185.86.139.101
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=22&partneruserid=8141816467623654219&redirurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d10%26cid%3DSMART_USER_ID
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8141816467623654219&agencyId=8579&advertiserId=2160738&src=tp&rnd=665922
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.101 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Tue, 10 Oct 2023 20:02:24 GMT
content-type: image/gif

GET
H2 204 sync
ups.analytics.yahoo.com/ups/55944/ Frame 8D97 0
125 B 800ms
319ms Image
text/plain 3.71.149.231
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55944/sync?uid=8141816467623654219&_origin=1

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8141816467623654219&agencyId=8579&advertiserId=2160738&src=tp&rnd=665922

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.87 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Tue, 10 Oct 2023 20:02:24 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.87
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1 200
OK user-registering
ads.stickyadstv.com/ Frame 8D97 43 B
638 B 504ms
39ms Image
image/gif 2.21.20.208
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.stickyadstv.com/user-registering?dataProviderId=189&userId=8141816467623654219
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8141816467623654219&agencyId=8579&advertiserId=2160738&src=tp&rnd=665922
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.20.208 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-21-20-208.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

Pragma: no-cache
Date: Tue, 10 Oct 2023 20:02:24 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 43
x-sticky-vk: 1696968144525033-556
Expires: Tue, 10 Oct 2023 20:02:24 GMT

GET
H2 200 sync
x.bidswitch.net/ Frame 8D97 43 B
146 B 781ms
300ms Image
image/gif 3.73.31.226
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=70&user_id=8141816467623654219
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8141816467623654219&agencyId=8579&advertiserId=2160738&src=tp&rnd=665922
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.73.31.226 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-73-31-226.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Tue, 10 Oct 2023 20:02:24 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame 8D97
Redirect Chain

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=8141816467623654219&expiration=1698177761
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=8141816467623654219&expiration=1698177761&C=1

43 B
339 B

83ms
65ms

Image
image/gif

104.18.26.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=8141816467623654219&expiration=1698177761&C=1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8141816467623654219&agencyId=8579&advertiserId=2160738&src=tp&rnd=665922
Protocol: H2
Server: 104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

pragma: no-cache
date: Tue, 10 Oct 2023 20:02:24 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RxzPoGOl6jUYjQgfUWJ%2FBTgCUeikMnIA2lI0yhHYdNmnZoQQXtfXJpBwr4OzWNZGtx9fKA85x%2F9yPx0Ij%2F4A%2BjJu78l6zNvQq59yHBZe1Mn3Fbg3wbUToQm5n3EoR8ZwgWUVu98iHfmGdA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 814175f85924692b-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 10 Oct 2023 20:02:24 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=38OY%2BoDrbb0tGHESFKPR%2BjrlDfJIptRyLK9yE16UHaoMcgKwd8hRI51DyjZoH8nCdByi4GlEmBIR9OH%2BSH9ElQDoLZd7RSsJr0ozY157obfdSvMHiZXnmeoPgg9L0CwbrFy02bipXutZ3w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=111&external_user_id=8141816467623654219&expiration=1698177761&C=1
cache-control: no-cache
cf-ray: 814175f7d887692b-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H/1.1

200
OK

12092831
se.semasio.net/sync/1/ Frame 8D97
Redirect Chain

https://uipglob.semasio.net/adform/1/info?sType=sync&sExtCookieId=8141816467623654219&sInitiator=external
https://uipglob.semasio.net/adform/1/info2?sType=sync&sExtCookieId=8141816467623654219&sInitiator=external
https://se.semasio.net/sync/1/16266044?sExtCookieId=8141816467623654219&gdpr=&sInitiator=external
https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fse.semasio.net%2Fsync%2F1%2F647471%3FsExtCookieId%3D%25%25COOKIE%25%25%26sInitiator%3Dinternal&gdpr=
https://se.semasio.net/sync/1/647471?sExtCookieId=7288422685135141009&sInitiator=internal&gdpr=
https://ib.adnxs.com/getuid?https%3A%2F%2Fse.semasio.net%2Fsync%2F1%2F4354957%3FsExtCookieId%3D%24UID%26sInitiator%3Dinternal&gdpr=
https://se.semasio.net/sync/1/4354957?sExtCookieId=5186621193740675632&sInitiator=internal&gdpr=
https://cm.g.doubleclick.net/pixel?google_nid=semasio_ddp&google_cm&google_hm=NTBBRTAwNzhGQzUyNjJDRQ&gdpr=
https://uipglob.semasio.net/dbm/1/info?sType=sync&sExtCookieId=CAESEFN0Big49srT-EU1nv7g0hQ&sInitiator=internal&google_cver=1&gdpr=&google_cver=1
https://se.semasio.net/sync/1/12092831?sExtCookieId=CAESEFN0Big49srT-EU1nv7g0hQ&sInitiator=internal&google_cver=1&gdpr=

0
415 B

37ms
32ms

Image
text/plain

77.243.51.121
NETIC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://se.semasio.net/sync/1/12092831?sExtCookieId=CAESEFN0Big49srT-EU1nv7g0hQ&sInitiator=internal&google_cver=1&gdpr=
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8141816467623654219&agencyId=8579&advertiserId=2160738&src=tp&rnd=665922
Protocol: HTTP/1.1
Server: 77.243.51.121 , Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

pragma: no-cache
date: Tue, 10 Oct 2023 20:02:34 GMT
uip-status: Ok
frontend-id: 09
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 0
expires: Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 10 Oct 2023 20:02:34 GMT
frontend-id: 5
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location: https://se.semasio.net/sync/1/12092831?sExtCookieId=CAESEFN0Big49srT-EU1nv7g0hQ&sInitiator=internal&google_cver=1&gdpr=
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin: *
content-length: 0
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

GET
H/1.1 200
OK match
ps.eyeota.net/ Frame 8D97 0
344 B 370ms
20ms Image
text/plain 3.127.178.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?uid=8141816467623654219&bid=9gdtmu1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8141816467623654219&agencyId=8579&advertiserId=2160738&src=tp&rnd=665922
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.127.178.105 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-178-105.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

Date: Tue, 10 Oct 2023 20:02:24 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H2

200

pixel.gif
load77.exelator.com/ Frame 8D97
Redirect Chain

https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=8141816467623654219
https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=8141816467623654219&xl8blockcheck=1
https://load77.exelator.com/pixel.gif

43 B
380 B

154ms
19ms

Image
image/gif

2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://load77.exelator.com/pixel.gif
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8141816467623654219&agencyId=8579&advertiserId=2160738&src=tp&rnd=665922
Protocol: H2
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

x-77-pop: frankfurtDE
date: Tue, 10 Oct 2023 20:02:25 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 196506
x-accel-date: 1696771639
content-length: 43
x-77-nzt: AZySIYs3Nzf/mv8CAA
x-accel-expires: @1697808439
x-77-age: 196506
last-modified: Wed, 25 Oct 2017 17:03:56 GMT
server: CDN77-Turbo
etag: "59f0c3fc-2b"
x-77-nzt-ray: cf8787272c22f74bd1ad2565f1203e0e
content-type: image/gif
access-control-allow-origin: *
accept-ranges: bytes

Redirect headers

date: Tue, 10 Oct 2023 20:02:24 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://load77.exelator.com/pixel.gif
content-type: image/gif
cache-control: no-cache
access-control-allow-credentials: true
content-length: 0

GET
H2 451 398366.gif
idsync.rlcdn.com/ Frame 8D97 0
98 B 142ms
37ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/398366.gif?partner_uid=8141816467623654219
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8141816467623654219&agencyId=8579&advertiserId=2160738&src=tp&rnd=665922
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Tue, 10 Oct 2023 20:02:24 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 404 gdpr_consent=
sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=8141816467623654219/gdpr=/ Frame 8D97 49 B
266 B 155ms
30ms Image
image/gif 52.31.175.73
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=8141816467623654219/gdpr=/gdpr_consent=
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8141816467623654219&agencyId=8579&advertiserId=2160738&src=tp&rnd=665922
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.175.73 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-31-175-73.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

pragma: no-cache
date: Tue, 10 Oct 2023 20:02:24 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.25.182
content-length: 49
expires: 0

GET
H2 200 29729
tags.bluekai.com/site/ Frame 8D97 62 B
218 B 205ms
167ms Image
image/gif 69.192.160.219
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/29729?id=8141816467623654219
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8141816467623654219&agencyId=8579&advertiserId=2160738&src=tp&rnd=665922
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.192.160.219 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a69-192-160-219.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Tue, 10 Oct 2023 20:02:24 GMT
content-length: 62
content-type: image/gif

GET
H2 200 sd
eu-u.openx.net/w/1.0/ Frame 8D97 43 B
264 B 149ms
43ms Image
image/gif 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8141816467623654219
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8141816467623654219&agencyId=8579&advertiserId=2160738&src=tp&rnd=665922
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

pragma: no-cache
date: Tue, 10 Oct 2023 20:02:24 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

pixel.gif
s3-eu-west-1.amazonaws.com/adality-cdn-content/ Frame 8D97
Redirect Chain

https://api.adrtx.net/thirdparty/click?p=adfo
https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif

35 B
390 B

292ms
36ms

Image
image/gif

52.218.0.75
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8141816467623654219&agencyId=8579&advertiserId=2160738&src=tp&rnd=665922
Protocol: HTTP/1.1
Server: 52.218.0.75 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

Date: Tue, 10 Oct 2023 20:02:26 GMT
Last-Modified: Thu, 29 Oct 2015 16:41:57 GMT
Server: AmazonS3
x-amz-request-id: AR36EVM92JX41GK6
ETag: "c2196de8ba412c60c22ab491af7b1409"
Content-Type: image/gif
Accept-Ranges: bytes
Content-Length: 35
x-amz-id-2: 81PH0Zo1BchJKEaMA6UA8BqHfFaa1nEe/0GFeTOVuqGTDK32gGpsIQVFRefvpZZtGiyDHH5ZIX0=

Redirect headers

X-Error-Reason: Missing UserId
Date: Tue, 10 Oct 2023 20:02:24 GMT
Server: akka-http/10.2.10
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif
Content-Type: text/html; charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 137

GET
H2

200

generic
match.adsrvr.org/track/cmf/ Frame 8D97
Redirect Chain

https://pixel.onaudience.com/?mapped=8141816467623654219&partner=68
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1

70 B
148 B

44ms
43ms

Image
image/gif

15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8141816467623654219&agencyId=8579&advertiserId=2160738&src=tp&rnd=665922
Protocol: H2
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Tue, 10 Oct 2023 20:02:24 GMT
server: Kestrel
content-length: 70
content-type: image/gif

Redirect headers

location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1
content-length: 0

GET
H/1.1

200
OK

/
cm.adsafety.net/ Frame 8D97
Redirect Chain

https://cm.adsafety.net/?_cmsrc=adformx&idt=100&did=8141816467623654219
https://tags.adsafety.net/v1/cm?cm_uid=CM120231010201e9a0eb05b2692b1c0a&redirect=https%3A%2F%2Fcm.adsafety.net%2F%3F_cmsrc%3Dct%26_chainsrc%3Dcommon%26idt%3D%5B%25IDT%25%5D%26did%3D%5B%25DID%25%5D&...
https://cm.adsafety.net/?_cmsrc=ct&_chainsrc=common&idt=100&did=d6be7ed11f94aa9a39dc9f010620d7b1
https://ads.smartstream.tv/cm/?cmsrc=cm&cm_uid=CM120231010201e9a0eb05b2692b1c0a&redirect=https%3A%2F%2Fcm.adsafety.net%2F%3F_cmsrc%3Dstv%26_chainsrc%3Dcommon&gdpr_consent=
https://cm.adsafety.net/?_cmsrc=stv&_chainsrc=common&idt=100&did=d6be7ed11f94aa9a39dc9f010620d7b1&idt_did_status=added&gdpr_consent=&gdpr=0
https://cm.g.doubleclick.net/pixel?google_nid=dataxtrade_dmp&google_cm&google_hm=Q00xMjAyMzEwMTAyMDFlOWEwZWIwNWIyNjkyYjFjMGE&gdpr_consent=&gdpr=0
https://cm.adsafety.net/?_cmsrc=dbmx&midt=100&mdid=CAESEDk5bmv_CQY0lL96GIOZb-E&gdpr_consent=&gdpr=0&google_cver=1
https://c1.adform.net/serving/cookie/match?party=28&cid=CM120231010201e9a0eb05b2692b1c0a
https://cm.adsafety.net/?_cmsrc=adform&idt=100&did=8141816467623654219

43 B
2 KB

17ms
16ms

Image
image/gif

89.163.142.91
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adsafety.net/?_cmsrc=adform&idt=100&did=8141816467623654219
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8141816467623654219&agencyId=8579&advertiserId=2160738&src=tp&rnd=665922
Protocol: HTTP/1.1
Server: 89.163.142.91 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: cm40.as.net
Software: nginx /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

Pragma: no-cache
Date: Tue, 10 Oct 2023 20:02:25 GMT
Last-Modified: Tue, 10 Oct 2023 20:02:25 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, no-cache, no-store, post-check=0, pre-check=0, private
Connection: keep-alive
Expires: Mon, 28 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 10 Oct 2023 20:02:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.adsafety.net/?_cmsrc=adform&idt=100&did=8141816467623654219
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame 8D97 0
338 B 394ms
31ms Image
text/plain 52.31.202.102
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=adform&partner_uid=8141816467623654219
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8141816467623654219&agencyId=8579&advertiserId=2160738&src=tp&rnd=665922
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.202.102 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-31-202-102.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

x-served-by: beacon-n014-dub-prod.krxd.net
date: Tue, 10 Oct 2023 20:02:25 GMT
cache-control: private, no-cache, no-store
x-request-time: D=66 t=1696968145
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

/
c1.adform.net/serving/cookie/match/ Frame 8D97
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm&google_ula=1641347&party=1&google_hm=ODE0MTgxNjQ2NzYyMzY1NDIxOQ
https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEEdMGGGB3b4kwYtqCSJRZ9k&google_cver=1&google_ula=1641347,0

35 B
599 B

43ms
40ms

Image
image/gif

37.157.6.237
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEEdMGGGB3b4kwYtqCSJRZ9k&google_cver=1&google_ula=1641347,0

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8141816467623654219&agencyId=8579&advertiserId=2160738&src=tp&rnd=665922

Protocol

Server

37.157.6.237 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

pragma: no-cache
date: Tue, 10 Oct 2023 20:02:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Tue, 10 Oct 2023 20:02:24 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEEdMGGGB3b4kwYtqCSJRZ9k&google_cver=1&google_ula=1641347,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 334
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
secure.adnxs.com/ Frame 8D97
Redirect Chain

https://secure.adnxs.com/getuid?https://c1.adform.net/serving/cookie/match?party=3&id=$UID&redirect=1
https://c1.adform.net/serving/cookie/match?party=3&id=5186621193740675632&redirect=1
https://secure.adnxs.com/setuid?entity=91&code=8141816467623654219

43 B
833 B

46ms
15ms

Image
image/gif

185.89.210.153
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/setuid?entity=91&code=8141816467623654219

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8141816467623654219&agencyId=8579&advertiserId=2160738&src=tp&rnd=665922

Protocol

Server

185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

pragma: no-cache
date: Tue, 10 Oct 2023 20:02:24 GMT
an-x-request-uuid: 8dbaeadc-1f02-40c1-844c-c4d75f01d888
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 185.213.155.134; 185.213.155.134; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 10 Oct 2023 20:02:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://secure.adnxs.com/setuid?entity=91&code=8141816467623654219
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame 8D97 42 B
472 B 354ms
14ms Image
image/gif 198.47.127.205
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8141816467623654219
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8141816467623654219&agencyId=8579&advertiserId=2160738&src=tp&rnd=665922
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

content-type: image/gif; charset=utf-8
date: Tue, 10 Oct 2023 20:02:25 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 plf
c1.adform.net/imatch/ Frame 8D97 0
384 B 141ms
37ms Image
text/plain 37.157.6.237
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/imatch/plf?name=plfm

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8141816467623654219&agencyId=8579&advertiserId=2160738&src=tp&rnd=665922

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.237 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/imatch/pixels?uid=8141816467623654219&agencyId=8579&advertiserId=2160738&src=tp&rnd=665922
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Tue, 10 Oct 2023 20:02:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET
H/1.1 200
OK cs
pdw-adf.userreport.com/ Frame 8D97 43 B
444 B 338ms
8ms Image
image/gif 65.9.66.113
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pdw-adf.userreport.com/cs
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8141816467623654219&agencyId=8579&advertiserId=2160738&src=tp&rnd=665922
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-113.fra56.r.cloudfront.net
Software: nginx/1.22.0 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

Date: Tue, 10 Oct 2023 05:35:52 GMT
Via: 1.1 6165dcc1fdf84ac65e8204c05709f1ca.cloudfront.net (CloudFront)
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx/1.22.0
X-Amz-Cf-Pop: FRA56-C1
Age: 51993
X-Cache: Hit from cloudfront
Content-Type: image/gif
Connection: keep-alive
Content-Length: 43
X-Amz-Cf-Id: TwM40nqh87dhSMvpqZnexlYSw7iCLBjRoZM9UdbdbkBYJ6wEv86NOg==

GET
H/1.1

200

p
a.audrte.com/ Frame 8D97
Redirect Chain

https://a.audrte.com/a?adform_uid=8141816467623654219
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=ZzdiSUphNEs3R21RbWVGY1NOcktaTzY3Zw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
https://a.audrte.com/p

68 B
424 B

132ms
128ms

Image
image/png

54.197.99.246
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.audrte.com/p
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8141816467623654219&agencyId=8579&advertiserId=2160738&src=tp&rnd=665922
Protocol: HTTP/1.1
Server: 54.197.99.246 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-197-99-246.compute-1.amazonaws.com
Software: nginx/1.22.1 /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

Date: Tue, 10 Oct 2023 20:02:25 GMT
Server: nginx/1.22.1
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 68

Redirect headers

Date: Tue, 10 Oct 2023 20:02:25 GMT
Server: nginx/1.22.1
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Access-Control-Allow-Origin: *
Location: https://a.audrte.com:443/p
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame 8D97
Redirect Chain

https://dpm.demdex.net/ibs:dpid=1586&dpuuid=8141816467623654219&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1586&dpuuid=8141816467623654219&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredire...
https://c1.adform.net/serving/cookie/match?party=1007&cid=89752186549842264183447022689673893717&noredirect=1

35 B
599 B

27ms
25ms

Image
image/gif

37.157.6.237
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=1007&cid=89752186549842264183447022689673893717&noredirect=1

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8141816467623654219&agencyId=8579&advertiserId=2160738&src=tp&rnd=665922

Protocol

Server

37.157.6.237 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

pragma: no-cache
date: Tue, 10 Oct 2023 20:02:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

DCS: dcs-prod-irl1-1-v052-00f8d6a2d.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: /BvYbKx4RsI=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://c1.adform.net/serving/cookie/match?party=1007&cid=89752186549842264183447022689673893717&noredirect=1
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame 8D97
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9212269628&_puid=8141816467623654219
https://dmp.adform.net/serving/cookie/match/?party=1014&cid=217113104665004817156

35 B
599 B

25ms
21ms

Image
image/gif

37.157.6.237
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1014&cid=217113104665004817156

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8141816467623654219&agencyId=8579&advertiserId=2160738&src=tp&rnd=665922

Protocol

Server

37.157.6.237 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

pragma: no-cache
date: Tue, 10 Oct 2023 20:02:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Tue, 10 Oct 2023 20:02:25 GMT
server: AAWebServer
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location: https://dmp.adform.net/serving/cookie/match/?party=1014&cid=217113104665004817156
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
expires: 0

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame 8D97
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1049%26cid%3D%25%25COOKIE%25%25
https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7288422685135141009

35 B
590 B

35ms
34ms

Image
image/gif

37.157.6.237
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7288422685135141009

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8141816467623654219&agencyId=8579&advertiserId=2160738&src=tp&rnd=665922

Protocol

Server

37.157.6.237 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

pragma: no-cache
date: Tue, 10 Oct 2023 20:02:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

Location: https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7288422685135141009
Date: Tue, 10 Oct 2023 20:02:25 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2 200 33302
tags.bluekai.com/site/ Frame 8D97 62 B
429 B 167ms
165ms Image
image/gif 69.192.160.219
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/33302?id=8141816467623654219
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8141816467623654219&agencyId=8579&advertiserId=2160738&src=tp&rnd=665922
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.192.160.219 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a69-192-160-219.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Tue, 10 Oct 2023 20:02:25 GMT
content-length: 62
content-type: image/gif

GET
H/1.1 200
OK img
pixel.mathtag.com/sync/ Frame 8D97 43 B
417 B 63ms
29ms Image
image/gif 184.30.24.207
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/sync/img?redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1066%26cid%3D%5BMM_UUID%5D
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8141816467623654219&agencyId=8579&advertiserId=2160738&src=tp&rnd=665922
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.24.207 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-24-207.deploy.static.akamaitechnologies.com
Software: MT3 1075 283b7e3 master zrh zrh-pixel-x8 config_version:"1524" /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

Date: Tue, 10 Oct 2023 20:02:25 GMT
Server: MT3 1075 283b7e3 master zrh zrh-pixel-x8 config_version:"1524"
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 43
Expires: Tue, 10 Oct 2023 20:02:24 GMT

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame 8D97
Redirect Chain

https://pm.w55c.net/ping_match.gif?st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_
https://pm.w55c.net/ping_match.gif?scc=1&st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_
https://c1.adform.net/serving/cookie/match?party=1084&cid=RKygbsGV1QQiVX5

35 B
599 B

28ms
26ms

Image
image/gif

37.157.6.237
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=1084&cid=RKygbsGV1QQiVX5

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8141816467623654219&agencyId=8579&advertiserId=2160738&src=tp&rnd=665922

Protocol

Server

37.157.6.237 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

pragma: no-cache
date: Tue, 10 Oct 2023 20:02:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

Pragma: no-cache
Date: Tue, 10 Oct 2023 20:02:24 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-790-g2a3fdc2#rel-ec2-master i-031606d58fcbc7991@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location: https://c1.adform.net/serving/cookie/match?party=1084&cid=RKygbsGV1QQiVX5
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 8D97 70 B
148 B 153ms
54ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=71ei9rr&ttd_tpi=1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8141816467623654219&agencyId=8579&advertiserId=2160738&src=tp&rnd=665922
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Tue, 10 Oct 2023 20:02:24 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET image.sbmx
global.ib-ibi.com/ Frame 8D97 0
0

GET
H2 200 0.gif
id5-sync.com/s/10/ Frame 8D97 43 B
921 B 76ms
9ms Image
image/gif 162.19.138.116
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/s/10/0.gif?puid=8141816467623654219

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8141816467623654219&agencyId=8579&advertiserId=2160738&src=tp&rnd=665922

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.116 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533567.ip-162-19-138.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

content-type: image/gif;charset=UTF-8
date: Tue, 10 Oct 2023 20:02:24 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="CAO PSA OUR"

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame 8D97
Redirect Chain

https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D
https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D&bounce=1&random=4190346907
https://dmp.adform.net/serving/cookie/match/?party=1145&cid=w.Ay3M.w/mI6PXP8rfGHM.

35 B
599 B

24ms
22ms

Image
image/gif

37.157.6.237
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1145&cid=w.Ay3M.w/mI6PXP8rfGHM.

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8141816467623654219&agencyId=8579&advertiserId=2160738&src=tp&rnd=665922

Protocol

Server

37.157.6.237 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

pragma: no-cache
date: Tue, 10 Oct 2023 20:02:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Tue, 10 Oct 2023 20:02:25 GMT
via: 1.1 google
last-modified: Tue, 10 Oct 2023 20:02:25 GMT
server: Weborama Collect Frontend
vary: Origin
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location: https://dmp.adform.net/serving/cookie/match/?party=1145&cid=w.Ay3M.w/mI6PXP8rfGHM.
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame 8D97 23 B
163 B 88ms
36ms Image
image/gif 23.192.153.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=119&uid=8141816467623654219
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8141816467623654219&agencyId=8579&advertiserId=2160738&src=tp&rnd=665922
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.192.153.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-192-153-28.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

expires: Tue, 10 Oct 2023 20:02:25 GMT
pragma: no-cache
date: Tue, 10 Oct 2023 20:02:25 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

GET pixel.gif
sync.1dmp.io/ Frame 8D97 0
0

GET
H2 204 /
s.ad.smaato.net/c/ Frame 8D97 0
236 B 92ms
35ms Image
text/plain 2600:9000:211e:7800:1b:5138:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/?dspInit=1001213&dspCookie=8141816467623654219
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8141816467623654219&agencyId=8579&advertiserId=2160738&src=tp&rnd=665922
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:7800:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Tue, 10 Oct 2023 20:02:25 GMT
cache-control: no-cache, must-revalidate
via: 1.1 8e83c42d247a31c5b365c08a0352d8f8.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: Trpn8MWsrYfulqoORmvrBP_EOio-Is8YBk_Wy9Y10i8e8HA0RdjouA==
x-cache: Miss from cloudfront

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame 8D97
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=2032&partner_device_id=8141816467623654219&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7BTA_DE...
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2032&partner_device_id=8141816467623654219&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7...
https://c1.adform.net/serving/cookie/match?party=2007&cid=8af682eb-b1c6-4ab8-85fc-9d69a3f6a80e

35 B
590 B

30ms
20ms

Image
image/gif

37.157.6.237
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=2007&cid=8af682eb-b1c6-4ab8-85fc-9d69a3f6a80e

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8141816467623654219&agencyId=8579&advertiserId=2160738&src=tp&rnd=665922

Protocol

Server

37.157.6.237 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

pragma: no-cache
date: Tue, 10 Oct 2023 20:02:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

date: Tue, 10 Oct 2023 20:02:25 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin: *
location: https://c1.adform.net/serving/cookie/match?party=2007&cid=8af682eb-b1c6-4ab8-85fc-9d69a3f6a80e
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 8141816467623654219
match.contentexchange.me/adform/ Frame 8D97 0
49 B 204ms
43ms Image
text/plain 46.19.11.36
SIEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.contentexchange.me/adform/8141816467623654219?redirect_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1219
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8141816467623654219&agencyId=8579&advertiserId=2160738&src=tp&rnd=665922
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.19.11.36 , Slovenia, ASN51790 (SIEL, SI),
Reverse DNS: ilog.vsn.si
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Tue, 10 Oct 2023 20:02:25 GMT
content-length: 0
server: nginx/1.16.1

GET
H2 200 xuid
eb2.3lift.com/ Frame 8D97 37 B
140 B 72ms
8ms Image
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=7354&xuid=8141816467623654219&dongle=AD20
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8141816467623654219&agencyId=8579&advertiserId=2160738&src=tp&rnd=665922
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Tue, 10 Oct 2023 20:02:25 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET 296800c6dbd7f8eb22cf034b9927d719.gif
sync.e-volution.ai/ Frame 8D97 0
0

GET
H2 204 put
e1.emxdgt.com/ Frame 8D97 0
44 B 95ms
4ms Image
text/plain 52.59.106.121
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e1.emxdgt.com/put?d=d52&uid=8141816467623654219
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8141816467623654219&agencyId=8579&advertiserId=2160738&src=tp&rnd=665922
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.59.106.121 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-59-106-121.eu-central-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Tue, 10 Oct 2023 20:02:25 GMT
server: awselb/2.0

GET
H3 204 adf
pixel.sojern.com/idsync/ Frame 8D97 0
11 B 112ms
29ms Image
text/plain 107.178.244.119
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sojern.com/idsync/adf?adfid=8141816467623654219
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8141816467623654219&agencyId=8579&advertiserId=2160738&src=tp&rnd=665922
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 107.178.244.119 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 119.244.178.107.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Tue, 10 Oct 2023 20:02:24 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON LAW"

GET
H2 200 plf
c1.adform.net/imatch/ Frame 8D97 0
384 B 131ms
38ms Image
text/plain 37.157.6.237
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/imatch/plf?name=plfl

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8141816467623654219&agencyId=8579&advertiserId=2160738&src=tp&rnd=665922

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.237 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/imatch/pixels?uid=8141816467623654219&agencyId=8579&advertiserId=2160738&src=tp&rnd=665922
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Tue, 10 Oct 2023 20:02:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: global.ib-ibi.com
URL: https://global.ib-ibi.com/image.sbmx?go=302927&pid=567&xid=8141816467623654219

Domain: sync.1dmp.io
URL: https://sync.1dmp.io/pixel.gif?cid=672a497c-d086-4380-a381-292df6008b87&brid=db693857-60a6-4685-a042-c2286c2ca02d&pid=w&uid=8141816467623654219

Domain: sync.e-volution.ai
URL: https://sync.e-volution.ai/296800c6dbd7f8eb22cf034b9927d719.gif?puid=8141816467623654219

Verdicts & Comments Add Verdict or Comment

161 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

68 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
esop.informz.net/	1970-01-20 15:32:52	Name: AWSALBTG Value: xbgGfqOQpDXXs26E8Ba7JJd967GPsljrKc+t62M6loNyEJclU4ApNqS22bGWzIiFShaveq8oGZVxLzsz7KUSXEpCbEVaqNctcu1J9wctLXAxnd7C3JdhleljMm6PzgrBolPO/Y3Pyip+iqUwRmC3uX0d3RyIbBVkCOmLMvVZPlmLgP4oobc=
.castlehillinn.com/	1970-01-21 00:58:48	Name: _ga_GYGMMJHZ3W Value: GS1.1.1696968142.1.0.1696968142.0.0.0
.castlehillinn.com/	1970-01-21 00:58:48	Name: _ga Value: GA1.1.623436732.1696968143
www.castlehillinn.com/	1970-01-21 00:08:24	Name: cookielawinfo-checkbox-necessary Value: yes
www.castlehillinn.com/	1970-01-21 00:08:24	Name: cookielawinfo-checkbox-functional Value: no
www.castlehillinn.com/	1970-01-21 00:08:24	Name: cookielawinfo-checkbox-performance Value: no
www.castlehillinn.com/	1970-01-21 00:08:24	Name: cookielawinfo-checkbox-analytics Value: no
www.castlehillinn.com/	1970-01-21 00:08:24	Name: cookielawinfo-checkbox-advertisement Value: no
www.castlehillinn.com/	1970-01-21 00:08:24	Name: cookielawinfo-checkbox-others Value: no
.bing.com/	1970-01-21 00:44:24	Name: MUID Value: 2C66843BE75D612F02D2979DE68F60BB
.doubleclick.net/	1970-01-21 00:44:24	Name: IDE Value: AHWqTUmEtq6g3rKiYYiKe0BrEDyGB-3UsIfH5cRbdUzdTXpCrfAMgZR_6exeoTJEtWw
.sojern.com/	1970-01-21 00:08:24	Name: gid Value: CAESEAKnP2wBg-xdYhkIivZI6Lg
.sojern.com/	1970-01-21 00:08:24	Name: cid Value: 4644492b-9a5d-6f5a-745a-63125ecd83f1#1696896000000
.adnxs.com/	1970-01-20 17:32:24	Name: uuid2 Value: 5186621193740675632
.sojern.com/	1970-01-20 17:32:24	Name: apnid Value: 5186621193740675632
.adform.net/	1970-01-20 16:07:30	Name: C Value: 1
.adform.net/	1970-01-20 16:49:12	Name: uid Value: 8141816467623654219
.sojern.com/	1970-01-21 00:08:24	Name: adfid Value: 8141816467623654219
.adform.net/	1970-01-20 15:24:14	Name: CM Value: 1\|1
.adform.net/	1970-01-20 15:42:57	Name: CM14 Value: 1697054561_1696968161_1_Hu7u4e4e4R7u7u4REREeERERERHhERE
.adnxs.com/	1970-01-20 17:32:24	Name: anj Value: dTM7k!M4/YD>6NRF']wIg2C$UvvAa-!]taP8i_imf$9G=A^A.o9THku9WkF6J$/'R4O.w69ZHy@a$9CATD._*PlZ[C[-kX-:[tDI
.seadform.net/	1970-01-20 16:49:15	Name: uid Value: 8141816467623654219
.semasio.net/	1970-01-21 00:08:24	Name: SEUNCY Value: 50AE0078FC5262CE
.adscale.de/	1970-01-21 00:05:04	Name: uu Value: cd727c2947e24faaad3f348156e12f16
.adscale.de/	1970-01-21 00:05:04	Name: cct Value: 1696968144602
.casalemedia.com/	1970-01-21 00:08:24	Name: CMID Value: ZSWt0HA3EcK1W2P8E2wwpQAA
.casalemedia.com/	1970-01-20 17:32:24	Name: CMPS Value: 3229
.casalemedia.com/	1970-01-20 17:32:24	Name: CMPRO Value: 3229
.ih.adscale.de/	1970-01-21 00:05:04	Name: tu Value: 4#2800370584#42~8141816467623654219~471380~0~0
.exelator.com/	1970-01-20 18:15:36	Name: EE Value: "45eadf99534f8de55eb6952848e5ec24"
.onaudience.com/	1970-01-21 00:08:24	Name: cookie Value: 265c79ed9f2602ff
.onaudience.com/	1970-01-20 15:24:14	Name: done_redirects147 Value: 1
.eyeota.net/	1970-01-20 15:22:48	Name: SERVERID Value: 22431~DM
.exelator.com/	1970-01-20 18:15:36	Name: ud Value: "eJxrXxzq6XKLQcHENDUxJc3S0tTYJM0iJdXUNDXJzNLUyMLEItU0NdnIZHFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq0yNJoSX5RZvoiF9fFRSlpDItKik8FH%252B2dDgCMJSpx"
.adfarm1.adition.com/	1970-01-20 17:32:24	Name: UserID1 Value: 7288422685135141009
.agkn.com/	1970-01-21 00:08:24	Name: ab Value: 0001%3ACLdARYWkY5EVrrX3gzguhD4QzQrFiEPL
cm.adsafety.net/	1970-01-21 00:08:24	Name: UID Value: CM120231010201e9a0eb05b2692b1c0a
.adsafety.net/	1970-01-21 00:08:24	Name: cm_uid Value: CM120231010201e9a0eb05b2692b1c0a
.pubmatic.com/	1970-01-20 16:06:00	Name: KRTBCOOKIE_391 Value: 22924-8141816467623654219&KRTB&23263-8141816467623654219&KRTB&23481-8141816467623654219
.pubmatic.com/	1970-01-20 16:06:00	Name: PugT Value: 1696968145
.krxd.net/	1970-01-20 19:42:00	Name: _kuid_ Value: P2ON3yH0
tags.adsafety.net/	1970-01-21 00:08:24	Name: UID Value: d6be7ed11f94aa9a39dc9f010620d7b1
tags.adsafety.net/	1970-01-21 00:08:24	Name: DID Value: d6be7ed11f94aa9a39dc9f010620d7b1
tags.adsafety.net/	1970-01-21 00:08:24	Name: IDT Value: 100
tags.adsafety.net/	1970-01-21 00:08:24	Name: cookie_ver Value: 2
tags.adsafety.net/	1970-01-20 16:06:00	Name: block_reset Value: 1
.adsafety.net/	1970-01-21 00:08:24	Name: ct_uid Value: d6be7ed11f94aa9a39dc9f010620d7b1
.adsafety.net/	1970-01-21 00:08:24	Name: ct_did Value: d6be7ed11f94aa9a39dc9f010620d7b1
.adsafety.net/	1970-01-21 00:08:24	Name: ct_idt Value: 100
.demdex.net/	1970-01-20 19:42:00	Name: demdex Value: 89752186549842264183447022689673893717
cm.adsafety.net/	1970-01-21 00:08:24	Name: permanent Value: 1
.w55c.net/	1970-01-21 00:54:28	Name: wfivefivec Value: RKygbsGV1QQiVX5
.dpm.demdex.net/	1970-01-20 19:42:00	Name: dpm Value: 89752186549842264183447022689673893717
.w55c.net/	1970-01-20 16:06:00	Name: matchadform Value: 5
.weborama.fr/	1970-01-21 00:48:43	Name: AFFICHE_W Value: vAhBCZYwQxG846
.bluekai.com/	1970-01-20 19:46:19	Name: bku Value: aG/99Bs+JVVOVA6n
.bluekai.com/	1970-01-20 19:46:19	Name: bkpa Value: KJy9/Qe5d02pSUHknp1p1p90wtkAwEQhBeWT1ER6BMzt1M1tBEx01EAe9JtPYey=
.audrte.com/	1970-01-20 15:44:24	Name: arcki2 Value: g7bIJa4K7GmQmeFcSNrKZO67g!20220908!1696968145360!ip#185.213.155.134
.audrte.com/	1970-01-20 15:44:24	Name: arcki2_adform Value: 8141816467623654219!20220908!1696968145363
.tapad.com/	1970-01-20 16:49:12	Name: TapAd_TS Value: 1696968145455
.tapad.com/	1970-01-20 16:49:12	Name: TapAd_DID Value: 8af682eb-b1c6-4ab8-85fc-9d69a3f6a80e
ads.smartstream.tv/	1970-01-21 00:08:24	Name: DID Value: d6be7ed11f94aa9a39dc9f010620d7b1
ads.smartstream.tv/	1970-01-21 00:08:24	Name: idt Value: 100
ads.smartstream.tv/	1970-01-21 00:08:24	Name: permanent Value: 1
ads.smartstream.tv/	1970-01-20 16:06:00	Name: cm_uid Value: CM120231010201e9a0eb05b2692b1c0a
.tapad.com/	1970-01-20 16:49:12	Name: TapAd_3WAY_SYNCS Value:
.audrte.com/	1970-01-20 15:44:24	Name: arcki2_ddp2 Value: g7bIJa4K7GmQmeFcSNrKZO67g!20220908!1696968145557
cm.adsafety.net/	1970-01-21 00:08:24	Name: cache0 Value: KzFHSk9wMUZsMkpMMjlsMzBXenlaNlRGbEdLRG9UYnZ5RWt2QnBTZytpRUg3ejZGcW1iR0srVzZWOXQ3eUdxVWEybWFpTGN4YnNjQjd4WmJ2SHI2T09CODFScFFsc1Y5VldORDVRRGVtLzhRQTgreTNzMXBjNTlxb2xhdmZWeHRFN0hYRlZ6WDEzb0x0alV6R0xINmVIWjk2NlVsL1c5ZWhHMjFOVkR0WkVidFBIaHR5cGQ2TzFNT0lFOXkzUUc5YUk4TUdMd3laOTdadTlUVjVzKzFURTBycTE0RFptVEdReEhpNEVkZGFLOTlHYnZ1cnd4ZDBUZFNIMG9UNUtnZis5WWQ5T2pHUlZJS0xTTnJZeVFSVWY2bGdTdG5qNjA0VVhIenkyS1c5NEYxTmlmNUE3MjBQWlNoT0JiTGM3KzIwa2tLbkkrZ01wMG1MYURKa2luTXNhSXRsMHVkVExva3FkcDRVamoxZ1pUQzBQd0NpV3B3NGJoN1dQOEM5TVpTRnRiVjZRTHZGTTVQY3E3TnVoNFJDcUNaaUx1VC9BZlppdEF1MWp1RENXTmJXeVdYbE12SllER1FOcEZXRFdGa0l2R2V0UHJBQ0dqYkVXTEt4N2VaZWpsK1ZGc1l2U2tnZzFlcm9LNW9aM1FzWS9xZThxdGI5aFkyc2ZqUzcwd0ZRdmlqc2kzeGxHdVQrdlBnSjVhZ2l4RDRZYjYzRDBUN0d5bGlETkpnY3NvV3NkZjJMQ1Vkd1BVaXdnbmtRRTRaL2gvcSt1RkdML2dCWGo4ZlQzT1hDVmJ4Tjh6cjE2UGFHR0luanAzNC9IcW1lRm0wKytrTXZzVjQ0SUJTQ2l5MklHcktHbWZwRGprOXBXYm5qRFZXSEUrM1gwUGJNM2QwUkdTSWVxaGFPTENXR3pIaFlQc0tJaTQwSkF6MURJajZKb0JqSDRCV1dkWjhXQXVSOWh2UWQ2THVIQnBmQUZxc3BHTVdhZytNMXBvbXcyMjVFRTFCV0Fxc29tZG5kZVQ3a3FpU2syczR0cXI5Zytsb2VIZVFPQ3ZYRHVVWk15bkVsdDBBS2FVL3hjdUdQblV3Szc0M1oxWFVkdGNvZkZoWUtXVVBDYXM2WWlnSk5LZXl4bWZkM3c9PQ%3D%3D

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://idsync.rlcdn.com/398366.gif?partner_uid=8141816467623654219 Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=8141816467623654219/gdpr=/gdpr_consent= Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://global.ib-ibi.com/image.sbmx?go=302927&pid=567&xid=8141816467623654219 Message: Failed to load resource: net::ERR_CONNECTION_RESET

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.audrte.com
a1.seadform.net
a2.adform.net
aa.agkn.com
ad.360yield.com
ad.doubleclick.net
ad.yieldlab.net
ads.smartstream.tv
ads.stickyadstv.com
adservice.google.com
api.adrtx.net
api.mapbox.com
bat.bing.com
beacon.krxd.net
beacon.sojern.com
c1.adform.net
cm.adsafety.net
cm.g.doubleclick.net
connect.facebook.net
dmp.adform.net
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
e1.emxdgt.com
eb2.3lift.com
esop.informz.net
eu-u.openx.net
fcmatch.google.com
fcmatch.youtube.com
fonts.googleapis.com
global.ib-ibi.com
googleads.g.doubleclick.net
ib.adnxs.com
id5-sync.com
idsync.rlcdn.com
ih.adscale.de
load77.exelator.com
loadm.exelator.com
match.adsrvr.org
match.contentexchange.me
pdw-adf.userreport.com
pixel.mathtag.com
pixel.onaudience.com
pixel.sojern.com
pixel.tapad.com
pm.w55c.net
ps.eyeota.net
redirect.frontend.weborama.fr
region1.google-analytics.com
rtb-csync.smartadserver.com
s.ad.smaato.net
s2.adform.net
s3-eu-west-1.amazonaws.com
se.semasio.net
secure.adnxs.com
simage2.pubmatic.com
static.sojern.com
sync.1dmp.io
sync.crwdcntrl.net
sync.e-volution.ai
sync.teads.tv
tags.adsafety.net
tags.bluekai.com
token.rubiconproject.com
uipglob.semasio.net
ups.analytics.yahoo.com
www.castlehillinn.com
www.facebook.com
www.google.com
www.google.de
www.googletagmanager.com
x.bidswitch.net
global.ib-ibi.com
sync.1dmp.io
sync.e-volution.ai
104.18.26.193
107.178.244.119
13.248.245.213
139.162.147.24
141.94.171.215
142.250.186.134
15.197.193.217
162.19.138.116
184.30.24.207
185.167.164.49
185.86.139.101
185.89.210.153
185.89.211.116
198.47.127.205
2.21.20.208
2001:4860:4802:34::36
216.58.206.34
23.192.153.28
23.35.237.75
2600:9000:211e:7800:1b:5138:8a40:93a1
2620:1ec:c11::200
2a00:1450:4001:808::2004
2a00:1450:4001:812::2003
2a00:1450:4001:827::2002
2a00:1450:4001:828::2002
2a00:1450:4001:828::200a
2a00:1450:4001:82a::2008
2a00:1450:4001:830::200e
2a02:6ea0:c700::18
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
3.127.178.105
3.69.90.224
3.71.149.231
3.73.105.217
3.73.31.226
34.111.113.62
34.139.154.50
34.241.182.209
34.249.44.166
34.252.4.178
34.254.143.3
34.98.64.218
35.158.89.69
35.190.24.218
35.244.174.68
35.244.188.9
37.157.5.72
37.157.6.232
37.157.6.237
46.19.11.36
52.218.0.75
52.31.175.73
52.31.202.102
52.54.58.29
52.59.106.121
54.197.99.246
65.9.66.113
69.173.144.138
69.192.160.219
77.243.51.121
85.114.159.118
89.163.142.91
91.210.226.74
99.86.4.95
006846141b179dc244a381d2694d3c57da71b7aa99257170443f9ffd26a18566
011c53984f8930f0f5ac591f007c6b547f20e9c1db19f39289e4485cef300307
032dc89de9e654706c6239447c5fe7e0346209c8319411521ac476b58c7f4f88
05632bd17ae6013db11864ba86f363756e305cd5a56ee788fe20774ed6c750f9
05c78d6a2624f38e659dfad31d402bbda31897361e2ea1a4ef04bd1e78d41b85
05ef764a445a127daa8f63973596f1fecd08320f37a6b74297214ea18310075a
078d5a4976bacf59c26fe7dac10f9b6564e316116b85763f4efaaca1833b99be
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b242f22c51ecc9aa7dcf05045682faeac07301f788caa18d8a3126d750943cb
0b7332c65a9970feb6965b4ef0bee946faa8de55fa6a9f1c3f66f61a058fadf4
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
13031d4ec04980984b56e9152739c608e15fcda23007e524117198f054385eb6
143d4f545e0ebcd71e9e2fce671b41ff889c56b4848db274d7638fe75d9b1a23
166c7c3bb5f76f977a9f2a5490589b3466374eb2b3f064802e56f08bad71fbf0
18f3409182cb278eef9bf26ba606daa10f3e317145921c45100d8dead7e37fb2
1a4fe9a6778d61b65682a623a908e100d5e29a1d5aa9ec4b36f659c02902db13
1c412ca833e4d6309540eddbc3645f90689b23fd5f2902891509cf6df012ef70
1eb7ffe44599c86e59ba3e6b5fdf21a7e56a8acf7a707825475dd23bd767a9bd
21abfcc3a9cada6b310f6618387f735dbdc05011ea5000a56a9fc5a2821c59ef
28cc581836ef5f20ff2c970b495bd1646079becfa554dd435ed378f9621cdbbe
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e2f2336b5e6698b628afc75fa9a24c67b73d5872c1d4af99ca436064f636ee0
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3107e5779ba7aef5eb3d38abf73567905761c49a6da871adb8798425745d49db
325fab5a06017764ab5ff18c3e5d6c1625d3524cb2a077e58b902fb8f26d1c9a
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3701cbff3acccd80b1f2eede4311050514f7a64c2039eb77a77368fcd6e3de28
39055370eb45972d3e2284b7220b9aa0764ca93eb6507491fc783ba170128aa9
3c4eafb177c4ca195e7f369f8d96e8c03655f4af37040ee47135dd5a22d67c20
45581c9db20c31b3f861f0218046692526264bd45ae5880b547991eba4b09fc2
45bb2d08f8adb590e93d1c2690d2182f2ee074332cc52a4d749d108151d234a1
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c0ced2cb3830d045cdd74f745fd4d6dcb082d8edd3a9fe46e39295e30cb8032
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f4d66cb0816184c28215d12aa8a822297a4fa6495fc7de55a3558dc2d80ca09
521048c492f2f11e51d0fff32573794ed369b1f2f41fabe88d066cb66709c693
52ceaa53f396979d10d48a2f785e8c867c77be5bad7aee85a84d2d170cc60cc0
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
573df05aa08d415383b527f34ba575f6d58ba0fef033b6da852ce2327f04b0a0
598c97e2a994f84119ab48de0c2b54e766b6b3c7fcc05243df872a326b66c360
5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164
5d97e438677a16e845f3c8791a0126448a576e6fa1064168ef8c980cf639adbc
5db883d9a24b1416267aab621d4193ef65923298516969e992d6ae2d5af0b05d
62209e75c7fc3bf0fd8f4d208b11686e8233bc0e9b6adb8464c246531f0dd678
629526bf6609c6375405d4ad67ab7498400de4b15c9b6214badd3d1a9fe127fb
644fa5affc723ff7b9445c2aa3e6b12966610bd278fbdef1b7a261cb334daec8
655ae452d922f501b62c7028fc35e238138de989387381cc1ed9cea9085864db
69552869561fab91a85bb93b6027dbc2544bfd9c96d43c2bf176d2865bd4eaf2
6974bfd8fa06b7831f05cb4b25860c851a5ad3f02a6699ebe688987dd7a6ebe6
698e93fe491cc7bbf07a470579a33dbd0db53c19142b7be41ebfd39a23aef11f
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6c52384c7b0641dd1ead85d079c22d39bcc6dc5f2537afb1e6396bb619771a3f
6ea7be8c9deb9345146b154cc29c27978d242ec16e8d8555238eb392611243ec
6ec9c9a05465294dc5a136f5cd3334d1029a876578c4091448fcb99239453334
6fae17660eb633c8cce7f5a3dea0e9a534d0bd598343aa42282c8d7b8a9b0db8
702caee767f39523ce6914a9e7633f0fa96b4c8504218d90a0c59351fb20fd51
769e223e862e4191c6fc6ef5e7ee3209f45d7b4077b73162884426c9413a7c1b
7734306b24719e59158e81abe7849cd4323df1fcee4364b190808b8e761a3255
7868467c94a5aa0b3f11ef542f45287967f9627b3b5acdc86e47f8f77a126596
789282d2d887755595909320bbed0129d7b331fb70c2f52a289256089b83bc7e
7d1dc22caeb1f0babad36190c76a1409d829e201fb49d7d8d506a20d46300f9f
7e55759b1e07856307851210010f003a5ee9fb5e9aa2a3a1de40b776cbf87299
7fdd5e85d0b58a0407182f32f35256c797d1ab27c5016674e17f55678f7222d9
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
88a7f2522dd8c93c1f5007fcbcd059cff32a895cdab67e4d0398e94e950fbb65
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a57270de4d6273497e47517c59912c32166c625a8e00edd8ce1c900b9f31829
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f8c865e835d0f5f5d4b9d14e7a145f90a6a9747c1a87866a30aeecf6cef7115
971268bb67f63ed7e7cf72db16220cd1ac89a0870e8b82b82704af4cd9067176
998a575c7b376128a98e6d67e29c42e1726aac3489cf2c0b2aaebf6f6ad0b546
99c28ba77690124b83aea8cdbbb17ab1145ba247c791aeb4bad747b4248ac459
9c89c1b92202fe2eaa3bd99eb45a07367cc0279e60b587f01f9a71b9ea44fadf
9de999e7d4aa267a5acee4a0aed70ae6df10838613e9627a97a63cf47feb173e
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a61440f07ec3a6fa09982d4b858295d4ef067e1d2803f7b9997928c0dc431532
a6647f89d9b589a5c047c2229d29e88371b5969a53f3b0874c77539ce4b441be
a894dbb6e181fc9a70bf4453dc3571e0b5a0b068356310b3139abd081cb80d24
aa8d6712af37bc641d3fec48f39c5cdb1ce205ada5465fdfbfce204ca36032b7
ac3f7e0caf10b3f7ed17b38af479e5c5ce68ac39fb37ddc80abef744151fac77
ae576713bc196098f7438dede6ff1f835a23291c32b745ad7e6fb6db809a719b
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b314c1b4b19d1aee79e519c083d1da9e99e9bfd1efc3e8e1618a60324bf32e8b
b348e15070e06d4e82be0df6562970f9f842cce62959670aefbbe703e4377589
b4448ae30a621b4934bb6a900dd123466e8294aa8fef6026b05124b763848456
b7bdea1163064fb435a4899d51ddb18f966b96581cdfa62d404f1a4f1ea9afd5
b906cb78cf22843df9040298e76dc2f5877563465b9139d15510f3a49a7b5063
ba963527ad7c012b3f054891c3850c61621c37a1cb460131c40eb2ef6a72003f
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
be47861ed32396c7e691c1a5d32cbd9ab2b1ca345c2910f0e67d2f4361f58ad5
bef93e2e8d7aa13c05a55bac632650b0c3ba58397a9da64c02fa138fe7439343
c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4
c487387d7e441b4cb0b138137ed47e4d97c0c971cfb4f2d8946184003f08cd22
c4ec171d8f202fb90c55007f2dc8ab43a7d089d5e7b717eb03b41fdb3907b261
c6fecb2fa8355a8f9390c210a8c3920168cbfcb02179fa120a77d97b3a99dd5b
c738402f238c89e3fab42a4635218102b1ce516f327791d6b801fd0a4e750893
c81828b53edfa30a2fc894fa592dde395f3f49e6e08f62f1d006424acbaedb5c
c9a4132c3234db26aef3813e452af8a2763863e7671464238fdc14822c134991
ca37a328f12a6bfdd850284a16a25f3f5a6c81475be9a902dcbef3661bdf2e6a
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cc039b37e34853a9bef9d693ebc4366b38d9cec1aa91e0109196cd62f870ae52
ccbe79b50120255e07e0cbc9b2b1bcec6946df1acc32ba06cb4d10a226a5cc5d
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d35faa1c0b45cc142295ae07a0c6e6e7824e0e64b58b81a83e7850251586e0df
d3845cb0b0f1579b7d58b43383bdcb28b98f94b0f9a3fe85dd486c8c996f8a37
d62a7b7ec5313469ebff5c006b9068dc44d6d1c122cf787ffa29a10113b34060
d663561a6bc73e6233e9e4ef3233ef9cc167cb1802535d90bce77a73e5663459
d6c6eae2059c0d8677d501c6ed9906a63f737f360bb7302c5544d5b6d886d6c6
d71d12f5c4fb4751dd4aa62557ed9c052881f0d8df2b17f4aa68cc8d80d6c6a0
d7c7a0a99ddd2fc6b78a6a217ae99513118d698bac2443185c524bc97922a996
d88da38b45bed443afe90bcca1bed96af3cd7503488169c5730649327881ca8a
dac6ac6d105bd1e1eb828c1dc507d6e55dbdaeecabca3eb24288bc574103e171
dbd44c6a9f57af7b913411a379c196130f668374d126abd5327a145502ea6491
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
ded6dff29c705adb48c831fe4a652814472affd0e7164d66832b00f594573b7f
df326bfbc92be49f9016c1fb2b6dd8e37e9d57108bec62a73afdfc7a305cfb2a
e17da9ba9823c80b913aa3b3aeb0ef3a99008fa329d72f916068050af6207797
e1a52c0a06fa9f65e015b02e7ec463fd621211a9d2ae44b6660597900e927fbb
e2b5ad453b29f7d2246de82d4f7d1c2c3962795b18eef02bd5a2040674935151
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e46851a06e1ddb8b26abd7a002c4527b058221a70e85ab643a6d607ad18089f2
e4a6e3239c7e3ac91420bdf1f302aa33f006fe455c9ff420df6af67bbc5f97a5
e6e40fa26713134203caed2e8d9362a8c75f5c337f02e25e00723a258eef66ea
e887364143c0f8c83b3080f5266d1c5295089a3e96c26f826ef2520104f2f20f
ebbabef14e5c8b0f314c8e9dd8c050f3dcce2df15306c81db26b9ea3c3959d6a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f350c708b5e7748a452b4b98600fa49127166d995686e260ccafb58d51a4ea62
f623564c53c2e08780c064012cfbdbde0a80ee56816f4d5d3d52c46ed285cb95
f9ab646cbab04d27ca2f30b47942b270990ad844224616ec7bd85a18f7a1d93e
fa1491e711bb08075514fb712f15e8ff9b410a6c79dff0120ca09cebcab40697
fbe2b61b739a84d88d6043124934b0ab248cfde39722eb9660092192c58bb2b3
fbe820b6140ad28e86f34ffae507d807cf591a22697a05b71958f2014e96a9e4

www.castlehillinn.com Open in urlscan Pro 34.139.154.50 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

182 Requests

85 %HTTPS

20 %IPv6

59 Domains

72 Subdomains

50 IPs

7 Countries

3342 kBTransfer

18463 kBSize

68 Cookies

13 Outgoing links

Page URL History

Redirected requests

182 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.castlehillinn.com Open in urlscan Pro
34.139.154.50 Public Scan

Screenshot
Live screenshot

Full Image

182
Requests

85 %
HTTPS

20 %
IPv6

59
Domains

72
Subdomains

50
IPs

7
Countries

3342 kB
Transfer

18463 kB
Size

68
Cookies

182 HTTP transactions
2 data transactions