urlscan.io logo urlscan.io
SecurityTrails logo

gnj7.vacation.escapevacations.ca Open in urlscan Pro
52.33.8.180  Public Scan

Go To Rescan Add Verdict Report
URL: https://gnj7.vacation.escapevacations.ca/
Submission: On January 07 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 19 IPs in 2 countries across 12 domains to perform 97 HTTP transactions. The main IP is 52.33.8.180, located in Boardman, United States and belongs to AMAZON-02, US. The main domain is gnj7.vacation.escapevacations.ca.
TLS certificate: Issued by R3 on January 6th 2024. Valid for: 3 months.
This is the only time gnj7.vacation.escapevacations.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

25    52.33.8.180 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-33-8-180.us-west-2.compute.amazonaws.com
gnj7.vacation.escapevacations.ca
3    2600:9000:210b:5200:16:4349:fe00:93a1 (United States)

ASN16509 (AMAZON-02, US)
skins.webtreepro.com
6    2607:f8b0:4006:81e::200e (United States)

ASN15169 (GOOGLE, US)
maps.google.com
11    3.5.84.105 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2-r-w.amazonaws.com
wtp-prd.s3.us-west-2.amazonaws.com
3    146.75.28.193 (Ashburn, United States)

ASN54113 (FASTLY, US)
i.imgur.com
5    2606:4700::6812:a92 (United States)

ASN13335 (CLOUDFLARENET, US)
www.travelleaders.com
1    2607:f8b0:4006:824::200a (United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2607:f8b0:4006:80f::200a (United States)

ASN15169 (GOOGLE, US)
maps.googleapis.com
2    162.159.138.60 (None, )

ASN13335 (CLOUDFLARENET, US)
player.vimeo.com
vimeo.com
2    2606:4700:10::6816:179d (United States)

ASN13335 (CLOUDFLARENET, US)
viewer.joomag.com
3    2607:f8b0:4006:80e::2003 (United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
4    146.75.38.109 (Reston, United States)

ASN54113 (FASTLY, US)
f.vimeocdn.com
22    2600:141b:1c00:31::1739:5a4f (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
use.typekit.net
2    2606:4700:10::ac43:1df5 (United States)

ASN13335 (CLOUDFLARENET, US)
app.joomag.com
8    2606:4700:10::6816:169d (United States)

ASN13335 (CLOUDFLARENET, US)
static.joomag.com
4    151.101.128.217 (United States)

ASN54113 (FASTLY, US)
i.vimeocdn.com
3    2607:f8b0:4006:80c::2003 (United States)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    34.120.202.204 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 204.202.120.34.bc.googleusercontent.com
fresnel.vimeocdn.com
2    2600:141b:1c00:31::1739:5a4c (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
p.typekit.net
Apex Domain
Subdomains		 Transfer
25 escapevacations.ca
gnj7.vacation.escapevacations.ca
435 KB
24 typekit.net
use.typekit.net — Cisco Umbrella Rank: 1107
p.typekit.net — Cisco Umbrella Rank: 1464
1 MB
12 joomag.com
viewer.joomag.com
app.joomag.com
static.joomag.com
923 KB
11 amazonaws.com
wtp-prd.s3.us-west-2.amazonaws.com
4 MB
9 vimeocdn.com
f.vimeocdn.com — Cisco Umbrella Rank: 6162
i.vimeocdn.com — Cisco Umbrella Rank: 5761
fresnel.vimeocdn.com — Cisco Umbrella Rank: 5966
591 KB
6 gstatic.com
fonts.gstatic.com
www.gstatic.com
98 KB
6 google.com
maps.google.com — Cisco Umbrella Rank: 3821
218 KB
5 travelleaders.com
www.travelleaders.com
74 KB
3 imgur.com
i.imgur.com — Cisco Umbrella Rank: 6429
10 KB
3 webtreepro.com
skins.webtreepro.com
470 KB
2 vimeo.com
player.vimeo.com — Cisco Umbrella Rank: 3217
vimeo.com — Cisco Umbrella Rank: 3004
11 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 115
maps.googleapis.com — Cisco Umbrella Rank: 659
1 KB
97 12
Domain Requested by
25 gnj7.vacation.escapevacations.ca 11 redirects gnj7.vacation.escapevacations.ca
22 use.typekit.net viewer.joomag.com
11 wtp-prd.s3.us-west-2.amazonaws.com gnj7.vacation.escapevacations.ca
8 static.joomag.com viewer.joomag.com
static.joomag.com
6 maps.google.com gnj7.vacation.escapevacations.ca
maps.google.com
5 www.travelleaders.com gnj7.vacation.escapevacations.ca
4 i.vimeocdn.com player.vimeo.com
gnj7.vacation.escapevacations.ca
f.vimeocdn.com
4 f.vimeocdn.com player.vimeo.com
3 www.gstatic.com f.vimeocdn.com
www.gstatic.com
3 fonts.gstatic.com fonts.googleapis.com
3 i.imgur.com gnj7.vacation.escapevacations.ca
3 skins.webtreepro.com gnj7.vacation.escapevacations.ca
2 p.typekit.net gnj7.vacation.escapevacations.ca
2 app.joomag.com viewer.joomag.com
2 viewer.joomag.com gnj7.vacation.escapevacations.ca
1 vimeo.com f.vimeocdn.com
1 fresnel.vimeocdn.com f.vimeocdn.com
1 player.vimeo.com gnj7.vacation.escapevacations.ca
1 maps.googleapis.com maps.google.com
1 fonts.googleapis.com skins.webtreepro.com
97 20

This site contains links to these domains. Also see Links.

Domain
www.travelleadersgroup.com
vimeo.com
internova.com
Subject Issuer Validity Valid
gnj7.vacation.escapevacations.ca
R3		 2024-01-06 -
2024-04-05		 3 months crt.sh
skins.webtreepro.com
Amazon RSA 2048 M01		 2023-03-24 -
2024-04-21		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.imgur.com
Sectigo RSA Domain Validation Secure Server CA		 2023-03-13 -
2024-03-12		 a year crt.sh
travelleaders.com
Cloudflare Inc ECC CA-3		 2023-07-04 -
2024-07-03		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-03-01 -
2024-02-29		 a year crt.sh
viewer.joomag.com
E1		 2023-12-04 -
2024-03-03		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.vimeocdn.com
GlobalSign Atlas R3 DV TLS CA 2023 Q4		 2023-11-22 -
2024-12-23		 a year crt.sh
use.typekit.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-21 -
2024-10-21		 a year crt.sh
app.joomag.com
E1		 2023-12-04 -
2024-03-03		 3 months crt.sh
static.joomag.com
E1		 2023-12-15 -
2024-03-14		 3 months crt.sh
*.vimeo.com
GlobalSign Atlas R3 DV TLS CA 2023 Q4		 2023-10-19 -
2024-11-19		 a year crt.sh
fresnel.vimeocdn.com
GTS CA 1D4		 2023-12-30 -
2024-03-29		 3 months crt.sh
vimeo.com
Cloudflare Inc ECC CA-3		 2023-08-23 -
2024-08-21		 a year crt.sh

This page contains 4 frames:

Primary Page: https://gnj7.vacation.escapevacations.ca/
Frame ID: D3E0A27295D57499CAFBB5CC7386D65E
Requests: 47 HTTP requests in this frame

Frame: https://player.vimeo.com/video/514313489?title=0&byline=0&portrait=0
Frame ID: FCE8DBB7AC168AFCC73F141FDD21A245
Requests: 14 HTTP requests in this frame

Frame: https://viewer.joomag.com/nexion-escape-celebration-travel-summer-2022/0480985001655829779?short&
Frame ID: EFE3EABD55C70DD7D43D445CE2670C28
Requests: 18 HTTP requests in this frame

Frame: https://viewer.joomag.com/escape-insider-june-2022/0094796001655319326?short&
Frame ID: FCBB6C33B24E7A1594F0310F36E314A9
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Home

Detected technologies

Overall confidence: 100%
Detected patterns
  • //maps\.google(?:apis)?\.com/maps/api/js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • swfobject.*\.js

Page Statistics

97
Requests

89 %
HTTPS

63 %
IPv6

12
Domains

20
Subdomains

19
IPs

2
Countries

7635 kB
Transfer

10534 kB
Size

8
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13
  • https://gnj7.vacation.escapevacations.ca/Common/Showimage.ashx/576243 HTTP 302
  • https://wtp-prd.s3.us-west-2.amazonaws.com/sites/9041/files/1e066e9ad77c41a3b6fd3ce2f4e4d524.jpg?X-Amz-Expires=86400&response-cache-control=max-age%3D86400&response-content-disposition=inline%3B%20filename%3D%22NexionCA_300x160.jpg%22&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAZWPS3ZQLCKPNIRCY/20240107/us-west-2/s3/aws4_request&X-Amz-Date=20240107T065856Z&X-Amz-SignedHeaders=host&X-Amz-Signature=661aebb5de9f4783d26d962357b0a383c09e150e4e2fd24c16a29298f78f4d70
Request Chain 17
  • https://gnj7.vacation.escapevacations.ca/common/showimage.ashx/594594/1100x221.jpg HTTP 302
  • https://wtp-prd.s3.us-west-2.amazonaws.com/sites/9041/files/aa83ddc82367401a89dd0ab2bef47960.jpg?X-Amz-Expires=86400&response-cache-control=max-age%3D86400&response-content-disposition=inline%3B%20filename%3D%22CARNIVAL_TPOM.jpg%22&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAZWPS3ZQLCKPNIRCY/20240106/us-west-2/s3/aws4_request&X-Amz-Date=20240106T182002Z&X-Amz-SignedHeaders=host&X-Amz-Signature=845983b1b6f67311fcc2b33bc7bebd60df094e20a8d1c7a73a6b15564411cfde
Request Chain 22
  • https://gnj7.vacation.escapevacations.ca/common/showimage.ashx/552729/187x86.png HTTP 302
  • https://wtp-prd.s3.us-west-2.amazonaws.com/sites/9041/files/db4f06ac06c04f7cb368087adfe95934.png?X-Amz-Expires=86400&response-cache-control=max-age%3D86400&response-content-disposition=inline%3B%20filename%3D%22certs1.png%22&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAZWPS3ZQLCKPNIRCY/20240106/us-west-2/s3/aws4_request&X-Amz-Date=20240106T094358Z&X-Amz-SignedHeaders=host&X-Amz-Signature=21d20f62bd906b7d32551064d60e09eba9f38bcb85a866100c95f86b74516602
Request Chain 23
  • https://gnj7.vacation.escapevacations.ca/common/showimage.ashx/552730/125x121.png HTTP 302
  • https://wtp-prd.s3.us-west-2.amazonaws.com/sites/9041/files/4393411430cc485fa08cc0ad0231bed1.png?X-Amz-Expires=86400&response-cache-control=max-age%3D86400&response-content-disposition=inline%3B%20filename%3D%22certs2.png%22&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAZWPS3ZQLCKPNIRCY/20240106/us-west-2/s3/aws4_request&X-Amz-Date=20240106T182002Z&X-Amz-SignedHeaders=host&X-Amz-Signature=a5ff5967547d6dfb816de5c93d4fe1555f46aa84fdc67e668fb65eaab45e90c4
Request Chain 24
  • https://gnj7.vacation.escapevacations.ca/common/showimage.ashx/552731/134x126.png HTTP 302
  • https://wtp-prd.s3.us-west-2.amazonaws.com/sites/9041/files/40a16e42822540988bb9532b7883dccf.png?X-Amz-Expires=86400&response-cache-control=max-age%3D86400&response-content-disposition=inline%3B%20filename%3D%22certs3.png%22&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAZWPS3ZQLCKPNIRCY/20240106/us-west-2/s3/aws4_request&X-Amz-Date=20240106T182610Z&X-Amz-SignedHeaders=host&X-Amz-Signature=62658f25de7d7c75b994d9dd523198e0a14491e8c75d554947018d1251580958
Request Chain 25
  • https://gnj7.vacation.escapevacations.ca/common/showimage.ashx/552732/125x126.png HTTP 302
  • https://wtp-prd.s3.us-west-2.amazonaws.com/sites/9041/files/10f55bb544bf4e85806fb530965a83d8.png?X-Amz-Expires=86400&response-cache-control=max-age%3D86400&response-content-disposition=inline%3B%20filename%3D%22certs4.png%22&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAZWPS3ZQLCKPNIRCY/20240106/us-west-2/s3/aws4_request&X-Amz-Date=20240106T182610Z&X-Amz-SignedHeaders=host&X-Amz-Signature=2de790fadf672bbc03c9066bd76941ddd97ef8d284e132b9ef2d4b1262918ad5
Request Chain 26
  • https://gnj7.vacation.escapevacations.ca/common/showimage.ashx/552733/219x123.png HTTP 302
  • https://wtp-prd.s3.us-west-2.amazonaws.com/sites/9041/files/e2d54291fdc54153957b98dd4a141187.png?X-Amz-Expires=86400&response-cache-control=max-age%3D86400&response-content-disposition=inline%3B%20filename%3D%22certs5.png%22&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAZWPS3ZQLCKPNIRCY/20240106/us-west-2/s3/aws4_request&X-Amz-Date=20240106T182610Z&X-Amz-SignedHeaders=host&X-Amz-Signature=18ce5fd01569121048b3fbc639b69a1a363a49d2eb510b996edab56ad9146210
Request Chain 37
  • https://gnj7.vacation.escapevacations.ca/Common/showimage.ashx/552741 HTTP 302
  • https://wtp-prd.s3.us-west-2.amazonaws.com/sites/9041/files/9157107774d645e98dd2fd2007ec2730.jpg?X-Amz-Expires=86400&response-cache-control=max-age%3D86400&response-content-disposition=inline%3B%20filename%3D%22Header-Caribbean2.jpg%22&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAZWPS3ZQLCKPNIRCY/20240106/us-west-2/s3/aws4_request&X-Amz-Date=20240106T141239Z&X-Amz-SignedHeaders=host&X-Amz-Signature=6f8a9423c9efdd49fb85e472e0665d42f624efd35a2286ae8437f3ed6a73a0c6
Request Chain 41
  • https://gnj7.vacation.escapevacations.ca/Common/Showimage.ashx/576243 HTTP 302
  • https://wtp-prd.s3.us-west-2.amazonaws.com/sites/9041/files/1e066e9ad77c41a3b6fd3ce2f4e4d524.jpg?X-Amz-Expires=86400&response-cache-control=max-age%3D86400&response-content-disposition=inline%3B%20filename%3D%22NexionCA_300x160.jpg%22&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAZWPS3ZQLCKPNIRCY/20240107/us-west-2/s3/aws4_request&X-Amz-Date=20240107T065856Z&X-Amz-SignedHeaders=host&X-Amz-Signature=661aebb5de9f4783d26d962357b0a383c09e150e4e2fd24c16a29298f78f4d70
Request Chain 55
  • https://gnj7.vacation.escapevacations.ca/Common/showimage.ashx/601616 HTTP 302
  • https://wtp-prd.s3.us-west-2.amazonaws.com/sites/9041/files/2af71598171847ca960e534d94e5b80a.jpg?X-Amz-Expires=86400&response-cache-control=max-age%3D86400&response-content-disposition=inline%3B%20filename%3D%22679_BodyImg1.jpg%22&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAZWPS3ZQLCKPNIRCY/20240107/us-west-2/s3/aws4_request&X-Amz-Date=20240107T005256Z&X-Amz-SignedHeaders=host&X-Amz-Signature=c4c2a9cec774705211d7e7306138a4c84371608751de48f8cad8e85008a66817
Request Chain 56
  • https://gnj7.vacation.escapevacations.ca/Common/showimage.ashx/601655 HTTP 302
  • https://wtp-prd.s3.us-west-2.amazonaws.com/sites/9041/files/9caa1104dba4445f8e2755218e201887.jpg?X-Amz-Expires=86400&response-cache-control=max-age%3D86400&response-content-disposition=inline%3B%20filename%3D%22Beach-1.jpg%22&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAZWPS3ZQLCKPNIRCY/20240107/us-west-2/s3/aws4_request&X-Amz-Date=20240107T005256Z&X-Amz-SignedHeaders=host&X-Amz-Signature=552d8f45e43edf40d921963cc1ef62a5171762ce64f15e5a6142a3f65261e1c8

97 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
gnj7.vacation.escapevacations.ca/ 		36 KB
36 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gnj7.vacation.escapevacations.ca/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.33.8.180 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-33-8-180.us-west-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
435f4b05bf8d68b5657f29f1baed1dfa74d067b9d42b647582e8ab0093caed20

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
access-control-allow-origin
*
cache-control
private
content-length
36374
content-type
text/html; charset=utf-8
date
Sun, 07 Jan 2024 06:58:55 GMT
server
Microsoft-IIS/10.0
vary
User-Agent
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
cQ_LY9KG4Br4fmqyNSgHMtRrTDKzJ2Nyvk7F39-kG6bnmOap8C92igKxVQQAAA2
gnj7.vacation.escapevacations.ca/dynamicScriptBundle/638389031923163263/VQQAAB-LCAAAAAAABACdU8ty2zAM_BrnFs3E7Q94Ejd1x5nJIfE1Q4mQDYkkGAL04-9LRZyEVuweehKwCxDcJTSbt394Nm-79wjhVHV8MztHDlBLAPCBSrIh6hE4Q... 		563 KB
148 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gnj7.vacation.escapevacations.ca/dynamicScriptBundle/638389031923163263/VQQAAB-LCAAAAAAABACdU8ty2zAM_BrnFs3E7Q94Ejd1x5nJIfE1Q4mQDYkkGAL04-9LRZyEVuweehKwCxDcJTSbt394Nm-79wjhVHV8MztHDlBLAPCBSrIh6hE4Qy9BNT26bRGWxXxoqe6gkRJsKVh26D2cwT0S95Y0lKDq1PE3GA-B78lact_vGfEzvI1Y8gfxb5589CXoSE4D9yVuQC5UZBc-WJ-kqS3oXNYNZTWRsATlK4vuMrFXBrUSClO6puO0/K4-rDTX96yoza9qiewLmNHwoWiQ7zrBXhrBBxhoNyik7daX5H425Y-H925NigfCce17AeqNkjNePa1A6DVjqLSTAx9og74o3KwVGQVPail7pB5CvZShlW1DOgoslNeTps6M9hJUTcHKB5TgojjVf49p0w8zdRxayqXwUk9crRaNv5QlpdSo5edhMXvBDyU45baBWyekQnaCF2_3P6q6aX50zIgutVy5lmx8TZ3-BkhhAPweyJEhuADVwL-T_98zlsTGR/cQ_LY9KG4Br4fmqyNSgHMtRrTDKzJ2Nyvk7F39-kG6bnmOap8C92igKxVQQAAA2
Requested by
Host: gnj7.vacation.escapevacations.ca
URL: https://gnj7.vacation.escapevacations.ca/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.33.8.180 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-33-8-180.us-west-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
d7a468e8708b57e7126ac24ef73461f45f43472fcf0ed74399c7a14c13008ca0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gnj7.vacation.escapevacations.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:58:56 GMT
content-encoding
gzip
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
text/javascript
access-control-allow-origin
*
cache-control
public
access-control-allow-headers
Content-Type
content-length
151458
expires
Mon, 06 Jan 2025 06:58:56 GMT
font-awesome.min.css
skins.webtreepro.com/skins/common/fontawesome4/css/ 		28 KB
29 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://skins.webtreepro.com/skins/common/fontawesome4/css/font-awesome.min.css
Requested by
Host: gnj7.vacation.escapevacations.ca
URL: https://gnj7.vacation.escapevacations.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:210b:5200:16:4349:fe00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ed0f05101d480726c58bcd4956a1e7b02f12b538d02058f1b0ebfdabe8a7ef42

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gnj7.vacation.escapevacations.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
8PUmXFVqs.JwTP3qjK1RRHrzD6hPPXMr
date
Sat, 06 Jan 2024 08:01:25 GMT
via
1.1 366ff516a3e74c5fb4d4d2286497d924.cloudfront.net (CloudFront)
last-modified
Thu, 23 Nov 2023 12:13:01 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-C3
age
83236
x-amz-server-side-encryption
AES256
etag
"fea395db9a5c8eaba924d98161324597"
x-cache
Hit from cloudfront
content-type
text/css
accept-ranges
bytes
content-length
29067
x-amz-cf-id
TlVnRcfxlxnFkegVg9UOpt84m2qb5Whg7q8psgMe1X5LLV1g5Q45gA==
HAIAAB-LCAAAAAAABACVjMEKwjAQRL8mHkutUO3RVvDkqf5A2m5sNLsp3Ub8fLegIkLBXIZheG9UZiqP6ElJqWvJMlDngKUdwOjgJmmN85ekZV6pv_BS8P3Y9vYOHKEJ2fhHhPBq8UZ9sxRhHUfbReAnoBCBnwEHpydYUCoHmr4vr7OOMnwQDgOMxnK_jKCc4PvEE...
gnj7.vacation.escapevacations.ca/dynamicStyleBundle/638389033564111732/ 		21 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gnj7.vacation.escapevacations.ca/dynamicStyleBundle/638389033564111732/HAIAAB-LCAAAAAAABACVjMEKwjAQRL8mHkutUO3RVvDkqf5A2m5sNLsp3Ub8fLegIkLBXIZheG9UZiqP6ElJqWvJMlDngKUdwOjgJmmN85ekZV6pv_BS8P3Y9vYOHKEJ2fhHhPBq8UZ9sxRhHUfbReAnoBCBnwEHpydYUCoHmr4vr7OOMnwQDgOMxnK_jKCc4PvEEk-aWkg2eZaui59tty3ydN6eNBmDaxwCAAA1
Requested by
Host: gnj7.vacation.escapevacations.ca
URL: https://gnj7.vacation.escapevacations.ca/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.33.8.180 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-33-8-180.us-west-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
64089e43ed5d1e590cee27f1f8fb4618726958f83200ddf794a1b581a5560938

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gnj7.vacation.escapevacations.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:58:56 GMT
content-encoding
gzip
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
text/css
access-control-allow-origin
*
cache-control
public
access-control-allow-headers
Content-Type
content-length
4598
expires
Mon, 06 Jan 2025 06:58:56 GMT
jquery-ui-1.10.2.custom.css
gnj7.vacation.escapevacations.ca/App_Themes/intranet/jquery-ui/ 		34 KB
34 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gnj7.vacation.escapevacations.ca/App_Themes/intranet/jquery-ui/jquery-ui-1.10.2.custom.css
Requested by
Host: gnj7.vacation.escapevacations.ca
URL: https://gnj7.vacation.escapevacations.ca/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.33.8.180 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-33-8-180.us-west-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
0130a8dceb8fc8165defe555fb6311120ce66f1ee2a51abe20990eb2bffc6f66

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gnj7.vacation.escapevacations.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:58:56 GMT
last-modified
Thu, 23 Nov 2023 10:58:42 GMT
server
Microsoft-IIS/10.0
etag
"01d605fc1dda1:0"
x-powered-by
ASP.NET
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
access-control-allow-headers
Content-Type
content-length
34658
bootstrap.min.css
skins.webtreepro.com/skins/common/bootstrap3/css/ 		118 KB
119 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://skins.webtreepro.com/skins/common/bootstrap3/css/bootstrap.min.css
Requested by
Host: gnj7.vacation.escapevacations.ca
URL: https://gnj7.vacation.escapevacations.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:210b:5200:16:4349:fe00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5a3d8c05785485d36ee5c94d4681e5b1d9e4b94c5be8b5bd7b0f3168fff1bd9a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gnj7.vacation.escapevacations.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
qSslaE.r.eszmY_Kg0kdNekTtzO1hvym
date
Sat, 06 Jan 2024 15:10:09 GMT
via
1.1 366ff516a3e74c5fb4d4d2286497d924.cloudfront.net (CloudFront)
last-modified
Thu, 23 Nov 2023 12:13:01 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-C3
age
57368
x-amz-server-side-encryption
AES256
etag
"5057f321f0dc85cd8da94a0c5f67a8f4"
x-cache
Hit from cloudfront
content-type
text/css
accept-ranges
bytes
content-length
121205
x-amz-cf-id
s2dcTB8RPOTq1Khs4tGsFH6sS9IHj6uQ2SFsuZsGPmE68wResudrMw==
Toolbar.css
gnj7.vacation.escapevacations.ca/App_Themes/Intranet/ 		11 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gnj7.vacation.escapevacations.ca/App_Themes/Intranet/Toolbar.css
Requested by
Host: gnj7.vacation.escapevacations.ca
URL: https://gnj7.vacation.escapevacations.ca/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.33.8.180 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-33-8-180.us-west-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
df178a76e5527927a54a4ee4b0d9f28c40a1925cc7e5aa5db16a8ba9fdf0b3ce

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gnj7.vacation.escapevacations.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:58:56 GMT
last-modified
Thu, 23 Nov 2023 10:58:42 GMT
server
Microsoft-IIS/10.0
etag
"01d605fc1dda1:0"
x-powered-by
ASP.NET
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
access-control-allow-headers
Content-Type
content-length
11566
cookieconsent.min.css
gnj7.vacation.escapevacations.ca/Js/cookieconsent/css/ 		4 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gnj7.vacation.escapevacations.ca/Js/cookieconsent/css/cookieconsent.min.css
Requested by
Host: gnj7.vacation.escapevacations.ca
URL: https://gnj7.vacation.escapevacations.ca/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.33.8.180 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-33-8-180.us-west-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
2f828220b9dd6c92f5c9c096bfa3bb3fbc579380e2b0ec1e4733d850e116a7f1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gnj7.vacation.escapevacations.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:58:56 GMT
last-modified
Thu, 23 Nov 2023 10:58:44 GMT
server
Microsoft-IIS/10.0
etag
"04a916fc1dda1:0"
x-powered-by
ASP.NET
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
access-control-allow-headers
Content-Type
content-length
3957
default.css
skins.webtreepro.com/skins/tlgleadersedge/ 		321 KB
322 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://skins.webtreepro.com/skins/tlgleadersedge/default.css?t=638186904604970000
Requested by
Host: gnj7.vacation.escapevacations.ca
URL: https://gnj7.vacation.escapevacations.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:210b:5200:16:4349:fe00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0ca722bc1c654b88f46c7ffce0d76198c73b049d901481bcbf2a2326f07d0116

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gnj7.vacation.escapevacations.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
3m5BAuRU_lemtvVq9cA2_gVN2eH2p3nw
date
Sat, 06 Jan 2024 15:19:50 GMT
via
1.1 366ff516a3e74c5fb4d4d2286497d924.cloudfront.net (CloudFront)
last-modified
Thu, 23 Nov 2023 12:13:17 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-C3
age
57361
x-amz-server-side-encryption
AES256
etag
"43ea8cfc542b0c061859f7c236e3b9df"
x-cache
Hit from cloudfront
content-type
text/css
accept-ranges
bytes
content-length
329213
x-amz-cf-id
n3RntQUIFzmqsmoejRNQo4Slo7g1S2RFcpmwEjM-TJiu1-Iv-EJ4CA==
swfobject.js
gnj7.vacation.escapevacations.ca/Js/ 		7 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gnj7.vacation.escapevacations.ca/Js/swfobject.js
Requested by
Host: gnj7.vacation.escapevacations.ca
URL: https://gnj7.vacation.escapevacations.ca/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.33.8.180 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-33-8-180.us-west-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
228e7abc6f0b491c177be9ee528856caf19ea3135c014713cc67ad64f2ae50b6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gnj7.vacation.escapevacations.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:58:56 GMT
last-modified
Thu, 23 Nov 2023 10:58:44 GMT
server
Microsoft-IIS/10.0
etag
"04a916fc1dda1:0"
x-powered-by
ASP.NET
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
access-control-allow-headers
Content-Type
content-length
6887
js
maps.google.com/maps/api/ 		176 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.google.com/maps/api/js?key=AIzaSyAxuVERn-bIKl8t1fV19IpqYCrAgzZCAv0
Requested by
Host: gnj7.vacation.escapevacations.ca
URL: https://gnj7.vacation.escapevacations.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
0a3528434668cdb3755e0541132001403e90d9940bd705ff738dce31352a80cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gnj7.vacation.escapevacations.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:58:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
vary
Accept-Language, Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61527
x-xss-protection
0
map.js
gnj7.vacation.escapevacations.ca/Customers/TLG/CustomAddIn/V3/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gnj7.vacation.escapevacations.ca/Customers/TLG/CustomAddIn/V3/js/map.js
Requested by
Host: gnj7.vacation.escapevacations.ca
URL: https://gnj7.vacation.escapevacations.ca/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.33.8.180 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-33-8-180.us-west-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
38e16f15e0f3294a97b254a8332d9f7823dece3e40744a293b4334b9dd7845d2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gnj7.vacation.escapevacations.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:58:56 GMT
last-modified
Thu, 23 Nov 2023 10:58:42 GMT
server
Microsoft-IIS/10.0
etag
"01d605fc1dda1:0"
x-powered-by
ASP.NET
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
access-control-allow-headers
Content-Type
content-length
1353
MsAjaxJs
gnj7.vacation.escapevacations.ca/bundles/ 		131 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gnj7.vacation.escapevacations.ca/bundles/MsAjaxJs?v=FKpG-smDBfGNUdgJeZvfEIGvJ6cYQEn3X0F5sU-GCEA1
Requested by
Host: gnj7.vacation.escapevacations.ca
URL: https://gnj7.vacation.escapevacations.ca/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.33.8.180 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-33-8-180.us-west-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
0b5ccf8ec360d4ce45730aac1718af91e431ee6379282eebc3f44476363a52c7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gnj7.vacation.escapevacations.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:58:56 GMT
last-modified
Sun, 07 Jan 2024 06:58:56 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
vary
User-Agent
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public
access-control-allow-headers
Content-Type
content-length
134643
expires
Mon, 06 Jan 2025 06:58:56 GMT
WebFormsJs
gnj7.vacation.escapevacations.ca/bundles/ 		45 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gnj7.vacation.escapevacations.ca/bundles/WebFormsJs?v=zi3b_79ovDvaSGwa114ouQNXKwAavyGdBw6Yku1697w1
Requested by
Host: gnj7.vacation.escapevacations.ca
URL: https://gnj7.vacation.escapevacations.ca/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.33.8.180 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-33-8-180.us-west-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
a78e9e80a951a4a1c522745ee893c891a91d429dc6b66c5901b79d5ee4715e5c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gnj7.vacation.escapevacations.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:58:56 GMT
last-modified
Sun, 07 Jan 2024 06:58:56 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
vary
User-Agent
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public
access-control-allow-headers
Content-Type
content-length
46189
expires
Mon, 06 Jan 2025 06:58:56 GMT
1e066e9ad77c41a3b6fd3ce2f4e4d524.jpg
wtp-prd.s3.us-west-2.amazonaws.com/sites/9041/files/
Redirect Chain
  • https://gnj7.vacation.escapevacations.ca/Common/Showimage.ashx/576243
  • https://wtp-prd.s3.us-west-2.amazonaws.com/sites/9041/files/1e066e9ad77c41a3b6fd3ce2f4e4d524.jpg?X-Amz-Expires=86400&response-cache-control=max-age%3D86400&response-content-disposition=inline%3B%20...
20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wtp-prd.s3.us-west-2.amazonaws.com/sites/9041/files/1e066e9ad77c41a3b6fd3ce2f4e4d524.jpg?X-Amz-Expires=86400&response-cache-control=max-age%3D86400&response-content-disposition=inline%3B%20filename%3D%22NexionCA_300x160.jpg%22&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAZWPS3ZQLCKPNIRCY/20240107/us-west-2/s3/aws4_request&X-Amz-Date=20240107T065856Z&X-Amz-SignedHeaders=host&X-Amz-Signature=661aebb5de9f4783d26d962357b0a383c09e150e4e2fd24c16a29298f78f4d70
Requested by
Host: gnj7.vacation.escapevacations.ca
URL: https://gnj7.vacation.escapevacations.ca/
Protocol
HTTP/1.1
Server
3.5.84.105 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-2-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
b039b75b9914b8509346efee034fd449e1895150a194515102d9197c8b9a554c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gnj7.vacation.escapevacations.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Sun, 07 Jan 2024 06:58:58 GMT
x-amz-version-id
OlKyekjtniXsy4._jPbOpXaRsPRRmmgM
Last-Modified
Thu, 22 Oct 2020 13:57:14 GMT
Server
AmazonS3
x-amz-request-id
P3JD6XSW23G8D23A
ETag
"ad9df34c472094d9af8356b7aaa13a50"
Content-Type
image/jpeg
Cache-Control
max-age=86400
x-amz-replication-status
COMPLETED
Content-Disposition
inline; filename="NexionCA_300x160.jpg"
x-amz-meta-fileid
576243
Accept-Ranges
bytes
x-amz-meta-siteid
9041
Content-Length
20190
x-amz-id-2
mBw82HWOHntc5c117CsxbWyo61LxYwCmO8DmieaAuxKTX6dJ6tbpHOU3jR+KJaaefJJF+PRbbzfMObRw5XwFrQ==

Redirect headers

date
Sun, 07 Jan 2024 06:58:56 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
text/html; charset=utf-8
location
https://wtp-prd.s3.us-west-2.amazonaws.com/sites/9041/files/1e066e9ad77c41a3b6fd3ce2f4e4d524.jpg?X-Amz-Expires=86400&response-cache-control=max-age%3D86400&response-content-disposition=inline%3B%20filename%3D%22NexionCA_300x160.jpg%22&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAZWPS3ZQLCKPNIRCY/20240107/us-west-2/s3/aws4_request&X-Amz-Date=20240107T065856Z&X-Amz-SignedHeaders=host&X-Amz-Signature=661aebb5de9f4783d26d962357b0a383c09e150e4e2fd24c16a29298f78f4d70
access-control-allow-origin
*
cache-control
private
access-control-allow-headers
Content-Type
content-length
619
43puBan.png
i.imgur.com/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/43puBan.png
Requested by
Host: gnj7.vacation.escapevacations.ca
URL: https://gnj7.vacation.escapevacations.ca/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.28.193 Ashburn, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
20383d22a70c230ed85c59040fa6586bc8beb7dc4353ea59a6670cb609100d12
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gnj7.vacation.escapevacations.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:58:57 GMT
strict-transport-security
max-age=300
x-content-type-options
nosniff
x-amz-cf-pop
IAD12-P2
age
2763194
x-cache
Miss from cloudfront, HIT
content-length
2897
x-served-by
cache-iad-kiad7000057-IAD
last-modified
Tue, 16 Apr 2019 17:37:19 GMT
server
cat factory 1.0
x-timer
S1704610737.021090,VS0,VE1
etag
"f38762f9da0c01594ee3805dfab5dce8"
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
dTJOLbA5pdZ-I9oz9kNRJdApSPLiaKQMoZeiTxqgmRK-ULJQroXohQ==
x-cache-hits
1
OGn61rg.png
i.imgur.com/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/OGn61rg.png
Requested by
Host: gnj7.vacation.escapevacations.ca
URL: https://gnj7.vacation.escapevacations.ca/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.28.193 Ashburn, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
4392b66d78b176d805a564911c8edd0689998491d6ab8377ffb39cddd042b083
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gnj7.vacation.escapevacations.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:58:57 GMT
strict-transport-security
max-age=300
x-content-type-options
nosniff
x-amz-cf-pop
IAD12-P2
age
1994002
x-cache
Miss from cloudfront, HIT
content-length
4025
x-served-by
cache-iad-kiad7000057-IAD
last-modified
Tue, 16 Apr 2019 17:37:19 GMT
server
cat factory 1.0
x-timer
S1704610737.086107,VS0,VE2
etag
"b2a41c7eb9abe02108b176bf268e6d4a"
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
GaWC-DK7W1WtfXFGboR4kZ0HeKJTPZFt8ZGeexdJraxdHXVA_H6VXw==
x-cache-hits
1
bG1rN6i.png
i.imgur.com/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/bG1rN6i.png
Requested by
Host: gnj7.vacation.escapevacations.ca
URL: https://gnj7.vacation.escapevacations.ca/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.28.193 Ashburn, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
9d698116307e36bcfc8bf63bb76c0ce742f65c605b7482453218d48735485663
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gnj7.vacation.escapevacations.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:58:57 GMT
strict-transport-security
max-age=300
x-content-type-options
nosniff
x-amz-cf-pop
IAD55-P2
age
338544
x-cache
Miss from cloudfront, HIT
content-length
2857
x-served-by
cache-iad-kiad7000057-IAD
last-modified
Tue, 16 Apr 2019 17:37:19 GMT
server
cat factory 1.0
x-timer
S1704610737.151906,VS0,VE1
etag
"894d9652993d68a10e6218e478e4d7ac"
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
6PT4lDXGm8GNU9yRmkCKIGyl1Xg-LWlJ5US5ksyLRXgOeGYHN7YLig==
x-cache-hits
1
aa83ddc82367401a89dd0ab2bef47960.jpg
wtp-prd.s3.us-west-2.amazonaws.com/sites/9041/files/
Redirect Chain
  • https://gnj7.vacation.escapevacations.ca/common/showimage.ashx/594594/1100x221.jpg
  • https://wtp-prd.s3.us-west-2.amazonaws.com/sites/9041/files/aa83ddc82367401a89dd0ab2bef47960.jpg?X-Amz-Expires=86400&response-cache-control=max-age%3D86400&response-content-disposition=inline%3B%20...
376 KB
377 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wtp-prd.s3.us-west-2.amazonaws.com/sites/9041/files/aa83ddc82367401a89dd0ab2bef47960.jpg?X-Amz-Expires=86400&response-cache-control=max-age%3D86400&response-content-disposition=inline%3B%20filename%3D%22CARNIVAL_TPOM.jpg%22&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAZWPS3ZQLCKPNIRCY/20240106/us-west-2/s3/aws4_request&X-Amz-Date=20240106T182002Z&X-Amz-SignedHeaders=host&X-Amz-Signature=845983b1b6f67311fcc2b33bc7bebd60df094e20a8d1c7a73a6b15564411cfde
Requested by
Host: gnj7.vacation.escapevacations.ca
URL: https://gnj7.vacation.escapevacations.ca/
Protocol
HTTP/1.1
Server
3.5.84.105 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-2-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
e18dbe6234784e87fe660be0e4a934ee1bef7d0f1bee777bef7baaba8cb3f5a0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gnj7.vacation.escapevacations.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Sun, 07 Jan 2024 06:58:58 GMT
x-amz-version-id
Ny0rT8yV7kZZ3qCHAZeEc.VOg6O1tJCt
Last-Modified
Wed, 13 Jul 2022 11:45:46 GMT
Server
AmazonS3
x-amz-request-id
P3JF7ANE58FZ6555
ETag
"a837108616376e6b358344f90e525ee8"
Content-Type
image/jpeg
Cache-Control
max-age=86400
x-amz-replication-status
COMPLETED
Content-Disposition
inline; filename="CARNIVAL_TPOM.jpg"
x-amz-meta-fileid
594594
Accept-Ranges
bytes
x-amz-meta-siteid
9041
Content-Length
385321
x-amz-id-2
+efOkT8OskOc6lY4qroZbZf4H7NiupBm08HSHgcxfOBFlqihqzPoCn862UMEI3sG+YDfpYV7vj9RcXmdvPYKxA==

Redirect headers

date
Sun, 07 Jan 2024 06:58:56 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
text/html; charset=utf-8
location
https://wtp-prd.s3.us-west-2.amazonaws.com/sites/9041/files/aa83ddc82367401a89dd0ab2bef47960.jpg?X-Amz-Expires=86400&response-cache-control=max-age%3D86400&response-content-disposition=inline%3B%20filename%3D%22CARNIVAL_TPOM.jpg%22&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAZWPS3ZQLCKPNIRCY/20240106/us-west-2/s3/aws4_request&X-Amz-Date=20240106T182002Z&X-Amz-SignedHeaders=host&X-Amz-Signature=845983b1b6f67311fcc2b33bc7bebd60df094e20a8d1c7a73a6b15564411cfde
access-control-allow-origin
*
cache-control
private
access-control-allow-headers
Content-Type
content-length
616
NCL_logo_176x84_C.png
www.travelleaders.com/images/supplierLogos/Cruise/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.travelleaders.com/images/supplierLogos/Cruise/NCL_logo_176x84_C.png
Requested by
Host: gnj7.vacation.escapevacations.ca
URL: https://gnj7.vacation.escapevacations.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
8250d7e9fc2cfadd8e9a3022bb66c06a16a2cede04b5ac9f4c83872f7f903cde
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'
Public-Key-Pins pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gnj7.vacation.escapevacations.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:58:57 GMT
content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
x-powered-by
ASP.NET
content-length
6058
x-xss-protection
1; mode=block
public-key-pins
pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 14 Sep 2011 14:31:35 GMT
server
cloudflare
etag
"1cc72eb01346a2a"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
841a50b4883531f2-MIA
expires
Sun, 07 Jan 2024 10:58:57 GMT
HAL_logo_176x84_C.png
www.travelleaders.com/images/supplierLogos/Cruise/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.travelleaders.com/images/supplierLogos/Cruise/HAL_logo_176x84_C.png
Requested by
Host: gnj7.vacation.escapevacations.ca
URL: https://gnj7.vacation.escapevacations.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
ac7e983629cc7e54599642979b3e68791326a7ae5e3f49e659def46ffd7870f9
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'
Public-Key-Pins pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gnj7.vacation.escapevacations.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:58:57 GMT
content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'
x-content-type-options
nosniff
cf-cache-status
HIT
x-powered-by
ASP.NET
content-length
19978
x-xss-protection
1; mode=block
public-key-pins
pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 09 Feb 2017 16:16:39 GMT
server
cloudflare
etag
"1d282efe486838a"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
841a50b4883431f2-MIA
expires
Sun, 07 Jan 2024 10:58:57 GMT
Princess_logo_176x84_C.png
www.travelleaders.com/images/supplierLogos/Cruise/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.travelleaders.com/images/supplierLogos/Cruise/Princess_logo_176x84_C.png?ver=5.05
Requested by
Host: gnj7.vacation.escapevacations.ca
URL: https://gnj7.vacation.escapevacations.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
0702a0cb8bcb18643cddddab91747225c50bb00e71f0529f61a2bd558a003cdb
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'
Public-Key-Pins pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gnj7.vacation.escapevacations.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:58:57 GMT
content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'
x-content-type-options
nosniff
cf-cache-status
HIT
x-powered-by
ASP.NET
content-length
5777
x-xss-protection
1; mode=block
public-key-pins
pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 05 May 2023 17:40:40 GMT
server
cloudflare
etag
"1d97f78b5614a91"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
841a50b4883331f2-MIA
expires
Sun, 07 Jan 2024 10:58:57 GMT
deltavacations.png
www.travelleaders.com/images/supplierLogos/Tour/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.travelleaders.com/images/supplierLogos/Tour/deltavacations.png
Requested by
Host: gnj7.vacation.escapevacations.ca
URL: https://gnj7.vacation.escapevacations.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
77a7aaa2cd5f51c7e441b57b873098537bbfaaf237593e651e86cd24b0fc9a47
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'
Public-Key-Pins pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gnj7.vacation.escapevacations.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:58:57 GMT
content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'
x-content-type-options
nosniff
cf-cache-status
HIT
age
2696
x-powered-by
ASP.NET
content-length
13804
x-xss-protection
1; mode=block
public-key-pins
pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 18 Dec 2019 18:58:07 GMT
server
cloudflare
etag
"1d5b5d51575fc6c"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
841a50b4883231f2-MIA
expires
Sun, 07 Jan 2024 10:58:57 GMT
db4f06ac06c04f7cb368087adfe95934.png
wtp-prd.s3.us-west-2.amazonaws.com/sites/9041/files/
Redirect Chain
  • https://gnj7.vacation.escapevacations.ca/common/showimage.ashx/552729/187x86.png
  • https://wtp-prd.s3.us-west-2.amazonaws.com/sites/9041/files/db4f06ac06c04f7cb368087adfe95934.png?X-Amz-Expires=86400&response-cache-control=max-age%3D86400&response-content-disposition=inline%3B%20...
12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wtp-prd.s3.us-west-2.amazonaws.com/sites/9041/files/db4f06ac06c04f7cb368087adfe95934.png?X-Amz-Expires=86400&response-cache-control=max-age%3D86400&response-content-disposition=inline%3B%20filename%3D%22certs1.png%22&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAZWPS3ZQLCKPNIRCY/20240106/us-west-2/s3/aws4_request&X-Amz-Date=20240106T094358Z&X-Amz-SignedHeaders=host&X-Amz-Signature=21d20f62bd906b7d32551064d60e09eba9f38bcb85a866100c95f86b74516602
Requested by
Host: gnj7.vacation.escapevacations.ca
URL: https://gnj7.vacation.escapevacations.ca/
Protocol
HTTP/1.1
Server
3.5.84.105 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-2-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
bac08e70b9366caf0cf6c914e96edd1ef4cddd19139b1109fd783d0b8be02d47

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gnj7.vacation.escapevacations.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Sun, 07 Jan 2024 06:58:58 GMT
x-amz-version-id
7isdy6nOvbFYlso0sdUEDMwlORSD4RJp
Last-Modified
Fri, 14 Jun 2019 18:57:16 GMT
Server
AmazonS3
x-amz-request-id
P3JEDHSKG3398M8Y
ETag
"836929ef71fb7fc76f8009a20838da15"
Content-Type
image/png
Cache-Control
max-age=86400
Content-Disposition
inline; filename="certs1.png"
x-amz-meta-fileid
552729
Accept-Ranges
bytes
x-amz-meta-siteid
9041
Content-Length
12481
x-amz-id-2
QWpM9vELJ7qBRsPRI5fk5BkFSOcuq/7LLhL30hI1ZhBMcvIhLdq6hYByKcFqLqRcuSJzDhY96/E7aEnyVIeO+Q==

Redirect headers

date
Sun, 07 Jan 2024 06:58:56 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
text/html; charset=utf-8
location
https://wtp-prd.s3.us-west-2.amazonaws.com/sites/9041/files/db4f06ac06c04f7cb368087adfe95934.png?X-Amz-Expires=86400&response-cache-control=max-age%3D86400&response-content-disposition=inline%3B%20filename%3D%22certs1.png%22&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAZWPS3ZQLCKPNIRCY/20240106/us-west-2/s3/aws4_request&X-Amz-Date=20240106T094358Z&X-Amz-SignedHeaders=host&X-Amz-Signature=21d20f62bd906b7d32551064d60e09eba9f38bcb85a866100c95f86b74516602
access-control-allow-origin
*
cache-control
private
access-control-allow-headers
Content-Type
content-length
609
4393411430cc485fa08cc0ad0231bed1.png
wtp-prd.s3.us-west-2.amazonaws.com/sites/9041/files/
Redirect Chain
  • https://gnj7.vacation.escapevacations.ca/common/showimage.ashx/552730/125x121.png
  • https://wtp-prd.s3.us-west-2.amazonaws.com/sites/9041/files/4393411430cc485fa08cc0ad0231bed1.png?X-Amz-Expires=86400&response-cache-control=max-age%3D86400&response-content-disposition=inline%3B%20...
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wtp-prd.s3.us-west-2.amazonaws.com/sites/9041/files/4393411430cc485fa08cc0ad0231bed1.png?X-Amz-Expires=86400&response-cache-control=max-age%3D86400&response-content-disposition=inline%3B%20filename%3D%22certs2.png%22&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAZWPS3ZQLCKPNIRCY/20240106/us-west-2/s3/aws4_request&X-Amz-Date=20240106T182002Z&X-Amz-SignedHeaders=host&X-Amz-Signature=a5ff5967547d6dfb816de5c93d4fe1555f46aa84fdc67e668fb65eaab45e90c4
Requested by
Host: gnj7.vacation.escapevacations.ca
URL: https://gnj7.vacation.escapevacations.ca/
Protocol
HTTP/1.1
Server
3.5.84.105 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-2-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
6485b197bb9c2cc8337933b73c5e385c1cb98899d9438a16e934ff41dc211808

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gnj7.vacation.escapevacations.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Sun, 07 Jan 2024 06:58:58 GMT
x-amz-version-id
DXECS8mE.cXrIH3NcZsX2gVOILYXHolE
Last-Modified
Fri, 14 Jun 2019 18:57:17 GMT
Server
AmazonS3
x-amz-request-id
P3J9BSQF9N7B3ZD1
ETag
"a9f826fc38dd82d5b30f45b138e970e3"
Content-Type
image/png
Cache-Control
max-age=86400
Content-Disposition
inline; filename="certs2.png"
x-amz-meta-fileid
552730
Accept-Ranges
bytes
x-amz-meta-siteid
9041
Content-Length
14927
x-amz-id-2
E4U4CtsnslvGoYE4SpBzGZntedLL10fx4KVycH8A2RsYHsEvB3jhG3RcGn59pnThpNsBAKlMPUhoC6Y6IWbvrA==

Redirect headers

date
Sun, 07 Jan 2024 06:58:56 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
text/html; charset=utf-8
location
https://wtp-prd.s3.us-west-2.amazonaws.com/sites/9041/files/4393411430cc485fa08cc0ad0231bed1.png?X-Amz-Expires=86400&response-cache-control=max-age%3D86400&response-content-disposition=inline%3B%20filename%3D%22certs2.png%22&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAZWPS3ZQLCKPNIRCY/20240106/us-west-2/s3/aws4_request&X-Amz-Date=20240106T182002Z&X-Amz-SignedHeaders=host&X-Amz-Signature=a5ff5967547d6dfb816de5c93d4fe1555f46aa84fdc67e668fb65eaab45e90c4
access-control-allow-origin
*
cache-control
private
access-control-allow-headers
Content-Type
content-length
609
40a16e42822540988bb9532b7883dccf.png
wtp-prd.s3.us-west-2.amazonaws.com/sites/9041/files/
Redirect Chain
  • https://gnj7.vacation.escapevacations.ca/common/showimage.ashx/552731/134x126.png
  • https://wtp-prd.s3.us-west-2.amazonaws.com/sites/9041/files/40a16e42822540988bb9532b7883dccf.png?X-Amz-Expires=86400&response-cache-control=max-age%3D86400&response-content-disposition=inline%3B%20...
13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wtp-prd.s3.us-west-2.amazonaws.com/sites/9041/files/40a16e42822540988bb9532b7883dccf.png?X-Amz-Expires=86400&response-cache-control=max-age%3D86400&response-content-disposition=inline%3B%20filename%3D%22certs3.png%22&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAZWPS3ZQLCKPNIRCY/20240106/us-west-2/s3/aws4_request&X-Amz-Date=20240106T182610Z&X-Amz-SignedHeaders=host&X-Amz-Signature=62658f25de7d7c75b994d9dd523198e0a14491e8c75d554947018d1251580958
Requested by
Host: gnj7.vacation.escapevacations.ca
URL: https://gnj7.vacation.escapevacations.ca/
Protocol
HTTP/1.1
Server
3.5.84.105 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-2-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
f6d733c867c8218f2ca1f6d5767c530ee1f6ee8ab343541c5da58866baec47c7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gnj7.vacation.escapevacations.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Sun, 07 Jan 2024 06:58:58 GMT
x-amz-version-id
h4IhCGJeJL70PmJfVn7eX8zFDGxZEd_n
Last-Modified
Fri, 14 Jun 2019 18:57:17 GMT
Server
AmazonS3
x-amz-request-id
P3JE06AM5W7Z1H1R
ETag
"4d8ba09334cdd8e8f8fe63e5f9615414"
Content-Type
image/png
Cache-Control
max-age=86400
Content-Disposition
inline; filename="certs3.png"
x-amz-meta-fileid
552731
Accept-Ranges
bytes
x-amz-meta-siteid
9041
Content-Length
13230
x-amz-id-2
MCh91Q73TgXUOfwvh1t9Ke3v6me0DsR1nZW4FlAm2YPr/2A+VxfTpMANGnYw+o3+glRjnC9UZ98VfoSfcmPUkw==

Redirect headers

date
Sun, 07 Jan 2024 06:58:56 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
text/html; charset=utf-8
location
https://wtp-prd.s3.us-west-2.amazonaws.com/sites/9041/files/40a16e42822540988bb9532b7883dccf.png?X-Amz-Expires=86400&response-cache-control=max-age%3D86400&response-content-disposition=inline%3B%20filename%3D%22certs3.png%22&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAZWPS3ZQLCKPNIRCY/20240106/us-west-2/s3/aws4_request&X-Amz-Date=20240106T182610Z&X-Amz-SignedHeaders=host&X-Amz-Signature=62658f25de7d7c75b994d9dd523198e0a14491e8c75d554947018d1251580958
access-control-allow-origin
*
cache-control
private
access-control-allow-headers
Content-Type
content-length
609
10f55bb544bf4e85806fb530965a83d8.png
wtp-prd.s3.us-west-2.amazonaws.com/sites/9041/files/
Redirect Chain
  • https://gnj7.vacation.escapevacations.ca/common/showimage.ashx/552732/125x126.png
  • https://wtp-prd.s3.us-west-2.amazonaws.com/sites/9041/files/10f55bb544bf4e85806fb530965a83d8.png?X-Amz-Expires=86400&response-cache-control=max-age%3D86400&response-content-disposition=inline%3B%20...
12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wtp-prd.s3.us-west-2.amazonaws.com/sites/9041/files/10f55bb544bf4e85806fb530965a83d8.png?X-Amz-Expires=86400&response-cache-control=max-age%3D86400&response-content-disposition=inline%3B%20filename%3D%22certs4.png%22&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAZWPS3ZQLCKPNIRCY/20240106/us-west-2/s3/aws4_request&X-Amz-Date=20240106T182610Z&X-Amz-SignedHeaders=host&X-Amz-Signature=2de790fadf672bbc03c9066bd76941ddd97ef8d284e132b9ef2d4b1262918ad5
Requested by
Host: gnj7.vacation.escapevacations.ca
URL: https://gnj7.vacation.escapevacations.ca/
Protocol
HTTP/1.1
Server
3.5.84.105 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-2-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
dd0feb700c1d1a887767b4c3c8be06f8535496fcd61045da56a9ad736d646728

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gnj7.vacation.escapevacations.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Sun, 07 Jan 2024 06:58:58 GMT
x-amz-version-id
nqzkqzsAb477PwwrAQTjSSNy5q4klWtb
Last-Modified
Fri, 14 Jun 2019 18:57:17 GMT
Server
AmazonS3
x-amz-request-id
P3J0PAJSQ02P9KKG
ETag
"77aea0f51eff12a620273bdd7cb24404"
Content-Type
image/png
Cache-Control
max-age=86400
Content-Disposition
inline; filename="certs4.png"
x-amz-meta-fileid
552732
Accept-Ranges
bytes
x-amz-meta-siteid
9041
Content-Length
12599
x-amz-id-2
A29JnFnwD4kQkHJ1mpVjhFioVvzaJ0O3MADFl9WwhstmmbUn+RZdeT1JvgBjg48ZSRbdouyZfUQ7aZAWrhjUvA==

Redirect headers

date
Sun, 07 Jan 2024 06:58:56 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
text/html; charset=utf-8
location
https://wtp-prd.s3.us-west-2.amazonaws.com/sites/9041/files/10f55bb544bf4e85806fb530965a83d8.png?X-Amz-Expires=86400&response-cache-control=max-age%3D86400&response-content-disposition=inline%3B%20filename%3D%22certs4.png%22&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAZWPS3ZQLCKPNIRCY/20240106/us-west-2/s3/aws4_request&X-Amz-Date=20240106T182610Z&X-Amz-SignedHeaders=host&X-Amz-Signature=2de790fadf672bbc03c9066bd76941ddd97ef8d284e132b9ef2d4b1262918ad5
access-control-allow-origin
*
cache-control
private
access-control-allow-headers
Content-Type
content-length
609
e2d54291fdc54153957b98dd4a141187.png
wtp-prd.s3.us-west-2.amazonaws.com/sites/9041/files/
Redirect Chain
  • https://gnj7.vacation.escapevacations.ca/common/showimage.ashx/552733/219x123.png
  • https://wtp-prd.s3.us-west-2.amazonaws.com/sites/9041/files/e2d54291fdc54153957b98dd4a141187.png?X-Amz-Expires=86400&response-cache-control=max-age%3D86400&response-content-disposition=inline%3B%20...
19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wtp-prd.s3.us-west-2.amazonaws.com/sites/9041/files/e2d54291fdc54153957b98dd4a141187.png?X-Amz-Expires=86400&response-cache-control=max-age%3D86400&response-content-disposition=inline%3B%20filename%3D%22certs5.png%22&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAZWPS3ZQLCKPNIRCY/20240106/us-west-2/s3/aws4_request&X-Amz-Date=20240106T182610Z&X-Amz-SignedHeaders=host&X-Amz-Signature=18ce5fd01569121048b3fbc639b69a1a363a49d2eb510b996edab56ad9146210
Requested by
Host: gnj7.vacation.escapevacations.ca
URL: https://gnj7.vacation.escapevacations.ca/
Protocol
HTTP/1.1
Server
3.5.84.105 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-2-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
82e9baebd3db1888f07c7d01a4ce4eee70047ae29e888034241ce4f549b40a3e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gnj7.vacation.escapevacations.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Sun, 07 Jan 2024 06:58:58 GMT
x-amz-version-id
_obxPg2Ch8UpFHvZ6HzByV7_s2JAzTUQ
Last-Modified
Fri, 14 Jun 2019 18:57:17 GMT
Server
AmazonS3
x-amz-request-id
P3JD96YGAZMB6345
ETag
"05d6d22cc4332e01fd231ab62ea5d483"
Content-Type
image/png
Cache-Control
max-age=86400
Content-Disposition
inline; filename="certs5.png"
x-amz-meta-fileid
552733
Accept-Ranges
bytes
x-amz-meta-siteid
9041
Content-Length
19116
x-amz-id-2
8zz9xXyuG5fXDbb7KNuSyoGlOzUzhRoMJu6eNLQKxhWesoaBAXRwyqi5SMovfmsD/4MUXnAMiEXlZSipIDGj8g==

Redirect headers

date
Sun, 07 Jan 2024 06:58:56 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
text/html; charset=utf-8
location
https://wtp-prd.s3.us-west-2.amazonaws.com/sites/9041/files/e2d54291fdc54153957b98dd4a141187.png?X-Amz-Expires=86400&response-cache-control=max-age%3D86400&response-content-disposition=inline%3B%20filename%3D%22certs5.png%22&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAZWPS3ZQLCKPNIRCY/20240106/us-west-2/s3/aws4_request&X-Amz-Date=20240106T182610Z&X-Amz-SignedHeaders=host&X-Amz-Signature=18ce5fd01569121048b3fbc639b69a1a363a49d2eb510b996edab56ad9146210
access-control-allow-origin
*
cache-control
private
access-control-allow-headers
Content-Type
content-length
609
loadingAnimation.gif
gnj7.vacation.escapevacations.ca/Images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gnj7.vacation.escapevacations.ca/Images/loadingAnimation.gif
Requested by
Host: gnj7.vacation.escapevacations.ca
URL: https://gnj7.vacation.escapevacations.ca/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.33.8.180 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-33-8-180.us-west-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e69abd7e0cc82f336e61fea889e406ecbbeb7ece1df960231b7a9ba0d1dd1676

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gnj7.vacation.escapevacations.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:58:56 GMT
last-modified
Thu, 23 Nov 2023 10:58:44 GMT
server
Microsoft-IIS/10.0
etag
"04a916fc1dda1:0"
x-powered-by
ASP.NET
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
access-control-allow-headers
Content-Type
content-length
5886
editbutton.css
gnj7.vacation.escapevacations.ca/App_Themes/Intranet/ 		1 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gnj7.vacation.escapevacations.ca/App_Themes/Intranet/editbutton.css
Requested by
Host: gnj7.vacation.escapevacations.ca
URL: https://gnj7.vacation.escapevacations.ca/App_Themes/Intranet/Toolbar.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.33.8.180 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-33-8-180.us-west-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
4823bf9e997f3e4691ce2d7eac0b7c667a5f35a0872c7b7c53402715843394c6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gnj7.vacation.escapevacations.ca/App_Themes/Intranet/Toolbar.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:58:56 GMT
last-modified
Thu, 23 Nov 2023 10:58:42 GMT
server
Microsoft-IIS/10.0
etag
"01d605fc1dda1:0"
x-powered-by
ASP.NET
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
access-control-allow-headers
Content-Type
content-length
1504
css
fonts.googleapis.com/ 		4 KB
924 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:300,300i,400,400i,700,700i
Requested by
Host: skins.webtreepro.com
URL: https://skins.webtreepro.com/skins/tlgleadersedge/default.css?t=638186904604970000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6b9f1135ba160e5dc694ad7977f6bf73d40d3c15742b14ca8910ea23bb3e6e79
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://skins.webtreepro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 07 Jan 2024 06:58:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 07 Jan 2024 06:58:57 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 07 Jan 2024 06:58:57 GMT
gen_204
maps.googleapis.com/maps/api/mapsjs/ 		3 B
369 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
Requested by
Host: maps.google.com
URL: https://maps.google.com/maps/api/js?key=AIzaSyAxuVERn-bIKl8t1fV19IpqYCrAgzZCAv0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gnj7.vacation.escapevacations.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:58:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://gnj7.vacation.escapevacations.ca
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23
x-xss-protection
0
common.js
maps.google.com/maps-api-v3/api/js/55/4/ 		256 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.google.com/maps-api-v3/api/js/55/4/common.js
Requested by
Host: maps.google.com
URL: https://maps.google.com/maps/api/js?key=AIzaSyAxuVERn-bIKl8t1fV19IpqYCrAgzZCAv0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
969dace001ef24f99f38bd00c5578b85ba9368e77a5667cfcaeaa29d2f57657b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gnj7.vacation.escapevacations.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 15:02:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
403008
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57512
x-xss-protection
0
last-modified
Mon, 04 Dec 2023 22:55:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 01 Jan 2025 15:02:09 GMT
util.js
maps.google.com/maps-api-v3/api/js/55/4/ 		173 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.google.com/maps-api-v3/api/js/55/4/util.js
Requested by
Host: maps.google.com
URL: https://maps.google.com/maps/api/js?key=AIzaSyAxuVERn-bIKl8t1fV19IpqYCrAgzZCAv0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e759dc710ec6d9f9438d5a77f834b247254512fb90cf520764ab591db32cf5cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gnj7.vacation.escapevacations.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 17:32:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
393964
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
55175
x-xss-protection
0
last-modified
Mon, 04 Dec 2023 22:55:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 01 Jan 2025 17:32:53 GMT
geocoder.js
maps.google.com/maps-api-v3/api/js/55/4/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.google.com/maps-api-v3/api/js/55/4/geocoder.js
Requested by
Host: maps.google.com
URL: https://maps.google.com/maps/api/js?key=AIzaSyAxuVERn-bIKl8t1fV19IpqYCrAgzZCAv0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
947ad21d2c112e6019868a89f666d37aaee3a8e937a8c5ee12a0ce8d0d9c7210
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gnj7.vacation.escapevacations.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 11:14:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
416684
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1819
x-xss-protection
0
last-modified
Mon, 04 Dec 2023 22:55:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 01 Jan 2025 11:14:13 GMT
514313489
player.vimeo.com/video/ Frame FCE8 		22 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://player.vimeo.com/video/514313489?title=0&byline=0&portrait=0
Requested by
Host: gnj7.vacation.escapevacations.ca
URL: https://gnj7.vacation.escapevacations.ca/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.159.138.60 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d993ab5ed1b41a92621904592c324b84a21133e984fdfa572cc2827065f8b9fd
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'self' 'unsafe-inline' https://*.vimeocdn.com 'unsafe-eval' blob: resource: https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://cdn.kollective.app/ https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv; style-src 'self' 'unsafe-inline' https://*.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com https://edge-player5.wirewax.com; connect-src 'self' ws: wss: https://vimeo.com https://api.vimeo.com https://csi.gstatic.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://drm-gke.vhx.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://*.dna-delivery.com https://*.kollective.app https://*.kollective.app:31015 https://*.kollectivecd.com https://*.hivestreaming.com https://mimir.cloud.vimeo.com https://*.wirewax.com https://*.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com; font-src data: https://edge-assets.wirewax.com https://branding.cdn.magisto.com https://fonts.gstatic.com https://player.vimeo.com; img-src 'self' data: https://player.vimeo.com https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://*.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://i.vimeocdn.com https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://maps.googleapis.com android-webview-video-poster:; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com; frame-src 'self' https://*; report-uri /_csp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://gnj7.vacation.escapevacations.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

CF-Cache-Status
DYNAMIC
CF-RAY
841a50b6ea718bff-MIA
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Sun, 07 Jan 2024 06:58:57 GMT
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
Via
1.1 varnish
X-Cache
MISS
X-Cache-Hits
0
X-Served-By
cache-mia-kmia1760040-MIA
X-Timer
S1704610738.759127,VS0,VE83
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-security-policy
default-src 'none'; script-src 'self' 'unsafe-inline' https://*.vimeocdn.com 'unsafe-eval' blob: resource: https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://cdn.kollective.app/ https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv; style-src 'self' 'unsafe-inline' https://*.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com https://edge-player5.wirewax.com; connect-src 'self' ws: wss: https://vimeo.com https://api.vimeo.com https://csi.gstatic.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://drm-gke.vhx.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://*.dna-delivery.com https://*.kollective.app https://*.kollective.app:31015 https://*.kollectivecd.com https://*.hivestreaming.com https://mimir.cloud.vimeo.com https://*.wirewax.com https://*.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com; font-src data: https://edge-assets.wirewax.com https://branding.cdn.magisto.com https://fonts.gstatic.com https://player.vimeo.com; img-src 'self' data: https://player.vimeo.com https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://*.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://i.vimeocdn.com https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://maps.googleapis.com android-webview-video-poster:; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com; frame-src 'self' https://*; report-uri /_csp
expires
Fri, 15 Dec 1985 19:30:00 GMT
link
<https://fresnel.vimeocdn.com>; rel=preconnect; crossorigin <https://i.vimeocdn.com>; rel=preconnect; crossorigin <https://f.vimeocdn.com>; rel=preconnect; crossorigin
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-backend-server
player-backend-edge-entry
x-bapp-server
player-backend-54df66444b-v5j6n
x-content-type-options
nosniff
x-host
player-backend-54df66444b-v5j6n
x-player-backend
g
x-xss-protection
1; mode=block
0480985001655829779
viewer.joomag.com/nexion-escape-celebration-travel-summer-2022/ Frame EFE3 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://viewer.joomag.com/nexion-escape-celebration-travel-summer-2022/0480985001655829779?short&
Requested by
Host: gnj7.vacation.escapevacations.ca
URL: https://gnj7.vacation.escapevacations.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:179d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42c7d62f9509ae2d8ee629e300fbd038b446cd5be6b4d4e083d493bf0a386def
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://gnj7.vacation.escapevacations.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
841a50b70f3ada77-MIA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 07 Jan 2024 06:58:57 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
j-proxy
lb3-443-star
pragma
no-cache
server
cloudflare
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
User-Agent
x-content-type-options
nosniff
0094796001655319326
viewer.joomag.com/escape-insider-june-2022/ Frame FCBB 		1 KB
802 B 		Document
General
Check archive.org
Download Go to
Full URL
https://viewer.joomag.com/escape-insider-june-2022/0094796001655319326?short&
Requested by
Host: gnj7.vacation.escapevacations.ca
URL: https://gnj7.vacation.escapevacations.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:179d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42c7d62f9509ae2d8ee629e300fbd038b446cd5be6b4d4e083d493bf0a386def
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://gnj7.vacation.escapevacations.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
841a50b70f3cda77-MIA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 07 Jan 2024 06:58:57 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
j-proxy
lb3-443-star
pragma
no-cache
server
cloudflare
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
User-Agent
x-content-type-options
nosniff
9157107774d645e98dd2fd2007ec2730.jpg
wtp-prd.s3.us-west-2.amazonaws.com/sites/9041/files/
Redirect Chain
  • https://gnj7.vacation.escapevacations.ca/Common/showimage.ashx/552741
  • https://wtp-prd.s3.us-west-2.amazonaws.com/sites/9041/files/9157107774d645e98dd2fd2007ec2730.jpg?X-Amz-Expires=86400&response-cache-control=max-age%3D86400&response-content-disposition=inline%3B%20...
3 MB
3 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wtp-prd.s3.us-west-2.amazonaws.com/sites/9041/files/9157107774d645e98dd2fd2007ec2730.jpg?X-Amz-Expires=86400&response-cache-control=max-age%3D86400&response-content-disposition=inline%3B%20filename%3D%22Header-Caribbean2.jpg%22&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAZWPS3ZQLCKPNIRCY/20240106/us-west-2/s3/aws4_request&X-Amz-Date=20240106T141239Z&X-Amz-SignedHeaders=host&X-Amz-Signature=6f8a9423c9efdd49fb85e472e0665d42f624efd35a2286ae8437f3ed6a73a0c6
Requested by
Host: gnj7.vacation.escapevacations.ca
URL: https://gnj7.vacation.escapevacations.ca/
Protocol
HTTP/1.1
Server
3.5.84.105 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-2-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
581792b9972724d3c2bc8fcf0611c2800493d5e7d03a57b2c6e008ffc5b99853

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gnj7.vacation.escapevacations.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Sun, 07 Jan 2024 06:58:59 GMT
x-amz-version-id
SMFhlVFOPjJ69hTVWYyN5xw7zQdnzC6w
Last-Modified
Fri, 14 Jun 2019 18:58:11 GMT
Server
AmazonS3
x-amz-request-id
1N757VX44PGAX691
ETag
"3fca0c77420d2ee43d7091cfd9ffa155"
Content-Type
image/jpeg
Cache-Control
max-age=86400
Content-Disposition
inline; filename="Header-Caribbean2.jpg"
x-amz-meta-fileid
552741
Accept-Ranges
bytes
x-amz-meta-siteid
9041
Content-Length
2857244
x-amz-id-2
tb0Ss4yL3oCDbjHNqoN/1UwcI1lMdsznFj05jlNVXRfqJEXvWXGKylFkgVBcDndUBznUtZ8sHxWt/uPryWELgw==

Redirect headers

date
Sun, 07 Jan 2024 06:58:56 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
text/html; charset=utf-8
location
https://wtp-prd.s3.us-west-2.amazonaws.com/sites/9041/files/9157107774d645e98dd2fd2007ec2730.jpg?X-Amz-Expires=86400&response-cache-control=max-age%3D86400&response-content-disposition=inline%3B%20filename%3D%22Header-Caribbean2.jpg%22&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAZWPS3ZQLCKPNIRCY/20240106/us-west-2/s3/aws4_request&X-Amz-Date=20240106T141239Z&X-Amz-SignedHeaders=host&X-Amz-Signature=6f8a9423c9efdd49fb85e472e0665d42f624efd35a2286ae8437f3ed6a73a0c6
access-control-allow-origin
*
cache-control
private
access-control-allow-headers
Content-Type
content-length
620
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,300i,400,400i,700,700i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://gnj7.vacation.escapevacations.ca
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 07:51:30 GMT
x-content-type-options
nosniff
age
342447
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23580
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:17:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 02 Jan 2025 07:51:30 GMT
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,300i,400,400i,700,700i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://gnj7.vacation.escapevacations.ca
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 03:41:30 GMT
x-content-type-options
nosniff
age
357447
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23040
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:07:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 02 Jan 2025 03:41:30 GMT
S6u9w4BMUTPHh7USSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh7USSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,300i,400,400i,700,700i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://gnj7.vacation.escapevacations.ca
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 23:02:21 GMT
x-content-type-options
nosniff
age
374196
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23236
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:08:26 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 01 Jan 2025 23:02:21 GMT
1e066e9ad77c41a3b6fd3ce2f4e4d524.jpg
wtp-prd.s3.us-west-2.amazonaws.com/sites/9041/files/
Redirect Chain
  • https://gnj7.vacation.escapevacations.ca/Common/Showimage.ashx/576243
  • https://wtp-prd.s3.us-west-2.amazonaws.com/sites/9041/files/1e066e9ad77c41a3b6fd3ce2f4e4d524.jpg?X-Amz-Expires=86400&response-cache-control=max-age%3D86400&response-content-disposition=inline%3B%20...
20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wtp-prd.s3.us-west-2.amazonaws.com/sites/9041/files/1e066e9ad77c41a3b6fd3ce2f4e4d524.jpg?X-Amz-Expires=86400&response-cache-control=max-age%3D86400&response-content-disposition=inline%3B%20filename%3D%22NexionCA_300x160.jpg%22&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAZWPS3ZQLCKPNIRCY/20240107/us-west-2/s3/aws4_request&X-Amz-Date=20240107T065856Z&X-Amz-SignedHeaders=host&X-Amz-Signature=661aebb5de9f4783d26d962357b0a383c09e150e4e2fd24c16a29298f78f4d70
Requested by
Host: gnj7.vacation.escapevacations.ca
URL: https://gnj7.vacation.escapevacations.ca/
Protocol
HTTP/1.1
Server
3.5.84.105 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-2-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
b039b75b9914b8509346efee034fd449e1895150a194515102d9197c8b9a554c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gnj7.vacation.escapevacations.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Sun, 07 Jan 2024 06:58:59 GMT
x-amz-version-id
OlKyekjtniXsy4._jPbOpXaRsPRRmmgM
Last-Modified
Thu, 22 Oct 2020 13:57:14 GMT
Server
AmazonS3
x-amz-request-id
1N716100G4X49VEC
ETag
"ad9df34c472094d9af8356b7aaa13a50"
Content-Type
image/jpeg
Cache-Control
max-age=86400
x-amz-replication-status
COMPLETED
Content-Disposition
inline; filename="NexionCA_300x160.jpg"
x-amz-meta-fileid
576243
Accept-Ranges
bytes
x-amz-meta-siteid
9041
Content-Length
20190
x-amz-id-2
UpBkqKrAqCSkEaNlgJ97D7co4l10fKq0KGoX39uLbKAl6dxZIAbUNFEmzL6wJoB9dRmVfbTukGCHH04SvGl5nw==

Redirect headers

date
Sun, 07 Jan 2024 06:58:56 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
text/html; charset=utf-8
location
https://wtp-prd.s3.us-west-2.amazonaws.com/sites/9041/files/1e066e9ad77c41a3b6fd3ce2f4e4d524.jpg?X-Amz-Expires=86400&response-cache-control=max-age%3D86400&response-content-disposition=inline%3B%20filename%3D%22NexionCA_300x160.jpg%22&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAZWPS3ZQLCKPNIRCY/20240107/us-west-2/s3/aws4_request&X-Amz-Date=20240107T065856Z&X-Amz-SignedHeaders=host&X-Amz-Signature=661aebb5de9f4783d26d962357b0a383c09e150e4e2fd24c16a29298f78f4d70
access-control-allow-origin
*
cache-control
private
access-control-allow-headers
Content-Type
content-length
619
Tracking.ashx
gnj7.vacation.escapevacations.ca/Tracking/ 		43 B
211 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gnj7.vacation.escapevacations.ca/Tracking/Tracking.ashx?siteId=11038&pageId=129342&pageTitle=Home&url=https%3A%2F%2Fgnj7.vacation.escapevacations.ca%2F&referrer=&track=1704610737661
Requested by
Host: gnj7.vacation.escapevacations.ca
URL: https://gnj7.vacation.escapevacations.ca/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.33.8.180 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-33-8-180.us-west-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gnj7.vacation.escapevacations.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Jan 2024 06:58:58 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
Content-Type
content-length
43
expires
-1
player.module.js
f.vimeocdn.com/p/4.26.17/js/ Frame FCE8 		547 KB
133 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://f.vimeocdn.com/p/4.26.17/js/player.module.js
Requested by
Host: player.vimeo.com
URL: https://player.vimeo.com/video/514313489?title=0&byline=0&portrait=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.38.109 Reston, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8a4e97f4710d7e4a62f57364b5b307e52cbe7806d00f91272c157764cc7aa1f4

Request headers

Referer
https://player.vimeo.com/
Origin
https://player.vimeo.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-served-by
cache-iad-kcgs7200058-IAD
date
Sun, 07 Jan 2024 06:58:58 GMT
content-encoding
br
via
1.1 varnish
age
50144
x-timer
S1704610738.354098,VS0,VE0
vary
Accept-Encoding,x-http-method-override
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1209600
accept-ranges
bytes
content-length
135353
x-cache-hits
20
vendor.module.js
f.vimeocdn.com/p/4.26.17/js/ Frame FCE8 		410 KB
99 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://f.vimeocdn.com/p/4.26.17/js/vendor.module.js
Requested by
Host: player.vimeo.com
URL: https://player.vimeo.com/video/514313489?title=0&byline=0&portrait=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.38.109 Reston, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3739719600347386fcdf81e11e2147919520f44c777c27a7351c8828989c656d

Request headers

Referer
https://player.vimeo.com/
Origin
https://player.vimeo.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-served-by
cache-iad-kcgs7200058-IAD
date
Sun, 07 Jan 2024 06:58:58 GMT
content-encoding
br
via
1.1 varnish
age
50145
x-timer
S1704610738.354235,VS0,VE0
vary
Accept-Encoding,x-http-method-override
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1209600
accept-ranges
bytes
content-length
101213
x-cache-hits
3999
player.css
f.vimeocdn.com/p/4.26.17/css/ Frame FCE8 		208 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://f.vimeocdn.com/p/4.26.17/css/player.css
Requested by
Host: player.vimeo.com
URL: https://player.vimeo.com/video/514313489?title=0&byline=0&portrait=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.38.109 Reston, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3858f7e36fb153e9a47b956f718e4d4399ff998a4f06b9cc0f795ba4dc145253

Request headers

accept-language
en-US,en;q=0.9
Referer
https://player.vimeo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-served-by
cache-iad-kcgs7200130-IAD
date
Sun, 07 Jan 2024 06:58:58 GMT
content-encoding
br
via
1.1 varnish
age
50145
x-timer
S1704610738.354771,VS0,VE0
vary
Accept-Encoding,x-http-method-override
x-cache
HIT
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=1209600
accept-ranges
bytes
content-length
21989
x-cache-hits
4474
olb8zpk.js
use.typekit.net/ Frame EFE3 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/olb8zpk.js
Requested by
Host: viewer.joomag.com
URL: https://viewer.joomag.com/nexion-escape-celebration-travel-summer-2022/0480985001655829779?short&
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:31::1739:5a4f Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
5a34aeac339c3aaa7c3e5fdd4e478b664f39709501c51bdbe9cf8471dbca4377
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://viewer.joomag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
date
Sun, 07 Jan 2024 06:58:58 GMT
server
nginx
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
6942
fonts.css
app.joomag.com/assets/fonts/ Frame EFE3 		3 KB
436 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.joomag.com/assets/fonts/fonts.css
Requested by
Host: viewer.joomag.com
URL: https://viewer.joomag.com/nexion-escape-celebration-travel-summer-2022/0480985001655829779?short&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1df5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
94a5843cf3e664cd2087a484200389fc08a4fa465c0ba3cf5b29430371a905e7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://viewer.joomag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:58:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
HIT
age
668113
j-proxy
lb3-443-star-static
j-srv
wa7-app1
alt-svc
h3=":443"; ma=86400
content-length
368
last-modified
Fri, 29 Dec 2023 08:15:31 GMT
server
cloudflare
etag
"cf7-60da1a2b60ec0-gzip"
vary
User-Agent,Accept-Encoding,Origin
access-control-allow-methods
POST, GET, DELETE, OPTIONS, PUT
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=2592000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
841a50ba7eeadb19-MIA
access-control-allow-headers
X-Csrf-Token, X-Requested-With, X-NewRelic-ID, Content-Type, key, sub-auth, new-subscriber
expires
Mon, 29 Jan 2024 13:23:45 GMT
joomag.responsive.css
static.joomag.com/static/css/ Frame EFE3 		518 KB
55 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.joomag.com/static/css/joomag.responsive.css?_=6.1.0
Requested by
Host: viewer.joomag.com
URL: https://viewer.joomag.com/nexion-escape-celebration-travel-summer-2022/0480985001655829779?short&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:169d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aef9b575ae4e9e286c94ee1b1573f56b90f33b3b0493d71d65b40194205581ad
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://viewer.joomag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:58:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
HIT
age
1001099
j-proxy
lb3-443-star-static
j-srv
wa6-app1
alt-svc
h3=":443"; ma=86400
content-length
56222
last-modified
Tue, 26 Dec 2023 16:07:25 GMT
server
cloudflare
etag
"819b5-60d6be0d54940-gzip"
vary
User-Agent,Accept-Encoding,Origin
access-control-allow-methods
POST, GET, DELETE, OPTIONS, PUT
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=2592000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
841a50ba68da31ec-MIA
access-control-allow-headers
X-Csrf-Token, X-Requested-With, X-NewRelic-ID, Content-Type, key, sub-auth, new-subscriber
expires
Thu, 25 Jan 2024 16:53:59 GMT
limitedAccessPages.css
static.joomag.com/static/css/pages/ Frame EFE3 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.joomag.com/static/css/pages/limitedAccessPages.css?_=6.1.0
Requested by
Host: viewer.joomag.com
URL: https://viewer.joomag.com/nexion-escape-celebration-travel-summer-2022/0480985001655829779?short&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:169d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe9e7d196049d7337c1422b0e38139b4c885e53d8f7a043429da3c52287f5ee0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://viewer.joomag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:58:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
HIT
age
1001100
j-proxy
lb3-443-star-static
j-srv
wa6-app1
alt-svc
h3=":443"; ma=86400
content-length
1313
last-modified
Tue, 26 Dec 2023 16:07:25 GMT
server
cloudflare
etag
"1cb8-60d6be0d54940-gzip"
vary
User-Agent,Accept-Encoding,Origin
access-control-allow-methods
POST, GET, DELETE, OPTIONS, PUT
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=2592000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
841a50ba68dc31ec-MIA
access-control-allow-headers
X-Csrf-Token, X-Requested-With, X-NewRelic-ID, Content-Type, key, sub-auth, new-subscriber
expires
Thu, 25 Jan 2024 16:53:58 GMT
olb8zpk.js
use.typekit.net/ Frame FCBB 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/olb8zpk.js
Requested by
Host: viewer.joomag.com
URL: https://viewer.joomag.com/escape-insider-june-2022/0094796001655319326?short&
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:31::1739:5a4f Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
5a34aeac339c3aaa7c3e5fdd4e478b664f39709501c51bdbe9cf8471dbca4377
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://viewer.joomag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
date
Sun, 07 Jan 2024 06:58:58 GMT
server
nginx
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
6942
fonts.css
app.joomag.com/assets/fonts/ Frame FCBB 		3 KB
908 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.joomag.com/assets/fonts/fonts.css
Requested by
Host: viewer.joomag.com
URL: https://viewer.joomag.com/escape-insider-june-2022/0094796001655319326?short&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1df5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
94a5843cf3e664cd2087a484200389fc08a4fa465c0ba3cf5b29430371a905e7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://viewer.joomag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:58:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
HIT
age
668113
j-proxy
lb3-443-star-static
j-srv
wa7-app1
alt-svc
h3=":443"; ma=86400
content-length
368
last-modified
Fri, 29 Dec 2023 08:15:31 GMT
server
cloudflare
etag
"cf7-60da1a2b60ec0-gzip"
vary
User-Agent,Accept-Encoding,Origin
access-control-allow-methods
POST, GET, DELETE, OPTIONS, PUT
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=2592000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
841a50ba7eebdb19-MIA
access-control-allow-headers
X-Csrf-Token, X-Requested-With, X-NewRelic-ID, Content-Type, key, sub-auth, new-subscriber
expires
Mon, 29 Jan 2024 13:23:45 GMT
joomag.responsive.css
static.joomag.com/static/css/ Frame FCBB 		518 KB
55 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.joomag.com/static/css/joomag.responsive.css?_=6.1.0
Requested by
Host: viewer.joomag.com
URL: https://viewer.joomag.com/escape-insider-june-2022/0094796001655319326?short&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:169d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aef9b575ae4e9e286c94ee1b1573f56b90f33b3b0493d71d65b40194205581ad
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://viewer.joomag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:58:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
HIT
age
1001099
j-proxy
lb3-443-star-static
j-srv
wa6-app1
alt-svc
h3=":443"; ma=86400
content-length
56222
last-modified
Tue, 26 Dec 2023 16:07:25 GMT
server
cloudflare
etag
"819b5-60d6be0d54940-gzip"
vary
User-Agent,Accept-Encoding,Origin
access-control-allow-methods
POST, GET, DELETE, OPTIONS, PUT
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=2592000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
841a50ba68dd31ec-MIA
access-control-allow-headers
X-Csrf-Token, X-Requested-With, X-NewRelic-ID, Content-Type, key, sub-auth, new-subscriber
expires
Thu, 25 Jan 2024 16:53:59 GMT
limitedAccessPages.css
static.joomag.com/static/css/pages/ Frame FCBB 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.joomag.com/static/css/pages/limitedAccessPages.css?_=6.1.0
Requested by
Host: viewer.joomag.com
URL: https://viewer.joomag.com/escape-insider-june-2022/0094796001655319326?short&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:169d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe9e7d196049d7337c1422b0e38139b4c885e53d8f7a043429da3c52287f5ee0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://viewer.joomag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:58:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
HIT
age
1001100
j-proxy
lb3-443-star-static
j-srv
wa6-app1
alt-svc
h3=":443"; ma=86400
content-length
1313
last-modified
Tue, 26 Dec 2023 16:07:25 GMT
server
cloudflare
etag
"1cb8-60d6be0d54940-gzip"
vary
User-Agent,Accept-Encoding,Origin
access-control-allow-methods
POST, GET, DELETE, OPTIONS, PUT
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=2592000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
841a50ba68db31ec-MIA
access-control-allow-headers
X-Csrf-Token, X-Requested-With, X-NewRelic-ID, Content-Type, key, sub-auth, new-subscriber
expires
Thu, 25 Jan 2024 16:53:58 GMT
SaveDevice
gnj7.vacation.escapevacations.ca/Common/AjaxPublishedModeHelpers.asmx/ 		213 B
388 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gnj7.vacation.escapevacations.ca/Common/AjaxPublishedModeHelpers.asmx/SaveDevice
Requested by
Host: gnj7.vacation.escapevacations.ca
URL: https://gnj7.vacation.escapevacations.ca/dynamicScriptBundle/638389031923163263/VQQAAB-LCAAAAAAABACdU8ty2zAM_BrnFs3E7Q94Ejd1x5nJIfE1Q4mQDYkkGAL04-9LRZyEVuweehKwCxDcJTSbt394Nm-79wjhVHV8MztHDlBLAPCBSrIh6hE4Qy9BNT26bRGWxXxoqe6gkRJsKVh26D2cwT0S95Y0lKDq1PE3GA-B78lact_vGfEzvI1Y8gfxb5589CXoSE4D9yVuQC5UZBc-WJ-kqS3oXNYNZTWRsATlK4vuMrFXBrUSClO6puO0/K4-rDTX96yoza9qiewLmNHwoWiQ7zrBXhrBBxhoNyik7daX5H425Y-H925NigfCce17AeqNkjNePa1A6DVjqLSTAx9og74o3KwVGQVPail7pB5CvZShlW1DOgoslNeTps6M9hJUTcHKB5TgojjVf49p0w8zdRxayqXwUk9crRaNv5QlpdSo5edhMXvBDyU45baBWyekQnaCF2_3P6q6aX50zIgutVy5lmx8TZ3-BkhhAPweyJEhuADVwL-T_98zlsTGR/cQ_LY9KG4Br4fmqyNSgHMtRrTDKzJ2Nyvk7F39-kG6bnmOap8C92igKxVQQAAA2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.33.8.180 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-33-8-180.us-west-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
186c115ffd279cf1bd418bdd4f20cd6fa34f0be2eae4ee8b16da61e53fe08235

Request headers

Accept
*/*
Referer
https://gnj7.vacation.escapevacations.ca/
X-Requested-With
XMLHttpRequest
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

date
Sun, 07 Jan 2024 06:58:58 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=0
access-control-allow-headers
Content-Type
content-length
213
2af71598171847ca960e534d94e5b80a.jpg
wtp-prd.s3.us-west-2.amazonaws.com/sites/9041/files/
Redirect Chain
  • https://gnj7.vacation.escapevacations.ca/Common/showimage.ashx/601616
  • https://wtp-prd.s3.us-west-2.amazonaws.com/sites/9041/files/2af71598171847ca960e534d94e5b80a.jpg?X-Amz-Expires=86400&response-cache-control=max-age%3D86400&response-content-disposition=inline%3B%20...
61 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wtp-prd.s3.us-west-2.amazonaws.com/sites/9041/files/2af71598171847ca960e534d94e5b80a.jpg?X-Amz-Expires=86400&response-cache-control=max-age%3D86400&response-content-disposition=inline%3B%20filename%3D%22679_BodyImg1.jpg%22&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAZWPS3ZQLCKPNIRCY/20240107/us-west-2/s3/aws4_request&X-Amz-Date=20240107T005256Z&X-Amz-SignedHeaders=host&X-Amz-Signature=c4c2a9cec774705211d7e7306138a4c84371608751de48f8cad8e85008a66817
Requested by
Host: gnj7.vacation.escapevacations.ca
URL: https://gnj7.vacation.escapevacations.ca/
Protocol
HTTP/1.1
Server
3.5.84.105 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-2-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
48fa6bb474177f6e17e39118718a018c8a3e2b87dea7fa9c8742b477fd452656

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gnj7.vacation.escapevacations.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Sun, 07 Jan 2024 06:58:59 GMT
x-amz-version-id
HBaVsc6ZHOAfJUJNodnudRnKgFdghFiZ
x-amz-request-id
1N7C54356DAY16T2
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
Content-Disposition
inline; filename="679_BodyImg1.jpg"
x-amz-meta-fileid
601616
x-amz-meta-siteid
9041
Content-Length
62202
x-amz-id-2
SFIqIZvrwKKqHE61+uEWhIwD6CyhKmya4JMuCH/PyCgm2ftwaXoiO1OPsbBIlUb+EV+4WpdCzKJIoIFrron24A==
Last-Modified
Fri, 09 Jun 2023 13:10:39 GMT
Server
AmazonS3
ETag
"90d899c49b70196170dd663ef6b553ca"
Content-Type
image/jpeg
Cache-Control
max-age=86400
Accept-Ranges
bytes

Redirect headers

date
Sun, 07 Jan 2024 06:58:58 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
text/html; charset=utf-8
location
https://wtp-prd.s3.us-west-2.amazonaws.com/sites/9041/files/2af71598171847ca960e534d94e5b80a.jpg?X-Amz-Expires=86400&response-cache-control=max-age%3D86400&response-content-disposition=inline%3B%20filename%3D%22679_BodyImg1.jpg%22&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAZWPS3ZQLCKPNIRCY/20240107/us-west-2/s3/aws4_request&X-Amz-Date=20240107T005256Z&X-Amz-SignedHeaders=host&X-Amz-Signature=c4c2a9cec774705211d7e7306138a4c84371608751de48f8cad8e85008a66817
access-control-allow-origin
*
cache-control
private
access-control-allow-headers
Content-Type
content-length
615
9caa1104dba4445f8e2755218e201887.jpg
wtp-prd.s3.us-west-2.amazonaws.com/sites/9041/files/
Redirect Chain
  • https://gnj7.vacation.escapevacations.ca/Common/showimage.ashx/601655
  • https://wtp-prd.s3.us-west-2.amazonaws.com/sites/9041/files/9caa1104dba4445f8e2755218e201887.jpg?X-Amz-Expires=86400&response-cache-control=max-age%3D86400&response-content-disposition=inline%3B%20...
282 KB
282 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wtp-prd.s3.us-west-2.amazonaws.com/sites/9041/files/9caa1104dba4445f8e2755218e201887.jpg?X-Amz-Expires=86400&response-cache-control=max-age%3D86400&response-content-disposition=inline%3B%20filename%3D%22Beach-1.jpg%22&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAZWPS3ZQLCKPNIRCY/20240107/us-west-2/s3/aws4_request&X-Amz-Date=20240107T005256Z&X-Amz-SignedHeaders=host&X-Amz-Signature=552d8f45e43edf40d921963cc1ef62a5171762ce64f15e5a6142a3f65261e1c8
Requested by
Host: gnj7.vacation.escapevacations.ca
URL: https://gnj7.vacation.escapevacations.ca/
Protocol
HTTP/1.1
Server
3.5.84.105 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-2-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
f31949afc79e70de9d90ebdfd9e98f237542c91dedaf074095d180e7f3911381

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gnj7.vacation.escapevacations.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Sun, 07 Jan 2024 06:58:59 GMT
x-amz-version-id
yY16517xKYe.Ljq_CNpguUsyv4DcUqhl
x-amz-request-id
1N775K6953PMV62S
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
Content-Disposition
inline; filename="Beach-1.jpg"
x-amz-meta-fileid
601655
x-amz-meta-siteid
9041
Content-Length
288400
x-amz-id-2
EWMqEp2yXZ190YUjlOS6AuV7W4cn/MgsX4HLMDPCI8ONKGWXE95qMjvLFLJ1eQPWvKIria2JZGIY+ioJu+9uqw==
Last-Modified
Mon, 12 Jun 2023 17:32:25 GMT
Server
AmazonS3
ETag
"891bae88ab893726ef33a466f79e617e"
Content-Type
image/jpeg
Cache-Control
max-age=86400
Accept-Ranges
bytes

Redirect headers

date
Sun, 07 Jan 2024 06:58:58 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
text/html; charset=utf-8
location
https://wtp-prd.s3.us-west-2.amazonaws.com/sites/9041/files/9caa1104dba4445f8e2755218e201887.jpg?X-Amz-Expires=86400&response-cache-control=max-age%3D86400&response-content-disposition=inline%3B%20filename%3D%22Beach-1.jpg%22&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAZWPS3ZQLCKPNIRCY/20240107/us-west-2/s3/aws4_request&X-Amz-Date=20240107T005256Z&X-Amz-SignedHeaders=host&X-Amz-Signature=552d8f45e43edf40d921963cc1ef62a5171762ce64f15e5a6142a3f65261e1c8
access-control-allow-origin
*
cache-control
private
access-control-allow-headers
Content-Type
content-length
610
15267_SmallHeader.jpg
www.travelleaders.com/PromoImage/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.travelleaders.com/PromoImage/15267_SmallHeader.jpg
Requested by
Host: gnj7.vacation.escapevacations.ca
URL: https://gnj7.vacation.escapevacations.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
c2441b4e9133f13f2967cc50cdb5f304dffbc893074251f25980b459cc65d99a
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'
Public-Key-Pins pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gnj7.vacation.escapevacations.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:58:58 GMT
content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'
x-content-type-options
nosniff
cf-cache-status
HIT
x-powered-by
ASP.NET
content-length
29378
x-xss-protection
1; mode=block
public-key-pins
pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
referrer-policy
no-referrer-when-downgrade
cf-bgj
h2pri
last-modified
Tue, 10 Oct 2023 12:38:19 GMT
server
cloudflare
etag
"ebc624a676fbd91:0"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
841a50ba0dda31f2-MIA
expires
Sun, 07 Jan 2024 10:58:58 GMT
1064852795-6eac35d0ebf09f9cbdc8eff7a2bc06a4f6a35c7287ac5678256b959575322bcf-d
i.vimeocdn.com/video/ Frame FCE8 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.vimeocdn.com/video/1064852795-6eac35d0ebf09f9cbdc8eff7a2bc06a4f6a35c7287ac5678256b959575322bcf-d?mw=80&q=85
Requested by
Host: player.vimeo.com
URL: https://player.vimeo.com/video/514313489?title=0&byline=0&portrait=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.128.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
47515f6047d56fb8008b788f29f8393532f800736917d79829c6fa7e3b3e3b71

Request headers

accept-language
en-US,en;q=0.9
Referer
https://player.vimeo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:58:58 GMT
via
vvarnish, 1.1 varnish, 1.1 varnish
age
1985234
x-viewmaster-lossless-format
automatic
x-cache
miss, HIT, HIT
x-backend-server
varnish
content-length
2055
viewmaster-server
viewmaster-glb-prod
x-served-by
cache-dfw-kdfw8210058-DFW, cache-mia-kmia1760034-MIA
x-timer
S1704610738.366352,VS0,VE1
etag
"8a6a5d74becf018028357ba82b09a334"
access-control-max-age
86400
vary
Accept
content-type
image/avif
access-control-allow-origin
*
access-control-expose-headers
X-Viewmaster-Status
cache-control
public, max-age=2592000
accept-ranges
bytes
x-cache-hits
208, 1
vewer-bg-blur.png
static.joomag.com/assets/img/common/ Frame FCBB 		402 KB
403 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.joomag.com/assets/img/common/vewer-bg-blur.png
Requested by
Host: static.joomag.com
URL: https://static.joomag.com/static/css/pages/limitedAccessPages.css?_=6.1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:169d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d7f0beafdd68135415fb4511b87fb276bf3ab66d39c68c29e96b9b7ef93d8a7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://static.joomag.com/static/css/pages/limitedAccessPages.css?_=6.1.0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:58:58 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
age
731172
j-proxy
lb3-443-star-static
j-srv
wa6-app2
alt-svc
h3=":443"; ma=86400
content-length
411791
last-modified
Fri, 29 Dec 2023 08:15:32 GMT
server
cloudflare
etag
"6488f-60da1a2c55100"
vary
User-Agent,Origin, Accept-Encoding
access-control-allow-methods
POST, GET, DELETE, OPTIONS, PUT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2592000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
841a50bbea1a31ec-MIA
access-control-allow-headers
X-Csrf-Token, X-Requested-With, X-NewRelic-ID, Content-Type, key, sub-auth, new-subscriber
expires
Sun, 28 Jan 2024 19:52:46 GMT
cross.svg
static.joomag.com/assets/img/common/ Frame FCBB 		837 B
592 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.joomag.com/assets/img/common/cross.svg
Requested by
Host: static.joomag.com
URL: https://static.joomag.com/static/css/pages/limitedAccessPages.css?_=6.1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:169d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16f56634d8828b7755caf0475663af4060b9700ba20a75b9856acc7dd76413e2
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://static.joomag.com/static/css/pages/limitedAccessPages.css?_=6.1.0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:58:58 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
age
729214
j-proxy
lb3-443-star-static
j-srv
wa7-app1
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 29 Dec 2023 08:15:32 GMT
server
cloudflare
etag
W/"345-60da1a2c55100"
vary
User-Agent,Origin, Accept-Encoding
access-control-allow-methods
POST, GET, DELETE, OPTIONS, PUT
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=2592000
access-control-allow-credentials
true
cf-ray
841a50bbea1b31ec-MIA
access-control-allow-headers
X-Csrf-Token, X-Requested-With, X-NewRelic-ID, Content-Type, key, sub-auth, new-subscriber
expires
Sun, 28 Jan 2024 20:25:24 GMT
l
use.typekit.net/af/154cda/00000000000000007735e601/30/ Frame FCBB 		70 KB
70 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/154cda/00000000000000007735e601/30/l?subset_id=1&fvd=n1&v=3
Requested by
Host: viewer.joomag.com
URL: https://viewer.joomag.com/escape-insider-june-2022/0094796001655319326?short&
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:31::1739:5a4f Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
cf80903e889dbdbe048769a79ce32ba5469356da48addc5719eb79180dbc8e5a

Request headers

Referer
https://viewer.joomag.com/
Origin
https://viewer.joomag.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:58:58 GMT
server
nginx
etag
"aad287a8b250abd00f9980ba6ff978f853687e43"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
71948
l
use.typekit.net/af/efe4a5/00000000000000007735e609/30/ Frame FCBB 		74 KB
74 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/efe4a5/00000000000000007735e609/30/l?subset_id=1&fvd=n4&v=3
Requested by
Host: viewer.joomag.com
URL: https://viewer.joomag.com/escape-insider-june-2022/0094796001655319326?short&
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:31::1739:5a4f Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
324474ff12691ad8154450cb63a421b3a43877085c7163f541a02819aeca99f8

Request headers

Referer
https://viewer.joomag.com/
Origin
https://viewer.joomag.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:58:58 GMT
server
nginx
etag
"aa5f5558cd4d36df226e3d1528cd8af3ef2c6613"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
75868
l
use.typekit.net/af/e3ed45/00000000000000007735e602/30/ Frame FCBB 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/e3ed45/00000000000000007735e602/30/l?subset_id=1&fvd=n9&v=3
Requested by
Host: viewer.joomag.com
URL: https://viewer.joomag.com/escape-insider-june-2022/0094796001655319326?short&
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:31::1739:5a4f Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
7a472089ba8311e81ce2eb3aa9e93004e94fe7a71361f771837285893ffbbeae

Request headers

Referer
https://viewer.joomag.com/
Origin
https://viewer.joomag.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:58:58 GMT
server
nginx
etag
"cde8ae4cf6a0860350f7a7b7e586df062c2b27ae"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
77116
l
use.typekit.net/af/2555e1/00000000000000007735e603/30/ Frame FCBB 		77 KB
77 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/2555e1/00000000000000007735e603/30/l?subset_id=1&fvd=n7&v=3
Requested by
Host: viewer.joomag.com
URL: https://viewer.joomag.com/escape-insider-june-2022/0094796001655319326?short&
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:31::1739:5a4f Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
707540d0813c2e6c9abb51dcc5f7671a10780d572b30da20197961f80e7fb346

Request headers

Referer
https://viewer.joomag.com/
Origin
https://viewer.joomag.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:58:58 GMT
server
nginx
etag
"850e4c601d26567c1123e83a08ef9d5e4e349728"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
78476
l
use.typekit.net/af/78aca8/00000000000000007735e60d/30/ Frame FCBB 		74 KB
74 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/78aca8/00000000000000007735e60d/30/l?subset_id=1&fvd=n6&v=3
Requested by
Host: viewer.joomag.com
URL: https://viewer.joomag.com/escape-insider-june-2022/0094796001655319326?short&
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:31::1739:5a4f Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
5677923124b6c0744a5a286c84c8ed54532ea7b4a002d8124cdc69107c400a53

Request headers

Referer
https://viewer.joomag.com/
Origin
https://viewer.joomag.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:58:58 GMT
server
nginx
etag
"588fa2121e282cb7c1598cfd6eb25593445c8918"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
75728
l
use.typekit.net/af/1be3c2/00000000000000007735e606/30/ Frame FCBB 		74 KB
74 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/1be3c2/00000000000000007735e606/30/l?subset_id=1&fvd=n3&v=3
Requested by
Host: viewer.joomag.com
URL: https://viewer.joomag.com/escape-insider-june-2022/0094796001655319326?short&
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:31::1739:5a4f Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
c405de005c695ceb57b7ebb3ade6a85b45a0a04061602e79dcc04575bf63c9b8

Request headers

Referer
https://viewer.joomag.com/
Origin
https://viewer.joomag.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:58:58 GMT
server
nginx
etag
"cf68936935693ff1a8d6236be8ccd80b913807a1"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
75444
l
use.typekit.net/af/73cd70/000000000000000077359d40/30/ Frame FCBB 		34 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/73cd70/000000000000000077359d40/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by
Host: viewer.joomag.com
URL: https://viewer.joomag.com/escape-insider-june-2022/0094796001655319326?short&
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:31::1739:5a4f Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
bb0839f36598eca9b83f23e733ff23f61c78e807a619bcd96d7dd47a2fb698d5

Request headers

Referer
https://viewer.joomag.com/
Origin
https://viewer.joomag.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:58:58 GMT
server
nginx
etag
"e0aceb37c50319edf801ef4d0e018b8a6ba937dd"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
35044
l
use.typekit.net/af/e61d82/0000000000000000000124fe/27/ Frame FCBB 		39 KB
39 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/e61d82/0000000000000000000124fe/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i4&v=3
Requested by
Host: viewer.joomag.com
URL: https://viewer.joomag.com/escape-insider-june-2022/0094796001655319326?short&
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:31::1739:5a4f Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
d9e71e8d6205807a22b4b5a5586a2808a227543cad547d2e4a84eae77b7efbab

Request headers

Referer
https://viewer.joomag.com/
Origin
https://viewer.joomag.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:58:58 GMT
server
nginx
etag
"3451a1f3b439e3e9e091f68beee925ae9470b002"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
39780
l
use.typekit.net/af/63cd12/0000000000000000000124ff/27/ Frame FCBB 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/63cd12/0000000000000000000124ff/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by
Host: viewer.joomag.com
URL: https://viewer.joomag.com/escape-insider-june-2022/0094796001655319326?short&
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:31::1739:5a4f Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
90e0ec207b0761b99a1fe64cc8776f4d9b9083893eed340b96c655e50a36d975

Request headers

Referer
https://viewer.joomag.com/
Origin
https://viewer.joomag.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:58:58 GMT
server
nginx
etag
"3ca04309952e1b7be1b5a0aadf86add19a6e852c"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
33632
l
use.typekit.net/af/e614cb/0000000000000000000124fd/27/ Frame FCBB 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/e614cb/0000000000000000000124fd/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i7&v=3
Requested by
Host: viewer.joomag.com
URL: https://viewer.joomag.com/escape-insider-june-2022/0094796001655319326?short&
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:31::1739:5a4f Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
661c0f1b287044a3e9fc2f6b2225d45ccbc711f85b21c4d913086b6b012ce2af

Request headers

Referer
https://viewer.joomag.com/
Origin
https://viewer.joomag.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:58:58 GMT
server
nginx
etag
"384e16773296f22d09373a3274f7ea85ad33dcd4"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
32328
l
use.typekit.net/af/e3ed45/00000000000000007735e602/30/ Frame EFE3 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/e3ed45/00000000000000007735e602/30/l?subset_id=1&fvd=n9&v=3
Requested by
Host: viewer.joomag.com
URL: https://viewer.joomag.com/nexion-escape-celebration-travel-summer-2022/0480985001655829779?short&
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:31::1739:5a4f Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
7a472089ba8311e81ce2eb3aa9e93004e94fe7a71361f771837285893ffbbeae

Request headers

Referer
https://viewer.joomag.com/
Origin
https://viewer.joomag.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:58:58 GMT
server
nginx
etag
"cde8ae4cf6a0860350f7a7b7e586df062c2b27ae"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
77116
l
use.typekit.net/af/2555e1/00000000000000007735e603/30/ Frame EFE3 		77 KB
77 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/2555e1/00000000000000007735e603/30/l?subset_id=1&fvd=n7&v=3
Requested by
Host: viewer.joomag.com
URL: https://viewer.joomag.com/nexion-escape-celebration-travel-summer-2022/0480985001655829779?short&
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:31::1739:5a4f Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
707540d0813c2e6c9abb51dcc5f7671a10780d572b30da20197961f80e7fb346

Request headers

Referer
https://viewer.joomag.com/
Origin
https://viewer.joomag.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:58:58 GMT
server
nginx
etag
"850e4c601d26567c1123e83a08ef9d5e4e349728"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
78476
l
use.typekit.net/af/154cda/00000000000000007735e601/30/ Frame EFE3 		70 KB
70 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/154cda/00000000000000007735e601/30/l?subset_id=1&fvd=n1&v=3
Requested by
Host: viewer.joomag.com
URL: https://viewer.joomag.com/nexion-escape-celebration-travel-summer-2022/0480985001655829779?short&
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:31::1739:5a4f Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
cf80903e889dbdbe048769a79ce32ba5469356da48addc5719eb79180dbc8e5a

Request headers

Referer
https://viewer.joomag.com/
Origin
https://viewer.joomag.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:58:58 GMT
server
nginx
etag
"aad287a8b250abd00f9980ba6ff978f853687e43"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
71948
l
use.typekit.net/af/78aca8/00000000000000007735e60d/30/ Frame EFE3 		74 KB
74 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/78aca8/00000000000000007735e60d/30/l?subset_id=1&fvd=n6&v=3
Requested by
Host: viewer.joomag.com
URL: https://viewer.joomag.com/nexion-escape-celebration-travel-summer-2022/0480985001655829779?short&
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:31::1739:5a4f Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
5677923124b6c0744a5a286c84c8ed54532ea7b4a002d8124cdc69107c400a53

Request headers

Referer
https://viewer.joomag.com/
Origin
https://viewer.joomag.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:58:58 GMT
server
nginx
etag
"588fa2121e282cb7c1598cfd6eb25593445c8918"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
75728
l
use.typekit.net/af/efe4a5/00000000000000007735e609/30/ Frame EFE3 		74 KB
74 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/efe4a5/00000000000000007735e609/30/l?subset_id=1&fvd=n4&v=3
Requested by
Host: viewer.joomag.com
URL: https://viewer.joomag.com/nexion-escape-celebration-travel-summer-2022/0480985001655829779?short&
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:31::1739:5a4f Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
324474ff12691ad8154450cb63a421b3a43877085c7163f541a02819aeca99f8

Request headers

Referer
https://viewer.joomag.com/
Origin
https://viewer.joomag.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:58:58 GMT
server
nginx
etag
"aa5f5558cd4d36df226e3d1528cd8af3ef2c6613"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
75868
l
use.typekit.net/af/1be3c2/00000000000000007735e606/30/ Frame EFE3 		74 KB
74 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/1be3c2/00000000000000007735e606/30/l?subset_id=1&fvd=n3&v=3
Requested by
Host: viewer.joomag.com
URL: https://viewer.joomag.com/nexion-escape-celebration-travel-summer-2022/0480985001655829779?short&
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:31::1739:5a4f Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
c405de005c695ceb57b7ebb3ade6a85b45a0a04061602e79dcc04575bf63c9b8

Request headers

Referer
https://viewer.joomag.com/
Origin
https://viewer.joomag.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:58:58 GMT
server
nginx
etag
"cf68936935693ff1a8d6236be8ccd80b913807a1"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
75444
l
use.typekit.net/af/73cd70/000000000000000077359d40/30/ Frame EFE3 		34 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/73cd70/000000000000000077359d40/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by
Host: viewer.joomag.com
URL: https://viewer.joomag.com/nexion-escape-celebration-travel-summer-2022/0480985001655829779?short&
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:31::1739:5a4f Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
bb0839f36598eca9b83f23e733ff23f61c78e807a619bcd96d7dd47a2fb698d5

Request headers

Referer
https://viewer.joomag.com/
Origin
https://viewer.joomag.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:58:58 GMT
server
nginx
etag
"e0aceb37c50319edf801ef4d0e018b8a6ba937dd"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
35044
l
use.typekit.net/af/e61d82/0000000000000000000124fe/27/ Frame EFE3 		39 KB
39 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/e61d82/0000000000000000000124fe/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i4&v=3
Requested by
Host: viewer.joomag.com
URL: https://viewer.joomag.com/nexion-escape-celebration-travel-summer-2022/0480985001655829779?short&
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:31::1739:5a4f Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
d9e71e8d6205807a22b4b5a5586a2808a227543cad547d2e4a84eae77b7efbab

Request headers

Referer
https://viewer.joomag.com/
Origin
https://viewer.joomag.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:58:58 GMT
server
nginx
etag
"3451a1f3b439e3e9e091f68beee925ae9470b002"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
39780
l
use.typekit.net/af/63cd12/0000000000000000000124ff/27/ Frame EFE3 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/63cd12/0000000000000000000124ff/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by
Host: viewer.joomag.com
URL: https://viewer.joomag.com/nexion-escape-celebration-travel-summer-2022/0480985001655829779?short&
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:31::1739:5a4f Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
90e0ec207b0761b99a1fe64cc8776f4d9b9083893eed340b96c655e50a36d975

Request headers

Referer
https://viewer.joomag.com/
Origin
https://viewer.joomag.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:58:58 GMT
server
nginx
etag
"3ca04309952e1b7be1b5a0aadf86add19a6e852c"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
33632
l
use.typekit.net/af/e614cb/0000000000000000000124fd/27/ Frame EFE3 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/e614cb/0000000000000000000124fd/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i7&v=3
Requested by
Host: viewer.joomag.com
URL: https://viewer.joomag.com/nexion-escape-celebration-travel-summer-2022/0480985001655829779?short&
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:31::1739:5a4f Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
661c0f1b287044a3e9fc2f6b2225d45ccbc711f85b21c4d913086b6b012ce2af

Request headers

Referer
https://viewer.joomag.com/
Origin
https://viewer.joomag.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:58:58 GMT
server
nginx
etag
"384e16773296f22d09373a3274f7ea85ad33dcd4"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
32328
vewer-bg-blur.png
static.joomag.com/assets/img/common/ Frame EFE3 		402 KB
403 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.joomag.com/assets/img/common/vewer-bg-blur.png
Requested by
Host: static.joomag.com
URL: https://static.joomag.com/static/css/pages/limitedAccessPages.css?_=6.1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:169d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d7f0beafdd68135415fb4511b87fb276bf3ab66d39c68c29e96b9b7ef93d8a7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://static.joomag.com/static/css/pages/limitedAccessPages.css?_=6.1.0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:58:58 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
age
731172
j-proxy
lb3-443-star-static
j-srv
wa6-app2
alt-svc
h3=":443"; ma=86400
content-length
411791
last-modified
Fri, 29 Dec 2023 08:15:32 GMT
server
cloudflare
etag
"6488f-60da1a2c55100"
vary
User-Agent,Origin, Accept-Encoding
access-control-allow-methods
POST, GET, DELETE, OPTIONS, PUT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2592000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
841a50bc1a5b31ec-MIA
access-control-allow-headers
X-Csrf-Token, X-Requested-With, X-NewRelic-ID, Content-Type, key, sub-auth, new-subscriber
expires
Sun, 28 Jan 2024 19:52:46 GMT
cross.svg
static.joomag.com/assets/img/common/ Frame EFE3 		837 B
476 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.joomag.com/assets/img/common/cross.svg
Requested by
Host: static.joomag.com
URL: https://static.joomag.com/static/css/pages/limitedAccessPages.css?_=6.1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:169d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16f56634d8828b7755caf0475663af4060b9700ba20a75b9856acc7dd76413e2
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://static.joomag.com/static/css/pages/limitedAccessPages.css?_=6.1.0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:58:58 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
age
729214
j-proxy
lb3-443-star-static
j-srv
wa7-app1
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 29 Dec 2023 08:15:32 GMT
server
cloudflare
etag
W/"345-60da1a2c55100"
vary
User-Agent,Origin, Accept-Encoding
access-control-allow-methods
POST, GET, DELETE, OPTIONS, PUT
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=2592000
access-control-allow-credentials
true
cf-ray
841a50bc1a5c31ec-MIA
access-control-allow-headers
X-Csrf-Token, X-Requested-With, X-NewRelic-ID, Content-Type, key, sub-auth, new-subscriber
expires
Sun, 28 Jan 2024 20:25:24 GMT
vuid.min.js
f.vimeocdn.com/js_opt/modules/utils/ Frame FCE8 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://f.vimeocdn.com/js_opt/modules/utils/vuid.min.js
Requested by
Host: player.vimeo.com
URL: https://player.vimeo.com/video/514313489?title=0&byline=0&portrait=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.38.109 Reston, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c051b8b5eb2a0aef699780f15a449491868faa6f8b39b684b5ae8f64f345b94a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://player.vimeo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-served-by
cache-iad-kcgs7200130-IAD
date
Sun, 07 Jan 2024 06:58:58 GMT
content-encoding
gzip
via
1.1 varnish
age
1390351
x-timer
S1704610739.630388,VS0,VE0
vary
Accept-Encoding,x-http-method-override
x-cache
HIT
content-type
application/javascript
cache-control
public, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
content-length
985
x-cache-hits
21007
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame FCE8 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1
Requested by
Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.26.17/js/vendor.module.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://player.vimeo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:58:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 07 Jan 2024 06:58:58 GMT
1064852795-6eac35d0ebf09f9cbdc8eff7a2bc06a4f6a35c7287ac5678256b959575322bcf-d
i.vimeocdn.com/video/ Frame FCE8 		166 KB
166 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.vimeocdn.com/video/1064852795-6eac35d0ebf09f9cbdc8eff7a2bc06a4f6a35c7287ac5678256b959575322bcf-d?mw=900&mh=506
Requested by
Host: gnj7.vacation.escapevacations.ca
URL: https://gnj7.vacation.escapevacations.ca/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.128.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8c5e421678d80b82e84f324dae6e40b6994327860741c1d313f2269f2a03826f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://player.vimeo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:58:58 GMT
via
vvarnish, 1.1 varnish, 1.1 varnish
age
167903
x-viewmaster-lossless-format
automatic
x-cache
miss, HIT, MISS
x-backend-server
varnish
content-length
170078
viewmaster-server
viewmaster-glb-prod
x-served-by
cache-dfw-kdal2120113-DFW, cache-mia-kmia1760034-MIA
x-timer
S1704610739.654617,VS0,VE33
etag
"004edf52bf775af1f1dc4e0601bda7e0"
access-control-max-age
86400
vary
Accept
content-type
image/avif
access-control-allow-origin
*
access-control-expose-headers
X-Viewmaster-Status
cache-control
public, max-age=2592000
accept-ranges
bytes
x-cache-hits
5, 0
player-stats
fresnel.vimeocdn.com/add/ Frame FCE8 		0
143 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=2d6e06de4096a10cc402dc9222e23905f4db3e2d1704610737
Requested by
Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.26.17/js/vendor.module.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.202.204 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
204.202.120.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://player.vimeo.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://player.vimeo.com
date
Sun, 07 Jan 2024 06:58:58 GMT
via
1.1 google
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
vuid
vimeo.com/ablincoln/ Frame FCE8 		0
924 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://vimeo.com/ablincoln/vuid?pid=2d6e06de4096a10cc402dc9222e23905f4db3e2d1704610737
Requested by
Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/js_opt/modules/utils/vuid.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.159.138.60 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://player.vimeo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Sat, 06 Jan 2024 18:58:58 GMT
Date
Sun, 07 Jan 2024 06:58:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
CF-Cache-Status
DYNAMIC
Via
1.1 varnish, 1.1 varnish
content-security-policy-report-only
default-src https: data: blob: wss: 'unsafe-inline' 'unsafe-eval'; report-uri /_csp
X-Cache
MISS, MISS
Connection
keep-alive
x-xss-protection
1; mode=block
X-Served-By
cache-iad-kiad7000166-IAD, cache-mia-kmia1760030-MIA
x-ua-compatible
IE=edge
x-vimeo-device
d
Server
cloudflare
X-Timer
S1704610739.782413,VS0,VE55
x-backend-proxy
webproxy5
x-frame-options
sameorigin
Vary
User-Agent,x-http-method-override
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-bapp-server
pweb-695b854c48-89jqh
Accept-Ranges
bytes
CF-RAY
841a50bd4aa89ae0-MIA
X-Cache-Hits
0, 0
1064852795-6eac35d0ebf09f9cbdc8eff7a2bc06a4f6a35c7287ac5678256b959575322bcf-d
i.vimeocdn.com/video/ Frame FCE8 		166 KB
166 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.vimeocdn.com/video/1064852795-6eac35d0ebf09f9cbdc8eff7a2bc06a4f6a35c7287ac5678256b959575322bcf-d?mw=900&mh=506
Requested by
Host: gnj7.vacation.escapevacations.ca
URL: https://gnj7.vacation.escapevacations.ca/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.128.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8c5e421678d80b82e84f324dae6e40b6994327860741c1d313f2269f2a03826f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://player.vimeo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:58:58 GMT
via
vvarnish, 1.1 varnish, 1.1 varnish
age
167903
x-viewmaster-lossless-format
automatic
x-cache
miss, HIT, HIT
x-backend-server
varnish
content-length
170078
viewmaster-server
viewmaster-glb-prod
x-served-by
cache-dfw-kdal2120113-DFW, cache-mia-kmia1760034-MIA
x-timer
S1704610739.817745,VS0,VE0
etag
"004edf52bf775af1f1dc4e0601bda7e0"
access-control-max-age
86400
vary
Accept
content-type
image/avif
access-control-allow-origin
*
access-control-expose-headers
X-Viewmaster-Status
cache-control
public, max-age=2592000
accept-ranges
bytes
x-cache-hits
5, 1
1064852795-6eac35d0ebf09f9cbdc8eff7a2bc06a4f6a35c7287ac5678256b959575322bcf-d
i.vimeocdn.com/video/ Frame FCE8 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.vimeocdn.com/video/1064852795-6eac35d0ebf09f9cbdc8eff7a2bc06a4f6a35c7287ac5678256b959575322bcf-d?mw=80&q=85
Requested by
Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.26.17/js/vendor.module.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.128.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
47515f6047d56fb8008b788f29f8393532f800736917d79829c6fa7e3b3e3b71

Request headers

accept-language
en-US,en;q=0.9
Referer
https://player.vimeo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:58:58 GMT
via
vvarnish, 1.1 varnish, 1.1 varnish
age
1985234
x-viewmaster-lossless-format
automatic
x-cache
miss, HIT, HIT
x-backend-server
varnish
content-length
2055
viewmaster-server
viewmaster-glb-prod
x-served-by
cache-dfw-kdfw8210058-DFW, cache-mia-kmia1760034-MIA
x-timer
S1704610739.847106,VS0,VE0
etag
"8a6a5d74becf018028357ba82b09a334"
access-control-max-age
86400
vary
Accept
content-type
image/avif
access-control-allow-origin
*
access-control-expose-headers
X-Viewmaster-Status
cache-control
public, max-age=2592000
accept-ranges
bytes
x-cache-hits
208, 2
cast_framework.js
www.gstatic.com/cast/sdk/libs/sender/1.0/ Frame FCE8 		35 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cast/sdk/libs/sender/1.0/cast_framework.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a2bdd8cb01353d4ed2a9ab4c7d7c263225f6908aa875614d015a2f39956d9d73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://player.vimeo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:58:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12197
x-xss-protection
0
last-modified
Mon, 14 Nov 2022 23:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="chrome-dongle"
vary
Accept-Encoding
report-to
{"group":"chrome-dongle","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/chrome-dongle"}]}
content-type
text/javascript
cache-control
private, max-age=0
accept-ranges
bytes
expires
Sun, 07 Jan 2024 06:58:58 GMT
cast_sender.js
www.gstatic.com/eureka/clank/120/ Frame FCE8 		50 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/eureka/clank/120/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://player.vimeo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 08:43:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
80116
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14705
x-xss-protection
0
last-modified
Mon, 23 Oct 2023 15:04:43 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview-release"
vary
Accept-Encoding
report-to
{"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Sun, 07 Jan 2024 08:43:42 GMT
p.gif
p.typekit.net/ Frame EFE3 		35 B
206 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.typekit.net/p.gif?s=1&k=olb8zpk&ht=tk&h=viewer.joomag.com&f=137.139.171.173.175.5474.9674.9675.9676.9677&a=1029652&js=1.21.0&app=typekit&e=js&_=1704610739100
Requested by
Host: gnj7.vacation.escapevacations.ca
URL: https://gnj7.vacation.escapevacations.ca/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:31::1739:5a4c Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39

Request headers

accept-language
en-US,en;q=0.9
Referer
https://viewer.joomag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:58:59 GMT
last-modified
Sun, 29 Oct 2023 12:47:54 GMT
server
nginx
etag
"653e547a-23"
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
35
map.js
maps.google.com/maps-api-v3/api/js/55/4/ 		71 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.google.com/maps-api-v3/api/js/55/4/map.js
Requested by
Host: maps.google.com
URL: https://maps.google.com/maps/api/js?key=AIzaSyAxuVERn-bIKl8t1fV19IpqYCrAgzZCAv0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0cf6d91acfbd231daa3ccf96e67596a75ea04458209786b2814f13a7f14fbf6c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gnj7.vacation.escapevacations.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 16:12:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
398817
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23771
x-xss-protection
0
last-modified
Mon, 04 Dec 2023 22:55:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 01 Jan 2025 16:12:02 GMT
marker.js
maps.google.com/maps-api-v3/api/js/55/4/ 		69 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.google.com/maps-api-v3/api/js/55/4/marker.js
Requested by
Host: maps.google.com
URL: https://maps.google.com/maps/api/js?key=AIzaSyAxuVERn-bIKl8t1fV19IpqYCrAgzZCAv0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f0ba34bf0fbc8ccaa9a597672fb01eca50badae22dbe66abb07e29b18beeea13
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gnj7.vacation.escapevacations.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 13:54:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
407065
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21956
x-xss-protection
0
last-modified
Mon, 04 Dec 2023 22:55:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 01 Jan 2025 13:54:34 GMT
p.gif
p.typekit.net/ Frame FCBB 		35 B
206 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.typekit.net/p.gif?s=1&k=olb8zpk&ht=tk&h=viewer.joomag.com&f=137.139.171.173.175.5474.9674.9675.9676.9677&a=1029652&js=1.21.0&app=typekit&e=js&_=1704610739170
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:31::1739:5a4c Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39

Request headers

accept-language
en-US,en;q=0.9
Referer
https://viewer.joomag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:58:59 GMT
last-modified
Sun, 29 Oct 2023 12:47:54 GMT
server
nginx
etag
"653e547a-23"
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
35

Verdicts & Comments Add Verdict or Comment

200 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| documentPictureInPicture string| tb_pathToImage string| tb_pathToImageBlock object| image string| _waitMessage string| m_virtualDirectory string| m_environment function| createCookie function| readCookie function| eraseCookie function| doTracking function| doClick function| _uriEncode function| _uriDecode object| deconcept function| getQueryParamValue function| FlashObject function| SWFObject function| setHookOnSubmit function| autoCalcHeight function| _bindKioskMode function| _isSizeClass function| _parseRawParams function| _parseSize function| ajaxHelperCall function| WTP_Popup object| wtpPopup function| wtp_popup function| wtp_popupCenter function| wtp_closePopup function| wtpMessage function| wtpMessageModal function| wtpMessageWarning function| wtpMessageSuccess function| wtpMessageError function| wtpMessageAlert object| ajaxLoginMessagesUserVisibilityHelpers undefined| loginMessages undefined| currentPosition undefined| currentMessage string| txtMessageContent function| saveLoginMessagesUserVisibility function| showLoginMessages function| showMessage function| getDecodedMessaggeContent function| showRow function| onClosePopup function| clearFields function| onSaveMessageSuccessfully function| onSaveMessageError function| openBootboxIframe function| openBootbox object| ipadDetection object| ajaxTLGHelpers function| isValidEmailAddress object| ajaxEditorHelpers function| $ function| jQuery number| isNode object| cache number| id function| DP_jQuery_1704610737226 object| jQuery1124018149130953198855 function| noty object| bootbox object| Handlebars object| cookieconsent object| theForm function| __doPostBack object| pageData object| google object| module$exports$mapsapi$geometry$spherical object| reactiveElementVersions object| module$contents$mapsapi$overlay$overlayView_OverlayView function| setMap function| codeAddress object| geocoder function| Sys$Enum$parse function| Sys$Enum$toString function| Sys$Component$_setProperties function| Sys$Component$_setReferences function| $create function| $removeHandler function| $get function| $find function| $addHandler function| $addHandlers function| $clearHandlers function| Type object| Sys object| _events function| WebForm_PostBackOptions function| WebForm_DoPostBackWithOptions function| WebForm_DoCallback function| WebForm_CallbackComplete function| WebForm_ExecuteCallback function| WebForm_FillFirstAvailableSlot function| WebForm_InitCallback function| WebForm_InitCallbackAddField function| WebForm_EncodeCallback function| WebForm_ReEnableControls function| WebForm_ReDisableControls function| WebForm_SimulateClick function| WebForm_FireDefaultButton function| WebForm_GetScrollX function| WebForm_GetScrollY function| WebForm_SaveScrollPositionSubmit function| WebForm_SaveScrollPositionOnSubmit function| WebForm_RestoreScrollPosition function| WebForm_TextBoxKeyHandler function| WebForm_TrimString function| WebForm_AppendToClassName function| WebForm_RemoveClassName function| WebForm_GetElementById function| WebForm_GetElementByTagName function| WebForm_GetElementsByTagName function| WebForm_GetElementDir function| WebForm_GetElementPosition function| WebForm_GetParentByTagName function| WebForm_SetElementHeight function| WebForm_SetElementWidth function| WebForm_SetElementX function| WebForm_SetElementY function| ValidatorUpdateDisplay function| ValidatorUpdateIsValid function| AllValidatorsValid function| ValidatorHookupControlID function| ValidatorHookupControl function| ValidatorHookupEvent function| ValidatorGetValue function| ValidatorGetValueRecursive function| Page_ClientValidate function| ValidatorCommonOnSubmit function| ValidatorEnable function| ValidatorOnChange function| ValidatedTextBoxOnKeyPress function| ValidatedControlOnBlur function| ValidatorValidate function| ValidatorSetFocus function| IsInVisibleContainer function| IsValidationGroupMatch function| ValidatorOnLoad function| ValidatorConvert function| ValidatorCompare function| CompareValidatorEvaluateIsValid function| CustomValidatorEvaluateIsValid function| RegularExpressionValidatorEvaluateIsValid function| ValidatorTrim function| RequiredFieldValidatorEvaluateIsValid function| RangeValidatorEvaluateIsValid function| ValidationSummaryOnSubmit function| WebForm_FindFirstFocusableChild function| WebForm_AutoFocus function| WebForm_CanFocus function| WebForm_IsFocusableTag function| WebForm_IsInVisibleContainer function| GridView function| GridView_createPropertyString function| GridView_setStateValue function| GridView_OnCallback function| GridView_getHiddenFieldContents function| createPropertyStringFromValues_GridView function| DetailsView function| DetailsView_createPropertyString function| DetailsView_setStateValue function| DetailsView_OnCallback function| DetailsView_getHiddenFieldContents function| createPropertyStringFromValues_DetailsView function| TreeView_HoverNode function| TreeView_GetNodeText function| TreeView_PopulateNode function| TreeView_ProcessNodeData function| TreeView_SelectNode function| TreeView_ToggleNode function| TreeView_UnhoverNode object| __pendingCallbacks number| __synchronousCallBackIndex boolean| __nonMSDOMBrowser string| __theFormPostData object| __theFormPostCollection object| __callbackTextTypes object| __disabledControlArray string| Page_ValidationVer boolean| Page_IsValid boolean| Page_BlockSubmit object| Page_InvalidControlToBeFocused object| Page_TextTypes object| _toolbarSetup object| iMeanScreenWidth number| oldMeanScreenWidth function| getScreenWidth object| Page_Validators object| Page_ValidationSummaries boolean| Page_ValidationActive object| $ULs function| onorientationchange

8 Cookies

Domain/Path Name / Value
gnj7.vacation.escapevacations.ca/ Name: ASP.NET_SessionId
Value: lpif04u3raerguyrcox4guda
.vimeo.com/ Name: __cf_bm
Value: pyoOvhR.LxQtoYrf7triIwp_EUf_fCUp0aULvsOejFw-1704610737-1-AdUu5ELa6xvYB32UXrPNSzkcuCCiQhD8slV6J2hVJRwlamF0f9yh/mAIcA7c4ZqUHd7aSwKeb6ImhKpuFMKwr/Q=
.joomag.com/ Name: PHP_JOOMAG_SESSION
Value: 584f77b6d0fe40476b95b8d7f07e010f
.joomag.com/ Name: __csrf_token
Value: jabBuwSpF2I8sszN_IuVYkcw7Kfqwy99HztxMqhlPR2fFtBLINLoXjnCYZw8K0IuQ3O0-EmaYBfYoksfQseI6w
gnj7.vacation.escapevacations.ca/ Name: WTP_Tracking_11038
Value: a5e271c5-fc1e-47b1-b9cc-89cc46e1db71
gnj7.vacation.escapevacations.ca/ Name: screen_width
Value: 1600
gnj7.vacation.escapevacations.ca/ Name: device_type
Value: Unknown
.vimeo.com/ Name: vuid
Value: pl957365048.1968648046

3 Console Messages

Source Level URL
Text
other warning URL: https://gnj7.vacation.escapevacations.ca/(Line 202)
Message:
Allow attribute will take precedence over 'allowfullscreen'.
network error URL: https://viewer.joomag.com/nexion-escape-celebration-travel-summer-2022/0480985001655829779?short&
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://viewer.joomag.com/escape-insider-june-2022/0094796001655319326?short&
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.joomag.com
f.vimeocdn.com
fonts.googleapis.com
fonts.gstatic.com
fresnel.vimeocdn.com
gnj7.vacation.escapevacations.ca
i.imgur.com
i.vimeocdn.com
maps.google.com
maps.googleapis.com
p.typekit.net
player.vimeo.com
skins.webtreepro.com
static.joomag.com
use.typekit.net
viewer.joomag.com
vimeo.com
wtp-prd.s3.us-west-2.amazonaws.com
www.gstatic.com
www.travelleaders.com
146.75.28.193
146.75.38.109
151.101.128.217
162.159.138.60
2600:141b:1c00:31::1739:5a4c
2600:141b:1c00:31::1739:5a4f
2600:9000:210b:5200:16:4349:fe00:93a1
2606:4700:10::6816:169d
2606:4700:10::6816:179d
2606:4700:10::ac43:1df5
2606:4700::6812:a92
2607:f8b0:4006:80c::2003
2607:f8b0:4006:80e::2003
2607:f8b0:4006:80f::200a
2607:f8b0:4006:81e::200e
2607:f8b0:4006:824::200a
3.5.84.105
34.120.202.204
52.33.8.180
0130a8dceb8fc8165defe555fb6311120ce66f1ee2a51abe20990eb2bffc6f66
0702a0cb8bcb18643cddddab91747225c50bb00e71f0529f61a2bd558a003cdb
0a3528434668cdb3755e0541132001403e90d9940bd705ff738dce31352a80cd
0b5ccf8ec360d4ce45730aac1718af91e431ee6379282eebc3f44476363a52c7
0ca722bc1c654b88f46c7ffce0d76198c73b049d901481bcbf2a2326f07d0116
0cf6d91acfbd231daa3ccf96e67596a75ea04458209786b2814f13a7f14fbf6c
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
16f56634d8828b7755caf0475663af4060b9700ba20a75b9856acc7dd76413e2
186c115ffd279cf1bd418bdd4f20cd6fa34f0be2eae4ee8b16da61e53fe08235
1d7f0beafdd68135415fb4511b87fb276bf3ab66d39c68c29e96b9b7ef93d8a7
20383d22a70c230ed85c59040fa6586bc8beb7dc4353ea59a6670cb609100d12
228e7abc6f0b491c177be9ee528856caf19ea3135c014713cc67ad64f2ae50b6
2f828220b9dd6c92f5c9c096bfa3bb3fbc579380e2b0ec1e4733d850e116a7f1
324474ff12691ad8154450cb63a421b3a43877085c7163f541a02819aeca99f8
3739719600347386fcdf81e11e2147919520f44c777c27a7351c8828989c656d
3858f7e36fb153e9a47b956f718e4d4399ff998a4f06b9cc0f795ba4dc145253
38e16f15e0f3294a97b254a8332d9f7823dece3e40744a293b4334b9dd7845d2
42c7d62f9509ae2d8ee629e300fbd038b446cd5be6b4d4e083d493bf0a386def
435f4b05bf8d68b5657f29f1baed1dfa74d067b9d42b647582e8ab0093caed20
4392b66d78b176d805a564911c8edd0689998491d6ab8377ffb39cddd042b083
47515f6047d56fb8008b788f29f8393532f800736917d79829c6fa7e3b3e3b71
4823bf9e997f3e4691ce2d7eac0b7c667a5f35a0872c7b7c53402715843394c6
48fa6bb474177f6e17e39118718a018c8a3e2b87dea7fa9c8742b477fd452656
5677923124b6c0744a5a286c84c8ed54532ea7b4a002d8124cdc69107c400a53
581792b9972724d3c2bc8fcf0611c2800493d5e7d03a57b2c6e008ffc5b99853
5a34aeac339c3aaa7c3e5fdd4e478b664f39709501c51bdbe9cf8471dbca4377
5a3d8c05785485d36ee5c94d4681e5b1d9e4b94c5be8b5bd7b0f3168fff1bd9a
64089e43ed5d1e590cee27f1f8fb4618726958f83200ddf794a1b581a5560938
6485b197bb9c2cc8337933b73c5e385c1cb98899d9438a16e934ff41dc211808
661c0f1b287044a3e9fc2f6b2225d45ccbc711f85b21c4d913086b6b012ce2af
6b9f1135ba160e5dc694ad7977f6bf73d40d3c15742b14ca8910ea23bb3e6e79
707540d0813c2e6c9abb51dcc5f7671a10780d572b30da20197961f80e7fb346
77a7aaa2cd5f51c7e441b57b873098537bbfaaf237593e651e86cd24b0fc9a47
7a472089ba8311e81ce2eb3aa9e93004e94fe7a71361f771837285893ffbbeae
8250d7e9fc2cfadd8e9a3022bb66c06a16a2cede04b5ac9f4c83872f7f903cde
82e9baebd3db1888f07c7d01a4ce4eee70047ae29e888034241ce4f549b40a3e
8a4e97f4710d7e4a62f57364b5b307e52cbe7806d00f91272c157764cc7aa1f4
8c5e421678d80b82e84f324dae6e40b6994327860741c1d313f2269f2a03826f
90e0ec207b0761b99a1fe64cc8776f4d9b9083893eed340b96c655e50a36d975
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
947ad21d2c112e6019868a89f666d37aaee3a8e937a8c5ee12a0ce8d0d9c7210
94a5843cf3e664cd2087a484200389fc08a4fa465c0ba3cf5b29430371a905e7
969dace001ef24f99f38bd00c5578b85ba9368e77a5667cfcaeaa29d2f57657b
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39
9d698116307e36bcfc8bf63bb76c0ce742f65c605b7482453218d48735485663
a2bdd8cb01353d4ed2a9ab4c7d7c263225f6908aa875614d015a2f39956d9d73
a78e9e80a951a4a1c522745ee893c891a91d429dc6b66c5901b79d5ee4715e5c
ac7e983629cc7e54599642979b3e68791326a7ae5e3f49e659def46ffd7870f9
aef9b575ae4e9e286c94ee1b1573f56b90f33b3b0493d71d65b40194205581ad
b039b75b9914b8509346efee034fd449e1895150a194515102d9197c8b9a554c
bac08e70b9366caf0cf6c914e96edd1ef4cddd19139b1109fd783d0b8be02d47
bb0839f36598eca9b83f23e733ff23f61c78e807a619bcd96d7dd47a2fb698d5
c051b8b5eb2a0aef699780f15a449491868faa6f8b39b684b5ae8f64f345b94a
c2441b4e9133f13f2967cc50cdb5f304dffbc893074251f25980b459cc65d99a
c405de005c695ceb57b7ebb3ade6a85b45a0a04061602e79dcc04575bf63c9b8
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cf80903e889dbdbe048769a79ce32ba5469356da48addc5719eb79180dbc8e5a
d7a468e8708b57e7126ac24ef73461f45f43472fcf0ed74399c7a14c13008ca0
d993ab5ed1b41a92621904592c324b84a21133e984fdfa572cc2827065f8b9fd
d9e71e8d6205807a22b4b5a5586a2808a227543cad547d2e4a84eae77b7efbab
dd0feb700c1d1a887767b4c3c8be06f8535496fcd61045da56a9ad736d646728
df178a76e5527927a54a4ee4b0d9f28c40a1925cc7e5aa5db16a8ba9fdf0b3ce
e18dbe6234784e87fe660be0e4a934ee1bef7d0f1bee777bef7baaba8cb3f5a0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e69abd7e0cc82f336e61fea889e406ecbbeb7ece1df960231b7a9ba0d1dd1676
e759dc710ec6d9f9438d5a77f834b247254512fb90cf520764ab591db32cf5cb
ed0f05101d480726c58bcd4956a1e7b02f12b538d02058f1b0ebfdabe8a7ef42
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
f0ba34bf0fbc8ccaa9a597672fb01eca50badae22dbe66abb07e29b18beeea13
f31949afc79e70de9d90ebdfd9e98f237542c91dedaf074095d180e7f3911381
f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660
f6d733c867c8218f2ca1f6d5767c530ee1f6ee8ab343541c5da58866baec47c7
fe9e7d196049d7337c1422b0e38139b4c885e53d8f7a043429da3c52287f5ee0