www.thetravel.com Open in urlscan Pro
18.232.227.27 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://thetravel.com/
Effective URL:
https://www.thetravel.com/
Submission Tags: falconsandbox
Submission: On November 04 via api (November 4th 2022, 3:34:48 am UTC) from US — Scanned from DE

Summary HTTP 91 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 36 IPs in 5 countries across 30 domains to perform 91 HTTP transactions. The main IP is 18.232.227.27, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is www.thetravel.com. The Cisco Umbrella rank of the primary domain is 110475.
TLS certificate: Issued by R3 on October 27th 2022. Valid for: 3 months.

This is the only time www.thetravel.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 16	18.232.227.27 18.232.227.27	14618 (AMAZON-AES) (AMAZON-AES)
15	2606:4700:10:... 2606:4700:10::6816:509	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
3	108.157.4.122 108.157.4.122	16509 (AMAZON-02) (AMAZON-02)
2	13.32.27.122 13.32.27.122	16509 (AMAZON-02) (AMAZON-02)
1	13.225.78.47 13.225.78.47	16509 (AMAZON-02) (AMAZON-02)
1	54.144.151.126 54.144.151.126	14618 (AMAZON-AES) (AMAZON-AES)
3	2a00:1450:400... 2a00:1450:4001:803::200e	15169 (GOOGLE) (GOOGLE)
1 2	2606:4700::68... 2606:4700::6810:7eaf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2600:1901:0:4... 2600:1901:0:4277::1	15169 (GOOGLE) (GOOGLE)
2	2600:9000:214... 2600:9000:214f:4e00:13:6a46:aa00:93a1	16509 (AMAZON-02) (AMAZON-02)
2	35.84.93.102 35.84.93.102	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
3	13.224.195.78 13.224.195.78	16509 (AMAZON-02) (AMAZON-02)
1	35.161.99.119 35.161.99.119	16509 (AMAZON-02) (AMAZON-02)
5	167.235.35.91 167.235.35.91	24940 (HETZNER-AS) (HETZNER-AS)
3	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2600:9000:214... 2600:9000:214f:a600:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	143.204.215.96 143.204.215.96	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
2	3.132.47.196 3.132.47.196	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
1 2	104.18.18.126 104.18.18.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.81.65.39 104.81.65.39	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700:20:... 2606:4700:20::ac43:49e4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:10:... 2606:4700:10::6816:3456	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	52.24.177.43 52.24.177.43	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
1	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2600:1901:0:7... 2600:1901:0:7ec2::1	15169 (GOOGLE) (GOOGLE)
3 3	185.89.210.244 185.89.210.244	29990 (ASN-APPNEX) (ASN-APPNEX)
2 2	54.155.65.255 54.155.65.255	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3037::ac43:c1e6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
91	36

16 18.232.227.27 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-232-227-27.compute-1.amazonaws.com

thetravel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.thetravel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2606:4700:10::6816:509 (United States)

ASN13335 (CLOUDFLARENET, US)

static1.thetravelimages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.157.4.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-122.dus51.r.cloudfront.net

tagan.adlightning.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.27.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-122.fra56.r.cloudfront.net

launchpad.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.78.47 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-47.fra2.r.cloudfront.net

launchpad-wrapper.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.144.151.126 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-144-151-126.compute-1.amazonaws.com

adsninja.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ampcid.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:7eaf (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2600:1901:0:4277::1 (Kansas City, United States)

ASN15169 (GOOGLE, US)

aloofvest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:214f:4e00:13:6a46:aa00:93a1 (United States)

ASN16509 (AMAZON-02, US)

socialcanvas-cdn.kargo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.84.93.102 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-84-93-102.us-west-2.compute.amazonaws.com

a.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.224.195.78 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-195-78.fra2.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.161.99.119 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-161-99-119.us-west-2.compute.amazonaws.com

seg.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 167.235.35.91 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: haproxy06.cl01.k8s.mrf.io

mbid.marfeelrev.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:214f:a600:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.215.96 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-96.fra53.r.cloudfront.net

geo.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.132.47.196 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-132-47-196.us-east-2.compute.amazonaws.com

socialcanvas-api.kargo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.18.126 (Shahr, Iran, Islamic Republic Of) 1 redirects

ASN13335 (CLOUDFLARENET, US)

ssum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.81.65.39 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-81-65-39.deploy.static.akamaitechnologies.com

secure.cdn.fastclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:49e4 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.hadronid.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3456 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.24.177.43 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-24-177-43.us-west-2.compute.amazonaws.com

id.hadron.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:7ec2::1 (Kansas City, United States)

ASN15169 (GOOGLE, US)

friendwool.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.89.210.244 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.155.65.255 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-155-65-255.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3037::ac43:c1e6 (United States)

ASN13335 (CLOUDFLARENET, US)

images.getadmiral.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	thetravel.com 1 redirects thetravel.com — Cisco Umbrella Rank: 110133 www.thetravel.com — Cisco Umbrella Rank: 110475	295 KB
15	thetravelimages.com static1.thetravelimages.com — Cisco Umbrella Rank: 193198	362 KB
7	aloofvest.com aloofvest.com — Cisco Umbrella Rank: 30024	128 KB
5	marfeelrev.com mbid.marfeelrev.com — Cisco Umbrella Rank: 24244	6 KB
5	ad.gt a.ad.gt — Cisco Umbrella Rank: 4512 seg.ad.gt — Cisco Umbrella Rank: 10898 id.hadron.ad.gt — Cisco Umbrella Rank: 5292	8 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 97 region1.google-analytics.com — Cisco Umbrella Rank: 2041	20 KB
5	privacymanager.io launchpad.privacymanager.io — Cisco Umbrella Rank: 11747 launchpad-wrapper.privacymanager.io — Cisco Umbrella Rank: 13528 geo.privacymanager.io — Cisco Umbrella Rank: 2372	19 KB
4	kargo.com socialcanvas-cdn.kargo.com — Cisco Umbrella Rank: 9673 socialcanvas-api.kargo.com — Cisco Umbrella Rank: 9593	134 KB
3	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 313	3 KB
3	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 264 stats.g.doubleclick.net — Cisco Umbrella Rank: 166	130 KB
3	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 385	49 KB
3	adlightning.com tagan.adlightning.com — Cisco Umbrella Rank: 2787	90 KB
2	gstatic.com fonts.gstatic.com	75 KB
2	360yield.com 2 redirects ad.360yield.com — Cisco Umbrella Rank: 825	726 B
2	casalemedia.com 1 redirects ssum.casalemedia.com — Cisco Umbrella Rank: 2021	2 KB
2	google.de ampcid.google.de — Cisco Umbrella Rank: 44162 www.google.de — Cisco Umbrella Rank: 3590	964 B
2	google.com ampcid.google.com — Cisco Umbrella Rank: 2413 www.google.com — Cisco Umbrella Rank: 17	1 KB
2	unpkg.com 1 redirects unpkg.com — Cisco Umbrella Rank: 1127	4 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 121	126 KB
1	getadmiral.com images.getadmiral.com — Cisco Umbrella Rank: 51379	1 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 118	1 KB
1	friendwool.com friendwool.com — Cisco Umbrella Rank: 155939	80 KB
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 483	239 B
1	openx.net rtb.openx.net — Cisco Umbrella Rank: 2255	350 B
1	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 1469	16 KB
1	hadronid.net cdn.hadronid.net — Cisco Umbrella Rank: 4753	11 KB
1	fastclick.net secure.cdn.fastclick.net — Cisco Umbrella Rank: 2002	17 KB
1	adsafeprotected.com static.adsafeprotected.com — Cisco Umbrella Rank: 747	466 B
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 223	27 KB
1	adsninja.ca adsninja.ca — Cisco Umbrella Rank: 33218	14 KB
91	30

	Domain	Requested by
15	static1.thetravelimages.com	www.thetravel.com
15	www.thetravel.com	www.thetravel.com
7	aloofvest.com	www.thetravel.com aloofvest.com
5	mbid.marfeelrev.com	www.thetravel.com mbid.marfeelrev.com
3	ib.adnxs.com	3 redirects
3	region1.google-analytics.com	www.googletagmanager.com
3	c.amazon-adsystem.com	www.thetravel.com c.amazon-adsystem.com
3	tagan.adlightning.com	www.thetravel.com tagan.adlightning.com
2	fonts.gstatic.com	fonts.googleapis.com
2	ad.360yield.com	2 redirects
2	id.hadron.ad.gt	cdn.hadronid.net
2	ssum.casalemedia.com	1 redirects www.thetravel.com
2	socialcanvas-api.kargo.com	socialcanvas-cdn.kargo.com
2	securepubads.g.doubleclick.net	tagan.adlightning.com www.googletagservices.com
2	geo.privacymanager.io	launchpad.privacymanager.io
2	a.ad.gt	www.thetravel.com tagan.adlightning.com
2	socialcanvas-cdn.kargo.com	www.thetravel.com socialcanvas-cdn.kargo.com
2	unpkg.com	1 redirects www.thetravel.com
2	www.google-analytics.com	www.thetravel.com www.google-analytics.com
2	launchpad.privacymanager.io	www.thetravel.com launchpad-wrapper.privacymanager.io
2	www.googletagmanager.com	www.thetravel.com
1	images.getadmiral.com
1	fonts.googleapis.com	tagan.adlightning.com
1	friendwool.com	aloofvest.com
1	pixel.rubiconproject.com
1	www.google.de
1	www.google.com
1	rtb.openx.net
1	stats.g.doubleclick.net	www.google-analytics.com
1	cdn.id5-sync.com	tagan.adlightning.com
1	cdn.hadronid.net	www.thetravel.com
1	secure.cdn.fastclick.net	tagan.adlightning.com
1	ampcid.google.de	www.google-analytics.com
1	static.adsafeprotected.com	tagan.adlightning.com
1	ampcid.google.com	www.google-analytics.com
1	seg.ad.gt	www.thetravel.com
1	www.googletagservices.com	www.thetravel.com
1	adsninja.ca	www.thetravel.com
1	launchpad-wrapper.privacymanager.io	www.thetravel.com
1	thetravel.com	1 redirects
91	40

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.instagram.com
twitter.com
www.pinterest.ca
news.google.com
flipboard.com
simpleflying.com
getadmiral.com

Subject Issuer	Validity	Valid
thetravel.com R3	`2022-10-27` - `2023-01-25`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-04` - `2023-06-03`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.adlightning.com Amazon	`2022-06-09` - `2023-07-07`	a year	crt.sh
*.privacymanager.io Amazon	`2022-08-26` - `2023-09-24`	a year	crt.sh
adsninja.ca R3	`2022-09-14` - `2022-12-13`	3 months	crt.sh
aloofvest.com R3	`2022-09-01` - `2022-11-30`	3 months	crt.sh
*.kargo.com Amazon	`2022-05-30` - `2023-06-28`	a year	crt.sh
*.ad.gt Amazon	`2022-05-10` - `2023-06-08`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
c.amazon-adsystem.com Amazon	`2022-05-09` - `2023-04-18`	a year	crt.sh
ssl02.cert.cl01.k8s.mrf.io R3	`2022-10-04` - `2023-01-02`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
static.adsafeprotected.com Amazon	`2022-08-06` - `2023-09-04`	a year	crt.sh
*.google.de GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
secure.cdn.fastclick.net DigiCert SHA2 Secure Server CA	`2022-01-15` - `2023-01-17`	a year	crt.sh
*.hadronid.net GTS CA 1P5	`2022-10-16` - `2023-01-14`	3 months	crt.sh
id.hadron.ad.gt Amazon RSA 2048 M02	`2022-10-31` - `2023-11-29`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
friendwool.com R3	`2022-08-24` - `2022-11-22`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
getadmiral.com Cloudflare Inc ECC CA-3	`2022-04-12` - `2023-04-12`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://www.thetravel.com/
Frame ID: 89D1A20DF8FC75D81CFB1BAD9D0D3192
Requests: 80 HTTP requests in this frame

Frame: https://mbid.marfeelrev.com/static/cookie-sync.html
Frame ID: CF69436D614D8C45196033C006185982
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

TheTravel - Travel inspiration to the most interesting places on earth. Bucket list ideas and travel guides, all you need for a perfect trip.user-signalchecklistsettings-toggle-horizontal

Page URL History Show full URLs

https://thetravel.com/ HTTP 301
https://www.thetravel.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Page Statistics

91
Requests

95 %
HTTPS

53 %
IPv6

30
Domains

40
Subdomains

36
IPs

5
Countries

1619 kB
Transfer

4414 kB
Size

18
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/GlobeTrotterTravelsNow/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/globe.trotter.travel/

Search URL Search Domain Scan URL

URL: https://twitter.com/TheTravel_com_

Search URL Search Domain Scan URL

URL: https://www.pinterest.ca/thetravelcom/

Search URL Search Domain Scan URL

URL: https://news.google.com/publications/CAAqBwgKMOC7iAsw-5SHAw

Search URL Search Domain Scan URL

URL: https://flipboard.com/@TheTravel

Search URL Search Domain Scan URL

URL: https://simpleflying.com/
Title: The leading independent voice for aviation news and insight.

Search URL Search Domain Scan URL

URL: https://getadmiral.com/pb/?utm_source=www.thetravel.com&utm_medium=pb&session=5-470ccbf9705817cfb7565666a8669d5f-6763652d6575726f70652d7765737431-0
Title: Powered By

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://thetravel.com/ HTTP 301
https://www.thetravel.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 28

https://unpkg.com/web-vitals@3/dist/web-vitals.attribution.iife.js HTTP 302
https://unpkg.com/web-vitals@3.0.4/dist/web-vitals.attribution.iife.js

Request Chain 56

https://ssum.casalemedia.com/usermatchredir?s=184550&cb= HTTP 302
https://ssum.casalemedia.com/usermatchredir?s=184550&cb=&C=1

Request Chain 73

https://ib.adnxs.com/getuid?https%3A%2F%2Fmbid.marfeelrev.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Di%26uid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fmbid.marfeelrev.com%252Fsetuid%253Fbidder%253Dadnxs%2526gdpr%253D%2526gdpr_consent%253D%2526us_privacy%253D%2526f%253Di%2526uid%253D%2524UID HTTP 302
https://mbid.marfeelrev.com/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=&f=i&uid=3526453403197514605

Request Chain 74

https://ad.360yield.com/server_match?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fmbid.marfeelrev.com%2Fsetuid%3Fbidder%3Dimprovedigital%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Di%26uid%3D%7BPUB_USER_ID%7D HTTP 302
https://ad.360yield.com/ul_cb/server_match?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fmbid.marfeelrev.com%2Fsetuid%3Fbidder%3Dimprovedigital%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Di%26uid%3D%7BPUB_USER_ID%7D HTTP 302
https://mbid.marfeelrev.com/setuid?bidder=improvedigital&gdpr=&gdpr_consent=&us_privacy=&f=i&uid=9085c3c1-bddb-45f0-bbab-13e4e5960d0f

Request Chain 79

https://ib.adnxs.com/getuid?https%3A%2F%2Fmbid.marfeelrev.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Di%26uid%3D%24UID HTTP 302
https://mbid.marfeelrev.com/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=&f=i&uid=3526453403197514605

91 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.thetravel.com/
Redirect Chain

https://thetravel.com/
https://www.thetravel.com/

590 KB
120 KB

594ms
532ms

Document
text/html

18.232.227.27
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thetravel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.232.227.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-232-227-27.compute-1.amazonaws.com

Software

nginx /

Resource Hash

f626ed1f2660b709cf0070dc30fe0106ba9a7cc2ca7f380bd5302f342f196227

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, private
content-encoding: br
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
content-type: text/html; charset=UTF-8
date: Fri, 04 Nov 2022 03:34:40 GMT
referrer-policy: no-referrer-when-downgrade
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

content-length: 162
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
content-type: text/html
date: Fri, 04 Nov 2022 03:34:40 GMT
location: https://www.thetravel.com/
referrer-policy: no-referrer-when-downgrade
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 San-Luis-Hotel-Galveston-Texas.jpg
static1.thetravelimages.com/wordpress/wp-content/uploads/2022/11/ 77 KB
78 KB 174ms
120ms Image
image/avif 2606:4700:10::6816:509
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static1.thetravelimages.com/wordpress/wp-content/uploads/2022/11/San-Luis-Hotel-Galveston-Texas.jpg?q=50&fit=crop&w=832&h=420&dpr=1.5
Requested by: Host: www.thetravel.com
URL: https://www.thetravel.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:509 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c17758529d8999faa3fdac86c144bcbbc6e2d85158df189aa3a86bf8e4f1f169

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thetravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 03:34:41 GMT
cf-cache-status: HIT
content-disposition: inline; filename="San-Luis-Hotel-Galveston-Texas.avif"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 79079
x-request-id: rfesEeNmUxAXOZsvROXPl
server: cloudflare
etag: "hPZDSEYlB2t-vi-do_ZUoZ5-wsvbhrvMhDZzkzyKRlU/RImRzd0xJRl9qVW5pYUEyRzBFbXNFdlEi"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 764a4b9a497790ee-FRA
expires: Fri, 03 Nov 2023 23:34:53 GMT

GET
H2 200 The-London-Fireworks-Display.jpg
static1.thetravelimages.com/wordpress/wp-content/uploads/2022/11/ 51 KB
51 KB 192ms
138ms Image
image/avif 2606:4700:10::6816:509
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static1.thetravelimages.com/wordpress/wp-content/uploads/2022/11/The-London-Fireworks-Display.jpg?q=50&fit=crop&w=600&h=300&dpr=1.5
Requested by: Host: www.thetravel.com
URL: https://www.thetravel.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:509 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 90d189e1c08e1151b4bfd4abf0d283318cbca5bf91d59f2dd024f54393ec5b0f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thetravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 03:34:41 GMT
cf-cache-status: HIT
content-disposition: inline; filename="The-London-Fireworks-Display.avif"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 52178
x-request-id: F56gNot-De7DihOFnYqRP
server: cloudflare
etag: "o_oaK9iJb-7tPxyf4lT4mrvT3fj_U9b9sN2D1E_2wFY/RIkNHMy1UaHNTZC1LTEhxZm5xWlY0c2ci"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 764a4b9a497890ee-FRA
expires: Fri, 03 Nov 2023 23:34:52 GMT

GET
H2 200 Cambie-Hotel-310-Cambie-Street-Vancouver-Canada.jpg
static1.thetravelimages.com/wordpress/wp-content/uploads/2022/11/ 38 KB
38 KB 139ms
134ms Image
image/avif 2606:4700:10::6816:509
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static1.thetravelimages.com/wordpress/wp-content/uploads/2022/11/Cambie-Hotel-310-Cambie-Street-Vancouver-Canada.jpg?q=50&fit=crop&w=600&h=300&dpr=1.5
Requested by: Host: www.thetravel.com
URL: https://www.thetravel.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:509 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8dacea1621a3cc7745d920f6f68fe58661b1bccb28a0e99adebfbc0246e89e54

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thetravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 03:34:41 GMT
cf-cache-status: HIT
content-disposition: inline; filename="Cambie-Hotel-310-Cambie-Street-Vancouver-Canada.avif"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 38917
x-request-id: IqZdAI30DnjYr0Er3sjpy
server: cloudflare
etag: "o_oaK9iJb-7tPxyf4lT4mrvT3fj_U9b9sN2D1E_2wFY/RIk9JMG1RVFFpWXVUOUMySlJDRHd1VlEi"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 764a4b9b6a3990ee-FRA
expires: Fri, 03 Nov 2023 22:54:06 GMT

GET
H2 200 View-at-the-Oasys---Mini-Hollywood-a-Spanish-Western-styled-theme-park.jpg
static1.thetravelimages.com/wordpress/wp-content/uploads/2022/10/ 27 KB
27 KB 144ms
139ms Image
image/avif 2606:4700:10::6816:509
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static1.thetravelimages.com/wordpress/wp-content/uploads/2022/10/View-at-the-Oasys---Mini-Hollywood-a-Spanish-Western-styled-theme-park.jpg?q=50&fit=crop&w=600&h=300&dpr=1.5
Requested by: Host: www.thetravel.com
URL: https://www.thetravel.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:509 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dea7236f465b19cff16798a00cad37d03bae254850cfb5cdf00c2daee953b849

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thetravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 03:34:41 GMT
cf-cache-status: HIT
content-disposition: inline; filename="View-at-the-Oasys---Mini-Hollywood-a-Spanish-Western-styled-theme-park.avif"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27668
x-request-id: ysc7JztO9wZvbUtH6GMTw
server: cloudflare
etag: "o_oaK9iJb-7tPxyf4lT4mrvT3fj_U9b9sN2D1E_2wFY/RInY5Q2lHUE0xS2p2bXY4czIyRzdnUFEi"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 764a4b9b7a3a90ee-FRA
expires: Fri, 03 Nov 2023 21:31:46 GMT

GET
H2 200 Resort-in-Mexico.jpg
static1.thetravelimages.com/wordpress/wp-content/uploads/2022/11/ 47 KB
47 KB 136ms
131ms Image
image/avif 2606:4700:10::6816:509
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static1.thetravelimages.com/wordpress/wp-content/uploads/2022/11/Resort-in-Mexico.jpg?q=50&fit=crop&w=600&h=300&dpr=1.5
Requested by: Host: www.thetravel.com
URL: https://www.thetravel.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:509 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f65571b81c1309c94833c83ac121d87e15f6618fae087271c813c4c546ccf422

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thetravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 03:34:41 GMT
cf-cache-status: HIT
content-disposition: inline; filename="Resort-in-Mexico.avif"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 47726
x-request-id: TW1iN5jZ9j4FvOvgkCShr
server: cloudflare
etag: "o_oaK9iJb-7tPxyf4lT4mrvT3fj_U9b9sN2D1E_2wFY/RIktHRWtjNUlzTnhtcWxZNjY1V2VuRnci"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 764a4b9b7a3c90ee-FRA
expires: Fri, 03 Nov 2023 21:31:46 GMT

GET
H2 200 lato-regular.woff2
www.thetravel.com/public/build/fonts/Lato/ 23 KB
23 KB 206ms
204ms Font
font/woff2 18.232.227.27
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thetravel.com/public/build/fonts/Lato/lato-regular.woff2

Requested by

Host: www.thetravel.com
URL: https://www.thetravel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.232.227.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-232-227-27.compute-1.amazonaws.com

Software

nginx /

Resource Hash

c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thetravel.com/
Origin: https://www.thetravel.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 03:34:41 GMT
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 23484
x-xss-protection: 1; mode=block
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 03 Nov 2022 19:12:48 GMT
server: nginx
etag: "636412b0-5bbc"
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000, max-age=31536000, public
accept-ranges: bytes
expires: Sat, 04 Nov 2023 03:34:41 GMT

GET
H2 200 lato-700.woff2
www.thetravel.com/public/build/fonts/Lato/ 22 KB
23 KB 207ms
205ms Font
font/woff2 18.232.227.27
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thetravel.com/public/build/fonts/Lato/lato-700.woff2

Requested by

Host: www.thetravel.com
URL: https://www.thetravel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.232.227.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-232-227-27.compute-1.amazonaws.com

Software

nginx /

Resource Hash

8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thetravel.com/
Origin: https://www.thetravel.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 03:34:41 GMT
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 22992
x-xss-protection: 1; mode=block
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 03 Nov 2022 19:12:48 GMT
server: nginx
etag: "636412b0-59d0"
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000, max-age=31536000, public
accept-ranges: bytes
expires: Sat, 04 Nov 2023 03:34:41 GMT

GET
H2 200 lora-regular.woff2
www.thetravel.com/public/build/fonts/Lora/ 24 KB
24 KB 207ms
205ms Font
font/woff2 18.232.227.27
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thetravel.com/public/build/fonts/Lora/lora-regular.woff2

Requested by

Host: www.thetravel.com
URL: https://www.thetravel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.232.227.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-232-227-27.compute-1.amazonaws.com

Software

nginx /

Resource Hash

b8d471fd55fbf29d033dd130913a60f9137ec4a36c02d251a879d0630e0ba84c

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thetravel.com/
Origin: https://www.thetravel.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 03:34:41 GMT
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 24552
x-xss-protection: 1; mode=block
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 03 Nov 2022 19:12:48 GMT
server: nginx
etag: "636412b0-5fe8"
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000, max-age=31536000, public
accept-ranges: bytes
expires: Sat, 04 Nov 2023 03:34:41 GMT

GET
H2 200 lora-700.woff2
www.thetravel.com/public/build/fonts/Lora/ 25 KB
25 KB 207ms
206ms Font
font/woff2 18.232.227.27
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thetravel.com/public/build/fonts/Lora/lora-700.woff2

Requested by

Host: www.thetravel.com
URL: https://www.thetravel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.232.227.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-232-227-27.compute-1.amazonaws.com

Software

nginx /

Resource Hash

3de92dc557a7dc56e65a281f5d38c4a63eecd6faca350d4a5d1c5a8d89fbfc6c

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thetravel.com/
Origin: https://www.thetravel.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 03:34:41 GMT
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 25588
x-xss-protection: 1; mode=block
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 03 Nov 2022 19:12:48 GMT
server: nginx
etag: "636412b0-63f4"
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000, max-age=31536000, public
accept-ranges: bytes
expires: Sat, 04 Nov 2023 03:34:41 GMT

GET
H2 200 icomoon.woff2
www.thetravel.com/public/build/fonts/icons/ 12 KB
12 KB 207ms
206ms Font
font/woff2 18.232.227.27
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thetravel.com/public/build/fonts/icons/icomoon.woff2

Requested by

Host: www.thetravel.com
URL: https://www.thetravel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.232.227.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-232-227-27.compute-1.amazonaws.com

Software

nginx /

Resource Hash

d95e48e228e15b142237124b2d5979c9a6c38b078b11821bcf1b7c862d1d9c2d

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thetravel.com/
Origin: https://www.thetravel.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 03:34:41 GMT
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 12132
x-xss-protection: 1; mode=block
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 03 Nov 2022 19:12:48 GMT
server: nginx
etag: "636412b0-2f64"
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000, max-age=31536000, public
accept-ranges: bytes
expires: Sat, 04 Nov 2023 03:34:41 GMT

GET
H2 200 icomoon.woff
www.thetravel.com/public/build/fonts/icons/ 23 KB
23 KB 208ms
206ms Font
font/woff 18.232.227.27
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thetravel.com/public/build/fonts/icons/icomoon.woff

Requested by

Host: www.thetravel.com
URL: https://www.thetravel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.232.227.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-232-227-27.compute-1.amazonaws.com

Software

nginx /

Resource Hash

36ae0288126b4b912e24068f22bd019e88dea46d734eb7e1c999ecf2107de4ff

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thetravel.com/
Origin: https://www.thetravel.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 03:34:41 GMT
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 23496
x-xss-protection: 1; mode=block
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 03 Nov 2022 19:12:48 GMT
server: nginx
etag: "636412b0-5bc8"
x-frame-options: SAMEORIGIN
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=31536000, max-age=31536000, public
accept-ranges: bytes
expires: Sat, 04 Nov 2023 03:34:41 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 221 KB
77 KB 85ms
35ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-09V3Q38X8F

Requested by

Host: www.thetravel.com
URL: https://www.thetravel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

acbf36175ef44b00613c18ba6bd6d119d232574a3e7031c7ac829108efb7d12f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thetravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 03:34:41 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 78187
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 04 Nov 2022 03:34:41 GMT

GET
H2 200 home.6cf08198.css
www.thetravel.com/public/build/ 156 KB
20 KB 206ms
205ms Stylesheet
text/css 18.232.227.27
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thetravel.com/public/build/home.6cf08198.css

Requested by

Host: www.thetravel.com
URL: https://www.thetravel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.232.227.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-232-227-27.compute-1.amazonaws.com

Software

nginx /

Resource Hash

be3cd085c67e6eaa4329012fa3e1a2c0921567736e72e93e31fa057d591e4549

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thetravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 03:34:41 GMT
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
x-xss-protection: 1; mode=block
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 03 Nov 2022 19:12:48 GMT
server: nginx
etag: W/"636412b0-2701b"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=31536000, max-age=31536000, public
expires: Sat, 04 Nov 2023 03:34:41 GMT

GET
H2 200 valnet-header.38f02c41.js Show response
www.thetravel.com/public/build/ 3 KB
1 KB 111ms
106ms Script
application/javascript 18.232.227.27
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thetravel.com/public/build/valnet-header.38f02c41.js

Requested by

Host: www.thetravel.com
URL: https://www.thetravel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.232.227.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-232-227-27.compute-1.amazonaws.com

Software

nginx /

Resource Hash

51489103b165d141f38eb02e87cb836e3c0e1719fcb39625ab1aa8016099c0c0

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thetravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 03:34:41 GMT
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
x-xss-protection: 1; mode=block
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 03 Nov 2022 19:12:48 GMT
server: nginx
etag: W/"636412b0-a62"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000, max-age=31536000, public
expires: Sat, 04 Nov 2023 03:34:41 GMT

GET
H2 200 op.js Show response
tagan.adlightning.com/valnet/ 48 KB
19 KB 100ms
27ms Script
application/javascript 108.157.4.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/valnet/op.js
Requested by: Host: www.thetravel.com
URL: https://www.thetravel.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-122.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 78a751a5c6da74a09e26c4c547f4283e02b156f7d8d8e073994adbfba1f074ca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thetravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-amz-version-id: 47iw5EWbzm_cupYfiQDfmy0SVm.IwM.a
content-encoding: gzip
via: 1.1 7dc1e6ca5d933ea10694c61d8475b502.cloudfront.net (CloudFront)
date: Fri, 04 Nov 2022 03:30:32 GMT
x-amz-cf-pop: DUS51-P2
age: 299
x-cache: Hit from cloudfront
content-length: 19477
x-amz-meta-git_commit: 39123b0
last-modified: Thu, 03 Nov 2022 23:29:37 GMT
server: AmazonS3
etag: "be38404426e215f775e2257b992a22f4"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: qvTbSNYPlx1cg9jYGqqXow03PkhDjRk5MwxNcde1RrdyRBj1DuJB8w==

GET
H2 200 launchpad.bundle.js Show response
launchpad.privacymanager.io/latest/ 25 KB
9 KB 70ms
20ms Script
application/x-javascript 13.32.27.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://launchpad.privacymanager.io/latest/launchpad.bundle.js
Requested by: Host: www.thetravel.com
URL: https://www.thetravel.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-122.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b9d318b3157ccbfc3bb00e82a446613294f9a592c01537662386bd848882b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thetravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-amz-version-id: 95T7hNeyoepJiTzIDuymkLfRgOn9zgCf
content-encoding: gzip
via: 1.1 756f5290bceb9f9b2ec963e0ab326968.cloudfront.net (CloudFront)
date: Fri, 04 Nov 2022 03:06:47 GMT
x-amz-cf-pop: FRA56-C2
age: 1678
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:469675294282:build/LaunchPadLibraryBuild-prod:f09170b2-5416-4e55-be91-38e5eec207ec
x-cache: Hit from cloudfront
x-amz-meta-codebuild-content-md5: a78f2a5a4864424e54348ce47b156abb
last-modified: Thu, 10 Mar 2022 13:10:48 GMT
server: AmazonS3
etag: W/"3e312624cdc2445a38a716f92dc3c0cd"
vary: Accept-Encoding
content-type: application/x-javascript
x-amz-meta-codebuild-content-sha256: e4ad213b137401d20a50fe1692169cc5f8b39867b6fe39afed7e307e1b9c967e
cache-control: must-revalidate,public,max-age=3600
x-amz-cf-id: Lkh40394RMCUag3OfPeBSh3exiuPaj8GrEBX-WPdkV2Kzxw4_a_jMQ==

GET
H2 200 launchpad-liveramp.js Show response
launchpad-wrapper.privacymanager.io/b1c80b5e-e909-4d5d-ba94-1d63bb1c4212/ 3 KB
2 KB 74ms
20ms Script
text/javascript 13.225.78.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://launchpad-wrapper.privacymanager.io/b1c80b5e-e909-4d5d-ba94-1d63bb1c4212/launchpad-liveramp.js
Requested by: Host: www.thetravel.com
URL: https://www.thetravel.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-47.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f6e26b666139f315b7d7f689cddea2537bddb594a865f3559270795f58457668

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thetravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 22:09:52 GMT
x-amz-version-id: O2ZmB0RPmfeUg8HD.Xrhkd1aiEW_qtKb
content-encoding: gzip
via: 1.1 21a3da42c823b5a4a2d9c4c63248bbd6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
age: 19490
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-disposition: attachment; filename="launchpad-liveramp.js"
last-modified: Fri, 02 Sep 2022 01:12:41 GMT
server: AmazonS3
etag: W/"687af3f0262d147cefe2d3a539c67c16"
vary: Accept-Encoding
content-type: text/javascript
x-amz-cf-id: zuWtnPVS33c3Hx8WpDYbZChL0OWH4k3nzrBKvxV78HgqKZaP4mv0sA==

GET
H2 200 tv-logo-full-colored-light.svg
www.thetravel.com/public/build/images/ 11 KB
4 KB 107ms
107ms Image
image/svg+xml 18.232.227.27
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thetravel.com/public/build/images/tv-logo-full-colored-light.svg

Requested by

Host: www.thetravel.com
URL: https://www.thetravel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.232.227.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-232-227-27.compute-1.amazonaws.com

Software

nginx /

Resource Hash

894163bfc3ee215abf4ce1973965ae140f6443ee897f04b83600a24639630438

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thetravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 03:34:41 GMT
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
x-xss-protection: 1; mode=block
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 03 Nov 2022 19:12:48 GMT
server: nginx
etag: W/"636412b0-2d5d"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, max-age=31536000, public
expires: Sat, 04 Nov 2023 03:34:41 GMT

GET
H2 200 sf-logo-full-colored-light.svg
www.thetravel.com/public/build/images/ 4 KB
2 KB 106ms
106ms Image
image/svg+xml 18.232.227.27
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thetravel.com/public/build/images/sf-logo-full-colored-light.svg

Requested by

Host: www.thetravel.com
URL: https://www.thetravel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.232.227.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-232-227-27.compute-1.amazonaws.com

Software

nginx /

Resource Hash

83503f4c964c073a8f31f45073af0a649ffabdcb01b30afa073ca69b0df90045

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thetravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 03:34:41 GMT
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
x-xss-protection: 1; mode=block
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 03 Nov 2022 19:12:48 GMT
server: nginx
etag: W/"636412b0-116d"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, max-age=31536000, public
expires: Sat, 04 Nov 2023 03:34:41 GMT

GET
H2 200 Telluride-Colorado.jpg
static1.thetravelimages.com/wordpress/wp-content/uploads/2022/07/ 17 KB
17 KB 138ms
134ms Image
image/avif 2606:4700:10::6816:509
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static1.thetravelimages.com/wordpress/wp-content/uploads/2022/07/Telluride-Colorado.jpg?q=50&fit=crop&w=260&h=180&dpr=1.5
Requested by: Host: www.thetravel.com
URL: https://www.thetravel.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:509 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 157925779bf3fa55358db1ff0ef81321248101db3a65bdc63c2bbaef9b8b7ed7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thetravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 03:34:41 GMT
cf-cache-status: HIT
content-disposition: inline; filename="Telluride-Colorado.avif"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 17065
x-request-id: 7d1vkPof3GHO0vXR4GLTx
server: cloudflare
etag: "27M1GDSV7UQOUQ1qBetbT3czfg4VP2qdhZ7q2HIHq70/RIkxqLUlQR0MyamZ0Zk5NR00wcUVycUEi"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 764a4b9b7a3e90ee-FRA
expires: Fri, 03 Nov 2023 18:58:59 GMT

GET
H2 200 Pyramids-of-Giza-Egypt.jpg
static1.thetravelimages.com/wordpress/wp-content/uploads/2022/10/ 9 KB
10 KB 144ms
141ms Image
image/avif 2606:4700:10::6816:509
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static1.thetravelimages.com/wordpress/wp-content/uploads/2022/10/Pyramids-of-Giza-Egypt.jpg?q=50&fit=crop&w=260&h=180&dpr=1.5
Requested by: Host: www.thetravel.com
URL: https://www.thetravel.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:509 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 95f72e31c07df558e84069c19c5a5362e61cbff4c6509d145d28d831f36a13fe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thetravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 03:34:41 GMT
cf-cache-status: HIT
content-disposition: inline; filename="Pyramids-of-Giza-Egypt.avif"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9652
x-request-id: t8Eg4jn1PccUuGccj10P0
server: cloudflare
etag: "27M1GDSV7UQOUQ1qBetbT3czfg4VP2qdhZ7q2HIHq70/RIm1VTWdkNVdCNVU0QzNobnhzVjV6RUEi"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 764a4b9b7a4090ee-FRA
expires: Sat, 04 Nov 2023 03:12:11 GMT

GET
H2 200 Heart-Castle-Alexandria-Bay-New-York--United-States-with-Boldt-Castle-in-sight.jpg
static1.thetravelimages.com/wordpress/wp-content/uploads/2022/10/ 8 KB
9 KB 134ms
130ms Image
image/avif 2606:4700:10::6816:509
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static1.thetravelimages.com/wordpress/wp-content/uploads/2022/10/Heart-Castle-Alexandria-Bay-New-York--United-States-with-Boldt-Castle-in-sight.jpg?q=50&fit=crop&w=260&h=180&dpr=1.5
Requested by: Host: www.thetravel.com
URL: https://www.thetravel.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:509 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 34324dbaf20c9a3936b0de3ae21847f86f74d13835128f531922b8da43fdea1e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thetravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 03:34:41 GMT
cf-cache-status: HIT
content-disposition: inline; filename="Heart-Castle-Alexandria-Bay-New-York--United-States-with-Boldt-Castle-in-sight.avif"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8526
x-request-id: 1sc6IfdGWMxJ9aOpH0XjK
server: cloudflare
etag: "27M1GDSV7UQOUQ1qBetbT3czfg4VP2qdhZ7q2HIHq70/RIjZmMXdoUl81ZDlsci0xUW1XY3dEOVEi"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 764a4b9b7a4290ee-FRA
expires: Fri, 03 Nov 2023 19:15:11 GMT

GET
H2 200 Kananaskis-village-in-Alberta.jpg
static1.thetravelimages.com/wordpress/wp-content/uploads/2022/10/ 9 KB
10 KB 129ms
126ms Image
image/avif 2606:4700:10::6816:509
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static1.thetravelimages.com/wordpress/wp-content/uploads/2022/10/Kananaskis-village-in-Alberta.jpg?q=50&fit=crop&w=260&h=180&dpr=1.5
Requested by: Host: www.thetravel.com
URL: https://www.thetravel.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:509 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8dfbd89a1ed34f8bb59c0e948c8342ed71e0a3d46fafabb7ef5e19491952e0ae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thetravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 03:34:41 GMT
cf-cache-status: HIT
content-disposition: inline; filename="Kananaskis-village-in-Alberta.avif"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9610
x-request-id: Vrz3_oN5D02sI4evwYJIR
server: cloudflare
etag: "27M1GDSV7UQOUQ1qBetbT3czfg4VP2qdhZ7q2HIHq70/RIjB6bmRFM0hLMG9sT2kta3FNUnNCM2ci"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 764a4b9b7a4590ee-FRA
expires: Fri, 03 Nov 2023 19:40:43 GMT

GET
H2 200 Homer-Alaska.JPG
static1.thetravelimages.com/wordpress/wp-content/uploads/2022/10/ 9 KB
9 KB 127ms
124ms Image
image/avif 2606:4700:10::6816:509
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static1.thetravelimages.com/wordpress/wp-content/uploads/2022/10/Homer-Alaska.JPG?q=50&fit=crop&w=260&h=180&dpr=1.5
Requested by: Host: www.thetravel.com
URL: https://www.thetravel.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:509 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f510b98f3e39ae027e851f5533663c322d32c6547291be9cfbe17d5b563fcf12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thetravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 03:34:41 GMT
cf-cache-status: HIT
content-disposition: inline; filename="Homer-Alaska.avif"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9288
x-request-id: QW2Kgi2tGIFrb1yqUAJy9
server: cloudflare
etag: "27M1GDSV7UQOUQ1qBetbT3czfg4VP2qdhZ7q2HIHq70/RImNnSGR4WE5DTlhkOGZKeTluRU1sUGci"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 764a4b9b7a4a90ee-FRA
expires: Fri, 03 Nov 2023 18:59:22 GMT

GET
H2 200 valnet-footer.690c7a4d.js Show response
www.thetravel.com/public/build/ 31 KB
9 KB 107ms
107ms Script
application/javascript 18.232.227.27
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thetravel.com/public/build/valnet-footer.690c7a4d.js

Requested by

Host: www.thetravel.com
URL: https://www.thetravel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.232.227.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-232-227-27.compute-1.amazonaws.com

Software

nginx /

Resource Hash

43b5f2a4da3c0159efb20fb436a6b5faace1894f63f5d47c341db9361dea6734

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thetravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 03:34:41 GMT
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
x-xss-protection: 1; mode=block
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 03 Nov 2022 19:12:48 GMT
server: nginx
etag: W/"636412b0-7b2c"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000, max-age=31536000, public
expires: Sat, 04 Nov 2023 03:34:41 GMT

GET
H2 200 valnet-footer-homepage.65096dcb.js Show response
www.thetravel.com/public/build/ 2 KB
1 KB 107ms
106ms Script
application/javascript 18.232.227.27
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thetravel.com/public/build/valnet-footer-homepage.65096dcb.js

Requested by

Host: www.thetravel.com
URL: https://www.thetravel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.232.227.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-232-227-27.compute-1.amazonaws.com

Software

nginx /

Resource Hash

9636ae34d17ea8fb66320e3cced61947874b173cb04ef49586168df9963243c6

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thetravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 03:34:41 GMT
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
x-xss-protection: 1; mode=block
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 03 Nov 2022 19:12:48 GMT
server: nginx
etag: W/"636412b0-6a7"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000, max-age=31536000, public
expires: Sat, 04 Nov 2023 03:34:41 GMT

GET
H2 200 adsninja_client.js Show response
adsninja.ca/ 60 KB
14 KB 447ms
223ms Script
application/javascript 54.144.151.126
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://adsninja.ca/adsninja_client.js?v=1667396765

Requested by

Host: www.thetravel.com
URL: https://www.thetravel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.144.151.126 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-144-151-126.compute-1.amazonaws.com

Software

nginx /

Resource Hash

0342fa660bc1535ae0643c37326b3d79bc4ea7febc99535dec5b16fc68208d6d

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thetravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 03:34:41 GMT
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
x-xss-protection: 1; mode=block
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 03 Nov 2022 20:27:03 GMT
server: nginx
etag: W/"63642417-f180"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000, max-age=31536000, public
expires: Sat, 04 Nov 2023 03:34:41 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 66ms
18ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.thetravel.com
URL: https://www.thetravel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thetravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 04 Nov 2022 03:15:54 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 1127
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Fri, 04 Nov 2022 05:15:54 GMT

GET
H2

200

web-vitals.attribution.iife.js Show response
unpkg.com/web-vitals@3.0.4/dist/
Redirect Chain

https://unpkg.com/web-vitals@3/dist/web-vitals.attribution.iife.js
https://unpkg.com/web-vitals@3.0.4/dist/web-vitals.attribution.iife.js

10 KB
4 KB

26ms
25ms

Script
application/javascript

2606:4700::6810:7eaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/web-vitals@3.0.4/dist/web-vitals.attribution.iife.js

Requested by

Host: www.thetravel.com
URL: https://www.thetravel.com/

Protocol

Server

2606:4700::6810:7eaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2b1fb7f2a2798dc67560cffd65abb680930b041811032dab330d09e638c3ea28

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thetravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 03:34:41 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 1388077
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01GFPZG7XM95R6NBD1BAF4YFP0-fra
server: cloudflare
etag: W/"2677-WpidRN7jSGM+hi7HfCm595ttzvI"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 764a4b9c1ed3905b-FRA

Redirect headers

date: Fri, 04 Nov 2022 03:34:41 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
fly-request-id: 01GH0AWYZSN0GK7XPJNMGZ8S1A-fra
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 394
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
location: /web-vitals@3.0.4/dist/web-vitals.attribution.iife.js
cache-control: public, s-maxage=600, max-age=60
cf-ray: 764a4b9bbe88905b-FRA

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 132 KB
49 KB 102ms
54ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-N64NF7P

Requested by

Host: www.thetravel.com
URL: https://www.thetravel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0f53e2a2977c0290e0d890f52de018f207f1767ea30a102f72b90b6b61ed3a0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thetravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 03:34:41 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 50322
x-xss-protection: 0
last-modified: Fri, 04 Nov 2022 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 04 Nov 2022 03:34:41 GMT

GET
H2 200 v2quyfVmmRuMooQ8S_qhcouHc1S2jsoPDf0RVlvTP2jez4DLF8h94VDBD Show response
aloofvest.com/ 611 KB
104 KB 110ms
42ms Script
text/javascript 2600:1901:0:4277::1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://aloofvest.com/v2quyfVmmRuMooQ8S_qhcouHc1S2jsoPDf0RVlvTP2jez4DLF8h94VDBD

Requested by

Host: www.thetravel.com
URL: https://www.thetravel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:4277::1 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

17d973fdfd11ca9d8a1a24dc72d98acc6e64a1e8bf75a9ce7c07accc647ab921

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thetravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; preload
content-encoding: br
via: 1.1 google
date: Fri, 04 Nov 2022 03:34:41 GMT
x-datacenter: gce-europe-west1
etag: "acac4a710ee7fc0d04ecb11e465a77a411ffb9a08c0e79767a6858b9fd6b36a6"
x-buildname: hoothoot
vary: Accept-Encoding, Accept-Language
x-hostname: fen-hoothoot-europe-west1-c63t
content-type: text/javascript; charset=utf-8
cache-control: private, must-revalidate, max-age=21600
x-buildnumber: 673376020
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 v2xwrxi22WwPGTnM8uUtmdKoRvcC7VCEyfkL7FeStREslkBuMiXl1cslz2SZL7o9wy8bFk0ovFg Show response
aloofvest.com/ 15 KB
6 KB 101ms
33ms Script
text/javascript 2600:1901:0:4277::1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://aloofvest.com/v2xwrxi22WwPGTnM8uUtmdKoRvcC7VCEyfkL7FeStREslkBuMiXl1cslz2SZL7o9wy8bFk0ovFg

Requested by

Host: www.thetravel.com
URL: https://www.thetravel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:4277::1 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

cc2b650c6f5f96a8c926831d077eb3209e13571925c1710dcc972b956c6e5093

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thetravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; preload
content-encoding: gzip
via: 1.1 google
date: Fri, 04 Nov 2022 03:34:41 GMT
x-datacenter: gce-europe-west1
etag: "2423a2ea1222752e50e25d789cf00e8945750774bc0142df9289954215bd856c"
x-buildname: hoothoot
vary: Accept-Encoding, Accept-Language
x-hostname: fen-hoothoot-europe-west1-c63t
content-type: text/javascript; charset=utf-8
cache-control: private, must-revalidate, max-age=21600
x-buildnumber: 673376020
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 rh.min.js Show response
socialcanvas-cdn.kargo.com/js/ 170 KB
48 KB 135ms
25ms Script
application/javascript 2600:9000:214f:4e00:13:6a46:aa00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js
Requested by: Host: www.thetravel.com
URL: https://www.thetravel.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:4e00:13:6a46:aa00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b0229a140d1079ffb630977088e25389b161afc456b661542281529ffcaec1a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thetravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 02:41:47 GMT
content-encoding: gzip
via: 1.1 48391c4ed2c51e95dcabcb70cf613126.cloudfront.net (CloudFront)
last-modified: Wed, 26 Oct 2022 18:21:18 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 4980
etag: W/"5cc1d549c26e0a889eff7fb9eb11986d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: L70CogdJd8ZOlGnJZYF8Twzm-wLjzxwL5Hk_aNSh8LMOpHobrKDZhg==

GET
H2 200 269 Show response
a.ad.gt/api/v1/u/matches/ 11 KB
4 KB 595ms
186ms Script
application/javascript 35.84.93.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://a.ad.gt/api/v1/u/matches/269?url=https%3A%2F%2Fwww.thetravel.com%2F&ref=
Requested by: Host: www.thetravel.com
URL: https://www.thetravel.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.84.93.102 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-84-93-102.us-west-2.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: a871805cad8b7feafbc374abafb8ea3d0bfb91088320535e2ce3c4237ee52f69

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thetravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 04 Nov 2022 03:34:41 GMT
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: nginx/1.20.0
content-type: application/javascript

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 79 KB
27 KB 79ms
29ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.thetravel.com
URL: https://www.thetravel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b389f09fdbf9098877d12de2989df5b1fcd12d29d5b79e1e1f1cd7d751296253

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thetravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 03:34:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27392
x-xss-protection: 0
server: sffe
etag: "1383 / 295 of 1000 / last-modified: 1667513213"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 04 Nov 2022 03:34:41 GMT

GET
H2 200 tv-logo-full-white.642d3d01.svg
www.thetravel.com/public/build/images/ 11 KB
4 KB 114ms
107ms Image
image/svg+xml 18.232.227.27
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thetravel.com/public/build/images/tv-logo-full-white.642d3d01.svg

Requested by

Host: www.thetravel.com
URL: https://www.thetravel.com/public/build/home.6cf08198.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.232.227.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-232-227-27.compute-1.amazonaws.com

Software

nginx /

Resource Hash

27f592d0f08ed3290fa06d975f114a8c046af4f38e1a967e8924a2dbb6123dca

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thetravel.com/public/build/home.6cf08198.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 03:34:41 GMT
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
x-xss-protection: 1; mode=block
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 03 Nov 2022 19:12:48 GMT
server: nginx
etag: W/"636412b0-2d11"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, max-age=31536000, public
expires: Sat, 04 Nov 2023 03:34:41 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 177 KB
44 KB 76ms
22ms Script
application/javascript 13.224.195.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: www.thetravel.com
URL: https://www.thetravel.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.195.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-195-78.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ecdd26adcc4a8c8b6164c4da1adcf9bae9018e1cafdcb9f8c5b80cb488b6d625

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thetravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 02:40:26 GMT
content-encoding: gzip
via: 1.1 a300dbfb49a2eb50edb83038642c9f82.cloudfront.net (CloudFront), 1.1 5a5b94c62ea85e0c0d78b169589b08b4.cloudfront.net (CloudFront)
last-modified: Wed, 02 Nov 2022 22:01:46 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA2-C1
age: 3256
x-amz-server-side-encryption: AES256
etag: W/"1d9e581e3d8699432b3c59f0e0e85ea1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: GYfLQNrsKynotpClAO9hS_eNrOFr31gXjEthA1LbtqR-y_4LFk49IA==

GET
H2 204 segments.js Show response
seg.ad.gt/api/v1/ 0
52 B 583ms
187ms Script
text/plain 35.161.99.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://seg.ad.gt/api/v1/segments.js?partner_id=269&url=https%3A%2F%2Fwww.thetravel.com%2F
Requested by: Host: www.thetravel.com
URL: https://www.thetravel.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.161.99.119 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-161-99-119.us-west-2.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thetravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 03:34:41 GMT
server: nginx/1.20.0

GET
H/1.1 200
OK cookie-sync.html Show response
mbid.marfeelrev.com/static/ Frame CF69 6 KB
3 KB 117ms
29ms Document
text/html 167.235.35.91
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://mbid.marfeelrev.com/static/cookie-sync.html
Requested by: Host: www.thetravel.com
URL: https://www.thetravel.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 167.235.35.91 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: haproxy06.cl01.k8s.mrf.io
Software: istio-envoy /
Resource Hash: c97fc82429a0a8c24a88c64213782da0c325bebc3fc3293235c5c5bd79cb0aa0

Request headers

Referer: https://www.thetravel.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Fri, 04 Nov 2022 00:34:41 ART
expires: 0
last-modified: Fri, 15 Jul 2022 06:23:35 ART
pragma: no-cache
server: istio-envoy
transfer-encoding: chunked
vary: accept-encoding
x-envoy-upstream-service-time: 0

GET
H2 200 launchpad.bundle.js Show response
launchpad.privacymanager.io/1/ 25 KB
9 KB 23ms
21ms Script
application/x-javascript 13.32.27.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://launchpad.privacymanager.io/1/launchpad.bundle.js
Requested by: Host: launchpad-wrapper.privacymanager.io
URL: https://launchpad-wrapper.privacymanager.io/b1c80b5e-e909-4d5d-ba94-1d63bb1c4212/launchpad-liveramp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-122.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b9d318b3157ccbfc3bb00e82a446613294f9a592c01537662386bd848882b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thetravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-amz-version-id: IBczV1acfLsLLKzHm11PkizTXPxE9_cH
content-encoding: gzip
via: 1.1 756f5290bceb9f9b2ec963e0ab326968.cloudfront.net (CloudFront)
date: Fri, 04 Nov 2022 03:05:46 GMT
x-amz-cf-pop: FRA56-C2
age: 1736
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:469675294282:build/LaunchPadLibraryBuild-prod:f09170b2-5416-4e55-be91-38e5eec207ec
x-cache: Hit from cloudfront
x-amz-meta-codebuild-content-md5: a78f2a5a4864424e54348ce47b156abb
last-modified: Thu, 10 Mar 2022 13:10:48 GMT
server: AmazonS3
etag: W/"3e312624cdc2445a38a716f92dc3c0cd"
vary: Accept-Encoding
content-type: application/x-javascript
x-amz-meta-codebuild-content-sha256: e4ad213b137401d20a50fe1692169cc5f8b39867b6fe39afed7e307e1b9c967e
cache-control: must-revalidate,public,max-age=3600
x-amz-cf-id: tQvnJKI3GOALQaJrnuIqXJl_tpoQzqGhby6_1PSNdLiMWrV6eahwnw==

GET
H2 200 b-39123b0-fa09635e.js Show response
tagan.adlightning.com/valnet/ 80 KB
30 KB 27ms
26ms Script
application/javascript 108.157.4.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/valnet/b-39123b0-fa09635e.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-122.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a385633f1e2fe45e65c2bc3b322d776c9bab1c9687998f764c0c83f79e2963e2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thetravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 19:31:42 GMT
content-encoding: gzip
via: 1.1 7dc1e6ca5d933ea10694c61d8475b502.cloudfront.net (CloudFront)
x-amz-version-id: JSEd0qRkBL1UzV0q0sd2GocBv7cTMBwJ
x-amz-cf-pop: DUS51-P2
age: 2534580
x-cache: Hit from cloudfront
content-length: 30715
x-amz-meta-git_commit: 39123b0
last-modified: Wed, 20 Apr 2022 17:41:08 GMT
server: AmazonS3
etag: "23c27c2577b9feea80aa6027bc91763c"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: YfwlZlYiez9MBqJhDiUiGRI5yWPudahsMV3Lx-Tuus7wwoFnHstNOA==

GET
H2 200 bl-8db6969-150c26d0.js Show response
tagan.adlightning.com/valnet/ 128 KB
40 KB 35ms
34ms Script
application/javascript 108.157.4.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/valnet/bl-8db6969-150c26d0.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-122.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1e41d23edc1c012f61172240500690f9188f9c33724c31afd0c8d2e8d363f752

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thetravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 23:29:40 GMT
content-encoding: gzip
via: 1.1 7dc1e6ca5d933ea10694c61d8475b502.cloudfront.net (CloudFront)
x-amz-version-id: 1UF9LlrhmyHMYweMWzGeeQ9z5LgZyPoq
x-amz-cf-pop: DUS51-P2
age: 14702
x-cache: Hit from cloudfront
content-length: 40377
x-amz-meta-git_commit: 8db6969
last-modified: Thu, 03 Nov 2022 23:29:15 GMT
server: AmazonS3
etag: "04ea1ba3887192e4c1cfd0acb621bb87"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: VSbYpso65ukDuSPX_zGx30-wOxHeDFs-hDw6FbqF-Uqkv6LKKDGbwg==

POST
H2 200 publisher:getClientId Show response
ampcid.google.com/v1/ 74 B
534 B 90ms
28ms XHR
application/json 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.thetravel.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 04 Nov 2022 03:34:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.thetravel.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 94
x-xss-protection: 0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
349 B 79ms
26ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-09V3Q38X8F&gtm=2oeb20&_p=9316665&cid=172502456.1667532881&ul=en-us&sr=1600x1200&_s=1&sid=1667532881&sct=1&seg=0&dl=https%3A%2F%2Fwww.thetravel.com%2F&dt=TheTravel%20-%20Travel%20inspiration%20to%20the%20most%20interesting%20places%20on%20earth.%20Bucket%20list%20ideas%20and%20travel%20guides%2C%20all%20you%20need%20for%20a%20perfect%20trip.&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.post_id=homepage&ep.article_template=&ep.browser_user_agent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F107.0.5304.87%20Safari%2F537.36&ep.author=&ep.jr_editor=&ep.sr_editor=&ep.primary_category=&ep.tags=&ep.payment_category=&ep.content_type=&ep.intent=&ep.network_category=&ep.is_amp_traffic=false&ep.template=home&ep.is_ad_block=false&ep.classification=&ep.is_subscribed_premium=false&ep.subscription_plan=&ep.ip_address=217.114.218.22&ep.date_published=&ep.date_republished=
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-09V3Q38X8F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thetravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Nov 2022 03:34:41 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.thetravel.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 skeleton.js Show response
static.adsafeprotected.com/ 17 B
466 B 107ms
35ms Script
application/javascript 2600:9000:214f:a600:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/skeleton.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:a600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thetravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 02:01:00 GMT
x-amz-version-id: nylqTweorRThFHMBJSrf_fHcWx3KVKN3
via: 1.1 86ef89199388021c33b079c598103b12.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 10892022
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 17
last-modified: Mon, 17 Aug 2020 23:54:35 GMT
server: AmazonS3
etag: "53fab767ecbd3bf07990b10246befbd4"
content-type: application/javascript
cache-control: max-age=315360000
accept-ranges: bytes
x-amz-cf-id: xdz-3FSFzr219ByjKpXbRXf_aVCmBqldborqiY4H3pTDTAur8JkiCw==

POST
H/1.1 200
OK cookie_sync Show response
mbid.marfeelrev.com/ Frame CF69 1 KB
803 B 27ms
27ms XHR
application/json 167.235.35.91
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://mbid.marfeelrev.com/cookie_sync
Requested by: Host: mbid.marfeelrev.com
URL: https://mbid.marfeelrev.com/static/cookie-sync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 167.235.35.91 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: haproxy06.cl01.k8s.mrf.io
Software: istio-envoy /
Resource Hash: 369b6a06cf0598a92b22182eb79ecc4387aff4c5507cdf798d5febccb1f5656d

Request headers

Referer: https://mbid.marfeelrev.com/static/cookie-sync.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 04 Nov 2022 03:34:41 GMT
content-encoding: gzip
server: istio-envoy
content-type: application/json
access-control-allow-origin: https://mbid.marfeelrev.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
content-length: 435
expires: 0

GET
H2 200 / Show response
geo.privacymanager.io/ 28 B
591 B 30ms
30ms Fetch
application/json 143.204.215.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.privacymanager.io/
Requested by: Host: launchpad.privacymanager.io
URL: https://launchpad.privacymanager.io/1/launchpad.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-96.fra53.r.cloudfront.net
Software: /
Resource Hash: 3b3ed4b191fdd529075b8e099f5daefd684e80acd4c9514a70b6ad746e949544

Request headers

Accept: application/json
Referer: https://www.thetravel.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 03 Nov 2022 04:56:00 GMT
via: 1.1 33febf2d58aeb0618cba096d54cae018.cloudfront.net (CloudFront), 1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3, FRA53-C1
age: 81521
x-amzn-requestid: 9e0a147b-2cc7-443a-a14d-0b6cef95d063
x-amzn-trace-id: Root=1-636349e0-1fda42e82def2af20b0171cd;Sampled=0
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type: application/json
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-apigw-id: bAh7IFy_DoEFqTQ=
content-length: 28
x-amz-cf-id: Ye9y105SgggiKhgkl_zmqWdnTsJkl_lC28RTUQ7sKX41bZMxH78t_Q==
access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token

OPTIONS
H2 200 /
geo.privacymanager.io/ Frame 0
0 217ms
109ms Preflight
application/json 143.204.215.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.privacymanager.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-96.fra53.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.thetravel.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: *
content-length: 0
content-type: application/json
date: Fri, 04 Nov 2022 03:34:41 GMT
via: 1.1 c1fb60e38be5022a78e4b52bedded7c2.cloudfront.net (CloudFront), 1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
x-amz-apigw-id: bDo8zFmCDoEFQBg=
x-amz-cf-id: eVRVAiOmP_xd9OhPWjwhlwIRlS5exn07sxrYD0vsAjm3Jk0FQ_hApg==
x-amz-cf-pop: FRA6-C1 FRA53-C1
x-amzn-requestid: 9f910cc8-fe5d-44cd-942d-55c33d6f2dd2
x-cache: Miss from cloudfront

GET
H2 200 pubads_impl_2022110201.js Show response
securepubads.g.doubleclick.net/gpt/ 380 KB
129 KB 118ms
20ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110201.js?cb=31070711

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6d726276ed26c9cee416eb8c7c8205d7984a3075d4507301e002a60bd64cdc90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thetravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 14:24:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 47389
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131066
x-xss-protection: 0
last-modified: Wed, 02 Nov 2022 08:35:34 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 03 Nov 2023 14:24:52 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 235 B
740 B 127ms
29ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.thetravel.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5dbe0af3db4a988a55346757401b654aca638bf2ac76b14a74a5826b72071a2f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thetravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 03:34:41 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 105
x-xss-protection: 0
expires: Fri, 04 Nov 2022 03:34:41 GMT

POST
H/1.1 200
OK request Show response
socialcanvas-api.kargo.com/v2/ 131 B
500 B 204ms
204ms XHR
application/json 3.132.47.196
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://socialcanvas-api.kargo.com/v2/request
Requested by: Host: socialcanvas-cdn.kargo.com
URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.132.47.196 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-132-47-196.us-east-2.compute.amazonaws.com
Software: nginx/1.20.0 / Express
Resource Hash: 99489f8e80ad81d881dd889cc86deb2151df551f2e246bbde280449e1a8804f4

Request headers

Referer: https://www.thetravel.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-type: application/json

Response headers

Date: Fri, 04 Nov 2022 03:34:42 GMT
Server: nginx/1.20.0
X-Powered-By: Express
ETag: W/"83-KLwCeDRHQR/B1t719MIbw47kF+Q"
Vary: Origin
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: X-Requested-With
Content-Length: 131

GET
H2 200 scpb.js Show response
socialcanvas-cdn.kargo.com/js/ 265 KB
85 KB 35ms
34ms Script
application/javascript 2600:9000:214f:4e00:13:6a46:aa00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://socialcanvas-cdn.kargo.com/js/scpb.js
Requested by: Host: socialcanvas-cdn.kargo.com
URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:4e00:13:6a46:aa00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 424b01569957f5e2ffa39387f306099b1ad4011966e10e67143ebe19b46266d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thetravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 23:15:55 GMT
content-encoding: gzip
via: 1.1 48391c4ed2c51e95dcabcb70cf613126.cloudfront.net (CloudFront)
last-modified: Thu, 27 Oct 2022 18:42:18 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 15580
etag: W/"e41ff75933794be87ee5fe7001634112"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: 8-_JZuprUyMQ6UkPZN0vIBadh0TrcKKjtY0Eavffk5MxXy7Cc2sCwA==

OPTIONS
H/1.1 204
No Content request
socialcanvas-api.kargo.com/v2/ Frame 0
0 1099ms
807ms Preflight 3.132.47.196
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://socialcanvas-api.kargo.com/v2/request
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.132.47.196 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-132-47-196.us-east-2.compute.amazonaws.com
Software: nginx/1.20.0 / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.thetravel.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 0
Date: Fri, 04 Nov 2022 03:34:42 GMT
Server: nginx/1.20.0
Vary: Access-Control-Request-Headers
X-Powered-By: Express

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 1 KB
2 KB 28ms
27ms XHR
application/json 13.224.195.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=3741&u=https%3A%2F%2Fwww.thetravel.com
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.195.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-195-78.fra2.r.cloudfront.net
Software: Server /
Resource Hash: 7705b1840014424b82bda8c505c90f4d4307e09b94a2383c51345db10588103a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thetravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 01:26:31 GMT
via: 1.1 5a5b94c62ea85e0c0d78b169589b08b4.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA2-C1
age: 7689
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.thetravel.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 1318
x-amz-cf-id: 7Aw8CoOxttmHpKIeOtrtOItzdBAvzBPTdGd0WffLxkWksDZYNQODCQ==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 83ms
28ms XHR
application/javascript 13.224.195.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.195.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-195-78.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thetravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-amz-version-id: GByBGE9Pk5QvO6waz.2OH5fe1oGEkMED
content-encoding: gzip
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
date: Fri, 04 Nov 2022 03:34:41 GMT
x-amz-cf-pop: FRA2-C1
age: 251
x-cache: Hit from cloudfront
last-modified: Fri, 21 Oct 2022 19:58:26 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: iE9eKNwf3lFd16LQ_yYIeo5qIw7e4yAWXeMiuVF5z2toak2iT5ctlw==

POST
H2 200 publisher:getClientId Show response
ampcid.google.de/v1/ 3 B
463 B 165ms
87ms XHR
application/json 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.de/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.thetravel.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 04 Nov 2022 03:34:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.thetravel.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23
x-xss-protection: 0

GET
H3

200

usermatchredir
ssum.casalemedia.com/ Frame CF69
Redirect Chain

https://ssum.casalemedia.com/usermatchredir?s=184550&cb=
https://ssum.casalemedia.com/usermatchredir?s=184550&cb=&C=1

43 B
867 B

63ms
39ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum.casalemedia.com/usermatchredir?s=184550&cb=&C=1
Requested by: Host: www.thetravel.com
URL: https://www.thetravel.com/
Protocol: H3
Server: 104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mbid.marfeelrev.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Nov 2022 03:34:42 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bnqv2CzZwW8y6IxquGKv4ZZLZ8GotE7vgVqdu6O5XqorEP2e1SSzk%2Bny8rJ8flhhrXxyDEAcpK9A9rl5W8lMfR7jMmcEYcPxPvASLt6QNRZ1ckLWb0G7A69EzENYAIY1Lwp1odt3"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 764a4ba1fb636951-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 04 Nov 2022 03:34:42 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KGIdnqftZWgDdaU%2Byv3j8kbtcUcZrw3wn67zn34qYB7S2X2AWT%2FE6yXL23Gi0JL6SvIzurEKSI6z6NODDwVjun2tjovacWeF1qJG%2FWiRzN78pHLKZ09rHT%2FBWxaZ4qqtCcvaj7Hs"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /usermatchredir?s=184550&cb=&C=1
cache-control: no-cache
cf-ray: 764a4ba089249a1e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 200 pubcid.min.js Show response
secure.cdn.fastclick.net/js/pubcid/latest/ 53 KB
17 KB 114ms
25ms Script
application/javascript 104.81.65.39
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/op.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.81.65.39 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-81-65-39.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 0767c070293f17944c5246f47d8c610131ee16556a032dc3b5820bdac5ec725f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thetravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 03:34:42 GMT
content-encoding: gzip
last-modified: Thu, 13 Oct 2022 18:14:48 GMT
server: Apache
etag: "d4ed-5eaee7c12df48-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 17131
expires: Fri, 04 Nov 2022 03:49:42 GMT

GET
H2 200 hadron.js Show response
cdn.hadronid.net/ 55 KB
11 KB 76ms
26ms Script
application/javascript 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwww.thetravel.com%2F&ref=&_it=amazon&partner_id=269
Requested by: Host: www.thetravel.com
URL: https://www.thetravel.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 20b58597bca65c6846164be8e723ea2c817b31b04f6f351f42cb28ad6fa612b2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thetravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 03:34:41 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: QHY20EBKKYXBSNDD
age: 6905
x-amz-id-2: wAMFRj/S4D1C8KfdpfHS0mFxW1vMXEfKjgX58kfsdPcE+ZzfHImhNKjGXjlgBsYwb+gV9Eg4xCI=
cf-bgj: minify
last-modified: Wed, 02 Nov 2022 15:39:17 GMT
server: cloudflare
etag: W/"fb50e72b4a95082c176cafe0a37bead5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7u18uF3tUHkXtOhuD7uH076G3N49ffOBOv4D3U4rzHTPehHCRMcB1kEeFxuL8GMviIMAVX4t7Fk%2F2ADmeR6oK3Q0kefQxl8YUIBBeqNJxc7Gxylbw7AsinJlY5NJIdY9r2VxzH6nKrXXzUKmdH8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=3600
cf-ray: 764a4ba06ea4928d-FRA

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ 56 KB
16 KB 74ms
26ms Script
text/javascript 2606:4700:10::6816:3456
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6f0507591c49aa88fab2433451c6c3154c5d4450636b43b749afa1ae2521fe2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thetravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 03:34:41 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 22 Sep 2022 13:13:44 GMT
server: cloudflare
x-amz-request-id: BNJ6QE5JEPQ6QZQN
age: 657
etag: W/"68154020ef14b5881614607902c7c21b"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 764a4ba069a99a3c-FRA
x-amz-id-2: hJmPwVJFjVRFjjxB02rGj7iGRK80JkfiG0N/xC3qR9uTKG4G8bnSsVqbVVPjooGi44s5hsva9Y4=

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 70ms
27ms XHR
text/plain 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=9316665&t=pageview&_s=1&dl=https%3A%2F%2Fwww.thetravel.com%2F&ul=en-us&de=UTF-8&dt=TheTravel%20-%20Travel%20inspiration%20to%20the%20most%20interesting%20places%20on%20earth.%20Bucket%20list%20ideas%20and%20travel%20guides%2C%20all%20you%20need%20for%20a%20perfect%20trip.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KADAAEABEAQCACAAI~&jid=1732964035&gjid=2008192443&cid=172502456.1667532881&tid=UA-35624077-29&_gid=1245910549.1667532882&_r=1&_slc=1&cd1=homepage&cd2=&cd3=&cd4=home&cd5=home&cd6=&cd7=1&cd8=&cd9=&cd10=&cd11=false&cd12=native&cd13=&cd14=homepage&cd15=&cd16=&cd17=&cd18=&cd19=&cd20=false&cd21=1&cd22=false&cd23=native&cd24=desktop&cd25=217.114.218.22&cd26=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F107.0.5304.87%20Safari%2F537.36&cd27=&cd28=&cd29=&cd30=&cd31=&cd32=&cd33=&cd34=&cd35=false&cd36=home&cd38=&cd39=&cd40=&cd41=&cd43=&cd44=&cd45=&z=1548453022

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.thetravel.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 04 Nov 2022 03:34:42 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.thetravel.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 v2wkem5lN2YruoGkmbWsTLxgl5DkoBMDvhGts7Mc28SYklFJ_22o5ppQtG91Ey-C2qrC2QejmIg Show response
aloofvest.com/ 191 B
218 B 105ms
57ms Fetch
application/json 2600:1901:0:4277::1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://aloofvest.com/v2wkem5lN2YruoGkmbWsTLxgl5DkoBMDvhGts7Mc28SYklFJ_22o5ppQtG91Ey-C2qrC2QejmIg

Requested by

Host: aloofvest.com
URL: https://aloofvest.com/v2quyfVmmRuMooQ8S_qhcouHc1S2jsoPDf0RVlvTP2jez4DLF8h94VDBD

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:1901:0:4277::1 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

c378a9061d042770d17975f86d61b9a7ad1213d33aae744bdb30a80a6b074a16

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://www.thetravel.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
date: Fri, 04 Nov 2022 03:34:42 GMT
via: 1.1 google
x-buildnumber: 673376020
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 191
x-datacenter: gce-europe-west1
x-buildname: hoothoot
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.thetravel.com
x-hostname: fen-hoothoot-europe-west1-c63t
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires: Fri, 04 Nov 2022 03:34:41 GMT

GET
H2 200 hadron.json Show response
id.hadron.ad.gt/v1/ 47 B
272 B 183ms
183ms XHR
application/json 52.24.177.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=269&sync=0&domain=www.thetravel.com&url=https://www.thetravel.com/
Requested by: Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwww.thetravel.com%2F&ref=&_it=amazon&partner_id=269
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.24.177.43 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-24-177-43.us-west-2.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: f2a22e72529240603ca811d763e004ff0573aa575cf464a8c8f5d1f2da9f3d2a

Request headers

Access-Control-Allow-Origin: *
Referer: https://www.thetravel.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 03:34:42 GMT
content-encoding: gzip
server: nginx/1.20.0
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.thetravel.com
cache-control: public,max-age=30
access-control-allow-credentials: true

OPTIONS
H2 200 hadron.json
id.hadron.ad.gt/v1/ Frame 0
0 560ms
185ms Preflight
application/json 52.24.177.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=269&sync=0&domain=www.thetravel.com&url=https://www.thetravel.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.24.177.43 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-24-177-43.us-west-2.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: access-control-allow-origin
Access-Control-Request-Method: GET
Origin: https://www.thetravel.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: access-control-allow-origin
access-control-allow-methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
access-control-allow-origin: https://www.thetravel.com
cache-control: public,max-age=30
content-encoding: gzip
content-type: application/json
date: Fri, 04 Nov 2022 03:34:42 GMT
server: nginx/1.20.0
vary: Origin

GET
H2 200 pixel.png Show response
www.thetravel.com/ 103 B
441 B 107ms
107ms XHR
image/png 18.232.227.27
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thetravel.com/pixel.png?params=---{%22group%22:%22browseclip_imp%22,%22device%22:%22desktop%22,%22ids%22:[{%22position%22:%22sentinel-featuredPrimary-1%22},{%22position%22:%22sentinel-featuredSecondary-1%22},{%22position%22:%22sentinel-featuredSecondary-2%22},{%22position%22:%22sentinel-featuredSecondary-3%22},{%22position%22:%22sentinel-featuredSecondary-4%22},{%22position%22:%22sentinel-featuredNews-1%22},{%22position%22:%22sentinel-featuredNews-2%22},{%22position%22:%22sentinel-featuredNews-3%22},{%22position%22:%22sentinel-featuredNews-4%22},{%22position%22:%22sentinel-featuredNews-5%22},{%22id%22:%22404182%22,%22position%22:%22sentinel-home-list-1%22},{%22id%22:%22404238%22,%22position%22:%22sentinel-home-list-2%22},{%22id%22:%22404301%22,%22position%22:%22sentinel-home-list-3%22},{%22id%22:%22404242%22,%22position%22:%22sentinel-home-list-4%22},{%22id%22:%22404299%22,%22position%22:%22sentinel-home-list-5%22},{%22id%22:%22404004%22,%22position%22:%22sentinel-home-list-6+%22},{%22id%22:%22404277%22,%22position%22:%22sentinel-home-list-6+%22},{%22id%22:%22404062%22,%22position%22:%22sentinel-home-list-6+%22},{%22id%22:%22404213%22,%22position%22:%22sentinel-home-list-6+%22},{%22id%22:%22404136%22,%22position%22:%22sentinel-home-list-6+%22},{%22id%22:%22404284%22,%22position%22:%22sentinel-home-list-6+%22},{%22id%22:%22404018%22,%22position%22:%22sentinel-home-list-6+%22},{%22id%22:%22403991%22,%22position%22:%22sentinel-home-list-6+%22},{%22id%22:%22404272%22,%22position%22:%22sentinel-home-list-6+%22},{%22id%22:%22404264%22,%22position%22:%22sentinel-home-list-6+%22},{%22id%22:%22404347%22,%22position%22:%22sentinel-home-list-6+%22},{%22id%22:%22404323%22,%22position%22:%22sentinel-home-list-6+%22},{%22id%22:%22404338%22,%22position%22:%22sentinel-home-list-6+%22},{%22id%22:%22404329%22,%22position%22:%22sentinel-home-list-6+%22},{%22id%22:%22404155%22,%22position%22:%22sentinel-home-list-6+%22},{%22id%22:%22404177%22,%22position%22:%22sentinel-home-sidebarSticky-1%22},{%22id%22:%22403915%22,%22position%22:%22sentinel-home-sidebarSticky-2%22},{%22id%22:%22403995%22,%22position%22:%22sentinel-home-sidebarSticky-3%22}],%22eventType%22:%22impression%22}---&rdm=0.2040675773694962

Requested by

Host: www.thetravel.com
URL: https://www.thetravel.com/public/build/valnet-footer.690c7a4d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.232.227.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-232-227-27.compute-1.amazonaws.com

Software

nginx /

Resource Hash

d4ed5bd20c3036042165e91001bd91497551164b0e34c76cb8a6eb15c33f3c15

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thetravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 03:34:42 GMT
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 24 Oct 2019 17:53:00 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains; preload
etag: "5db1e4fc-67"
x-frame-options: SAMEORIGIN
content-type: image/png
accept-ranges: bytes
content-length: 103
x-xss-protection: 1; mode=block

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 66ms
26ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-09V3Q38X8F&gtm=2oeb20&_p=9316665&cid=172502456.1667532881&ul=en-us&sr=1600x1200&_s=2&sid=1667532881&sct=1&seg=0&dl=https%3A%2F%2Fwww.thetravel.com%2F&dt=TheTravel%20-%20Travel%20inspiration%20to%20the%20most%20interesting%20places%20on%20earth.%20Bucket%20list%20ideas%20and%20travel%20guides%2C%20all%20you%20need%20for%20a%20perfect%20trip.&en=FCP&_ee=1&ep.post_id=homepage&ep.article_template=&ep.browser_user_agent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F107.0.5304.87%20Safari%2F537.36&ep.author=&ep.jr_editor=&ep.sr_editor=&ep.primary_category=&ep.tags=&ep.payment_category=&ep.content_type=&ep.intent=&ep.network_category=&ep.is_amp_traffic=false&ep.template=home&ep.is_ad_block=false&ep.classification=&ep.is_subscribed_premium=false&ep.subscription_plan=&ep.ip_address=217.114.218.22&ep.date_published=&ep.date_republished=&epn.value=1199.5999999046326&ep.metric_id=v3-1667532881473-2575789938177&epn.metric_value=1199.5999999046326&epn.metric_delta=1199.5999999046326&ep.metric_rating=good&ep.debug_target=&ep.debug_event=&ep.debug_timing=loading&ep.event_time=&_et=2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-09V3Q38X8F
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thetravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Nov 2022 03:34:42 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.thetravel.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
444 B 80ms
27ms XHR
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-35624077-29&cid=172502456.1667532881&jid=1732964035&gjid=2008192443&_gid=1245910549.1667532882&_u=KADAAEAAEAQCACAAI~&z=1155762088

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.thetravel.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 04 Nov 2022 03:34:42 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.thetravel.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 prebid
rtb.openx.net/sync/ Frame CF69 43 B
350 B 95ms
33ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/prebid?gdpr=&gdpr_consent=&r=https%3A%2F%2Fmbid.marfeelrev.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Di%26uid%3D%24%7BUID%7D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mbid.marfeelrev.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Nov 2022 03:34:42 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: f9d1ncmts93lq3eb5osn74t7ajsnha6g

POST
H3 200 v2fpqIag0jX-46_RxhCi7MwoXsDEXEFDqlIvZfFK6lxup1Pnyq8gskO0yNv_X3yppzS4J6cCqzw Show response
aloofvest.com/ 2 KB
816 B 31ms
31ms Fetch
application/json 2600:1901:0:4277::1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://aloofvest.com/v2fpqIag0jX-46_RxhCi7MwoXsDEXEFDqlIvZfFK6lxup1Pnyq8gskO0yNv_X3yppzS4J6cCqzw

Requested by

Host: aloofvest.com
URL: https://aloofvest.com/v2quyfVmmRuMooQ8S_qhcouHc1S2jsoPDf0RVlvTP2jez4DLF8h94VDBD

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:1901:0:4277::1 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

39a8b371124c93a25e26c1a2ffc282e956c519df45f48e8b2755e1388492377a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://www.thetravel.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
content-encoding: gzip
via: 1.1 google
date: Fri, 04 Nov 2022 03:34:42 GMT
x-buildnumber: 673376020
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 790
x-datacenter: gce-europe-west1
x-buildname: hoothoot
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.thetravel.com
x-hostname: fen-hoothoot-europe-west1-c63t
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 80ms
32ms Image
image/gif 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-35624077-29&cid=172502456.1667532881&jid=1732964035&_u=KADAAEAAEAQCACAAI~&z=888327951

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thetravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Nov 2022 03:34:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 79ms
31ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-35624077-29&cid=172502456.1667532881&jid=1732964035&_u=KADAAEAAEAQCACAAI~&z=888327951

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thetravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Nov 2022 03:34:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame CF69 0
239 B 132ms
20ms Image
image/gif 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-marfeel&gdpr=&gdpr_consent=&us_privacy=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mbid.marfeelrev.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 ConsentManager,Sticky2 Show response
friendwool.com/v2pjl0QXCozX1F6lpxzKmbld-a3JIAygA35wCh1nvh9e9mZs2w176dEkyN6JwTvxc_bhSHUb2/ 274 KB
80 KB 291ms
49ms Script
text/javascript 2600:1901:0:7ec2::1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://friendwool.com/v2pjl0QXCozX1F6lpxzKmbld-a3JIAygA35wCh1nvh9e9mZs2w176dEkyN6JwTvxc_bhSHUb2/ConsentManager,Sticky2

Requested by

Host: aloofvest.com
URL: https://aloofvest.com/v2quyfVmmRuMooQ8S_qhcouHc1S2jsoPDf0RVlvTP2jez4DLF8h94VDBD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:7ec2::1 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

b9a878589a5f2f51e45c1ac2509763e0e985722602e99f36df7620892c04e469

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://www.thetravel.com/
Origin: https://www.thetravel.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; preload
content-encoding: br
via: 1.1 google
date: Fri, 04 Nov 2022 03:34:42 GMT
x-buildnumber: 673376020
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-datacenter: gce-europe-west1
etag: "c5018056becf75da2733562599c5a3ebdc8513bce71d4c713f47869f9402f93b"
x-buildname: hoothoot
vary: Accept-Encoding, Accept-Language, Origin
access-control-allow-methods: POST, OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: https://www.thetravel.com
x-hostname: fen-hoothoot-europe-west1-c63t
cache-control: private, must-revalidate, max-age=21600
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie

GET
H/1.1

200
OK

setuid
mbid.marfeelrev.com/ Frame CF69
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fmbid.marfeelrev.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Di%26uid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fmbid.marfeelrev.com%252Fsetuid%253Fbidder%253Dadnxs%2526gdpr%253D%2526gdpr_consent%253D%2526us_privacy%253D%2526f%253Di%2526uid%253D%2524UID
https://mbid.marfeelrev.com/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=&f=i&uid=3526453403197514605

86 B
692 B

27ms
27ms

Image
image/png

167.235.35.91
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mbid.marfeelrev.com/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=&f=i&uid=3526453403197514605
Protocol: HTTP/1.1
Server: 167.235.35.91 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: haproxy06.cl01.k8s.mrf.io
Software: istio-envoy /
Resource Hash: c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mbid.marfeelrev.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Nov 2022 03:34:42 GMT
content-encoding: gzip
server: istio-envoy
transfer-encoding: chunked
content-type: image/png
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 1
expires: 0

Redirect headers

Pragma: no-cache
Date: Fri, 04 Nov 2022 03:34:42 GMT
AN-X-Request-Uuid: 87e773bd-96ab-40c5-851d-e814405e74ae
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://mbid.marfeelrev.com/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=&f=i&uid=3526453403197514605
Connection: keep-alive
X-Proxy-Origin: 217.114.218.22; 217.114.218.22; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

setuid
mbid.marfeelrev.com/ Frame CF69
Redirect Chain

https://ad.360yield.com/server_match?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fmbid.marfeelrev.com%2Fsetuid%3Fbidder%3Dimprovedigital%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Di%26uid...
https://ad.360yield.com/ul_cb/server_match?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fmbid.marfeelrev.com%2Fsetuid%3Fbidder%3Dimprovedigital%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Di...
https://mbid.marfeelrev.com/setuid?bidder=improvedigital&gdpr=&gdpr_consent=&us_privacy=&f=i&uid=9085c3c1-bddb-45f0-bbab-13e4e5960d0f

86 B
824 B

27ms
27ms

Image
image/png

167.235.35.91
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mbid.marfeelrev.com/setuid?bidder=improvedigital&gdpr=&gdpr_consent=&us_privacy=&f=i&uid=9085c3c1-bddb-45f0-bbab-13e4e5960d0f
Protocol: HTTP/1.1
Server: 167.235.35.91 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: haproxy06.cl01.k8s.mrf.io
Software: istio-envoy /
Resource Hash: c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mbid.marfeelrev.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Nov 2022 03:34:42 GMT
content-encoding: gzip
server: istio-envoy
transfer-encoding: chunked
content-type: image/png
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 1
expires: 0

Redirect headers

location: https://mbid.marfeelrev.com/setuid?bidder=improvedigital&gdpr=&gdpr_consent=&us_privacy=&f=i&uid=9085c3c1-bddb-45f0-bbab-13e4e5960d0f
access-control-allow-origin: *
date: Fri, 04 Nov 2022 03:34:42 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H3 200 Rinc%C3%B3n-De-La-Vieja-Volcano-Costa-Rica.JPG
static1.thetravelimages.com/wordpress/wp-content/uploads/2022/10/ 24 KB
24 KB 140ms
140ms Image
image/avif 2606:4700:10::6816:509
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static1.thetravelimages.com/wordpress/wp-content/uploads/2022/10/Rinc%C3%B3n-De-La-Vieja-Volcano-Costa-Rica.JPG?q=50&fit=crop&w=320&h=225&dpr=1.5
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:509 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac49057e05b2663cb245d38d2c8d45bc82d550494f7ce59ed75b1f728a9ef814

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thetravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 03:34:42 GMT
cf-cache-status: HIT
content-disposition: inline; filename="RincÃ³n-De-La-Vieja-Volcano-Costa-Rica.avif"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 24670
x-request-id: kMHTfUB2NN-NfstsHHeVU
server: cloudflare
etag: "L4VXLFCH_83JLtocImfIurBleTbz-f5t2Sxsctv9smw/RIm1LTVlPNFdqOVM0ajk5NkF0bUdkNVEi"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 764a4ba57dad9b7c-FRA
expires: Fri, 03 Nov 2023 18:08:10 GMT

GET
H2 200 css2
fonts.googleapis.com/ 7 KB
1 KB 76ms
30ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:wght@300;600;700&display=swap

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a9800bdcfee680a224931e132e95552d4e5d70f9f147ced4af8a9c8bc52c80c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thetravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 04 Nov 2022 03:34:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 04 Nov 2022 02:10:57 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 04 Nov 2022 03:34:42 GMT

GET
H3 200 acv.json Show response
aloofvest.com/ 81 KB
17 KB 30ms
29ms Fetch
application/json 2600:1901:0:4277::1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://aloofvest.com/acv.json

Requested by

Host: aloofvest.com
URL: https://aloofvest.com/v2quyfVmmRuMooQ8S_qhcouHc1S2jsoPDf0RVlvTP2jez4DLF8h94VDBD

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:1901:0:4277::1 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

c4650b58465a55f3d663bca634f08b6ac44b63053752457add5a2c13e7648b2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thetravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; preload
content-encoding: br
via: 1.1 google
date: Fri, 04 Nov 2022 03:34:42 GMT
x-buildnumber: 673376020
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
last-modified: Tue, 01 Nov 2022 20:33:32 GMT
x-datacenter: gce-europe-west1
x-buildname: hoothoot
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://www.thetravel.com
x-hostname: fen-hoothoot-europe-west1-c63t
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie

GET
H2 200 MTMsMTQzMTI4NTJlMzJj
images.getadmiral.com/ 763 B
1 KB 96ms
43ms Image
image/png 2606:4700:3037::ac43:c1e6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.getadmiral.com/MTMsMTQzMTI4NTJlMzJj

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:c1e6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2880fbb26ad5becd41ec25a5c37da351ac77225bbf30d5a9ab8accf5728591cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thetravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 03:34:42 GMT
strict-transport-security: max-age=15552000; preload
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-buildnumber: 684862290
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 763
server: cloudflare
x-datacenter: gce-europe-west1
etag: "2c607cb7"
x-buildname: dank
vary: Accept-Encoding
x-hostname: bill
content-type: image/png
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dHs6naLuHIYVbYu2znbD7R5KGtkQyQNE8MaDCMkORmO9T9HTSbia58pttWsxrOhiJChLyNVBDaZIxMz41A5519QNQv9FwRceylllc9ig2CuPzho%2ByrB0pH0XSMkeEex%2B6Cy8KxpHbM%2FBkTJm6v1vOpaAIBg%3D"}],"group":"cf-nel","max_age":604800}
cache-control: private, must-revalidate, max-age=3600
cf-ray: 764a4ba66fc89a2f-FRA

GET
H/1.1

200
OK

setuid
mbid.marfeelrev.com/ Frame CF69
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fmbid.marfeelrev.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Di%26uid%3D%24UID
https://mbid.marfeelrev.com/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=&f=i&uid=3526453403197514605

86 B
824 B

28ms
28ms

Image
image/png

167.235.35.91
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mbid.marfeelrev.com/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=&f=i&uid=3526453403197514605
Protocol: HTTP/1.1
Server: 167.235.35.91 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: haproxy06.cl01.k8s.mrf.io
Software: istio-envoy /
Resource Hash: c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mbid.marfeelrev.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Nov 2022 03:34:42 GMT
content-encoding: gzip
server: istio-envoy
transfer-encoding: chunked
content-type: image/png
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 1
expires: 0

Redirect headers

Pragma: no-cache
Date: Fri, 04 Nov 2022 03:34:42 GMT
AN-X-Request-Uuid: 131bf61a-827d-4ecc-af55-975c185f5ad6
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://mbid.marfeelrev.com/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=&f=i&uid=3526453403197514605
Connection: keep-alive
X-Proxy-Origin: 217.114.218.22; 217.114.218.22; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v12/ 37 KB
38 KB 66ms
19ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@300;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.thetravel.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 16:54:37 GMT
x-content-type-options: nosniff
age: 297606
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37924
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 20:54:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 31 Oct 2023 16:54:37 GMT

GET
H2 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v12/ 37 KB
37 KB 85ms
40ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@300;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.thetravel.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 16:54:37 GMT
x-content-type-options: nosniff
age: 297606
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37924
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 20:54:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 31 Oct 2023 16:54:37 GMT

GET
H2 200 269 Show response
a.ad.gt/api/v1/u/matches/ 11 KB
4 KB 188ms
188ms Script
application/javascript 35.84.93.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://a.ad.gt/api/v1/u/matches/269?_it=amazon
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/op.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.84.93.102 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-84-93-102.us-west-2.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: 00f6b59825a8bcb9725b2ca10b489b22d42c1272cb9ab376a6ac7ab706f9ee04

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thetravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 04 Nov 2022 03:34:43 GMT
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: nginx/1.20.0
content-type: application/javascript

POST
H3 200 v2wkem5lN2YruoGkmbWsTLxgl5DkoBMDvhGts7Mc28SYklFJ_22o5ppQtG91Ey-C2qrC2QejmIg Show response
aloofvest.com/ 178 B
205 B 79ms
78ms Fetch
application/json 2600:1901:0:4277::1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://aloofvest.com/v2wkem5lN2YruoGkmbWsTLxgl5DkoBMDvhGts7Mc28SYklFJ_22o5ppQtG91Ey-C2qrC2QejmIg

Requested by

Host: aloofvest.com
URL: https://aloofvest.com/v2quyfVmmRuMooQ8S_qhcouHc1S2jsoPDf0RVlvTP2jez4DLF8h94VDBD

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:1901:0:4277::1 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

a9f3f5597c825ea007fa37748362c2a2e0040d1cc4d212e364f68b52ecba8bcb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://www.thetravel.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
date: Fri, 04 Nov 2022 03:34:43 GMT
via: 1.1 google
x-buildnumber: 673376020
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 178
x-datacenter: gce-europe-west1
x-buildname: hoothoot
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.thetravel.com
x-hostname: fen-hoothoot-europe-west1-c63t
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires: Fri, 04 Nov 2022 03:34:42 GMT

GET
H3 200 Vineyards-and-beautiful-medieval-castles-of-Italy---Torrechiara-near-Parma.jpg
static1.thetravelimages.com/wordpress/wp-content/uploads/2022/10/ 20 KB
21 KB 125ms
125ms Image
image/avif 2606:4700:10::6816:509
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static1.thetravelimages.com/wordpress/wp-content/uploads/2022/10/Vineyards-and-beautiful-medieval-castles-of-Italy---Torrechiara-near-Parma.jpg?q=50&fit=crop&w=320&h=225&dpr=1.5
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:509 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fac25d633eb2fbd9a40588639c187b6764de1c7cc09609dc2295bab8581ddf48

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thetravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 03:34:43 GMT
cf-cache-status: HIT
content-disposition: inline; filename="Vineyards-and-beautiful-medieval-castles-of-Italy---Torrechiara-near-Parma.avif"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 20661
x-request-id: C9BsYA6JsCLjt4f7W3Uv7
server: cloudflare
etag: "L4VXLFCH_83JLtocImfIurBleTbz-f5t2Sxsctv9smw/RIi1KaGl3U09jOTlaMUhIcm1HWTZiUEEi"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 764a4ba8b9a99b7c-FRA
expires: Fri, 03 Nov 2023 17:34:49 GMT

GET
H3 200 Collapsing-wood-framed-store-beside-decaying-buildings-of-a-ghost-town.jpg
static1.thetravelimages.com/wordpress/wp-content/uploads/2022/10/ 4 KB
5 KB 128ms
127ms Image
image/avif 2606:4700:10::6816:509
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static1.thetravelimages.com/wordpress/wp-content/uploads/2022/10/Collapsing-wood-framed-store-beside-decaying-buildings-of-a-ghost-town.jpg?q=50&fit=crop&w=200&h=140&dpr=1.5
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:509 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bfb43f6e25115434a98cd739f220e8ac7cfa3ab0839b6a11e791c71a06fc046b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thetravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 03:34:43 GMT
cf-cache-status: HIT
content-disposition: inline; filename="Collapsing-wood-framed-store-beside-decaying-buildings-of-a-ghost-town.avif"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4340
x-request-id: 2ALYQC1Cn2-on9uER9xUu
server: cloudflare
etag: "mtetvLAC2GbYX4cqZs97Mr8RsJnR9xBnlfdF5428uc8/RIkxmOU5YcHM2V3plMWNOVlp1Q01Zd1Ei"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 764a4ba8b9ab9b7c-FRA
expires: Fri, 03 Nov 2023 18:45:42 GMT

GET
H3 200 Untitled-design-21.jpg
static1.thetravelimages.com/wordpress/wp-content/uploads/2021/02/ 9 KB
9 KB 144ms
144ms Image
image/avif 2606:4700:10::6816:509
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static1.thetravelimages.com/wordpress/wp-content/uploads/2021/02/Untitled-design-21.jpg?q=50&fit=crop&w=200&h=140&dpr=1.5
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:509 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aeed2b4d3d61ac166c6044e219a28bf9368d14536ebfe641cd1f2f94299f0276

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thetravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 03:34:43 GMT
cf-cache-status: HIT
content-disposition: inline; filename="Untitled-design-21.avif"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9083
x-request-id: 9q7R_92wemKJfob6vwMYR
server: cloudflare
etag: "mtetvLAC2GbYX4cqZs97Mr8RsJnR9xBnlfdF5428uc8/RIkJZTmlNcGtPLTR6akZNYlBnTnd2Mnci"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 764a4ba8b9ac9b7c-FRA
expires: Fri, 03 Nov 2023 18:50:37 GMT

GET
H3 200 Squamish-British-Columbia-Canada.JPG
static1.thetravelimages.com/wordpress/wp-content/uploads/2022/10/ 8 KB
8 KB 145ms
144ms Image
image/avif 2606:4700:10::6816:509
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static1.thetravelimages.com/wordpress/wp-content/uploads/2022/10/Squamish-British-Columbia-Canada.JPG?q=50&fit=crop&w=200&h=140&dpr=1.5
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:509 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d4a15ffc08f982300e8d7c3707c0e4ff3c52c6828567afd06c84b3bd6c78d517

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thetravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 03:34:43 GMT
cf-cache-status: HIT
content-disposition: inline; filename="Squamish-British-Columbia-Canada.avif"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8056
x-request-id: jIbtJs3NJ5-ejQyaK4-PO
server: cloudflare
etag: "mtetvLAC2GbYX4cqZs97Mr8RsJnR9xBnlfdF5428uc8/RImlGUEJUNzNQdnc3MFlaVnEzRXRabnci"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 764a4ba8b9ad9b7c-FRA
expires: Fri, 03 Nov 2023 18:59:24 GMT

POST
H3 200 v2xwyaM5AQ21sB9vy-F63pgqy-IbZUjpd77BKfGO34BSKT6SCIvpEQK9U75oEjTHzmNozT4J4dr8
aloofvest.com/ 2 B
28 B 80ms
29ms Ping
application/json 2600:1901:0:4277::1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://aloofvest.com/v2xwyaM5AQ21sB9vy-F63pgqy-IbZUjpd77BKfGO34BSKT6SCIvpEQK9U75oEjTHzmNozT4J4dr8

Requested by

Host: aloofvest.com
URL: https://aloofvest.com/v2quyfVmmRuMooQ8S_qhcouHc1S2jsoPDf0RVlvTP2jez4DLF8h94VDBD

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:1901:0:4277::1 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

4355a46b19d348dc2f57c046f8ef63d4538ebb936000f3c9ee954a27460dd865

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://www.thetravel.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
date: Fri, 04 Nov 2022 03:34:43 GMT
via: 1.1 google
x-buildnumber: 673376020
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
x-datacenter: gce-europe-west1
x-buildname: hoothoot
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.thetravel.com
x-hostname: fen-hoothoot-europe-west1-c63t
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires: Fri, 04 Nov 2022 03:34:42 GMT

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 27ms
27ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-09V3Q38X8F&gtm=2oeb20&_p=9316665&cid=172502456.1667532881&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=3&sid=1667532881&sct=1&seg=0&dl=https%3A%2F%2Fwww.thetravel.com%2F&dt=TheTravel%20-%20Travel%20inspiration%20to%20the%20most%20interesting%20places%20on%20earth.%20Bucket%20list%20ideas%20and%20travel%20guides%2C%20all%20you%20need%20for%20a%20perfect%20trip.&en=TTFB&_ee=1&ep.post_id=homepage&ep.article_template=&ep.browser_user_agent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F107.0.5304.87%20Safari%2F537.36&ep.author=&ep.jr_editor=&ep.sr_editor=&ep.primary_category=&ep.tags=&ep.payment_category=&ep.content_type=&ep.intent=&ep.network_category=&ep.is_amp_traffic=false&ep.template=home&ep.is_ad_block=false&ep.classification=&ep.is_subscribed_premium=false&ep.subscription_plan=&ep.ip_address=217.114.218.22&ep.date_published=&ep.date_republished=&epn.value=950.9000000953674&ep.metric_id=v3-1667532881473-5527792453971&epn.metric_value=950.9000000953674&epn.metric_delta=950.9000000953674&ep.metric_rating=needs-improvement&ep.debug_target=&ep.debug_event=&ep.debug_timing=&ep.event_time=&_et=780
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-09V3Q38X8F
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thetravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Nov 2022 03:34:47 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.thetravel.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

152 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

18 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.thetravel.com/	1969-12-31 23:59:59	Name: viewType Value: direct
.thetravel.com/	1970-01-20 15:57:48	Name: usprivacy Value: 1---
.casalemedia.com/	1970-01-20 15:57:48	Name: CMID Value: Y2SIUlu78mI.jgTUY1SsjwAA
.casalemedia.com/	1970-01-20 09:21:48	Name: CMPS Value: 5180
.casalemedia.com/	1970-01-20 09:21:48	Name: CMPRO Value: 5180
.thetravel.com/	1970-01-20 07:12:16	Name: AMP_TOKEN Value: %24NOT_FOUND
.thetravel.com/	1970-01-20 16:48:12	Name: _ga Value: GA1.2.172502456.1667532881
.thetravel.com/	1970-01-20 07:13:39	Name: _gid Value: GA1.2.1245910549.1667532882
.thetravel.com/	1970-01-20 07:12:12	Name: _gat Value: 1
.casalemedia.com/	1970-01-20 09:21:48	Name: CMTS Value: 1121
.thetravel.com/	1970-01-20 16:48:12	Name: _ga_09V3Q38X8F Value: GS1.1.1667532881.1.0.1667532882.0.0.0
www.thetravel.com/	1970-01-20 07:55:24	Name: _pbjs_userid_consent_data Value: 6683316680106290
.thetravel.com/	1970-01-20 11:31:24	Name: _pubcid Value: a0870318-12e0-46ed-85e6-97432553b90d
.adnxs.com/	1970-01-20 09:21:48	Name: uuid2 Value: 3526453403197514605
.360yield.com/	1970-01-20 09:21:48	Name: tuuid Value: 9085c3c1-bddb-45f0-bbab-13e4e5960d0f
.360yield.com/	1970-01-20 09:21:48	Name: tuuid_lu Value: 1667532882
.mbid.marfeelrev.com/	1970-01-20 09:21:48	Name: uids Value: eyJ1aWRzIjp7fSwidGVtcFVJRHMiOnsiYWRueHMiOnsidWlkIjoiMzUyNjQ1MzQwMzE5NzUxNDYwNSIsImV4cGlyZXMiOiIyMDIyLTExLTE4VDAzOjM0OjQyLjk0N1oifSwiaW1wcm92ZWRpZ2l0YWwiOnsidWlkIjoiOTA4NWMzYzEtYmRkYi00NWYwLWJiYWItMTNlNGU1OTYwZDBmIiwiZXhwaXJlcyI6IjIwMjItMTEtMThUMDM6MzQ6NDIuODk3WiJ9fSwiYmRheSI6IjIwMjItMTEtMDRUMDM6MzQ6NDIuNjM4WiJ9
.thetravel.com/	1970-01-20 16:48:12	Name: _awl Value: 2.1667532883.0.5-470ccbf9705817cfb7565666a8669d5f-6763652d6575726f70652d7765737431-0

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://www.thetravel.com/ Message: The resource https://launchpad.privacymanager.io/latest/launchpad.bundle.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.ad.gt
ad.360yield.com
adsninja.ca
aloofvest.com
ampcid.google.com
ampcid.google.de
c.amazon-adsystem.com
cdn.hadronid.net
cdn.id5-sync.com
fonts.googleapis.com
fonts.gstatic.com
friendwool.com
geo.privacymanager.io
ib.adnxs.com
id.hadron.ad.gt
images.getadmiral.com
launchpad-wrapper.privacymanager.io
launchpad.privacymanager.io
mbid.marfeelrev.com
pixel.rubiconproject.com
region1.google-analytics.com
rtb.openx.net
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
seg.ad.gt
socialcanvas-api.kargo.com
socialcanvas-cdn.kargo.com
ssum.casalemedia.com
static.adsafeprotected.com
static1.thetravelimages.com
stats.g.doubleclick.net
tagan.adlightning.com
thetravel.com
unpkg.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.thetravel.com
104.18.18.126
104.81.65.39
108.157.4.122
13.224.195.78
13.225.78.47
13.32.27.122
143.204.215.96
167.235.35.91
18.232.227.27
185.89.210.244
2001:4860:4802:32::36
2600:1901:0:4277::1
2600:1901:0:7ec2::1
2600:9000:214f:4e00:13:6a46:aa00:93a1
2600:9000:214f:a600:8:48e:53c0:93a1
2606:4700:10::6816:3456
2606:4700:10::6816:509
2606:4700:20::ac43:49e4
2606:4700:3037::ac43:c1e6
2606:4700::6810:7eaf
2a00:1450:4001:800::200a
2a00:1450:4001:803::200e
2a00:1450:4001:806::2003
2a00:1450:4001:806::200e
2a00:1450:4001:80b::2004
2a00:1450:4001:827::2002
2a00:1450:4001:82b::2003
2a00:1450:4001:82b::2008
2a00:1450:4001:831::2002
2a00:1450:400c:c00::9b
3.132.47.196
35.161.99.119
35.227.252.103
35.84.93.102
52.24.177.43
54.144.151.126
54.155.65.255
69.173.144.165
00f6b59825a8bcb9725b2ca10b489b22d42c1272cb9ab376a6ac7ab706f9ee04
0342fa660bc1535ae0643c37326b3d79bc4ea7febc99535dec5b16fc68208d6d
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0767c070293f17944c5246f47d8c610131ee16556a032dc3b5820bdac5ec725f
0f53e2a2977c0290e0d890f52de018f207f1767ea30a102f72b90b6b61ed3a0c
157925779bf3fa55358db1ff0ef81321248101db3a65bdc63c2bbaef9b8b7ed7
17d973fdfd11ca9d8a1a24dc72d98acc6e64a1e8bf75a9ce7c07accc647ab921
1e41d23edc1c012f61172240500690f9188f9c33724c31afd0c8d2e8d363f752
20b58597bca65c6846164be8e723ea2c817b31b04f6f351f42cb28ad6fa612b2
27f592d0f08ed3290fa06d975f114a8c046af4f38e1a967e8924a2dbb6123dca
2880fbb26ad5becd41ec25a5c37da351ac77225bbf30d5a9ab8accf5728591cf
2b1fb7f2a2798dc67560cffd65abb680930b041811032dab330d09e638c3ea28
34324dbaf20c9a3936b0de3ae21847f86f74d13835128f531922b8da43fdea1e
369b6a06cf0598a92b22182eb79ecc4387aff4c5507cdf798d5febccb1f5656d
36ae0288126b4b912e24068f22bd019e88dea46d734eb7e1c999ecf2107de4ff
39a8b371124c93a25e26c1a2ffc282e956c519df45f48e8b2755e1388492377a
3b3ed4b191fdd529075b8e099f5daefd684e80acd4c9514a70b6ad746e949544
3de92dc557a7dc56e65a281f5d38c4a63eecd6faca350d4a5d1c5a8d89fbfc6c
424b01569957f5e2ffa39387f306099b1ad4011966e10e67143ebe19b46266d3
4355a46b19d348dc2f57c046f8ef63d4538ebb936000f3c9ee954a27460dd865
43b5f2a4da3c0159efb20fb436a6b5faace1894f63f5d47c341db9361dea6734
450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
51489103b165d141f38eb02e87cb836e3c0e1719fcb39625ab1aa8016099c0c0
5dbe0af3db4a988a55346757401b654aca638bf2ac76b14a74a5826b72071a2f
6d726276ed26c9cee416eb8c7c8205d7984a3075d4507301e002a60bd64cdc90
6f0507591c49aa88fab2433451c6c3154c5d4450636b43b749afa1ae2521fe2f
7705b1840014424b82bda8c505c90f4d4307e09b94a2383c51345db10588103a
78a751a5c6da74a09e26c4c547f4283e02b156f7d8d8e073994adbfba1f074ca
83503f4c964c073a8f31f45073af0a649ffabdcb01b30afa073ca69b0df90045
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
894163bfc3ee215abf4ce1973965ae140f6443ee897f04b83600a24639630438
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
8dacea1621a3cc7745d920f6f68fe58661b1bccb28a0e99adebfbc0246e89e54
8dfbd89a1ed34f8bb59c0e948c8342ed71e0a3d46fafabb7ef5e19491952e0ae
90d189e1c08e1151b4bfd4abf0d283318cbca5bf91d59f2dd024f54393ec5b0f
95f72e31c07df558e84069c19c5a5362e61cbff4c6509d145d28d831f36a13fe
9636ae34d17ea8fb66320e3cced61947874b173cb04ef49586168df9963243c6
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
99489f8e80ad81d881dd889cc86deb2151df551f2e246bbde280449e1a8804f4
a385633f1e2fe45e65c2bc3b322d776c9bab1c9687998f764c0c83f79e2963e2
a871805cad8b7feafbc374abafb8ea3d0bfb91088320535e2ce3c4237ee52f69
a9800bdcfee680a224931e132e95552d4e5d70f9f147ced4af8a9c8bc52c80c9
a9f3f5597c825ea007fa37748362c2a2e0040d1cc4d212e364f68b52ecba8bcb
ac49057e05b2663cb245d38d2c8d45bc82d550494f7ce59ed75b1f728a9ef814
acbf36175ef44b00613c18ba6bd6d119d232574a3e7031c7ac829108efb7d12f
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aeed2b4d3d61ac166c6044e219a28bf9368d14536ebfe641cd1f2f94299f0276
b0229a140d1079ffb630977088e25389b161afc456b661542281529ffcaec1a3
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b389f09fdbf9098877d12de2989df5b1fcd12d29d5b79e1e1f1cd7d751296253
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b8d471fd55fbf29d033dd130913a60f9137ec4a36c02d251a879d0630e0ba84c
b9a878589a5f2f51e45c1ac2509763e0e985722602e99f36df7620892c04e469
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
be3cd085c67e6eaa4329012fa3e1a2c0921567736e72e93e31fa057d591e4549
bfb43f6e25115434a98cd739f220e8ac7cfa3ab0839b6a11e791c71a06fc046b
c17758529d8999faa3fdac86c144bcbbc6e2d85158df189aa3a86bf8e4f1f169
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
c378a9061d042770d17975f86d61b9a7ad1213d33aae744bdb30a80a6b074a16
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
c4650b58465a55f3d663bca634f08b6ac44b63053752457add5a2c13e7648b2b
c97fc82429a0a8c24a88c64213782da0c325bebc3fc3293235c5c5bd79cb0aa0
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cc2b650c6f5f96a8c926831d077eb3209e13571925c1710dcc972b956c6e5093
d4a15ffc08f982300e8d7c3707c0e4ff3c52c6828567afd06c84b3bd6c78d517
d4ed5bd20c3036042165e91001bd91497551164b0e34c76cb8a6eb15c33f3c15
d95e48e228e15b142237124b2d5979c9a6c38b078b11821bcf1b7c862d1d9c2d
dea7236f465b19cff16798a00cad37d03bae254850cfb5cdf00c2daee953b849
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b9d318b3157ccbfc3bb00e82a446613294f9a592c01537662386bd848882b7
ecdd26adcc4a8c8b6164c4da1adcf9bae9018e1cafdcb9f8c5b80cb488b6d625
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2a22e72529240603ca811d763e004ff0573aa575cf464a8c8f5d1f2da9f3d2a
f510b98f3e39ae027e851f5533663c322d32c6547291be9cfbe17d5b563fcf12
f626ed1f2660b709cf0070dc30fe0106ba9a7cc2ca7f380bd5302f342f196227
f65571b81c1309c94833c83ac121d87e15f6618fae087271c813c4c546ccf422
f6e26b666139f315b7d7f689cddea2537bddb594a865f3559270795f58457668
fac25d633eb2fbd9a40588639c187b6764de1c7cc09609dc2295bab8581ddf48

www.thetravel.com Open in urlscan Pro 18.232.227.27 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

91 Requests

95 %HTTPS

53 %IPv6

30 Domains

40 Subdomains

36 IPs

5 Countries

1619 kBTransfer

4414 kBSize

18 Cookies

8 Outgoing links

Page URL History

Redirected requests

91 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.thetravel.com Open in urlscan Pro
18.232.227.27 Public Scan

Screenshot
Live screenshot

Full Image

91
Requests

95 %
HTTPS

53 %
IPv6

30
Domains

40
Subdomains

36
IPs

5
Countries

1619 kB
Transfer

4414 kB
Size

18
Cookies

91 HTTP transactions
0 data transactions