urlscan.io logo urlscan.io
SecurityTrails logo

connectplus.travelleaders.com Open in urlscan Pro
174.129.37.85  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://2iqyi.app.link/
Effective URL: https://connectplus.travelleaders.com/download/desktop
Submission: On June 17 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 2 countries across 8 domains to perform 13 HTTP transactions. The main IP is 174.129.37.85, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is connectplus.travelleaders.com.
TLS certificate: Issued by R3 on May 31st 2024. Valid for: 3 months.
This is the only time connectplus.travelleaders.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    2600:9000:2449:dc00:19:9934:6a80:93a1 (United States)

ASN16509 (AMAZON-02, US)
2iqyi.app.link
3    174.129.37.85 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-174-129-37-85.compute-1.amazonaws.com
connectplus.travelleaders.com
4    18.245.86.31 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-86-31.fra60.r.cloudfront.net
cdn.mtrip.me
1    2606:4700:3037::ac43:8ef5 (United States)

ASN13335 (CLOUDFLARENET, US)
use.fontawesome.com
1    142.250.186.100 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f4.1e100.net
www.google.com
1    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
maps.googleapis.com
1    18.245.46.30 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-46-30.fra56.r.cloudfront.net
js.mtrip.me
1    2600:9000:26e8:5800:d:8053:6a80:21 (United States)

ASN16509 (AMAZON-02, US)
d2jdnsw4w00rze.cloudfront.net
1    2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    172.217.23.106 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f106.1e100.net
maps.googleapis.com
Apex Domain
Subdomains		 Transfer
5 mtrip.me
cdn.mtrip.me
js.mtrip.me
422 KB
3 googleapis.com
maps.googleapis.com — Cisco Umbrella Rank: 391
fonts.googleapis.com — Cisco Umbrella Rank: 77
86 KB
3 travelleaders.com
connectplus.travelleaders.com
9 KB
1 cloudfront.net
d2jdnsw4w00rze.cloudfront.net
442 KB
1 gstatic.com
www.gstatic.com
19 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 5
19 B
1 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 1380
9 KB
1 app.link
2iqyi.app.link
516 B
13 8
Domain Requested by
4 cdn.mtrip.me connectplus.travelleaders.com
3 connectplus.travelleaders.com 1 redirects
2 maps.googleapis.com connectplus.travelleaders.com
maps.googleapis.com
1 fonts.googleapis.com cdn.mtrip.me
1 d2jdnsw4w00rze.cloudfront.net connectplus.travelleaders.com
1 js.mtrip.me connectplus.travelleaders.com
1 www.gstatic.com connectplus.travelleaders.com
1 www.google.com 1 redirects
1 use.fontawesome.com connectplus.travelleaders.com
1 2iqyi.app.link 1 redirects
13 10

This site contains no links.

Subject Issuer Validity Valid
mytrip.tripagent.com
R3		 2024-05-31 -
2024-08-29		 3 months crt.sh
cdn.mtrip.me
Amazon RSA 2048 M03		 2023-09-25 -
2024-10-22		 a year crt.sh
use.fontawesome.com
Cloudflare Inc ECC CA-3		 2023-10-12 -
2024-10-10		 a year crt.sh
upload.video.google.com
WR2		 2024-05-27 -
2024-08-19		 3 months crt.sh
js.mtrip.me
Amazon RSA 2048 M03		 2023-09-25 -
2024-10-22		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh

This page contains 1 frames:

Primary Page: https://connectplus.travelleaders.com/download/desktop
Frame ID: FDB2C3E934E3331A226938A4C2C2D1D4
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Travel Leaders Group Management

Page URL History Show full URLs

  1. http://2iqyi.app.link/ HTTP 307
    https://2iqyi.app.link/ HTTP 307
    https://2iqyi.app.link/ HTTP 307
    https://connectplus.travelleaders.com/download HTTP 302
    https://connectplus.travelleaders.com/download/desktop Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //maps\.google(?:apis)?\.com/maps/api/js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Page Statistics

13
Requests

92 %
HTTPS

55 %
IPv6

8
Domains

10
Subdomains

9
IPs

2
Countries

986 kB
Transfer

3191 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://2iqyi.app.link/ HTTP 307
    https://2iqyi.app.link/ HTTP 307
    https://2iqyi.app.link/ HTTP 307
    https://connectplus.travelleaders.com/download HTTP 302
    https://connectplus.travelleaders.com/download/desktop Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3
  • https://www.google.com/jsapi HTTP 301
  • https://www.gstatic.com/charts/loader.js

13 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request desktop
connectplus.travelleaders.com/download/
Redirect Chain
  • http://2iqyi.app.link/
  • https://2iqyi.app.link/
  • https://2iqyi.app.link/
  • https://connectplus.travelleaders.com/download
  • https://connectplus.travelleaders.com/download/desktop
27 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://connectplus.travelleaders.com/download/desktop
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.129.37.85 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-174-129-37-85.compute-1.amazonaws.com
Software
nginx /
Resource Hash
328b26001b2a98067cbd6b9eaa1f948effaecef33ab2a5a9342af5229127f31d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Cache-Control
max-age=0, private, must-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Mon, 17 Jun 2024 13:40:41 GMT
ETag
W/"328b26001b2a98067cbd6b9eaa1f948e"
Referrer-Policy
strict-origin-when-cross-origin
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains
Transfer-Encoding
chunked
X-Content-Type-Options
nosniff
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
X-Permitted-Cross-Domain-Policies
none
X-Request-Id
544ecbcc-63c5-42aa-8f8d-9c083a570123
X-Runtime
0.050689
X-XSS-Protection
1; mode=block

Redirect headers

Cache-Control
no-cache
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Date
Mon, 17 Jun 2024 13:40:41 GMT
Location
https://connectplus.travelleaders.com/download/desktop
Referrer-Policy
strict-origin-when-cross-origin
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains
Transfer-Encoding
chunked
X-Content-Type-Options
nosniff
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
X-Permitted-Cross-Domain-Policies
none
X-Request-Id
7cf21590-aadd-4c73-95d0-07c498ad6c6e
X-Runtime
0.018973
X-XSS-Protection
1; mode=block
materialdesignicons.min.css
cdn.mtrip.me/images/obt/fonts/ 		268 KB
41 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.mtrip.me/images/obt/fonts/materialdesignicons.min.css
Requested by
Host: connectplus.travelleaders.com
URL: https://connectplus.travelleaders.com/download/desktop
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-31.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9b9c9c2d93395ec8f6a7e8220ace8030af3cd8ce73ec9b67f57e4712b54432cb

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://connectplus.travelleaders.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 16:44:54 GMT
content-encoding
br
via
1.1 bc3ecf5f025b0be9b8c39c5dd2dace2e.cloudfront.net (CloudFront)
last-modified
Thu, 09 Jun 2022 10:05:41 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P6
age
1112148
etag
W/"b9d0fbe2aa96f2d1e6c69ecb7ae24b5e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=315360000
x-amz-cf-id
RvA8jLA09oYsgDuCjjG7ZyKSKlV_ZzoWccibZGE0Xjh635y3vbXTfw==
all.css
use.fontawesome.com/releases/v5.0.13/css/ 		40 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.0.13/css/all.css
Requested by
Host: connectplus.travelleaders.com
URL: https://connectplus.travelleaders.com/download/desktop
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:8ef5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43730866612149a27f49159d7c4f19185c8694bb91bf41abc884a6fe1346e96e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://connectplus.travelleaders.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 17 Jun 2024 13:40:41 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 22 Sep 2023 01:44:09 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2136039
etag
W/"d61bfe9b56c13ecff5313ee3abb45e8b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Vsd0CdNcehZ4NUvobbYBAfSGcF55KSBAvbKA9KgG7%2Fk5eTjKPkuTV%2BonlGl9hfHcC4sk%2B7G%2F1JgHiMbzm6IMtgMy2vRRNnxx7Uu8ocRpvLndwwu%2BwHhIJLckNEPvQkK5qYhqgR7xj3ztLdqR1V%2FzD3MZ"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31556926
cf-ray
895373f0de249b4b-FRA
alt-svc
h3=":443"; ma=86400
custom.css
cdn.mtrip.me/images/partners/travel_leaders/ 		1 KB
709 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.mtrip.me/images/partners/travel_leaders/custom.css
Requested by
Host: connectplus.travelleaders.com
URL: https://connectplus.travelleaders.com/download/desktop
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-31.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a6250fb8aed716b6406d78afa5c6da4e06349f596a9153f11541af41b6f46af6

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://connectplus.travelleaders.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 02 Jun 2024 19:50:59 GMT
content-encoding
br
via
1.1 bc3ecf5f025b0be9b8c39c5dd2dace2e.cloudfront.net (CloudFront)
last-modified
Thu, 09 Jun 2022 07:47:35 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P6
age
1273783
etag
W/"ad09026d59bc25b735b200c797171f7e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=5184000
x-amz-cf-id
JQmjzvcgB-S_TiwSpP_WN9gODkGBwPDBN7Qhk_B3M1b2TlIWhiyu7w==
loader.js
www.gstatic.com/charts/
Redirect Chain
  • https://www.google.com/jsapi
  • https://www.gstatic.com/charts/loader.js
61 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/charts/loader.js
Requested by
Host: connectplus.travelleaders.com
URL: https://connectplus.travelleaders.com/download/desktop
Protocol
H2
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
369ae154eab37b7ada7776b934833183bb053ebd1d0255f70ef8944f65cabb0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://connectplus.travelleaders.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 17 Jun 2024 12:58:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2506
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gviz
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18534
x-xss-protection
0
last-modified
Tue, 04 Apr 2023 17:52:30 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="gviz"
vary
Accept-Encoding, Origin
report-to
{"group":"gviz","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gviz"}]}
content-type
text/javascript
cache-control
public, max-age=3600
access-control-allow-credentials
true
accept-ranges
bytes
expires
Mon, 17 Jun 2024 13:58:55 GMT

Redirect headers

date
Mon, 17 Jun 2024 13:19:48 GMT
x-content-type-options
nosniff
server
sffe
age
1253
content-type
text/html; charset=UTF-8
location
https://www.gstatic.com/charts/loader.js
cache-control
public, max-age=1800
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
237
x-xss-protection
0
expires
Mon, 17 Jun 2024 13:49:48 GMT
js
maps.googleapis.com/maps/api/ 		259 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/js?key=AIzaSyDyzbTMzXi3n0UTQiq6nSNgheJHhPboV_w&language=de&libraries=places
Requested by
Host: connectplus.travelleaders.com
URL: https://connectplus.travelleaders.com/download/desktop
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
d7f4d2f6b75cfd20687c0729aa88868c0073c5ddb851942d835194e62ae8595b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://connectplus.travelleaders.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 17 Jun 2024 13:40:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
87067
x-xss-protection
0
login_full_bg.jpg
cdn.mtrip.me/images/partners/travel_leaders/ 		273 KB
273 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mtrip.me/images/partners/travel_leaders/login_full_bg.jpg
Requested by
Host: connectplus.travelleaders.com
URL: https://connectplus.travelleaders.com/download/desktop
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-31.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cdcbdf3662c16ba231b38ffcffed42b349cbc6e5c67f9818d6b65b174933e34a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://connectplus.travelleaders.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 03 Jun 2024 07:46:37 GMT
via
1.1 bc3ecf5f025b0be9b8c39c5dd2dace2e.cloudfront.net (CloudFront)
last-modified
Thu, 09 Jun 2022 07:47:35 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P6
age
1230844
etag
"e1f865a703e6be600246d0a215b0343e"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
content-length
279205
x-amz-cf-id
0zYGwLFUNskiVtuDri7SklScempNS_Gvpx_9fr9wbnNOljBS7DjiNQ==
home-logo.png
cdn.mtrip.me/images/partners/travel_leaders/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mtrip.me/images/partners/travel_leaders/home-logo.png
Requested by
Host: connectplus.travelleaders.com
URL: https://connectplus.travelleaders.com/download/desktop
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-31.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
66d081584b44c8f61d1c7888c1f628b48c3c49b5ee8055b8b0d52c03f8ee2eca

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://connectplus.travelleaders.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 07:34:18 GMT
via
1.1 bc3ecf5f025b0be9b8c39c5dd2dace2e.cloudfront.net (CloudFront)
last-modified
Thu, 09 Jun 2022 07:47:35 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P6
age
885983
etag
"0cfbff1d08514d218b5f92c4af565638"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=5184000
accept-ranges
bytes
content-length
17111
x-amz-cf-id
U2sIlruGi0B90hG-z64cgemTDc00hq4G_QDVssTmmxAbYu5UNJZK9A==
app-screenshot.png
js.mtrip.me/images/manage/ 		89 KB
90 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js.mtrip.me/images/manage/app-screenshot.png
Requested by
Host: connectplus.travelleaders.com
URL: https://connectplus.travelleaders.com/download/desktop
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.46.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-46-30.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
af6cee98150e4543852fbe5d439655cd85bbf327bbb78dd0cd6d2e4c2c9e3d70

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://connectplus.travelleaders.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 08 Jan 2024 17:12:20 GMT
via
1.1 5a2cb96a37aeca3f9626798c4e9dab28.cloudfront.net (CloudFront)
last-modified
Wed, 03 Jan 2024 23:27:02 GMT
server
nginx
x-amz-cf-pop
FRA56-P9
age
13897701
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
91304
x-amz-cf-id
0LhPcMF0FRtGVQ4XbjUcG7qCrsTCDAoX7pyq1B9fkhj3QKriE954uQ==
expires
Tue, 07 Jan 2025 17:12:20 GMT
download_desktop-5e0dd7705d90e2a66f99.js
d2jdnsw4w00rze.cloudfront.net/packs/js/home/ 		2 MB
442 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2jdnsw4w00rze.cloudfront.net/packs/js/home/download_desktop-5e0dd7705d90e2a66f99.js
Requested by
Host: connectplus.travelleaders.com
URL: https://connectplus.travelleaders.com/download/desktop
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26e8:5800:d:8053:6a80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
860392f430382e3056e6deb9da0acebdd089e440a5d465e074d2b04ca891d8b9

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://connectplus.travelleaders.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 17 Jun 2024 08:12:43 GMT
content-encoding
gzip
via
1.1 a2fcaa589cf2ad79b72da94df54baac6.cloudfront.net (CloudFront)
last-modified
Thu, 13 Jun 2024 17:33:21 GMT
server
nginx
x-amz-cf-pop
FRA56-P10
age
19678
etag
W/"666b2d61-21a0e0"
x-cache
Hit from cloudfront
content-type
application/x-javascript
x-amz-cf-id
V0A_rkuUtszzadiFjdcPIZf2ypznKho6oeKAC5jsz5taGzGW7f3ToA==
css
fonts.googleapis.com/ 		3 KB
941 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Rajdhani:400,500,700&display=swap
Requested by
Host: cdn.mtrip.me
URL: https://cdn.mtrip.me/images/partners/travel_leaders/custom.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
428a178f7c97e41002fb1cfffe438ce8d3e1fd523a4a8b25c772488f197eabb1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://cdn.mtrip.me/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Mon, 17 Jun 2024 13:40:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 17 Jun 2024 13:37:14 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 17 Jun 2024 13:40:41 GMT
gen_204
maps.googleapis.com/maps/api/mapsjs/ 		3 B
45 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyDyzbTMzXi3n0UTQiq6nSNgheJHhPboV_w&language=de&libraries=places
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f106.1e100.net
Software
scaffolding on HTTPServer2 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://connectplus.travelleaders.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 17 Jun 2024 13:40:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://connectplus.travelleaders.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23
x-xss-protection
0
favicon.ico
connectplus.travelleaders.com/ 		1 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://connectplus.travelleaders.com/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.129.37.85 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-174-129-37-85.compute-1.amazonaws.com
Software
nginx /
Resource Hash
68fb397769230b990f73fb12077317702bdfa5f83a3834d913019f30e7e75b41

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://connectplus.travelleaders.com/download/desktop
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Pragma
public
Date
Mon, 17 Jun 2024 13:40:42 GMT
Content-Encoding
gzip
Last-Modified
Thu, 13 Jun 2024 20:57:14 GMT
Server
nginx
ETag
W/"666b5d2a-47e"
Transfer-Encoding
chunked
Content-Type
image/x-icon
Cache-Control
max-age=315360000, public, must-revalidate, proxy-revalidate
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage object| google object| litHtmlVersions object| module$exports$mapsapi$geometry$spherical object| litElementVersions object| reactiveElementVersions object| module$contents$mapsapi$overlay$overlayView_OverlayView object| webpackJsonp function| setImmediate function| clearImmediate

3 Cookies

Domain/Path Name / Value
.app.link/ Name: _s
Value: vxpAOEM212TSnLc1DRDon9LBe4xzQ1J3qGcqpQuR%2FQrsHMTIv1w5DkE%2FuCk7ZR%2B%2B
.connectplus.travelleaders.com/ Name: mtrip_web_lang
Value: de
connectplus.travelleaders.com/ Name: _MTripV3_session
Value: UkJYaEFiVjFjRDIrRk9mWkR1ejdCWUxkcUxpL0l2QWt4UTFrMGZxYVFxM0RBdkwxc1N1R0tuRlgxOEFhaExkUEJCR0VGMW5zTG5kMXBheGNFWklDK1VGVHplUWY0UG55OFUyUTBZUlRqTEhYZkNhMHBPZ1lPQ0FaTmVadEhkTnotLWJuL3BXYVNyd2FwQUtiMTRRUEVhRUE9PQ%3D%3D--8b453805dc950a085933964bfbb2460c1a190cd0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block