www.fondtravels.com Open in urlscan Pro
174.138.184.42 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.fondtravels.com/blog
Submission: On September 14 via manual (September 14th 2022, 7:21:27 am UTC) from IN — Scanned from DE

Summary HTTP 56 Redirects Links 32 Behaviour Indicators

Summary

This website contacted 15 IPs in 4 countries across 11 domains to perform 56 HTTP transactions. The main IP is 174.138.184.42, located in United States and belongs to IS-AS-1, US. The main domain is www.fondtravels.com.
TLS certificate: Issued by R3 on August 8th 2022. Valid for: 3 months.

This is the only time www.fondtravels.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
7 35	174.138.184.42 174.138.184.42	19318 (IS-AS-1) (IS-AS-1)
3	2a00:1450:400... 2a00:1450:400e:802::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:802::200e	15169 (GOOGLE) (GOOGLE)
1 4	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 3	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:809::2004	15169 (GOOGLE) (GOOGLE)
2	2620:1ec:27::... 2620:1ec:27::cafe:1835	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	20.234.93.27 20.234.93.27	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	52.224.31.34 52.224.31.34	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
56	15

35 174.138.184.42 (United States) 7 redirects

ASN19318 (IS-AS-1, US)
PTR: plesk4000.is.cc

www.fondtravels.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400e:802::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.98 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:27::cafe:1835 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.234.93.27 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.224.31.34 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

h.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
35	fondtravels.com 7 redirects www.fondtravels.com	523 KB
5	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 787 c.clarity.ms — Cisco Umbrella Rank: 1178 h.clarity.ms — Cisco Umbrella Rank: 6789	26 KB
5	google.de www.google.de — Cisco Umbrella Rank: 3469	1 KB
4	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 664 c.bing.com — Cisco Umbrella Rank: 408	13 KB
3	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 188 googleads.g.doubleclick.net — Cisco Umbrella Rank: 73	2 KB
3	google.com region1.analytics.google.com — Cisco Umbrella Rank: 3915 www.google.com — Cisco Umbrella Rank: 19	1005 B
3	googleadservices.com 2 redirects www.googleadservices.com — Cisco Umbrella Rank: 159	16 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 120	2 KB
2	gstatic.com www.gstatic.com	22 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 94	20 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 141	144 KB
56	11

	Domain	Requested by
35	www.fondtravels.com	7 redirects www.fondtravels.com
5	www.google.de	www.fondtravels.com
3	www.googleadservices.com	2 redirects www.googletagmanager.com
3	bat.bing.com	www.googletagmanager.com bat.bing.com www.fondtravels.com
3	fonts.googleapis.com	www.fondtravels.com
2	c.clarity.ms	1 redirects
2	www.clarity.ms	bat.bing.com www.clarity.ms
2	www.google.com	www.fondtravels.com
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	www.gstatic.com	www.googletagmanager.com www.gstatic.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.googletagmanager.com	www.fondtravels.com www.googletagmanager.com
1	h.clarity.ms	www.clarity.ms
1	c.bing.com	1 redirects
1	googleads.g.doubleclick.net	www.googleadservices.com
1	region1.analytics.google.com	www.googletagmanager.com
56	16

This site contains links to these domains. Also see Links.

Domain
twitter.com
www.facebook.com
plus.google.com
pinterest.com
www.linkedin.com
www.instagram.com
www.pinterest.com
www.youtube.com
g.page

Subject Issuer	Validity	Valid
fondtravels.com R3	`2022-08-08` - `2022-11-06`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2022-09-03` - `2023-03-03`	6 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2022-02-27` - `2023-02-27`	a year	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 02	`2022-06-07` - `2023-06-02`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www.fondtravels.com/blog
Frame ID: 5395F25564D7E893EA0551D1D93BAF8B
Requests: 56 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Fondtravels Blog - Get Latest Flights And Destinations Deals

Detected technologies

Cart Functionality (Ecommerce) Expand

Overall confidence: 100%
Detected patterns

<a[^>]*href=[^>]*/Bag

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

56
Requests

82 %
HTTPS

73 %
IPv6

11
Domains

16
Subdomains

15
IPs

4
Countries

769 kB
Transfer

1517 kB
Size

17
Cookies

32 Outgoing links

These are links going to different origins than the main page.

URL: http://twitter.com/share?text=Cheap+Christmas+Flight+Deals&url=https://www.fondtravels.com/blog/interests/christmas-flight-deals
Title: Tweet

Search URL Search Domain Scan URL

URL: http://www.facebook.com/share.php?u=https://www.fondtravels.com/blog/interests/christmas-flight-deals
Title: Like

Search URL Search Domain Scan URL

URL: https://plus.google.com/share?url=https://www.fondtravels.com/blog/interests/christmas-flight-deals
Title: Plus

Search URL Search Domain Scan URL

URL: http://pinterest.com/pin/create/button/?url=https://www.fondtravels.com/blog/interests/christmas-flight-deals&media=https://www.fondtravels.com/Content/images/blog/christmas-flight-deals-5.jpg&description=Cheap%20Christmas%20Flight%20Deals
Title: Pin It

Search URL Search Domain Scan URL

URL: http://www.linkedin.com/shareArticle?mini=true&url=https://www.fondtravels.com/blog/interests/christmas-flight-deals&title=Cheap%20Christmas%20Flight%20Deals&summary=Are%20you%20eager%20to%20beautify%20the%20Christmas%20trees,%20decorate%20the%20halls%20and%20fill%20the%20stockings%20with%20presents?%20Unfortunately,%20when%20you%27re%20home%20for%20the%20Christmas%20holidays%20or%20going%20on%20a%20trip%20to%20a%20new%20destination,%20traveling%20during%20the%20holiday%20season%20can%20be%20cos...&source=https://www.fondtravels.com/blog
Title: Share

Search URL Search Domain Scan URL

URL: http://twitter.com/share?text=Business+Class+Flight+Deals&url=https://www.fondtravels.com/blog/interests/business-class-flight-deals
Title: Tweet

Search URL Search Domain Scan URL

URL: http://www.facebook.com/share.php?u=https://www.fondtravels.com/blog/interests/business-class-flight-deals
Title: Like

Search URL Search Domain Scan URL

URL: https://plus.google.com/share?url=https://www.fondtravels.com/blog/interests/business-class-flight-deals
Title: Plus

Search URL Search Domain Scan URL

URL: http://pinterest.com/pin/create/button/?url=https://www.fondtravels.com/blog/interests/business-class-flight-deals&media=https://www.fondtravels.com/Content/images/blog/business-class-flight-deals-5.jpg&description=Business%20Class%20Flight%20Deals
Title: Pin It

Search URL Search Domain Scan URL

URL: http://www.linkedin.com/shareArticle?mini=true&url=https://www.fondtravels.com/blog/interests/business-class-flight-deals&title=Business%20Class%20Flight%20Deals&summary=Are%20you%20looking%20for%20Business%20Class%20flights?%20You%20are%20in%20the%20right%20place.%20Fond%20Travels%20offers%20great%20Business%20Class%20airfares%20at%20incredible%20prices.%20You%20can%20travel%20Business%20Class%20with%20us%20without%20breaking%20the%20bank.%20Why%20travel%20Economy%20Class%20when%20you%20can%20get...&source=https://www.fondtravels.com/blog
Title: Share

Search URL Search Domain Scan URL

URL: http://twitter.com/share?text=Black+Friday+Flight+Deals&url=https://www.fondtravels.com/blog/interests/black-friday-flight-deals
Title: Tweet

Search URL Search Domain Scan URL

URL: http://www.facebook.com/share.php?u=https://www.fondtravels.com/blog/interests/black-friday-flight-deals
Title: Like

Search URL Search Domain Scan URL

URL: https://plus.google.com/share?url=https://www.fondtravels.com/blog/interests/black-friday-flight-deals
Title: Plus

Search URL Search Domain Scan URL

URL: http://pinterest.com/pin/create/button/?url=https://www.fondtravels.com/blog/interests/black-friday-flight-deals&media=https://www.fondtravels.com/Content/images/blog/black-friday-flight-deals-5.jpg&description=Black%20Friday%20Flight%20Deals
Title: Pin It

Search URL Search Domain Scan URL

URL: http://www.linkedin.com/shareArticle?mini=true&url=https://www.fondtravels.com/blog/interests/black-friday-flight-deals&title=Black%20Friday%20Flight%20Deals&summary=You%20can%20enjoy%20huge%20savings%20on%20flights%20by%20using%20Black%20Friday%20travel%20deals%20and%20offering%20coupons%20at%20Fond%20Travels.The%20Black%20Friday%20promo%20codes%20will%20be%20available%20on%2025th%20November%202022.%20There%20will%20be%20great%20bargains%20during%20the%20Cyber%20Monday/Black%20Friday%20wee...&source=https://www.fondtravels.com/blog
Title: Share

Search URL Search Domain Scan URL

URL: http://twitter.com/share?text=Introduction+to+Hajj+&+Its+Significance&url=https://www.fondtravels.com/blog/destinations/Introduction-to-hajj
Title: Tweet

Search URL Search Domain Scan URL

URL: http://www.facebook.com/share.php?u=https://www.fondtravels.com/blog/destinations/Introduction-to-hajj
Title: Like

Search URL Search Domain Scan URL

URL: https://plus.google.com/share?url=https://www.fondtravels.com/blog/destinations/Introduction-to-hajj
Title: Plus

Search URL Search Domain Scan URL

URL: http://pinterest.com/pin/create/button/?url=https://www.fondtravels.com/blog/destinations/Introduction-to-hajj%20&media=https://www.fondtravels.com/Content/images/blog/introduction-to-hajj%20-8.jpg&description=Introduction%20to%20Hajj%20&%20Its%20Significance
Title: Pin It

Search URL Search Domain Scan URL

URL: http://www.linkedin.com/shareArticle?mini=true&url=https://www.fondtravels.com/blog/destinations/Introduction-to-hajj%20&title=Introduction%20to%20Hajj%20&%20Its%20Significance&summary=Each%20Muslim%20dreams%20of%20taking%20part%20in%20Hajj,%20an%20incredible%20spiritual%20journey.%20While%20some%20rules%20must%20be%20observed,%20the%20essential%20aspect%20of%20Hajj%20involves%20performing%20the%20trip%20with%20the%20highest%20intentions.%20We%20have%20compiled%20a%20list%20of%20all%20the%20details%20about%20Haj...&source=https://www.fondtravels.com/blog
Title: Share

Search URL Search Domain Scan URL

URL: http://twitter.com/share?text=How+to+Talk+to+an+Actual+Person+at+Your+Airline?&url=https://www.fondtravels.com/blog/airlines-news/How-to-Talk-to-an-Actual-Person-at-Your-Airline
Title: Tweet

Search URL Search Domain Scan URL

URL: http://www.facebook.com/share.php?u=https://www.fondtravels.com/blog/airlines-news/How-to-Talk-to-an-Actual-Person-at-Your-Airline
Title: Like

Search URL Search Domain Scan URL

URL: https://plus.google.com/share?url=https://www.fondtravels.com/blog/airlines-news/How-to-Talk-to-an-Actual-Person-at-Your-Airline
Title: Plus

Search URL Search Domain Scan URL

URL: http://pinterest.com/pin/create/button/?url=https://www.fondtravels.com/blog/airlines-news/How-to-Talk-to-an-Actual-Person-at-Your-Airline&media=https://www.fondtravels.com/Content/images/blog/how-to-talk-to-an-actual-person-at-your-airline-7.jpg&description=How%20to%20Talk%20to%20an%20Actual%20Person%20at%20Your%20Airline?
Title: Pin It

Search URL Search Domain Scan URL

URL: http://www.linkedin.com/shareArticle?mini=true&url=https://www.fondtravels.com/blog/airlines-news/How-to-Talk-to-an-Actual-Person-at-Your-Airline&title=How%20to%20Talk%20to%20an%20Actual%20Person%20at%20Your%20Airline?&summary=Tourism%20in%20the%20US%20is%20experiencing%20a%20spur%20due%20to%20low-cost%20carriers,%20their%20affordable%20prices,%20and%20simple%20and%20easy%20policies.%20Thanks%20to%20the%20ability%20to%20talk%20to%20a%20live%20person%20at%20an%20airline,%20they%20benefit%20from%20their%20commendable%20and%20prompt%20services%20while%20flyi...&source=https://www.fondtravels.com/blog
Title: Share

Search URL Search Domain Scan URL

URL: https://www.facebook.com/FondTravels/

Search URL Search Domain Scan URL

URL: https://twitter.com/FondTravels

Search URL Search Domain Scan URL

URL: https://www.instagram.com/fondtravels/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/fond-travels/

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/fondtravels/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCZ9v4_a93jPg3PvrJv-ZlmQ

Search URL Search Domain Scan URL

URL: https://g.page/r/CeuPIBsHM0WHEAE
Title: Fond Travels LLC, 2700 Neabsco Common Pl Suite #101, Woodbridge, VA 22191, United States

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15

https://www.fondtravels.com/Content/images/blog/christmas-flight-deals-5_thumbnail.jpg HTTP 301
https://www.fondtravels.com/content/images/blog/christmas-flight-deals-5_thumbnail.jpg

Request Chain 16

https://www.fondtravels.com/Content/images/blog/business-class-flight-deals-5_thumbnail.jpg HTTP 301
https://www.fondtravels.com/content/images/blog/business-class-flight-deals-5_thumbnail.jpg

Request Chain 17

https://www.fondtravels.com/Content/images/blog/black-friday-flight-deals-5_thumbnail.jpg HTTP 301
https://www.fondtravels.com/content/images/blog/black-friday-flight-deals-5_thumbnail.jpg

Request Chain 18

https://www.fondtravels.com/Content/images/blog/introduction-to-hajj%20-8_thumbnail.jpg HTTP 301
https://www.fondtravels.com/content/images/blog/introduction-to-hajj%20-8_thumbnail.jpg

Request Chain 19

https://www.fondtravels.com/Content/images/blog/how-to-talk-to-an-actual-person-at-your-airline-7_thumbnail.jpg HTTP 301
https://www.fondtravels.com/content/images/blog/how-to-talk-to-an-actual-person-at-your-airline-7_thumbnail.jpg

Request Chain 23

https://www.fondtravels.com/Content/js/global.js HTTP 301
https://www.fondtravels.com/content/js/global.js

Request Chain 29

https://www.fondtravels.com/Content/images/search-widget-arrow.svg HTTP 301
https://www.fondtravels.com/content/images/search-widget-arrow.svg

Request Chain 43

https://www.googleadservices.com/pagead/conversion/608859459/wcm?cc=ZZ&dn=18882700071&cl=91IxCIfFjN4BEMPqqaIC&ct_eid=2 HTTP 302
https://www.google.de/pagead/attribution/wcm?cc=ZZ&dn=18882700071&cl=91IxCIfFjN4BEMPqqaIC

Request Chain 48

https://www.googleadservices.com/pagead/conversion/608859459/wcm?cc=ZZ&dn=18882700071&cl=fNOxCMCE1P0BEMPqqaIC&ct_eid=2 HTTP 302
https://www.google.de/pagead/attribution/wcm?cc=ZZ&dn=18882700071&cl=fNOxCMCE1P0BEMPqqaIC

Request Chain 53

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?CtsSyncId=04F811268020453AA60394C2430218E5&RedC=c.clarity.ms&MXFR=15591FE772536C101A270DF876536295 HTTP 302
https://c.clarity.ms/c.gif?CtsSyncId=04F811268020453AA60394C2430218E5&MUID=21D65B89E8A2660B288C4996E90E6713

56 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request blog Show response
www.fondtravels.com/ 51 KB
13 KB 488ms
174ms Document
text/html 174.138.184.42
IS-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fondtravels.com/blog
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 174.138.184.42 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS: plesk4000.is.cc
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 7d4289838bb3f128fc0dfeaa7da57a098b0d0557d86d2568bb3ff17abd0cc70f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private
content-encoding: br
content-length: 12920
content-type: text/html; charset=utf-8
date: Wed, 14 Sep 2022 07:21:21 GMT
server: Microsoft-IIS/10.0
vary: Accept-Encoding
x-aspnet-version: 4.0.30319
x-aspnetmvc-version: 5.0
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin

GET
H2 200 layout.css
www.fondtravels.com/content/css/ 48 KB
18 KB 210ms
207ms Stylesheet
text/css 174.138.184.42
IS-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fondtravels.com/content/css/layout.css
Requested by: Host: www.fondtravels.com
URL: https://www.fondtravels.com/blog
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 174.138.184.42 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS: plesk4000.is.cc
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 6d7c6c10049c5b655d3cd48030eb9729c6fbfbd239483f1336e200174678da81

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fondtravels.com/blog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-powered-by-plesk: PleskWin
date: Wed, 14 Sep 2022 07:21:21 GMT
content-encoding: br
last-modified: Fri, 19 Aug 2022 12:15:54 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "b974d86dc5b3d81:0"
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 17968

GET
H2 200 font-awesome-all.css
www.fondtravels.com/content/css/ 50 KB
15 KB 109ms
105ms Stylesheet
text/css 174.138.184.42
IS-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fondtravels.com/content/css/font-awesome-all.css
Requested by: Host: www.fondtravels.com
URL: https://www.fondtravels.com/blog
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 174.138.184.42 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS: plesk4000.is.cc
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: fec78c62dcab2009edc1f9c4937937589e4459c8405205ff67146898b16bf391

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fondtravels.com/blog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-powered-by-plesk: PleskWin
date: Wed, 14 Sep 2022 07:21:21 GMT
content-encoding: br
last-modified: Thu, 16 Dec 2021 02:58:22 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "0db43c928f2d71:0"
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 15163

GET
H2 200 cal.css
www.fondtravels.com/content/js/cal/ 7 KB
2 KB 114ms
110ms Stylesheet
text/css 174.138.184.42
IS-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fondtravels.com/content/js/cal/cal.css
Requested by: Host: www.fondtravels.com
URL: https://www.fondtravels.com/blog
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 174.138.184.42 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS: plesk4000.is.cc
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 56495ecf3817730b0a1a536db07289865c0cbe453e888ee1982c9b4d3cb5c28c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fondtravels.com/blog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-powered-by-plesk: PleskWin
date: Wed, 14 Sep 2022 07:21:21 GMT
content-encoding: br
last-modified: Mon, 07 Feb 2022 23:32:08 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "0cc17ec7a1cd81:0"
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 2333

GET
H2 200 jquery-ui.css
www.fondtravels.com/content/css/ 36 KB
12 KB 208ms
204ms Stylesheet
text/css 174.138.184.42
IS-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fondtravels.com/content/css/jquery-ui.css
Requested by: Host: www.fondtravels.com
URL: https://www.fondtravels.com/blog
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 174.138.184.42 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS: plesk4000.is.cc
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: afbb6cb395366291ddd76bca52959b325facb62091f6e731ec413e46ba879265

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fondtravels.com/blog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-powered-by-plesk: PleskWin
date: Wed, 14 Sep 2022 07:21:21 GMT
content-encoding: br
last-modified: Mon, 07 Feb 2022 20:39:16 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "032e6c5621cd81:0"
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 11809

GET
H2 200 search-form.css
www.fondtravels.com/content/css/ 9 KB
3 KB 208ms
205ms Stylesheet
text/css 174.138.184.42
IS-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fondtravels.com/content/css/search-form.css
Requested by: Host: www.fondtravels.com
URL: https://www.fondtravels.com/blog
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 174.138.184.42 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS: plesk4000.is.cc
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 238c2f1e37504c5a2bf29452f42c57c84e8bb202d8a6ee3579c47416de21c78b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fondtravels.com/blog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-powered-by-plesk: PleskWin
date: Wed, 14 Sep 2022 07:21:21 GMT
content-encoding: br
last-modified: Mon, 27 Jun 2022 05:35:42 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "5f542bee789d81:0"
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 3224

GET
H2 200 listing.css
www.fondtravels.com/content/css/ 24 KB
8 KB 227ms
224ms Stylesheet
text/css 174.138.184.42
IS-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fondtravels.com/content/css/listing.css
Requested by: Host: www.fondtravels.com
URL: https://www.fondtravels.com/blog
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 174.138.184.42 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS: plesk4000.is.cc
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 27714fc9f6c28c2e573cf279c79a5ba70f7bf7cd5a59753c363c29589c195686

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fondtravels.com/blog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-powered-by-plesk: PleskWin
date: Wed, 14 Sep 2022 07:21:21 GMT
content-encoding: br
last-modified: Wed, 29 Jun 2022 11:25:15 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "9b9cebe7aa8bd81:0"
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 8033

GET
H2 200 pop-up.css
www.fondtravels.com/content/css/ 5 KB
2 KB 119ms
117ms Stylesheet
text/css 174.138.184.42
IS-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fondtravels.com/content/css/pop-up.css
Requested by: Host: www.fondtravels.com
URL: https://www.fondtravels.com/blog
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 174.138.184.42 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS: plesk4000.is.cc
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 934e21c41e6e8b7a881b956779c4bac3a3ce0788f37265759121866e0559633b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fondtravels.com/blog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-powered-by-plesk: PleskWin
date: Wed, 14 Sep 2022 07:21:21 GMT
content-encoding: br
last-modified: Fri, 28 Jan 2022 05:09:34 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "0fb1a3d514d81:0"
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 2074

GET
H2 200 payment.css
www.fondtravels.com/content/css/ 14 KB
5 KB 114ms
111ms Stylesheet
text/css 174.138.184.42
IS-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fondtravels.com/content/css/payment.css
Requested by: Host: www.fondtravels.com
URL: https://www.fondtravels.com/blog
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 174.138.184.42 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS: plesk4000.is.cc
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e0668425c8347a9b328e4985beb20aa737f2615b9dc989a5a3e92d3712279cf2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fondtravels.com/blog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-powered-by-plesk: PleskWin
date: Wed, 14 Sep 2022 07:21:21 GMT
content-encoding: br
last-modified: Tue, 28 Jun 2022 09:52:45 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "7f543ad1d48ad81:0"
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 5216

GET
H2 200 flight-layout-new.css
www.fondtravels.com/content/css/ 54 KB
17 KB 213ms
211ms Stylesheet
text/css 174.138.184.42
IS-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fondtravels.com/content/css/flight-layout-new.css
Requested by: Host: www.fondtravels.com
URL: https://www.fondtravels.com/blog
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 174.138.184.42 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS: plesk4000.is.cc
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 27079022f89c5056199b8d2af279301e5f26a5e44c95a063c25beaae78c1ea85

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fondtravels.com/blog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-powered-by-plesk: PleskWin
date: Wed, 14 Sep 2022 07:21:21 GMT
content-encoding: br
last-modified: Mon, 29 Aug 2022 07:16:24 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "a01a253f77bbd81:0"
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 17804

GET
H2 200 blog.css
www.fondtravels.com/content/css/ 20 KB
6 KB 307ms
305ms Stylesheet
text/css 174.138.184.42
IS-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fondtravels.com/content/css/blog.css
Requested by: Host: www.fondtravels.com
URL: https://www.fondtravels.com/blog
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 174.138.184.42 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS: plesk4000.is.cc
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e6a96efaedb59172a57813a527bc1a59827cb79801119780668ba3ff43bad706

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fondtravels.com/blog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-powered-by-plesk: PleskWin
date: Wed, 14 Sep 2022 07:21:21 GMT
content-encoding: br
last-modified: Mon, 29 Aug 2022 07:11:50 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "368acc9b76bbd81:0"
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 6529

GET
H2 200 menu.css
www.fondtravels.com/content/css/ 8 KB
2 KB 308ms
306ms Stylesheet
text/css 174.138.184.42
IS-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fondtravels.com/content/css/menu.css
Requested by: Host: www.fondtravels.com
URL: https://www.fondtravels.com/blog
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 174.138.184.42 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS: plesk4000.is.cc
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: d32f8d75a0ab3d7451c7a8b713d5f4df9d110e519ab63387a385fa012b38750b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fondtravels.com/blog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-powered-by-plesk: PleskWin
date: Wed, 14 Sep 2022 07:21:21 GMT
content-encoding: br
last-modified: Mon, 07 Feb 2022 20:42:46 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "0a71143631cd81:0"
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 2186

GET
H2 200 resp.css
www.fondtravels.com/content/css/ 55 KB
19 KB 306ms
304ms Stylesheet
text/css 174.138.184.42
IS-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fondtravels.com/content/css/resp.css
Requested by: Host: www.fondtravels.com
URL: https://www.fondtravels.com/blog
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 174.138.184.42 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS: plesk4000.is.cc
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 4cc1532b9a20778513bc51e0ef6f350d9bca19e8118cd572bf6b41d357bd30dc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fondtravels.com/blog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-powered-by-plesk: PleskWin
date: Wed, 14 Sep 2022 07:21:21 GMT
content-encoding: br
last-modified: Mon, 29 Aug 2022 07:10:40 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "697d1c7276bbd81:0"
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 19113

GET
H2 200 css
fonts.googleapis.com/ 2 KB
1 KB 92ms
34ms Stylesheet
text/css 2a00:1450:400e:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald&display=swap

Requested by

Host: www.fondtravels.com
URL: https://www.fondtravels.com/blog

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:802::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

710eaf5de9e92f3e678aaa8c5789dc4fd9a7537ba964c94041f28f415f6adc7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fondtravels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 14 Sep 2022 06:36:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 14 Sep 2022 07:21:21 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 14 Sep 2022 07:21:21 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
716 B 93ms
35ms Stylesheet
text/css 2a00:1450:400e:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans&display=swap

Requested by

Host: www.fondtravels.com
URL: https://www.fondtravels.com/blog

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:802::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cd9216308f7433d319f912cfc029861f0176f0d0af13c57338d291f757fb01de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fondtravels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 14 Sep 2022 06:19:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 14 Sep 2022 07:21:21 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 14 Sep 2022 07:21:21 GMT

GET
H2 200 logo.png
www.fondtravels.com/content/images/ 4 KB
4 KB 117ms
116ms Image
image/png 174.138.184.42
IS-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.fondtravels.com/content/images/logo.png
Requested by: Host: www.fondtravels.com
URL: https://www.fondtravels.com/blog
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 174.138.184.42 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS: plesk4000.is.cc
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 4cfff9436d0e6711008984b4f417585291588e9d17be64fe2c4b0e0b8f15c3fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fondtravels.com/blog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-powered-by-plesk: PleskWin
date: Wed, 14 Sep 2022 07:21:21 GMT
last-modified: Fri, 29 Jul 2022 08:03:16 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "328154a821a3d81:0"
content-type: image/png
accept-ranges: bytes
content-length: 4069

GET
H2

200

christmas-flight-deals-5_thumbnail.jpg
www.fondtravels.com/content/images/blog/
Redirect Chain

https://www.fondtravels.com/Content/images/blog/christmas-flight-deals-5_thumbnail.jpg
https://www.fondtravels.com/content/images/blog/christmas-flight-deals-5_thumbnail.jpg

32 KB
32 KB

126ms
125ms

Image
image/jpeg

174.138.184.42
IS-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.fondtravels.com/content/images/blog/christmas-flight-deals-5_thumbnail.jpg
Requested by: Host: www.fondtravels.com
URL: https://www.fondtravels.com/blog
Protocol: H2
Server: 174.138.184.42 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS: plesk4000.is.cc
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: ce2837cc6c2b3457814305217836b8c6160e7f5b8d684af9ff35b4efdb59e9e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fondtravels.com/blog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-powered-by-plesk: PleskWin
date: Wed, 14 Sep 2022 07:21:21 GMT
last-modified: Fri, 05 Aug 2022 12:39:33 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "81db86ac8a8d81:0"
content-type: image/jpeg
accept-ranges: bytes
content-length: 32648

Redirect headers

location: https://www.fondtravels.com/content/images/blog/christmas-flight-deals-5_thumbnail.jpg
date: Wed, 14 Sep 2022 07:21:21 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
content-length: 209
x-powered-by-plesk: PleskWin
content-type: text/html; charset=UTF-8

GET
H2

200

business-class-flight-deals-5_thumbnail.jpg
www.fondtravels.com/content/images/blog/
Redirect Chain

https://www.fondtravels.com/Content/images/blog/business-class-flight-deals-5_thumbnail.jpg
https://www.fondtravels.com/content/images/blog/business-class-flight-deals-5_thumbnail.jpg

29 KB
29 KB

147ms
146ms

Image
image/jpeg

174.138.184.42
IS-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.fondtravels.com/content/images/blog/business-class-flight-deals-5_thumbnail.jpg
Requested by: Host: www.fondtravels.com
URL: https://www.fondtravels.com/blog
Protocol: H2
Server: 174.138.184.42 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS: plesk4000.is.cc
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 8d2ea093b5e476ddba1b9c317431a87717bfa8e67b5322aaae85db2830d01fd2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fondtravels.com/blog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-powered-by-plesk: PleskWin
date: Wed, 14 Sep 2022 07:21:21 GMT
last-modified: Wed, 03 Aug 2022 07:23:19 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "8d226e89a7d81:0"
content-type: image/jpeg
accept-ranges: bytes
content-length: 29906

Redirect headers

location: https://www.fondtravels.com/content/images/blog/business-class-flight-deals-5_thumbnail.jpg
date: Wed, 14 Sep 2022 07:21:21 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
content-length: 214
x-powered-by-plesk: PleskWin
content-type: text/html; charset=UTF-8

GET
H2

200

black-friday-flight-deals-5_thumbnail.jpg
www.fondtravels.com/content/images/blog/
Redirect Chain

https://www.fondtravels.com/Content/images/blog/black-friday-flight-deals-5_thumbnail.jpg
https://www.fondtravels.com/content/images/blog/black-friday-flight-deals-5_thumbnail.jpg

28 KB
28 KB

111ms
111ms

Image
image/jpeg

174.138.184.42
IS-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.fondtravels.com/content/images/blog/black-friday-flight-deals-5_thumbnail.jpg
Requested by: Host: www.fondtravels.com
URL: https://www.fondtravels.com/blog
Protocol: H2
Server: 174.138.184.42 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS: plesk4000.is.cc
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e4b88458c7a8d32d1fbf0f46ace88b18fbe25f45d11ed4ab41b9fa74f65e2a8b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fondtravels.com/blog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-powered-by-plesk: PleskWin
date: Wed, 14 Sep 2022 07:21:21 GMT
last-modified: Wed, 03 Aug 2022 07:21:46 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "dc8f72b09a7d81:0"
content-type: image/jpeg
accept-ranges: bytes
content-length: 28179

Redirect headers

location: https://www.fondtravels.com/content/images/blog/black-friday-flight-deals-5_thumbnail.jpg
date: Wed, 14 Sep 2022 07:21:21 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
content-length: 212
x-powered-by-plesk: PleskWin
content-type: text/html; charset=UTF-8

GET
H2

200

introduction-to-hajj%20-8_thumbnail.jpg
www.fondtravels.com/content/images/blog/
Redirect Chain

https://www.fondtravels.com/Content/images/blog/introduction-to-hajj%20-8_thumbnail.jpg
https://www.fondtravels.com/content/images/blog/introduction-to-hajj%20-8_thumbnail.jpg

63 KB
63 KB

139ms
138ms

Image
image/jpeg

174.138.184.42
IS-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.fondtravels.com/content/images/blog/introduction-to-hajj%20-8_thumbnail.jpg
Requested by: Host: www.fondtravels.com
URL: https://www.fondtravels.com/blog
Protocol: H2
Server: 174.138.184.42 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS: plesk4000.is.cc
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 77398cde30a9f0461bb7fdf945dc1298835467896a6df05fbe92c7b82a851414

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fondtravels.com/blog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-powered-by-plesk: PleskWin
date: Wed, 14 Sep 2022 07:21:21 GMT
last-modified: Fri, 15 Jul 2022 13:41:37 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "65e7389b5098d81:0"
content-type: image/jpeg
accept-ranges: bytes
content-length: 64189

Redirect headers

location: https://www.fondtravels.com/content/images/blog/introduction-to-hajj -8_thumbnail.jpg
date: Wed, 14 Sep 2022 07:21:21 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
content-length: 208
x-powered-by-plesk: PleskWin
content-type: text/html; charset=UTF-8

GET
H2

200

how-to-talk-to-an-actual-person-at-your-airline-7_thumbnail.jpg
www.fondtravels.com/content/images/blog/
Redirect Chain

https://www.fondtravels.com/Content/images/blog/how-to-talk-to-an-actual-person-at-your-airline-7_thumbnail.jpg
https://www.fondtravels.com/content/images/blog/how-to-talk-to-an-actual-person-at-your-airline-7_thumbnail.jpg

28 KB
28 KB

128ms
128ms

Image
image/jpeg

174.138.184.42
IS-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.fondtravels.com/content/images/blog/how-to-talk-to-an-actual-person-at-your-airline-7_thumbnail.jpg
Requested by: Host: www.fondtravels.com
URL: https://www.fondtravels.com/blog
Protocol: H2
Server: 174.138.184.42 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS: plesk4000.is.cc
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 6cc828659ea1ac1d30dad84274d33b092fc22c3e7f2e4eb668a6a164e9b1dbdc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fondtravels.com/blog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-powered-by-plesk: PleskWin
date: Wed, 14 Sep 2022 07:21:21 GMT
last-modified: Fri, 08 Jul 2022 06:18:55 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "d9f49a9292d81:0"
content-type: image/jpeg
accept-ranges: bytes
content-length: 28667

Redirect headers

location: https://www.fondtravels.com/content/images/blog/how-to-talk-to-an-actual-person-at-your-airline-7_thumbnail.jpg
date: Wed, 14 Sep 2022 07:21:21 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
content-length: 234
x-powered-by-plesk: PleskWin
content-type: text/html; charset=UTF-8

GET
H2 200 webdl.jpg
www.fondtravels.com/content/images/ft-logo/ 12 KB
12 KB 135ms
134ms Image
image/jpeg 174.138.184.42
IS-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.fondtravels.com/content/images/ft-logo/webdl.jpg
Requested by: Host: www.fondtravels.com
URL: https://www.fondtravels.com/blog
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 174.138.184.42 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS: plesk4000.is.cc
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: c3667b501a37f9991db244ec52243c967328ef59808124b0474a800452674836

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fondtravels.com/blog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-powered-by-plesk: PleskWin
date: Wed, 14 Sep 2022 07:21:21 GMT
last-modified: Mon, 07 Feb 2022 21:19:52 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "04cde71681cd81:0"
content-type: image/jpeg
accept-ranges: bytes
content-length: 12276

GET
H2 200 loading.gif
www.fondtravels.com/content/images/loader/ 3 KB
3 KB 142ms
141ms Image
image/gif 174.138.184.42
IS-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.fondtravels.com/content/images/loader/loading.gif
Requested by: Host: www.fondtravels.com
URL: https://www.fondtravels.com/blog
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 174.138.184.42 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS: plesk4000.is.cc
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: d924d966d44cf7973b34c92c74dc68237fec423d578f2c9497eaa0790900d71e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fondtravels.com/blog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-powered-by-plesk: PleskWin
date: Wed, 14 Sep 2022 07:21:21 GMT
last-modified: Thu, 16 Dec 2021 03:01:30 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "061523929f2d71:0"
content-type: image/gif
accept-ranges: bytes
content-length: 3279

GET
H2 200 jquery.js Show response
www.fondtravels.com/content/js/ 94 KB
47 KB 115ms
114ms Script
application/javascript 174.138.184.42
IS-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fondtravels.com/content/js/jquery.js
Requested by: Host: www.fondtravels.com
URL: https://www.fondtravels.com/blog
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 174.138.184.42 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS: plesk4000.is.cc
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 746e54e89161118a67bd59103c4ab55e3060735cc85c1d047c2cf04d4b12043d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fondtravels.com/blog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-powered-by-plesk: PleskWin
date: Wed, 14 Sep 2022 07:21:21 GMT
content-encoding: br
last-modified: Wed, 24 Aug 2022 16:53:32 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "f7986cbdab7d81:0"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 48488

GET
H2

200

global.js Show response
www.fondtravels.com/content/js/
Redirect Chain

https://www.fondtravels.com/Content/js/global.js
https://www.fondtravels.com/content/js/global.js

46 KB
8 KB

161ms
161ms

Script
application/javascript

174.138.184.42
IS-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fondtravels.com/content/js/global.js
Requested by: Host: www.fondtravels.com
URL: https://www.fondtravels.com/blog
Protocol: H2
Server: 174.138.184.42 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS: plesk4000.is.cc
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 4a79cf4c374cc037c52da20858f7716a73c970a44240da65765a83f0db1cb5d0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fondtravels.com/blog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-powered-by-plesk: PleskWin
date: Wed, 14 Sep 2022 07:21:21 GMT
content-encoding: br
last-modified: Tue, 09 Aug 2022 12:12:11 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "80dfc740e9abd81:0"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 7909

Redirect headers

location: https://www.fondtravels.com/content/js/global.js
date: Wed, 14 Sep 2022 07:21:21 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
content-length: 171
x-powered-by-plesk: PleskWin
content-type: text/html; charset=UTF-8

GET
H2 200 css
fonts.googleapis.com/ 3 KB
645 B 34ms
33ms Stylesheet
text/css 2a00:1450:400e:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:400,700

Requested by

Host: www.fondtravels.com
URL: https://www.fondtravels.com/content/css/menu.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:802::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2604b45b39193f2405a1a4b4f93b2d769fb6a67c8f1d0b097343e540c7911ec1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fondtravels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 14 Sep 2022 06:20:07 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 14 Sep 2022 07:21:22 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 14 Sep 2022 07:21:22 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 192 KB
70 KB 92ms
39ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MN9BLV4

Requested by

Host: www.fondtravels.com
URL: https://www.fondtravels.com/blog

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

116670045b21cd3476142203f8b862350d072868a3577b17d7a5f41001eddef9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fondtravels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:21:22 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 71507
x-xss-protection: 0
last-modified: Wed, 14 Sep 2022 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 14 Sep 2022 07:21:22 GMT

GET
H2 200 call-center-icon.svg
www.fondtravels.com/content/images/ 2 KB
2 KB 144ms
143ms Image
image/svg+xml 174.138.184.42
IS-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.fondtravels.com/content/images/call-center-icon.svg
Requested by: Host: www.fondtravels.com
URL: https://www.fondtravels.com/content/css/flight-layout-new.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 174.138.184.42 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS: plesk4000.is.cc
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: dee528499e901b6008deb429aa4eaab36da68bc7519c1945b0654a48b4600f17

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fondtravels.com/content/css/flight-layout-new.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-powered-by-plesk: PleskWin
date: Wed, 14 Sep 2022 07:21:21 GMT
last-modified: Fri, 29 Jul 2022 08:02:49 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "3f20999821a3d81:0"
content-type: image/svg+xml
accept-ranges: bytes
content-length: 2228

GET
H2 200 fa-solid-900.woff2
www.fondtravels.com/content/fonts/ 72 KB
72 KB 131ms
130ms Font
application/font-woff 174.138.184.42
IS-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fondtravels.com/content/fonts/fa-solid-900.woff2
Requested by: Host: www.fondtravels.com
URL: https://www.fondtravels.com/content/css/font-awesome-all.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 174.138.184.42 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS: plesk4000.is.cc
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 7798165ee5a3c6809310d8261dcbe7c8d0c12d795b7b09a71af3eb86ec8f33f2

Request headers

Referer: https://www.fondtravels.com/content/css/font-awesome-all.css
Origin: https://www.fondtravels.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-powered-by-plesk: PleskWin
date: Wed, 14 Sep 2022 07:21:21 GMT
last-modified: Thu, 16 Dec 2021 02:58:26 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "035a6cb28f2d71:0"
content-type: application/font-woff
accept-ranges: bytes
content-length: 73852

GET
H2 200 fa-brands-400.woff2
www.fondtravels.com/content/fonts/ 68 KB
68 KB 157ms
157ms Font
application/font-woff 174.138.184.42
IS-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fondtravels.com/content/fonts/fa-brands-400.woff2
Requested by: Host: www.fondtravels.com
URL: https://www.fondtravels.com/content/css/font-awesome-all.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 174.138.184.42 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS: plesk4000.is.cc
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 05dbc51654b96590d176c27efbcef2cf4ac0497499a9f28b731b73eea399070c

Request headers

Referer: https://www.fondtravels.com/content/css/font-awesome-all.css
Origin: https://www.fondtravels.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-powered-by-plesk: PleskWin
date: Wed, 14 Sep 2022 07:21:21 GMT
last-modified: Thu, 16 Dec 2021 02:58:26 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "035a6cb28f2d71:0"
content-type: application/font-woff
accept-ranges: bytes
content-length: 69608

GET
H2

200

search-widget-arrow.svg
www.fondtravels.com/content/images/
Redirect Chain

https://www.fondtravels.com/Content/images/search-widget-arrow.svg
https://www.fondtravels.com/content/images/search-widget-arrow.svg

1 KB
1 KB

466ms
466ms

Image
image/svg+xml

174.138.184.42
IS-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.fondtravels.com/content/images/search-widget-arrow.svg
Requested by: Host: www.fondtravels.com
URL: https://www.fondtravels.com/content/css/flight-layout-new.css
Protocol: H2
Server: 174.138.184.42 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS: plesk4000.is.cc
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: ac9b16f82bf2d916c0134918c2e6c03d24860f390b7df6e59f04d2261757f77c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fondtravels.com/content/css/flight-layout-new.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-powered-by-plesk: PleskWin
date: Wed, 14 Sep 2022 07:21:21 GMT
last-modified: Wed, 03 Aug 2022 11:32:15 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "949b31ae2ca7d81:0"
content-type: image/svg+xml
accept-ranges: bytes
content-length: 1179

Redirect headers

location: https://www.fondtravels.com/content/images/search-widget-arrow.svg
date: Wed, 14 Sep 2022 07:21:21 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
content-length: 189
x-powered-by-plesk: PleskWin
content-type: text/html; charset=UTF-8

GET
H2 200 scrl-top.png
www.fondtravels.com/content/images/ 2 KB
2 KB 171ms
171ms Image
image/png 174.138.184.42
IS-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.fondtravels.com/content/images/scrl-top.png
Requested by: Host: www.fondtravels.com
URL: https://www.fondtravels.com/content/css/layout.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 174.138.184.42 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS: plesk4000.is.cc
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 1996d75527286f0a4d109fb44ea330240ef4aa0d339ce2846bcaa24245c686ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fondtravels.com/content/css/layout.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-powered-by-plesk: PleskWin
date: Wed, 14 Sep 2022 07:21:21 GMT
last-modified: Thu, 16 Dec 2021 02:59:02 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "05f1be128f2d71:0"
content-type: image/png
accept-ranges: bytes
content-length: 1689

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 69ms
20ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MN9BLV4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fondtravels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 324
date: Wed, 14 Sep 2022 07:15:58 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 14 Sep 2022 09:15:58 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 112ms
46ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MN9BLV4

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fondtravels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Thu, 28 Jul 2022 17:32:37 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D32E9C87AC6A4AA4A56718A9AE652D68 Ref B: FRA31EDGE0118 Ref C: 2022-09-14T07:21:22Z
etag: "80a8697a8a2d81:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
date: Wed, 14 Sep 2022 07:21:21 GMT
accept-ranges: bytes
content-length: 11367

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 41 KB
16 KB 147ms
93ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MN9BLV4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

f6200e00f9bcf9a324c8c1a046c6bc624ebcaf1379faf13e4d76ae56ea0d1a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fondtravels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:21:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15690
x-xss-protection: 0
server: cafe
etag: 13194339052015637803
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 14 Sep 2022 07:21:22 GMT

GET
H2 200 loader.js Show response
www.gstatic.com/wcm/ 3 KB
2 KB 71ms
22ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/wcm/loader.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MN9BLV4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9f959aaad80347edc26ed8279c6a68c098efc76876ac2e2f8ccc54b118f197f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fondtravels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:15:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 356
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
last-modified: Mon, 15 Mar 2021 16:45:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 14 Sep 2022 08:15:26 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 210 KB
73 KB 90ms
44ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-CLYX5GMY8H&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MN9BLV4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3523abb94b6f006af6929c859ea9d2e4f992fbb8e307ae9a28e8d9ea7e81a61a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fondtravels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:21:22 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 74998
x-xss-protection: 0
expires: Wed, 14 Sep 2022 07:21:22 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 120ms
78ms XHR
text/plain 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=83802432&t=pageview&_s=1&dl=https%3A%2F%2Fwww.fondtravels.com%2Fblog&ul=en-us&de=UTF-8&dt=Fondtravels%20Blog%20-%20Get%20Latest%20Flights%20And%20Destinations%20Deals&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=272320031&gjid=2014255577&cid=36376325.1663140082&tid=UA-121888560-2&_gid=422599828.1663140082&_r=1&gtm=2wg9c0MN9BLV4&z=693278932

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.fondtravels.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 14 Sep 2022 07:21:22 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.fondtravels.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 call-tracking_7.js Show response
www.gstatic.com/call-tracking/ 54 KB
21 KB 67ms
25ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/call-tracking/call-tracking_7.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/wcm/loader.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff2fde453aa6220144126828a284d4cc227479f1fe83beef3a6b6a4504c7e4df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fondtravels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 11:22:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 417535
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-telephony
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21020
x-xss-protection: 0
last-modified: Wed, 03 Feb 2021 22:45:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-telephony"
vary: Accept-Encoding
report-to: {"group":"ads-telephony","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-telephony"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 09 Sep 2023 11:22:27 GMT

GET
H2 200 56017612.js Show response
bat.bing.com/p/action/ 1 KB
844 B 220ms
219ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/56017612.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

39781f16143e6332e18d3cbee847cf387655cd427c632b874cee189987d22e53

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fondtravels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 6524AEF64E2E42A7A544D564887204F5 Ref B: FRA31EDGE0118 Ref C: 2022-09-14T07:21:22Z
date: Wed, 14 Sep 2022 07:21:21 GMT
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private,max-age=60
content-length: 667

GET
H2 204 0
bat.bing.com/action/ 0
175 B 51ms
50ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=56017612&tm=gtm002&Ver=2&mid=52ce8c4c-aeda-4938-b8f5-106dae9aa121&sid=d5c457a033fd11edb3f08da5445fad63&vid=d5c48b6033fd11ed90f813059b8821da&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Fondtravels%20Blog%20-%20Get%20Latest%20Flights%20And%20Destinations%20Deals&kw=Fondtravels%20Blog,%20Flights%20to,%20Flights%20from,%20Cheapest%20Flights%20To,%20Cheapest%20flights%20from,%20cheap%20flights%20to,%20cheap%20flights%20from&p=https%3A%2F%2Fwww.fondtravels.com%2Fblog&r=&lt=1098&evt=pageLoad&sv=1&rn=536778

Requested by

Host: www.fondtravels.com
URL: https://www.fondtravels.com/blog

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fondtravels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A03B83F611D844B09548427708D42852 Ref B: FRA31EDGE0118 Ref C: 2022-09-14T07:21:22Z
date: Wed, 14 Sep 2022 07:21:21 GMT
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
350 B 398ms
98ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-CLYX5GMY8H&gtm=2oe9c0&_p=83802432&_gaz=1&cid=36376325.1663140082&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=1&sid=1663140082&sct=1&seg=0&dl=https%3A%2F%2Fwww.fondtravels.com%2Fblog&dt=Fondtravels%20Blog%20-%20Get%20Latest%20Flights%20And%20Destinations%20Deals&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CLYX5GMY8H&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fondtravels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Sep 2022 07:21:22 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.fondtravels.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
47 B 89ms
28ms Ping
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-CLYX5GMY8H&cid=36376325.1663140082&gtm=2oe9c0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CLYX5GMY8H&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fondtravels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Sep 2022 07:21:22 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.fondtravels.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 108ms
47ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-CLYX5GMY8H&cid=36376325.1663140082&gtm=2oe9c0&aip=1&z=2129901736

Requested by

Host: www.fondtravels.com
URL: https://www.fondtravels.com/blog

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fondtravels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Sep 2022 07:21:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

wcm Show response
www.google.de/pagead/attribution/
Redirect Chain

https://www.googleadservices.com/pagead/conversion/608859459/wcm?cc=ZZ&dn=18882700071&cl=91IxCIfFjN4BEMPqqaIC&ct_eid=2
https://www.google.de/pagead/attribution/wcm?cc=ZZ&dn=18882700071&cl=91IxCIfFjN4BEMPqqaIC

80 B
244 B

32ms
32ms

XHR
application/json

2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.de/pagead/attribution/wcm?cc=ZZ&dn=18882700071&cl=91IxCIfFjN4BEMPqqaIC

Requested by

Host: www.fondtravels.com
URL: https://www.fondtravels.com/blog

Protocol

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d933a98657089095397ca6126d62e3a07c39e70f82b36f8cea002c0ba5bf1e2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fondtravels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:21:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: application/json; charset=UTF-8
access-control-allow-origin: null
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87
x-xss-protection: 0

Redirect headers

timing-allow-origin: *
date: Wed, 14 Sep 2022 07:21:22 GMT
x-content-type-options: nosniff
server: cafe
location: https://www.google.de/pagead/attribution/wcm?cc=ZZ&dn=18882700071&cl=91IxCIfFjN4BEMPqqaIC
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: https://www.fondtravels.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/608859459/ 2 KB
2 KB 124ms
72ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/608859459/?random=1663140082534&cv=9&fst=1663140082534&num=1&label=91IxCIfFjN4BEMPqqaIC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9c0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.fondtravels.com%2Fblog&tiba=Fondtravels%20Blog%20-%20Get%20Latest%20Flights%20And%20Destinations%20Deals&auid=505144956.1663140082&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

393c30e23a5692b82ac70f70ed9280986bb223547ddfc4eac665354bed6c9020

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fondtravels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Sep 2022 07:21:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1099
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
445 B 33ms
27ms XHR
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-121888560-2&cid=36376325.1663140082&jid=272320031&gjid=2014255577&_gid=422599828.1663140082&_u=YEBAAEAAAAAAAC~&z=1953383992

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.fondtravels.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 14 Sep 2022 07:21:22 GMT
content-type: text/plain
access-control-allow-origin: https://www.fondtravels.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 117ms
48ms Image
image/gif 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-121888560-2&cid=36376325.1663140082&jid=272320031&_u=YEBAAEAAAAAAAC~&z=698426187

Requested by

Host: www.fondtravels.com
URL: https://www.fondtravels.com/blog

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fondtravels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Sep 2022 07:21:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 55ms
54ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-121888560-2&cid=36376325.1663140082&jid=272320031&_u=YEBAAEAAAAAAAC~&z=698426187

Requested by

Host: www.fondtravels.com
URL: https://www.fondtravels.com/blog

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fondtravels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Sep 2022 07:21:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

wcm Show response
www.google.de/pagead/attribution/
Redirect Chain

https://www.googleadservices.com/pagead/conversion/608859459/wcm?cc=ZZ&dn=18882700071&cl=fNOxCMCE1P0BEMPqqaIC&ct_eid=2
https://www.google.de/pagead/attribution/wcm?cc=ZZ&dn=18882700071&cl=fNOxCMCE1P0BEMPqqaIC

80 B
111 B

112ms
28ms

XHR
application/json

2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.de/pagead/attribution/wcm?cc=ZZ&dn=18882700071&cl=fNOxCMCE1P0BEMPqqaIC

Requested by

Host: www.fondtravels.com
URL: https://www.fondtravels.com/blog

Protocol

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d933a98657089095397ca6126d62e3a07c39e70f82b36f8cea002c0ba5bf1e2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fondtravels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:21:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: application/json; charset=UTF-8
access-control-allow-origin: null
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87
x-xss-protection: 0

Redirect headers

timing-allow-origin: *
date: Wed, 14 Sep 2022 07:21:22 GMT
x-content-type-options: nosniff
server: cafe
location: https://www.google.de/pagead/attribution/wcm?cc=ZZ&dn=18882700071&cl=fNOxCMCE1P0BEMPqqaIC
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: https://www.fondtravels.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 /
www.google.com/pagead/1p-user-list/608859459/ 42 B
154 B 49ms
42ms Image
image/gif 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/608859459/?random=1663140082534&cv=9&fst=1663138800000&num=1&label=91IxCIfFjN4BEMPqqaIC&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9c0&sendb=1&frm=0&url=https%3A%2F%2Fwww.fondtravels.com%2Fblog&tiba=Fondtravels%20Blog%20-%20Get%20Latest%20Flights%20And%20Destinations%20Deals&async=1&fmt=3&is_vtc=1&random=3836603795&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.fondtravels.com
URL: https://www.fondtravels.com/blog

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fondtravels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Sep 2022 07:21:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/608859459/ 42 B
64 B 127ms
41ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/608859459/?random=1663140082534&cv=9&fst=1663138800000&num=1&label=91IxCIfFjN4BEMPqqaIC&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9c0&sendb=1&frm=0&url=https%3A%2F%2Fwww.fondtravels.com%2Fblog&tiba=Fondtravels%20Blog%20-%20Get%20Latest%20Flights%20And%20Destinations%20Deals&async=1&fmt=3&is_vtc=1&random=3836603795&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.fondtravels.com
URL: https://www.fondtravels.com/blog

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fondtravels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Sep 2022 07:21:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 56017612 Show response
www.clarity.ms/tag/uet/ 2 KB
2 KB 274ms
168ms Script
application/x-javascript 2620:1ec:27::cafe:1835
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/uet/56017612
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/action/56017612.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:27::cafe:1835 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: c6e6a1cda18c766d506c45341193e53ae8f18852232f91dc9310257cbc07869e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fondtravels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:21:22 GMT
x-powered-by: ASP.NET
x-azure-ref: 08oAhYwAAAAAl+wpLkBphQ6/YUhu3XASuV0FXMDFFREdFMDUyMQA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
expires: -1
cache-control: no-cache, no-store
request-context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8

GET
H2 200 clarity.js Show response
www.clarity.ms/eus-c/s/0.6.40/ 54 KB
23 KB 166ms
166ms Script
application/javascript 2620:1ec:27::cafe:1835
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/eus-c/s/0.6.40/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/56017612
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:27::cafe:1835 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: bbffae0d03e6d48b808856596e595ab718c08bbc4476e7323bfcff4a6f833260

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fondtravels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 07:21:22 GMT
content-encoding: br
etag: "1d8bd4806fdad30"
last-modified: Wed, 01 Jun 2022 12:22:22 GMT
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript;charset=utf-8
cache-control: public,max-age=86400
x-azure-ref: 08oAhYwAAAABRjZVpUjK8S6/U9ieBp6AOV0FXMDFFREdFMDUyMQA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
accept-ranges: bytes
request-context: appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?CtsSyncId=04F811268020453AA60394C2430218E5&RedC=c.clarity.ms&MXFR=15591FE772536C101A270DF876536295
https://c.clarity.ms/c.gif?CtsSyncId=04F811268020453AA60394C2430218E5&MUID=21D65B89E8A2660B288C4996E90E6713

42 B
368 B

41ms
41ms

Image
image/gif

20.234.93.27
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?CtsSyncId=04F811268020453AA60394C2430218E5&MUID=21D65B89E8A2660B288C4996E90E6713
Protocol: H2
Server: 20.234.93.27 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fondtravels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Sep 2022 07:21:22 GMT
last-modified: Tue, 13 Sep 2022 19:54:52 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "8d3298b0aac7d81:0"
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

Redirect headers

pragma: no-cache
date: Wed, 14 Sep 2022 07:21:22 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 18F9A9D4B53D471DA06B2C4F39EB49FE Ref B: FRA31EDGE0118 Ref C: 2022-09-14T07:21:23Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?CtsSyncId=04F811268020453AA60394C2430218E5&MUID=21D65B89E8A2660B288C4996E90E6713
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

POST
H2 204 collect Show response
h.clarity.ms/ 0
179 B 436ms
214ms XHR
text/plain 52.224.31.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://h.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus-c/s/0.6.40/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.224.31.34 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.fondtravels.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-origin: https://www.fondtravels.com
date: Wed, 14 Sep 2022 07:21:22 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8

Verdicts & Comments Add Verdict or Comment

84 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

17 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.fondtravels.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: oyqzoa3egrwh1taaanjpvqoo
.fondtravels.com/	1970-01-20 08:08:36	Name: _gcl_au Value: 1.1.505144956.1663140082
.fondtravels.com/	1970-01-20 06:00:26	Name: _gid Value: GA1.2.422599828.1663140082
.fondtravels.com/	1970-01-20 05:59:00	Name: _gat_UA-121888560-2 Value: 1
.bing.com/	1970-01-20 15:20:36	Name: MUID Value: 21D65B89E8A2660B288C4996E90E6713
.fondtravels.com/	1970-01-20 06:00:26	Name: _uetsid Value: d5c457a033fd11edb3f08da5445fad63
.fondtravels.com/	1970-01-20 15:20:36	Name: _uetvid Value: d5c48b6033fd11ed90f813059b8821da
.fondtravels.com/	1970-01-20 15:35:00	Name: _ga_CLYX5GMY8H Value: GS1.1.1663140082.1.0.1663140082.60.0.0
.fondtravels.com/	1970-01-20 15:35:00	Name: _ga Value: GA1.1.36376325.1663140082
.doubleclick.net/	1970-01-20 05:59:00	Name: test_cookie Value: CheckForPermission
www.clarity.ms/	1970-01-20 14:44:36	Name: CLID Value: d8afa5714e5d4f0387f25472ae9ccd95.20220914.20230914
.fondtravels.com/	1970-01-20 14:44:36	Name: _clck Value: qr9vqr\|1\|f4v\|0
.c.bing.com/	1970-01-20 15:20:36	Name: SRM_B Value: 21D65B89E8A2660B288C4996E90E6713
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 15:20:36	Name: MUID Value: 21D65B89E8A2660B288C4996E90E6713
.c.clarity.ms/	1970-01-20 05:59:00	Name: ANONCHK Value: 0
.fondtravels.com/	1970-01-20 06:00:26	Name: _clsk Value: 15qrkni\|1663140083671\|1\|1\|h.clarity.ms/collect

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bat.bing.com
c.bing.com
c.clarity.ms
fonts.googleapis.com
googleads.g.doubleclick.net
h.clarity.ms
region1.analytics.google.com
stats.g.doubleclick.net
www.clarity.ms
www.fondtravels.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
142.250.186.98
174.138.184.42
20.234.93.27
2001:4860:4802:34::36
2620:1ec:27::cafe:1835
2620:1ec:c11::200
2a00:1450:4001:802::2002
2a00:1450:4001:802::200e
2a00:1450:4001:809::2004
2a00:1450:4001:813::2003
2a00:1450:4001:82f::2008
2a00:1450:4001:830::2003
2a00:1450:400c:c00::9d
2a00:1450:400e:802::200a
52.224.31.34
05dbc51654b96590d176c27efbcef2cf4ac0497499a9f28b731b73eea399070c
116670045b21cd3476142203f8b862350d072868a3577b17d7a5f41001eddef9
1996d75527286f0a4d109fb44ea330240ef4aa0d339ce2846bcaa24245c686ce
238c2f1e37504c5a2bf29452f42c57c84e8bb202d8a6ee3579c47416de21c78b
2604b45b39193f2405a1a4b4f93b2d769fb6a67c8f1d0b097343e540c7911ec1
27079022f89c5056199b8d2af279301e5f26a5e44c95a063c25beaae78c1ea85
27714fc9f6c28c2e573cf279c79a5ba70f7bf7cd5a59753c363c29589c195686
30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7
3523abb94b6f006af6929c859ea9d2e4f992fbb8e307ae9a28e8d9ea7e81a61a
393c30e23a5692b82ac70f70ed9280986bb223547ddfc4eac665354bed6c9020
39781f16143e6332e18d3cbee847cf387655cd427c632b874cee189987d22e53
4a79cf4c374cc037c52da20858f7716a73c970a44240da65765a83f0db1cb5d0
4cc1532b9a20778513bc51e0ef6f350d9bca19e8118cd572bf6b41d357bd30dc
4cfff9436d0e6711008984b4f417585291588e9d17be64fe2c4b0e0b8f15c3fd
56495ecf3817730b0a1a536db07289865c0cbe453e888ee1982c9b4d3cb5c28c
6cc828659ea1ac1d30dad84274d33b092fc22c3e7f2e4eb668a6a164e9b1dbdc
6d7c6c10049c5b655d3cd48030eb9729c6fbfbd239483f1336e200174678da81
710eaf5de9e92f3e678aaa8c5789dc4fd9a7537ba964c94041f28f415f6adc7a
746e54e89161118a67bd59103c4ab55e3060735cc85c1d047c2cf04d4b12043d
77398cde30a9f0461bb7fdf945dc1298835467896a6df05fbe92c7b82a851414
7798165ee5a3c6809310d8261dcbe7c8d0c12d795b7b09a71af3eb86ec8f33f2
7d4289838bb3f128fc0dfeaa7da57a098b0d0557d86d2568bb3ff17abd0cc70f
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8d2ea093b5e476ddba1b9c317431a87717bfa8e67b5322aaae85db2830d01fd2
934e21c41e6e8b7a881b956779c4bac3a3ce0788f37265759121866e0559633b
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9f959aaad80347edc26ed8279c6a68c098efc76876ac2e2f8ccc54b118f197f4
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
ac9b16f82bf2d916c0134918c2e6c03d24860f390b7df6e59f04d2261757f77c
afbb6cb395366291ddd76bca52959b325facb62091f6e731ec413e46ba879265
bbffae0d03e6d48b808856596e595ab718c08bbc4476e7323bfcff4a6f833260
c3667b501a37f9991db244ec52243c967328ef59808124b0474a800452674836
c6e6a1cda18c766d506c45341193e53ae8f18852232f91dc9310257cbc07869e
cd9216308f7433d319f912cfc029861f0176f0d0af13c57338d291f757fb01de
ce2837cc6c2b3457814305217836b8c6160e7f5b8d684af9ff35b4efdb59e9e1
d32f8d75a0ab3d7451c7a8b713d5f4df9d110e519ab63387a385fa012b38750b
d924d966d44cf7973b34c92c74dc68237fec423d578f2c9497eaa0790900d71e
d933a98657089095397ca6126d62e3a07c39e70f82b36f8cea002c0ba5bf1e2c
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dee528499e901b6008deb429aa4eaab36da68bc7519c1945b0654a48b4600f17
e0668425c8347a9b328e4985beb20aa737f2615b9dc989a5a3e92d3712279cf2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4b88458c7a8d32d1fbf0f46ace88b18fbe25f45d11ed4ab41b9fa74f65e2a8b
e6a96efaedb59172a57813a527bc1a59827cb79801119780668ba3ff43bad706
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f6200e00f9bcf9a324c8c1a046c6bc624ebcaf1379faf13e4d76ae56ea0d1a11
fec78c62dcab2009edc1f9c4937937589e4459c8405205ff67146898b16bf391
ff2fde453aa6220144126828a284d4cc227479f1fe83beef3a6b6a4504c7e4df

www.fondtravels.com Open in urlscan Pro 174.138.184.42 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

56 Requests

82 %HTTPS

73 %IPv6

11 Domains

16 Subdomains

15 IPs

4 Countries

769 kBTransfer

1517 kBSize

17 Cookies

32 Outgoing links

Redirected requests

56 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

www.fondtravels.com Open in urlscan Pro
174.138.184.42 Public Scan

Screenshot
Live screenshot

Full Image

56
Requests

82 %
HTTPS

73 %
IPv6

11
Domains

16
Subdomains

15
IPs

4
Countries

769 kB
Transfer

1517 kB
Size

17
Cookies

56 HTTP transactions
0 data transactions