www.bankstravel.com Open in urlscan Pro
51.81.251.175 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.bankstravel.com/
Submission: On September 25 via automatic, source certstream-suspicious (September 25th 2021, 6:26:14 pm UTC) — Scanned from DE

Summary HTTP 72 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 14 IPs in 4 countries across 8 domains to perform 72 HTTP transactions. The main IP is 51.81.251.175, located in Hillsboro, United States and belongs to OVH, FR. The main domain is www.bankstravel.com.
TLS certificate: Issued by R3 on September 25th 2021. Valid for: 3 months.

This is the only time www.bankstravel.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
11	51.81.251.175 51.81.251.175	16276 (OVH) (OVH)
3	104.18.11.207 104.18.11.207	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.186.138 142.250.186.138	15169 (GOOGLE) (GOOGLE)
6	142.250.186.74 142.250.186.74	15169 (GOOGLE) (GOOGLE)
1 16	89.187.169.47 89.187.169.47	60068 (CDN77 ^_^) (CDN77 ^_^)
8	65.51.132.157 65.51.132.157	6128 (CABLE-NET-1) (CABLE-NET-1)
2	52.217.43.158 52.217.43.158	16509 (AMAZON-02) (AMAZON-02)
2	142.250.185.234 142.250.185.234	15169 (GOOGLE) (GOOGLE)
10	74.113.72.253 74.113.72.253	46861 (SOFTVOYAG...) (SOFTVOYAGE-NET)
3	142.250.186.67 142.250.186.67	15169 (GOOGLE) (GOOGLE)
1	51.81.245.63 51.81.245.63	16276 (OVH) (OVH)
2	142.250.181.227 142.250.181.227	15169 (GOOGLE) (GOOGLE)
7	74.113.74.98 74.113.74.98	46861 (SOFTVOYAG...) (SOFTVOYAGE-NET)
72	14

11 51.81.251.175 (Hillsboro, United States)

ASN16276 (OVH, FR)
PTR: proxy1.gttwl.net

www.bankstravel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.18.11.207 (None, )

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.138 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f10.1e100.net

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.186.74 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f10.1e100.net

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 89.187.169.47 (Frankfurt am Main, Germany) 1 redirects

ASN60068 (CDN77 ^_^, GB)
PTR: unn-89-187-169-47.cdn77.com

cdn2.gttwl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn1.gttwl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn4.gttwl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn3.gttwl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 65.51.132.157 (Seaford, United States)

ASN6128 (CABLE-NET-1, US)
PTR: 4133849d.cst.lightpath.net

tacticals.travelsavers.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.217.43.158 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.234 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 74.113.72.253 (Montreal, Canada)

ASN46861 (SOFTVOYAGE-NET, CA)
PTR: dweb1001.softvoyage.com

trs.sax.softvoyage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.67 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.81.245.63 (Hillsboro, United States)

ASN16276 (OVH, FR)
PTR: ovh1.gttwl.net

ads.gttwl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.181.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f3.1e100.net

maps.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 74.113.74.98 (Montreal, Canada)

ASN46861 (SOFTVOYAGE-NET, CA)
PTR: dweb1026.softvoyage.com

lib.softvoyage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	softvoyage.com trs.sax.softvoyage.com lib.softvoyage.com	158 KB
17	gttwl.net 1 redirects cdn2.gttwl.net cdn1.gttwl.net cdn4.gttwl.net cdn3.gttwl.net ads.gttwl.net	1 MB
11	bankstravel.com www.bankstravel.com	97 KB
9	googleapis.com ajax.googleapis.com maps.googleapis.com fonts.googleapis.com	311 KB
8	travelsavers.com tacticals.travelsavers.com	299 KB
5	gstatic.com fonts.gstatic.com maps.gstatic.com	89 KB
3	bootstrapcdn.com maxcdn.bootstrapcdn.com	48 KB
2	amazonaws.com s3.amazonaws.com	88 KB
72	8

	Domain	Requested by
11	www.bankstravel.com	www.bankstravel.com ajax.googleapis.com
10	trs.sax.softvoyage.com	www.bankstravel.com trs.sax.softvoyage.com lib.softvoyage.com
8	tacticals.travelsavers.com	www.bankstravel.com
8	cdn2.gttwl.net	1 redirects www.bankstravel.com
7	lib.softvoyage.com	trs.sax.softvoyage.com
6	maps.googleapis.com	www.bankstravel.com maps.googleapis.com
4	cdn1.gttwl.net	www.bankstravel.com
3	fonts.gstatic.com	fonts.googleapis.com
3	cdn3.gttwl.net	www.bankstravel.com
3	maxcdn.bootstrapcdn.com	www.bankstravel.com maxcdn.bootstrapcdn.com
2	maps.gstatic.com	www.bankstravel.com
2	fonts.googleapis.com	www.bankstravel.com
2	s3.amazonaws.com	www.bankstravel.com
1	ads.gttwl.net	cdn2.gttwl.net
1	cdn4.gttwl.net	www.bankstravel.com
1	ajax.googleapis.com	www.bankstravel.com
72	16

This site contains links to these domains. Also see Links.

Domain
trs.sax.softvoyage.com
ads.gttwl.net
www.facebook.com

Subject Issuer	Validity	Valid
www.bankstravel.com R3	`2021-09-25` - `2021-12-24`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-03-01` - `2022-02-28`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
cdn2.gttwl.net R3	`2021-09-20` - `2021-12-19`	3 months	crt.sh
*.travelsavers.com Go Daddy Secure Certificate Authority - G2	`2021-01-29` - `2022-03-02`	a year	crt.sh
s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2021-06-23` - `2022-07-24`	a year	crt.sh
cdn1.gttwl.net R3	`2021-09-20` - `2021-12-19`	3 months	crt.sh
*.sax.softvoyage.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2020-10-05` - `2021-11-06`	a year	crt.sh
cdn4.gttwl.net R3	`2021-09-20` - `2021-12-19`	3 months	crt.sh
cdn3.gttwl.net R3	`2021-09-20` - `2021-12-19`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
ads.gttwl.net R3	`2021-09-15` - `2021-12-14`	3 months	crt.sh
*.softvoyage.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2020-10-05` - `2021-11-06`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://www.bankstravel.com/
Frame ID: 575ABCBD15E18505EBF10E82814C65B5
Requests: 55 HTTP requests in this frame

Frame: https://trs.sax.softvoyage.com/cgi-bin/querypackage.cgi?code_ag=trs&alias=hhq&language=en
Frame ID: 92D3CE6C6AB77B61B8533867DA1B7A79
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Welcome | K Banks Travel

Detected technologies

Google Maps (Maps) Expand

Overall confidence: 100%
Detected patterns

//maps\.google(?:apis)?\.com/maps/api/js

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Lightbox (JavaScript Libraries) Expand

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
jquery[.-]([\d.]*\d)[^/]*\.js

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)/jquery-ui(?:\.min)?\.js
jquery-ui.*\.js

Page Statistics

72
Requests

99 %
HTTPS

0 %
IPv6

8
Domains

16
Subdomains

14
IPs

4
Countries

2326 kB
Transfer

3278 kB
Size

3
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://trs.sax.softvoyage.com/cgi-bin/querypackage.cgi?code_ag=trs&alias=hhq&language=en

Search URL Search Domain Scan URL

URL: https://trs.sax.softvoyage.com/cgi-bin/query.cgi?code_ag=trs&alias=hhq&language=en

Search URL Search Domain Scan URL

URL: https://trs.sax.softvoyage.com/cgi-bin/querylast.cgi?code_ag=trs&alias=hhq&language=en

Search URL Search Domain Scan URL

URL: https://trs.sax.softvoyage.com/cgi-bin/query-hotel.cgi?code_ag=trs&alias=hhq&language=en

Search URL Search Domain Scan URL

URL: https://trs.sax.softvoyage.com/cgi-bin/query-dynpkg.cgi?code_ag=trs&alias=hhq&language=en

Search URL Search Domain Scan URL

URL: https://ads.gttwl.net/adclick/v1/g202fgss8b?q=https%3A%2F%2Fagents.travelsavers.com%2Flibrary%2FBedsonline_September_2021_SOM.pdf+&r=https%3A%2F%2Fwww.bankstravel.com%2F&tags=&u=718c59ec-61d2-4f41-bc0b-0cb88aa572fc

Search URL Search Domain Scan URL

URL: https://www.facebook.com/BanksTravel?fref=ts

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2

https://www.bankstravel.com/colors.css HTTP 302
https://www.bankstravel.com/user/colors.css HTTP 302
https://www.bankstravel.com/

Request Chain 20

https://cdn2.gttwl.net/js/v1/serve.js HTTP 302
https://s3.amazonaws.com/gttwl/js/v1/serve.js

72 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.bankstravel.com/ 21 KB
6 KB 3598ms
3236ms Document
text/html 51.81.251.175
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bankstravel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.81.251.175 Hillsboro, United States, ASN16276 (OVH, FR),

Reverse DNS

proxy1.gttwl.net

Software

Caddy nginx/1.12.2 + Phusion Passenger 5.2.1 / Phusion Passenger 5.2.1

Resource Hash

bc390f86b2a469c147c55da9918bf5d4b6608c1739f5336d9707ad3cbabb2560

Security Headers

Name	Value
Strict-Transport-Security	max-age=3000;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.bankstravel.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

cache-control: max-age=0, private, must-revalidate
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sat, 25 Sep 2021 18:26:05 GMT
etag: W/"270f1ed1685db9bacf4621e529448870"
server: Caddy nginx/1.12.2 + Phusion Passenger 5.2.1
set-cookie: cart=eef1e0f7-5565-49ac-8643-3759bbeeedaa; path=/; expires=Wed, 25 Sep 2041 18:26:02 -0000 _gttwl2_session=VFJ6VWNFVDEzdnRQN3VNYndNdloyWDlJNThaRWFDTnNROWNTWTZzRmxOZzBKVzZQUGJnUFZTWHAvODlkWm1BTm9vdGJWZXUweFVoaTZvaDlXSlhxemJJVDZJb2lIU1ZxNlBSM0ZQM1hMcTVIR0RRQzZuNHVtVFJTVUZOSDU3VnNldUwxTUFYN0ZxeXZPdjJMRWNhTzN5ZzdHQ2ZKVFpYVWsvWXcvVUZGVEJDa29sRTVKWXA1M2JHMjlsWDBnYm1vLS02SnQyRDVQVnB0QnphazUrakxhOC9BPT0%3D--18b8fcfdeeaf5f981a2d2cbe7e4928789bc4b845; path=/; expires=Sun, 26 Sep 2021 18:26:05 -0000; HttpOnly
status: 200 OK
strict-transport-security: max-age=3000;
x-content-type-options: nosniff
x-powered-by: Phusion Passenger 5.2.1
x-request-id: f9dcdf03-4492-41e0-b09d-8f65faad5c65
x-runtime: 3.014738
x-ua-compatible: chrome=1
x-xss-protection: 1; mode=block

GET
H2 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.4/css/ 115 KB
20 KB 34ms
18ms Stylesheet
text/css 104.18.11.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.4/css/bootstrap.min.css

Requested by

Host: www.bankstravel.com
URL: https://www.bankstravel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f04b517ba5d6a0510485689a3e42dac000f51640fd71b986804cba178eae42a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankstravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 25 Sep 2021 18:26:05 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 632, 617
age: 16147791
cdn-cachedat: 2021-03-11 11:59:33
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:03:58 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 3635dc8c77fba3315be6707289c4e04d
cf-ray: 69464c809a2e4e32-FRA
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2 200 custom.css
www.bankstravel.com/ 27 KB
7 KB 329ms
328ms Stylesheet
text/css 51.81.251.175
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bankstravel.com/custom.css

Requested by

Host: www.bankstravel.com
URL: https://www.bankstravel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.81.251.175 Hillsboro, United States, ASN16276 (OVH, FR),

Reverse DNS

proxy1.gttwl.net

Software

Caddy nginx/1.12.2 + Phusion Passenger 5.2.1 / Phusion Passenger 5.2.1

Resource Hash

1e85b0e6bc938c0f185d88b3cc579ec9d6969c425aca51a55524a069f859bdc0

Security Headers

Name	Value
Strict-Transport-Security	max-age=3000;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /custom.css
pragma: no-cache
cookie: cart=eef1e0f7-5565-49ac-8643-3759bbeeedaa; _gttwl2_session=VFJ6VWNFVDEzdnRQN3VNYndNdloyWDlJNThaRWFDTnNROWNTWTZzRmxOZzBKVzZQUGJnUFZTWHAvODlkWm1BTm9vdGJWZXUweFVoaTZvaDlXSlhxemJJVDZJb2lIU1ZxNlBSM0ZQM1hMcTVIR0RRQzZuNHVtVFJTVUZOSDU3VnNldUwxTUFYN0ZxeXZPdjJMRWNhTzN5ZzdHQ2ZKVFpYVWsvWXcvVUZGVEJDa29sRTVKWXA1M2JHMjlsWDBnYm1vLS02SnQyRDVQVnB0QnphazUrakxhOC9BPT0%3D--18b8fcfdeeaf5f981a2d2cbe7e4928789bc4b845
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.bankstravel.com
referer: https://www.bankstravel.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankstravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-runtime: 0.031903
date: Sat, 25 Sep 2021 18:26:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: Caddy nginx/1.12.2 + Phusion Passenger 5.2.1
x-powered-by: Phusion Passenger 5.2.1
strict-transport-security: max-age=3000;
content-type: text/css; charset=utf-8
status: 200 OK
x-xss-protection: 1; mode=block
cache-control: max-age=0, private, must-revalidate
set-cookie: _gttwl2_session=bGxSZ3EydC9zUm0vcnNoYTQ3dGZrQ3dyTXF4OENYL2hmSWNOdkt1bDNkR3pJSjViN1pIellEKzUzVGt4SFRPbXhsd2U0MFpsV1REMGY0M1IvdVBCeStiSnFadkdNMG5pZ3dNbnRoakd0N0N2b2ZDTXJPS01vWkRvZVhTTUJmUEhDMUhFSjVUVHVBRTRCd1FySU9Ta2ZiSU84bzduUDVnK1VocTBsaWEwamZ3RXgwRThxWVQ2ZStDMEtSMjZjT1FQLS1oeDF6Nit2ZEFKRko2N3lqcVRNSlZBPT0%3D--32152b85b2dc6ad818e7da5ab366a360f2158b9f; path=/; expires=Sun, 26 Sep 2021 18:26:05 -0000; HttpOnly
etag: W/"08b4eea5e98c33be53301fc113fc6049"
x-request-id: a9275f49-cc47-4de0-90a2-5b508e4d444e
x-ua-compatible: chrome=1

GET

/
www.bankstravel.com/
Redirect Chain

https://www.bankstravel.com/colors.css
https://www.bankstravel.com/user/colors.css
https://www.bankstravel.com/

0
0

GET
H2 200 font-awesome.css
www.bankstravel.com/assets/font-awesome-4.6.3/css/ 34 KB
8 KB 167ms
165ms Stylesheet
text/css 51.81.251.175
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bankstravel.com/assets/font-awesome-4.6.3/css/font-awesome.css

Requested by

Host: www.bankstravel.com
URL: https://www.bankstravel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.81.251.175 Hillsboro, United States, ASN16276 (OVH, FR),

Reverse DNS

proxy1.gttwl.net

Software

Caddy nginx/1.12.2 /

Resource Hash

b977f453450222a069d89dd2e776f6f21f9fa42f6e15c03c7fe6ff34d9a2c159

Security Headers

Name	Value
Strict-Transport-Security	max-age=3000;

Request headers

:path: /assets/font-awesome-4.6.3/css/font-awesome.css
pragma: no-cache
cookie: cart=eef1e0f7-5565-49ac-8643-3759bbeeedaa; _gttwl2_session=VFJ6VWNFVDEzdnRQN3VNYndNdloyWDlJNThaRWFDTnNROWNTWTZzRmxOZzBKVzZQUGJnUFZTWHAvODlkWm1BTm9vdGJWZXUweFVoaTZvaDlXSlhxemJJVDZJb2lIU1ZxNlBSM0ZQM1hMcTVIR0RRQzZuNHVtVFJTVUZOSDU3VnNldUwxTUFYN0ZxeXZPdjJMRWNhTzN5ZzdHQ2ZKVFpYVWsvWXcvVUZGVEJDa29sRTVKWXA1M2JHMjlsWDBnYm1vLS02SnQyRDVQVnB0QnphazUrakxhOC9BPT0%3D--18b8fcfdeeaf5f981a2d2cbe7e4928789bc4b845
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.bankstravel.com
referer: https://www.bankstravel.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankstravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 25 Sep 2021 18:26:05 GMT
content-encoding: gzip
last-modified: Mon, 06 Apr 2020 02:31:21 GMT
server: Caddy nginx/1.12.2
etag: W/"5e8a9479-893e"
strict-transport-security: max-age=3000;
content-type: text/css

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.2/ 94 KB
94 KB 36ms
12ms Script
text/javascript 142.250.186.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.11.2/jquery.min.js

Requested by

Host: www.bankstravel.com
URL: https://www.bankstravel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f10.1e100.net

Software

sffe /

Resource Hash

2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankstravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 25 Sep 2021 11:06:39 GMT
x-content-type-options: nosniff
age: 26366
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95931
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="hosted-libraries-pushers"
expires: Sun, 25 Sep 2022 11:06:39 GMT

GET
H2 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/3.3.4/js/ 35 KB
10 KB 35ms
20ms Script
application/javascript 104.18.11.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.4/js/bootstrap.min.js

Requested by

Host: www.bankstravel.com
URL: https://www.bankstravel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d5fd173d00d9733900834e0e1083de86b532e048b15c0420ba5c2db0623644b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankstravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 25 Sep 2021 18:26:05 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 632, 718
age: 16145955
cdn-cachedat: 2021-03-11 11:57:55
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:03:58 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 1d4be5fddad4a0a9241728c5f5457839
cf-ray: 69464c809a324e32-FRA
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2 200 custom.js Show response
www.bankstravel.com/ 2 KB
1 KB 188ms
187ms Script
application/javascript 51.81.251.175
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bankstravel.com/custom.js

Requested by

Host: www.bankstravel.com
URL: https://www.bankstravel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.81.251.175 Hillsboro, United States, ASN16276 (OVH, FR),

Reverse DNS

proxy1.gttwl.net

Software

Caddy nginx/1.12.2 + Phusion Passenger 5.2.1 / Phusion Passenger 5.2.1

Resource Hash

96d249ad0da87f164824b47ebe53b0d29ba15282d69e6726ba19da9fcc762e02

Security Headers

Name	Value
Strict-Transport-Security	max-age=3000;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /custom.js
pragma: no-cache
cookie: cart=eef1e0f7-5565-49ac-8643-3759bbeeedaa; _gttwl2_session=VFJ6VWNFVDEzdnRQN3VNYndNdloyWDlJNThaRWFDTnNROWNTWTZzRmxOZzBKVzZQUGJnUFZTWHAvODlkWm1BTm9vdGJWZXUweFVoaTZvaDlXSlhxemJJVDZJb2lIU1ZxNlBSM0ZQM1hMcTVIR0RRQzZuNHVtVFJTVUZOSDU3VnNldUwxTUFYN0ZxeXZPdjJMRWNhTzN5ZzdHQ2ZKVFpYVWsvWXcvVUZGVEJDa29sRTVKWXA1M2JHMjlsWDBnYm1vLS02SnQyRDVQVnB0QnphazUrakxhOC9BPT0%3D--18b8fcfdeeaf5f981a2d2cbe7e4928789bc4b845
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.bankstravel.com
referer: https://www.bankstravel.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankstravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 25 Sep 2021 18:26:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-powered-by: Phusion Passenger 5.2.1
status: 200 OK
content-length: 681
x-xss-protection: 1; mode=block
x-request-id: 6783d96b-b708-4daa-8ea4-14d76bedd962
x-ua-compatible: chrome=1
x-runtime: 0.020909
server: Caddy nginx/1.12.2 + Phusion Passenger 5.2.1
etag: W/"8cf466ce1e9258b36ba14eafce82abb5"
strict-transport-security: max-age=3000;
content-type: application/javascript; charset=utf-8
cache-control: max-age=0, private, must-revalidate
set-cookie: _gttwl2_session=cXVTdFZ2bGM0b2loRXJyK0xOczNjekpXaGxoN3I1NWlmaVFtaVgxOElQdDRyNUR2Z1VFcnh1Z0hzSWYwYzBubllLUDVvTzM1SXk0dUEzOU8wN01MV3VibE1DMGFMS09qUmZxbjViMWQ1MDQxUEFIamttWHRlYnBaWkJzSktEM3luWDUzbDhGZU9QNk8wSHVpOFg3QVVHS0ZXVDRaYjFpY3ZCU3NrRnVRWDdGRGk4ZnJ2b0tSdDlsTGZvT2JMdUZZLS1sQW1YcjRpdzhlYXpIVDRjbG13QmRBPT0%3D--d79ed8ca6ae345e4edecfa34984892545f97638b; path=/; expires=Sun, 26 Sep 2021 18:26:05 -0000; HttpOnly

GET
H2 200 jquery.feedek.js Show response
www.bankstravel.com/feedek/ 2 KB
1 KB 198ms
197ms Script
application/javascript 51.81.251.175
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bankstravel.com/feedek/jquery.feedek.js

Requested by

Host: www.bankstravel.com
URL: https://www.bankstravel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.81.251.175 Hillsboro, United States, ASN16276 (OVH, FR),

Reverse DNS

proxy1.gttwl.net

Software

Caddy nginx/1.12.2 + Phusion Passenger 5.2.1 / Phusion Passenger 5.2.1

Resource Hash

471ef98f60b7dff25442551f92d52020cd7ddac9bc512a80493a6d0a7de0d003

Security Headers

Name	Value
Strict-Transport-Security	max-age=3000;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /feedek/jquery.feedek.js
pragma: no-cache
cookie: cart=eef1e0f7-5565-49ac-8643-3759bbeeedaa; _gttwl2_session=VFJ6VWNFVDEzdnRQN3VNYndNdloyWDlJNThaRWFDTnNROWNTWTZzRmxOZzBKVzZQUGJnUFZTWHAvODlkWm1BTm9vdGJWZXUweFVoaTZvaDlXSlhxemJJVDZJb2lIU1ZxNlBSM0ZQM1hMcTVIR0RRQzZuNHVtVFJTVUZOSDU3VnNldUwxTUFYN0ZxeXZPdjJMRWNhTzN5ZzdHQ2ZKVFpYVWsvWXcvVUZGVEJDa29sRTVKWXA1M2JHMjlsWDBnYm1vLS02SnQyRDVQVnB0QnphazUrakxhOC9BPT0%3D--18b8fcfdeeaf5f981a2d2cbe7e4928789bc4b845
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.bankstravel.com
referer: https://www.bankstravel.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankstravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 25 Sep 2021 18:26:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-powered-by: Phusion Passenger 5.2.1
status: 200 OK
content-length: 862
x-xss-protection: 1; mode=block
x-request-id: c7748b25-fe71-4194-84df-697d4219b6e7
x-ua-compatible: chrome=1
x-runtime: 0.030230
server: Caddy nginx/1.12.2 + Phusion Passenger 5.2.1
etag: W/"f09e6074885fe96e452d186cb20dce7a"
strict-transport-security: max-age=3000;
content-type: application/javascript; charset=utf-8
cache-control: max-age=0, private, must-revalidate
set-cookie: _gttwl2_session=WndtTm81TjVGUVZ6OVFZdDF2bG1pS1dSalNpNlpJdHpVOUl5UXZ4aW5SdkIxaDhJTVhRejZVK3ordVB5YlR0b0ZWOCtjQ2hzUjVwRGtNR3BFRHNEK1c0TGIrTFhieEx3UFV2ZGMvS0JTcEpTdEZJUWZCdDJvZ0swZVphTWpUSDJrNkNHYkpVOGhqN1NEaVVrY3RzYVZFUVN1UGNjOHNtK1VQYWR4NUVrOFIzQjQyT29BcUVwZjBqVm1FWTdwbFZNLS0zSTkyMU5pS2ZyaWUwNzBZYUZlUGJBPT0%3D--9989033e0d7568aaa884e81249ff126567d2f1ed; path=/; expires=Sun, 26 Sep 2021 18:26:05 -0000; HttpOnly

GET
H2 200 jquery.feedek.css
www.bankstravel.com/feedek/ 640 B
786 B 196ms
195ms Stylesheet
text/css 51.81.251.175
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bankstravel.com/feedek/jquery.feedek.css

Requested by

Host: www.bankstravel.com
URL: https://www.bankstravel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.81.251.175 Hillsboro, United States, ASN16276 (OVH, FR),

Reverse DNS

proxy1.gttwl.net

Software

Caddy nginx/1.12.2 + Phusion Passenger 5.2.1 / Phusion Passenger 5.2.1

Resource Hash

fe404eac5811b85401d5cb44759bb04fe3d57d2383e48571e19a7c3db223c811

Security Headers

Name	Value
Strict-Transport-Security	max-age=3000;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /feedek/jquery.feedek.css
pragma: no-cache
cookie: cart=eef1e0f7-5565-49ac-8643-3759bbeeedaa; _gttwl2_session=VFJ6VWNFVDEzdnRQN3VNYndNdloyWDlJNThaRWFDTnNROWNTWTZzRmxOZzBKVzZQUGJnUFZTWHAvODlkWm1BTm9vdGJWZXUweFVoaTZvaDlXSlhxemJJVDZJb2lIU1ZxNlBSM0ZQM1hMcTVIR0RRQzZuNHVtVFJTVUZOSDU3VnNldUwxTUFYN0ZxeXZPdjJMRWNhTzN5ZzdHQ2ZKVFpYVWsvWXcvVUZGVEJDa29sRTVKWXA1M2JHMjlsWDBnYm1vLS02SnQyRDVQVnB0QnphazUrakxhOC9BPT0%3D--18b8fcfdeeaf5f981a2d2cbe7e4928789bc4b845
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.bankstravel.com
referer: https://www.bankstravel.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankstravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 25 Sep 2021 18:26:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-powered-by: Phusion Passenger 5.2.1
status: 200 OK
content-length: 333
x-xss-protection: 1; mode=block
x-request-id: 74cb76c9-7b1d-4610-8644-6bbef1e6a156
x-ua-compatible: chrome=1
x-runtime: 0.028577
server: Caddy nginx/1.12.2 + Phusion Passenger 5.2.1
etag: W/"0eeea831cb3eee71700998adeb4b15a5"
strict-transport-security: max-age=3000;
content-type: text/css; charset=utf-8
cache-control: max-age=0, private, must-revalidate
set-cookie: _gttwl2_session=WGJHdFVHTlBoVjR6SWF0YXlkMmkwTUNKMVNuQXZobHF3YW5PQ29Pa3RUMzYrbG5BVk9WYXVLRFpGb1FVYklBbEsxQ3BFVXZmYUhLTmR0MktPMHM5SXJSWHZGbFZYYjZSRTdWWjlZRTM5TXdKVzBaWVJ2UkR6ckFacWxFWFUzQjk5WXdUY0JQUkVTMS8wc1V5RnJzOGFsZThENjJMbjB2VzhST0haWS9MMWpIczF3SGhOdkpoMHdRYjJPYy91ejg0LS1la3g5YmRLdWs3MmpLSFJ4NUoxWjNBPT0%3D--65364a35669f3c9242ccb059de26d07c9686d190; path=/; expires=Sun, 26 Sep 2021 18:26:05 -0000; HttpOnly

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ 146 KB
48 KB 66ms
43ms Script
text/javascript 142.250.186.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?key=AIzaSyBa0KhpPIkUCNdYfyGCyaxM5f5dtMkd0fQ&libraries=places&sensor=true

Requested by

Host: www.bankstravel.com
URL: https://www.bankstravel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f10.1e100.net

Software

mafe /

Resource Hash

089290b14f4f1be951882d20c2c3ccb850fa0eff890f837c72f3b9c0516a1aca

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankstravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 25 Sep 2021 18:26:05 GMT
content-encoding: gzip
vary: Accept-Language
server: mafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
server-timing: gfet4t7; dur=24
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48654
x-xss-protection: 0
expires: Sat, 25 Sep 2021 18:56:05 GMT

GET
H2 200 1443812817.3420184.png
cdn2.gttwl.net/logos/ 14 KB
15 KB 623ms
622ms Image
image/png 89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn2.gttwl.net/logos/1443812817.3420184.png
Requested by: Host: www.bankstravel.com
URL: https://www.bankstravel.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-47.cdn77.com
Software: BunnyCDN-DE1-756 /
Resource Hash: 034a2609835e9fa9655a704341a329bf61c9aaa05aaa45e558aa2c8a25b5d506

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankstravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 25 Sep 2021 18:26:07 GMT
cdn-edgestorageid: 756
server: BunnyCDN-DE1-756
cdn-cachedat: 09/25/2021 20:26:07
cdn-pullzone: 134292
content-length: 14675
x-request-id: Fqgj7Ub1vNwiVoIbA3iB
cdn-proxyver: 1.0
cdn-requestpullcode: 200
content-type: image/png
cdn-cache: MISS
cdn-uid: 5a0a72eb-b254-4e7d-afa7-e34e4a4b62f4
cache-control: public, max-age=2592000
cdn-requestid: e720ef9227b07b0f4eacc4a3f7a9c12e
accept-ranges: bytes
cdn-requestcountrycode: US
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 1435262423_original.jpeg
cdn2.gttwl.net/attachments/global/ 155 KB
156 KB 9ms
9ms Image
image/jpeg 89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn2.gttwl.net/attachments/global/1435262423_original.jpeg
Requested by: Host: www.bankstravel.com
URL: https://www.bankstravel.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-47.cdn77.com
Software: BunnyCDN-DE1-756 /
Resource Hash: e567cd5ba588740a217afdaf218ddf1b13cdf0064ce455c78a9157523fdc1c3e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankstravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 25 Sep 2021 18:26:07 GMT
cdn-edgestorageid: 756
server: BunnyCDN-DE1-756
cdn-cachedat: 09/24/2021 12:33:45
cdn-pullzone: 134292
content-length: 158851
x-request-id: Fqe7kgl1ZxU91Loa2pcB
cdn-proxyver: 1.0
cdn-requestpullcode: 200
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: 5a0a72eb-b254-4e7d-afa7-e34e4a4b62f4
cache-control: public, max-age=2592000
cdn-requestid: bc24daa03ce4f785cc2c8b857bf21e6e
accept-ranges: bytes
cdn-requestcountrycode: US
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 1435261540_original.jpeg
cdn2.gttwl.net/attachments/global/ 326 KB
327 KB 11ms
10ms Image
image/jpeg 89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn2.gttwl.net/attachments/global/1435261540_original.jpeg
Requested by: Host: www.bankstravel.com
URL: https://www.bankstravel.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-47.cdn77.com
Software: BunnyCDN-DE1-756 /
Resource Hash: bae7104235860f48618ef729d0cdeb9f6099afe6a79a79f1e429da725ba11dcb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankstravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 25 Sep 2021 18:26:07 GMT
cdn-edgestorageid: 756
server: BunnyCDN-DE1-756
cdn-cachedat: 09/24/2021 08:59:07
cdn-pullzone: 134292
content-length: 333857
x-request-id: Fqev26esiSYljJEa1CGB
cdn-proxyver: 1.0
cdn-requestpullcode: 200
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: 5a0a72eb-b254-4e7d-afa7-e34e4a4b62f4
cache-control: public, max-age=2592000
cdn-requestid: bafc79937b760ab180e7fa4fc0720d29
accept-ranges: bytes
cdn-requestcountrycode: US
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 1435262130_original.jpeg
cdn2.gttwl.net/attachments/global/ 308 KB
308 KB 8ms
8ms Image
image/jpeg 89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn2.gttwl.net/attachments/global/1435262130_original.jpeg
Requested by: Host: www.bankstravel.com
URL: https://www.bankstravel.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-47.cdn77.com
Software: BunnyCDN-DE1-756 /
Resource Hash: 8cd9524a128d7e90e1a6cab6df16e291c53fdc3dc28e9c2a854b64b81d1aab4c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankstravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 25 Sep 2021 18:26:07 GMT
cdn-edgestorageid: 756
server: BunnyCDN-DE1-756
cdn-cachedat: 09/24/2021 12:34:22
cdn-pullzone: 134292
content-length: 314985
x-request-id: Fqe7mn3649iaWQoPnYJC
cdn-proxyver: 1.0
cdn-requestpullcode: 200
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: 5a0a72eb-b254-4e7d-afa7-e34e4a4b62f4
cache-control: public, max-age=2592000
cdn-requestid: 5979639fdfd2e9b90fd76ad89f352764
accept-ranges: bytes
cdn-requestcountrycode: US
cdn-status: 200
cdn-requestpullsuccess: True

GET
H/1.1 200
OK tab1_on.png
tacticals.travelsavers.com/2015/OXP-templates/SV/original/version1/SVtabs/ 7 KB
7 KB 760ms
91ms Image
image/png 65.51.132.157
CABLE-NET-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tacticals.travelsavers.com/2015/OXP-templates/SV/original/version1/SVtabs/tab1_on.png
Requested by: Host: www.bankstravel.com
URL: https://www.bankstravel.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 65.51.132.157 Seaford, United States, ASN6128 (CABLE-NET-1, US),
Reverse DNS: 4133849d.cst.lightpath.net
Software: WEB1 / ASP.NET
Resource Hash: 14be62a7751ca8b65585c8a0c68ba204cf10a088c3286d68832d42acda053e37

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankstravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sat, 25 Sep 2021 18:25:26 GMT
Last-Modified: Thu, 14 May 2015 14:55:23 GMT
Server: WEB1
X-Powered-By: ASP.NET
ETag: "ec6e7e1568ed01:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 6678

GET
H/1.1 200
OK tab2_off.png
tacticals.travelsavers.com/2015/OXP-templates/SV/original/version1/SVtabs/ 3 KB
4 KB 91ms
90ms Image
image/png 65.51.132.157
CABLE-NET-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tacticals.travelsavers.com/2015/OXP-templates/SV/original/version1/SVtabs/tab2_off.png
Requested by: Host: www.bankstravel.com
URL: https://www.bankstravel.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 65.51.132.157 Seaford, United States, ASN6128 (CABLE-NET-1, US),
Reverse DNS: 4133849d.cst.lightpath.net
Software: WEB1 / ASP.NET
Resource Hash: b89b3290e8bb457f397cf5e171af34dcf23ee3ca32169d2d9af684d5a32b6dc8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankstravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sat, 25 Sep 2021 18:25:26 GMT
Last-Modified: Thu, 14 May 2015 14:27:08 GMT
Server: WEB1
X-Powered-By: ASP.NET
ETag: "b6f9d4e528ed01:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 3388

GET
H/1.1 200
OK tab3_off.png
tacticals.travelsavers.com/2015/OXP-templates/SV/original/version1/SVtabs/ 5 KB
5 KB 93ms
92ms Image
image/png 65.51.132.157
CABLE-NET-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tacticals.travelsavers.com/2015/OXP-templates/SV/original/version1/SVtabs/tab3_off.png
Requested by: Host: www.bankstravel.com
URL: https://www.bankstravel.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 65.51.132.157 Seaford, United States, ASN6128 (CABLE-NET-1, US),
Reverse DNS: 4133849d.cst.lightpath.net
Software: WEB1 / ASP.NET
Resource Hash: ad138946d3facb1796d46ef6cf7be97d55b1e39b545b2871b8126493fa6664b8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankstravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sat, 25 Sep 2021 18:25:26 GMT
Last-Modified: Thu, 14 May 2015 14:28:14 GMT
Server: WEB1
X-Powered-By: ASP.NET
ETag: "c6248b36528ed01:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 5074

GET
H/1.1 200
OK tab4_off.png
tacticals.travelsavers.com/2015/OXP-templates/SV/original/version1/SVtabs/ 5 KB
5 KB 92ms
92ms Image
image/png 65.51.132.157
CABLE-NET-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tacticals.travelsavers.com/2015/OXP-templates/SV/original/version1/SVtabs/tab4_off.png
Requested by: Host: www.bankstravel.com
URL: https://www.bankstravel.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 65.51.132.157 Seaford, United States, ASN6128 (CABLE-NET-1, US),
Reverse DNS: 4133849d.cst.lightpath.net
Software: WEB1 / ASP.NET
Resource Hash: c2c48c9b9f0bf787af254555ab64801fb9dbbac6e0c3071d7b4b34ebd52ccd08

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankstravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sat, 25 Sep 2021 18:25:26 GMT
Last-Modified: Thu, 14 May 2015 14:28:40 GMT
Server: WEB1
X-Powered-By: ASP.NET
ETag: "5ee4046528ed01:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 4640

GET
H/1.1 200
OK tab5_off.png
tacticals.travelsavers.com/2015/OXP-templates/SV/original/version1/SVtabs/ 5 KB
5 KB 92ms
91ms Image
image/png 65.51.132.157
CABLE-NET-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tacticals.travelsavers.com/2015/OXP-templates/SV/original/version1/SVtabs/tab5_off.png
Requested by: Host: www.bankstravel.com
URL: https://www.bankstravel.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 65.51.132.157 Seaford, United States, ASN6128 (CABLE-NET-1, US),
Reverse DNS: 4133849d.cst.lightpath.net
Software: WEB1 / ASP.NET
Resource Hash: 98676dd83f6b40a793e50b170f9baf429ef4e485766aa4ad5ff0b84f312a26b2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankstravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sat, 25 Sep 2021 18:25:26 GMT
Last-Modified: Thu, 14 May 2015 14:29:54 GMT
Server: WEB1
X-Powered-By: ASP.NET
ETag: "d4152d72528ed01:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 4946

GET
H2 200 travel-personality.jpg
cdn2.gttwl.net/travesavers1.gttwl2.com/images/ 15 KB
16 KB 7ms
7ms Image
image/jpeg 89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn2.gttwl.net/travesavers1.gttwl2.com/images/travel-personality.jpg
Requested by: Host: www.bankstravel.com
URL: https://www.bankstravel.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-47.cdn77.com
Software: BunnyCDN-DE1-756 /
Resource Hash: 1b9afa0beadecd1525461df9636d0cae8bc179b14c8b273285100b14bb635889

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankstravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 25 Sep 2021 18:26:08 GMT
cdn-edgestorageid: 756
server: BunnyCDN-DE1-756
cdn-cachedat: 09/16/2021 15:50:16
cdn-pullzone: 134292
content-length: 15597
x-request-id: FqVRppe5ksdz3poLW5lD
cdn-proxyver: 1.0
cdn-requestpullcode: 200
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: 5a0a72eb-b254-4e7d-afa7-e34e4a4b62f4
cache-control: public, max-age=2592000
cdn-requestid: ce0cd20a5682768dd3a82aa0cb68f6f7
accept-ranges: bytes
cdn-requestcountrycode: US
cdn-status: 200
cdn-requestpullsuccess: True

GET
H/1.1

200
OK

serve.js Show response
s3.amazonaws.com/gttwl/js/v1/
Redirect Chain

https://cdn2.gttwl.net/js/v1/serve.js
https://s3.amazonaws.com/gttwl/js/v1/serve.js

4 KB
5 KB

424ms
114ms

Script
application/javascript

52.217.43.158
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/gttwl/js/v1/serve.js
Requested by: Host: www.bankstravel.com
URL: https://www.bankstravel.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.43.158 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: e277cde87f8dce33c8b1b890a0842121d320f66d7d920c18905f670d67bd4c7d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankstravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sat, 25 Sep 2021 18:26:07 GMT
Last-Modified: Sat, 17 Oct 2020 08:39:57 GMT
Server: AmazonS3
x-amz-request-id: 3AX43CZPHJPKM14Z
ETag: "58bf48b066d0129360854a09ff64df9a"
Content-Type: application/javascript
x-amz-version-id: .OedMGiXb.jFZ06ZzO.i0YWEZKHsctEW
Accept-Ranges: bytes
Content-Length: 4278
x-amz-id-2: wYt9zoVBQZpl96y6t5FW3snshh8YTIqsH1lFbTb63tsieQWbRu9jXvxtL6OeLg/b6vz2LQQYbG0=

Redirect headers

date: Sat, 25 Sep 2021 18:26:05 GMT
cdn-edgestorageid: 756
cdn-cachedat: 09/10/2021 14:23:12
cdn-pullzone: 134292
content-length: 68
server: BunnyCDN-DE1-756
cdn-proxyver: 1.0
cdn-requestpullcode: 302
location: https://s3.amazonaws.com/gttwl/js/v1/serve.js
vary: Accept-Encoding
content-type: text/html; charset=utf-8
cdn-cache: HIT
cdn-uid: 5a0a72eb-b254-4e7d-afa7-e34e4a4b62f4
cache-control: public, max-age=2592000
cdn-requestid: 84a7be6bc3bd7cb645ce8607647713ba
cdn-requestcountrycode: US
cdn-status: 302
cdn-requestpullsuccess: True

GET
H/1.1 200
OK travelclub300x250.jpg
tacticals.travelsavers.com/2015/OXP-templates/images/ 53 KB
53 KB 92ms
91ms Image
image/jpeg 65.51.132.157
CABLE-NET-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tacticals.travelsavers.com/2015/OXP-templates/images/travelclub300x250.jpg
Requested by: Host: www.bankstravel.com
URL: https://www.bankstravel.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 65.51.132.157 Seaford, United States, ASN6128 (CABLE-NET-1, US),
Reverse DNS: 4133849d.cst.lightpath.net
Software: WEB1 / ASP.NET
Resource Hash: 40664cb48a6f18d281640feda8d02f60855913de4c2ab47b11aad68cb2e9429e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankstravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sat, 25 Sep 2021 18:25:26 GMT
Last-Modified: Wed, 18 Mar 2015 19:08:27 GMT
Server: WEB1
X-Powered-By: ASP.NET
ETag: "8047e4e9ae61d01:0"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 54071

GET
H2 200 1631285424_original.jpeg
cdn1.gttwl.net/attachments/global/ 16 KB
17 KB 50ms
14ms Image
image/jpeg 89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn1.gttwl.net/attachments/global/1631285424_original.jpeg?w=original&h=&fit=crop&crop=entropy&auto=format,enhance&q=60
Requested by: Host: www.bankstravel.com
URL: https://www.bankstravel.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-47.cdn77.com
Software: BunnyCDN-DE1-756 /
Resource Hash: 47ccc8887de919fdcae5e06aa0b3bea6145d1452673b2eaa85c98ee3ae6a38b0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankstravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 25 Sep 2021 18:26:08 GMT
cdn-edgestorageid: 756
server: BunnyCDN-DE1-756
cdn-cachedat: 09/10/2021 20:13:44
cdn-pullzone: 134292
content-length: 16492
x-request-id: FqOIi_jjCSTxIGcZiVWB
cdn-proxyver: 1.0
cdn-requestpullcode: 200
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: 5a0a72eb-b254-4e7d-afa7-e34e4a4b62f4
cache-control: public, max-age=2592000
cdn-requestid: 98cda0243d0b8af70e4c9d59b225374f
accept-ranges: bytes
cdn-requestcountrycode: US
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 gttwl2.js Show response
www.bankstravel.com/javascripts/ 4 KB
1 KB 163ms
163ms Script
application/x-javascript 51.81.251.175
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bankstravel.com/javascripts/gttwl2.js

Requested by

Host: www.bankstravel.com
URL: https://www.bankstravel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.81.251.175 Hillsboro, United States, ASN16276 (OVH, FR),

Reverse DNS

proxy1.gttwl.net

Software

Caddy nginx/1.12.2 /

Resource Hash

901f5c66d74ebf9e3900248ceea21aaf160d8cc86143e4646fa07839a170ac83

Security Headers

Name	Value
Strict-Transport-Security	max-age=3000;

Request headers

:path: /javascripts/gttwl2.js
pragma: no-cache
cookie: cart=eef1e0f7-5565-49ac-8643-3759bbeeedaa; _gttwl2_session=bFRJWWs4Y1B1b2RpbnV6dEt1aTlBZ0VheHlRZUhCdmNYZ05xdFZhNVRlM3ZnRjcrQURVWEtraDlJZ3hjUlV0WkpGVTNoWE0xOFVLVWhYSlRBaTV0aFAxVnViTVIzS1ZTTWM0a0FBeGxjMlFoL21lbXhicHI0cUx0RFJxSkN5dlBOSm00bG55RU52bmwvR1pMQTE2UVM5SHVDZzhORkxDU0lFbHI2ZkZKWDYyN2Jmb1pYZmN6SjBic3pFTWxkS0JzLS1CSlJaYU9yYmRDMzRzOVd0WUxQNTVRPT0%3D--dd12bcb70121119951912525d708e6878a04a741
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.bankstravel.com
referer: https://www.bankstravel.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankstravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 25 Sep 2021 18:26:06 GMT
content-encoding: gzip
last-modified: Mon, 06 Apr 2020 02:31:21 GMT
server: Caddy nginx/1.12.2
etag: W/"5e8a9479-ece"
strict-transport-security: max-age=3000;
content-type: application/x-javascript
content-length: 1270

GET
H2 200 css
fonts.googleapis.com/ 5 KB
1 KB 37ms
15ms Stylesheet
text/css 142.250.185.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:700,300

Requested by

Host: www.bankstravel.com
URL: https://www.bankstravel.com/custom.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.234 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f10.1e100.net

Software

ESF /

Resource Hash

211725154c4325d4f25ea348dfccfd38925841520410499578d9040a20365431

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankstravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 25 Sep 2021 16:49:22 GMT
server: ESF
date: Sat, 25 Sep 2021 18:26:05 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 25 Sep 2021 18:26:05 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
671 B 38ms
16ms Stylesheet
text/css 142.250.185.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lora:400,400italic

Requested by

Host: www.bankstravel.com
URL: https://www.bankstravel.com/custom.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.234 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f10.1e100.net

Software

ESF /

Resource Hash

2447e15b1f817936c31806e753cd5225b5ae936213349d39be514b1db87058fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankstravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 25 Sep 2021 18:26:05 GMT
server: ESF
date: Sat, 25 Sep 2021 18:26:05 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 25 Sep 2021 18:26:05 GMT

GET
H2 200 hits Show response
www.bankstravel.com/ 4 B
451 B 1134ms
1133ms Script
text/javascript 51.81.251.175
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bankstravel.com/hits?js=1&u=718c59ec-61d2-4f41-bc0b-0cb88aa572fc&r=&q=https%3A%2F%2Fwww.bankstravel.com%2F

Requested by

Host: www.bankstravel.com
URL: https://www.bankstravel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.81.251.175 Hillsboro, United States, ASN16276 (OVH, FR),

Reverse DNS

proxy1.gttwl.net

Software

Caddy nginx/1.12.2 + Phusion Passenger 5.2.1 / Phusion Passenger 5.2.1

Resource Hash

a8883bc180474bec5859cbb00c092eb96d48d2ee0d99416c6c3790d04bd7cb0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=3000;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /hits?js=1&u=718c59ec-61d2-4f41-bc0b-0cb88aa572fc&r=&q=https%3A%2F%2Fwww.bankstravel.com%2F
pragma: no-cache
cookie: cart=eef1e0f7-5565-49ac-8643-3759bbeeedaa; _gttwl2_session=WWFnQjVDdkVLbkRxdDNYSHFnU0E3a2hVOVBzQU1tY1BkMml6Y0g1YU5QSm52aEl3OHdrVUFVNkRCbnZndXNWbTlPREFCV3J4SFQ5QjUySmg1UjhNME9JcWxpdlk2UFFIQmQxNU5Zd1E5L0xISm51L1U5MHZ6b0NZR2t2RnFPNzdnTFdhSTlqNS9kanFHS09PWmFyVlZnNmZ6ZUlDVlNQREoyZjlQWSswd05NMFRyUU5QSG85bzJEK3NvbnhOU0d2LS1WQjFyQjRweFJqTUdsRGdkRHNRenFBPT0%3D--e63db547847343b35e9d8bc2ea38b35cb54e9151; __tat_u=718c59ec-61d2-4f41-bc0b-0cb88aa572fc
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.bankstravel.com
referer: https://www.bankstravel.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankstravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 25 Sep 2021 18:26:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-powered-by: Phusion Passenger 5.2.1
status: 200 OK
content-length: 30
x-xss-protection: 1; mode=block
x-request-id: 4e8e0109-52fc-4549-ad60-b4d262b1f37f
x-ua-compatible: chrome=1
x-runtime: 0.958322
server: Caddy nginx/1.12.2 + Phusion Passenger 5.2.1
etag: W/"fe46eec7bb2dbf27375ebcbf208b19c8"
strict-transport-security: max-age=3000;
content-type: text/javascript; charset=utf-8
cache-control: max-age=0, private, must-revalidate
set-cookie: _gttwl2_session=ZUtPYmVWbmNodFB2UWxsMTc5cHZBcnFrdE9PQjQrckdpYkp5d3pvRXFUWFh6M2xnV01Hd2NXaC9EMEpaa1pIQlFUUk9Wa0F0Vnk5ZWJmTjY0emxOVWtneDQ3SlZzZHI4RGU3NFNJTnhWWDhXYzAyU2xzamU4VlJEODNrNjEwZ0Y1ZmVKdVdLell3ajVVUll4TzZSS0V2VFd0ZkNleTZMN295KysvZVBRSnErc1VmbUxGU3AxQVZrVWdBYVpDMWlMLS1scm9yQ2VhYnRFUVBwUmZRclB1U2RnPT0%3D--4bf3804eca236368cb1917cf2cdc49aba49a1861; path=/; expires=Sun, 26 Sep 2021 18:26:10 -0000; HttpOnly

GET
H2 200 506 Show response
www.bankstravel.com/tm/h/ 4 B
619 B 496ms
496ms Script
text/javascript 51.81.251.175
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bankstravel.com/tm/h/506?js=1&t=718c59ec-61d2-4f41-bc0b-0cb88aa572fc&req=https%3A%2F%2Fwww.bankstravel.com%2F&ref=&kind=&kind_id=

Requested by

Host: www.bankstravel.com
URL: https://www.bankstravel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.81.251.175 Hillsboro, United States, ASN16276 (OVH, FR),

Reverse DNS

proxy1.gttwl.net

Software

Caddy nginx/1.12.2 + Phusion Passenger 5.2.1 / Phusion Passenger 5.2.1

Resource Hash

a8883bc180474bec5859cbb00c092eb96d48d2ee0d99416c6c3790d04bd7cb0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=3000;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /tm/h/506?js=1&t=718c59ec-61d2-4f41-bc0b-0cb88aa572fc&req=https%3A%2F%2Fwww.bankstravel.com%2F&ref=&kind=&kind_id=
pragma: no-cache
cookie: cart=eef1e0f7-5565-49ac-8643-3759bbeeedaa; _gttwl2_session=WWFnQjVDdkVLbkRxdDNYSHFnU0E3a2hVOVBzQU1tY1BkMml6Y0g1YU5QSm52aEl3OHdrVUFVNkRCbnZndXNWbTlPREFCV3J4SFQ5QjUySmg1UjhNME9JcWxpdlk2UFFIQmQxNU5Zd1E5L0xISm51L1U5MHZ6b0NZR2t2RnFPNzdnTFdhSTlqNS9kanFHS09PWmFyVlZnNmZ6ZUlDVlNQREoyZjlQWSswd05NMFRyUU5QSG85bzJEK3NvbnhOU0d2LS1WQjFyQjRweFJqTUdsRGdkRHNRenFBPT0%3D--e63db547847343b35e9d8bc2ea38b35cb54e9151; __tat_u=718c59ec-61d2-4f41-bc0b-0cb88aa572fc
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.bankstravel.com
referer: https://www.bankstravel.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankstravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 25 Sep 2021 18:26:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-powered-by: Phusion Passenger 5.2.1
status: 200 OK
content-length: 30
x-xss-protection: 1; mode=block
x-request-id: cdceaf15-a164-419d-95e3-4005e911be17
x-ua-compatible: chrome=1
x-runtime: 0.027022
server: Caddy nginx/1.12.2 + Phusion Passenger 5.2.1
etag: W/"fe46eec7bb2dbf27375ebcbf208b19c8"
strict-transport-security: max-age=3000;
content-type: text/javascript; charset=utf-8
cache-control: max-age=0, private, must-revalidate
set-cookie: _gttwl2_session=b1dnVEtkeW52dWpkS1BUSzhTVzdSTDdBMnJNd09qT2RUb3lTWWtRMmorTkFWNHl5c3RuOXNyTGhvSUNCbldhczJVNElKQTF6c3pRMHJmaHcxZ01sR010TXVVaDBzemo4R2NzRkxHZ0F5ME04Sk1KQUovdWtmQU5jQ1g5bDQ0UXBWMDN6djVtMTVXNnE5WS93bE1UNW5iTkxEWjIydSs0ZFIwUmxsVVN2bVVJWElhYmlYVHJKZFo4cTUrRlVQY1NTLS1LSHp4ZFA1dStrOThBS3FDdmIrQmlnPT0%3D--174c974ea5a047c2baceea2e6a339012b879ed6c; path=/; expires=Sun, 26 Sep 2021 18:26:09 -0000; HttpOnly

GET
H/1.1 200
OK querypackage.cgi Show response
trs.sax.softvoyage.com/cgi-bin/ Frame 92D3 9 KB
9 KB 888ms
267ms Document
text/html 74.113.72.253
SOFTVOYAGE-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://trs.sax.softvoyage.com/cgi-bin/querypackage.cgi?code_ag=trs&alias=hhq&language=en

Requested by

Host: www.bankstravel.com
URL: https://www.bankstravel.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

74.113.72.253 Montreal, Canada, ASN46861 (SOFTVOYAGE-NET, CA),

Reverse DNS

dweb1001.softvoyage.com

Software

nginx /

Resource Hash

8c7a927f746cbfe5717056f903c28c4c382df228207ffca0a190e7d0eab364f6

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' 'unsafe-dynamic' data: filesystem: about: blob: ws: wss:
Strict-Transport-Security	max-age=300 max-age=60
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: trs.sax.softvoyage.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.bankstravel.com/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankstravel.com/

Response headers

Date: Sat, 25 Sep 2021 18:26:09 GMT
X-Soft-Tracking: tQl4wB7gi9qvxljDoGnx
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html;; charset=iso-8859-1
X-Xss-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src * 'unsafe-eval' 'unsafe-inline' 'unsafe-dynamic' data: filesystem: about: blob: ws: wss:
Server: nginx
Strict-Transport-Security: max-age=300 max-age=60

GET
H/1.1 200
OK background.jpg
tacticals.travelsavers.com/2015/OXP-templates/images/ 219 KB
219 KB 91ms
91ms Image
image/jpeg 65.51.132.157
CABLE-NET-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tacticals.travelsavers.com/2015/OXP-templates/images/background.jpg
Requested by: Host: www.bankstravel.com
URL: https://www.bankstravel.com/custom.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 65.51.132.157 Seaford, United States, ASN6128 (CABLE-NET-1, US),
Reverse DNS: 4133849d.cst.lightpath.net
Software: WEB1 / ASP.NET
Resource Hash: af437a806b585a6ffc10ef011a7409f4a3f058ed29a344b8eebbc9d652bad59a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankstravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sat, 25 Sep 2021 18:25:27 GMT
Last-Modified: Thu, 09 Apr 2015 14:03:33 GMT
Server: WEB1
X-Powered-By: ASP.NET
ETag: "80e8e7f6cd72d01:0"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 224396

GET
H/1.1 200
OK circle-texture.png
tacticals.travelsavers.com/2015/OXP-templates/images/ 1 KB
1 KB 269ms
93ms Image
image/png 65.51.132.157
CABLE-NET-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tacticals.travelsavers.com/2015/OXP-templates/images/circle-texture.png
Requested by: Host: www.bankstravel.com
URL: https://www.bankstravel.com/custom.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 65.51.132.157 Seaford, United States, ASN6128 (CABLE-NET-1, US),
Reverse DNS: 4133849d.cst.lightpath.net
Software: WEB1 / ASP.NET
Resource Hash: 9d8b3f0d222a2d523d9feed28a5a7e8674fb02ab0140eee2de083948e4fbcc17

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankstravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sat, 25 Sep 2021 18:25:27 GMT
Last-Modified: Thu, 09 Apr 2015 17:08:39 GMT
Server: WEB1
X-Powered-By: ASP.NET
ETag: "80599d2e772d01:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 1039

GET
H2 200 1438824345_original.jpeg
cdn4.gttwl.net/attachments/global/ 54 KB
54 KB 48ms
12ms Image
image/jpeg 89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn4.gttwl.net/attachments/global/1438824345_original.jpeg?w=640&h=480&fit=crop&crop=entropy&auto=format,enhance&q=60
Requested by: Host: www.bankstravel.com
URL: https://www.bankstravel.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-47.cdn77.com
Software: BunnyCDN-DE1-756 /
Resource Hash: d396608a03dfe106dd50682f3eb0331ae9a17b61502317aad2bfb25139421664

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankstravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 25 Sep 2021 18:26:09 GMT
cdn-edgestorageid: 756
server: BunnyCDN-DE1-756
cdn-cachedat: 09/25/2021 18:26:46
cdn-pullzone: 134292
content-length: 55345
x-request-id: FqgdaiCbmKvBCqwbASsB
cdn-proxyver: 1.0
cdn-requestpullcode: 200
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: 5a0a72eb-b254-4e7d-afa7-e34e4a4b62f4
cache-control: public, max-age=2592000
cdn-requestid: 23b4cb4b56c2fc699a76fb6e716d155e
accept-ranges: bytes
cdn-requestcountrycode: US
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 1438825699_original.jpeg
cdn1.gttwl.net/attachments/global/ 40 KB
41 KB 11ms
10ms Image
image/jpeg 89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn1.gttwl.net/attachments/global/1438825699_original.jpeg?w=640&h=480&fit=crop&crop=entropy&auto=format,enhance&q=60
Requested by: Host: www.bankstravel.com
URL: https://www.bankstravel.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-47.cdn77.com
Software: BunnyCDN-DE1-756 /
Resource Hash: 85c566c2499176d126c032f4a5438c20213d5c67f9f762b96fca99f1f7fb8ffa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankstravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 25 Sep 2021 18:26:09 GMT
cdn-edgestorageid: 756
server: BunnyCDN-DE1-756
cdn-cachedat: 09/25/2021 18:26:47
cdn-pullzone: 134292
content-length: 41068
x-request-id: FqgdajuqAzASH-MbASvB
cdn-proxyver: 1.0
cdn-requestpullcode: 200
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: 5a0a72eb-b254-4e7d-afa7-e34e4a4b62f4
cache-control: public, max-age=2592000
cdn-requestid: ab38b4bedfa8357944dc288c81d27532
accept-ranges: bytes
cdn-requestcountrycode: US
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 1432316682_original.jpeg
cdn2.gttwl.net/attachments/global/ 42 KB
43 KB 7ms
6ms Image
image/jpeg 89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn2.gttwl.net/attachments/global/1432316682_original.jpeg?w=640&h=480&fit=crop&crop=entropy&auto=format,enhance&q=60
Requested by: Host: www.bankstravel.com
URL: https://www.bankstravel.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-47.cdn77.com
Software: BunnyCDN-DE1-756 /
Resource Hash: 6a1ca3ee92161c1cfb4278a9f312072b95ed0e955cca2ff029ac2355df9e7b9c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankstravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 25 Sep 2021 18:26:09 GMT
cdn-edgestorageid: 756
cdn-cachedat: 2021-09-23 17:20:53
cdn-pullzone: 134292
content-length: 43428
x-request-id: Fqd8qKPtAygID70av7TB
server: BunnyCDN-DE1-756
cdn-requestpullcode: 200
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: 5a0a72eb-b254-4e7d-afa7-e34e4a4b62f4
cache-control: public, max-age=2592000
cdn-requestid: e8549e8bfa31861c37e7aa8f5cf2bec0
accept-ranges: bytes
cdn-requestcountrycode: US
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 1438824808_original.jpeg
cdn1.gttwl.net/attachments/global/ 78 KB
78 KB 14ms
12ms Image
image/jpeg 89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn1.gttwl.net/attachments/global/1438824808_original.jpeg?w=640&h=480&fit=crop&crop=entropy&auto=format,enhance&q=60
Requested by: Host: www.bankstravel.com
URL: https://www.bankstravel.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-47.cdn77.com
Software: BunnyCDN-DE1-756 /
Resource Hash: f303bab3c917e51c91b48e92b74c0edcb1e8dfb4eeb6c6408ad50ef6cf887bac

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankstravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 25 Sep 2021 18:26:09 GMT
cdn-edgestorageid: 756
server: BunnyCDN-DE1-756
cdn-cachedat: 09/25/2021 18:26:46
cdn-pullzone: 134292
content-length: 79709
x-request-id: FqgdahcQmc4yWp4bASrB
cdn-proxyver: 1.0
cdn-requestpullcode: 200
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: 5a0a72eb-b254-4e7d-afa7-e34e4a4b62f4
cache-control: public, max-age=2592000
cdn-requestid: 28363fc6f25e2d0a17d9bb3997d99447
accept-ranges: bytes
cdn-requestcountrycode: US
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 1439484589_original.jpeg
cdn1.gttwl.net/attachments/global/ 23 KB
23 KB 13ms
11ms Image
image/jpeg 89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn1.gttwl.net/attachments/global/1439484589_original.jpeg?w=640&h=480&fit=crop&crop=entropy&auto=format,enhance&q=60
Requested by: Host: www.bankstravel.com
URL: https://www.bankstravel.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-47.cdn77.com
Software: BunnyCDN-DE1-756 /
Resource Hash: cf7abf974ef87b704819dae197a5b994d9d643992f65a4fb20703243029b9958

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankstravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 25 Sep 2021 18:26:09 GMT
cdn-edgestorageid: 756
cdn-cachedat: 2021-09-23 17:20:53
cdn-pullzone: 134292
content-length: 23451
x-request-id: Fqd8qKVcKnlgW0Uav7UB
server: BunnyCDN-DE1-756
cdn-requestpullcode: 200
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: 5a0a72eb-b254-4e7d-afa7-e34e4a4b62f4
cache-control: public, max-age=2592000
cdn-requestid: 3f32466b40f56cc275f8cc5ffc42fcf5
accept-ranges: bytes
cdn-requestcountrycode: US
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 1435244575_original.jpeg
cdn3.gttwl.net/attachments/global/ 29 KB
30 KB 63ms
18ms Image
image/jpeg 89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn3.gttwl.net/attachments/global/1435244575_original.jpeg?w=640&h=480&fit=crop&crop=entropy&auto=format,enhance&q=60
Requested by: Host: www.bankstravel.com
URL: https://www.bankstravel.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-47.cdn77.com
Software: BunnyCDN-DE1-756 /
Resource Hash: 319129015cfa3709c5310440d914f3483cf40fa840c13d2fd3bc6ad466a2af2a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankstravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 25 Sep 2021 18:26:09 GMT
cdn-edgestorageid: 756
server: BunnyCDN-DE1-756
cdn-cachedat: 09/25/2021 18:26:47
cdn-pullzone: 134292
content-length: 30205
x-request-id: FqgdajvXKUawPKsbASwB
cdn-proxyver: 1.0
cdn-requestpullcode: 200
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: 5a0a72eb-b254-4e7d-afa7-e34e4a4b62f4
cache-control: public, max-age=2592000
cdn-requestid: d9f07f6cbf20e25d8caaed4b8eaeca7b
accept-ranges: bytes
cdn-requestcountrycode: US
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 1432319744_original.jpeg
cdn3.gttwl.net/attachments/global/ 40 KB
40 KB 360ms
315ms Image
image/jpeg 89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn3.gttwl.net/attachments/global/1432319744_original.jpeg?w=640&h=480&fit=crop&crop=entropy&auto=format,enhance&q=60
Requested by: Host: www.bankstravel.com
URL: https://www.bankstravel.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-47.cdn77.com
Software: BunnyCDN-DE1-756 /
Resource Hash: dd8b9b9100c00f18d714368de69f30b63b214d89df4ef76f717605ef00d5b06e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankstravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 25 Sep 2021 18:26:09 GMT
cdn-edgestorageid: 756
server: BunnyCDN-DE1-756
cdn-cachedat: 09/25/2021 20:26:09
cdn-pullzone: 134292
content-length: 40661
x-request-id: Fqgj7d1JcKEtRN8HAbzE
cdn-proxyver: 1.0
cdn-requestpullcode: 200
content-type: image/jpeg
cdn-cache: MISS
cdn-uid: 5a0a72eb-b254-4e7d-afa7-e34e4a4b62f4
cache-control: public, max-age=2592000
cdn-requestid: a99f611bf903cf63ffa27a7885cd8c92
accept-ranges: bytes
cdn-requestcountrycode: US
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 1435244075_original.jpeg
cdn2.gttwl.net/attachments/global/ 42 KB
43 KB 9ms
7ms Image
image/jpeg 89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn2.gttwl.net/attachments/global/1435244075_original.jpeg?w=640&h=480&fit=crop&crop=entropy&auto=format,enhance&q=60
Requested by: Host: www.bankstravel.com
URL: https://www.bankstravel.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-47.cdn77.com
Software: BunnyCDN-DE1-756 /
Resource Hash: 784e15165a16aad796e160a9824262803b002979f53e39172ad34be07ea23a48

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankstravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 25 Sep 2021 18:26:09 GMT
cdn-edgestorageid: 756
server: BunnyCDN-DE1-756
cdn-cachedat: 09/25/2021 18:26:47
cdn-pullzone: 134292
content-length: 43350
x-request-id: Fqgdajdy23VBrTobASuB
cdn-proxyver: 1.0
cdn-requestpullcode: 200
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: 5a0a72eb-b254-4e7d-afa7-e34e4a4b62f4
cache-control: public, max-age=2592000
cdn-requestid: 4497f814ca502f7239f76d83a40d98d6
accept-ranges: bytes
cdn-requestcountrycode: US
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 1435251898_original.jpeg
cdn3.gttwl.net/attachments/global/ 45 KB
45 KB 56ms
11ms Image
image/jpeg 89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn3.gttwl.net/attachments/global/1435251898_original.jpeg?w=640&h=480&fit=crop&crop=entropy&auto=format,enhance&q=60
Requested by: Host: www.bankstravel.com
URL: https://www.bankstravel.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-47.cdn77.com
Software: BunnyCDN-DE1-756 /
Resource Hash: 0758836baebc2c0c2dff842d5f9d7bd6d4d0d8c91a2342bf8269dc9fb152a336

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankstravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 25 Sep 2021 18:26:09 GMT
cdn-edgestorageid: 756
cdn-cachedat: 2021-09-23 17:20:53
cdn-pullzone: 134292
content-length: 46101
x-request-id: Fqd8qJnWtiIyZB8G9EaE
server: BunnyCDN-DE1-756
cdn-requestpullcode: 200
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: 5a0a72eb-b254-4e7d-afa7-e34e4a4b62f4
cache-control: public, max-age=2592000
cdn-requestid: 7a9b05fb424d18006c5a795c21949859
accept-ranges: bytes
cdn-requestcountrycode: US
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v26/ 44 KB
44 KB 29ms
6ms Font
font/woff2 142.250.186.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v26/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:700,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f3.1e100.net

Software

sffe /

Resource Hash

538dd4ff6e384a44155168326ac40a6c20a93cd212b1fbf88ae7b0c44f9ab0bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.bankstravel.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 17:03:52 GMT
x-content-type-options: nosniff
age: 177737
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44760
x-xss-protection: 0
last-modified: Thu, 23 Sep 2021 16:50:17 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 23 Sep 2022 17:03:52 GMT

GET
H3 200 glyphicons-halflings-regular.woff2
maxcdn.bootstrapcdn.com/bootstrap/3.3.4/fonts/ 18 KB
18 KB 36ms
23ms Font
font/woff2 104.18.11.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.4/fonts/glyphicons-halflings-regular.woff2

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/bootstrap/3.3.4/css/bootstrap.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/bootstrap/3.3.4/css/bootstrap.min.css
Origin: https://www.bankstravel.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 25 Sep 2021 18:26:09 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
cdn-edgestorageid: 601
access-control-allow-origin: *
cdn-proxyver: 1.0
cdn-cachedat: 08/03/2021 16:09:01
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 18028
timing-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:03:58 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: font/woff2
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 9aa689f40a779addad8e134033d21c6b
accept-ranges: bytes
cf-ray: 69464c9858574eaf-FRA
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 0QI8MX1D_JOuMw_hLdO6T2wV9KnW-MoFoq92nA.woff2
fonts.gstatic.com/s/lora/v17/ 20 KB
21 KB 40ms
18ms Font
font/woff2 142.250.186.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lora/v17/0QI8MX1D_JOuMw_hLdO6T2wV9KnW-MoFoq92nA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lora:400,400italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f3.1e100.net

Software

sffe /

Resource Hash

65767dd1269def67c3a845deaeb9ff7f6d5725a08087022c284447a7a898c1a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.bankstravel.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 15:04:13 GMT
x-content-type-options: nosniff
age: 444116
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20884
x-xss-protection: 0
last-modified: Thu, 28 Jan 2021 22:27:18 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 20 Sep 2022 15:04:13 GMT

GET
H2 200 0QI6MX1D_JOuGQbT0gvTJPa787weuxJBkq0.woff2
fonts.gstatic.com/s/lora/v17/ 19 KB
19 KB 41ms
19ms Font
font/woff2 142.250.186.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lora/v17/0QI6MX1D_JOuGQbT0gvTJPa787weuxJBkq0.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lora:400,400italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f3.1e100.net

Software

sffe /

Resource Hash

4b874445c1c5f287cca4f88a9b939270676c7ad03c9c7209a33a5907ae731fe0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.bankstravel.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 07:14:12 GMT
x-content-type-options: nosniff
age: 472317
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19144
x-xss-protection: 0
last-modified: Thu, 28 Jan 2021 21:52:45 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 20 Sep 2022 07:14:12 GMT

GET
H2 200 fontawesome-webfont.woff2
www.bankstravel.com/assets/font-awesome-4.6.3/fonts/ 70 KB
70 KB 163ms
163ms Font
application/octet-stream 51.81.251.175
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bankstravel.com/assets/font-awesome-4.6.3/fonts/fontawesome-webfont.woff2?v=4.6.3

Requested by

Host: www.bankstravel.com
URL: https://www.bankstravel.com/assets/font-awesome-4.6.3/css/font-awesome.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.81.251.175 Hillsboro, United States, ASN16276 (OVH, FR),

Reverse DNS

proxy1.gttwl.net

Software

Caddy nginx/1.12.2 /

Resource Hash

7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73

Security Headers

Name	Value
Strict-Transport-Security	max-age=3000;

Request headers

sec-fetch-mode: cors
origin: https://www.bankstravel.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: font
cookie: cart=eef1e0f7-5565-49ac-8643-3759bbeeedaa; _gttwl2_session=WWFnQjVDdkVLbkRxdDNYSHFnU0E3a2hVOVBzQU1tY1BkMml6Y0g1YU5QSm52aEl3OHdrVUFVNkRCbnZndXNWbTlPREFCV3J4SFQ5QjUySmg1UjhNME9JcWxpdlk2UFFIQmQxNU5Zd1E5L0xISm51L1U5MHZ6b0NZR2t2RnFPNzdnTFdhSTlqNS9kanFHS09PWmFyVlZnNmZ6ZUlDVlNQREoyZjlQWSswd05NMFRyUU5QSG85bzJEK3NvbnhOU0d2LS1WQjFyQjRweFJqTUdsRGdkRHNRenFBPT0%3D--e63db547847343b35e9d8bc2ea38b35cb54e9151; __tat_u=718c59ec-61d2-4f41-bc0b-0cb88aa572fc
:path: /assets/font-awesome-4.6.3/fonts/fontawesome-webfont.woff2?v=4.6.3
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.bankstravel.com
referer: https://www.bankstravel.com/assets/font-awesome-4.6.3/css/font-awesome.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.bankstravel.com/assets/font-awesome-4.6.3/css/font-awesome.css
Origin: https://www.bankstravel.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 25 Sep 2021 18:26:09 GMT
last-modified: Mon, 06 Apr 2020 02:31:21 GMT
server: Caddy nginx/1.12.2
etag: "5e8a9479-118d8"
strict-transport-security: max-age=3000;
content-type: application/octet-stream
accept-ranges: bytes
content-length: 71896

GET
H2 200 3xd42kddrxv Show response
ads.gttwl.net/serve/v1/ 603 B
708 B 496ms
160ms Script
text/javascript 51.81.245.63
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.gttwl.net/serve/v1/3xd42kddrxv?r=&q=https%3A%2F%2Fwww.bankstravel.com%2F&u=718c59ec-61d2-4f41-bc0b-0cb88aa572fc&tags=&f=j
Requested by: Host: cdn2.gttwl.net
URL: https://cdn2.gttwl.net/js/v1/serve.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 51.81.245.63 Hillsboro, United States, ASN16276 (OVH, FR),
Reverse DNS: ovh1.gttwl.net
Software: Caddy, Cowboy /
Resource Hash: aa3e9f932858a94827da73bb2763df0588f4a4b2d44bb6becb2c1d8f23715d36

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankstravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 25 Sep 2021 18:26:09 GMT
cache-control: max-age=0, private, must-revalidate
server: Caddy, Cowboy
content-length: 603
content-type: text/javascript

GET
H2 200 humanity Show response
www.bankstravel.com/api/ 36 B
479 B 435ms
435ms XHR
text/plain 51.81.251.175
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bankstravel.com/api/humanity

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.2/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.81.251.175 Hillsboro, United States, ASN16276 (OVH, FR),

Reverse DNS

proxy1.gttwl.net

Software

Caddy nginx/1.12.2 + Phusion Passenger 5.2.1 / Phusion Passenger 5.2.1

Resource Hash

7a85ca1bf69fd8ec8b7a0cb2e1f1d2e2ba1ca02777d9ff197151391ddeafb8d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=3000;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
x-requested-with: XMLHttpRequest
sec-fetch-dest: empty
cookie: cart=eef1e0f7-5565-49ac-8643-3759bbeeedaa; _gttwl2_session=WWFnQjVDdkVLbkRxdDNYSHFnU0E3a2hVOVBzQU1tY1BkMml6Y0g1YU5QSm52aEl3OHdrVUFVNkRCbnZndXNWbTlPREFCV3J4SFQ5QjUySmg1UjhNME9JcWxpdlk2UFFIQmQxNU5Zd1E5L0xISm51L1U5MHZ6b0NZR2t2RnFPNzdnTFdhSTlqNS9kanFHS09PWmFyVlZnNmZ6ZUlDVlNQREoyZjlQWSswd05NMFRyUU5QSG85bzJEK3NvbnhOU0d2LS1WQjFyQjRweFJqTUdsRGdkRHNRenFBPT0%3D--e63db547847343b35e9d8bc2ea38b35cb54e9151; __tat_u=718c59ec-61d2-4f41-bc0b-0cb88aa572fc
:path: /api/humanity
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.bankstravel.com
referer: https://www.bankstravel.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: */*
Referer: https://www.bankstravel.com/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-runtime: 0.024217
date: Sat, 25 Sep 2021 18:26:09 GMT
x-content-type-options: nosniff
server: Caddy nginx/1.12.2 + Phusion Passenger 5.2.1
x-powered-by: Phusion Passenger 5.2.1
strict-transport-security: max-age=3000;
content-type: text; charset=utf-8
status: 200 OK
x-xss-protection: 1; mode=block
cache-control: max-age=0, private, must-revalidate
set-cookie: _gttwl2_session=Y0FUZkwzVlZTK1RSRnozWXgwNDFtbCsvVmN4c0pXczBDRUpDbVpRVHVUQUVxejRGNDdpSXFNRnh6QytuNkJQWW54a2p3RDVZTCs0cU95a29qYzhRYlcyUGNkeXdwbGpCVTlLRVZwUDQwSHF3WUI5Ti9SV0VhTWtOL0ROTVo5OGpiNVRlVGZLQ2greXZHSS9ZRjRTRTlsNGVua0txTDdTZzdtYk0yZlludFpSU1Vya24rUWF6S3FWWVRHdGlaSlVKLS1WL3diZWNrNTduVTY1WlErVHhkVUxnPT0%3D--49ce0e9cd0914d6ae30a63f40f64ded9c21135db; path=/; expires=Sun, 26 Sep 2021 18:26:09 -0000; HttpOnly
content-length: 36
etag: "460c0e354056f3fa927e482ec6c0d382"
x-request-id: 1ebdcdc2-a24b-466e-9a95-34c03f965ac5
x-ua-compatible: chrome=1

GET
H3 200 common.js Show response
maps.googleapis.com/maps-api-v3/api/js/46/6/intl/de_ALL/ 83 KB
30 KB 26ms
11ms Script
text/javascript 142.250.186.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/46/6/intl/de_ALL/common.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyBa0KhpPIkUCNdYfyGCyaxM5f5dtMkd0fQ&libraries=places&sensor=true

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f10.1e100.net

Software

sffe /

Resource Hash

65f065d8408432842271dab54c2b2938ddcfe0cd0466139af9e0fcf5f89dd4df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankstravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 18:32:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 258826
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31127
x-xss-protection: 0
last-modified: Mon, 20 Sep 2021 21:29:58 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="maps-api-js"
expires: Thu, 22 Sep 2022 18:32:23 GMT

GET
H3 200 util.js Show response
maps.googleapis.com/maps-api-v3/api/js/46/6/intl/de_ALL/ 294 KB
90 KB 23ms
9ms Script
text/javascript 142.250.186.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/46/6/intl/de_ALL/util.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyBa0KhpPIkUCNdYfyGCyaxM5f5dtMkd0fQ&libraries=places&sensor=true

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f10.1e100.net

Software

sffe /

Resource Hash

54bc11342d941c2dca37e01a11ab4c1b05aa6da56cd221bc77616629330809da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankstravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 18:32:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 258826
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 91919
x-xss-protection: 0
last-modified: Mon, 20 Sep 2021 21:29:58 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="maps-api-js"
expires: Thu, 22 Sep 2022 18:32:23 GMT

GET
H3 200 controls.js Show response
maps.googleapis.com/maps-api-v3/api/js/46/6/intl/de_ALL/ 92 KB
28 KB 27ms
13ms Script
text/javascript 142.250.186.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/46/6/intl/de_ALL/controls.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyBa0KhpPIkUCNdYfyGCyaxM5f5dtMkd0fQ&libraries=places&sensor=true

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f10.1e100.net

Software

sffe /

Resource Hash

ec7773d75faf2a4b7e08ddbd95160fbe1a548b5957ba5a10082a11574252868e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankstravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 18:32:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 258823
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28429
x-xss-protection: 0
last-modified: Mon, 20 Sep 2021 21:29:58 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="maps-api-js"
expires: Thu, 22 Sep 2022 18:32:26 GMT

GET
H3 200 places_impl.js Show response
maps.googleapis.com/maps-api-v3/api/js/46/6/intl/de_ALL/ 51 KB
19 KB 32ms
18ms Script
text/javascript 142.250.186.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/46/6/intl/de_ALL/places_impl.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyBa0KhpPIkUCNdYfyGCyaxM5f5dtMkd0fQ&libraries=places&sensor=true

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f10.1e100.net

Software

sffe /

Resource Hash

b91d93a70be704f330603fa726bbe016261fa70072de2f438608cfdbbf17a541

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankstravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 18:33:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 258748
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19034
x-xss-protection: 0
last-modified: Mon, 20 Sep 2021 21:29:58 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="maps-api-js"
expires: Thu, 22 Sep 2022 18:33:41 GMT

GET
H2 200 powered-by-google-on-white3.png
maps.gstatic.com/mapfiles/api-3/images/ 2 KB
2 KB 62ms
16ms Image
image/png 142.250.181.227
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://maps.gstatic.com/mapfiles/api-3/images/powered-by-google-on-white3.png

Requested by

Host: www.bankstravel.com
URL: https://www.bankstravel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f3.1e100.net

Software

sffe /

Resource Hash

cd80d0dcb2a44bd30c11fcdf13d4c280f336dad9442ee7da79146f2bb77381a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankstravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 25 Sep 2021 18:26:09 GMT
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/geo-tactile
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1616
x-xss-protection: 0
last-modified: Tue, 18 May 2021 19:15:00 GMT
server: sffe
report-to: {"group":"geo-tactile","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/geo-tactile"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="geo-tactile"
expires: Sat, 25 Sep 2021 18:26:09 GMT

GET
H2 200 autocomplete-icons.png
maps.gstatic.com/mapfiles/api-3/images/ 3 KB
4 KB 61ms
16ms Image
image/png 142.250.181.227
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://maps.gstatic.com/mapfiles/api-3/images/autocomplete-icons.png

Requested by

Host: www.bankstravel.com
URL: https://www.bankstravel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f3.1e100.net

Software

sffe /

Resource Hash

db209390b90b70f4b1ef3540cb581e4ec8edbba21980971b68e4aef5c5d352fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankstravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 25 Sep 2021 18:26:09 GMT
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/geo-tactile
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3351
x-xss-protection: 0
last-modified: Tue, 18 May 2021 19:15:00 GMT
server: sffe
report-to: {"group":"geo-tactile","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/geo-tactile"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="geo-tactile"
expires: Sat, 25 Sep 2021 18:26:09 GMT

GET
H/1.1 200
OK 1630606952_original.jpeg
s3.amazonaws.com/gttwl/attachments/global/ 83 KB
83 KB 124ms
123ms Image
image/jpeg 52.217.43.158
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/gttwl/attachments/global/1630606952_original.jpeg
Requested by: Host: www.bankstravel.com
URL: https://www.bankstravel.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.43.158 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 5b31e226d7cef185722497dcde0dd5eff16930c40c89fb99392f49b1fb8916e9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankstravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sat, 25 Sep 2021 18:26:10 GMT
Last-Modified: Thu, 02 Sep 2021 18:20:29 GMT
Server: AmazonS3
x-amz-request-id: NAPJA3H1Z881AF5M
ETag: "a86ee45d030cbc6124686eae3c652f83"
Content-Type: image/jpeg
x-amz-version-id: 3sgeFd4WUF8_t6lrGg6b_6p.wu5e3Gu7
Accept-Ranges: bytes
Content-Length: 84887
x-amz-id-2: ZJdnlCN0xNG1s+RCnre1SqaGUV8ch69YqAJGQerIxFjUeGhw54xpHzSTLW4/fyguqyYZUtPoVLc=

GET
H/1.1 200
OK jquery-ui.css
lib.softvoyage.com/jquery-plugins/ui-1.12/themes/redmond/ Frame 92D3 36 KB
9 KB 603ms
97ms Stylesheet
text/css 74.113.74.98
SOFTVOYAGE-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://lib.softvoyage.com/jquery-plugins/ui-1.12/themes/redmond/jquery-ui.css

Requested by

Host: trs.sax.softvoyage.com
URL: https://trs.sax.softvoyage.com/cgi-bin/querypackage.cgi?code_ag=trs&alias=hhq&language=en

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

74.113.74.98 Montreal, Canada, ASN46861 (SOFTVOYAGE-NET, CA),

Reverse DNS

dweb1026.softvoyage.com

Software

Apache /

Resource Hash

cd48c6b94ca9ed82e69ce5497d66c68e48c2e40c9874d5618b5edd940759cb21

Security Headers

Name	Value
Strict-Transport-Security	max-age=60

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trs.sax.softvoyage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

X-Soft-Tracking: tXLkxNBONjom6WJLbraA
Date: Sat, 25 Sep 2021 18:26:10 GMT
Content-Encoding: gzip
Last-Modified: Mon, 17 Feb 2020 16:26:18 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Strict-Transport-Security: max-age=60
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 8613

GET
H/1.1 200
OK style.css
trs.sax.softvoyage.com/trs/ Frame 92D3 5 KB
2 KB 105ms
105ms Stylesheet
text/css 74.113.72.253
SOFTVOYAGE-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://trs.sax.softvoyage.com/trs/style.css

Requested by

Host: trs.sax.softvoyage.com
URL: https://trs.sax.softvoyage.com/cgi-bin/querypackage.cgi?code_ag=trs&alias=hhq&language=en

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

74.113.72.253 Montreal, Canada, ASN46861 (SOFTVOYAGE-NET, CA),

Reverse DNS

dweb1001.softvoyage.com

Software

nginx /

Resource Hash

49b0d693abfb473f1a5d99f9b8b02faf612b117a57f938f9c33f20c6ef461de3

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' 'unsafe-dynamic' data: filesystem: about: blob: ws: wss:
Strict-Transport-Security	max-age=300, max-age=60
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trs.sax.softvoyage.com/cgi-bin/querypackage.cgi?code_ag=trs&alias=hhq&language=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sat, 25 Sep 2021 18:26:10 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
ntCoent-Length: 4936
Connection: Keep-Alive
X-Soft-Tracking: tRTPmqaG3ymr69f8J7kl
Content-Length: 1420
X-Xss-Protection: 1; mode=block
Last-Modified: Wed, 23 Sep 2015 14:22:09 GMT
Server: nginx
Strict-Transport-Security: max-age=300, max-age=60
Content-Type: text/css
Cache-Control: private
Content-Security-Policy: default-src * 'unsafe-eval' 'unsafe-inline' 'unsafe-dynamic' data: filesystem: about: blob: ws: wss:
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100

GET
H/1.1 200
OK softvoyage.css
trs.sax.softvoyage.com/trs/ Frame 92D3 8 KB
2 KB 210ms
103ms Stylesheet
text/css 74.113.72.253
SOFTVOYAGE-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://trs.sax.softvoyage.com/trs/softvoyage.css

Requested by

Host: trs.sax.softvoyage.com
URL: https://trs.sax.softvoyage.com/cgi-bin/querypackage.cgi?code_ag=trs&alias=hhq&language=en

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

74.113.72.253 Montreal, Canada, ASN46861 (SOFTVOYAGE-NET, CA),

Reverse DNS

dweb1001.softvoyage.com

Software

nginx /

Resource Hash

b7660d285be60e2222c72c63a148e66dbd6abe2f4ce418525946c1cfae5e58ed

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' 'unsafe-dynamic' data: filesystem: about: blob: ws: wss:
Strict-Transport-Security	max-age=300, max-age=60
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trs.sax.softvoyage.com/cgi-bin/querypackage.cgi?code_ag=trs&alias=hhq&language=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sat, 25 Sep 2021 18:26:10 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
ntCoent-Length: 8260
Connection: Keep-Alive
X-Soft-Tracking: tVatkVyyNpbpXOTLbDHd
Content-Length: 1793
X-Xss-Protection: 1; mode=block
Last-Modified: Wed, 23 Sep 2015 14:22:09 GMT
Server: nginx
Strict-Transport-Security: max-age=300, max-age=60
Content-Type: text/css
Cache-Control: private
Content-Security-Policy: default-src * 'unsafe-eval' 'unsafe-inline' 'unsafe-dynamic' data: filesystem: about: blob: ws: wss:
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100

GET
H/1.1 200
OK jquery.lightbox-0.5.css
trs.sax.softvoyage.com/trs/ Frame 92D3 2 KB
2 KB 314ms
103ms Stylesheet
text/css 74.113.72.253
SOFTVOYAGE-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://trs.sax.softvoyage.com/trs/jquery.lightbox-0.5.css

Requested by

Host: trs.sax.softvoyage.com
URL: https://trs.sax.softvoyage.com/cgi-bin/querypackage.cgi?code_ag=trs&alias=hhq&language=en

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

74.113.72.253 Montreal, Canada, ASN46861 (SOFTVOYAGE-NET, CA),

Reverse DNS

dweb1001.softvoyage.com

Software

nginx /

Resource Hash

379f79ac54c58320fe2333fa74a98da149efdc037d1e35c4f1c9935ba743ee41

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' 'unsafe-dynamic' data: filesystem: about: blob: ws: wss:
Strict-Transport-Security	max-age=300, max-age=60
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trs.sax.softvoyage.com/cgi-bin/querypackage.cgi?code_ag=trs&alias=hhq&language=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sat, 25 Sep 2021 18:26:10 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
ntCoent-Length: 2276
Connection: Keep-Alive
X-Soft-Tracking: tKtMCFlhB5A6PBSXtf0u
Content-Length: 917
X-Xss-Protection: 1; mode=block
Last-Modified: Wed, 23 Sep 2015 14:22:09 GMT
Server: nginx
Strict-Transport-Security: max-age=300, max-age=60
Content-Type: text/css
Cache-Control: private
Content-Security-Policy: default-src * 'unsafe-eval' 'unsafe-inline' 'unsafe-dynamic' data: filesystem: about: blob: ws: wss:
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100

GET
H/1.1 200
OK jquery-3.5.1.min.js Show response
lib.softvoyage.com/jquery-3.5.1/ Frame 92D3 87 KB
31 KB 606ms
101ms Script
application/javascript 74.113.74.98
SOFTVOYAGE-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://lib.softvoyage.com/jquery-3.5.1/jquery-3.5.1.min.js

Requested by

Host: trs.sax.softvoyage.com
URL: https://trs.sax.softvoyage.com/cgi-bin/querypackage.cgi?code_ag=trs&alias=hhq&language=en

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

74.113.74.98 Montreal, Canada, ASN46861 (SOFTVOYAGE-NET, CA),

Reverse DNS

dweb1026.softvoyage.com

Software

Apache /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=60

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trs.sax.softvoyage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

X-Soft-Tracking: tLfKk0zWwHEz1ghZIAzM
Date: Sat, 25 Sep 2021 18:26:10 GMT
Content-Encoding: gzip
Last-Modified: Fri, 03 Jul 2020 18:16:58 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Strict-Transport-Security: max-age=60
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 30910

GET
H/1.1 200
OK jquery-ui.min.js Show response
lib.softvoyage.com/jquery-plugins/ui-1.12/ Frame 92D3 248 KB
67 KB 623ms
109ms Script
application/javascript 74.113.74.98
SOFTVOYAGE-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://lib.softvoyage.com/jquery-plugins/ui-1.12/jquery-ui.min.js

Requested by

Host: trs.sax.softvoyage.com
URL: https://trs.sax.softvoyage.com/cgi-bin/querypackage.cgi?code_ag=trs&alias=hhq&language=en

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

74.113.74.98 Montreal, Canada, ASN46861 (SOFTVOYAGE-NET, CA),

Reverse DNS

dweb1026.softvoyage.com

Software

Apache /

Resource Hash

28ce75d953678c4942df47a11707a15e3c756021cf89090e3e6aa7ad6b6971c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=60

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trs.sax.softvoyage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

X-Soft-Tracking: tXLkxNBONjom6WJLbraA
Date: Sat, 25 Sep 2021 18:26:10 GMT
Content-Encoding: gzip
Last-Modified: Fri, 10 May 2019 14:54:52 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=60
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100

GET
H/1.1 200
OK jquery.history.js Show response
lib.softvoyage.com/jquery/ Frame 92D3 5 KB
2 KB 629ms
104ms Script
application/javascript 74.113.74.98
SOFTVOYAGE-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://lib.softvoyage.com/jquery/jquery.history.js

Requested by

Host: trs.sax.softvoyage.com
URL: https://trs.sax.softvoyage.com/cgi-bin/querypackage.cgi?code_ag=trs&alias=hhq&language=en

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

74.113.74.98 Montreal, Canada, ASN46861 (SOFTVOYAGE-NET, CA),

Reverse DNS

dweb1026.softvoyage.com

Software

Apache /

Resource Hash

4d910c92df636c3858f45db41822da153c696c6acefe7b5f4a01529257299bb4

Security Headers

Name	Value
Strict-Transport-Security	max-age=60

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trs.sax.softvoyage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

X-Soft-Tracking: tLfKk0zWwHEz1ghZIAzM
Date: Sat, 25 Sep 2021 18:26:10 GMT
Content-Encoding: gzip
Last-Modified: Mon, 09 Mar 2020 14:57:55 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Strict-Transport-Security: max-age=60
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 1587

GET
H/1.1 200
OK jquery.lightbox.min.js Show response
lib.softvoyage.com/jquery/ Frame 92D3 10 KB
3 KB 631ms
104ms Script
application/javascript 74.113.74.98
SOFTVOYAGE-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://lib.softvoyage.com/jquery/jquery.lightbox.min.js

Requested by

Host: trs.sax.softvoyage.com
URL: https://trs.sax.softvoyage.com/cgi-bin/querypackage.cgi?code_ag=trs&alias=hhq&language=en

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

74.113.74.98 Montreal, Canada, ASN46861 (SOFTVOYAGE-NET, CA),

Reverse DNS

dweb1026.softvoyage.com

Software

Apache /

Resource Hash

46e59077e504d436122ee5a67bbdf55467d1fbe748d0b35ea44b9ac420412ca4

Security Headers

Name	Value
Strict-Transport-Security	max-age=60

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trs.sax.softvoyage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

X-Soft-Tracking: tLfKk0zWwHEz1ghZIAzM
Date: Sat, 25 Sep 2021 18:26:10 GMT
Content-Encoding: gzip
Last-Modified: Thu, 12 Jul 2018 16:00:34 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Strict-Transport-Security: max-age=60
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 2620

GET
H/1.1 200
OK common.js Show response
lib.softvoyage.com/ Frame 92D3 33 KB
9 KB 639ms
107ms Script
application/javascript 74.113.74.98
SOFTVOYAGE-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://lib.softvoyage.com/common.js

Requested by

Host: trs.sax.softvoyage.com
URL: https://trs.sax.softvoyage.com/cgi-bin/querypackage.cgi?code_ag=trs&alias=hhq&language=en

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

74.113.74.98 Montreal, Canada, ASN46861 (SOFTVOYAGE-NET, CA),

Reverse DNS

dweb1026.softvoyage.com

Software

Apache /

Resource Hash

3f45fb42b222a93051a275feb4983189e6a866de2c6f1011299b7822c8d746c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=60

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trs.sax.softvoyage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

X-Soft-Tracking: tXLkxNBONjom6WJLbraA
Date: Sat, 25 Sep 2021 18:26:10 GMT
Content-Encoding: gzip
Last-Modified: Fri, 01 May 2020 19:54:11 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Strict-Transport-Security: max-age=60
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 8709

GET
H/1.1 200
OK svstyles.css
trs.sax.softvoyage.com/trs/ Frame 92D3 5 KB
2 KB 399ms
101ms Stylesheet
text/css 74.113.72.253
SOFTVOYAGE-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://trs.sax.softvoyage.com/trs/svstyles.css

Requested by

Host: trs.sax.softvoyage.com
URL: https://trs.sax.softvoyage.com/cgi-bin/querypackage.cgi?code_ag=trs&alias=hhq&language=en

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

74.113.72.253 Montreal, Canada, ASN46861 (SOFTVOYAGE-NET, CA),

Reverse DNS

dweb1001.softvoyage.com

Software

nginx /

Resource Hash

9d6d4f518c2303c9c0629ed0caf96d3597c66f92f6970bcb92b3812da6a89bf4

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' 'unsafe-dynamic' data: filesystem: about: blob: ws: wss:
Strict-Transport-Security	max-age=300, max-age=60
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trs.sax.softvoyage.com/cgi-bin/querypackage.cgi?code_ag=trs&alias=hhq&language=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sat, 25 Sep 2021 18:26:10 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
ntCoent-Length: 4920
Connection: Keep-Alive
X-Soft-Tracking: tmCFsrhlpKApfus0ezLS
Content-Length: 1158
X-Xss-Protection: 1; mode=block
Last-Modified: Wed, 23 Sep 2015 14:22:09 GMT
Server: nginx
Strict-Transport-Security: max-age=300, max-age=60
Content-Type: text/css
Cache-Control: private
Content-Security-Policy: default-src * 'unsafe-eval' 'unsafe-inline' 'unsafe-dynamic' data: filesystem: about: blob: ws: wss:
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100

GET
H/1.1 200
OK InitGateDestHotelDropsParPays.cgi Show response
lib.softvoyage.com/cgi-bin/ Frame 92D3 23 KB
7 KB 736ms
133ms Script
text/javascript 74.113.74.98
SOFTVOYAGE-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://lib.softvoyage.com/cgi-bin/InitGateDestHotelDropsParPays.cgi?code_ag=trs&alias=hhq&tour_to_display=&language=en

Requested by

Host: trs.sax.softvoyage.com
URL: https://trs.sax.softvoyage.com/cgi-bin/querypackage.cgi?code_ag=trs&alias=hhq&language=en

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

74.113.74.98 Montreal, Canada, ASN46861 (SOFTVOYAGE-NET, CA),

Reverse DNS

dweb1026.softvoyage.com

Software

Apache /

Resource Hash

621facf782b19f2d29990950259e1af0862588e4f5bf4144876840452d380550

Security Headers

Name	Value
Strict-Transport-Security	max-age=60

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trs.sax.softvoyage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sat, 25 Sep 2021 18:26:10 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: Keep-Alive
Strict-Transport-Security: max-age=60
X-Soft-Tracking: tLfKk0zWwHEz1ghZIAzM
Keep-Alive: timeout=5, max=99
Content-Length: 6396

GET
H/1.1 200
OK search-english.png
trs.sax.softvoyage.com/trs/images/ Frame 92D3 5 KB
6 KB 98ms
98ms Image
image/png 74.113.72.253
SOFTVOYAGE-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://trs.sax.softvoyage.com/trs/images/search-english.png

Requested by

Host: trs.sax.softvoyage.com
URL: https://trs.sax.softvoyage.com/cgi-bin/querypackage.cgi?code_ag=trs&alias=hhq&language=en

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

74.113.72.253 Montreal, Canada, ASN46861 (SOFTVOYAGE-NET, CA),

Reverse DNS

dweb1001.softvoyage.com

Software

nginx /

Resource Hash

522d69aa5736407315887cf10e95f2a28c544ca15950214b7ebbbc9054e48948

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' 'unsafe-dynamic' data: filesystem: about: blob: ws: wss:
Strict-Transport-Security	max-age=300, max-age=60
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trs.sax.softvoyage.com/cgi-bin/querypackage.cgi?code_ag=trs&alias=hhq&language=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

X-Soft-Tracking: tmO2rISdUp4BIbzz5Tip
Date: Sat, 25 Sep 2021 18:26:11 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 23 Sep 2015 14:22:09 GMT
Server: nginx
Strict-Transport-Security: max-age=300, max-age=60
Content-Type: image/png
Content-Security-Policy: default-src * 'unsafe-eval' 'unsafe-inline' 'unsafe-dynamic' data: filesystem: about: blob: ws: wss:
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 5561
X-Xss-Protection: 1; mode=block

GET
H/1.1 200
OK ajax.cgi Show response
trs.sax.softvoyage.com/cgi-bin/ Frame 92D3 1 KB
2 KB 144ms
144ms Fetch
text/plain 74.113.72.253
SOFTVOYAGE-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://trs.sax.softvoyage.com/cgi-bin/ajax.cgi?action=getPackagesGateways&code_ag=TRS&alias=HHQ&tour_to_display=&language=en&source=

Requested by

Host: lib.softvoyage.com
URL: https://lib.softvoyage.com/cgi-bin/InitGateDestHotelDropsParPays.cgi?code_ag=trs&alias=hhq&tour_to_display=&language=en

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

74.113.72.253 Montreal, Canada, ASN46861 (SOFTVOYAGE-NET, CA),

Reverse DNS

dweb1001.softvoyage.com

Software

nginx /

Resource Hash

161623596e0b98f21273961e457646448093fc2dfd98d9c9fbe491fa1fddeb3d

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' 'unsafe-dynamic' data: filesystem: about: blob: ws: wss:
Strict-Transport-Security	max-age=300, max-age=60
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trs.sax.softvoyage.com/cgi-bin/querypackage.cgi?code_ag=trs&alias=hhq&language=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sat, 25 Sep 2021 18:26:11 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=300, max-age=60
Content-Type: text/plain; charset=iso8859-1
Transfer-Encoding: chunked
Content-Security-Policy: default-src * 'unsafe-eval' 'unsafe-inline' 'unsafe-dynamic' data: filesystem: about: blob: ws: wss:
Connection: Keep-Alive
X-Soft-Tracking: toSNZBZza4stuIP6DWbh
Keep-Alive: timeout=5, max=100
X-Xss-Protection: 1; mode=block

GET
H/1.1 200
OK calendrier.gif
trs.sax.softvoyage.com/trs/images/ Frame 92D3 175 B
727 B 103ms
103ms Image
image/gif 74.113.72.253
SOFTVOYAGE-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://trs.sax.softvoyage.com/trs/images/calendrier.gif

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

74.113.72.253 Montreal, Canada, ASN46861 (SOFTVOYAGE-NET, CA),

Reverse DNS

dweb1001.softvoyage.com

Software

nginx /

Resource Hash

0400fb7192e2ed534fcd2167df75122b1ed125dd4a98a71aca1281ab5a0d0d22

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' 'unsafe-dynamic' data: filesystem: about: blob: ws: wss:
Strict-Transport-Security	max-age=300, max-age=60
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trs.sax.softvoyage.com/cgi-bin/querypackage.cgi?code_ag=trs&alias=hhq&language=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

X-Soft-Tracking: t23rYpvlKCI8xE5KFkFC
Date: Sat, 25 Sep 2021 18:26:11 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 23 Sep 2015 14:22:09 GMT
Server: nginx
Strict-Transport-Security: max-age=300, max-age=60
Content-Type: image/gif
Content-Security-Policy: default-src * 'unsafe-eval' 'unsafe-inline' 'unsafe-dynamic' data: filesystem: about: blob: ws: wss:
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 175
X-Xss-Protection: 1; mode=block

GET
H/1.1 200
OK ajax.cgi Show response
trs.sax.softvoyage.com/cgi-bin/ Frame 92D3 2 KB
2 KB 172ms
171ms Fetch
text/plain 74.113.72.253
SOFTVOYAGE-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://trs.sax.softvoyage.com/cgi-bin/ajax.cgi?action=getPackagesDestinations&code_ag=TRS&alias=HHQ&tour_to_display=&language=en&gateway_dep=YLW&source=

Requested by

Host: lib.softvoyage.com
URL: https://lib.softvoyage.com/cgi-bin/InitGateDestHotelDropsParPays.cgi?code_ag=trs&alias=hhq&tour_to_display=&language=en

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

74.113.72.253 Montreal, Canada, ASN46861 (SOFTVOYAGE-NET, CA),

Reverse DNS

dweb1001.softvoyage.com

Software

nginx /

Resource Hash

c470f81432d825f756070be066af38ed04c2c621f688c4e1a256cf0a57a36058

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' 'unsafe-dynamic' data: filesystem: about: blob: ws: wss:
Strict-Transport-Security	max-age=300, max-age=60
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trs.sax.softvoyage.com/cgi-bin/querypackage.cgi?code_ag=trs&alias=hhq&language=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sat, 25 Sep 2021 18:26:11 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=300, max-age=60
Content-Type: text/plain; charset=iso8859-1
Transfer-Encoding: chunked
Content-Security-Policy: default-src * 'unsafe-eval' 'unsafe-inline' 'unsafe-dynamic' data: filesystem: about: blob: ws: wss:
Connection: Keep-Alive
X-Soft-Tracking: t9P7LoJH0RgKg7D6t3g9
Keep-Alive: timeout=5, max=100
X-Xss-Protection: 1; mode=block

GET
H/1.1 200
OK ajax.cgi Show response
trs.sax.softvoyage.com/cgi-bin/ Frame 92D3 3 KB
3 KB 167ms
167ms Fetch
text/plain 74.113.72.253
SOFTVOYAGE-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://trs.sax.softvoyage.com/cgi-bin/ajax.cgi?action=getPackagesHotels&code_ag=TRS&alias=HHQ&tour_to_display=&language=en&gateway_dep=YLW&dest_dep=2_7_9_15_24_44_47_71_77_79_81_84_85_156_179_2488_3006_3358_2740145_2741642_2741952_2742791_2744551_3049111

Requested by

Host: lib.softvoyage.com
URL: https://lib.softvoyage.com/cgi-bin/InitGateDestHotelDropsParPays.cgi?code_ag=trs&alias=hhq&tour_to_display=&language=en

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

74.113.72.253 Montreal, Canada, ASN46861 (SOFTVOYAGE-NET, CA),

Reverse DNS

dweb1001.softvoyage.com

Software

nginx /

Resource Hash

9def9c7defd2f13b95e62f2336bcd0bedbbeb6cc1ef79a116d6a320c6d80f95f

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' 'unsafe-dynamic' data: filesystem: about: blob: ws: wss:
Strict-Transport-Security	max-age=300, max-age=60
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trs.sax.softvoyage.com/cgi-bin/querypackage.cgi?code_ag=trs&alias=hhq&language=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sat, 25 Sep 2021 18:26:11 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=300, max-age=60
Content-Type: text/plain; charset=iso8859-1
Transfer-Encoding: chunked
Content-Security-Policy: default-src * 'unsafe-eval' 'unsafe-inline' 'unsafe-dynamic' data: filesystem: about: blob: ws: wss:
Connection: Keep-Alive
X-Soft-Tracking: tu7hBGtxMepxMlHgGCPe
Keep-Alive: timeout=5, max=100
X-Xss-Protection: 1; mode=block

GET
H3 200 AuthenticationService.Authenticate Show response
maps.googleapis.com/maps/api/js/ 62 B
84 B 76ms
76ms Script
text/javascript 142.250.186.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js/AuthenticationService.Authenticate?1shttps%3A%2F%2Fwww.bankstravel.com%2F&4sAIzaSyBa0KhpPIkUCNdYfyGCyaxM5f5dtMkd0fQ&callback=_xdc_._cgm7a1&key=AIzaSyBa0KhpPIkUCNdYfyGCyaxM5f5dtMkd0fQ&token=58784

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/46/6/intl/de_ALL/common.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f10.1e100.net

Software

mafe /

Resource Hash

f59978d41596972e5bce7a4b13d25f06a8f46ad7eb95118e82686f9db67c6b1d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankstravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 25 Sep 2021 18:26:14 GMT
content-encoding: gzip
server: mafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment
server-timing: gfet4t7; dur=61
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 63
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.bankstravel.com
URL: https://www.bankstravel.com/

Verdicts & Comments Add Verdict or Comment

36 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.bankstravel.com/	1970-01-27 04:49:06	Name: cart Value: eef1e0f7-5565-49ac-8643-3759bbeeedaa
www.bankstravel.com/	1970-01-20 14:46:42	Name: __tat_u Value: 718c59ec-61d2-4f41-bc0b-0cb88aa572fc
www.bankstravel.com/	1970-01-19 21:31:20	Name: _gttwl2_session Value: ZUtPYmVWbmNodFB2UWxsMTc5cHZBcnFrdE9PQjQrckdpYkp5d3pvRXFUWFh6M2xnV01Hd2NXaC9EMEpaa1pIQlFUUk9Wa0F0Vnk5ZWJmTjY0emxOVWtneDQ3SlZzZHI4RGU3NFNJTnhWWDhXYzAyU2xzamU4VlJEODNrNjEwZ0Y1ZmVKdVdLell3ajVVUll4TzZSS0V2VFd0ZkNleTZMN295KysvZVBRSnErc1VmbUxGU3AxQVZrVWdBYVpDMWlMLS1scm9yQ2VhYnRFUVBwUmZRclB1U2RnPT0%3D--4bf3804eca236368cb1917cf2cdc49aba49a1861

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://www.bankstravel.com/ Message: Refused to apply style from 'https://www.bankstravel.com/' because its MIME type ('text/html') is not a supported stylesheet MIME type, and strict MIME checking is enabled.
security	error	URL: https://trs.sax.softvoyage.com/cgi-bin/querypackage.cgi?code_ag=trs&alias=hhq&language=en Message: The source list for the Content Security Policy directive 'default-src' contains an invalid source: ''unsafe-dynamic''. It will be ignored.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=3000;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.gttwl.net
ajax.googleapis.com
cdn1.gttwl.net
cdn2.gttwl.net
cdn3.gttwl.net
cdn4.gttwl.net
fonts.googleapis.com
fonts.gstatic.com
lib.softvoyage.com
maps.googleapis.com
maps.gstatic.com
maxcdn.bootstrapcdn.com
s3.amazonaws.com
tacticals.travelsavers.com
trs.sax.softvoyage.com
www.bankstravel.com
www.bankstravel.com
104.18.11.207
142.250.181.227
142.250.185.234
142.250.186.138
142.250.186.67
142.250.186.74
51.81.245.63
51.81.251.175
52.217.43.158
65.51.132.157
74.113.72.253
74.113.74.98
89.187.169.47
034a2609835e9fa9655a704341a329bf61c9aaa05aaa45e558aa2c8a25b5d506
0400fb7192e2ed534fcd2167df75122b1ed125dd4a98a71aca1281ab5a0d0d22
0758836baebc2c0c2dff842d5f9d7bd6d4d0d8c91a2342bf8269dc9fb152a336
089290b14f4f1be951882d20c2c3ccb850fa0eff890f837c72f3b9c0516a1aca
14be62a7751ca8b65585c8a0c68ba204cf10a088c3286d68832d42acda053e37
161623596e0b98f21273961e457646448093fc2dfd98d9c9fbe491fa1fddeb3d
1b9afa0beadecd1525461df9636d0cae8bc179b14c8b273285100b14bb635889
1e85b0e6bc938c0f185d88b3cc579ec9d6969c425aca51a55524a069f859bdc0
211725154c4325d4f25ea348dfccfd38925841520410499578d9040a20365431
2447e15b1f817936c31806e753cd5225b5ae936213349d39be514b1db87058fc
28ce75d953678c4942df47a11707a15e3c756021cf89090e3e6aa7ad6b6971c3
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0
319129015cfa3709c5310440d914f3483cf40fa840c13d2fd3bc6ad466a2af2a
379f79ac54c58320fe2333fa74a98da149efdc037d1e35c4f1c9935ba743ee41
3f45fb42b222a93051a275feb4983189e6a866de2c6f1011299b7822c8d746c7
40664cb48a6f18d281640feda8d02f60855913de4c2ab47b11aad68cb2e9429e
46e59077e504d436122ee5a67bbdf55467d1fbe748d0b35ea44b9ac420412ca4
471ef98f60b7dff25442551f92d52020cd7ddac9bc512a80493a6d0a7de0d003
47ccc8887de919fdcae5e06aa0b3bea6145d1452673b2eaa85c98ee3ae6a38b0
49b0d693abfb473f1a5d99f9b8b02faf612b117a57f938f9c33f20c6ef461de3
4b874445c1c5f287cca4f88a9b939270676c7ad03c9c7209a33a5907ae731fe0
4d910c92df636c3858f45db41822da153c696c6acefe7b5f4a01529257299bb4
522d69aa5736407315887cf10e95f2a28c544ca15950214b7ebbbc9054e48948
538dd4ff6e384a44155168326ac40a6c20a93cd212b1fbf88ae7b0c44f9ab0bd
54bc11342d941c2dca37e01a11ab4c1b05aa6da56cd221bc77616629330809da
5b31e226d7cef185722497dcde0dd5eff16930c40c89fb99392f49b1fb8916e9
621facf782b19f2d29990950259e1af0862588e4f5bf4144876840452d380550
65767dd1269def67c3a845deaeb9ff7f6d5725a08087022c284447a7a898c1a9
65f065d8408432842271dab54c2b2938ddcfe0cd0466139af9e0fcf5f89dd4df
6a1ca3ee92161c1cfb4278a9f312072b95ed0e955cca2ff029ac2355df9e7b9c
784e15165a16aad796e160a9824262803b002979f53e39172ad34be07ea23a48
7a85ca1bf69fd8ec8b7a0cb2e1f1d2e2ba1ca02777d9ff197151391ddeafb8d9
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
85c566c2499176d126c032f4a5438c20213d5c67f9f762b96fca99f1f7fb8ffa
8c7a927f746cbfe5717056f903c28c4c382df228207ffca0a190e7d0eab364f6
8cd9524a128d7e90e1a6cab6df16e291c53fdc3dc28e9c2a854b64b81d1aab4c
901f5c66d74ebf9e3900248ceea21aaf160d8cc86143e4646fa07839a170ac83
96d249ad0da87f164824b47ebe53b0d29ba15282d69e6726ba19da9fcc762e02
98676dd83f6b40a793e50b170f9baf429ef4e485766aa4ad5ff0b84f312a26b2
9d6d4f518c2303c9c0629ed0caf96d3597c66f92f6970bcb92b3812da6a89bf4
9d8b3f0d222a2d523d9feed28a5a7e8674fb02ab0140eee2de083948e4fbcc17
9def9c7defd2f13b95e62f2336bcd0bedbbeb6cc1ef79a116d6a320c6d80f95f
a8883bc180474bec5859cbb00c092eb96d48d2ee0d99416c6c3790d04bd7cb0d
aa3e9f932858a94827da73bb2763df0588f4a4b2d44bb6becb2c1d8f23715d36
ad138946d3facb1796d46ef6cf7be97d55b1e39b545b2871b8126493fa6664b8
af437a806b585a6ffc10ef011a7409f4a3f058ed29a344b8eebbc9d652bad59a
b7660d285be60e2222c72c63a148e66dbd6abe2f4ce418525946c1cfae5e58ed
b89b3290e8bb457f397cf5e171af34dcf23ee3ca32169d2d9af684d5a32b6dc8
b91d93a70be704f330603fa726bbe016261fa70072de2f438608cfdbbf17a541
b977f453450222a069d89dd2e776f6f21f9fa42f6e15c03c7fe6ff34d9a2c159
bae7104235860f48618ef729d0cdeb9f6099afe6a79a79f1e429da725ba11dcb
bc390f86b2a469c147c55da9918bf5d4b6608c1739f5336d9707ad3cbabb2560
c2c48c9b9f0bf787af254555ab64801fb9dbbac6e0c3071d7b4b34ebd52ccd08
c470f81432d825f756070be066af38ed04c2c621f688c4e1a256cf0a57a36058
cd48c6b94ca9ed82e69ce5497d66c68e48c2e40c9874d5618b5edd940759cb21
cd80d0dcb2a44bd30c11fcdf13d4c280f336dad9442ee7da79146f2bb77381a4
cf7abf974ef87b704819dae197a5b994d9d643992f65a4fb20703243029b9958
d396608a03dfe106dd50682f3eb0331ae9a17b61502317aad2bfb25139421664
d5fd173d00d9733900834e0e1083de86b532e048b15c0420ba5c2db0623644b8
db209390b90b70f4b1ef3540cb581e4ec8edbba21980971b68e4aef5c5d352fb
dd8b9b9100c00f18d714368de69f30b63b214d89df4ef76f717605ef00d5b06e
e277cde87f8dce33c8b1b890a0842121d320f66d7d920c18905f670d67bd4c7d
e567cd5ba588740a217afdaf218ddf1b13cdf0064ce455c78a9157523fdc1c3e
ec7773d75faf2a4b7e08ddbd95160fbe1a548b5957ba5a10082a11574252868e
f04b517ba5d6a0510485689a3e42dac000f51640fd71b986804cba178eae42a5
f303bab3c917e51c91b48e92b74c0edcb1e8dfb4eeb6c6408ad50ef6cf887bac
f59978d41596972e5bce7a4b13d25f06a8f46ad7eb95118e82686f9db67c6b1d
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c
fe404eac5811b85401d5cb44759bb04fe3d57d2383e48571e19a7c3db223c811

www.bankstravel.com Open in urlscan Pro 51.81.251.175 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

72 Requests

99 %HTTPS

0 %IPv6

8 Domains

16 Subdomains

14 IPs

4 Countries

2326 kBTransfer

3278 kBSize

3 Cookies

7 Outgoing links

Redirected requests

72 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.bankstravel.com Open in urlscan Pro
51.81.251.175 Public Scan

Screenshot
Live screenshot

Full Image

72
Requests

99 %
HTTPS

0 %
IPv6

8
Domains

16
Subdomains

14
IPs

4
Countries

2326 kB
Transfer

3278 kB
Size

3
Cookies

72 HTTP transactions
0 data transactions