tur.vivit-tours.com Open in urlscan Pro
172.67.178.55 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://tur.vivit-tours.com/
Effective URL:
https://tur.vivit-tours.com/
Submission: On January 15 via manual (January 15th 2021, 5:19:00 am UTC) from TR

Summary HTTP 115 Redirects Links 42 Behaviour Indicators

Summary

This website contacted 17 IPs in 4 countries across 15 domains to perform 115 HTTP transactions. The main IP is 172.67.178.55, located in United States and belongs to CLOUDFLARENET, US. The main domain is tur.vivit-tours.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 14th 2020. Valid for: a year.

This is the only time tur.vivit-tours.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 35	172.67.178.55 172.67.178.55	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	151.101.1.195 151.101.1.195	54113 (FASTLY) (FASTLY)
3	2a00:1450:400... 2a00:1450:4001:803::200a	15169 (GOOGLE) (GOOGLE)
2	2a04:4e42:3::621 2a04:4e42:3::621	54113 (FASTLY) (FASTLY)
1 2	88.212.201.216 88.212.201.216	39134 (UNITEDNET) (UNITEDNET)
2 14	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
7	2a00:1450:400... 2a00:1450:4001:818::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::6814:b944	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:81f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:817::2001	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:819::2001	15169 (GOOGLE) (GOOGLE)
3	151.101.65.195 151.101.65.195	54113 (FASTLY) (FASTLY)
10	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:803::2001	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:800::2004	15169 (GOOGLE) (GOOGLE)
115	17

35 172.67.178.55 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

tur.vivit-tours.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vivit-tours.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i.vivit-tours.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.1.195 (United States)

ASN54113 (FASTLY, US)

cdn.zx-adnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:3::621 (Ascension Island)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.201.216 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host216.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a02:6b8::1:119 (Moscow, Russian Federation) 2 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:818::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:b944 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:817::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

a909240e50e14607e4139976c0fd17ce.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:819::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.65.195 (United States)

ASN54113 (FASTLY, US)

bk.jampartizan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
35	vivit-tours.com 1 redirects tur.vivit-tours.com vivit-tours.com i.vivit-tours.com	1 MB
17	doubleclick.net securepubads.g.doubleclick.net googleads.g.doubleclick.net	157 KB
14	googlesyndication.com a909240e50e14607e4139976c0fd17ce.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	32 KB
14	yandex.ru 2 redirects mc.yandex.ru	97 KB
7	gstatic.com fonts.gstatic.com	83 KB
5	ampproject.org cdn.ampproject.org	97 KB
5	googletagservices.com www.googletagservices.com	142 KB
5	zx-adnet.com cdn.zx-adnet.com	301 KB
3	jampartizan.com bk.jampartizan.com	4 KB
3	googleapis.com fonts.googleapis.com	2 KB
2	google.com 1 redirects adservice.google.com www.google.com	918 B
2	yadro.ru 1 redirects counter.yadro.ru	1 KB
2	jsdelivr.net cdn.jsdelivr.net	8 KB
1	google.de adservice.google.de	803 B
1	onetrust.com geolocation.onetrust.com	530 B
115	15

	Domain	Requested by
27	i.vivit-tours.com	tur.vivit-tours.com
14	mc.yandex.ru	2 redirects tur.vivit-tours.com
13	securepubads.g.doubleclick.net	cdn.zx-adnet.com www.googletagservices.com securepubads.g.doubleclick.net tur.vivit-tours.com
9	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com tur.vivit-tours.com cdn.ampproject.org
7	fonts.gstatic.com	fonts.googleapis.com
6	vivit-tours.com	tur.vivit-tours.com
5	cdn.ampproject.org	securepubads.g.doubleclick.net
5	www.googletagservices.com	cdn.zx-adnet.com securepubads.g.doubleclick.net tur.vivit-tours.com
5	cdn.zx-adnet.com	tur.vivit-tours.com cdn.zx-adnet.com
4	googleads.g.doubleclick.net	bk.jampartizan.com tur.vivit-tours.com
4	pagead2.googlesyndication.com	securepubads.g.doubleclick.net
3	bk.jampartizan.com	tur.vivit-tours.com
3	fonts.googleapis.com	tur.vivit-tours.com securepubads.g.doubleclick.net
2	counter.yadro.ru	1 redirects tur.vivit-tours.com
2	cdn.jsdelivr.net	tur.vivit-tours.com
2	tur.vivit-tours.com	1 redirects
1	www.google.com	1 redirects
1	a909240e50e14607e4139976c0fd17ce.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	geolocation.onetrust.com	cdn.zx-adnet.com
115	21

This site contains links to these domains. Also see Links.

Domain
www.cookiesandyou.com
vivit-tours.com
ara.vivit-tours.com
bul.vivit-tours.com
ben.vivit-tours.com
cat.vivit-tours.com
cze.vivit-tours.com
ger.vivit-tours.com
gre.vivit-tours.com
spa.vivit-tours.com
est.vivit-tours.com
fin.vivit-tours.com
fre.vivit-tours.com
hin.vivit-tours.com
hrv.vivit-tours.com
hun.vivit-tours.com
ind.vivit-tours.com
ita.vivit-tours.com
heb.vivit-tours.com
jpn.vivit-tours.com
kor.vivit-tours.com
lit.vivit-tours.com
lav.vivit-tours.com
may.vivit-tours.com
dut.vivit-tours.com
nor.vivit-tours.com
pol.vivit-tours.com
por.vivit-tours.com
rum.vivit-tours.com
rus.vivit-tours.com
slo.vivit-tours.com
slv.vivit-tours.com
srp.vivit-tours.com
swe.vivit-tours.com
tam.vivit-tours.com
tel.vivit-tours.com
tha.vivit-tours.com
tgl.vivit-tours.com
ukr.vivit-tours.com
urd.vivit-tours.com
vie.vivit-tours.com
chi.vivit-tours.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-06-14` - `2021-06-14`	a year	crt.sh
www.joinlft.org GTS CA 1D2	`2020-11-26` - `2021-02-24`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
f3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-10-26` - `2021-04-17`	6 months	crt.sh
counter.yadro.ru R3	`2021-01-13` - `2021-04-13`	3 months	crt.sh
mc.yandex.ru Yandex CA	`2020-09-29` - `2021-03-11`	5 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
*.onetrust.com DigiCert SHA2 Secure Server CA	`2020-05-21` - `2022-07-27`	2 years	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
*.google.de GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
www.inmobiliariavivalda.com.ar GTS CA 1D2	`2020-12-24` - `2021-03-24`	3 months	crt.sh
misc-sni.google.com GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh

This page contains 10 frames:

Primary Page: https://tur.vivit-tours.com/
Frame ID: 9155CD7A19FD2BF2F906342199FE5084
Requests: 79 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstQIcnksRRG_IXxlopHyTazUwS_gGepZjmwJ65xxsesKbckpAB2_EH-tjjuNSTPOoa3W31Gw-9CAO91AXlo6hWJcEWWc99p2IJB3zKyyMt4V4kso8W2MoZq8_VnLoaGEfsaUshl1HKPHJbI23AgwIOQf6LMhThCWYKDnX-dyATprepMpfRqSZ7s0kpIvvZVRi0a5M6H2bZlTWfsbFAnLZBtuohqUmtZDgngyEeozSXuRDKeAIC5bOc63CJ8axw6B_xJ_IjMcDDtE-jHDmQwyIZh3F5JhL7izYxqS3V8OQ&sai=AMfl-YTWbRArnN2sDZz4A5qaRnz2rIH4zYtF-Ngayy8QN4HB3Lt5TJmuRQ5yAG73oY7Ie1Rf5e1svIVlQkmmSWh3Y-_PbLeFW_lfaJU97_zl1UDKRGoh9rP3ARN-nYQFU6XJ&sig=Cg0ArKJSzOPPWBINQbzgEAE&urlfix=1&adurl=
Frame ID: E19E88CA290F6626DE3B2342C0467E61
Requests: 5 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst7CGx563FXqium7TgKARHUVp0AUq9hpk_ylAIiCsQATPdWIu3lMbfexTYwZmoJroWz72JAdLVuNYEebUje8_ZxyOyMyw357EYFPQ-ixxUCn1lkb5M6RTbGgo6d26X7KtBThgY4aHVtbBYfnJFqQgwYtLFuV724jIHQUO-HavRsBp0b_aq0VVsDFJ8O8LFNTOFcjlgTi11RK3nS3WfWCIQ7ttZGx1L8PK2tPWBF5gPn44DkzGrVxt1pFNb8tYamc9UsC-6_LtmRB0mX9VSdySnZtFokN1AYgDDwroU-Pg&sai=AMfl-YTjXTpB_VIRU3w8yemF0BN6EMPCAvANAraR8VjXkXVrfsaaCFa9RxlTCfg2Sg7KLJkh_hVO24phi38ziJxpwTyMQpKktMgqdvX6KdZ_jqpaqdx-VaXJfV73R9BJwC0&sig=Cg0ArKJSzKe8p9R6iSC2EAE&urlfix=1&adurl=
Frame ID: F4B72EAD27300E25EC24B2D85DE094F7
Requests: 5 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Roboto
Frame ID: 92D23024D0AB0422C7B96CF239BB55FB
Requests: 2 HTTP requests in this frame

Frame: https://bk.jampartizan.com/ZXM/OPTR/TURzxvr.2
Frame ID: 570C393040A5655FF32F9FFE26875F7A
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/220/runner.html
Frame ID: 4C84475580CCA52C9AE83E7C0BBDEE22
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=250&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3986104005&adf=4188749583&w=970&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.8342036783343789
Frame ID: DF8445990D276F913D31F76FB4D0CFE3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=250&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3565838599&adf=4188749683&w=970&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fworldtourismgroup.com%2F&ea=0&flash=0&wgl=1&dt=1568467881274&bpp=42&bdt=21&fdt=44&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=1051177114888&frm=23&ife=1&pv=1&ga_vid=1990525009.1568467881&ga_sid=1568467881&ga_hid=1109394268&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=32&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=654&isw=530&ish=534&ifk=4258374561&scr_x=0&scr_y=0&eid=151527007%2C182984000%2C182984200&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C534&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=1044&bc=31&osw_key=1317328505&ifi=1&uci=1.746w5gtp7s5o&fsb=1&p=https%3A%2F%2Fworldtourismgroup.com%2F&dtd=56&0.26924489716862965
Frame ID: 71318801FDB9200342D7B97B03449F57
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/022010270040000/amp4ads-v0.mjs
Frame ID: E88058C7C8B0D78D47A38AC4A916FFA2
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=280&slotname=ZXM/ZXM_OPTR/zxm_optr_tur&adk=3986104005&adf=4188749577&w=336&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Ftr.blogwithoutajob.com%2F&ea=0&flash=0&wgl=1&dt=1568443358351&bpp=112&bdt=115&fdt=114&idt=116&shv=r20190911&cbv=r20190131&saldr=sa&correlator=122319362182&frm=23&ife=1&pv=1&ga_vid=1347795841.1568443359&ga_sid=1568443359&ga_hid=2028642082&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=20&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=34&biw=558&bih=670&isw=530&ish=550&ifk=1846264811&scr_x=0&scr_y=0&eid=20199336%2C151527007%2C182984100%2C182984300%2C368885002%2C423550201&oid=3&pg_h=9038&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=3973512255&ifi=1&uci=1.cucdgbjcgw8k&fsb=1&p=https%3A%2F%2Ftr.blogwithoutajob.com%2F&dtd=195&0.0026463317766556305
Frame ID: FE0F7D0DCC5442691D51A929124B6EB0
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://tur.vivit-tours.com/ HTTP 301
https://tur.vivit-tours.com/ Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

115
Requests

97 %
HTTPS

71 %
IPv6

15
Domains

21
Subdomains

17
IPs

4
Countries

2309 kB
Transfer

5139 kB
Size

7
Cookies

42 Outgoing links

These are links going to different origins than the main page.

URL: https://www.cookiesandyou.com/
Title: Learn more

Search URL Search Domain Scan URL

URL: https://vivit-tours.com/

Search URL Search Domain Scan URL

URL: https://ara.vivit-tours.com/

Search URL Search Domain Scan URL

URL: https://bul.vivit-tours.com/

Search URL Search Domain Scan URL

URL: https://ben.vivit-tours.com/

Search URL Search Domain Scan URL

URL: https://cat.vivit-tours.com/

Search URL Search Domain Scan URL

URL: https://cze.vivit-tours.com/

Search URL Search Domain Scan URL

URL: https://ger.vivit-tours.com/

Search URL Search Domain Scan URL

URL: https://gre.vivit-tours.com/

Search URL Search Domain Scan URL

URL: https://spa.vivit-tours.com/

Search URL Search Domain Scan URL

URL: https://est.vivit-tours.com/

Search URL Search Domain Scan URL

URL: https://fin.vivit-tours.com/

Search URL Search Domain Scan URL

URL: https://fre.vivit-tours.com/

Search URL Search Domain Scan URL

URL: https://hin.vivit-tours.com/

Search URL Search Domain Scan URL

URL: https://hrv.vivit-tours.com/

Search URL Search Domain Scan URL

URL: https://hun.vivit-tours.com/

Search URL Search Domain Scan URL

URL: https://ind.vivit-tours.com/

Search URL Search Domain Scan URL

URL: https://ita.vivit-tours.com/

Search URL Search Domain Scan URL

URL: https://heb.vivit-tours.com/

Search URL Search Domain Scan URL

URL: https://jpn.vivit-tours.com/

Search URL Search Domain Scan URL

URL: https://kor.vivit-tours.com/

Search URL Search Domain Scan URL

URL: https://lit.vivit-tours.com/

Search URL Search Domain Scan URL

URL: https://lav.vivit-tours.com/

Search URL Search Domain Scan URL

URL: https://may.vivit-tours.com/

Search URL Search Domain Scan URL

URL: https://dut.vivit-tours.com/

Search URL Search Domain Scan URL

URL: https://nor.vivit-tours.com/

Search URL Search Domain Scan URL

URL: https://pol.vivit-tours.com/

Search URL Search Domain Scan URL

URL: https://por.vivit-tours.com/

Search URL Search Domain Scan URL

URL: https://rum.vivit-tours.com/

Search URL Search Domain Scan URL

URL: https://rus.vivit-tours.com/

Search URL Search Domain Scan URL

URL: https://slo.vivit-tours.com/

Search URL Search Domain Scan URL

URL: https://slv.vivit-tours.com/

Search URL Search Domain Scan URL

URL: https://srp.vivit-tours.com/

Search URL Search Domain Scan URL

URL: https://swe.vivit-tours.com/

Search URL Search Domain Scan URL

URL: https://tam.vivit-tours.com/

Search URL Search Domain Scan URL

URL: https://tel.vivit-tours.com/

Search URL Search Domain Scan URL

URL: https://tha.vivit-tours.com/

Search URL Search Domain Scan URL

URL: https://tgl.vivit-tours.com/

Search URL Search Domain Scan URL

URL: https://ukr.vivit-tours.com/

Search URL Search Domain Scan URL

URL: https://urd.vivit-tours.com/

Search URL Search Domain Scan URL

URL: https://vie.vivit-tours.com/

Search URL Search Domain Scan URL

URL: https://chi.vivit-tours.com/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://tur.vivit-tours.com/ HTTP 301
https://tur.vivit-tours.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 39

https://counter.yadro.ru/hit?r;s1600*1200*24;uhttps%3A//tur.vivit-tours.com/;0.25630440426322143 HTTP 302
https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//tur.vivit-tours.com/;0.25630440426322143

Request Chain 47

https://mc.yandex.ru/watch/54607900?wmode=7&page-url=https%3A%2F%2Ftur.vivit-tours.com%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1610687917070%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A60%3Ai%3A20210115061838%3Aet%3A1610687919%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A1140271980056%3Arqn%3A1%3Arn%3A934407104%3Ahid%3A1065070140%3Ads%3A0%2C113%2C1119%2C1%2C128%2C0%2C0%2C183%2C0%2C%2C%2C%2C1548%3Afp%3A1465%3Agdpr%3A14%3Av%3A1988%3Awv%3A2%3Arqnl%3A1%3Ast%3A1610687919%3Au%3A1610687919502001211%3At%3ATurizm%20Ve%20Seyahat%2C%20Seyahat%20Dergileri%2C%20Gazeteler%2C%20Yay%C4%B1nlar%2C%20De%C4%9Ferlendirme%20De%C4%9Ferlendirme%20Ile%20Ilgili%20Makaleler%20%2F%20Ocak%202021 HTTP 302
https://mc.yandex.ru/watch/54607900/1?wmode=7&page-url=https%3A%2F%2Ftur.vivit-tours.com%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1610687917070%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A60%3Ai%3A20210115061838%3Aet%3A1610687919%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A1140271980056%3Arqn%3A1%3Arn%3A934407104%3Ahid%3A1065070140%3Ads%3A0%2C113%2C1119%2C1%2C128%2C0%2C0%2C183%2C0%2C%2C%2C%2C1548%3Afp%3A1465%3Agdpr%3A14%3Av%3A1988%3Awv%3A2%3Arqnl%3A1%3Ast%3A1610687919%3Au%3A1610687919502001211%3At%3ATurizm%20Ve%20Seyahat%2C%20Seyahat%20Dergileri%2C%20Gazeteler%2C%20Yay%C4%B1nlar%2C%20De%C4%9Ferlendirme%20De%C4%9Ferlendirme%20Ile%20Ilgili%20Makaleler%20%2F%20Ocak%202021

Request Chain 105

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 113

https://mc.yandex.ru/watch/54607900?page-url=https%3A%2F%2Ftur.vivit-tours.com%2F&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Adp%3A1%3Ans%3A1610687917070%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aadb%3A2%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A60%3Ai%3A20210115061854%3Aet%3A1610687935%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Aar%3A1%3Anb%3A1%3Acl%3A119%3Als%3A1140271980056%3Arqn%3A2%3Arn%3A146374737%3Ahid%3A1065070140%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C2880%2C2880%2C16%2C%3Agdpr%3A14%3Aeu%3A1%3Av%3A1988%3Awv%3A2%3Arqnl%3A1%3Ast%3A1610687935%3Au%3A1610687919502001211 HTTP 302
https://mc.yandex.ru/watch/54607900/1?page-url=https%3A%2F%2Ftur.vivit-tours.com%2F&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Adp%3A1%3Ans%3A1610687917070%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aadb%3A2%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A60%3Ai%3A20210115061854%3Aet%3A1610687935%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Aar%3A1%3Anb%3A1%3Acl%3A119%3Als%3A1140271980056%3Arqn%3A2%3Arn%3A146374737%3Ahid%3A1065070140%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C2880%2C2880%2C16%2C%3Agdpr%3A14%3Aeu%3A1%3Av%3A1988%3Awv%3A2%3Arqnl%3A1%3Ast%3A1610687935%3Au%3A1610687919502001211

115 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
tur.vivit-tours.com/
Redirect Chain

http://tur.vivit-tours.com/
https://tur.vivit-tours.com/

34 KB
6 KB

1233ms
1119ms

Document
text/html

172.67.178.55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tur.vivit-tours.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.178.55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e4fd5e1a5791a6ad63c6fe57b47a44696f340482b2c3e0eed3f5b62ebecc4e8d

Request headers

:method: GET
:authority: tur.vivit-tours.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 05:18:38 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d866d2d4678b80bc907b7673d97a7829b1610687917; expires=Sun, 14-Feb-21 05:18:37 GMT; path=/; domain=.vivit-tours.com; HttpOnly; SameSite=Lax; Secure
cache-control: max-age=86400
expires: Sat, 16 Jan 2021 05:18:37 GMT
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: DYNAMIC
cf-request-id: 07a61445060000e65c77ac4000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=jv1UpzcGFk%2FBpQ8pIg2HdWP1TbNBabsAtE2rFjqqQsQdnvsxokURP0mSHmtPlX7ypVXx86qDUylq5NU10wtCnekWH5IamVyT3HaJE%2FvrqadAMk22"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 611d231b3df2e65c-LHR
content-encoding: br

Redirect headers

Date: Fri, 15 Jan 2021 05:18:37 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Fri, 15 Jan 2021 06:18:37 GMT
Location: https://tur.vivit-tours.com/
cf-request-id: 07a61444510000e68c6839f000000001
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=6x6FaJ9qIqLF81GEUfPIOjRI1VsJQj6eLpBOsTj1UY%2BDMmFqOlqt1hacwfXx2RZHIqvXIGReN87ZEx3FCA2Fxl%2Fm59F%2B9JNbEA6E4VBuxEr0qhvH"}],"group":"cf-nel","max_age":604800}
NEL: {"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 611d231a1aade68c-LHR

GET
H2 200 optr_overlay_19091901.js Show response
cdn.zx-adnet.com/adx/ 5 B
287 B 64ms
19ms Script
text/javascript 151.101.1.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.zx-adnet.com/adx/optr_overlay_19091901.js

Requested by

Host: tur.vivit-tours.com
URL: https://tur.vivit-tours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Referer: https://tur.vivit-tours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
last-modified: Thu, 14 Jan 2021 12:53:09 GMT
x-timer: S1610687918.485913,VS0,VE0
etag: "008e573f046db72edd806683cf4c63685d1d8dcc88a7dba93fc5d238aeef0d91"
x-served-by: cache-cdg20766-CDG
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600
date: Fri, 15 Jan 2021 05:18:38 GMT
accept-ranges: bytes
content-length: 5
x-cache-hits: 81

GET
H2 200 logo.png
vivit-tours.com/template/images/ 16 KB
16 KB 72ms
63ms Image
image/png 172.67.178.55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vivit-tours.com/template/images/logo.png
Requested by: Host: tur.vivit-tours.com
URL: https://tur.vivit-tours.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.178.55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1cc776b4b87243862afabc5cb1107699c4bc2c3a89e7da2972f1e8d042233282

Request headers

Referer: https://tur.vivit-tours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 05:18:38 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 6126533
content-length: 16418
cf-request-id: 07a61449760000e65c0e0ab000000001
last-modified: Mon, 27 Jan 2020 19:15:41 GMT
server: cloudflare
etag: "4022-59d23eeec0e1c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=GXNVFHlahOZN68TQfPVT5NKbVPAVLVUy2idvZGyLOB5KQNZ3rPebdtc6ogEyu3vJNviK5UevOGoKY5jDWHMHnHoYurw37WHtvjabStX8cV4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 611d23225b22e65c-LHR
expires: Fri, 05 Nov 2021 07:29:45 GMT

GET
H2 200 travel-guide-monaco.jpg
i.vivit-tours.com/img/guides/84/ 29 KB
30 KB 105ms
89ms Image
image/jpeg 172.67.178.55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.vivit-tours.com/img/guides/84/travel-guide-monaco.jpg
Requested by: Host: tur.vivit-tours.com
URL: https://tur.vivit-tours.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.178.55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a953188fad1f7902c943ead7a728672e510b8dd6b4e594d501622af4ced64dfb

Request headers

Referer: https://tur.vivit-tours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 05:18:38 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 623
content-length: 29833
cf-request-id: 07a614498b0000e65c60149000000001
last-modified: Thu, 05 Dec 2019 17:36:17 GMT
server: cloudflare
etag: "7489-598f85dde1bcf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=gpdby3HYE5q4mlvvBKxrefi%2Fr3aQASA658%2BTk5xu9PM9i5tTiYheLWSBp0YlfSypm0%2B0LDvULyyTA98gSu0AkiJ2A373MROAKLWingD4iQ%2Bi3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 611d23227b38e65c-LHR
expires: Sat, 15 Jan 2022 05:08:15 GMT

GET
H2 200 10-things-do-tiong-bahru-one-oldest-housing-estates-singapore.jpg
i.vivit-tours.com/img/other/65/ 67 KB
68 KB 190ms
178ms Image
image/jpeg 172.67.178.55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.vivit-tours.com/img/other/65/10-things-do-tiong-bahru-one-oldest-housing-estates-singapore.jpg
Requested by: Host: tur.vivit-tours.com
URL: https://tur.vivit-tours.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.178.55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f625c7acfc82b7177ae601b1531f906b3f31cf033f1ec7d4cbd031fc5bbe8969

Request headers

Referer: https://tur.vivit-tours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 05:18:38 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 69081
cf-request-id: 07a614498b0000e65c7c349000000001
last-modified: Thu, 05 Dec 2019 18:45:52 GMT
server: cloudflare
etag: "10dd9-598f956b6a1fd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=GeAsjLywsbGdZwA%2FZZsaXEhMIseyUWCDS6rkxVkgIL3gFUj6Ou7ytq7VMP5JS7nLeAJU6LsFve06X2YA%2BWMBQAk3eFakicWCso0fsmUN6Hbjgw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 611d23227b37e65c-LHR
expires: Sat, 15 Jan 2022 05:18:38 GMT

GET
H2 200 detroit.jpg
i.vivit-tours.com/img/destinations/err/ 50 KB
50 KB 355ms
349ms Image
image/jpeg 172.67.178.55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.vivit-tours.com/img/destinations/err/detroit.jpg
Requested by: Host: tur.vivit-tours.com
URL: https://tur.vivit-tours.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.178.55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 76bc9a7ba2a98dbf3265eef964e4f3ed74a23d65da1a9e8ab7003e6f1886f005

Request headers

Referer: https://tur.vivit-tours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 05:18:38 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 50880
cf-request-id: 07a614498a0000e65c6d9ba000000001
last-modified: Thu, 05 Dec 2019 17:34:49 GMT
server: cloudflare
etag: "c6c0-598f8589d61f7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=x940fi9YS5TksR7C7c05BalZzplfzve2nMsXKvfgKkIr8QpNdmmjHAoRoav%2FkPOQ1j4qrgL2QMAqBEa1NA7hw0gkykxV%2FYYX1ZHi2SO2TJtTVw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 611d23227b36e65c-LHR
expires: Sat, 15 Jan 2022 05:18:38 GMT

GET
H2 200 washington-dc.jpg
i.vivit-tours.com/img/destinations/94/ 45 KB
45 KB 317ms
316ms Image
image/jpeg 172.67.178.55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.vivit-tours.com/img/destinations/94/washington-dc.jpg
Requested by: Host: tur.vivit-tours.com
URL: https://tur.vivit-tours.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.178.55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b7e0717a0732adf2f57fbceaf28d2fd7874a2b6da246068283fd75482cd6c18d

Request headers

Referer: https://tur.vivit-tours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 05:18:38 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 46174
cf-request-id: 07a61449bb0000e65c41390000000001
last-modified: Thu, 05 Dec 2019 17:34:22 GMT
server: cloudflare
etag: "b45e-598f85703a763"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=JTT37PSnvGKjMnFT2vM7X4wDcx4a4IXAME9DRT2Ygi3gizx1qnyukl%2BxUtDYDSwSH7Y%2FTDaiZbD%2B9NOV6YZE6zyrQdVFPQlKNmziAhSfPmNnMA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 611d2322cb7ce65c-LHR
expires: Sat, 15 Jan 2022 05:18:38 GMT

GET
H2 200 st-thomas.jpg
i.vivit-tours.com/img/destinations/17/ 39 KB
39 KB 301ms
301ms Image
image/jpeg 172.67.178.55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.vivit-tours.com/img/destinations/17/st-thomas.jpg
Requested by: Host: tur.vivit-tours.com
URL: https://tur.vivit-tours.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.178.55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e486dd35ed099f69997061f21336cad5b3fc105ebd6e26fa7c8a92d727cdf0a

Request headers

Referer: https://tur.vivit-tours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 05:18:38 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 39759
cf-request-id: 07a61449bf0000e65c58021000000001
last-modified: Thu, 05 Dec 2019 17:30:42 GMT
server: cloudflare
etag: "9b4f-598f849ddcf8f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=yTc135iqB%2FgTZ%2Fa2BbHndPv5cg1710LnZ3CPdqYcccoBgWS6zBLK12FBw0cJpF3Fp7oe%2FfJfalNuOKCWLeyx0mToP3mhQuIZ4huHWd4saQJezw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 611d2322cb82e65c-LHR
expires: Sat, 15 Jan 2022 05:18:38 GMT

GET
H2 200 hong-kong.jpg
i.vivit-tours.com/img/destinations/60/ 42 KB
42 KB 321ms
320ms Image
image/jpeg 172.67.178.55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.vivit-tours.com/img/destinations/60/hong-kong.jpg
Requested by: Host: tur.vivit-tours.com
URL: https://tur.vivit-tours.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.178.55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c40a58eb0281a4239bebb01c15f5b19d9922f52cb45b2e69a48a4953cce0edb

Request headers

Referer: https://tur.vivit-tours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 05:18:38 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 42689
cf-request-id: 07a61449c60000e65c0d210000000001
last-modified: Thu, 05 Dec 2019 17:32:43 GMT
server: cloudflare
etag: "a6c1-598f8511ebe52"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=SK7rR1dMCm3w0PB1%2FiMZ5LhaHuVy3TLNfs78sMemDX632MB8bzFyxIB%2BaXoewlCsxK9xJNXE%2F0lxgf36BmKM3YsnE2la0ehCCkQwzq%2BboUZ%2B%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 611d2322db8ce65c-LHR
expires: Sat, 15 Jan 2022 05:18:38 GMT

GET
H2 200 zurich.jpg
i.vivit-tours.com/img/destinations/36/ 40 KB
41 KB 301ms
300ms Image
image/jpeg 172.67.178.55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.vivit-tours.com/img/destinations/36/zurich.jpg
Requested by: Host: tur.vivit-tours.com
URL: https://tur.vivit-tours.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.178.55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe33e8675df8bf7d65eec13fb4722f7b1d5bbd041a53f50cc520982bab6c4b8c

Request headers

Referer: https://tur.vivit-tours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 05:18:38 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 41052
cf-request-id: 07a61449d20000e65c0d211000000001
last-modified: Thu, 05 Dec 2019 17:31:40 GMT
server: cloudflare
etag: "a05c-598f84d52e192"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=KXc7NUOm2KgaXBC64eoWlZd%2FHSJHVEZ9DbLq6HPq4BtdNPxn31BGMKb%2BrHI0Gyn77U9gLVeRRK7L0jlAlHoZveTeCV1djTjICZvTMxz0RiWRIg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 611d2322db8de65c-LHR
expires: Sat, 15 Jan 2022 05:18:38 GMT

GET
H2 200 south-dakota.jpg
i.vivit-tours.com/img/destinations/96/ 43 KB
44 KB 286ms
285ms Image
image/jpeg 172.67.178.55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.vivit-tours.com/img/destinations/96/south-dakota.jpg
Requested by: Host: tur.vivit-tours.com
URL: https://tur.vivit-tours.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.178.55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 511adb4841ea7b4227466207a3d21ed7072b07f8c9b0558dbe37c95b806486d2

Request headers

Referer: https://tur.vivit-tours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 05:18:38 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 44521
cf-request-id: 07a61449c60000e65c1d86d000000001
last-modified: Thu, 05 Dec 2019 17:34:25 GMT
server: cloudflare
etag: "ade9-598f8572a2ac2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=2LO%2B%2FmVEcURNHEP0m4R4tz%2BVGxzJ%2FKUqpWTEPE6%2BLPCHAWSKYnd65WW6k7ugJm3j5o8iqOYWc4x9cAI3WVmUMgTl%2FfBZ%2BiDuk%2FPYpA5yXPVUsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 611d2322db8be65c-LHR
expires: Sat, 15 Jan 2022 05:18:38 GMT

GET
H2 200 optr_19071801.js Show response
cdn.zx-adnet.com/adx/ 146 KB
19 KB 63ms
20ms Script
text/javascript 151.101.1.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.zx-adnet.com/adx/optr_19071801.js

Requested by

Host: tur.vivit-tours.com
URL: https://tur.vivit-tours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4b98ccf8e82722a5ab53ab4eccd2fd98c2edb49e977e4f27f305ebe4fcaf2df7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Referer: https://tur.vivit-tours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
last-modified: Thu, 14 Jan 2021 12:53:09 GMT
x-timer: S1610687918.485957,VS0,VE0
etag: "ea514dba7061920e9ff4a9a2c343da59dd2ec9cb442383c51f3641fdd31f1aca-br"
x-served-by: cache-cdg20766-CDG
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600
date: Fri, 15 Jan 2021 05:18:38 GMT
accept-ranges: bytes
content-length: 19617
x-cache-hits: 88

GET
H2 200 worlds-coolest-ice-hotels.jpg
i.vivit-tours.com/img/interests/err/ 32 KB
32 KB 301ms
299ms Image
image/jpeg 172.67.178.55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.vivit-tours.com/img/interests/err/worlds-coolest-ice-hotels.jpg
Requested by: Host: tur.vivit-tours.com
URL: https://tur.vivit-tours.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.178.55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aad895630255f0104324e724bc1046384ad9b1b179fcb8e1402e5cd52d8384a5

Request headers

Referer: https://tur.vivit-tours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 05:18:38 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 32792
cf-request-id: 07a6144a0d0000e65c1f21e000000001
last-modified: Thu, 05 Dec 2019 17:51:06 GMT
server: cloudflare
etag: "8018-598f892d0da10"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=GDvOPWxQhuEbFcG8CmTCPhUyYoWPoQ2mzNU1mC9IvGf4a0rbWjzrAkNr4dZHN5YA3Svx67dUm9ZBqOQQmkGNWg%2Bg2QRxHzpptaPDdhlcWD4ZYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 611d23234be3e65c-LHR
expires: Sat, 15 Jan 2022 05:18:38 GMT

GET
H2 200 world-heritage-worthy-sites.jpg
i.vivit-tours.com/img/interests/81/ 51 KB
52 KB 348ms
346ms Image
image/jpeg 172.67.178.55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.vivit-tours.com/img/interests/81/world-heritage-worthy-sites.jpg
Requested by: Host: tur.vivit-tours.com
URL: https://tur.vivit-tours.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.178.55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f9d520da8158d4ae9d220432db1f453eb5ee2c426d58616bb0997bc235404e5

Request headers

Referer: https://tur.vivit-tours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 05:18:38 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 52727
cf-request-id: 07a6144a0e0000e65c3906c000000001
last-modified: Thu, 05 Dec 2019 17:46:08 GMT
server: cloudflare
etag: "cdf7-598f881152e3f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=NmYLCBdQeR4i9Mkqw4JNPOz4jPCWqjgWl%2B6fDGNi3NiN%2BH7DdTjRJx02JUHuX1L5OeD0z4paB%2FoYB2xHt1KUY2fvsGx6QS2%2BDbYDrNxkcVwSgg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 611d23234be5e65c-LHR
expires: Sat, 15 Jan 2022 05:18:38 GMT

GET
H2 200 10-best-new-restaurants-walt-disney-world.jpg
i.vivit-tours.com/img/interests/err/ 58 KB
59 KB 251ms
250ms Image
image/jpeg 172.67.178.55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.vivit-tours.com/img/interests/err/10-best-new-restaurants-walt-disney-world.jpg
Requested by: Host: tur.vivit-tours.com
URL: https://tur.vivit-tours.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.178.55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 978e72413803c6e56be2872fea31036040638d1efbce423f56a1c3a067e92478

Request headers

Referer: https://tur.vivit-tours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 05:18:38 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 38639
content-length: 59895
cf-request-id: 07a6144aa80000e65c719b8000000001
last-modified: Thu, 05 Dec 2019 17:48:18 GMT
server: cloudflare
etag: "e9f7-598f888cdcdae"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ztjeQE%2BfW3Rx3crBDPSyVbo3FGWaIGLbf1iYmeQV0TSEIG34p01ufWQkFwjeZLFxUGOvp5EqXMBspHSPsL9TL3PewLN%2BSqrVX%2BrLC1pXMdBdPg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 611d23234bf0e65c-LHR
expires: Fri, 14 Jan 2022 18:34:39 GMT

GET
H2 200 3-best-things-do-near-jalan-kayu-singapore-one-must-indulge-into.jpg
i.vivit-tours.com/img/other/17/ 44 KB
44 KB 250ms
249ms Image
image/jpeg 172.67.178.55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.vivit-tours.com/img/other/17/3-best-things-do-near-jalan-kayu-singapore-one-must-indulge-into.jpg
Requested by: Host: tur.vivit-tours.com
URL: https://tur.vivit-tours.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.178.55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b28970c7161e476df30b8203289624cdad6664bb862dc254ac59d3cf25e6d152

Request headers

Referer: https://tur.vivit-tours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 05:18:38 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 45045
cf-request-id: 07a6144a140000e65c49102000000001
last-modified: Thu, 05 Dec 2019 18:06:25 GMT
server: cloudflare
etag: "aff5-598f8c9a37b94"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=VFgKEcKn%2FM%2F0U4CJSMSwsyo%2B%2B%2BuQD0vbou0cwd1VV4awrcA2PNNAnxZGVygFugZeQ6uDXvidb6wjrRp%2BPHX7v%2Fr%2Bj%2BbExsKYw2Dac9qdm%2FIDCA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 611d23234bf1e65c-LHR
expires: Sat, 15 Jan 2022 05:18:38 GMT

GET
H2 200 10-new-zealand-restaurants-taste-countrys-culinary-masterpieces-2018.jpg
i.vivit-tours.com/img/other/77/ 37 KB
37 KB 303ms
301ms Image
image/jpeg 172.67.178.55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.vivit-tours.com/img/other/77/10-new-zealand-restaurants-taste-countrys-culinary-masterpieces-2018.jpg
Requested by: Host: tur.vivit-tours.com
URL: https://tur.vivit-tours.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.178.55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 05af3f284ecc9fed1a6787f269a0866b56253241122247c204b3e97a99fdc669

Request headers

Referer: https://tur.vivit-tours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 05:18:38 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 37606
cf-request-id: 07a6144a150000e65c2abc5000000001
last-modified: Thu, 05 Dec 2019 18:55:26 GMT
server: cloudflare
etag: "92e6-598f978e67505"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ZHaw7Y%2B3EbQKjGEh%2BVwDbF2HAWeQXiUE5rW2e3otxD0c28w8Q4AnFdDTi9KQpaeL%2Fpx81vUpoCyoFH1hEzj%2B7pqlsyDd8kBiP%2Fyb9s0ywjbXtg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 611d23234bf5e65c-LHR
expires: Sat, 15 Jan 2022 05:18:38 GMT

GET
H2 200 beautiful-places-visit-6-day-trip-sri-lanka.jpg
i.vivit-tours.com/img/other/50/ 54 KB
55 KB 327ms
325ms Image
image/jpeg 172.67.178.55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.vivit-tours.com/img/other/50/beautiful-places-visit-6-day-trip-sri-lanka.jpg
Requested by: Host: tur.vivit-tours.com
URL: https://tur.vivit-tours.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.178.55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6cf36582109b9e53f72f8020ae731e1931fbdb8d3b8bd36a99840a906e9dddc0

Request headers

Referer: https://tur.vivit-tours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 05:18:38 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 55634
cf-request-id: 07a6144a0e0000e65c383ec000000001
last-modified: Thu, 05 Dec 2019 18:33:45 GMT
server: cloudflare
etag: "d952-598f92b649f33"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Pq8%2BzJ0gL3vB9ea1vwSpvNUbj%2F2%2BVJTfi4MeUUd8IM8h3APLNA%2B5N0dRc9ohHwVBWeIEa0zMUJvpId%2FFpghRQ%2BwkecdC0bQucGFUZYe1zQLVgA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 611d23234be4e65c-LHR
expires: Sat, 15 Jan 2022 05:18:38 GMT

GET
H2 200 3-best-things-do-crawford-with-friends-while-holidaying-singapore.jpg
i.vivit-tours.com/img/other/57/ 52 KB
52 KB 322ms
321ms Image
image/jpeg 172.67.178.55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.vivit-tours.com/img/other/57/3-best-things-do-crawford-with-friends-while-holidaying-singapore.jpg
Requested by: Host: tur.vivit-tours.com
URL: https://tur.vivit-tours.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.178.55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f5038a28e8088b78652a612d17e0ceea63d7ca6969b8e371155b5ce23691a872

Request headers

Referer: https://tur.vivit-tours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 05:18:38 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 52828
cf-request-id: 07a6144a0f0000e65c111f1000000001
last-modified: Thu, 05 Dec 2019 18:39:36 GMT
server: cloudflare
etag: "ce5c-598f94046be27"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=07BcE9pGyBwdQaGzhUhL%2Fo21kFtR%2BDyIhBVWWgMthYpYfUy1QwBTKlzanJLmEvSQ5xr3wzEjyBNUtrBnW2WwyXH3apqke29rb%2B2wKq%2BHfa3cNw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 611d23234be9e65c-LHR
expires: Sat, 15 Jan 2022 05:18:38 GMT

GET
H2 200 israel-december-walk-down-pathways-cities-israel-this-winter.jpg
i.vivit-tours.com/img/other/43/ 48 KB
49 KB 176ms
175ms Image
image/jpeg 172.67.178.55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.vivit-tours.com/img/other/43/israel-december-walk-down-pathways-cities-israel-this-winter.jpg
Requested by: Host: tur.vivit-tours.com
URL: https://tur.vivit-tours.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.178.55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c8e306191281578da9fa23dc7eab9d4515b9460a2b65045a45a75b6406f11c8

Request headers

Referer: https://tur.vivit-tours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 05:18:39 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 49541
cf-request-id: 07a6144b3b0000e65c37066000000001
last-modified: Thu, 05 Dec 2019 18:28:29 GMT
server: cloudflare
etag: "c185-598f918873aad"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=gh9GAiVqBc4hkSZ%2FpfUhJbtXt1%2BbBw9tliNQm9GiZVDxZ5dDqxQ5fQvRYDdJ5Vldrc6%2Bc%2FU3q5%2FKQUncXK4bY3h1sRX5spKVIsIJYpDDx8lIfg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 611d23252db0e65c-LHR
expires: Sat, 15 Jan 2022 05:18:38 GMT

GET
H2 200 3-best-islands-near-yishun-singapore.jpg
i.vivit-tours.com/img/other/19/ 59 KB
59 KB 180ms
180ms Image
image/jpeg 172.67.178.55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.vivit-tours.com/img/other/19/3-best-islands-near-yishun-singapore.jpg
Requested by: Host: tur.vivit-tours.com
URL: https://tur.vivit-tours.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.178.55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ccb78397f302455bc30aa80fe0fd486fd8415fdece4e75e6941a71c14d76a91a

Request headers

Referer: https://tur.vivit-tours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 05:18:39 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 59936
cf-request-id: 07a6144b4e0000e65c199b4000000001
last-modified: Thu, 05 Dec 2019 18:08:05 GMT
server: cloudflare
etag: "ea20-598f8cf991e70"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=2aickAhzxVAEmdl9Uu1t%2BgGdvTZfHfhOIYhfPJtH6489emS1JF3xq%2BH5q0nrBYWcFY3wfngb7ivgxgQtbLs80nZZXhKTSFAXcuyLzBjlEXrTPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 611d23254dd4e65c-LHR
expires: Sat, 15 Jan 2022 05:18:38 GMT

GET
H2 200 6-best-indian-restaurants-cayman-islands.jpg
i.vivit-tours.com/img/other/85/ 50 KB
51 KB 159ms
158ms Image
image/jpeg 172.67.178.55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.vivit-tours.com/img/other/85/6-best-indian-restaurants-cayman-islands.jpg
Requested by: Host: tur.vivit-tours.com
URL: https://tur.vivit-tours.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.178.55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 00134aa246e3650697dd1f47ac64fb11246adf110bd65ee8de82a070835597aa

Request headers

Referer: https://tur.vivit-tours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 05:18:39 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 51355
cf-request-id: 07a6144b550000e65c6d9c5000000001
last-modified: Thu, 05 Dec 2019 19:02:15 GMT
server: cloudflare
etag: "c89b-598f99148272e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=8d9%2FqJr%2Fb%2B2eJtaXfBTr6gqvdhuOcaDfzW3MoXCQsO47azyqLfSP3eUqHtBsFkV8hmfX5gLwRdtck4GGxZdS%2F406%2FePN3TtPZiDBPUYv0XnKiw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 611d23255de2e65c-LHR
expires: Sat, 15 Jan 2022 05:18:38 GMT

GET
H2 200 7-cottages-kandy-everyone-is-rushing-towards-this-hot-weather.jpg
i.vivit-tours.com/img/other/58/ 31 KB
32 KB 332ms
331ms Image
image/jpeg 172.67.178.55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.vivit-tours.com/img/other/58/7-cottages-kandy-everyone-is-rushing-towards-this-hot-weather.jpg
Requested by: Host: tur.vivit-tours.com
URL: https://tur.vivit-tours.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.178.55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0da55fc3aca6fc4e59ebd98c3e97bfa2cac21fb939b1830ef5f721474bb33732

Request headers

Referer: https://tur.vivit-tours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 05:18:38 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 32103
cf-request-id: 07a6144aab0000e65c111f2000000001
last-modified: Thu, 05 Dec 2019 18:40:30 GMT
server: cloudflare
etag: "7d67-598f94386d57e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=zcchhiCkhYLUnuK3k38c7CfaokjFnYQgITajq79AO1YCObphmZfvvVF5FrIbuQJCJdYS9OfQLG8OhhhATn%2BiO6ntH5CQF75i%2B%2F1FO0oQlCrDjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 611d23234beae65c-LHR
expires: Sat, 15 Jan 2022 05:18:38 GMT

GET
H2 200 10-best-penang-beach-resorts.jpg
i.vivit-tours.com/img/other/33/ 46 KB
46 KB 251ms
249ms Image
image/jpeg 172.67.178.55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.vivit-tours.com/img/other/33/10-best-penang-beach-resorts.jpg
Requested by: Host: tur.vivit-tours.com
URL: https://tur.vivit-tours.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.178.55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb358f37a0b79a9f9ae3b52096bc560c5f39bd56d54d8962d4937e0829ddd4c6

Request headers

Referer: https://tur.vivit-tours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 05:18:38 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 46854
cf-request-id: 07a6144a130000e65c0e0b3000000001
last-modified: Thu, 05 Dec 2019 18:19:34 GMT
server: cloudflare
etag: "b706-598f8f8a51eb9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=eiB84cGD4S4Ddxou9lNOVTu3tjg3%2FPNTiNJdfkelnhRXdTp9%2FUFbRjltx5iGwY2Rj7JBnjosvwWgMCms00c9G9xicrauQkbUbvSWwFEj0TxanA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 611d23234bede65c-LHR
expires: Sat, 15 Jan 2022 05:18:38 GMT

GET
H2 200 travel-guide-djerba.jpg
i.vivit-tours.com/img/guides/20/ 20 KB
21 KB 234ms
233ms Image
image/jpeg 172.67.178.55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.vivit-tours.com/img/guides/20/travel-guide-djerba.jpg
Requested by: Host: tur.vivit-tours.com
URL: https://tur.vivit-tours.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.178.55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13af5276df7b6d4449517f1049f0e91e757d72740e36bcca2797033e0b0fbb5a

Request headers

Referer: https://tur.vivit-tours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 05:18:38 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 20975
cf-request-id: 07a6144a130000e65c1d874000000001
last-modified: Thu, 05 Dec 2019 17:36:01 GMT
server: cloudflare
etag: "51ef-598f85ce12dd6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2Bttk1aefRwEIxZgxp4jpTvYlR%2BfJiCQhMQmGReqpeCld6UGTTBilGyarut4ibCqF8x%2F4lNBE4q6HuYX501QnAdK4ZHB7ZGskvi5M3uXIY5Reww%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 611d23234bece65c-LHR
expires: Sat, 15 Jan 2022 05:18:38 GMT

GET
H2 200 paulo.jpg
i.vivit-tours.com/img/destinations/09/ 67 KB
67 KB 329ms
328ms Image
image/jpeg 172.67.178.55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.vivit-tours.com/img/destinations/09/paulo.jpg
Requested by: Host: tur.vivit-tours.com
URL: https://tur.vivit-tours.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.178.55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4fd4081a6f1cf75d7c6a71313d3934b14d9ae08f210063116fc31d3e23183685

Request headers

Referer: https://tur.vivit-tours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 05:18:38 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 68671
cf-request-id: 07a6144a0f0000e65c0d930000000001
last-modified: Thu, 05 Dec 2019 17:30:16 GMT
server: cloudflare
etag: "10c3f-598f8485896fd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=g3DrqjxGjzmii75mqpTxZymNiSsm7egPBC2cW5w%2FZ0nOyMVnGqpleWoDrTQR0YhuFpB3mZDD9eEVQ%2BSRt2SZDoLulXfcv1chy2Wu4%2FrFvNAc7g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 611d23234be6e65c-LHR
expires: Sat, 15 Jan 2022 05:18:38 GMT

GET
H2 200 kerala-trip-travel-hacks-that-no-one-else-will-ever-share-with-you.jpg
i.vivit-tours.com/img/other/55/ 71 KB
71 KB 185ms
184ms Image
image/jpeg 172.67.178.55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.vivit-tours.com/img/other/55/kerala-trip-travel-hacks-that-no-one-else-will-ever-share-with-you.jpg
Requested by: Host: tur.vivit-tours.com
URL: https://tur.vivit-tours.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.178.55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a856fb8647ea3a77596f4d3a14c19384e1201547d6eab1fac1b8b581fdd42f70

Request headers

Referer: https://tur.vivit-tours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 05:18:39 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 72431
cf-request-id: 07a6144b580000e65c22a57000000001
last-modified: Thu, 05 Dec 2019 18:38:11 GMT
server: cloudflare
etag: "11aef-598f93b3cb4a3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=36fvoxwtDzo%2BLYXVnhxSMq9gLkGbEeiyuKkS3sADm%2B7V%2B6cADJ91U4gw6pB7mIJD6WsMMhZKB6KPBj%2BQm26FI66iL1qMplIGgyJ0rU2SOmZ83Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 611d23255de4e65c-LHR
expires: Sat, 15 Jan 2022 05:18:38 GMT

GET
H2 200 snohetta-norwegian-forest-get-dreamier-with-planetarium-starry-cabins.jpg
i.vivit-tours.com/img/other/60/ 58 KB
58 KB 165ms
165ms Image
image/jpeg 172.67.178.55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.vivit-tours.com/img/other/60/snohetta-norwegian-forest-get-dreamier-with-planetarium-starry-cabins.jpg
Requested by: Host: tur.vivit-tours.com
URL: https://tur.vivit-tours.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.178.55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 35b21384f02b385512f88f8093483f709a5c0ff2a5d91dd16d1507446dde5a84

Request headers

Referer: https://tur.vivit-tours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 05:18:39 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 59205
cf-request-id: 07a6144b5a0000e65c5a8f9000000001
last-modified: Thu, 05 Dec 2019 18:42:24 GMT
server: cloudflare
etag: "e745-598f94a53cc73"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=r2foweMRIxkx3LtKYMeQGEzQDkfJllLaabMmEOfAhTWdpkab2zVyvLIoA7bm6e1qQ2gN%2FbC8pr5aPBJiK%2BGt2CFawT%2BHKIiPVr21FQH3%2BzpPHw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 611d23255de7e65c-LHR
expires: Sat, 15 Jan 2022 05:18:38 GMT

GET
H2 200 10-thrilling-spots-trekking-auckland-thatll-take-your-breath-away.jpg
i.vivit-tours.com/img/other/63/ 54 KB
55 KB 189ms
189ms Image
image/jpeg 172.67.178.55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.vivit-tours.com/img/other/63/10-thrilling-spots-trekking-auckland-thatll-take-your-breath-away.jpg
Requested by: Host: tur.vivit-tours.com
URL: https://tur.vivit-tours.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.178.55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2c7a34e4f9047f2e550041450f08a30efac091fea094c06bc36480a21707a973

Request headers

Referer: https://tur.vivit-tours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 05:18:39 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 55429
cf-request-id: 07a6144b690000e65c65175000000001
last-modified: Thu, 05 Dec 2019 18:44:16 GMT
server: cloudflare
etag: "d885-598f950f974fb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=6LOwz60B0DhiIW3uTBx%2Fyd2hqBCYubFa6Lb7Lgm%2B33k0WGMaEXHJEgOMEgO%2B4T8uy9XvY0msmuzgxXePgXyiQpQFDfG5YjrKW0bMU5IbwEuExw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 611d23257dfae65c-LHR
expires: Sat, 15 Jan 2022 05:18:39 GMT

GET
H2 200 los-angeles-food-trucks.jpg
i.vivit-tours.com/img/interests/79/ 44 KB
44 KB 168ms
168ms Image
image/jpeg 172.67.178.55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.vivit-tours.com/img/interests/79/los-angeles-food-trucks.jpg
Requested by: Host: tur.vivit-tours.com
URL: https://tur.vivit-tours.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.178.55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b29525544a7c470710f37e7bc5c3f6a0161e3be5199fe226a19508f090b5b939

Request headers

Referer: https://tur.vivit-tours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 05:18:39 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 44653
cf-request-id: 07a6144bec0000e65c260bd000000001
last-modified: Thu, 05 Dec 2019 17:45:58 GMT
server: cloudflare
etag: "ae6d-598f88079f7e3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=slY%2FbosrbzOGqXGII5r62RJKY6H%2BvXMyI%2BJa1OJg4epSGgUKGArAlkmHq6Dr7zlEqZRKOfkQUh6kOSC%2BzyFUBfjoFJjANEpeGDZKCigdWhnARw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 611d23264e8fe65c-LHR
expires: Sat, 15 Jan 2022 05:18:39 GMT

GET
H2 200 20-most-popular-road-trip-routes-us.jpg
i.vivit-tours.com/img/interests/23/ 39 KB
40 KB 153ms
153ms Image
image/jpeg 172.67.178.55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.vivit-tours.com/img/interests/23/20-most-popular-road-trip-routes-us.jpg
Requested by: Host: tur.vivit-tours.com
URL: https://tur.vivit-tours.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.178.55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bec0306c6c6a4d45d5a3c107c3e03432c7497bb0f13a39b30097825c10290add

Request headers

Referer: https://tur.vivit-tours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 05:18:39 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 40421
cf-request-id: 07a6144bf30000e65c46325000000001
last-modified: Thu, 05 Dec 2019 17:39:22 GMT
server: cloudflare
etag: "9de5-598f868e113c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=bBqmbeVYw8ZjA%2BwXx89FFZe4m5HlSMsQcBw4pf7YpAWxqN4rHbiiEZrm8PbGitYKcCDgmMSxsXvbMg3N%2FaavWpfP0N4EKuq7lUndlp29fxtuTg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 611d23265e98e65c-LHR
expires: Sat, 15 Jan 2022 05:18:39 GMT

GET
H2 200 css
fonts.googleapis.com/ 4 KB
739 B 21ms
16ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Nunito+Sans:700%7CNunito:300,600&display=swap&subset=cyrillic

Requested by

Host: tur.vivit-tours.com
URL: https://tur.vivit-tours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ecaa66748249a29d419e62c34d4ddfa46e553ed00eb4bd2d519b55ca12a5769c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://tur.vivit-tours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 15 Jan 2021 05:18:38 GMT
server: ESF
date: Fri, 15 Jan 2021 05:18:38 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 15 Jan 2021 05:18:38 GMT

GET
H2 200 bootstrap.min.css
vivit-tours.com/template/css/ 121 KB
18 KB 90ms
82ms Stylesheet
text/css 172.67.178.55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vivit-tours.com/template/css/bootstrap.min.css
Requested by: Host: tur.vivit-tours.com
URL: https://tur.vivit-tours.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.178.55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e7454bd4a3bc5f489cf0cbe07e5d96387b06488b8bb0f10fecb621a125279a33

Request headers

Referer: https://tur.vivit-tours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 05:18:38 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 166812
cf-request-id: 07a61449750000e65c83944000000001
last-modified: Fri, 04 Dec 2020 11:55:55 GMT
server: cloudflare
etag: W/"1e3d7-5b5a228acb64f-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=OmZdn5WUCiXiXbyYP12J5yS13iHp0at3cKfHrjVV1RSmGLwaEZ1tVSd0LcWDADXqkoo3plFZIWX2KDROV0jm%2Be8Edlau1DvlUQR6Ed4z5Qo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=1209600
cf-ray: 611d23225b1ce65c-LHR
expires: Wed, 27 Jan 2021 06:58:26 GMT

GET
H2 200 style.css
vivit-tours.com/template/css/ 50 KB
23 KB 111ms
103ms Stylesheet
text/css 172.67.178.55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vivit-tours.com/template/css/style.css
Requested by: Host: tur.vivit-tours.com
URL: https://tur.vivit-tours.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.178.55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e259154d565486c485d02cfa5e7907f03c355f0875d7df202d3ad4f4b312cdc

Request headers

Referer: https://tur.vivit-tours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 05:18:38 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 104392
cf-request-id: 07a61449760000e65c490f6000000001
last-modified: Wed, 09 Dec 2020 01:56:51 GMT
server: cloudflare
etag: W/"c7e6-5b5fe5f7c1a03-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=krXKUMIF75gJpKnjBHW0s452kZcw%2B%2BhOfsMiOrrPT5yPylJDb%2Fi56mP%2B77KP9p5MeKURs5QsTbt2UE8uIYuQt50D6URqFXv9pOcb0asDUx0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=1209600
cf-ray: 611d23225b1de65c-LHR
expires: Thu, 28 Jan 2021 00:18:46 GMT

GET
H2 200 jquery.min.js Show response
vivit-tours.com/template/js/ 84 KB
29 KB 101ms
93ms Script
application/javascript 172.67.178.55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vivit-tours.com/template/js/jquery.min.js
Requested by: Host: tur.vivit-tours.com
URL: https://tur.vivit-tours.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.178.55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b409c14a10b4caad6b54844aa63a5faf748b83eecc2dd0d4fb1d913f8de55365

Request headers

Referer: https://tur.vivit-tours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 05:18:38 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 99150
cf-request-id: 07a61449760000e65c490f7000000001
last-modified: Thu, 18 Jul 2019 01:51:00 GMT
server: cloudflare
etag: W/"14e4e-58dead7722900-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=OkeepcOAxQue8WpJqSOV%2FFcWQWi89y640IaML7TpIhQ0x6j3YLidFFFXW3nF3%2BYGktz8NBT8cMR44gyDwguv5MlAyE8yZO0hBWtRQ9A79hc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1209600
cf-ray: 611d23225b1ee65c-LHR
expires: Thu, 28 Jan 2021 01:46:08 GMT

GET
H2 200 bootstrap.min.js Show response
vivit-tours.com/template/js/ 36 KB
10 KB 78ms
70ms Script
application/javascript 172.67.178.55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vivit-tours.com/template/js/bootstrap.min.js
Requested by: Host: tur.vivit-tours.com
URL: https://tur.vivit-tours.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.178.55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Request headers

Referer: https://tur.vivit-tours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 05:18:38 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1240
cf-request-id: 07a61449760000e65c260ab000000001
last-modified: Thu, 18 Jul 2019 01:51:00 GMT
server: cloudflare
etag: W/"90b5-58dead7722900-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Bw0FpX5kDC3FV4SvM8bk53XcYGn23yEQ5QCQxoYzBjT4uyDffC7V89%2FmWiyx5vhjRY8IAVYDMroeVyENROUfiVJ2oI9eD9%2BLZIAQRPsZeQU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1209600
cf-ray: 611d23225b20e65c-LHR
expires: Fri, 29 Jan 2021 04:57:58 GMT

GET
H2 200 main.js Show response
vivit-tours.com/template/js/ 3 KB
1 KB 98ms
91ms Script
application/javascript 172.67.178.55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vivit-tours.com/template/js/main.js
Requested by: Host: tur.vivit-tours.com
URL: https://tur.vivit-tours.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.178.55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f504ccb6c20e2bd16e5d8f01f673b3d454bbfc8f9767c029967c293f4ee723a8

Request headers

Referer: https://tur.vivit-tours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 05:18:38 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1124055
cf-request-id: 07a61449760000e65c612f7000000001
last-modified: Thu, 18 Jul 2019 01:51:00 GMT
server: cloudflare
etag: W/"aa5-58dead7722900-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=EUNsFKMgrr0tTOmEHZ4Y%2BCaTHuhNg3tY4zaydJ9ZQ7Ee10megzdigQ58n4ra9%2BC22TzU2G3lKhdLwR84GU%2FGR1lYc4eEFAzZrdKG%2B%2FRUR74%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1209600
cf-ray: 611d23225b21e65c-LHR
expires: Sat, 16 Jan 2021 05:04:23 GMT

GET
H2 200 cookieconsent.min.css
cdn.jsdelivr.net/npm/cookieconsent@3/build/ 5 KB
1 KB 9ms
5ms Stylesheet
text/css 2a04:4e42:3::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/cookieconsent@3/build/cookieconsent.min.css

Requested by

Host: tur.vivit-tours.com
URL: https://tur.vivit-tours.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::621 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

cd0d0b6e50ff01ff2f3a9a70d7cfb66a7c6cb9acf7a566325568be6d3bd31fc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://tur.vivit-tours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 10316
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 1299
etag: W/"135e-3nthfC1sCV/yhiNebPZMMo2hpL8"
x-served-by: cache-fra19128-FRA
date: Fri, 15 Jan 2021 05:18:38 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 cookieconsent.min.js Show response
cdn.jsdelivr.net/npm/cookieconsent@3/build/ 20 KB
7 KB 10ms
6ms Script
application/javascript 2a04:4e42:3::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/cookieconsent@3/build/cookieconsent.min.js

Requested by

Host: tur.vivit-tours.com
URL: https://tur.vivit-tours.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::621 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e55842a856a6d829feca3c3ad736c136b6c7549e9247274f78aa296259e06e24

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://tur.vivit-tours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 10314
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 6756
etag: W/"50d5-nLraS9YXyGxjjPLr3exyStWWkHs"
x-served-by: cache-fra19128-FRA
date: Fri, 15 Jan 2021 05:18:38 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 abs.js Show response
cdn.zx-adnet.com/adx/ 752 KB
174 KB 845ms
845ms Script
text/javascript 151.101.1.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.zx-adnet.com/adx/abs.js?0.6584775937232459

Requested by

Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/optr_19071801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

99a76999d97b2b208475346392aaa9651be963853de94cbff9faa23644bf6bd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Referer: https://tur.vivit-tours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
last-modified: Thu, 14 Jan 2021 12:53:09 GMT
x-timer: S1610687919.540514,VS0,VE825
etag: "43b0794868af9d7bab563d4ad0146f8fe8707552ce51eec498e13bb0bc7efe63-br"
x-served-by: cache-cdg20766-CDG
vary: x-fh-requested-host, accept-encoding
x-cache: MISS
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600
date: Fri, 15 Jan 2021 05:18:39 GMT
accept-ranges: bytes
content-length: 178076
x-cache-hits: 0

GET
H/1.1

200
OK

hit
counter.yadro.ru/
Redirect Chain

https://counter.yadro.ru/hit?r;s1600*1200*24;uhttps%3A//tur.vivit-tours.com/;0.25630440426322143
https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//tur.vivit-tours.com/;0.25630440426322143

43 B
496 B

67ms
67ms

Image
image/gif

88.212.201.216
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//tur.vivit-tours.com/;0.25630440426322143

Requested by

Host: tur.vivit-tours.com
URL: https://tur.vivit-tours.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

88.212.201.216 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host216.rax.ru

Software

nginx/1.17.9 /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://tur.vivit-tours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 15 Jan 2021 05:18:38 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Cache-control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 15 Jan 2020 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 15 Jan 2021 05:18:38 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Location: https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//tur.vivit-tours.com/;0.25630440426322143
Cache-control: no-cache
Connection: keep-alive
Content-Type: text/html
Content-Length: 32
Expires: Wed, 15 Jan 2020 21:00:00 GMT

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 369 KB
94 KB 147ms
49ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: tur.vivit-tours.com
URL: https://tur.vivit-tours.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

92a8c052c24889d39ddee3617dad8f31b6f036451afefdad1334b0fcd4694794

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://tur.vivit-tours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 05:18:38 GMT
content-encoding: br
last-modified: Wed, 30 Dec 2020 19:28:34 GMT
etag: "5fd23012-17727"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 96039
expires: Fri, 15 Jan 2021 06:18:38 GMT

GET
H2 200 pe03MImSLYBIv1o4X1M8cc8GBs5tU1ECVZl_.woff2
fonts.gstatic.com/s/nunitosans/v6/ 11 KB
11 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:818::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunitosans/v6/pe03MImSLYBIv1o4X1M8cc8GBs5tU1ECVZl_.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito+Sans:700%7CNunito:300,600&display=swap&subset=cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

797d0e1d0a5eba83fe25e52c97a8002dc8d57a592c6840bae7eba17c41d90ee6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://tur.vivit-tours.com
Referer: https://fonts.googleapis.com/css?family=Nunito+Sans:700%7CNunito:300,600&display=swap&subset=cyrillic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 10:42:51 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Sep 2020 17:04:46 GMT
server: sffe
age: 585347
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11552
x-xss-protection: 0
expires: Sat, 08 Jan 2022 10:42:51 GMT

GET
H2 200 XRXW3I6Li01BKofA6sKUYevIWzgPDA.woff2
fonts.gstatic.com/s/nunito/v16/ 13 KB
13 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:818::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunito/v16/XRXW3I6Li01BKofA6sKUYevIWzgPDA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito+Sans:700%7CNunito:300,600&display=swap&subset=cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a271d830afdf97fd9db938e1eb1a83e3c5be6034c721129db32e3fac2722a7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://tur.vivit-tours.com
Referer: https://fonts.googleapis.com/css?family=Nunito+Sans:700%7CNunito:300,600&display=swap&subset=cyrillic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 06:09:53 GMT
x-content-type-options: nosniff
last-modified: Wed, 25 Nov 2020 02:44:35 GMT
server: sffe
age: 601725
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13452
x-xss-protection: 0
expires: Sat, 08 Jan 2022 06:09:53 GMT

GET
H2 200 XRXW3I6Li01BKofAnsSUYevIWzgPDA.woff2
fonts.gstatic.com/s/nunito/v16/ 13 KB
13 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:818::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunito/v16/XRXW3I6Li01BKofAnsSUYevIWzgPDA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito+Sans:700%7CNunito:300,600&display=swap&subset=cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

57d8856c7c69e9f64c198cf86ef7117164496ce7c8b179a7c82fe03764f2dce3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://tur.vivit-tours.com
Referer: https://fonts.googleapis.com/css?family=Nunito+Sans:700%7CNunito:300,600&display=swap&subset=cyrillic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 00:03:57 GMT
x-content-type-options: nosniff
last-modified: Wed, 25 Nov 2020 02:44:29 GMT
server: sffe
age: 18881
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13056
x-xss-protection: 0
expires: Sat, 15 Jan 2022 00:03:57 GMT

GET
DATA 200
OK truncated
/ 19 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ae2b3292ce4d22938259dd7e2d411ef3e498276837fbcc0475af40237b608f1f

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 XRXW3I6Li01BKofA6sKUb-vIWzgPDEtj.woff2
fonts.gstatic.com/s/nunito/v16/ 13 KB
13 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:818::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunito/v16/XRXW3I6Li01BKofA6sKUb-vIWzgPDEtj.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito+Sans:700%7CNunito:300,600&display=swap&subset=cyrillic

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

704014e8de12fdd8910eba95eae597be280d9a1509d284cc21cbfc71dbb8ea5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://tur.vivit-tours.com
Referer: https://fonts.googleapis.com/css?family=Nunito+Sans:700%7CNunito:300,600&display=swap&subset=cyrillic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 03:05:24 GMT
x-content-type-options: nosniff
last-modified: Wed, 25 Nov 2020 02:44:43 GMT
server: sffe
age: 7994
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13132
x-xss-protection: 0
expires: Sat, 15 Jan 2022 03:05:24 GMT

GET
H3-Q050 200 pe03MImSLYBIv1o4X1M8cc8GBs5jU1ECVZl_86Y.woff2
fonts.gstatic.com/s/nunitosans/v6/ 10 KB
10 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:818::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunitosans/v6/pe03MImSLYBIv1o4X1M8cc8GBs5jU1ECVZl_86Y.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito+Sans:700%7CNunito:300,600&display=swap&subset=cyrillic

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2d53c991ced8060512cd10806536812d3c1be448dcf3f6097096974a411d1ee6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://tur.vivit-tours.com
Referer: https://fonts.googleapis.com/css?family=Nunito+Sans:700%7CNunito:300,600&display=swap&subset=cyrillic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 11:24:58 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Sep 2020 17:04:41 GMT
server: sffe
age: 582820
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10596
x-xss-protection: 0
expires: Sat, 08 Jan 2022 11:24:58 GMT

GET
H2

200

1 Show response
mc.yandex.ru/watch/54607900/
Redirect Chain

https://mc.yandex.ru/watch/54607900?wmode=7&page-url=https%3A%2F%2Ftur.vivit-tours.com%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1610687917070%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A21661...
https://mc.yandex.ru/watch/54607900/1?wmode=7&page-url=https%3A%2F%2Ftur.vivit-tours.com%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1610687917070%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216...

186 B
340 B

55ms
55ms

XHR
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/54607900/1?wmode=7&page-url=https%3A%2F%2Ftur.vivit-tours.com%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1610687917070%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A60%3Ai%3A20210115061838%3Aet%3A1610687919%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A1140271980056%3Arqn%3A1%3Arn%3A934407104%3Ahid%3A1065070140%3Ads%3A0%2C113%2C1119%2C1%2C128%2C0%2C0%2C183%2C0%2C%2C%2C%2C1548%3Afp%3A1465%3Agdpr%3A14%3Av%3A1988%3Awv%3A2%3Arqnl%3A1%3Ast%3A1610687919%3Au%3A1610687919502001211%3At%3ATurizm%20Ve%20Seyahat%2C%20Seyahat%20Dergileri%2C%20Gazeteler%2C%20Yay%C4%B1nlar%2C%20De%C4%9Ferlendirme%20De%C4%9Ferlendirme%20Ile%20Ilgili%20Makaleler%20%2F%20Ocak%202021

Requested by

Host: tur.vivit-tours.com
URL: https://tur.vivit-tours.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

5db56fb995ebcd0d6ced7d8409af2e6828a05826170c0a635fca096ed8e9323c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tur.vivit-tours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Jan 2021 05:18:39 GMT
x-content-type-options: nosniff
last-modified: Fri, 15-Jan-2021 05:18:39 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://tur.vivit-tours.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 186
x-xss-protection: 1; mode=block
expires: Fri, 15-Jan-2021 05:18:39 GMT

Redirect headers

pragma: no-cache
date: Fri, 15 Jan 2021 05:18:38 GMT
last-modified: Fri, 15-Jan-2021 05:18:38 GMT
location: /watch/54607900/1?wmode=7&page-url=https%3A%2F%2Ftur.vivit-tours.com%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1610687917070%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A60%3Ai%3A20210115061838%3Aet%3A1610687919%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A1140271980056%3Arqn%3A1%3Arn%3A934407104%3Ahid%3A1065070140%3Ads%3A0%2C113%2C1119%2C1%2C128%2C0%2C0%2C183%2C0%2C%2C%2C%2C1548%3Afp%3A1465%3Agdpr%3A14%3Av%3A1988%3Awv%3A2%3Arqnl%3A1%3Ast%3A1610687919%3Au%3A1610687919502001211%3At%3ATurizm%20Ve%20Seyahat%2C%20Seyahat%20Dergileri%2C%20Gazeteler%2C%20Yay%C4%B1nlar%2C%20De%C4%9Ferlendirme%20De%C4%9Ferlendirme%20Ile%20Ilgili%20Makaleler%20%2F%20Ocak%202021
strict-transport-security: max-age=31536000
access-control-allow-origin: https://tur.vivit-tours.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 15-Jan-2021 05:18:38 GMT

GET
H2 200 advert.gif
mc.yandex.ru/metrika/ 43 B
136 B 49ms
48ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif

Requested by

Host: tur.vivit-tours.com
URL: https://tur.vivit-tours.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://tur.vivit-tours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 05:18:38 GMT
last-modified: Wed, 30 Dec 2020 19:28:30 GMT
etag: "5feccf70-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Fri, 15 Jan 2021 06:18:38 GMT

GET
H2 200 __ZXCONSENT.ZxGetConsent Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/location/ 179 B
530 B 29ms
14ms Script
text/javascript 2606:4700:10::6814:b944
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location/__ZXCONSENT.ZxGetConsent

Requested by

Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/optr_19071801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:b944 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4d10ce3afdc0ac47737060c54c83a10fbe1192bb687029d2565962e4c1f462a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://tur.vivit-tours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 05:18:39 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 611d2328aba8073e-FRA
cf-request-id: 07a6144d640000073e5822d000000001

GET
H2 200 sdk.feda0fd8c5f2191f5c4b299585520859048f3705.js Show response
cdn.zx-adnet.com/consent/ 601 KB
70 KB 20ms
20ms Script
text/javascript 151.101.1.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.zx-adnet.com/consent/sdk.feda0fd8c5f2191f5c4b299585520859048f3705.js

Requested by

Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/optr_19071801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

62ec7c0697fc12c5541f518ea664b735d27edb018bc43a9db3e007b6f631edd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Referer: https://tur.vivit-tours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
last-modified: Thu, 14 Jan 2021 12:53:09 GMT
x-timer: S1610687919.482582,VS0,VE0
etag: "328c00991d54dda975e83095a290fad5ea301343419efac9ee4da79211f2c0c6-br"
x-served-by: cache-cdg20766-CDG
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600
date: Fri, 15 Jan 2021 05:18:39 GMT
accept-ranges: bytes
content-length: 71621
x-cache-hits: 220

GET
H2 200 ui-gdpr-en.feda0fd8c5f2191f5c4b299585520859048f3705.js Show response
cdn.zx-adnet.com/consent/ 230 KB
37 KB 21ms
21ms Script
text/javascript 151.101.1.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.zx-adnet.com/consent/ui-gdpr-en.feda0fd8c5f2191f5c4b299585520859048f3705.js

Requested by

Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/consent/sdk.feda0fd8c5f2191f5c4b299585520859048f3705.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

ff4b703a37dc11dbca28199ebaa29bfd85fb3793138fdc9bb2b952954d098b68

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Referer: https://tur.vivit-tours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
last-modified: Thu, 14 Jan 2021 12:53:09 GMT
x-timer: S1610687920.585890,VS0,VE0
etag: "dad5947af947c84745a29032a526f3e68afd9ce38af7f41ee281defb94b29c84-br"
x-served-by: cache-cdg20766-CDG
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600
date: Fri, 15 Jan 2021 05:18:39 GMT
accept-ranges: bytes
content-length: 37832
x-cache-hits: 3

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 54 KB
19 KB 116ms
41ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/optr_19071801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

sffe /

Resource Hash

badfe7d24133e8a93d99e367c6c94b7d44952079f40a1f707d5051e977e2e939

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tur.vivit-tours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 05:18:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "755 / 588 of 1000 / last-modified: 1610665948"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18720
x-xss-protection: 0
expires: Fri, 15 Jan 2021 05:18:39 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 54 KB
19 KB 34ms
15ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js?zx

Requested by

Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/optr_19071801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8b9ff3db6f940820e1a134749859bc7bf465d70743abc56c20f8850d23ed6de2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tur.vivit-tours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 05:18:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "755 / 565 of 1000 / last-modified: 1610665948"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 18719
x-xss-protection: 0
expires: Fri, 15 Jan 2021 05:18:39 GMT

GET
H2 200 /
mc.yandex.ru/watch/54496171/OPTR/ 43 B
71 B 58ms
55ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/watch/54496171/OPTR/?r=0.3396810164720929

Requested by

Host: tur.vivit-tours.com
URL: https://tur.vivit-tours.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tur.vivit-tours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Jan 2021 05:18:39 GMT
last-modified: Fri, 15-Jan-2021 05:18:39 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
x-xss-protection: 1; mode=block
expires: Fri, 15-Jan-2021 05:18:39 GMT

GET
H2 200 53428543
mc.yandex.ru/watch/ 0
0 55ms
52ms Image
application/json 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22OPTR%22:{%22tur.vivit-tours.com%22:{%22https://tur.vivit-tours.com/%22:%22%22}}}&r=0.053000560348679615
Requested by: Host: tur.vivit-tours.com
URL: https://tur.vivit-tours.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://tur.vivit-tours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 /
mc.yandex.ru/watch/54496171/OPTR/ 43 B
71 B 51ms
49ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/watch/54496171/OPTR/?r=0.4097296764895191

Requested by

Host: tur.vivit-tours.com
URL: https://tur.vivit-tours.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tur.vivit-tours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Jan 2021 05:18:39 GMT
last-modified: Fri, 15-Jan-2021 05:18:39 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
x-xss-protection: 1; mode=block
expires: Fri, 15-Jan-2021 05:18:39 GMT

GET
H2 200 53428543
mc.yandex.ru/watch/ 0
0 57ms
55ms Image
application/json 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22OPTR%22:{%22tur.vivit-tours.com%22:{%22https://tur.vivit-tours.com/%22:%22%22}}}&r=0.9415448153164585
Requested by: Host: tur.vivit-tours.com
URL: https://tur.vivit-tours.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://tur.vivit-tours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 /
mc.yandex.ru/watch/54496171/OPTR/ 43 B
71 B 66ms
65ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/watch/54496171/OPTR/?r=0.3008596655636955

Requested by

Host: tur.vivit-tours.com
URL: https://tur.vivit-tours.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tur.vivit-tours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Jan 2021 05:18:39 GMT
last-modified: Fri, 15-Jan-2021 05:18:39 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
x-xss-protection: 1; mode=block
expires: Fri, 15-Jan-2021 05:18:39 GMT

GET
H2 200 53428543
mc.yandex.ru/watch/ 0
0 51ms
49ms Image
application/json 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22OPTR%22:{%22tur.vivit-tours.com%22:{%22https://tur.vivit-tours.com/%22:%22%22}}}&r=0.9241745256512346
Requested by: Host: tur.vivit-tours.com
URL: https://tur.vivit-tours.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://tur.vivit-tours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 /
mc.yandex.ru/watch/54496171/OPTR/ 43 B
71 B 64ms
63ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/watch/54496171/OPTR/?r=0.7741499400632179

Requested by

Host: tur.vivit-tours.com
URL: https://tur.vivit-tours.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tur.vivit-tours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Jan 2021 05:18:39 GMT
last-modified: Fri, 15-Jan-2021 05:18:39 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
x-xss-protection: 1; mode=block
expires: Fri, 15-Jan-2021 05:18:39 GMT

GET
H2 200 53428543
mc.yandex.ru/watch/ 0
0 57ms
56ms Image
application/json 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22OPTR%22:{%22tur.vivit-tours.com%22:{%22https://tur.vivit-tours.com/%22:%22%22}}}&r=0.8731299638251693
Requested by: Host: tur.vivit-tours.com
URL: https://tur.vivit-tours.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://tur.vivit-tours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 pubads_impl_2021010903.js Show response
securepubads.g.doubleclick.net/gpt/ 275 KB
97 KB 87ms
62ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010903.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js?zx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

sffe /

Resource Hash

9daba360fcb1a652044af1056d44769ef7e71b010f2492989bfd583158be0ea0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tur.vivit-tours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 05:18:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 10 Jan 2021 01:35:23 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99142
x-xss-protection: 0
expires: Fri, 15 Jan 2021 05:18:39 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
803 B 36ms
15ms Script
application/javascript 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=tur.vivit-tours.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010903.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tur.vivit-tours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 15 Jan 2021 05:18:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
803 B 34ms
14ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=tur.vivit-tours.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010903.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tur.vivit-tours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 15 Jan 2021 05:18:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 24 KB
10 KB 137ms
100ms XHR
text/plain 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4289469351501788&correlator=3866695390550686&output=ldjh&impl=fif&eid=21068773%2C21069142%2C21065724&vrg=2021010903&gdpr_consent=CPAC3jcPAC3jcAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&gdpr=1&addtl_consent=1~7.12.35.62.66.70.89.93.108.122.144.149.153.162.167.184.196.221.241.253.259.272.311.317.323.326.338.348.350.415.440.448.449.482.486.491.494.495.540.571.574.585.587.588.590.725.733.780.817.839.864.867.932.938.981.986.1031.1033.1051.1092.1097.1126.1127.1170.1171.1186.1201.1204.1205.1211.1215.1230.1232.1236.1248.1276.1290.1301.1313.1344.1364.1365.1415.1419.1428.1449.1451.1509.1558.1564.1570.1577.1591.1651.1669.1712.1716.1720.1721.1725.1733.1753.1765.1799.1810.1834.1842.1870.1878.1889.1896.1911.1922.1929.2012.2072.2078.2079.2109.2177.2202.2253.2290.2299.2316.2357.2373.2526.2531.2571.2572.2575.2628.2663.2677.2776.2778.2779.2985.3033.3052.3154&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20210115&iu_parts=60274849%2CZX-OPTR&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ists=1&fas=8&prev_scp=ad_format%3Dinterstitial&cust_params=site_domen%3Dtur.vivit-tours.com%26site_topdomen%3Dvivit-tours.com%26site_referrer%3D%26site_hash%3D%26keywords%3DTurizm%2520Ve%2520Seyahat%2520Seyahat%2520Dergileri%2520Gazeteler%2520Yay%2520nlar%2520De%2520erlendirme%2520De%2520erlendirme%2520Ile%2520Ilgili%2520Makaleler&cookie_enabled=1&bc=31&abxe=1&lmt=1610687919&dt=1610687919928&dlt=1610687918435&idt=1442&frm=20&biw=1600&bih=1200&oid=3&adks=3315216602&ucis=1&ifi=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Ftur.vivit-tours.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&ga_vid=1627219867.1610687920&ga_sid=1610687920&ga_hid=1087863850&fws=2&ohw=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010903.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

8319eb7820e1be1cfffac229cb3aa321829ba21cb0676c665f04c1ee51041a97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tur.vivit-tours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 05:18:40 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9731
x-xss-protection: 0
google-lineitem-id: 5121405043
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138287458916
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://tur.vivit-tours.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
a909240e50e14607e4139976c0fd17ce.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 0
0 46ms
14ms Other
text/html 2a00:1450:4001:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a909240e50e14607e4139976c0fd17ce.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010903.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:817::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://tur.vivit-tours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 26ms
6ms Other
text/html 2a00:1450:4001:819::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010903.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://tur.vivit-tours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 52 KB
12 KB 378ms
342ms XHR
text/plain 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4289469351501788&correlator=3866695390550686&output=ldjh&impl=fif&eid=21068773%2C21069142%2C21065724&vrg=2021010903&gdpr_consent=CPAC3jcPAC3jcAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&gdpr=1&addtl_consent=1~7.12.35.62.66.70.89.93.108.122.144.149.153.162.167.184.196.221.241.253.259.272.311.317.323.326.338.348.350.415.440.448.449.482.486.491.494.495.540.571.574.585.587.588.590.725.733.780.817.839.864.867.932.938.981.986.1031.1033.1051.1092.1097.1126.1127.1170.1171.1186.1201.1204.1205.1211.1215.1230.1232.1236.1248.1276.1290.1301.1313.1344.1364.1365.1415.1419.1428.1449.1451.1509.1558.1564.1570.1577.1591.1651.1669.1712.1716.1720.1721.1725.1733.1753.1765.1799.1810.1834.1842.1870.1878.1889.1896.1911.1922.1929.2012.2072.2078.2079.2109.2177.2202.2253.2290.2299.2316.2357.2373.2526.2531.2571.2572.2575.2628.2663.2677.2776.2778.2779.2985.3033.3052.3154&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20210115&iu_parts=41117126%2CZXNT%2Czxntmx%2Czxntmx_optr&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=1600x90&cust_params=site_domen%3Dtur.vivit-tours.com%26site_topdomen%3Dvivit-tours.com%26site_referrer%3D%26site_hash%3D%26keywords%3DTurizm%2520Ve%2520Seyahat%2520Seyahat%2520Dergileri%2520Gazeteler%2520Yay%2520nlar%2520De%2520erlendirme%2520De%2520erlendirme%2520Ile%2520Ilgili%2520Makaleler%26seg_id%3D21120200%26site_url%3Dhttps%253A%252F%252Ftur.vivit-tours.com%252F&cookie_enabled=1&bc=31&abxe=1&lmt=1610687919&dt=1610687919933&dlt=1610687918435&idt=1442&frm=20&biw=1600&bih=1200&oid=3&adxs=0&adys=1235&adks=4081098883&ucis=2&ifi=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Ftur.vivit-tours.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x-1&msz=1600x-1&ga_vid=1627219867.1610687920&ga_sid=1610687920&ga_hid=1087863850&fws=516&ohw=1600&btvi=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010903.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

aba2268048a3ff217451d7b74d0f49b104560650f1bd149731bc852d30b91f94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tur.vivit-tours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 05:18:40 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11812
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://tur.vivit-tours.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 5 KB
4 KB 123ms
88ms XHR
text/plain 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4289469351501788&correlator=3866695390550686&output=ldjh&impl=fif&eid=21068773%2C21069142%2C21065724&vrg=2021010903&gdpr_consent=CPAC3jcPAC3jcAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&gdpr=1&addtl_consent=1~7.12.35.62.66.70.89.93.108.122.144.149.153.162.167.184.196.221.241.253.259.272.311.317.323.326.338.348.350.415.440.448.449.482.486.491.494.495.540.571.574.585.587.588.590.725.733.780.817.839.864.867.932.938.981.986.1031.1033.1051.1092.1097.1126.1127.1170.1171.1186.1201.1204.1205.1211.1215.1230.1232.1236.1248.1276.1290.1301.1313.1344.1364.1365.1415.1419.1428.1449.1451.1509.1558.1564.1570.1577.1591.1651.1669.1712.1716.1720.1721.1725.1733.1753.1765.1799.1810.1834.1842.1870.1878.1889.1896.1911.1922.1929.2012.2072.2078.2079.2109.2177.2202.2253.2290.2299.2316.2357.2373.2526.2531.2571.2572.2575.2628.2663.2677.2776.2778.2779.2985.3033.3052.3154&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20210115&iu_parts=60274849%2CZX-OPTR&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250&cust_params=site_domen%3Dtur.vivit-tours.com%26site_topdomen%3Dvivit-tours.com%26site_referrer%3D%26site_hash%3D%26keywords%3DTurizm%2520Ve%2520Seyahat%2520Seyahat%2520Dergileri%2520Gazeteler%2520Yay%2520nlar%2520De%2520erlendirme%2520De%2520erlendirme%2520Ile%2520Ilgili%2520Makaleler%26seg_id%3D21120200%26site_url%3Dhttps%253A%252F%252Ftur.vivit-tours.com%252F&cookie_enabled=1&bc=31&abxe=1&lmt=1610687919&dt=1610687919937&dlt=1610687918435&idt=1442&frm=20&biw=1600&bih=1200&oid=3&adxs=315&adys=1439&adks=2682756206&ucis=3&ifi=3&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Ftur.vivit-tours.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1170x-1&msz=1170x-1&ga_vid=1627219867.1610687920&ga_sid=1610687920&ga_hid=1087863850&fws=4&ohw=1170&btvi=2&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010903.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

bf6108259316e0af323c3145d0a428dc8c740556bc3037c8be6dcc7e7b093c93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tur.vivit-tours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 05:18:40 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2866
x-xss-protection: 0
google-lineitem-id: 5121405043
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138276240772
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://tur.vivit-tours.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 5 KB
3 KB 128ms
94ms XHR
text/plain 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4289469351501788&correlator=3866695390550686&output=ldjh&impl=fif&eid=21068773%2C21069142%2C21065724&vrg=2021010903&gdpr_consent=CPAC3jcPAC3jcAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&gdpr=1&addtl_consent=1~7.12.35.62.66.70.89.93.108.122.144.149.153.162.167.184.196.221.241.253.259.272.311.317.323.326.338.348.350.415.440.448.449.482.486.491.494.495.540.571.574.585.587.588.590.725.733.780.817.839.864.867.932.938.981.986.1031.1033.1051.1092.1097.1126.1127.1170.1171.1186.1201.1204.1205.1211.1215.1230.1232.1236.1248.1276.1290.1301.1313.1344.1364.1365.1415.1419.1428.1449.1451.1509.1558.1564.1570.1577.1591.1651.1669.1712.1716.1720.1721.1725.1733.1753.1765.1799.1810.1834.1842.1870.1878.1889.1896.1911.1922.1929.2012.2072.2078.2079.2109.2177.2202.2253.2290.2299.2316.2357.2373.2526.2531.2571.2572.2575.2628.2663.2677.2776.2778.2779.2985.3033.3052.3154&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20210115&iu_parts=60274849%2CZX-OPTR&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250&cust_params=site_domen%3Dtur.vivit-tours.com%26site_topdomen%3Dvivit-tours.com%26site_referrer%3D%26site_hash%3D%26keywords%3DTurizm%2520Ve%2520Seyahat%2520Seyahat%2520Dergileri%2520Gazeteler%2520Yay%2520nlar%2520De%2520erlendirme%2520De%2520erlendirme%2520Ile%2520Ilgili%2520Makaleler%26seg_id%3D21120200%26site_url%3Dhttps%253A%252F%252Ftur.vivit-tours.com%252F&cookie_enabled=1&bc=31&abxe=1&lmt=1610687919&dt=1610687919939&dlt=1610687918435&idt=1442&frm=20&biw=1600&bih=1200&oid=3&adxs=315&adys=4190&adks=2948289795&ucis=4&ifi=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Ftur.vivit-tours.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1170x-1&msz=1170x-1&ga_vid=1627219867.1610687920&ga_sid=1610687920&ga_hid=1087863850&fws=4&ohw=1170&btvi=3&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010903.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

bc3c4912b77f4ce1875154d1f43594136e13f1faed090d2c6a4b3215d99b8c3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tur.vivit-tours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 05:18:40 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2872
x-xss-protection: 0
google-lineitem-id: 5121405043
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138287458583
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://tur.vivit-tours.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame E19E 0
0 41ms
41ms Fetch
image/gif 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstQIcnksRRG_IXxlopHyTazUwS_gGepZjmwJ65xxsesKbckpAB2_EH-tjjuNSTPOoa3W31Gw-9CAO91AXlo6hWJcEWWc99p2IJB3zKyyMt4V4kso8W2MoZq8_VnLoaGEfsaUshl1HKPHJbI23AgwIOQf6LMhThCWYKDnX-dyATprepMpfRqSZ7s0kpIvvZVRi0a5M6H2bZlTWfsbFAnLZBtuohqUmtZDgngyEeozSXuRDKeAIC5bOc63CJ8axw6B_xJ_IjMcDDtE-jHDmQwyIZh3F5JhL7izYxqS3V8OQ&sai=AMfl-YTWbRArnN2sDZz4A5qaRnz2rIH4zYtF-Ngayy8QN4HB3Lt5TJmuRQ5yAG73oY7Ie1Rf5e1svIVlQkmmSWh3Y-_PbLeFW_lfaJU97_zl1UDKRGoh9rP3ARN-nYQFU6XJ&sig=Cg0ArKJSzOPPWBINQbzgEAE&urlfix=1&adurl=

Requested by

Host: tur.vivit-tours.com
URL: https://tur.vivit-tours.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tur.vivit-tours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 15 Jan 2021 05:18:40 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 15 Jan 2021 05:18:40 GMT

GET
H2 200 zxvr.14 Show response
bk.jampartizan.com/ZXM/OPTR/ Frame E19E 5 KB
1 KB 118ms
20ms Script
text/javascript 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://bk.jampartizan.com/ZXM/OPTR/zxvr.14

Requested by

Host: tur.vivit-tours.com
URL: https://tur.vivit-tours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

32e257edc51d8da882af136c78e1395e1dbd72d3960923e2174ec1caf1ae19c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Referer: https://tur.vivit-tours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
last-modified: Thu, 14 Jan 2021 12:53:09 GMT
x-timer: S1610687920.179288,VS0,VE1
etag: "dd615af05cacdee1b2238a974184e481542d79e2bdf91caf64613feab3d739af-br"
x-served-by: cache-cdg20753-CDG
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600
date: Fri, 15 Jan 2021 05:18:40 GMT
accept-ranges: bytes
content-length: 1174
x-cache-hits: 1

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E19E 104 KB
32 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010903.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b1accab39490c3ea637edcf9ce20212a90e859a6cfbe62ef44dfdb420095cfde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tur.vivit-tours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 05:18:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1610541309185380"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 32615
x-xss-protection: 0
expires: Fri, 15 Jan 2021 05:18:40 GMT

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 74 KB
28 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010903.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a696a23c4b36e659fab82d44eb299057572792121a95f79fa51e2e57df5b8d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tur.vivit-tours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 05:18:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1610541315364515"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28321
x-xss-protection: 0
expires: Fri, 15 Jan 2021 05:18:40 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 9 KB
7 KB 37ms
17ms XHR
application/json 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021010903&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010903.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36e388dc73dadd3076e63a81806bfcbcea85cb991dde8f9c7278898804ff8dfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tur.vivit-tours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 15 Jan 2021 05:18:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6839
x-xss-protection: 0

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame F4B7 0
0 41ms
39ms Fetch
image/gif 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst7CGx563FXqium7TgKARHUVp0AUq9hpk_ylAIiCsQATPdWIu3lMbfexTYwZmoJroWz72JAdLVuNYEebUje8_ZxyOyMyw357EYFPQ-ixxUCn1lkb5M6RTbGgo6d26X7KtBThgY4aHVtbBYfnJFqQgwYtLFuV724jIHQUO-HavRsBp0b_aq0VVsDFJ8O8LFNTOFcjlgTi11RK3nS3WfWCIQ7ttZGx1L8PK2tPWBF5gPn44DkzGrVxt1pFNb8tYamc9UsC-6_LtmRB0mX9VSdySnZtFokN1AYgDDwroU-Pg&sai=AMfl-YTjXTpB_VIRU3w8yemF0BN6EMPCAvANAraR8VjXkXVrfsaaCFa9RxlTCfg2Sg7KLJkh_hVO24phi38ziJxpwTyMQpKktMgqdvX6KdZ_jqpaqdx-VaXJfV73R9BJwC0&sig=Cg0ArKJSzKe8p9R6iSC2EAE&urlfix=1&adurl=

Requested by

Host: tur.vivit-tours.com
URL: https://tur.vivit-tours.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tur.vivit-tours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 15 Jan 2021 05:18:40 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 15 Jan 2021 05:18:40 GMT

GET
H2 200 zxvr.79 Show response
bk.jampartizan.com/ZXM/OPTR/ Frame F4B7 5 KB
1 KB 104ms
21ms Script
text/javascript 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://bk.jampartizan.com/ZXM/OPTR/zxvr.79

Requested by

Host: tur.vivit-tours.com
URL: https://tur.vivit-tours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

246adef29fe1329a53847079c91950a159407881774e15b5d5df2e8cb276534c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Referer: https://tur.vivit-tours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
last-modified: Thu, 14 Jan 2021 12:53:09 GMT
x-timer: S1610687920.179326,VS0,VE1
etag: "629bdb77bd34cfd294109a1585d5c643b6680e2abccef7e380ae44297360d399-br"
x-served-by: cache-cdg20753-CDG
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600
date: Fri, 15 Jan 2021 05:18:40 GMT
accept-ranges: bytes
content-length: 1178
x-cache-hits: 1

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F4B7 104 KB
32 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010903.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b1accab39490c3ea637edcf9ce20212a90e859a6cfbe62ef44dfdb420095cfde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tur.vivit-tours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 05:18:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1610541309185380"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 32615
x-xss-protection: 0
expires: Fri, 15 Jan 2021 05:18:40 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
692 B 35ms
13ms Image
image/gif 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_sz&pvsid=4289469351501788&r=1x1&w=336&h=280&a=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tur.vivit-tours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Jan 2021 05:18:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame 92D2 2 KB
608 B 17ms
16ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010903.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c68d781eeb01bd19249e5301c2e13974cf71f00e32efe05c043b14142c0d2a00

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://tur.vivit-tours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 15 Jan 2021 04:32:17 GMT
server: ESF
date: Fri, 15 Jan 2021 05:18:40 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 15 Jan 2021 05:18:40 GMT

GET
H3-Q050 200 interstitial_ad_frame_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210112/r20110914/elements/html/ Frame 92D2 16 KB
7 KB 35ms
20ms Script
text/javascript 2a00:1450:4001:819::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210112/r20110914/elements/html/interstitial_ad_frame_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010903.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

27b2ca2645ba3cb3bd13435ee1d013b71aa8371a030b1346f891025498f408e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tur.vivit-tours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 00:05:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18763
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7107
x-xss-protection: 0
server: cafe
etag: 6939565644172643476
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 29 Jan 2021 00:05:57 GMT

GET
H3-Q050 200 pubads_impl_page_level_ads_2021010903.js Show response
securepubads.g.doubleclick.net/gpt/ 38 KB
14 KB 37ms
37ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2021010903.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010903.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

sffe /

Resource Hash

c4fbec129cd9ab1e60bcc2e9ec882d28eff15199fa6f33fbdcaee63f6852c5cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tur.vivit-tours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 05:18:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 10 Jan 2021 01:35:23 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13795
x-xss-protection: 0
expires: Fri, 15 Jan 2021 05:18:40 GMT

GET
DATA 200
OK truncated
/ Frame E19E 208 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8cfd845a83252e6b0175f7e057d83aaf020c91c3713b846da3c8257066251f75

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 16 KB
6 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:819::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010903.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

baf04ff369a96d4bb7228e99a65163de20845bf23826295dd3471afd3cee9ee5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tur.vivit-tours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 05:18:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1607463675096825"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6146
x-xss-protection: 0
expires: Fri, 15 Jan 2021 05:18:40 GMT

GET
DATA 200
OK truncated
/ Frame F4B7 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 15bdf2c51f7a441855ab137d8acbb81d0dbb8bd78efc0fc40f12f5709dec1d6f

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 TURzxvr.2 Show response
bk.jampartizan.com/ZXM/OPTR/ Frame 570C 6 KB
1 KB 473ms
471ms Script
text/javascript 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://bk.jampartizan.com/ZXM/OPTR/TURzxvr.2

Requested by

Host: tur.vivit-tours.com
URL: https://tur.vivit-tours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

3d6ae2016d1cd9264b8af8d681ac225675176aed790aabe010295dd5c2c6ac25

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Referer: https://tur.vivit-tours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
last-modified: Thu, 14 Jan 2021 12:53:09 GMT
x-timer: S1610687920.190209,VS0,VE452
etag: "f8880c53b6aaf0f1ea14d6bc6efe952527e433165f07ad637bd095084b714b92-br"
x-served-by: cache-cdg20753-CDG
vary: x-fh-requested-host, accept-encoding
x-cache: MISS
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600
date: Fri, 15 Jan 2021 05:18:40 GMT
accept-ranges: bytes
content-length: 1341
x-cache-hits: 0

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 570C 104 KB
32 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: tur.vivit-tours.com
URL: https://tur.vivit-tours.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b1accab39490c3ea637edcf9ce20212a90e859a6cfbe62ef44dfdb420095cfde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tur.vivit-tours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 05:18:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1610541309185380"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 32615
x-xss-protection: 0
expires: Fri, 15 Jan 2021 05:18:40 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/220/ Frame 4C84 0
0 8ms
7ms Document
text/html 2a00:1450:4001:819::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/220/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/220/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://tur.vivit-tours.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://tur.vivit-tours.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4868
date: Fri, 15 Jan 2021 01:17:39 GMT
expires: Sat, 15 Jan 2022 01:17:39 GMT
last-modified: Tue, 27 Oct 2020 18:37:37 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 14461
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame DF84 0
0 298ms
296ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=250&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3986104005&adf=4188749583&w=970&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.8342036783343789

Requested by

Host: bk.jampartizan.com
URL: https://bk.jampartizan.com/ZXM/OPTR/zxvr.14

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-6550413363602588&output=html&h=250&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3986104005&adf=4188749583&w=970&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.8342036783343789
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://tur.vivit-tours.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkHwcSyk7-TjhH9uhaG7RfDf38qQFjiifcBiT6Ldx26peRocolvXOxXDVnY
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://tur.vivit-tours.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 15 Jan 2021 05:18:40 GMT
server: cafe
content-length: 23504
x-xss-protection: 0
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 7131 0
0 352ms
352ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=250&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3565838599&adf=4188749683&w=970&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fworldtourismgroup.com%2F&ea=0&flash=0&wgl=1&dt=1568467881274&bpp=42&bdt=21&fdt=44&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=1051177114888&frm=23&ife=1&pv=1&ga_vid=1990525009.1568467881&ga_sid=1568467881&ga_hid=1109394268&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=32&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=654&isw=530&ish=534&ifk=4258374561&scr_x=0&scr_y=0&eid=151527007%2C182984000%2C182984200&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C534&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=1044&bc=31&osw_key=1317328505&ifi=1&uci=1.746w5gtp7s5o&fsb=1&p=https%3A%2F%2Fworldtourismgroup.com%2F&dtd=56&0.26924489716862965

Requested by

Host: bk.jampartizan.com
URL: https://bk.jampartizan.com/ZXM/OPTR/zxvr.79

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-6550413363602588&output=html&h=250&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3565838599&adf=4188749683&w=970&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fworldtourismgroup.com%2F&ea=0&flash=0&wgl=1&dt=1568467881274&bpp=42&bdt=21&fdt=44&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=1051177114888&frm=23&ife=1&pv=1&ga_vid=1990525009.1568467881&ga_sid=1568467881&ga_hid=1109394268&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=32&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=654&isw=530&ish=534&ifk=4258374561&scr_x=0&scr_y=0&eid=151527007%2C182984000%2C182984200&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C534&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=1044&bc=31&osw_key=1317328505&ifi=1&uci=1.746w5gtp7s5o&fsb=1&p=https%3A%2F%2Fworldtourismgroup.com%2F&dtd=56&0.26924489716862965
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://tur.vivit-tours.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkHwcSyk7-TjhH9uhaG7RfDf38qQFjiifcBiT6Ldx26peRocolvXOxXDVnY
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://tur.vivit-tours.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 15 Jan 2021 05:18:40 GMT
server: cafe
content-length: 24834
x-xss-protection: 0
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/022010270040000/ Frame E880 180 KB
51 KB 28ms
6ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022010270040000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010903.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

700d1d900f10d454a72ce90127520d4ecbbc35725e63b2b2fe9a46e9c9d3fc02

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tur.vivit-tours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 487575
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51484
x-xss-protection: 0
server: sffe
date: Sat, 09 Jan 2021 13:52:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "6d03694bae3d062c"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 09 Jan 2022 13:52:25 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/022010270040000/v0/ Frame E880 13 KB
5 KB 39ms
17ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022010270040000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010903.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ebab910fdc7c7e9e079caa9f7321177b135b2e1542f86ce36937ceb41865086d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tur.vivit-tours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 32673
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4850
x-xss-protection: 0
server: sffe
date: Thu, 14 Jan 2021 20:14:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "77bd676d834aaa8d"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Jan 2022 20:14:07 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/022010270040000/v0/ Frame E880 90 KB
27 KB 38ms
16ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022010270040000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010903.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

477549a4d5fb644cda6bf64af01631b8411022d88e608bbd8e5a06e327b391cb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tur.vivit-tours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 32673
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27668
x-xss-protection: 0
server: sffe
date: Thu, 14 Jan 2021 20:14:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1304c1c0caf7ca3c"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Jan 2022 20:14:07 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/022010270040000/v0/ Frame E880 3 KB
1 KB 38ms
16ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022010270040000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010903.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a86753d4effe5e607d4eaf03fe37eccb8cac743a528f874f736f4d7f35e094b1

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tur.vivit-tours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 32673
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1350
x-xss-protection: 0
server: sffe
date: Thu, 14 Jan 2021 20:14:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "12c034eb739190af"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Jan 2022 20:14:07 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/022010270040000/v0/ Frame E880 41 KB
13 KB 36ms
14ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022010270040000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010903.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b61eb57ae77f31b91b04781da33023ecd897fda21f6c817e6c27623204046f42

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tur.vivit-tours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 577498
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13075
x-xss-protection: 0
server: sffe
date: Fri, 08 Jan 2021 12:53:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1e8a1dae72af56cd"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 08 Jan 2022 12:53:42 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame E880 4 KB
651 B 16ms
16ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010903.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2190c16423c2557bcb20ccba2edc176fbeb16e6a3de2b2af297f650aae85a43e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://tur.vivit-tours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 15 Jan 2021 05:15:58 GMT
server: ESF
date: Fri, 15 Jan 2021 05:18:40 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 15 Jan 2021 05:18:40 GMT

GET
H3-Q050 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/9695086376017451742/ Frame E880 3 KB
3 KB 6ms
6ms Image
image/png 2a00:1450:4001:819::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9695086376017451742/downsize_200k_v1?w=100&h=100

Requested by

Host: tur.vivit-tours.com
URL: https://tur.vivit-tours.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4750f33e47cb714aeeca28461788276662f4b86d815e3eb12e568a4772a768

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tur.vivit-tours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 11 Jan 2021 10:49:37 GMT
x-content-type-options: nosniff
age: 325743
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3178
x-xss-protection: 0
last-modified: Mon, 07 Dec 2020 13:28:26 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 11 Jan 2022 10:49:37 GMT

GET
DATA 200
OK truncated
/ Frame E880 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7b2914630e4a477b5dacb2f84c0dcd64a3d1c67ae6fea92cfb17edb00634f7e4

Request headers

Referer: https://tur.vivit-tours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 tr.png
tpc.googlesyndication.com/pagead/images/abg/ Frame E880 3 KB
3 KB 6ms
5ms Image
image/png 2a00:1450:4001:819::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/tr.png

Requested by

Host: tur.vivit-tours.com
URL: https://tur.vivit-tours.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1e5a886321d0e00c13f7abff03ca39fd782f42997fd34bcbf4fc93718f3670cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tur.vivit-tours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 14 Jan 2021 12:07:05 GMT
x-content-type-options: nosniff
server: cafe
age: 61895
etag: 9957912877679239782
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3057
x-xss-protection: 0
expires: Fri, 15 Jan 2021 12:07:05 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame E880 344 B
439 B 6ms
6ms Image
image/png 2a00:1450:4001:819::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: tur.vivit-tours.com
URL: https://tur.vivit-tours.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tur.vivit-tours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 14 Jan 2021 12:19:44 GMT
x-content-type-options: nosniff
server: cafe
age: 61136
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Fri, 15 Jan 2021 12:19:44 GMT

GET
H3-Q050 200 adview
securepubads.g.doubleclick.net/pagead/ Frame E880 0
0 40ms
39ms Image
text/html 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=COQ-GsCUBYLSUAsTV7gPhvonQC-ry1oBhotvj7PkMne_vh_QXEAEghuGFKmD7gYCAiAqgAdOx-cgDyAEBqQJ1mZO-NWW0PuACAKgDAaoE1AFP0Akd897cyoH4KPz5vse3gjqeJZmguiGQKeF5qe8F_CW2vmI9Hl-YlG8-hhiio3uKuHGew83h0gwAo_2ZoGFgBW5JKOPrthUNAvACWVMgKvMxkUPhcPrIEW-RhaCf4J6Uiu5lAG3gkIHeMiLEhvHTHU5uC9xuyFYJKH9rhx_H8nJ7U_rh8h_6Qs67Ntc1nzrTSxNKL9ZsGIiX3_W2TLKygkvCzR1OmEWxYLH836w2YyLVKx_ZwoeE-NSBGao9CYNthb7Y5hqzPlLgxidqpjdJwEPYrMAE3ImUnK4D4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGAB4_wxJUBqAfVyRuoB_DZG6gH8tkbqAeUmLECqAel3xuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQy7AQ0ggJCIDhgFAQARgd8ggbYWR4LXN1YnN5bi02NDUwNDkzMzk2NTYzNzI0gAoDyAsB2BMCiBQBshcaChgIABIUcHViLTY1NTA0MTMzNjM2MDI1ODg&sigh=uRGc5VuXx2M&template_id=5001&tpd=AGWhJmtAksgRWuDOj26hs4pE_7n473JPJmNiAZaWirERrjYIFw
Requested by: Host: tur.vivit-tours.com
URL: https://tur.vivit-tours.com/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra15s46-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://tur.vivit-tours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ Frame E880 11 KB
11 KB 11ms
10ms Font
font/woff2 2a00:1450:4001:818::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://tur.vivit-tours.com
Referer: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 11 Jan 2021 22:21:20 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:48 GMT
server: sffe
age: 284240
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11056
x-xss-protection: 0
expires: Tue, 11 Jan 2022 22:21:20 GMT

GET
H3-Q050 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ Frame E880 11 KB
11 KB 11ms
11ms Font
font/woff2 2a00:1450:4001:818::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://tur.vivit-tours.com
Referer: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 16:12:05 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 47195
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11016
x-xss-protection: 0
expires: Fri, 14 Jan 2022 16:12:05 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
31 B 23ms
15ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=220&t=2&li=gpt_2021010903&jk=4289469351501788&bg=!kJOlk9DNAAUYkFXlGDsAKQB2-Dxa7Nywh9qcPqqQm6bs9UqI5SpQ2GMf1o1aGfy40VaZv-GeK6BBAgAAAFNSAAAAC2gBBwoApqqQ1sDQpOc3k81CbWV9zKjPHKvo3TtepfD5QBMveXrRtuny81okqr2HciaVGbmVhec17mkxGbhmtOAK2fP9KBq8SLN2GkEMg3Wt80P5ONEwMdSSnW_5JID-UGtz8zJ4ApPPiIvwk4Y-t5fevKthcRTD8REQxIIL3TP4SjQ6kZx4MYgIJbjx0tXYyWHRRP72zfhc-6lK3WFBtzUPPnevIIIWIWf02DWZAdxaiPVBCNKnWZlbI1AGhdxEowrQe4WBp6s52GF1dRf3kKaSReh4LOzP7zKFXssdCGxfEWpAe4j_BTbRLm5kLTfyNss_BQgzi4G0vi1HgvNc8ciApL16qSqWTdCpf_QxmFiUDKzMRmk4Ga9QwHf_YUSPTUIyA4d0Y1ceEUmNZSWrKz0j9zk3Elw5gJg2CaY1oACWFkHqLqucgRhQaPA6qLxem5WJM76YLZTAyMKYnOCEJoWkK3jZqIoPbAzLZUSRgHvJ8mKmIEQ2dPAnKggxrLIcir8Hrj_2ppuprTncd9ISpv0qY5bryx5QDddsGslDRwKcFMZTFQwPXJfFDOBunw0XPXVbdX1pHs4RIkunmKwpNDBPSO1cHlv7uMLa6k5zujt6fYbWHpKPPOLF0z4s_6XRJ-NWi64IcSlR9AYeQSPT0Lvsrt9cXokcHLUk2BUCq38eg223MLb87dVwVUbfBgs5M4xzaTauDie9tExff4UOgIcccHROe6H5xXgI84C7pXJSOe4khUyqzbMsCHdj2zdKUWMz3RiHVmI1bXXZGrGzkpV-D3KnPggxT9ESdr1ixbhQtxtYj0FmYe5XcjQJ_5Bk2pEDe3i0pZD0ymEG1KrHz2kLLI1Yk0J9FYosWg

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tur.vivit-tours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Jan 2021 05:18:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame E880
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

15ms
15ms

Image
text/html

2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Requested by: Host: tur.vivit-tours.com
URL: https://tur.vivit-tours.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

date: Fri, 15 Jan 2021 05:18:40 GMT
x-content-type-options: nosniff
server: safe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H3-Q050 200 tr.png
tpc.googlesyndication.com/pagead/images/abg/ Frame E880 3 KB
3 KB 6ms
6ms Image
image/png 2a00:1450:4001:819::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/tr.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/022010270040000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1e5a886321d0e00c13f7abff03ca39fd782f42997fd34bcbf4fc93718f3670cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tur.vivit-tours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 14 Jan 2021 12:07:05 GMT
x-content-type-options: nosniff
server: cafe
age: 61895
etag: 9957912877679239782
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3057
x-xss-protection: 0
expires: Fri, 15 Jan 2021 12:07:05 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame E880 344 B
369 B 7ms
6ms Image
image/png 2a00:1450:4001:819::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/022010270040000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tur.vivit-tours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 14 Jan 2021 12:19:44 GMT
x-content-type-options: nosniff
server: cafe
age: 61136
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Fri, 15 Jan 2021 12:19:44 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame E19E 0
0 143ms
96ms Fetch
image/gif 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssXaKxt6fS4V2rI0ubg_TwiJPYjQywtSFuQfACYuZizK485mOIdHbIo9kiZmbW3xC6Ae4qbNAQ0T7jug8LiP-wv4r_PO8tsar2OL0jyaZCUvhGa5ABxm74eSmBNWlKy-9tcs1TsjSerJXZXqw6pT7dvmo1lkjwHlp5HBsTaBeHm3iarHzz6n1A0Ta_qsracr-bQIfGKcH-dsGI6GK3rzoQT6JcRGiCVYglGEgqoiowqE_PITdeysGmH4sQdAksbDRcDUWMlBl46jH_6ElGwhKPJSg47V5YVTfIYkVOiP0tJ&sai=AMfl-YT2AfIOtOpiv16G7oXshJMO8ST3ZA4kp8Z9m8L6voQU9S_2la2_3mhiUurzPxnFVVzreRyG8SGVc9i1nOFxB2I-XfHApp0RUEWeYJsCUXOFSY9-6orWZ4pVEtW4oVe2&sig=Cg0ArKJSzP1C-QY1dz-8EAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tur.vivit-tours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 15 Jan 2021 05:18:40 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 15 Jan 2021 05:18:40 GMT

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame FE0F 0
0 340ms
339ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=280&slotname=ZXM/ZXM_OPTR/zxm_optr_tur&adk=3986104005&adf=4188749577&w=336&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Ftr.blogwithoutajob.com%2F&ea=0&flash=0&wgl=1&dt=1568443358351&bpp=112&bdt=115&fdt=114&idt=116&shv=r20190911&cbv=r20190131&saldr=sa&correlator=122319362182&frm=23&ife=1&pv=1&ga_vid=1347795841.1568443359&ga_sid=1568443359&ga_hid=2028642082&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=20&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=34&biw=558&bih=670&isw=530&ish=550&ifk=1846264811&scr_x=0&scr_y=0&eid=20199336%2C151527007%2C182984100%2C182984300%2C368885002%2C423550201&oid=3&pg_h=9038&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=3973512255&ifi=1&uci=1.cucdgbjcgw8k&fsb=1&p=https%3A%2F%2Ftr.blogwithoutajob.com%2F&dtd=195&0.0026463317766556305

Requested by

Host: bk.jampartizan.com
URL: https://bk.jampartizan.com/ZXM/OPTR/TURzxvr.2

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13558094169120440013/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13558094169120440013/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CPnd7IqYne4CFeWA7QodPbwCKg&gqi=sCUBYJeRKYrGtweJ1bnQCg&layout=/sadbundle/%24csp%253Der3%24/13558094169120440013/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-6550413363602588&output=html&h=280&slotname=ZXM/ZXM_OPTR/zxm_optr_tur&adk=3986104005&adf=4188749577&w=336&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Ftr.blogwithoutajob.com%2F&ea=0&flash=0&wgl=1&dt=1568443358351&bpp=112&bdt=115&fdt=114&idt=116&shv=r20190911&cbv=r20190131&saldr=sa&correlator=122319362182&frm=23&ife=1&pv=1&ga_vid=1347795841.1568443359&ga_sid=1568443359&ga_hid=2028642082&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=20&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=34&biw=558&bih=670&isw=530&ish=550&ifk=1846264811&scr_x=0&scr_y=0&eid=20199336%2C151527007%2C182984100%2C182984300%2C368885002%2C423550201&oid=3&pg_h=9038&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=3973512255&ifi=1&uci=1.cucdgbjcgw8k&fsb=1&p=https%3A%2F%2Ftr.blogwithoutajob.com%2F&dtd=195&0.0026463317766556305
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://tur.vivit-tours.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkHwcSyk7-TjhH9uhaG7RfDf38qQFjiifcBiT6Ldx26peRocolvXOxXDVnY; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://tur.vivit-tours.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13558094169120440013/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13558094169120440013/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CPnd7IqYne4CFeWA7QodPbwCKg&gqi=sCUBYJeRKYrGtweJ1bnQCg&layout=/sadbundle/%24csp%253Der3%24/13558094169120440013/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 15 Jan 2021 05:18:40 GMT
server: cafe
content-length: 33105
x-xss-protection: 0
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame F4B7 0
0 44ms
44ms Fetch
image/gif 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstQ0o1zk19GfiGxLsxO5ykd0bKyOhbJ77k4foRGf60x49BoUKytUkYTCZHS-xGwiJUqyhXTqEofUlKcm1fDrZ89u0ZKGa8H1nPrSLuctuzJUOwWlTmrYUKtE2kBpxUUHQAMFY09zyIprtddsiQ0eXNnlGa8_ysWrVTbou-wtePHXPoDbd0Wsiwc9MnwFQEQ5Csgecs41TZKDWoR8wVekaYbzlf5CCCaS4ullvd0vwVFiXnF0oV5cRZTQ3v4D4pZTh-vacIF8QFox2TG91g-n-XWr8dXmsDS_3msO91VNxoW&sai=AMfl-YQVkm0qvBz3P2o2hJZHpLCzf8Oq_1K9VBnHthWZQg0F4YIJtqFnsQHnUkVuyou-VPtprjF7mIp5kpAPtGT5eVtrdOVY1fkabPQEwF8egLDShRAk-pCLHr8L1Cq2RMA&sig=Cg0ArKJSzBWBbKblyIReEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tur.vivit-tours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 15 Jan 2021 05:18:40 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 15 Jan 2021 05:18:40 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 570C 0
0 46ms
45ms Fetch
image/gif 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuRO6ITJQ8xJWWvwoFBmLFtpLppdTampeoobIm6C7kp00KMAQO8wopyAIXWzXZy2xeqnFTaBlBfS28_NKEEzSDNJXkvZFET3kLkS1kqhOrQAjb80FTet41Grc0ijlfYCSEyqCkm_YJRifLbOzCZ6-d3kWIx8T7fcdkKlBpNXUiN9-4Iz_UAs1vReYHtqpVI_CuPen9BNUsCfUVN6mZURKinNbts60WcWDN-rIeR9dkxP-nPMFYO1Q_ANwTvfmtniisiRc8HwKlrMDR4_B413sNqZvdf_yOhB_6hXy8Yc0Pur34&sai=AMfl-YTdoRIZpa03iIq7ixbvJ4X6Rwi6KcM2QuLSaBTB7I1eTQvxQh5fQWfSTVLwDsO2uEX7aKSg2lCUUus0mr3IIKNJnLGUqbdHcGRgTT3gtQkbbmMA1Whew9nywbDvMIQ&sig=Cg0ArKJSzCP9nHimqHbhEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tur.vivit-tours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 15 Jan 2021 05:18:41 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 15 Jan 2021 05:18:41 GMT

GET
H3-Q050 200 activeview
pagead2.googlesyndication.com/pcs/ Frame E880 42 B
183 B 17ms
16ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvqoNniRfKanqaJ37W6vtMS2eVLQmbYzn_FnLxXZWkmcLi1C77EIliphT5rRGXh05XJIg_792FCMHYVNE_kJfyhPVB2yzV5wlC_NQgWq5g2JueWfhlUqEB_ozynhA&sai=AMfl-YRLnmcN4zwsjy3HVJkduFJwGxw-1UAjh1VTbhqpXXs8Z3-cU9wM6JrhXkKe-rZVjx2NcLDSZI6FA4el9Cnv8_lvXFXH4MMUtW7_w_I9Ybegv9LJwpYYYjFtGCpPjwYV&sig=Cg0ArKJSzLnAggs7UkPTEAE&cid=CAASPeRoRk_O5zQdttV305OGkUi52x9s4i_xafCbNnt0pBS3nf4zdy5kJ8lv8BIfd6DqTx4rxbGQScC1s7OQgFE&id=ampim&o=0,1228&d=1600,90&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=218&tls=1515&g=55.55555820465088&h=100&tt=1515&r=v&avms=ampa&adk=4081098883

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tur.vivit-tours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Jan 2021 05:18:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

1
mc.yandex.ru/watch/54607900/
Redirect Chain

https://mc.yandex.ru/watch/54607900?page-url=https%3A%2F%2Ftur.vivit-tours.com%2F&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Adp%3A1%3Ans%3A1610687917070%3As%3A1600x1200x24%3Ask%3A1%3Ahd...
https://mc.yandex.ru/watch/54607900/1?page-url=https%3A%2F%2Ftur.vivit-tours.com%2F&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Adp%3A1%3Ans%3A1610687917070%3As%3A1600x1200x24%3Ask%3A1%3A...

43 B
71 B

49ms
49ms

Other
image/gif

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/54607900/1?page-url=https%3A%2F%2Ftur.vivit-tours.com%2F&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Adp%3A1%3Ans%3A1610687917070%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aadb%3A2%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A60%3Ai%3A20210115061854%3Aet%3A1610687935%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Aar%3A1%3Anb%3A1%3Acl%3A119%3Als%3A1140271980056%3Arqn%3A2%3Arn%3A146374737%3Ahid%3A1065070140%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C2880%2C2880%2C16%2C%3Agdpr%3A14%3Aeu%3A1%3Av%3A1988%3Awv%3A2%3Arqnl%3A1%3Ast%3A1610687935%3Au%3A1610687919502001211

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tur.vivit-tours.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Jan 2021 05:18:54 GMT
last-modified: Fri, 15-Jan-2021 05:18:54 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
x-xss-protection: 1; mode=block
expires: Fri, 15-Jan-2021 05:18:54 GMT

Redirect headers

pragma: no-cache
date: Fri, 15 Jan 2021 05:18:54 GMT
last-modified: Fri, 15-Jan-2021 05:18:54 GMT
location: /watch/54607900/1?page-url=https%3A%2F%2Ftur.vivit-tours.com%2F&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Adp%3A1%3Ans%3A1610687917070%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aadb%3A2%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A60%3Ai%3A20210115061854%3Aet%3A1610687935%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Aar%3A1%3Anb%3A1%3Acl%3A119%3Als%3A1140271980056%3Arqn%3A2%3Arn%3A146374737%3Ahid%3A1065070140%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C2880%2C2880%2C16%2C%3Agdpr%3A14%3Aeu%3A1%3Av%3A1988%3Awv%3A2%3Arqnl%3A1%3Ast%3A1610687935%3Au%3A1610687919502001211
strict-transport-security: max-age=31536000
access-control-allow-origin: https://tur.vivit-tours.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 15-Jan-2021 05:18:54 GMT

Verdicts & Comments Add Verdict or Comment

125 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.vivit-tours.com/	1970-01-20 00:10:23	Name: euconsent-v2 Value: CPAC3jcPAC3jcAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA
.vivit-tours.com/	1970-01-20 00:10:23	Name: didomi_token Value: eyJ1c2VyX2lkIjoiMTc3MDQ3YjMtNWE2OS02ZmU4LWE5MDMtMTA1MjdiODMzN2UwIiwiY3JlYXRlZCI6IjIwMjEtMDEtMTVUMDU6MTg6MzkuNjM5WiIsInVwZGF0ZWQiOiIyMDIxLTAxLTE1VDA1OjE4OjM5LjYzOVoiLCJ2ZW5kb3JzIjp7ImVuYWJsZWQiOlsiZ29vZ2xlIl19LCJ2ZW5kb3JzX2xpIjp7ImVuYWJsZWQiOlsiZ29vZ2xlIl19LCJ2ZXJzaW9uIjoyfQ==
.vivit-tours.com/	1970-01-19 15:25:59	Name: _ym_isad Value: 2
.vivit-tours.com/	1970-01-20 00:10:23	Name: _ym_uid Value: 1610687919502001211
.vivit-tours.com/	1970-01-19 15:24:49	Name: _ym_visorc_54607900 Value: w
.vivit-tours.com/	1970-01-20 00:10:23	Name: _ym_d Value: 1610687919
.vivit-tours.com/	1970-01-19 16:07:59	Name: __cfduid Value: d866d2d4678b80bc907b7673d97a7829b1610687917

12 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://cdn.zx-adnet.com/adx/optr_19071801.js(Line 1) Message: zx->v2 optr->dfp->overlay,consent,abs
console-api	log	URL: https://cdn.zx-adnet.com/adx/optr_19071801.js(Line 1) Message: zx->v2 optr->dfp->overlay,consent,abs
console-api	log	URL: https://cdn.zx-adnet.com/adx/optr_19071801.js(Line 1) Message: zx->start full check gdpr
console-api	log	URL: https://cdn.zx-adnet.com/adx/optr_19071801.js(Line 1) Message: zx -> DE
console-api	log	URL: https://cdn.zx-adnet.com/adx/optr_19071801.js(Line 1) Message: zxnt -> START GDPR
console-api	log	URL: https://cdn.zx-adnet.com/adx/optr_19071801.js(Line 1) Message: zxnt->cmp-> onReady
console-api	log	URL: https://cdn.zx-adnet.com/adx/optr_19071801.js(Line 1) Message: zxnt native v.1.1
console-api	log	(Line 10) Message: sfr zxm ad 970\|250
console-api	log	(Line 10) Message: sfr zxm ad 970\|250
console-api	log	(Line 17) Message: v2 sfr zxm ad 336\|280
console-api	info	URL: https://cdn.ampproject.org/rtv/022010270040000/amp4ads-v0.mjs(Line 9) Message: Powered by AMP ⚡ HTML – Version 2010270040000 https://tur.vivit-tours.com/
console-api	log	URL: https://cdn.zx-adnet.com/adx/optr_19071801.js(Line 1) Message: zx Interstitial is loaded.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a909240e50e14607e4139976c0fd17ce.safeframe.googlesyndication.com
adservice.google.com
adservice.google.de
bk.jampartizan.com
cdn.ampproject.org
cdn.jsdelivr.net
cdn.zx-adnet.com
counter.yadro.ru
fonts.googleapis.com
fonts.gstatic.com
geolocation.onetrust.com
googleads.g.doubleclick.net
i.vivit-tours.com
mc.yandex.ru
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
tur.vivit-tours.com
vivit-tours.com
www.google.com
www.googletagservices.com
151.101.1.195
151.101.65.195
172.217.16.130
172.67.178.55
2606:4700:10::6814:b944
2a00:1450:4001:800::2002
2a00:1450:4001:800::2004
2a00:1450:4001:803::2001
2a00:1450:4001:803::200a
2a00:1450:4001:806::2002
2a00:1450:4001:817::2001
2a00:1450:4001:818::2003
2a00:1450:4001:819::2001
2a00:1450:4001:81f::2002
2a02:6b8::1:119
2a04:4e42:3::621
88.212.201.216
00134aa246e3650697dd1f47ac64fb11246adf110bd65ee8de82a070835597aa
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
05af3f284ecc9fed1a6787f269a0866b56253241122247c204b3e97a99fdc669
0da55fc3aca6fc4e59ebd98c3e97bfa2cac21fb939b1830ef5f721474bb33732
13af5276df7b6d4449517f1049f0e91e757d72740e36bcca2797033e0b0fbb5a
15bdf2c51f7a441855ab137d8acbb81d0dbb8bd78efc0fc40f12f5709dec1d6f
1c40a58eb0281a4239bebb01c15f5b19d9922f52cb45b2e69a48a4953cce0edb
1cc776b4b87243862afabc5cb1107699c4bc2c3a89e7da2972f1e8d042233282
1e5a886321d0e00c13f7abff03ca39fd782f42997fd34bcbf4fc93718f3670cc
2190c16423c2557bcb20ccba2edc176fbeb16e6a3de2b2af297f650aae85a43e
246adef29fe1329a53847079c91950a159407881774e15b5d5df2e8cb276534c
27b2ca2645ba3cb3bd13435ee1d013b71aa8371a030b1346f891025498f408e9
2c7a34e4f9047f2e550041450f08a30efac091fea094c06bc36480a21707a973
2d53c991ced8060512cd10806536812d3c1be448dcf3f6097096974a411d1ee6
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f9d520da8158d4ae9d220432db1f453eb5ee2c426d58616bb0997bc235404e5
32e257edc51d8da882af136c78e1395e1dbd72d3960923e2174ec1caf1ae19c3
35b21384f02b385512f88f8093483f709a5c0ff2a5d91dd16d1507446dde5a84
36e388dc73dadd3076e63a81806bfcbcea85cb991dde8f9c7278898804ff8dfa
3c8e306191281578da9fa23dc7eab9d4515b9460a2b65045a45a75b6406f11c8
3d6ae2016d1cd9264b8af8d681ac225675176aed790aabe010295dd5c2c6ac25
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
477549a4d5fb644cda6bf64af01631b8411022d88e608bbd8e5a06e327b391cb
4b98ccf8e82722a5ab53ab4eccd2fd98c2edb49e977e4f27f305ebe4fcaf2df7
4d10ce3afdc0ac47737060c54c83a10fbe1192bb687029d2565962e4c1f462a2
4e259154d565486c485d02cfa5e7907f03c355f0875d7df202d3ad4f4b312cdc
4fd4081a6f1cf75d7c6a71313d3934b14d9ae08f210063116fc31d3e23183685
511adb4841ea7b4227466207a3d21ed7072b07f8c9b0558dbe37c95b806486d2
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
57d8856c7c69e9f64c198cf86ef7117164496ce7c8b179a7c82fe03764f2dce3
5a271d830afdf97fd9db938e1eb1a83e3c5be6034c721129db32e3fac2722a7a
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
5db56fb995ebcd0d6ced7d8409af2e6828a05826170c0a635fca096ed8e9323c
62ec7c0697fc12c5541f518ea664b735d27edb018bc43a9db3e007b6f631edd4
6a696a23c4b36e659fab82d44eb299057572792121a95f79fa51e2e57df5b8d1
6cf36582109b9e53f72f8020ae731e1931fbdb8d3b8bd36a99840a906e9dddc0
6e486dd35ed099f69997061f21336cad5b3fc105ebd6e26fa7c8a92d727cdf0a
700d1d900f10d454a72ce90127520d4ecbbc35725e63b2b2fe9a46e9c9d3fc02
704014e8de12fdd8910eba95eae597be280d9a1509d284cc21cbfc71dbb8ea5c
76bc9a7ba2a98dbf3265eef964e4f3ed74a23d65da1a9e8ab7003e6f1886f005
797d0e1d0a5eba83fe25e52c97a8002dc8d57a592c6840bae7eba17c41d90ee6
7b2914630e4a477b5dacb2f84c0dcd64a3d1c67ae6fea92cfb17edb00634f7e4
8319eb7820e1be1cfffac229cb3aa321829ba21cb0676c665f04c1ee51041a97
8b9ff3db6f940820e1a134749859bc7bf465d70743abc56c20f8850d23ed6de2
8cfd845a83252e6b0175f7e057d83aaf020c91c3713b846da3c8257066251f75
92a8c052c24889d39ddee3617dad8f31b6f036451afefdad1334b0fcd4694794
978e72413803c6e56be2872fea31036040638d1efbce423f56a1c3a067e92478
99a76999d97b2b208475346392aaa9651be963853de94cbff9faa23644bf6bd0
9daba360fcb1a652044af1056d44769ef7e71b010f2492989bfd583158be0ea0
a856fb8647ea3a77596f4d3a14c19384e1201547d6eab1fac1b8b581fdd42f70
a86753d4effe5e607d4eaf03fe37eccb8cac743a528f874f736f4d7f35e094b1
a953188fad1f7902c943ead7a728672e510b8dd6b4e594d501622af4ced64dfb
aad895630255f0104324e724bc1046384ad9b1b179fcb8e1402e5cd52d8384a5
aba2268048a3ff217451d7b74d0f49b104560650f1bd149731bc852d30b91f94
ae2b3292ce4d22938259dd7e2d411ef3e498276837fbcc0475af40237b608f1f
b1accab39490c3ea637edcf9ce20212a90e859a6cfbe62ef44dfdb420095cfde
b28970c7161e476df30b8203289624cdad6664bb862dc254ac59d3cf25e6d152
b29525544a7c470710f37e7bc5c3f6a0161e3be5199fe226a19508f090b5b939
b409c14a10b4caad6b54844aa63a5faf748b83eecc2dd0d4fb1d913f8de55365
b61eb57ae77f31b91b04781da33023ecd897fda21f6c817e6c27623204046f42
b7e0717a0732adf2f57fbceaf28d2fd7874a2b6da246068283fd75482cd6c18d
badfe7d24133e8a93d99e367c6c94b7d44952079f40a1f707d5051e977e2e939
baf04ff369a96d4bb7228e99a65163de20845bf23826295dd3471afd3cee9ee5
bc3c4912b77f4ce1875154d1f43594136e13f1faed090d2c6a4b3215d99b8c3f
bec0306c6c6a4d45d5a3c107c3e03432c7497bb0f13a39b30097825c10290add
bf6108259316e0af323c3145d0a428dc8c740556bc3037c8be6dcc7e7b093c93
c4fbec129cd9ab1e60bcc2e9ec882d28eff15199fa6f33fbdcaee63f6852c5cb
c68d781eeb01bd19249e5301c2e13974cf71f00e32efe05c043b14142c0d2a00
ccb78397f302455bc30aa80fe0fd486fd8415fdece4e75e6941a71c14d76a91a
cd0d0b6e50ff01ff2f3a9a70d7cfb66a7c6cb9acf7a566325568be6d3bd31fc4
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
cf4750f33e47cb714aeeca28461788276662f4b86d815e3eb12e568a4772a768
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4fd5e1a5791a6ad63c6fe57b47a44696f340482b2c3e0eed3f5b62ebecc4e8d
e55842a856a6d829feca3c3ad736c136b6c7549e9247274f78aa296259e06e24
e7454bd4a3bc5f489cf0cbe07e5d96387b06488b8bb0f10fecb621a125279a33
ebab910fdc7c7e9e079caa9f7321177b135b2e1542f86ce36937ceb41865086d
ecaa66748249a29d419e62c34d4ddfa46e553ed00eb4bd2d519b55ca12a5769c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5038a28e8088b78652a612d17e0ceea63d7ca6969b8e371155b5ce23691a872
f504ccb6c20e2bd16e5d8f01f673b3d454bbfc8f9767c029967c293f4ee723a8
f625c7acfc82b7177ae601b1531f906b3f31cf033f1ec7d4cbd031fc5bbe8969
fb358f37a0b79a9f9ae3b52096bc560c5f39bd56d54d8962d4937e0829ddd4c6
fe33e8675df8bf7d65eec13fb4722f7b1d5bbd041a53f50cc520982bab6c4b8c
ff4b703a37dc11dbca28199ebaa29bfd85fb3793138fdc9bb2b952954d098b68

tur.vivit-tours.com Open in urlscan Pro 172.67.178.55 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

115 Requests

97 %HTTPS

71 %IPv6

15 Domains

21 Subdomains

17 IPs

4 Countries

2309 kBTransfer

5139 kBSize

7 Cookies

42 Outgoing links

Page URL History

Redirected requests

115 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

tur.vivit-tours.com Open in urlscan Pro
172.67.178.55 Public Scan

Screenshot
Live screenshot

Full Image

115
Requests

97 %
HTTPS

71 %
IPv6

15
Domains

21
Subdomains

17
IPs

4
Countries

2309 kB
Transfer

5139 kB
Size

7
Cookies

115 HTTP transactions
0 data transactions