www.johnhancocktravel.com Open in urlscan Pro
23.218.166.70 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.johnhancocktravel.com/
Submission: On April 06 via manual (April 6th 2023, 11:20:19 am UTC) from US — Scanned from DE

Summary HTTP 66 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 6 IPs in 3 countries across 6 domains to perform 66 HTTP transactions. The main IP is 23.218.166.70, located in Munich, Germany and belongs to AKAMAI-AS, US. The main domain is www.johnhancocktravel.com.
TLS certificate: Issued by Sectigo RSA Organization Validation S... on February 6th 2023. Valid for: a year.

This is the only time www.johnhancocktravel.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
58	23.218.166.70 23.218.166.70	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2606:4700:e2:... 2606:4700:e2::ac40:850f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a02:26f0:350... 2a02:26f0:3500:591::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 2	13.37.25.97 13.37.25.97	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
66	6

58 23.218.166.70 (Munich, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-166-70.deploy.static.akamaitechnologies.com

www.johnhancocktravel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:e2::ac40:850f (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:3500:591::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.37.25.97 (Paris, France) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-13-37-25-97.eu-west-3.compute.amazonaws.com

jhfsjhtravel.112.2o7.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
58	johnhancocktravel.com www.johnhancocktravel.com	783 KB
4	adobedtm.com assets.adobedtm.com — Cisco Umbrella Rank: 452	38 KB
2	2o7.net 1 redirects jhfsjhtravel.112.2o7.net	1 KB
2	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 1034	69 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	51 KB
0	Failed function sub() { [native code] }. Failed
66	6

	Domain	Requested by
58	www.johnhancocktravel.com	www.johnhancocktravel.com
4	assets.adobedtm.com	www.johnhancocktravel.com assets.adobedtm.com
2	jhfsjhtravel.112.2o7.net	1 redirects
2	use.fontawesome.com	www.johnhancocktravel.com use.fontawesome.com
1	www.googletagmanager.com	assets.adobedtm.com
0	truncated Failed	www.johnhancocktravel.com
66	6

This site contains links to these domains. Also see Links.

Domain
www.forbes.com
jhia.starrtravelinsurance.com
www.johnhancock.com

Subject Issuer	Validity	Valid
johnhancock.com Sectigo RSA Organization Validation Secure Server CA	`2023-02-06` - `2024-02-06`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-06` - `2023-06-05`	a year	crt.sh
assets.adobedtm.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-19` - `2023-08-19`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.johnhancocktravel.com/
Frame ID: E1FE5DF5FE8A2074A6D277944B8F044B
Requests: 68 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

John Hancock Travel

Detected technologies

Adobe Experience Manager (CMS) Expand

Overall confidence: 100%
Detected patterns

<div class="[^"]*aem-Grid

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Akamai Bot Manager (Security) Expand

Overall confidence: 100%
Detected patterns

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Moment.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

moment(?:\.min)?\.js

OWL Carousel (Widgets) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*href="[^"]+owl\.carousel(?:\.min)?\.css
owl\.carousel.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

66
Requests

98 %
HTTPS

60 %
IPv6

6
Domains

6
Subdomains

6
IPs

3
Countries

941 kB
Transfer

2293 kB
Size

6
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://www.forbes.com/advisor/travel-insurance/best-senior-travel-insurance/
Title: Recognized by Forbes Advisor for 'Best Plan for Seniors' 5/5 Stars

Search URL Search Domain Scan URL

URL: https://jhia.starrtravelinsurance.com/
Title: Agent Login

Search URL Search Domain Scan URL

URL: https://www.johnhancock.com/legal.html
Title: Privacy policyopen in a new tab

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 63

https://jhfsjhtravel.112.2o7.net/b/ss/jhfsjhtravel/1/JS-2.22.4-LCUM/s78543333673988?AQB=1&ndh=1&pf=1&t=6%2F3%2F2023%2011%3A20%3A14%204%200&fid=785E5D38453BFD5D-3A33C952188603DA&ce=UTF-8&pageName=jh%3Atr%3A&g=https%3A%2F%2Fwww.johnhancocktravel.com%2F&cc=USD&v52=jh%3Atr%3A&v70=jh%3Atr%3A&v71=https%3A%2F%2Fwww.johnhancocktravel.com%2F&v115=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F111.0.5563.146%20Safari%2F537.36&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1 HTTP 302
https://jhfsjhtravel.112.2o7.net/b/ss/jhfsjhtravel/1/JS-2.22.4-LCUM/s78543333673988?AQB=1&pccr=true&ndh=1&pf=1&t=6%2F3%2F2023%2011%3A20%3A14%204%200&fid=785E5D38453BFD5D-3A33C952188603DA&ce=UTF-8&pageName=jh%3Atr%3A&g=https%3A%2F%2Fwww.johnhancocktravel.com%2F&cc=USD&v52=jh%3Atr%3A&v70=jh%3Atr%3A&v71=https%3A%2F%2Fwww.johnhancocktravel.com%2F&v115=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F111.0.5563.146%20Safari%2F537.36&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1

66 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
www.johnhancocktravel.com/ 154 KB
18 KB 747ms
563ms Document
text/html 23.218.166.70
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.johnhancocktravel.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.218.166.70 Munich, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-218-166-70.deploy.static.akamaitechnologies.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

f8d407f58f43e2151c1a38c8423d85f1b6a5f335b6aea2717eb12ddf601df290

Security Headers

Name	Value
Content-Security-Policy	default-src 'nonce-e397bb09a4880910f6f8db7924f0f6af' 'self';connect-src 'self' .google-analytics.com .analytics.google.com .googletagmanager.com .demdex.net cm.everesttech.net .bing.com wss://.bing.com assets.adobedtm.com;script-src 'nonce-e397bb09a4880910f6f8db7924f0f6af' 'self' .googleadservices.com .google.com .googletagmanager.com assets.adobedtm.com connect.facebook.net facebook.com bat.bing.com .demdex.net r.bing.com cm.everesttech.net;frame-src 'self' .demdex.net sdx.microsoft.com;img-src 'self' .fls.doubleclick.net .google-analytics.com .googletagmanager.com googleads.g.doubleclick.net www.google.com facebook.com .demdex.net .bing.com *.microsoft.com cm.everesttech.net assets.adobedtm.com jhfsjhtravel.112.2o7.net;upgrade-insecure-requests;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src-attr 'nonce-e397bb09a4880910f6f8db7924f0f6af' 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Length: 14961
Content-Security-Policy: default-src 'nonce-e397bb09a4880910f6f8db7924f0f6af' 'self';connect-src 'self' *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.demdex.net cm.everesttech.net *.bing.com wss://*.bing.com assets.adobedtm.com;script-src 'nonce-e397bb09a4880910f6f8db7924f0f6af' 'self' *.googleadservices.com *.google.com *.googletagmanager.com assets.adobedtm.com connect.facebook.net facebook.com bat.bing.com *.demdex.net r.bing.com cm.everesttech.net;frame-src 'self' *.demdex.net sdx.microsoft.com;img-src 'self' *.fls.doubleclick.net *.google-analytics.com *.googletagmanager.com googleads.g.doubleclick.net www.google.com facebook.com *.demdex.net *.bing.com *.microsoft.com cm.everesttech.net assets.adobedtm.com jhfsjhtravel.112.2o7.net;upgrade-insecure-requests;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src-attr 'nonce-e397bb09a4880910f6f8db7924f0f6af' 'none';style-src 'self' https: 'unsafe-inline'
Content-Type: text/html; charset=utf-8
Date: Thu, 06 Apr 2023 11:20:12 GMT
ETag: W/"26435-G0TMLyMoAEy63vl1XSNoe/ii5KM"
Expect-CT: max-age=0
Referrer-Policy: no-referrer
Server: nginx/1.18.0 (Ubuntu)
Strict-Transport-Security: max-age=15768000 ; includeSubDomains
Vary: Accept-Encoding
X-Akamai-Transformed: 9 156725 0 pmb=mTOE,2
X-Content-Type-Options: nosniff
X-DNS-Prefetch-Control: off
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-RateLimit-Limit: 1000
X-RateLimit-Remaining: 999
X-RateLimit-Reset: 1680782955
X-XSS-Protection: 0

GET
H/1.1 200
OK bootstrap.css
www.johnhancocktravel.com/css/ 189 KB
27 KB 184ms
183ms Stylesheet
text/css 23.218.166.70
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.johnhancocktravel.com/css/bootstrap.css

Requested by

Host: www.johnhancocktravel.com
URL: https://www.johnhancocktravel.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.218.166.70 Munich, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-218-166-70.deploy.static.akamaitechnologies.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

61c0376f7a24edbfc10251067f110559b98547ad9f8a0498e82848eec7f16698

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';connect-src 'self' .google-analytics.com .analytics.google.com .googletagmanager.com .demdex.net cm.everesttech.net .bing.com wss://.bing.com assets.adobedtm.com;script-src 'self' .googleadservices.com .google.com .googletagmanager.com assets.adobedtm.com connect.facebook.net facebook.com bat.bing.com .demdex.net r.bing.com cm.everesttech.net;frame-src 'self' .demdex.net sdx.microsoft.com;img-src 'self' .fls.doubleclick.net .google-analytics.com .googletagmanager.com googleads.g.doubleclick.net www.google.com facebook.com .demdex.net .bing.com *.microsoft.com cm.everesttech.net assets.adobedtm.com jhfsjhtravel.112.2o7.net;upgrade-insecure-requests;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self';connect-src 'self' *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.demdex.net cm.everesttech.net *.bing.com wss://*.bing.com assets.adobedtm.com;script-src 'self' *.googleadservices.com *.google.com *.googletagmanager.com assets.adobedtm.com connect.facebook.net facebook.com bat.bing.com *.demdex.net r.bing.com cm.everesttech.net;frame-src 'self' *.demdex.net sdx.microsoft.com;img-src 'self' *.fls.doubleclick.net *.google-analytics.com *.googletagmanager.com googleads.g.doubleclick.net www.google.com facebook.com *.demdex.net *.bing.com *.microsoft.com cm.everesttech.net assets.adobedtm.com jhfsjhtravel.112.2o7.net;upgrade-insecure-requests;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Thu, 06 Apr 2023 11:20:12 GMT
X-Permitted-Cross-Domain-Policies: none
Strict-Transport-Security: max-age=15768000 ; includeSubDomains
X-DNS-Prefetch-Control: off
Connection: keep-alive
Content-Length: 25637
X-XSS-Protection: 0
Referrer-Policy: no-referrer
Last-Modified: Wed, 15 Jun 2022 17:15:10 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"2f2e5-181685ca344"
X-Download-Options: noopen
Expect-CT: max-age=0
X-Frame-Options: SAMEORIGIN
Content-Type: text/css; charset=UTF-8
Vary: Accept-Encoding
Cache-Control: public, max-age=0
Accept-Ranges: bytes

GET
H/1.1 200
OK aem-grid.css
www.johnhancocktravel.com/css/ 121 KB
8 KB 214ms
153ms Stylesheet
text/css 23.218.166.70
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.johnhancocktravel.com/css/aem-grid.css

Requested by

Host: www.johnhancocktravel.com
URL: https://www.johnhancocktravel.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.218.166.70 Munich, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-218-166-70.deploy.static.akamaitechnologies.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

f37d492cf0f9327059fb29e322dfe7f876371b6508a4dcae386221e358ae9581

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';connect-src 'self' .google-analytics.com .analytics.google.com .googletagmanager.com .demdex.net cm.everesttech.net .bing.com wss://.bing.com assets.adobedtm.com;script-src 'self' .googleadservices.com .google.com .googletagmanager.com assets.adobedtm.com connect.facebook.net facebook.com bat.bing.com .demdex.net r.bing.com cm.everesttech.net;frame-src 'self' .demdex.net sdx.microsoft.com;img-src 'self' .fls.doubleclick.net .google-analytics.com .googletagmanager.com googleads.g.doubleclick.net www.google.com facebook.com .demdex.net .bing.com *.microsoft.com cm.everesttech.net assets.adobedtm.com jhfsjhtravel.112.2o7.net;upgrade-insecure-requests;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self';connect-src 'self' *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.demdex.net cm.everesttech.net *.bing.com wss://*.bing.com assets.adobedtm.com;script-src 'self' *.googleadservices.com *.google.com *.googletagmanager.com assets.adobedtm.com connect.facebook.net facebook.com bat.bing.com *.demdex.net r.bing.com cm.everesttech.net;frame-src 'self' *.demdex.net sdx.microsoft.com;img-src 'self' *.fls.doubleclick.net *.google-analytics.com *.googletagmanager.com googleads.g.doubleclick.net www.google.com facebook.com *.demdex.net *.bing.com *.microsoft.com cm.everesttech.net assets.adobedtm.com jhfsjhtravel.112.2o7.net;upgrade-insecure-requests;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Thu, 06 Apr 2023 11:20:12 GMT
X-Permitted-Cross-Domain-Policies: none
Strict-Transport-Security: max-age=15768000 ; includeSubDomains
X-DNS-Prefetch-Control: off
Connection: keep-alive
Content-Length: 6777
X-XSS-Protection: 0
Referrer-Policy: no-referrer
Last-Modified: Wed, 15 Jun 2022 17:15:10 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"1e563-181685ca2ec"
X-Download-Options: noopen
Expect-CT: max-age=0
X-Frame-Options: SAMEORIGIN
Content-Type: text/css; charset=UTF-8
Vary: Accept-Encoding
Cache-Control: public, max-age=0
Accept-Ranges: bytes

GET
H/1.1 200
OK app.css
www.johnhancocktravel.com/css/ 147 KB
22 KB 207ms
146ms Stylesheet
text/css 23.218.166.70
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.johnhancocktravel.com/css/app.css

Requested by

Host: www.johnhancocktravel.com
URL: https://www.johnhancocktravel.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.218.166.70 Munich, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-218-166-70.deploy.static.akamaitechnologies.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

6ccb5c39148806897e9e680227bd2a2d9be33278832fe337768c70210b2f743b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';connect-src 'self' .google-analytics.com .analytics.google.com .googletagmanager.com .demdex.net cm.everesttech.net .bing.com wss://.bing.com assets.adobedtm.com;script-src 'self' .googleadservices.com .google.com .googletagmanager.com assets.adobedtm.com connect.facebook.net facebook.com bat.bing.com .demdex.net r.bing.com cm.everesttech.net;frame-src 'self' .demdex.net sdx.microsoft.com;img-src 'self' .fls.doubleclick.net .google-analytics.com .googletagmanager.com googleads.g.doubleclick.net www.google.com facebook.com .demdex.net .bing.com *.microsoft.com cm.everesttech.net assets.adobedtm.com jhfsjhtravel.112.2o7.net;upgrade-insecure-requests;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self';connect-src 'self' *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.demdex.net cm.everesttech.net *.bing.com wss://*.bing.com assets.adobedtm.com;script-src 'self' *.googleadservices.com *.google.com *.googletagmanager.com assets.adobedtm.com connect.facebook.net facebook.com bat.bing.com *.demdex.net r.bing.com cm.everesttech.net;frame-src 'self' *.demdex.net sdx.microsoft.com;img-src 'self' *.fls.doubleclick.net *.google-analytics.com *.googletagmanager.com googleads.g.doubleclick.net www.google.com facebook.com *.demdex.net *.bing.com *.microsoft.com cm.everesttech.net assets.adobedtm.com jhfsjhtravel.112.2o7.net;upgrade-insecure-requests;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Thu, 06 Apr 2023 11:20:12 GMT
X-Permitted-Cross-Domain-Policies: none
Strict-Transport-Security: max-age=15768000 ; includeSubDomains
X-DNS-Prefetch-Control: off
Connection: keep-alive
Content-Length: 20907
X-XSS-Protection: 0
Referrer-Policy: no-referrer
Last-Modified: Fri, 19 Aug 2022 18:23:59 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"24c49-182b7590049"
X-Download-Options: noopen
Expect-CT: max-age=0
X-Frame-Options: SAMEORIGIN
Content-Type: text/css; charset=UTF-8
Vary: Accept-Encoding
Cache-Control: public, max-age=0
Accept-Ranges: bytes

GET
H/1.1 200
OK browserupdate.css
www.johnhancocktravel.com/css/ 2 KB
2 KB 270ms
160ms Stylesheet
text/css 23.218.166.70
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.johnhancocktravel.com/css/browserupdate.css

Requested by

Host: www.johnhancocktravel.com
URL: https://www.johnhancocktravel.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.218.166.70 Munich, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-218-166-70.deploy.static.akamaitechnologies.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

c085df67ce43310d11a78d263d92fd1ce16ea3d52622a23422ed27d1aa154cf6

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';connect-src 'self' .google-analytics.com .analytics.google.com .googletagmanager.com .demdex.net cm.everesttech.net .bing.com wss://.bing.com assets.adobedtm.com;script-src 'self' .googleadservices.com .google.com .googletagmanager.com assets.adobedtm.com connect.facebook.net facebook.com bat.bing.com .demdex.net r.bing.com cm.everesttech.net;frame-src 'self' .demdex.net sdx.microsoft.com;img-src 'self' .fls.doubleclick.net .google-analytics.com .googletagmanager.com googleads.g.doubleclick.net www.google.com facebook.com .demdex.net .bing.com *.microsoft.com cm.everesttech.net assets.adobedtm.com jhfsjhtravel.112.2o7.net;upgrade-insecure-requests;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self';connect-src 'self' *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.demdex.net cm.everesttech.net *.bing.com wss://*.bing.com assets.adobedtm.com;script-src 'self' *.googleadservices.com *.google.com *.googletagmanager.com assets.adobedtm.com connect.facebook.net facebook.com bat.bing.com *.demdex.net r.bing.com cm.everesttech.net;frame-src 'self' *.demdex.net sdx.microsoft.com;img-src 'self' *.fls.doubleclick.net *.google-analytics.com *.googletagmanager.com googleads.g.doubleclick.net www.google.com facebook.com *.demdex.net *.bing.com *.microsoft.com cm.everesttech.net assets.adobedtm.com jhfsjhtravel.112.2o7.net;upgrade-insecure-requests;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Thu, 06 Apr 2023 11:20:12 GMT
X-Permitted-Cross-Domain-Policies: none
Strict-Transport-Security: max-age=15768000 ; includeSubDomains
X-DNS-Prefetch-Control: off
Connection: keep-alive
Content-Length: 565
X-XSS-Protection: 0
Referrer-Policy: no-referrer
Last-Modified: Wed, 15 Jun 2022 17:15:10 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"63a-181685ca340"
X-Download-Options: noopen
Expect-CT: max-age=0
X-Frame-Options: SAMEORIGIN
Content-Type: text/css; charset=UTF-8
Vary: Accept-Encoding
Cache-Control: public, max-age=0
Accept-Ranges: bytes

GET
H/1.1 200
OK bootstrap-select.min.css
www.johnhancocktravel.com/css/ 10 KB
3 KB 282ms
171ms Stylesheet
text/css 23.218.166.70
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.johnhancocktravel.com/css/bootstrap-select.min.css

Requested by

Host: www.johnhancocktravel.com
URL: https://www.johnhancocktravel.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.218.166.70 Munich, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-218-166-70.deploy.static.akamaitechnologies.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

ca3467342a31c75c088d6058cc48740faf0b2cac0c593bb8a6df4ad2f9adeb36

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';connect-src 'self' .google-analytics.com .analytics.google.com .googletagmanager.com .demdex.net cm.everesttech.net .bing.com wss://.bing.com assets.adobedtm.com;script-src 'self' .googleadservices.com .google.com .googletagmanager.com assets.adobedtm.com connect.facebook.net facebook.com bat.bing.com .demdex.net r.bing.com cm.everesttech.net;frame-src 'self' .demdex.net sdx.microsoft.com;img-src 'self' .fls.doubleclick.net .google-analytics.com .googletagmanager.com googleads.g.doubleclick.net www.google.com facebook.com .demdex.net .bing.com *.microsoft.com cm.everesttech.net assets.adobedtm.com jhfsjhtravel.112.2o7.net;upgrade-insecure-requests;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self';connect-src 'self' *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.demdex.net cm.everesttech.net *.bing.com wss://*.bing.com assets.adobedtm.com;script-src 'self' *.googleadservices.com *.google.com *.googletagmanager.com assets.adobedtm.com connect.facebook.net facebook.com bat.bing.com *.demdex.net r.bing.com cm.everesttech.net;frame-src 'self' *.demdex.net sdx.microsoft.com;img-src 'self' *.fls.doubleclick.net *.google-analytics.com *.googletagmanager.com googleads.g.doubleclick.net www.google.com facebook.com *.demdex.net *.bing.com *.microsoft.com cm.everesttech.net assets.adobedtm.com jhfsjhtravel.112.2o7.net;upgrade-insecure-requests;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Thu, 06 Apr 2023 11:20:12 GMT
X-Permitted-Cross-Domain-Policies: none
Strict-Transport-Security: max-age=15768000 ; includeSubDomains
X-DNS-Prefetch-Control: off
Connection: keep-alive
Content-Length: 1987
X-XSS-Protection: 0
Referrer-Policy: no-referrer
Last-Modified: Wed, 15 Jun 2022 17:15:10 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"2631-181685ca33c"
X-Download-Options: noopen
Expect-CT: max-age=0
X-Frame-Options: SAMEORIGIN
Content-Type: text/css; charset=UTF-8
Vary: Accept-Encoding
Cache-Control: public, max-age=0
Accept-Ranges: bytes

GET
H/1.1 200
OK owl.carousel.min.css
www.johnhancocktravel.com/css/ 4 KB
3 KB 269ms
159ms Stylesheet
text/css 23.218.166.70
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.johnhancocktravel.com/css/owl.carousel.min.css

Requested by

Host: www.johnhancocktravel.com
URL: https://www.johnhancocktravel.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.218.166.70 Munich, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-218-166-70.deploy.static.akamaitechnologies.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

f4bb5ca3cac09cf26c817d139f27d9e702b5bf05181c7423a67d36d899b9e210

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';connect-src 'self' .google-analytics.com .analytics.google.com .googletagmanager.com .demdex.net cm.everesttech.net .bing.com wss://.bing.com assets.adobedtm.com;script-src 'self' .googleadservices.com .google.com .googletagmanager.com assets.adobedtm.com connect.facebook.net facebook.com bat.bing.com .demdex.net r.bing.com cm.everesttech.net;frame-src 'self' .demdex.net sdx.microsoft.com;img-src 'self' .fls.doubleclick.net .google-analytics.com .googletagmanager.com googleads.g.doubleclick.net www.google.com facebook.com .demdex.net .bing.com *.microsoft.com cm.everesttech.net assets.adobedtm.com jhfsjhtravel.112.2o7.net;upgrade-insecure-requests;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self';connect-src 'self' *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.demdex.net cm.everesttech.net *.bing.com wss://*.bing.com assets.adobedtm.com;script-src 'self' *.googleadservices.com *.google.com *.googletagmanager.com assets.adobedtm.com connect.facebook.net facebook.com bat.bing.com *.demdex.net r.bing.com cm.everesttech.net;frame-src 'self' *.demdex.net sdx.microsoft.com;img-src 'self' *.fls.doubleclick.net *.google-analytics.com *.googletagmanager.com googleads.g.doubleclick.net www.google.com facebook.com *.demdex.net *.bing.com *.microsoft.com cm.everesttech.net assets.adobedtm.com jhfsjhtravel.112.2o7.net;upgrade-insecure-requests;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Thu, 06 Apr 2023 11:20:12 GMT
X-Permitted-Cross-Domain-Policies: none
Strict-Transport-Security: max-age=15768000 ; includeSubDomains
X-DNS-Prefetch-Control: off
Connection: keep-alive
Content-Length: 1193
X-XSS-Protection: 0
Referrer-Policy: no-referrer
Last-Modified: Wed, 15 Jun 2022 17:15:10 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"f2a-181685ca348"
X-Download-Options: noopen
Expect-CT: max-age=0
X-Frame-Options: SAMEORIGIN
Content-Type: text/css; charset=UTF-8
Vary: Accept-Encoding
Cache-Control: public, max-age=0
Accept-Ranges: bytes

GET
H/1.1 200
OK owl.theme.default.min.css
www.johnhancocktravel.com/css/ 1 KB
2 KB 365ms
170ms Stylesheet
text/css 23.218.166.70
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.johnhancocktravel.com/css/owl.theme.default.min.css

Requested by

Host: www.johnhancocktravel.com
URL: https://www.johnhancocktravel.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.218.166.70 Munich, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-218-166-70.deploy.static.akamaitechnologies.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

9c652e9d2d91d8834f7a55bc96e8f8eb68962213e4607e7cd31850ae9a24bf13

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';connect-src 'self' .google-analytics.com .analytics.google.com .googletagmanager.com .demdex.net cm.everesttech.net .bing.com wss://.bing.com assets.adobedtm.com;script-src 'self' .googleadservices.com .google.com .googletagmanager.com assets.adobedtm.com connect.facebook.net facebook.com bat.bing.com .demdex.net r.bing.com cm.everesttech.net;frame-src 'self' .demdex.net sdx.microsoft.com;img-src 'self' .fls.doubleclick.net .google-analytics.com .googletagmanager.com googleads.g.doubleclick.net www.google.com facebook.com .demdex.net .bing.com *.microsoft.com cm.everesttech.net assets.adobedtm.com jhfsjhtravel.112.2o7.net;upgrade-insecure-requests;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self';connect-src 'self' *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.demdex.net cm.everesttech.net *.bing.com wss://*.bing.com assets.adobedtm.com;script-src 'self' *.googleadservices.com *.google.com *.googletagmanager.com assets.adobedtm.com connect.facebook.net facebook.com bat.bing.com *.demdex.net r.bing.com cm.everesttech.net;frame-src 'self' *.demdex.net sdx.microsoft.com;img-src 'self' *.fls.doubleclick.net *.google-analytics.com *.googletagmanager.com googleads.g.doubleclick.net www.google.com facebook.com *.demdex.net *.bing.com *.microsoft.com cm.everesttech.net assets.adobedtm.com jhfsjhtravel.112.2o7.net;upgrade-insecure-requests;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Thu, 06 Apr 2023 11:20:12 GMT
X-Permitted-Cross-Domain-Policies: none
Strict-Transport-Security: max-age=15768000 ; includeSubDomains
X-DNS-Prefetch-Control: off
Connection: keep-alive
Content-Length: 536
X-XSS-Protection: 0
Referrer-Policy: no-referrer
Last-Modified: Wed, 15 Jun 2022 17:15:10 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"4a4-181685ca348"
X-Download-Options: noopen
Expect-CT: max-age=0
X-Frame-Options: SAMEORIGIN
Content-Type: text/css; charset=UTF-8
Vary: Accept-Encoding
Cache-Control: public, max-age=0
Accept-Ranges: bytes

GET
H/1.1 200
OK daterangepicker.css
www.johnhancocktravel.com/css/ 8 KB
3 KB 353ms
145ms Stylesheet
text/css 23.218.166.70
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.johnhancocktravel.com/css/daterangepicker.css

Requested by

Host: www.johnhancocktravel.com
URL: https://www.johnhancocktravel.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.218.166.70 Munich, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-218-166-70.deploy.static.akamaitechnologies.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

91a9338a03dab101c956390ff0b85d0cb8f7d554b387278face91a82363d3f49

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';connect-src 'self' .google-analytics.com .analytics.google.com .googletagmanager.com .demdex.net cm.everesttech.net .bing.com wss://.bing.com assets.adobedtm.com;script-src 'self' .googleadservices.com .google.com .googletagmanager.com assets.adobedtm.com connect.facebook.net facebook.com bat.bing.com .demdex.net r.bing.com cm.everesttech.net;frame-src 'self' .demdex.net sdx.microsoft.com;img-src 'self' .fls.doubleclick.net .google-analytics.com .googletagmanager.com googleads.g.doubleclick.net www.google.com facebook.com .demdex.net .bing.com *.microsoft.com cm.everesttech.net assets.adobedtm.com jhfsjhtravel.112.2o7.net;upgrade-insecure-requests;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self';connect-src 'self' *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.demdex.net cm.everesttech.net *.bing.com wss://*.bing.com assets.adobedtm.com;script-src 'self' *.googleadservices.com *.google.com *.googletagmanager.com assets.adobedtm.com connect.facebook.net facebook.com bat.bing.com *.demdex.net r.bing.com cm.everesttech.net;frame-src 'self' *.demdex.net sdx.microsoft.com;img-src 'self' *.fls.doubleclick.net *.google-analytics.com *.googletagmanager.com googleads.g.doubleclick.net www.google.com facebook.com *.demdex.net *.bing.com *.microsoft.com cm.everesttech.net assets.adobedtm.com jhfsjhtravel.112.2o7.net;upgrade-insecure-requests;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Thu, 06 Apr 2023 11:20:12 GMT
X-Permitted-Cross-Domain-Policies: none
Strict-Transport-Security: max-age=15768000 ; includeSubDomains
X-DNS-Prefetch-Control: off
Connection: keep-alive
Content-Length: 1662
X-XSS-Protection: 0
Referrer-Policy: no-referrer
Last-Modified: Wed, 15 Jun 2022 17:15:10 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"202a-181685ca344"
X-Download-Options: noopen
Expect-CT: max-age=0
X-Frame-Options: SAMEORIGIN
Content-Type: text/css; charset=UTF-8
Vary: Accept-Encoding
Cache-Control: public, max-age=0
Accept-Ranges: bytes

GET
H2 200 all.css
use.fontawesome.com/releases/v5.1.0/css/ 45 KB
10 KB 82ms
48ms Stylesheet
text/css 2606:4700:e2::ac40:850f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.1.0/css/all.css
Requested by: Host: www.johnhancocktravel.com
URL: https://www.johnhancocktravel.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:850f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce91e2144ea27f82292ef2c87c5d9e1d0b9994df63836130293865aca18fc550

Request headers

Referer
Origin: https://www.johnhancocktravel.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 11:20:12 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 49XDXVQZRC2S482S
age: 424686
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: /96/NccuVUEPaz8H1ZgNBhRFMzbjOAvYDRIttLa5XG7BwZPJ3i4zgRa4rQ4FQ1eeOdStWFgtCbI=
last-modified: Wed, 30 Jun 2021 15:30:31 GMT
server: cloudflare
etag: W/"826c57385f3d35cfed5478ba7b1f5c03"
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I8y9CP%2BxKT5cueKoBuDaoOJKZJJnINw9ySv6pWXBrKPQ2a3YVkWlJDfaOYuo4OFFgM%2FYw3HAG0DAknqAVaoYnBuH%2F7HH7xFjZMhpl6GdYp4XPmaFuldmVOQ3qLZTjPH%2FimJP81ZKdcA7vrUS4LhuK8xg"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 7b39a3e6a8d79ba0-FRA

GET
H2 200 launch-046391c7a3d0.min.js Show response
assets.adobedtm.com/122318bb3e34/1b90b12e34aa/ 73 KB
23 KB 116ms
23ms Script
application/x-javascript 2a02:26f0:3500:591::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/122318bb3e34/1b90b12e34aa/launch-046391c7a3d0.min.js
Requested by: Host: www.johnhancocktravel.com
URL: https://www.johnhancocktravel.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: afea7d0a51eba55bd8d3ad7ebfa0fb6ad9dbd996e230f5f37af8ac8fcf7bbb3b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 11:20:13 GMT
content-encoding: gzip
last-modified: Thu, 07 Jul 2022 17:40:18 GMT
server: AkamaiNetStorage
etag: "42e1e635a540a4a2c3fe184a8d08e93b:1657215618.582363"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 23250
expires: Thu, 06 Apr 2023 12:20:13 GMT

GET
H/1.1 200
OK e54b287 Show response
www.johnhancocktravel.com/akam/13/ 26 KB
10 KB 357ms
357ms Script
application/javascript 23.218.166.70
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.johnhancocktravel.com/akam/13/e54b287

Requested by

Host: www.johnhancocktravel.com
URL: https://www.johnhancocktravel.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.218.166.70 Munich, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-218-166-70.deploy.static.akamaitechnologies.com

Software

Resource Hash

3c37210a335725390c5a17b694191b626b15cdb33635f5fc5ef30a112a54e93c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 06 Apr 2023 11:20:14 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=15768000 ; includeSubDomains
Last-Modified: Wed, 09 Feb 2022 15:10:57 GMT
ETag: "a3a5fdfe0cdbfd1df1d9964357378171fae6fdf61d24ac95ebbd6ead65ab4752"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 8798
Expires: Thu, 06 Apr 2023 11:20:14 GMT

GET
H/1.1 200
OK JHIA_horiz_distributed_by.svg
www.johnhancocktravel.com/images/header/ 17 KB
7 KB 593ms
119ms Image
image/svg+xml 23.218.166.70
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.johnhancocktravel.com/images/header/JHIA_horiz_distributed_by.svg

Requested by

Host: www.johnhancocktravel.com
URL: https://www.johnhancocktravel.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.218.166.70 Munich, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-218-166-70.deploy.static.akamaitechnologies.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

12e7a4c2bd49578fe212f14dd6e6d4aff4fa282e9e4d6bc33c7bab0b3abc64c2

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';connect-src 'self' .google-analytics.com .analytics.google.com .googletagmanager.com .demdex.net cm.everesttech.net .bing.com wss://.bing.com assets.adobedtm.com;script-src 'self' .googleadservices.com .google.com .googletagmanager.com assets.adobedtm.com connect.facebook.net facebook.com bat.bing.com .demdex.net r.bing.com cm.everesttech.net;frame-src 'self' .demdex.net sdx.microsoft.com;img-src 'self' .fls.doubleclick.net .google-analytics.com .googletagmanager.com googleads.g.doubleclick.net www.google.com facebook.com .demdex.net .bing.com *.microsoft.com cm.everesttech.net assets.adobedtm.com jhfsjhtravel.112.2o7.net;upgrade-insecure-requests;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self';connect-src 'self' *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.demdex.net cm.everesttech.net *.bing.com wss://*.bing.com assets.adobedtm.com;script-src 'self' *.googleadservices.com *.google.com *.googletagmanager.com assets.adobedtm.com connect.facebook.net facebook.com bat.bing.com *.demdex.net r.bing.com cm.everesttech.net;frame-src 'self' *.demdex.net sdx.microsoft.com;img-src 'self' *.fls.doubleclick.net *.google-analytics.com *.googletagmanager.com googleads.g.doubleclick.net www.google.com facebook.com *.demdex.net *.bing.com *.microsoft.com cm.everesttech.net assets.adobedtm.com jhfsjhtravel.112.2o7.net;upgrade-insecure-requests;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Thu, 06 Apr 2023 11:20:13 GMT
X-Permitted-Cross-Domain-Policies: none
Strict-Transport-Security: max-age=15768000 ; includeSubDomains
X-DNS-Prefetch-Control: off
Connection: keep-alive
Content-Length: 6017
X-XSS-Protection: 0
Referrer-Policy: no-referrer
Last-Modified: Wed, 15 Jun 2022 17:15:13 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"42bb-181685cae58"
X-Download-Options: noopen
Expect-CT: max-age=0
X-Frame-Options: SAMEORIGIN
Content-Type: image/svg+xml
Vary: Accept-Encoding
Cache-Control: public, max-age=0
Accept-Ranges: bytes

GET
H/1.1 200
OK STARR_NEW.PNG
www.johnhancocktravel.com/images/header/ 37 KB
39 KB 726ms
131ms Image
image/png 23.218.166.70
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.johnhancocktravel.com/images/header/STARR_NEW.PNG

Requested by

Host: www.johnhancocktravel.com
URL: https://www.johnhancocktravel.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.218.166.70 Munich, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-218-166-70.deploy.static.akamaitechnologies.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

a81e930e26cb243f74c64b0ab548606e28a83bc5509e62cb00bd9f726cd34dea

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';connect-src 'self' .google-analytics.com .analytics.google.com .googletagmanager.com .demdex.net cm.everesttech.net .bing.com wss://.bing.com assets.adobedtm.com;script-src 'self' .googleadservices.com .google.com .googletagmanager.com assets.adobedtm.com connect.facebook.net facebook.com bat.bing.com .demdex.net r.bing.com cm.everesttech.net;frame-src 'self' .demdex.net sdx.microsoft.com;img-src 'self' .fls.doubleclick.net .google-analytics.com .googletagmanager.com googleads.g.doubleclick.net www.google.com facebook.com .demdex.net .bing.com *.microsoft.com cm.everesttech.net assets.adobedtm.com jhfsjhtravel.112.2o7.net;upgrade-insecure-requests;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self';connect-src 'self' *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.demdex.net cm.everesttech.net *.bing.com wss://*.bing.com assets.adobedtm.com;script-src 'self' *.googleadservices.com *.google.com *.googletagmanager.com assets.adobedtm.com connect.facebook.net facebook.com bat.bing.com *.demdex.net r.bing.com cm.everesttech.net;frame-src 'self' *.demdex.net sdx.microsoft.com;img-src 'self' *.fls.doubleclick.net *.google-analytics.com *.googletagmanager.com googleads.g.doubleclick.net www.google.com facebook.com *.demdex.net *.bing.com *.microsoft.com cm.everesttech.net assets.adobedtm.com jhfsjhtravel.112.2o7.net;upgrade-insecure-requests;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Date: Thu, 06 Apr 2023 11:20:13 GMT
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15768000 ; includeSubDomains
X-Permitted-Cross-Domain-Policies: none
X-DNS-Prefetch-Control: off
Connection: keep-alive
Content-Length: 38300
X-XSS-Protection: 0
Referrer-Policy: no-referrer
Last-Modified: Wed, 15 Jun 2022 17:15:13 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"959c-181685caf38"
Expect-CT: max-age=0
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: public, max-age=0
Accept-Ranges: bytes

GET
H/1.1 200
OK JHIA_horiz_distributed_by.png
www.johnhancocktravel.com/images/header/ 30 KB
31 KB 161ms
161ms Image
image/png 23.218.166.70
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.johnhancocktravel.com/images/header/JHIA_horiz_distributed_by.png

Requested by

Host: www.johnhancocktravel.com
URL: https://www.johnhancocktravel.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.218.166.70 Munich, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-218-166-70.deploy.static.akamaitechnologies.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

b9c6264b8c4973a229cf76880f71217337b49af819c0c1f7868bc17c72494fe1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';connect-src 'self' .google-analytics.com .analytics.google.com .googletagmanager.com .demdex.net cm.everesttech.net .bing.com wss://.bing.com assets.adobedtm.com;script-src 'self' .googleadservices.com .google.com .googletagmanager.com assets.adobedtm.com connect.facebook.net facebook.com bat.bing.com .demdex.net r.bing.com cm.everesttech.net;frame-src 'self' .demdex.net sdx.microsoft.com;img-src 'self' .fls.doubleclick.net .google-analytics.com .googletagmanager.com googleads.g.doubleclick.net www.google.com facebook.com .demdex.net .bing.com *.microsoft.com cm.everesttech.net assets.adobedtm.com jhfsjhtravel.112.2o7.net;upgrade-insecure-requests;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self';connect-src 'self' *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.demdex.net cm.everesttech.net *.bing.com wss://*.bing.com assets.adobedtm.com;script-src 'self' *.googleadservices.com *.google.com *.googletagmanager.com assets.adobedtm.com connect.facebook.net facebook.com bat.bing.com *.demdex.net r.bing.com cm.everesttech.net;frame-src 'self' *.demdex.net sdx.microsoft.com;img-src 'self' *.fls.doubleclick.net *.google-analytics.com *.googletagmanager.com googleads.g.doubleclick.net www.google.com facebook.com *.demdex.net *.bing.com *.microsoft.com cm.everesttech.net assets.adobedtm.com jhfsjhtravel.112.2o7.net;upgrade-insecure-requests;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Date: Thu, 06 Apr 2023 11:20:14 GMT
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15768000 ; includeSubDomains
X-Permitted-Cross-Domain-Policies: none
X-DNS-Prefetch-Control: off
Connection: keep-alive
Content-Length: 30327
X-XSS-Protection: 0
Referrer-Policy: no-referrer
Last-Modified: Wed, 15 Jun 2022 17:15:12 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"7677-181685cac2c"
Expect-CT: max-age=0
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: public, max-age=0
Accept-Ranges: bytes

GET
H/1.1 200
OK check-mark.svg
www.johnhancocktravel.com/images/ 539 B
2 KB 719ms
131ms Image
image/svg+xml 23.218.166.70
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.johnhancocktravel.com/images/check-mark.svg

Requested by

Host: www.johnhancocktravel.com
URL: https://www.johnhancocktravel.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.218.166.70 Munich, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-218-166-70.deploy.static.akamaitechnologies.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

6dde612674680d9cd9dacc0778832f0e48fe3c864417bfd60d0d315fe0a318d5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';connect-src 'self' .google-analytics.com .analytics.google.com .googletagmanager.com .demdex.net cm.everesttech.net .bing.com wss://.bing.com assets.adobedtm.com;script-src 'self' .googleadservices.com .google.com .googletagmanager.com assets.adobedtm.com connect.facebook.net facebook.com bat.bing.com .demdex.net r.bing.com cm.everesttech.net;frame-src 'self' .demdex.net sdx.microsoft.com;img-src 'self' .fls.doubleclick.net .google-analytics.com .googletagmanager.com googleads.g.doubleclick.net www.google.com facebook.com .demdex.net .bing.com *.microsoft.com cm.everesttech.net assets.adobedtm.com jhfsjhtravel.112.2o7.net;upgrade-insecure-requests;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self';connect-src 'self' *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.demdex.net cm.everesttech.net *.bing.com wss://*.bing.com assets.adobedtm.com;script-src 'self' *.googleadservices.com *.google.com *.googletagmanager.com assets.adobedtm.com connect.facebook.net facebook.com bat.bing.com *.demdex.net r.bing.com cm.everesttech.net;frame-src 'self' *.demdex.net sdx.microsoft.com;img-src 'self' *.fls.doubleclick.net *.google-analytics.com *.googletagmanager.com googleads.g.doubleclick.net www.google.com facebook.com *.demdex.net *.bing.com *.microsoft.com cm.everesttech.net assets.adobedtm.com jhfsjhtravel.112.2o7.net;upgrade-insecure-requests;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Thu, 06 Apr 2023 11:20:13 GMT
X-Permitted-Cross-Domain-Policies: none
Strict-Transport-Security: max-age=15768000 ; includeSubDomains
X-DNS-Prefetch-Control: off
Connection: keep-alive
Content-Length: 390
X-XSS-Protection: 0
Referrer-Policy: no-referrer
Last-Modified: Wed, 15 Jun 2022 17:15:11 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"21b-181685ca6f4"
X-Download-Options: noopen
Expect-CT: max-age=0
X-Frame-Options: SAMEORIGIN
Content-Type: image/svg+xml
Vary: Accept-Encoding
Cache-Control: public, max-age=0
Accept-Ranges: bytes

GET
H/1.1 200
OK plane-icon.svg
www.johnhancocktravel.com/images/ 911 B
2 KB 679ms
131ms Image
image/svg+xml 23.218.166.70
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.johnhancocktravel.com/images/plane-icon.svg

Requested by

Host: www.johnhancocktravel.com
URL: https://www.johnhancocktravel.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.218.166.70 Munich, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-218-166-70.deploy.static.akamaitechnologies.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

b7fd6bf50ed4a780a1b950ef73fbd7415f77bc314ece9bf19ef2787142312778

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';connect-src 'self' .google-analytics.com .analytics.google.com .googletagmanager.com .demdex.net cm.everesttech.net .bing.com wss://.bing.com assets.adobedtm.com;script-src 'self' .googleadservices.com .google.com .googletagmanager.com assets.adobedtm.com connect.facebook.net facebook.com bat.bing.com .demdex.net r.bing.com cm.everesttech.net;frame-src 'self' .demdex.net sdx.microsoft.com;img-src 'self' .fls.doubleclick.net .google-analytics.com .googletagmanager.com googleads.g.doubleclick.net www.google.com facebook.com .demdex.net .bing.com *.microsoft.com cm.everesttech.net assets.adobedtm.com jhfsjhtravel.112.2o7.net;upgrade-insecure-requests;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self';connect-src 'self' *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.demdex.net cm.everesttech.net *.bing.com wss://*.bing.com assets.adobedtm.com;script-src 'self' *.googleadservices.com *.google.com *.googletagmanager.com assets.adobedtm.com connect.facebook.net facebook.com bat.bing.com *.demdex.net r.bing.com cm.everesttech.net;frame-src 'self' *.demdex.net sdx.microsoft.com;img-src 'self' *.fls.doubleclick.net *.google-analytics.com *.googletagmanager.com googleads.g.doubleclick.net www.google.com facebook.com *.demdex.net *.bing.com *.microsoft.com cm.everesttech.net assets.adobedtm.com jhfsjhtravel.112.2o7.net;upgrade-insecure-requests;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Thu, 06 Apr 2023 11:20:13 GMT
X-Permitted-Cross-Domain-Policies: none
Strict-Transport-Security: max-age=15768000 ; includeSubDomains
X-DNS-Prefetch-Control: off
Connection: keep-alive
Content-Length: 553
X-XSS-Protection: 0
Referrer-Policy: no-referrer
Last-Modified: Wed, 15 Jun 2022 17:15:11 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"38f-181685ca788"
X-Download-Options: noopen
Expect-CT: max-age=0
X-Frame-Options: SAMEORIGIN
Content-Type: image/svg+xml
Vary: Accept-Encoding
Cache-Control: public, max-age=0
Accept-Ranges: bytes

GET
H/1.1 200
OK luggage-icon.svg
www.johnhancocktravel.com/images/ 839 B
2 KB 661ms
166ms Image
image/svg+xml 23.218.166.70
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.johnhancocktravel.com/images/luggage-icon.svg

Requested by

Host: www.johnhancocktravel.com
URL: https://www.johnhancocktravel.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.218.166.70 Munich, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-218-166-70.deploy.static.akamaitechnologies.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

bdad8e57fa792f363d8b1c797dda9f91ed2c2834f2cd43e46fd52293be479cad

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';connect-src 'self' .google-analytics.com .analytics.google.com .googletagmanager.com .demdex.net cm.everesttech.net .bing.com wss://.bing.com assets.adobedtm.com;script-src 'self' .googleadservices.com .google.com .googletagmanager.com assets.adobedtm.com connect.facebook.net facebook.com bat.bing.com .demdex.net r.bing.com cm.everesttech.net;frame-src 'self' .demdex.net sdx.microsoft.com;img-src 'self' .fls.doubleclick.net .google-analytics.com .googletagmanager.com googleads.g.doubleclick.net www.google.com facebook.com .demdex.net .bing.com *.microsoft.com cm.everesttech.net assets.adobedtm.com jhfsjhtravel.112.2o7.net;upgrade-insecure-requests;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self';connect-src 'self' *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.demdex.net cm.everesttech.net *.bing.com wss://*.bing.com assets.adobedtm.com;script-src 'self' *.googleadservices.com *.google.com *.googletagmanager.com assets.adobedtm.com connect.facebook.net facebook.com bat.bing.com *.demdex.net r.bing.com cm.everesttech.net;frame-src 'self' *.demdex.net sdx.microsoft.com;img-src 'self' *.fls.doubleclick.net *.google-analytics.com *.googletagmanager.com googleads.g.doubleclick.net www.google.com facebook.com *.demdex.net *.bing.com *.microsoft.com cm.everesttech.net assets.adobedtm.com jhfsjhtravel.112.2o7.net;upgrade-insecure-requests;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Thu, 06 Apr 2023 11:20:13 GMT
X-Permitted-Cross-Domain-Policies: none
Strict-Transport-Security: max-age=15768000 ; includeSubDomains
X-DNS-Prefetch-Control: off
Connection: keep-alive
Content-Length: 512
X-XSS-Protection: 0
Referrer-Policy: no-referrer
Last-Modified: Wed, 15 Jun 2022 17:15:11 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"347-181685ca774"
X-Download-Options: noopen
Expect-CT: max-age=0
X-Frame-Options: SAMEORIGIN
Content-Type: image/svg+xml
Vary: Accept-Encoding
Cache-Control: public, max-age=0
Accept-Ranges: bytes

GET
H/1.1 200
OK heart-icon.svg
www.johnhancocktravel.com/images/ 1 KB
2 KB 135ms
135ms Image
image/svg+xml 23.218.166.70
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.johnhancocktravel.com/images/heart-icon.svg

Requested by

Host: www.johnhancocktravel.com
URL: https://www.johnhancocktravel.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.218.166.70 Munich, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-218-166-70.deploy.static.akamaitechnologies.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

54a6ba00bbd84f4819b751893af786e492312278de9aa10e61b8ce29f09f0f65

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';connect-src 'self' .google-analytics.com .analytics.google.com .googletagmanager.com .demdex.net cm.everesttech.net .bing.com wss://.bing.com assets.adobedtm.com;script-src 'self' .googleadservices.com .google.com .googletagmanager.com assets.adobedtm.com connect.facebook.net facebook.com bat.bing.com .demdex.net r.bing.com cm.everesttech.net;frame-src 'self' .demdex.net sdx.microsoft.com;img-src 'self' .fls.doubleclick.net .google-analytics.com .googletagmanager.com googleads.g.doubleclick.net www.google.com facebook.com .demdex.net .bing.com *.microsoft.com cm.everesttech.net assets.adobedtm.com jhfsjhtravel.112.2o7.net;upgrade-insecure-requests;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self';connect-src 'self' *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.demdex.net cm.everesttech.net *.bing.com wss://*.bing.com assets.adobedtm.com;script-src 'self' *.googleadservices.com *.google.com *.googletagmanager.com assets.adobedtm.com connect.facebook.net facebook.com bat.bing.com *.demdex.net r.bing.com cm.everesttech.net;frame-src 'self' *.demdex.net sdx.microsoft.com;img-src 'self' *.fls.doubleclick.net *.google-analytics.com *.googletagmanager.com googleads.g.doubleclick.net www.google.com facebook.com *.demdex.net *.bing.com *.microsoft.com cm.everesttech.net assets.adobedtm.com jhfsjhtravel.112.2o7.net;upgrade-insecure-requests;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Thu, 06 Apr 2023 11:20:14 GMT
X-Permitted-Cross-Domain-Policies: none
Strict-Transport-Security: max-age=15768000 ; includeSubDomains
X-DNS-Prefetch-Control: off
Connection: keep-alive
Content-Length: 714
X-XSS-Protection: 0
Referrer-Policy: no-referrer
Last-Modified: Wed, 15 Jun 2022 17:15:11 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"500-181685ca71c"
X-Download-Options: noopen
Expect-CT: max-age=0
X-Frame-Options: SAMEORIGIN
Content-Type: image/svg+xml
Vary: Accept-Encoding
Cache-Control: public, max-age=0
Accept-Ranges: bytes

GET
H/1.1 200
OK jquery.js Show response
www.johnhancocktravel.com/js/vendor/ 282 KB
85 KB 182ms
182ms Script
application/javascript 23.218.166.70
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.johnhancocktravel.com/js/vendor/jquery.js

Requested by

Host: www.johnhancocktravel.com
URL: https://www.johnhancocktravel.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.218.166.70 Munich, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-218-166-70.deploy.static.akamaitechnologies.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

1fe2bb5390a75e5d61e72c107cab528fc3c29a837d69aab7d200e1dbb5dcd239

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';connect-src 'self' .google-analytics.com .analytics.google.com .googletagmanager.com .demdex.net cm.everesttech.net .bing.com wss://.bing.com assets.adobedtm.com;script-src 'self' .googleadservices.com .google.com .googletagmanager.com assets.adobedtm.com connect.facebook.net facebook.com bat.bing.com .demdex.net r.bing.com cm.everesttech.net;frame-src 'self' .demdex.net sdx.microsoft.com;img-src 'self' .fls.doubleclick.net .google-analytics.com .googletagmanager.com googleads.g.doubleclick.net www.google.com facebook.com .demdex.net .bing.com *.microsoft.com cm.everesttech.net assets.adobedtm.com jhfsjhtravel.112.2o7.net;upgrade-insecure-requests;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self';connect-src 'self' *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.demdex.net cm.everesttech.net *.bing.com wss://*.bing.com assets.adobedtm.com;script-src 'self' *.googleadservices.com *.google.com *.googletagmanager.com assets.adobedtm.com connect.facebook.net facebook.com bat.bing.com *.demdex.net r.bing.com cm.everesttech.net;frame-src 'self' *.demdex.net sdx.microsoft.com;img-src 'self' *.fls.doubleclick.net *.google-analytics.com *.googletagmanager.com googleads.g.doubleclick.net www.google.com facebook.com *.demdex.net *.bing.com *.microsoft.com cm.everesttech.net assets.adobedtm.com jhfsjhtravel.112.2o7.net;upgrade-insecure-requests;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Thu, 06 Apr 2023 11:20:13 GMT
X-Permitted-Cross-Domain-Policies: none
Strict-Transport-Security: max-age=15768000 ; includeSubDomains
X-DNS-Prefetch-Control: off
Connection: keep-alive
Content-Length: 85143
X-XSS-Protection: 0
Referrer-Policy: no-referrer
Last-Modified: Wed, 15 Jun 2022 17:15:28 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"46744-181685ce921"
X-Download-Options: noopen
Expect-CT: max-age=0
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript; charset=UTF-8
Vary: Accept-Encoding
Cache-Control: public, max-age=0
Accept-Ranges: bytes

GET
H/1.1 200
OK tether.js Show response
www.johnhancocktravel.com/js/vendor/ 55 KB
14 KB 215ms
214ms Script
application/javascript 23.218.166.70
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.johnhancocktravel.com/js/vendor/tether.js

Requested by

Host: www.johnhancocktravel.com
URL: https://www.johnhancocktravel.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.218.166.70 Munich, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-218-166-70.deploy.static.akamaitechnologies.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

3a3e8792e3bfc0ced99ab6b1403c4989a5d12afd305b9b02a17cf87b989e23dd

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';connect-src 'self' .google-analytics.com .analytics.google.com .googletagmanager.com .demdex.net cm.everesttech.net .bing.com wss://.bing.com assets.adobedtm.com;script-src 'self' .googleadservices.com .google.com .googletagmanager.com assets.adobedtm.com connect.facebook.net facebook.com bat.bing.com .demdex.net r.bing.com cm.everesttech.net;frame-src 'self' .demdex.net sdx.microsoft.com;img-src 'self' .fls.doubleclick.net .google-analytics.com .googletagmanager.com googleads.g.doubleclick.net www.google.com facebook.com .demdex.net .bing.com *.microsoft.com cm.everesttech.net assets.adobedtm.com jhfsjhtravel.112.2o7.net;upgrade-insecure-requests;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self';connect-src 'self' *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.demdex.net cm.everesttech.net *.bing.com wss://*.bing.com assets.adobedtm.com;script-src 'self' *.googleadservices.com *.google.com *.googletagmanager.com assets.adobedtm.com connect.facebook.net facebook.com bat.bing.com *.demdex.net r.bing.com cm.everesttech.net;frame-src 'self' *.demdex.net sdx.microsoft.com;img-src 'self' *.fls.doubleclick.net *.google-analytics.com *.googletagmanager.com googleads.g.doubleclick.net www.google.com facebook.com *.demdex.net *.bing.com *.microsoft.com cm.everesttech.net assets.adobedtm.com jhfsjhtravel.112.2o7.net;upgrade-insecure-requests;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Thu, 06 Apr 2023 11:20:13 GMT
X-Permitted-Cross-Domain-Policies: none
Strict-Transport-Security: max-age=15768000 ; includeSubDomains
X-DNS-Prefetch-Control: off
Connection: keep-alive
Content-Length: 12394
X-XSS-Protection: 0
Referrer-Policy: no-referrer
Last-Modified: Wed, 15 Jun 2022 17:15:23 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"dc59-181685cd461"
X-Download-Options: noopen
Expect-CT: max-age=0
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript; charset=UTF-8
Vary: Accept-Encoding
Cache-Control: public, max-age=0
Accept-Ranges: bytes

GET
H/1.1 200
OK popper.js Show response
www.johnhancocktravel.com/js/vendor/ 18 KB
8 KB 145ms
145ms Script
application/javascript 23.218.166.70
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.johnhancocktravel.com/js/vendor/popper.js

Requested by

Host: www.johnhancocktravel.com
URL: https://www.johnhancocktravel.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.218.166.70 Munich, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-218-166-70.deploy.static.akamaitechnologies.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

ccc0ee783158d1ab3ae590ef8c982a827e38e8b82fd121551cdd4c20041fcd1b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';connect-src 'self' .google-analytics.com .analytics.google.com .googletagmanager.com .demdex.net cm.everesttech.net .bing.com wss://.bing.com assets.adobedtm.com;script-src 'self' .googleadservices.com .google.com .googletagmanager.com assets.adobedtm.com connect.facebook.net facebook.com bat.bing.com .demdex.net r.bing.com cm.everesttech.net;frame-src 'self' .demdex.net sdx.microsoft.com;img-src 'self' .fls.doubleclick.net .google-analytics.com .googletagmanager.com googleads.g.doubleclick.net www.google.com facebook.com .demdex.net .bing.com *.microsoft.com cm.everesttech.net assets.adobedtm.com jhfsjhtravel.112.2o7.net;upgrade-insecure-requests;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self';connect-src 'self' *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.demdex.net cm.everesttech.net *.bing.com wss://*.bing.com assets.adobedtm.com;script-src 'self' *.googleadservices.com *.google.com *.googletagmanager.com assets.adobedtm.com connect.facebook.net facebook.com bat.bing.com *.demdex.net r.bing.com cm.everesttech.net;frame-src 'self' *.demdex.net sdx.microsoft.com;img-src 'self' *.fls.doubleclick.net *.google-analytics.com *.googletagmanager.com googleads.g.doubleclick.net www.google.com facebook.com *.demdex.net *.bing.com *.microsoft.com cm.everesttech.net assets.adobedtm.com jhfsjhtravel.112.2o7.net;upgrade-insecure-requests;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Thu, 06 Apr 2023 11:20:13 GMT
X-Permitted-Cross-Domain-Policies: none
Strict-Transport-Security: max-age=15768000 ; includeSubDomains
X-DNS-Prefetch-Control: off
Connection: keep-alive
Content-Length: 6771
X-XSS-Protection: 0
Referrer-Policy: no-referrer
Last-Modified: Wed, 15 Jun 2022 17:15:22 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"49b9-181685cd371"
X-Download-Options: noopen
Expect-CT: max-age=0
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript; charset=UTF-8
Vary: Accept-Encoding
Cache-Control: public, max-age=0
Accept-Ranges: bytes

GET
H/1.1 200
OK bootstrap.js Show response
www.johnhancocktravel.com/js/vendor/ 59 KB
17 KB 141ms
137ms Script
application/javascript 23.218.166.70
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.johnhancocktravel.com/js/vendor/bootstrap.js

Requested by

Host: www.johnhancocktravel.com
URL: https://www.johnhancocktravel.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.218.166.70 Munich, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-218-166-70.deploy.static.akamaitechnologies.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

5c36e28c9a7bd864b673e223db7e1934923227536ffbdf871f58b6f09b9ac8c9

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';connect-src 'self' .google-analytics.com .analytics.google.com .googletagmanager.com .demdex.net cm.everesttech.net .bing.com wss://.bing.com assets.adobedtm.com;script-src 'self' .googleadservices.com .google.com .googletagmanager.com assets.adobedtm.com connect.facebook.net facebook.com bat.bing.com .demdex.net r.bing.com cm.everesttech.net;frame-src 'self' .demdex.net sdx.microsoft.com;img-src 'self' .fls.doubleclick.net .google-analytics.com .googletagmanager.com googleads.g.doubleclick.net www.google.com facebook.com .demdex.net .bing.com *.microsoft.com cm.everesttech.net assets.adobedtm.com jhfsjhtravel.112.2o7.net;upgrade-insecure-requests;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self';connect-src 'self' *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.demdex.net cm.everesttech.net *.bing.com wss://*.bing.com assets.adobedtm.com;script-src 'self' *.googleadservices.com *.google.com *.googletagmanager.com assets.adobedtm.com connect.facebook.net facebook.com bat.bing.com *.demdex.net r.bing.com cm.everesttech.net;frame-src 'self' *.demdex.net sdx.microsoft.com;img-src 'self' *.fls.doubleclick.net *.google-analytics.com *.googletagmanager.com googleads.g.doubleclick.net www.google.com facebook.com *.demdex.net *.bing.com *.microsoft.com cm.everesttech.net assets.adobedtm.com jhfsjhtravel.112.2o7.net;upgrade-insecure-requests;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Thu, 06 Apr 2023 11:20:13 GMT
X-Permitted-Cross-Domain-Policies: none
Strict-Transport-Security: max-age=15768000 ; includeSubDomains
X-DNS-Prefetch-Control: off
Connection: keep-alive
Content-Length: 15936
X-XSS-Protection: 0
Referrer-Policy: no-referrer
Last-Modified: Wed, 15 Jun 2022 17:15:22 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"eab9-181685cd32d"
X-Download-Options: noopen
Expect-CT: max-age=0
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript; charset=UTF-8
Vary: Accept-Encoding
Cache-Control: public, max-age=0
Accept-Ranges: bytes

GET
H/1.1 200
OK bootstrap-select.js Show response
www.johnhancocktravel.com/js/vendor/ 94 KB
23 KB 166ms
162ms Script
application/javascript 23.218.166.70
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.johnhancocktravel.com/js/vendor/bootstrap-select.js

Requested by

Host: www.johnhancocktravel.com
URL: https://www.johnhancocktravel.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.218.166.70 Munich, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-218-166-70.deploy.static.akamaitechnologies.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

b02388e81be035549ce9f678c2266da8067fcda46d853b5efcd42565008652b1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';connect-src 'self' .google-analytics.com .analytics.google.com .googletagmanager.com .demdex.net cm.everesttech.net .bing.com wss://.bing.com assets.adobedtm.com;script-src 'self' .googleadservices.com .google.com .googletagmanager.com assets.adobedtm.com connect.facebook.net facebook.com bat.bing.com .demdex.net r.bing.com cm.everesttech.net;frame-src 'self' .demdex.net sdx.microsoft.com;img-src 'self' .fls.doubleclick.net .google-analytics.com .googletagmanager.com googleads.g.doubleclick.net www.google.com facebook.com .demdex.net .bing.com *.microsoft.com cm.everesttech.net assets.adobedtm.com jhfsjhtravel.112.2o7.net;upgrade-insecure-requests;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self';connect-src 'self' *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.demdex.net cm.everesttech.net *.bing.com wss://*.bing.com assets.adobedtm.com;script-src 'self' *.googleadservices.com *.google.com *.googletagmanager.com assets.adobedtm.com connect.facebook.net facebook.com bat.bing.com *.demdex.net r.bing.com cm.everesttech.net;frame-src 'self' *.demdex.net sdx.microsoft.com;img-src 'self' *.fls.doubleclick.net *.google-analytics.com *.googletagmanager.com googleads.g.doubleclick.net www.google.com facebook.com *.demdex.net *.bing.com *.microsoft.com cm.everesttech.net assets.adobedtm.com jhfsjhtravel.112.2o7.net;upgrade-insecure-requests;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Thu, 06 Apr 2023 11:20:13 GMT
X-Permitted-Cross-Domain-Policies: none
Strict-Transport-Security: max-age=15768000 ; includeSubDomains
X-DNS-Prefetch-Control: off
Connection: keep-alive
Content-Length: 21684
X-XSS-Protection: 0
Referrer-Policy: no-referrer
Last-Modified: Wed, 15 Jun 2022 17:15:22 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"1781d-181685cd32d"
X-Download-Options: noopen
Expect-CT: max-age=0
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript; charset=UTF-8
Vary: Accept-Encoding
Cache-Control: public, max-age=0
Accept-Ranges: bytes

GET
H/1.1 200
OK owl.carousel.js Show response
www.johnhancocktravel.com/js/vendor/ 88 KB
21 KB 136ms
132ms Script
application/javascript 23.218.166.70
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.johnhancocktravel.com/js/vendor/owl.carousel.js

Requested by

Host: www.johnhancocktravel.com
URL: https://www.johnhancocktravel.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.218.166.70 Munich, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-218-166-70.deploy.static.akamaitechnologies.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

db9d6cf3c1c4b047c62f646e7d9991c06a212931c362bf53f9a2406b30f09466

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';connect-src 'self' .google-analytics.com .analytics.google.com .googletagmanager.com .demdex.net cm.everesttech.net .bing.com wss://.bing.com assets.adobedtm.com;script-src 'self' .googleadservices.com .google.com .googletagmanager.com assets.adobedtm.com connect.facebook.net facebook.com bat.bing.com .demdex.net r.bing.com cm.everesttech.net;frame-src 'self' .demdex.net sdx.microsoft.com;img-src 'self' .fls.doubleclick.net .google-analytics.com .googletagmanager.com googleads.g.doubleclick.net www.google.com facebook.com .demdex.net .bing.com *.microsoft.com cm.everesttech.net assets.adobedtm.com jhfsjhtravel.112.2o7.net;upgrade-insecure-requests;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self';connect-src 'self' *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.demdex.net cm.everesttech.net *.bing.com wss://*.bing.com assets.adobedtm.com;script-src 'self' *.googleadservices.com *.google.com *.googletagmanager.com assets.adobedtm.com connect.facebook.net facebook.com bat.bing.com *.demdex.net r.bing.com cm.everesttech.net;frame-src 'self' *.demdex.net sdx.microsoft.com;img-src 'self' *.fls.doubleclick.net *.google-analytics.com *.googletagmanager.com googleads.g.doubleclick.net www.google.com facebook.com *.demdex.net *.bing.com *.microsoft.com cm.everesttech.net assets.adobedtm.com jhfsjhtravel.112.2o7.net;upgrade-insecure-requests;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Thu, 06 Apr 2023 11:20:13 GMT
X-Permitted-Cross-Domain-Policies: none
Strict-Transport-Security: max-age=15768000 ; includeSubDomains
X-DNS-Prefetch-Control: off
Connection: keep-alive
Content-Length: 20036
X-XSS-Protection: 0
Referrer-Policy: no-referrer
Last-Modified: Wed, 15 Jun 2022 17:15:22 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"15f88-181685cd33d"
X-Download-Options: noopen
Expect-CT: max-age=0
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript; charset=UTF-8
Vary: Accept-Encoding
Cache-Control: public, max-age=0
Accept-Ranges: bytes

GET
H/1.1 200
OK parsley.js Show response
www.johnhancocktravel.com/js/vendor/ 91 KB
25 KB 547ms
168ms Script
application/javascript 23.218.166.70
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.johnhancocktravel.com/js/vendor/parsley.js?v=h0l3jj

Requested by

Host: www.johnhancocktravel.com
URL: https://www.johnhancocktravel.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.218.166.70 Munich, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-218-166-70.deploy.static.akamaitechnologies.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

842dfdacd537aba61ff5317ba698eaa391cca5be136da5dd897e9dd8a1b257c9

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';connect-src 'self' .google-analytics.com .analytics.google.com .googletagmanager.com .demdex.net cm.everesttech.net .bing.com wss://.bing.com assets.adobedtm.com;script-src 'self' .googleadservices.com .google.com .googletagmanager.com assets.adobedtm.com connect.facebook.net facebook.com bat.bing.com .demdex.net r.bing.com cm.everesttech.net;frame-src 'self' .demdex.net sdx.microsoft.com;img-src 'self' .fls.doubleclick.net .google-analytics.com .googletagmanager.com googleads.g.doubleclick.net www.google.com facebook.com .demdex.net .bing.com *.microsoft.com cm.everesttech.net assets.adobedtm.com jhfsjhtravel.112.2o7.net;upgrade-insecure-requests;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self';connect-src 'self' *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.demdex.net cm.everesttech.net *.bing.com wss://*.bing.com assets.adobedtm.com;script-src 'self' *.googleadservices.com *.google.com *.googletagmanager.com assets.adobedtm.com connect.facebook.net facebook.com bat.bing.com *.demdex.net r.bing.com cm.everesttech.net;frame-src 'self' *.demdex.net sdx.microsoft.com;img-src 'self' *.fls.doubleclick.net *.google-analytics.com *.googletagmanager.com googleads.g.doubleclick.net www.google.com facebook.com *.demdex.net *.bing.com *.microsoft.com cm.everesttech.net assets.adobedtm.com jhfsjhtravel.112.2o7.net;upgrade-insecure-requests;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Thu, 06 Apr 2023 11:20:13 GMT
X-Permitted-Cross-Domain-Policies: none
Strict-Transport-Security: max-age=15768000 ; includeSubDomains
X-DNS-Prefetch-Control: off
Connection: keep-alive
Content-Length: 23809
X-XSS-Protection: 0
Referrer-Policy: no-referrer
Last-Modified: Wed, 15 Jun 2022 17:15:22 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"16d65-181685cd341"
X-Download-Options: noopen
Expect-CT: max-age=0
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript; charset=UTF-8
Vary: Accept-Encoding
Cache-Control: public, max-age=0
Accept-Ranges: bytes

GET
H/1.1 200
OK parsley-rules.js Show response
www.johnhancocktravel.com/js/vendor/ 25 KB
8 KB 193ms
193ms Script
application/javascript 23.218.166.70
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.johnhancocktravel.com/js/vendor/parsley-rules.js?v=ycw0b

Requested by

Host: www.johnhancocktravel.com
URL: https://www.johnhancocktravel.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.218.166.70 Munich, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-218-166-70.deploy.static.akamaitechnologies.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

971ef9fcb6600d293eb84202d5f28dbc432cf6aa5558575991c468e3c2de4823

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';connect-src 'self' .google-analytics.com .analytics.google.com .googletagmanager.com .demdex.net cm.everesttech.net .bing.com wss://.bing.com assets.adobedtm.com;script-src 'self' .googleadservices.com .google.com .googletagmanager.com assets.adobedtm.com connect.facebook.net facebook.com bat.bing.com .demdex.net r.bing.com cm.everesttech.net;frame-src 'self' .demdex.net sdx.microsoft.com;img-src 'self' .fls.doubleclick.net .google-analytics.com .googletagmanager.com googleads.g.doubleclick.net www.google.com facebook.com .demdex.net .bing.com *.microsoft.com cm.everesttech.net assets.adobedtm.com jhfsjhtravel.112.2o7.net;upgrade-insecure-requests;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self';connect-src 'self' *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.demdex.net cm.everesttech.net *.bing.com wss://*.bing.com assets.adobedtm.com;script-src 'self' *.googleadservices.com *.google.com *.googletagmanager.com assets.adobedtm.com connect.facebook.net facebook.com bat.bing.com *.demdex.net r.bing.com cm.everesttech.net;frame-src 'self' *.demdex.net sdx.microsoft.com;img-src 'self' *.fls.doubleclick.net *.google-analytics.com *.googletagmanager.com googleads.g.doubleclick.net www.google.com facebook.com *.demdex.net *.bing.com *.microsoft.com cm.everesttech.net assets.adobedtm.com jhfsjhtravel.112.2o7.net;upgrade-insecure-requests;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Thu, 06 Apr 2023 11:20:13 GMT
X-Permitted-Cross-Domain-Policies: none
Strict-Transport-Security: max-age=15768000 ; includeSubDomains
X-DNS-Prefetch-Control: off
Connection: keep-alive
Content-Length: 6402
X-XSS-Protection: 0
Referrer-Policy: no-referrer
Last-Modified: Wed, 15 Jun 2022 17:15:22 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"632e-181685cd33d"
X-Download-Options: noopen
Expect-CT: max-age=0
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript; charset=UTF-8
Vary: Accept-Encoding
Cache-Control: public, max-age=0
Accept-Ranges: bytes

GET
H/1.1 200
OK stacktable.js Show response
www.johnhancocktravel.com/js/vendor/ 8 KB
3 KB 133ms
133ms Script
application/javascript 23.218.166.70
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.johnhancocktravel.com/js/vendor/stacktable.js

Requested by

Host: www.johnhancocktravel.com
URL: https://www.johnhancocktravel.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.218.166.70 Munich, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-218-166-70.deploy.static.akamaitechnologies.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

58ee289cc3b0e66d80a8860ab61c78b003b2794a2b01059f5e5a1d6da47e7327

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';connect-src 'self' .google-analytics.com .analytics.google.com .googletagmanager.com .demdex.net cm.everesttech.net .bing.com wss://.bing.com assets.adobedtm.com;script-src 'self' .googleadservices.com .google.com .googletagmanager.com assets.adobedtm.com connect.facebook.net facebook.com bat.bing.com .demdex.net r.bing.com cm.everesttech.net;frame-src 'self' .demdex.net sdx.microsoft.com;img-src 'self' .fls.doubleclick.net .google-analytics.com .googletagmanager.com googleads.g.doubleclick.net www.google.com facebook.com .demdex.net .bing.com *.microsoft.com cm.everesttech.net assets.adobedtm.com jhfsjhtravel.112.2o7.net;upgrade-insecure-requests;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self';connect-src 'self' *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.demdex.net cm.everesttech.net *.bing.com wss://*.bing.com assets.adobedtm.com;script-src 'self' *.googleadservices.com *.google.com *.googletagmanager.com assets.adobedtm.com connect.facebook.net facebook.com bat.bing.com *.demdex.net r.bing.com cm.everesttech.net;frame-src 'self' *.demdex.net sdx.microsoft.com;img-src 'self' *.fls.doubleclick.net *.google-analytics.com *.googletagmanager.com googleads.g.doubleclick.net www.google.com facebook.com *.demdex.net *.bing.com *.microsoft.com cm.everesttech.net assets.adobedtm.com jhfsjhtravel.112.2o7.net;upgrade-insecure-requests;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Thu, 06 Apr 2023 11:20:13 GMT
X-Permitted-Cross-Domain-Policies: none
Strict-Transport-Security: max-age=15768000 ; includeSubDomains
X-DNS-Prefetch-Control: off
Connection: keep-alive
Content-Length: 2024
X-XSS-Protection: 0
Referrer-Policy: no-referrer
Last-Modified: Wed, 15 Jun 2022 17:15:22 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"201b-181685cd371"
X-Download-Options: noopen
Expect-CT: max-age=0
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript; charset=UTF-8
Vary: Accept-Encoding
Cache-Control: public, max-age=0
Accept-Ranges: bytes

GET
H/1.1 200
OK polyfiller.js Show response
www.johnhancocktravel.com/js/vendor/webshim/js-webshim/minified/ 16 KB
8 KB 139ms
139ms Script
application/javascript 23.218.166.70
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.johnhancocktravel.com/js/vendor/webshim/js-webshim/minified/polyfiller.js

Requested by

Host: www.johnhancocktravel.com
URL: https://www.johnhancocktravel.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.218.166.70 Munich, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-218-166-70.deploy.static.akamaitechnologies.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

130ba9b22e06342d6fa2ce06d131b0a0033ab184becd181f6c0ca0755dcf02b2

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';connect-src 'self' .google-analytics.com .analytics.google.com .googletagmanager.com .demdex.net cm.everesttech.net .bing.com wss://.bing.com assets.adobedtm.com;script-src 'self' .googleadservices.com .google.com .googletagmanager.com assets.adobedtm.com connect.facebook.net facebook.com bat.bing.com .demdex.net r.bing.com cm.everesttech.net;frame-src 'self' .demdex.net sdx.microsoft.com;img-src 'self' .fls.doubleclick.net .google-analytics.com .googletagmanager.com googleads.g.doubleclick.net www.google.com facebook.com .demdex.net .bing.com *.microsoft.com cm.everesttech.net assets.adobedtm.com jhfsjhtravel.112.2o7.net;upgrade-insecure-requests;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self';connect-src 'self' *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.demdex.net cm.everesttech.net *.bing.com wss://*.bing.com assets.adobedtm.com;script-src 'self' *.googleadservices.com *.google.com *.googletagmanager.com assets.adobedtm.com connect.facebook.net facebook.com bat.bing.com *.demdex.net r.bing.com cm.everesttech.net;frame-src 'self' *.demdex.net sdx.microsoft.com;img-src 'self' *.fls.doubleclick.net *.google-analytics.com *.googletagmanager.com googleads.g.doubleclick.net www.google.com facebook.com *.demdex.net *.bing.com *.microsoft.com cm.everesttech.net assets.adobedtm.com jhfsjhtravel.112.2o7.net;upgrade-insecure-requests;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Thu, 06 Apr 2023 11:20:13 GMT
X-Permitted-Cross-Domain-Policies: none
Strict-Transport-Security: max-age=15768000 ; includeSubDomains
X-DNS-Prefetch-Control: off
Connection: keep-alive
Content-Length: 6339
X-XSS-Protection: 0
Referrer-Policy: no-referrer
Last-Modified: Wed, 15 Jun 2022 17:15:29 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"3e51-181685ced1d"
X-Download-Options: noopen
Expect-CT: max-age=0
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript; charset=UTF-8
Vary: Accept-Encoding
Cache-Control: public, max-age=0
Accept-Ranges: bytes

GET
H/1.1 200
OK footer.js Show response
www.johnhancocktravel.com/js/partials/ 4 KB
2 KB 154ms
153ms Script
application/javascript 23.218.166.70
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.johnhancocktravel.com/js/partials/footer.js

Requested by

Host: www.johnhancocktravel.com
URL: https://www.johnhancocktravel.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.218.166.70 Munich, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-218-166-70.deploy.static.akamaitechnologies.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

281fbe58c9d79547f47186abf842de54641ebb57f94e600c0e8b2229f4cfa626

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';connect-src 'self' .google-analytics.com .analytics.google.com .googletagmanager.com .demdex.net cm.everesttech.net .bing.com wss://.bing.com assets.adobedtm.com;script-src 'self' .googleadservices.com .google.com .googletagmanager.com assets.adobedtm.com connect.facebook.net facebook.com bat.bing.com .demdex.net r.bing.com cm.everesttech.net;frame-src 'self' .demdex.net sdx.microsoft.com;img-src 'self' .fls.doubleclick.net .google-analytics.com .googletagmanager.com googleads.g.doubleclick.net www.google.com facebook.com .demdex.net .bing.com *.microsoft.com cm.everesttech.net assets.adobedtm.com jhfsjhtravel.112.2o7.net;upgrade-insecure-requests;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self';connect-src 'self' *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.demdex.net cm.everesttech.net *.bing.com wss://*.bing.com assets.adobedtm.com;script-src 'self' *.googleadservices.com *.google.com *.googletagmanager.com assets.adobedtm.com connect.facebook.net facebook.com bat.bing.com *.demdex.net r.bing.com cm.everesttech.net;frame-src 'self' *.demdex.net sdx.microsoft.com;img-src 'self' *.fls.doubleclick.net *.google-analytics.com *.googletagmanager.com googleads.g.doubleclick.net www.google.com facebook.com *.demdex.net *.bing.com *.microsoft.com cm.everesttech.net assets.adobedtm.com jhfsjhtravel.112.2o7.net;upgrade-insecure-requests;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Thu, 06 Apr 2023 11:20:13 GMT
X-Permitted-Cross-Domain-Policies: none
Strict-Transport-Security: max-age=15768000 ; includeSubDomains
X-DNS-Prefetch-Control: off
Connection: keep-alive
Content-Length: 782
X-XSS-Protection: 0
Referrer-Policy: no-referrer
Last-Modified: Wed, 15 Jun 2022 17:15:22 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"e73-181685cd249"
X-Download-Options: noopen
Expect-CT: max-age=0
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript; charset=UTF-8
Vary: Accept-Encoding
Cache-Control: public, max-age=0
Accept-Ranges: bytes

GET
H/1.1 200
OK equal-height.js Show response
www.johnhancocktravel.com/js/partials/ 6 KB
3 KB 148ms
148ms Script
application/javascript 23.218.166.70
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.johnhancocktravel.com/js/partials/equal-height.js

Requested by

Host: www.johnhancocktravel.com
URL: https://www.johnhancocktravel.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.218.166.70 Munich, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-218-166-70.deploy.static.akamaitechnologies.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

7e90846efa990cca616457a36dc2564a9b7a2c7552021a38a0ba3740a5e16fa9

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';connect-src 'self' .google-analytics.com .analytics.google.com .googletagmanager.com .demdex.net cm.everesttech.net .bing.com wss://.bing.com assets.adobedtm.com;script-src 'self' .googleadservices.com .google.com .googletagmanager.com assets.adobedtm.com connect.facebook.net facebook.com bat.bing.com .demdex.net r.bing.com cm.everesttech.net;frame-src 'self' .demdex.net sdx.microsoft.com;img-src 'self' .fls.doubleclick.net .google-analytics.com .googletagmanager.com googleads.g.doubleclick.net www.google.com facebook.com .demdex.net .bing.com *.microsoft.com cm.everesttech.net assets.adobedtm.com jhfsjhtravel.112.2o7.net;upgrade-insecure-requests;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self';connect-src 'self' *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.demdex.net cm.everesttech.net *.bing.com wss://*.bing.com assets.adobedtm.com;script-src 'self' *.googleadservices.com *.google.com *.googletagmanager.com assets.adobedtm.com connect.facebook.net facebook.com bat.bing.com *.demdex.net r.bing.com cm.everesttech.net;frame-src 'self' *.demdex.net sdx.microsoft.com;img-src 'self' *.fls.doubleclick.net *.google-analytics.com *.googletagmanager.com googleads.g.doubleclick.net www.google.com facebook.com *.demdex.net *.bing.com *.microsoft.com cm.everesttech.net assets.adobedtm.com jhfsjhtravel.112.2o7.net;upgrade-insecure-requests;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Thu, 06 Apr 2023 11:20:13 GMT
X-Permitted-Cross-Domain-Policies: none
Strict-Transport-Security: max-age=15768000 ; includeSubDomains
X-DNS-Prefetch-Control: off
Connection: keep-alive
Content-Length: 1029
X-XSS-Protection: 0
Referrer-Policy: no-referrer
Last-Modified: Wed, 15 Jun 2022 17:15:22 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"1894-181685cd249"
X-Download-Options: noopen
Expect-CT: max-age=0
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript; charset=UTF-8
Vary: Accept-Encoding
Cache-Control: public, max-age=0
Accept-Ranges: bytes

GET
H/1.1 200
OK wcag.js Show response
www.johnhancocktravel.com/js/partials/ 10 KB
3 KB 153ms
153ms Script
application/javascript 23.218.166.70
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.johnhancocktravel.com/js/partials/wcag.js

Requested by

Host: www.johnhancocktravel.com
URL: https://www.johnhancocktravel.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.218.166.70 Munich, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-218-166-70.deploy.static.akamaitechnologies.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

9c1b17a04179f8dd742df80f6dffc2abccda645d90e4760583cfa2ff5c10891c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';connect-src 'self' .google-analytics.com .analytics.google.com .googletagmanager.com .demdex.net cm.everesttech.net .bing.com wss://.bing.com assets.adobedtm.com;script-src 'self' .googleadservices.com .google.com .googletagmanager.com assets.adobedtm.com connect.facebook.net facebook.com bat.bing.com .demdex.net r.bing.com cm.everesttech.net;frame-src 'self' .demdex.net sdx.microsoft.com;img-src 'self' .fls.doubleclick.net .google-analytics.com .googletagmanager.com googleads.g.doubleclick.net www.google.com facebook.com .demdex.net .bing.com *.microsoft.com cm.everesttech.net assets.adobedtm.com jhfsjhtravel.112.2o7.net;upgrade-insecure-requests;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self';connect-src 'self' *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.demdex.net cm.everesttech.net *.bing.com wss://*.bing.com assets.adobedtm.com;script-src 'self' *.googleadservices.com *.google.com *.googletagmanager.com assets.adobedtm.com connect.facebook.net facebook.com bat.bing.com *.demdex.net r.bing.com cm.everesttech.net;frame-src 'self' *.demdex.net sdx.microsoft.com;img-src 'self' *.fls.doubleclick.net *.google-analytics.com *.googletagmanager.com googleads.g.doubleclick.net www.google.com facebook.com *.demdex.net *.bing.com *.microsoft.com cm.everesttech.net assets.adobedtm.com jhfsjhtravel.112.2o7.net;upgrade-insecure-requests;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Thu, 06 Apr 2023 11:20:13 GMT
X-Permitted-Cross-Domain-Policies: none
Strict-Transport-Security: max-age=15768000 ; includeSubDomains
X-DNS-Prefetch-Control: off
Connection: keep-alive
Content-Length: 1882
X-XSS-Protection: 0
Referrer-Policy: no-referrer
Last-Modified: Wed, 15 Jun 2022 17:15:22 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"28d3-181685cd249"
X-Download-Options: noopen
Expect-CT: max-age=0
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript; charset=UTF-8
Vary: Accept-Encoding
Cache-Control: public, max-age=0
Accept-Ranges: bytes

GET
H/1.1 200
OK card-wcag.js Show response
www.johnhancocktravel.com/js/partials/ 6 KB
2 KB 188ms
188ms Script
application/javascript 23.218.166.70
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.johnhancocktravel.com/js/partials/card-wcag.js

Requested by

Host: www.johnhancocktravel.com
URL: https://www.johnhancocktravel.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.218.166.70 Munich, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-218-166-70.deploy.static.akamaitechnologies.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

0dd1a0f12ae5d5d0567627fb94360243c506ca708c1332063c1269d8b890346d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';connect-src 'self' .google-analytics.com .analytics.google.com .googletagmanager.com .demdex.net cm.everesttech.net .bing.com wss://.bing.com assets.adobedtm.com;script-src 'self' .googleadservices.com .google.com .googletagmanager.com assets.adobedtm.com connect.facebook.net facebook.com bat.bing.com .demdex.net r.bing.com cm.everesttech.net;frame-src 'self' .demdex.net sdx.microsoft.com;img-src 'self' .fls.doubleclick.net .google-analytics.com .googletagmanager.com googleads.g.doubleclick.net www.google.com facebook.com .demdex.net .bing.com *.microsoft.com cm.everesttech.net assets.adobedtm.com jhfsjhtravel.112.2o7.net;upgrade-insecure-requests;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self';connect-src 'self' *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.demdex.net cm.everesttech.net *.bing.com wss://*.bing.com assets.adobedtm.com;script-src 'self' *.googleadservices.com *.google.com *.googletagmanager.com assets.adobedtm.com connect.facebook.net facebook.com bat.bing.com *.demdex.net r.bing.com cm.everesttech.net;frame-src 'self' *.demdex.net sdx.microsoft.com;img-src 'self' *.fls.doubleclick.net *.google-analytics.com *.googletagmanager.com googleads.g.doubleclick.net www.google.com facebook.com *.demdex.net *.bing.com *.microsoft.com cm.everesttech.net assets.adobedtm.com jhfsjhtravel.112.2o7.net;upgrade-insecure-requests;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Thu, 06 Apr 2023 11:20:13 GMT
X-Permitted-Cross-Domain-Policies: none
Strict-Transport-Security: max-age=15768000 ; includeSubDomains
X-DNS-Prefetch-Control: off
Connection: keep-alive
Content-Length: 980
X-XSS-Protection: 0
Referrer-Policy: no-referrer
Last-Modified: Wed, 15 Jun 2022 17:15:22 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"1693-181685cd205"
X-Download-Options: noopen
Expect-CT: max-age=0
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript; charset=UTF-8
Vary: Accept-Encoding
Cache-Control: public, max-age=0
Accept-Ranges: bytes

GET
H/1.1 200
OK stackable-table.js Show response
www.johnhancocktravel.com/js/partials/ 1 KB
2 KB 158ms
158ms Script
application/javascript 23.218.166.70
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.johnhancocktravel.com/js/partials/stackable-table.js

Requested by

Host: www.johnhancocktravel.com
URL: https://www.johnhancocktravel.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.218.166.70 Munich, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-218-166-70.deploy.static.akamaitechnologies.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

afeb78c77848adff17299def1146d31508cdc614016b50e616fb7337a91feb54

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';connect-src 'self' .google-analytics.com .analytics.google.com .googletagmanager.com .demdex.net cm.everesttech.net .bing.com wss://.bing.com assets.adobedtm.com;script-src 'self' .googleadservices.com .google.com .googletagmanager.com assets.adobedtm.com connect.facebook.net facebook.com bat.bing.com .demdex.net r.bing.com cm.everesttech.net;frame-src 'self' .demdex.net sdx.microsoft.com;img-src 'self' .fls.doubleclick.net .google-analytics.com .googletagmanager.com googleads.g.doubleclick.net www.google.com facebook.com .demdex.net .bing.com *.microsoft.com cm.everesttech.net assets.adobedtm.com jhfsjhtravel.112.2o7.net;upgrade-insecure-requests;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self';connect-src 'self' *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.demdex.net cm.everesttech.net *.bing.com wss://*.bing.com assets.adobedtm.com;script-src 'self' *.googleadservices.com *.google.com *.googletagmanager.com assets.adobedtm.com connect.facebook.net facebook.com bat.bing.com *.demdex.net r.bing.com cm.everesttech.net;frame-src 'self' *.demdex.net sdx.microsoft.com;img-src 'self' *.fls.doubleclick.net *.google-analytics.com *.googletagmanager.com googleads.g.doubleclick.net www.google.com facebook.com *.demdex.net *.bing.com *.microsoft.com cm.everesttech.net assets.adobedtm.com jhfsjhtravel.112.2o7.net;upgrade-insecure-requests;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Thu, 06 Apr 2023 11:20:13 GMT
X-Permitted-Cross-Domain-Policies: none
Strict-Transport-Security: max-age=15768000 ; includeSubDomains
X-DNS-Prefetch-Control: off
Connection: keep-alive
Content-Length: 467
X-XSS-Protection: 0
Referrer-Policy: no-referrer
Last-Modified: Wed, 15 Jun 2022 17:15:22 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"5ed-181685cd33d"
X-Download-Options: noopen
Expect-CT: max-age=0
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript; charset=UTF-8
Vary: Accept-Encoding
Cache-Control: public, max-age=0
Accept-Ranges: bytes

GET
H/1.1 200
OK tooltip.js Show response
www.johnhancocktravel.com/js/partials/ 2 KB
2 KB 157ms
156ms Script
application/javascript 23.218.166.70
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.johnhancocktravel.com/js/partials/tooltip.js

Requested by

Host: www.johnhancocktravel.com
URL: https://www.johnhancocktravel.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.218.166.70 Munich, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-218-166-70.deploy.static.akamaitechnologies.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

874d9ea203ac292a0f30166f6d1c706e3b766a072f5b4afdc8a5443258a119af

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';connect-src 'self' .google-analytics.com .analytics.google.com .googletagmanager.com .demdex.net cm.everesttech.net .bing.com wss://.bing.com assets.adobedtm.com;script-src 'self' .googleadservices.com .google.com .googletagmanager.com assets.adobedtm.com connect.facebook.net facebook.com bat.bing.com .demdex.net r.bing.com cm.everesttech.net;frame-src 'self' .demdex.net sdx.microsoft.com;img-src 'self' .fls.doubleclick.net .google-analytics.com .googletagmanager.com googleads.g.doubleclick.net www.google.com facebook.com .demdex.net .bing.com *.microsoft.com cm.everesttech.net assets.adobedtm.com jhfsjhtravel.112.2o7.net;upgrade-insecure-requests;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self';connect-src 'self' *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.demdex.net cm.everesttech.net *.bing.com wss://*.bing.com assets.adobedtm.com;script-src 'self' *.googleadservices.com *.google.com *.googletagmanager.com assets.adobedtm.com connect.facebook.net facebook.com bat.bing.com *.demdex.net r.bing.com cm.everesttech.net;frame-src 'self' *.demdex.net sdx.microsoft.com;img-src 'self' *.fls.doubleclick.net *.google-analytics.com *.googletagmanager.com googleads.g.doubleclick.net www.google.com facebook.com *.demdex.net *.bing.com *.microsoft.com cm.everesttech.net assets.adobedtm.com jhfsjhtravel.112.2o7.net;upgrade-insecure-requests;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Thu, 06 Apr 2023 11:20:13 GMT
X-Permitted-Cross-Domain-Policies: none
Strict-Transport-Security: max-age=15768000 ; includeSubDomains
X-DNS-Prefetch-Control: off
Connection: keep-alive
Content-Length: 569
X-XSS-Protection: 0
Referrer-Policy: no-referrer
Last-Modified: Wed, 15 Jun 2022 17:15:22 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"6d6-181685cd249"
X-Download-Options: noopen
Expect-CT: max-age=0
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript; charset=UTF-8
Vary: Accept-Encoding
Cache-Control: public, max-age=0
Accept-Ranges: bytes

GET
H/1.1 200
OK jquery.creditCardValidator.js Show response
www.johnhancocktravel.com/js/ 9 KB
4 KB 125ms
125ms Script
application/javascript 23.218.166.70
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.johnhancocktravel.com/js/jquery.creditCardValidator.js

Requested by

Host: www.johnhancocktravel.com
URL: https://www.johnhancocktravel.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.218.166.70 Munich, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-218-166-70.deploy.static.akamaitechnologies.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

8338536908dbf97a2eeaf21a1390f707b867571d222dcf7be3d905e0a882b9aa

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';connect-src 'self' .google-analytics.com .analytics.google.com .googletagmanager.com .demdex.net cm.everesttech.net .bing.com wss://.bing.com assets.adobedtm.com;script-src 'self' .googleadservices.com .google.com .googletagmanager.com assets.adobedtm.com connect.facebook.net facebook.com bat.bing.com .demdex.net r.bing.com cm.everesttech.net;frame-src 'self' .demdex.net sdx.microsoft.com;img-src 'self' .fls.doubleclick.net .google-analytics.com .googletagmanager.com googleads.g.doubleclick.net www.google.com facebook.com .demdex.net .bing.com *.microsoft.com cm.everesttech.net assets.adobedtm.com jhfsjhtravel.112.2o7.net;upgrade-insecure-requests;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self';connect-src 'self' *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.demdex.net cm.everesttech.net *.bing.com wss://*.bing.com assets.adobedtm.com;script-src 'self' *.googleadservices.com *.google.com *.googletagmanager.com assets.adobedtm.com connect.facebook.net facebook.com bat.bing.com *.demdex.net r.bing.com cm.everesttech.net;frame-src 'self' *.demdex.net sdx.microsoft.com;img-src 'self' *.fls.doubleclick.net *.google-analytics.com *.googletagmanager.com googleads.g.doubleclick.net www.google.com facebook.com *.demdex.net *.bing.com *.microsoft.com cm.everesttech.net assets.adobedtm.com jhfsjhtravel.112.2o7.net;upgrade-insecure-requests;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Thu, 06 Apr 2023 11:20:13 GMT
X-Permitted-Cross-Domain-Policies: none
Strict-Transport-Security: max-age=15768000 ; includeSubDomains
X-DNS-Prefetch-Control: off
Connection: keep-alive
Content-Length: 2647
X-XSS-Protection: 0
Referrer-Policy: no-referrer
Last-Modified: Wed, 15 Jun 2022 17:15:11 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"2205-181685ca7b4"
X-Download-Options: noopen
Expect-CT: max-age=0
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript; charset=UTF-8
Vary: Accept-Encoding
Cache-Control: public, max-age=0
Accept-Ranges: bytes

GET
H/1.1 200
OK dateformat.js Show response
www.johnhancocktravel.com/js/ 5 KB
3 KB 125ms
125ms Script
application/javascript 23.218.166.70
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.johnhancocktravel.com/js/dateformat.js

Requested by

Host: www.johnhancocktravel.com
URL: https://www.johnhancocktravel.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.218.166.70 Munich, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-218-166-70.deploy.static.akamaitechnologies.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

92ad677def892fa914b5a442cfdb7933f3512f09a5c11c6b2bfdbb83ccf1e4b1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';connect-src 'self' .google-analytics.com .analytics.google.com .googletagmanager.com .demdex.net cm.everesttech.net .bing.com wss://.bing.com assets.adobedtm.com;script-src 'self' .googleadservices.com .google.com .googletagmanager.com assets.adobedtm.com connect.facebook.net facebook.com bat.bing.com .demdex.net r.bing.com cm.everesttech.net;frame-src 'self' .demdex.net sdx.microsoft.com;img-src 'self' .fls.doubleclick.net .google-analytics.com .googletagmanager.com googleads.g.doubleclick.net www.google.com facebook.com .demdex.net .bing.com *.microsoft.com cm.everesttech.net assets.adobedtm.com jhfsjhtravel.112.2o7.net;upgrade-insecure-requests;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self';connect-src 'self' *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.demdex.net cm.everesttech.net *.bing.com wss://*.bing.com assets.adobedtm.com;script-src 'self' *.googleadservices.com *.google.com *.googletagmanager.com assets.adobedtm.com connect.facebook.net facebook.com bat.bing.com *.demdex.net r.bing.com cm.everesttech.net;frame-src 'self' *.demdex.net sdx.microsoft.com;img-src 'self' *.fls.doubleclick.net *.google-analytics.com *.googletagmanager.com googleads.g.doubleclick.net www.google.com facebook.com *.demdex.net *.bing.com *.microsoft.com cm.everesttech.net assets.adobedtm.com jhfsjhtravel.112.2o7.net;upgrade-insecure-requests;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Thu, 06 Apr 2023 11:20:13 GMT
X-Permitted-Cross-Domain-Policies: none
Strict-Transport-Security: max-age=15768000 ; includeSubDomains
X-DNS-Prefetch-Control: off
Connection: keep-alive
Content-Length: 1851
X-XSS-Protection: 0
Referrer-Policy: no-referrer
Last-Modified: Wed, 15 Jun 2022 17:15:11 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"121e-181685ca7b4"
X-Download-Options: noopen
Expect-CT: max-age=0
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript; charset=UTF-8
Vary: Accept-Encoding
Cache-Control: public, max-age=0
Accept-Ranges: bytes

GET
H/1.1 200
OK moment.min.js Show response
www.johnhancocktravel.com/js/ 50 KB
18 KB 197ms
197ms Script
application/javascript 23.218.166.70
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.johnhancocktravel.com/js/moment.min.js

Requested by

Host: www.johnhancocktravel.com
URL: https://www.johnhancocktravel.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.218.166.70 Munich, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-218-166-70.deploy.static.akamaitechnologies.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

d618d4869738e0dc22360f0ec0cbb6433257843f24723fac240dda0906685238

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';connect-src 'self' .google-analytics.com .analytics.google.com .googletagmanager.com .demdex.net cm.everesttech.net .bing.com wss://.bing.com assets.adobedtm.com;script-src 'self' .googleadservices.com .google.com .googletagmanager.com assets.adobedtm.com connect.facebook.net facebook.com bat.bing.com .demdex.net r.bing.com cm.everesttech.net;frame-src 'self' .demdex.net sdx.microsoft.com;img-src 'self' .fls.doubleclick.net .google-analytics.com .googletagmanager.com googleads.g.doubleclick.net www.google.com facebook.com .demdex.net .bing.com *.microsoft.com cm.everesttech.net assets.adobedtm.com jhfsjhtravel.112.2o7.net;upgrade-insecure-requests;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self';connect-src 'self' *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.demdex.net cm.everesttech.net *.bing.com wss://*.bing.com assets.adobedtm.com;script-src 'self' *.googleadservices.com *.google.com *.googletagmanager.com assets.adobedtm.com connect.facebook.net facebook.com bat.bing.com *.demdex.net r.bing.com cm.everesttech.net;frame-src 'self' *.demdex.net sdx.microsoft.com;img-src 'self' *.fls.doubleclick.net *.google-analytics.com *.googletagmanager.com googleads.g.doubleclick.net www.google.com facebook.com *.demdex.net *.bing.com *.microsoft.com cm.everesttech.net assets.adobedtm.com jhfsjhtravel.112.2o7.net;upgrade-insecure-requests;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Thu, 06 Apr 2023 11:20:14 GMT
X-Permitted-Cross-Domain-Policies: none
Strict-Transport-Security: max-age=15768000 ; includeSubDomains
X-DNS-Prefetch-Control: off
Connection: keep-alive
Content-Length: 17021
X-XSS-Protection: 0
Referrer-Policy: no-referrer
Last-Modified: Wed, 15 Jun 2022 17:15:11 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"c909-181685ca7b4"
X-Download-Options: noopen
Expect-CT: max-age=0
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript; charset=UTF-8
Vary: Accept-Encoding
Cache-Control: public, max-age=0
Accept-Ranges: bytes

GET
H/1.1 200
OK daterangepicker.min.js Show response
www.johnhancocktravel.com/js/ 32 KB
9 KB 125ms
125ms Script
application/javascript 23.218.166.70
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.johnhancocktravel.com/js/daterangepicker.min.js

Requested by

Host: www.johnhancocktravel.com
URL: https://www.johnhancocktravel.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.218.166.70 Munich, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-218-166-70.deploy.static.akamaitechnologies.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

3b34d9527ec5ca979f8e519099ec9001874f1e8cb8a88070008ec7454f0c8da8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';connect-src 'self' .google-analytics.com .analytics.google.com .googletagmanager.com .demdex.net cm.everesttech.net .bing.com wss://.bing.com assets.adobedtm.com;script-src 'self' .googleadservices.com .google.com .googletagmanager.com assets.adobedtm.com connect.facebook.net facebook.com bat.bing.com .demdex.net r.bing.com cm.everesttech.net;frame-src 'self' .demdex.net sdx.microsoft.com;img-src 'self' .fls.doubleclick.net .google-analytics.com .googletagmanager.com googleads.g.doubleclick.net www.google.com facebook.com .demdex.net .bing.com *.microsoft.com cm.everesttech.net assets.adobedtm.com jhfsjhtravel.112.2o7.net;upgrade-insecure-requests;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self';connect-src 'self' *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.demdex.net cm.everesttech.net *.bing.com wss://*.bing.com assets.adobedtm.com;script-src 'self' *.googleadservices.com *.google.com *.googletagmanager.com assets.adobedtm.com connect.facebook.net facebook.com bat.bing.com *.demdex.net r.bing.com cm.everesttech.net;frame-src 'self' *.demdex.net sdx.microsoft.com;img-src 'self' *.fls.doubleclick.net *.google-analytics.com *.googletagmanager.com googleads.g.doubleclick.net www.google.com facebook.com *.demdex.net *.bing.com *.microsoft.com cm.everesttech.net assets.adobedtm.com jhfsjhtravel.112.2o7.net;upgrade-insecure-requests;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Thu, 06 Apr 2023 11:20:14 GMT
X-Permitted-Cross-Domain-Policies: none
Strict-Transport-Security: max-age=15768000 ; includeSubDomains
X-DNS-Prefetch-Control: off
Connection: keep-alive
Content-Length: 7427
X-XSS-Protection: 0
Referrer-Policy: no-referrer
Last-Modified: Wed, 15 Jun 2022 17:15:11 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"7f90-181685ca7b0"
X-Download-Options: noopen
Expect-CT: max-age=0
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript; charset=UTF-8
Vary: Accept-Encoding
Cache-Control: public, max-age=0
Accept-Ranges: bytes

GET
H/1.1 200
OK jquery-input-mask-phone-number.min.js Show response
www.johnhancocktravel.com/js/ 2 KB
4 KB 124ms
124ms Script
application/javascript 23.218.166.70
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.johnhancocktravel.com/js/jquery-input-mask-phone-number.min.js

Requested by

Host: www.johnhancocktravel.com
URL: https://www.johnhancocktravel.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.218.166.70 Munich, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-218-166-70.deploy.static.akamaitechnologies.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

fc66f2496afd6a86552e852404bf5cf3fc9a13b2a8dfa1cfc3e28c891439c291

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';connect-src 'self' .google-analytics.com .analytics.google.com .googletagmanager.com .demdex.net cm.everesttech.net .bing.com wss://.bing.com assets.adobedtm.com;script-src 'self' .googleadservices.com .google.com .googletagmanager.com assets.adobedtm.com connect.facebook.net facebook.com bat.bing.com .demdex.net r.bing.com cm.everesttech.net;frame-src 'self' .demdex.net sdx.microsoft.com;img-src 'self' .fls.doubleclick.net .google-analytics.com .googletagmanager.com googleads.g.doubleclick.net www.google.com facebook.com .demdex.net .bing.com *.microsoft.com cm.everesttech.net assets.adobedtm.com jhfsjhtravel.112.2o7.net;upgrade-insecure-requests;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self';connect-src 'self' *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.demdex.net cm.everesttech.net *.bing.com wss://*.bing.com assets.adobedtm.com;script-src 'self' *.googleadservices.com *.google.com *.googletagmanager.com assets.adobedtm.com connect.facebook.net facebook.com bat.bing.com *.demdex.net r.bing.com cm.everesttech.net;frame-src 'self' *.demdex.net sdx.microsoft.com;img-src 'self' *.fls.doubleclick.net *.google-analytics.com *.googletagmanager.com googleads.g.doubleclick.net www.google.com facebook.com *.demdex.net *.bing.com *.microsoft.com cm.everesttech.net assets.adobedtm.com jhfsjhtravel.112.2o7.net;upgrade-insecure-requests;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Date: Thu, 06 Apr 2023 11:20:14 GMT
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15768000 ; includeSubDomains
X-Permitted-Cross-Domain-Policies: none
X-DNS-Prefetch-Control: off
Connection: keep-alive
Content-Length: 2246
X-XSS-Protection: 0
Referrer-Policy: no-referrer
Last-Modified: Wed, 15 Jun 2022 17:15:11 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"8c6-181685ca7b4"
Expect-CT: max-age=0
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=0
Accept-Ranges: bytes

GET
H/1.1 200
OK custom.js Show response
www.johnhancocktravel.com/js/ 29 KB
8 KB 134ms
134ms Script
application/javascript 23.218.166.70
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.johnhancocktravel.com/js/custom.js

Requested by

Host: www.johnhancocktravel.com
URL: https://www.johnhancocktravel.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.218.166.70 Munich, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-218-166-70.deploy.static.akamaitechnologies.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

41d9f7a9cb58af9a5e5aef544a2198551172c2a43a471b46aee6857a61b9c6bd

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';connect-src 'self' .google-analytics.com .analytics.google.com .googletagmanager.com .demdex.net cm.everesttech.net .bing.com wss://.bing.com assets.adobedtm.com;script-src 'self' .googleadservices.com .google.com .googletagmanager.com assets.adobedtm.com connect.facebook.net facebook.com bat.bing.com .demdex.net r.bing.com cm.everesttech.net;frame-src 'self' .demdex.net sdx.microsoft.com;img-src 'self' .fls.doubleclick.net .google-analytics.com .googletagmanager.com googleads.g.doubleclick.net www.google.com facebook.com .demdex.net .bing.com *.microsoft.com cm.everesttech.net assets.adobedtm.com jhfsjhtravel.112.2o7.net;upgrade-insecure-requests;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self';connect-src 'self' *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.demdex.net cm.everesttech.net *.bing.com wss://*.bing.com assets.adobedtm.com;script-src 'self' *.googleadservices.com *.google.com *.googletagmanager.com assets.adobedtm.com connect.facebook.net facebook.com bat.bing.com *.demdex.net r.bing.com cm.everesttech.net;frame-src 'self' *.demdex.net sdx.microsoft.com;img-src 'self' *.fls.doubleclick.net *.google-analytics.com *.googletagmanager.com googleads.g.doubleclick.net www.google.com facebook.com *.demdex.net *.bing.com *.microsoft.com cm.everesttech.net assets.adobedtm.com jhfsjhtravel.112.2o7.net;upgrade-insecure-requests;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Thu, 06 Apr 2023 11:20:14 GMT
X-Permitted-Cross-Domain-Policies: none
Strict-Transport-Security: max-age=15768000 ; includeSubDomains
X-DNS-Prefetch-Control: off
Connection: keep-alive
Content-Length: 6905
X-XSS-Protection: 0
Referrer-Policy: no-referrer
Last-Modified: Wed, 15 Jun 2022 17:15:11 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"74d6-181685ca7b4"
X-Download-Options: noopen
Expect-CT: max-age=0
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript; charset=UTF-8
Vary: Accept-Encoding
Cache-Control: public, max-age=0
Accept-Ranges: bytes

GET
H/1.1 200
OK backdated-browser.js Show response
www.johnhancocktravel.com/js/ 418 B
2 KB 181ms
181ms Script
application/javascript 23.218.166.70
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.johnhancocktravel.com/js/backdated-browser.js

Requested by

Host: www.johnhancocktravel.com
URL: https://www.johnhancocktravel.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.218.166.70 Munich, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-218-166-70.deploy.static.akamaitechnologies.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

b2c43cccdef8d4cbc43fef10346354ec8252b76a10d0717da1654374cda6445c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';connect-src 'self' .google-analytics.com .analytics.google.com .googletagmanager.com .demdex.net cm.everesttech.net .bing.com wss://.bing.com assets.adobedtm.com;script-src 'self' .googleadservices.com .google.com .googletagmanager.com assets.adobedtm.com connect.facebook.net facebook.com bat.bing.com .demdex.net r.bing.com cm.everesttech.net;frame-src 'self' .demdex.net sdx.microsoft.com;img-src 'self' .fls.doubleclick.net .google-analytics.com .googletagmanager.com googleads.g.doubleclick.net www.google.com facebook.com .demdex.net .bing.com *.microsoft.com cm.everesttech.net assets.adobedtm.com jhfsjhtravel.112.2o7.net;upgrade-insecure-requests;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self';connect-src 'self' *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.demdex.net cm.everesttech.net *.bing.com wss://*.bing.com assets.adobedtm.com;script-src 'self' *.googleadservices.com *.google.com *.googletagmanager.com assets.adobedtm.com connect.facebook.net facebook.com bat.bing.com *.demdex.net r.bing.com cm.everesttech.net;frame-src 'self' *.demdex.net sdx.microsoft.com;img-src 'self' *.fls.doubleclick.net *.google-analytics.com *.googletagmanager.com googleads.g.doubleclick.net www.google.com facebook.com *.demdex.net *.bing.com *.microsoft.com cm.everesttech.net assets.adobedtm.com jhfsjhtravel.112.2o7.net;upgrade-insecure-requests;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Thu, 06 Apr 2023 11:20:14 GMT
X-Permitted-Cross-Domain-Policies: none
Strict-Transport-Security: max-age=15768000 ; includeSubDomains
X-DNS-Prefetch-Control: off
Connection: keep-alive
Content-Length: 295
X-XSS-Protection: 0
Referrer-Policy: no-referrer
Last-Modified: Wed, 15 Jun 2022 17:15:11 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"1a2-181685ca7b0"
X-Download-Options: noopen
Expect-CT: max-age=0
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript; charset=UTF-8
Vary: Accept-Encoding
Cache-Control: public, max-age=0
Accept-Ranges: bytes

GET
H/1.1 200
OK nav-icon-mortgage.svg
www.johnhancocktravel.com/images/ 731 B
2 KB 588ms
135ms Image
image/svg+xml 23.218.166.70
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.johnhancocktravel.com/images/nav-icon-mortgage.svg

Requested by

Host: www.johnhancocktravel.com
URL: https://www.johnhancocktravel.com/css/app.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.218.166.70 Munich, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-218-166-70.deploy.static.akamaitechnologies.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

f427007a6d6b3e26fed945cd8fa062d538805fab49355bdef1d55c738ad6d997

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';connect-src 'self' .google-analytics.com .analytics.google.com .googletagmanager.com .demdex.net cm.everesttech.net .bing.com wss://.bing.com assets.adobedtm.com;script-src 'self' .googleadservices.com .google.com .googletagmanager.com assets.adobedtm.com connect.facebook.net facebook.com bat.bing.com .demdex.net r.bing.com cm.everesttech.net;frame-src 'self' .demdex.net sdx.microsoft.com;img-src 'self' .fls.doubleclick.net .google-analytics.com .googletagmanager.com googleads.g.doubleclick.net www.google.com facebook.com .demdex.net .bing.com *.microsoft.com cm.everesttech.net assets.adobedtm.com jhfsjhtravel.112.2o7.net;upgrade-insecure-requests;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self';connect-src 'self' *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.demdex.net cm.everesttech.net *.bing.com wss://*.bing.com assets.adobedtm.com;script-src 'self' *.googleadservices.com *.google.com *.googletagmanager.com assets.adobedtm.com connect.facebook.net facebook.com bat.bing.com *.demdex.net r.bing.com cm.everesttech.net;frame-src 'self' *.demdex.net sdx.microsoft.com;img-src 'self' *.fls.doubleclick.net *.google-analytics.com *.googletagmanager.com googleads.g.doubleclick.net www.google.com facebook.com *.demdex.net *.bing.com *.microsoft.com cm.everesttech.net assets.adobedtm.com jhfsjhtravel.112.2o7.net;upgrade-insecure-requests;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Thu, 06 Apr 2023 11:20:13 GMT
X-Permitted-Cross-Domain-Policies: none
Strict-Transport-Security: max-age=15768000 ; includeSubDomains
X-DNS-Prefetch-Control: off
Connection: keep-alive
Content-Length: 440
X-XSS-Protection: 0
Referrer-Policy: no-referrer
Last-Modified: Wed, 15 Jun 2022 17:15:11 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"2db-181685ca780"
X-Download-Options: noopen
Expect-CT: max-age=0
X-Frame-Options: SAMEORIGIN
Content-Type: image/svg+xml
Vary: Accept-Encoding
Cache-Control: public, max-age=0
Accept-Ranges: bytes

GET
H/1.1 200
OK nav-icon-blog.svg
www.johnhancocktravel.com/images/ 780 B
2 KB 594ms
152ms Image
image/svg+xml 23.218.166.70
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.johnhancocktravel.com/images/nav-icon-blog.svg

Requested by

Host: www.johnhancocktravel.com
URL: https://www.johnhancocktravel.com/css/app.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.218.166.70 Munich, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-218-166-70.deploy.static.akamaitechnologies.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

375f60243ab99c2bc50ff4ae511faa8457bae022ca74c941aa75bf39d4d6fc22

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';connect-src 'self' .google-analytics.com .analytics.google.com .googletagmanager.com .demdex.net cm.everesttech.net .bing.com wss://.bing.com assets.adobedtm.com;script-src 'self' .googleadservices.com .google.com .googletagmanager.com assets.adobedtm.com connect.facebook.net facebook.com bat.bing.com .demdex.net r.bing.com cm.everesttech.net;frame-src 'self' .demdex.net sdx.microsoft.com;img-src 'self' .fls.doubleclick.net .google-analytics.com .googletagmanager.com googleads.g.doubleclick.net www.google.com facebook.com .demdex.net .bing.com *.microsoft.com cm.everesttech.net assets.adobedtm.com jhfsjhtravel.112.2o7.net;upgrade-insecure-requests;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self';connect-src 'self' *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.demdex.net cm.everesttech.net *.bing.com wss://*.bing.com assets.adobedtm.com;script-src 'self' *.googleadservices.com *.google.com *.googletagmanager.com assets.adobedtm.com connect.facebook.net facebook.com bat.bing.com *.demdex.net r.bing.com cm.everesttech.net;frame-src 'self' *.demdex.net sdx.microsoft.com;img-src 'self' *.fls.doubleclick.net *.google-analytics.com *.googletagmanager.com googleads.g.doubleclick.net www.google.com facebook.com *.demdex.net *.bing.com *.microsoft.com cm.everesttech.net assets.adobedtm.com jhfsjhtravel.112.2o7.net;upgrade-insecure-requests;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Thu, 06 Apr 2023 11:20:13 GMT
X-Permitted-Cross-Domain-Policies: none
Strict-Transport-Security: max-age=15768000 ; includeSubDomains
X-DNS-Prefetch-Control: off
Connection: keep-alive
Content-Length: 424
X-XSS-Protection: 0
Referrer-Policy: no-referrer
Last-Modified: Wed, 15 Jun 2022 17:15:11 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"30c-181685ca77c"
X-Download-Options: noopen
Expect-CT: max-age=0
X-Frame-Options: SAMEORIGIN
Content-Type: image/svg+xml
Vary: Accept-Encoding
Cache-Control: public, max-age=0
Accept-Ranges: bytes

GET
H/1.1 200
OK nav-icon-support.svg
www.johnhancocktravel.com/images/ 1 KB
2 KB 348ms
157ms Image
image/svg+xml 23.218.166.70
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.johnhancocktravel.com/images/nav-icon-support.svg

Requested by

Host: www.johnhancocktravel.com
URL: https://www.johnhancocktravel.com/css/app.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.218.166.70 Munich, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-218-166-70.deploy.static.akamaitechnologies.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

5f15c999a69b36d2fb7ed8bd7edd3e11a19eca38c8d9c8031cae6a281b332d85

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';connect-src 'self' .google-analytics.com .analytics.google.com .googletagmanager.com .demdex.net cm.everesttech.net .bing.com wss://.bing.com assets.adobedtm.com;script-src 'self' .googleadservices.com .google.com .googletagmanager.com assets.adobedtm.com connect.facebook.net facebook.com bat.bing.com .demdex.net r.bing.com cm.everesttech.net;frame-src 'self' .demdex.net sdx.microsoft.com;img-src 'self' .fls.doubleclick.net .google-analytics.com .googletagmanager.com googleads.g.doubleclick.net www.google.com facebook.com .demdex.net .bing.com *.microsoft.com cm.everesttech.net assets.adobedtm.com jhfsjhtravel.112.2o7.net;upgrade-insecure-requests;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self';connect-src 'self' *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.demdex.net cm.everesttech.net *.bing.com wss://*.bing.com assets.adobedtm.com;script-src 'self' *.googleadservices.com *.google.com *.googletagmanager.com assets.adobedtm.com connect.facebook.net facebook.com bat.bing.com *.demdex.net r.bing.com cm.everesttech.net;frame-src 'self' *.demdex.net sdx.microsoft.com;img-src 'self' *.fls.doubleclick.net *.google-analytics.com *.googletagmanager.com googleads.g.doubleclick.net www.google.com facebook.com *.demdex.net *.bing.com *.microsoft.com cm.everesttech.net assets.adobedtm.com jhfsjhtravel.112.2o7.net;upgrade-insecure-requests;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Thu, 06 Apr 2023 11:20:13 GMT
X-Permitted-Cross-Domain-Policies: none
Strict-Transport-Security: max-age=15768000 ; includeSubDomains
X-DNS-Prefetch-Control: off
Connection: keep-alive
Content-Length: 699
X-XSS-Protection: 0
Referrer-Policy: no-referrer
Last-Modified: Wed, 15 Jun 2022 17:15:11 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"528-181685ca780"
X-Download-Options: noopen
Expect-CT: max-age=0
X-Frame-Options: SAMEORIGIN
Content-Type: image/svg+xml
Vary: Accept-Encoding
Cache-Control: public, max-age=0
Accept-Ranges: bytes

GET
H/1.1 200
OK phone-icon-1.svg
www.johnhancocktravel.com/images/ 1 KB
2 KB 452ms
138ms Image
image/svg+xml 23.218.166.70
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.johnhancocktravel.com/images/phone-icon-1.svg

Requested by

Host: www.johnhancocktravel.com
URL: https://www.johnhancocktravel.com/css/app.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.218.166.70 Munich, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-218-166-70.deploy.static.akamaitechnologies.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

c088373e36fd880195dc66e94c3f519b47bb625031e94944b8b91ecef1d55989

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';connect-src 'self' .google-analytics.com .analytics.google.com .googletagmanager.com .demdex.net cm.everesttech.net .bing.com wss://.bing.com assets.adobedtm.com;script-src 'self' .googleadservices.com .google.com .googletagmanager.com assets.adobedtm.com connect.facebook.net facebook.com bat.bing.com .demdex.net r.bing.com cm.everesttech.net;frame-src 'self' .demdex.net sdx.microsoft.com;img-src 'self' .fls.doubleclick.net .google-analytics.com .googletagmanager.com googleads.g.doubleclick.net www.google.com facebook.com .demdex.net .bing.com *.microsoft.com cm.everesttech.net assets.adobedtm.com jhfsjhtravel.112.2o7.net;upgrade-insecure-requests;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self';connect-src 'self' *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.demdex.net cm.everesttech.net *.bing.com wss://*.bing.com assets.adobedtm.com;script-src 'self' *.googleadservices.com *.google.com *.googletagmanager.com assets.adobedtm.com connect.facebook.net facebook.com bat.bing.com *.demdex.net r.bing.com cm.everesttech.net;frame-src 'self' *.demdex.net sdx.microsoft.com;img-src 'self' *.fls.doubleclick.net *.google-analytics.com *.googletagmanager.com googleads.g.doubleclick.net www.google.com facebook.com *.demdex.net *.bing.com *.microsoft.com cm.everesttech.net assets.adobedtm.com jhfsjhtravel.112.2o7.net;upgrade-insecure-requests;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Thu, 06 Apr 2023 11:20:13 GMT
X-Permitted-Cross-Domain-Policies: none
Strict-Transport-Security: max-age=15768000 ; includeSubDomains
X-DNS-Prefetch-Control: off
Connection: keep-alive
Content-Length: 864
X-XSS-Protection: 0
Referrer-Policy: no-referrer
Last-Modified: Wed, 15 Jun 2022 17:15:11 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"5fe-181685ca788"
X-Download-Options: noopen
Expect-CT: max-age=0
X-Frame-Options: SAMEORIGIN
Content-Type: image/svg+xml
Vary: Accept-Encoding
Cache-Control: public, max-age=0
Accept-Ranges: bytes

GET
H/1.1 200
OK legal.svg
www.johnhancocktravel.com/images/ 276 B
2 KB 495ms
146ms Image
image/svg+xml 23.218.166.70
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.johnhancocktravel.com/images/legal.svg

Requested by

Host: www.johnhancocktravel.com
URL: https://www.johnhancocktravel.com/css/app.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.218.166.70 Munich, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-218-166-70.deploy.static.akamaitechnologies.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

2ec938f32bd00672a6da7e12ddb01363fea5592c739b239d346304a283f60b70

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';connect-src 'self' .google-analytics.com .analytics.google.com .googletagmanager.com .demdex.net cm.everesttech.net .bing.com wss://.bing.com assets.adobedtm.com;script-src 'self' .googleadservices.com .google.com .googletagmanager.com assets.adobedtm.com connect.facebook.net facebook.com bat.bing.com .demdex.net r.bing.com cm.everesttech.net;frame-src 'self' .demdex.net sdx.microsoft.com;img-src 'self' .fls.doubleclick.net .google-analytics.com .googletagmanager.com googleads.g.doubleclick.net www.google.com facebook.com .demdex.net .bing.com *.microsoft.com cm.everesttech.net assets.adobedtm.com jhfsjhtravel.112.2o7.net;upgrade-insecure-requests;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self';connect-src 'self' *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.demdex.net cm.everesttech.net *.bing.com wss://*.bing.com assets.adobedtm.com;script-src 'self' *.googleadservices.com *.google.com *.googletagmanager.com assets.adobedtm.com connect.facebook.net facebook.com bat.bing.com *.demdex.net r.bing.com cm.everesttech.net;frame-src 'self' *.demdex.net sdx.microsoft.com;img-src 'self' *.fls.doubleclick.net *.google-analytics.com *.googletagmanager.com googleads.g.doubleclick.net www.google.com facebook.com *.demdex.net *.bing.com *.microsoft.com cm.everesttech.net assets.adobedtm.com jhfsjhtravel.112.2o7.net;upgrade-insecure-requests;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Thu, 06 Apr 2023 11:20:13 GMT
X-Permitted-Cross-Domain-Policies: none
Strict-Transport-Security: max-age=15768000 ; includeSubDomains
X-DNS-Prefetch-Control: off
Connection: keep-alive
Content-Length: 191
X-XSS-Protection: 0
Referrer-Policy: no-referrer
Last-Modified: Wed, 15 Jun 2022 17:15:11 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"114-181685ca764"
X-Download-Options: noopen
Expect-CT: max-age=0
X-Frame-Options: SAMEORIGIN
Content-Type: image/svg+xml
Vary: Accept-Encoding
Cache-Control: public, max-age=0
Accept-Ranges: bytes

GET
H/1.1 200
OK icon-search-close.svg
www.johnhancocktravel.com/images/ 273 B
2 KB 617ms
148ms Image
image/svg+xml 23.218.166.70
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.johnhancocktravel.com/images/icon-search-close.svg

Requested by

Host: www.johnhancocktravel.com
URL: https://www.johnhancocktravel.com/css/app.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.218.166.70 Munich, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-218-166-70.deploy.static.akamaitechnologies.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

51e2fd255a9adc10679094454f1e26d732454e89ec5c6ce39029e7dcee51ac1f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';connect-src 'self' .google-analytics.com .analytics.google.com .googletagmanager.com .demdex.net cm.everesttech.net .bing.com wss://.bing.com assets.adobedtm.com;script-src 'self' .googleadservices.com .google.com .googletagmanager.com assets.adobedtm.com connect.facebook.net facebook.com bat.bing.com .demdex.net r.bing.com cm.everesttech.net;frame-src 'self' .demdex.net sdx.microsoft.com;img-src 'self' .fls.doubleclick.net .google-analytics.com .googletagmanager.com googleads.g.doubleclick.net www.google.com facebook.com .demdex.net .bing.com *.microsoft.com cm.everesttech.net assets.adobedtm.com jhfsjhtravel.112.2o7.net;upgrade-insecure-requests;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self';connect-src 'self' *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.demdex.net cm.everesttech.net *.bing.com wss://*.bing.com assets.adobedtm.com;script-src 'self' *.googleadservices.com *.google.com *.googletagmanager.com assets.adobedtm.com connect.facebook.net facebook.com bat.bing.com *.demdex.net r.bing.com cm.everesttech.net;frame-src 'self' *.demdex.net sdx.microsoft.com;img-src 'self' *.fls.doubleclick.net *.google-analytics.com *.googletagmanager.com googleads.g.doubleclick.net www.google.com facebook.com *.demdex.net *.bing.com *.microsoft.com cm.everesttech.net assets.adobedtm.com jhfsjhtravel.112.2o7.net;upgrade-insecure-requests;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Thu, 06 Apr 2023 11:20:13 GMT
X-Permitted-Cross-Domain-Policies: none
Strict-Transport-Security: max-age=15768000 ; includeSubDomains
X-DNS-Prefetch-Control: off
Connection: keep-alive
Content-Length: 200
X-XSS-Protection: 0
Referrer-Policy: no-referrer
Last-Modified: Wed, 15 Jun 2022 17:15:11 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"111-181685ca74c"
X-Download-Options: noopen
Expect-CT: max-age=0
X-Frame-Options: SAMEORIGIN
Content-Type: image/svg+xml
Vary: Accept-Encoding
Cache-Control: public, max-age=0
Accept-Ranges: bytes

GET
H/1.1 200
OK alert-icon.svg
www.johnhancocktravel.com/images/ 382 B
2 KB 469ms
163ms Image
image/svg+xml 23.218.166.70
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.johnhancocktravel.com/images/alert-icon.svg

Requested by

Host: www.johnhancocktravel.com
URL: https://www.johnhancocktravel.com/css/app.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.218.166.70 Munich, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-218-166-70.deploy.static.akamaitechnologies.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

535ba6ed9422003793065b56d0e763fab2d60fce9ebf1d675692d5b39bc0a025

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';connect-src 'self' .google-analytics.com .analytics.google.com .googletagmanager.com .demdex.net cm.everesttech.net .bing.com wss://.bing.com assets.adobedtm.com;script-src 'self' .googleadservices.com .google.com .googletagmanager.com assets.adobedtm.com connect.facebook.net facebook.com bat.bing.com .demdex.net r.bing.com cm.everesttech.net;frame-src 'self' .demdex.net sdx.microsoft.com;img-src 'self' .fls.doubleclick.net .google-analytics.com .googletagmanager.com googleads.g.doubleclick.net www.google.com facebook.com .demdex.net .bing.com *.microsoft.com cm.everesttech.net assets.adobedtm.com jhfsjhtravel.112.2o7.net;upgrade-insecure-requests;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self';connect-src 'self' *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.demdex.net cm.everesttech.net *.bing.com wss://*.bing.com assets.adobedtm.com;script-src 'self' *.googleadservices.com *.google.com *.googletagmanager.com assets.adobedtm.com connect.facebook.net facebook.com bat.bing.com *.demdex.net r.bing.com cm.everesttech.net;frame-src 'self' *.demdex.net sdx.microsoft.com;img-src 'self' *.fls.doubleclick.net *.google-analytics.com *.googletagmanager.com googleads.g.doubleclick.net www.google.com facebook.com *.demdex.net *.bing.com *.microsoft.com cm.everesttech.net assets.adobedtm.com jhfsjhtravel.112.2o7.net;upgrade-insecure-requests;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Thu, 06 Apr 2023 11:20:13 GMT
X-Permitted-Cross-Domain-Policies: none
Strict-Transport-Security: max-age=15768000 ; includeSubDomains
X-DNS-Prefetch-Control: off
Connection: keep-alive
Content-Length: 262
X-XSS-Protection: 0
Referrer-Policy: no-referrer
Last-Modified: Wed, 15 Jun 2022 17:15:11 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"17e-181685ca6f4"
X-Download-Options: noopen
Expect-CT: max-age=0
X-Frame-Options: SAMEORIGIN
Content-Type: image/svg+xml
Vary: Accept-Encoding
Cache-Control: public, max-age=0
Accept-Ranges: bytes

GET
H/1.1 200
OK travel-insurance-hero-d.png
www.johnhancocktravel.com/images/header/ 156 KB
158 KB 363ms
163ms Image
image/png 23.218.166.70
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.johnhancocktravel.com/images/header/travel-insurance-hero-d.png

Requested by

Host: www.johnhancocktravel.com
URL: https://www.johnhancocktravel.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.218.166.70 Munich, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-218-166-70.deploy.static.akamaitechnologies.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

06ef5874dce3d7c33d5ffd189bca826cdb917b64352561297167dcc17b845d36

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';connect-src 'self' .google-analytics.com .analytics.google.com .googletagmanager.com .demdex.net cm.everesttech.net .bing.com wss://.bing.com assets.adobedtm.com;script-src 'self' .googleadservices.com .google.com .googletagmanager.com assets.adobedtm.com connect.facebook.net facebook.com bat.bing.com .demdex.net r.bing.com cm.everesttech.net;frame-src 'self' .demdex.net sdx.microsoft.com;img-src 'self' .fls.doubleclick.net .google-analytics.com .googletagmanager.com googleads.g.doubleclick.net www.google.com facebook.com .demdex.net .bing.com *.microsoft.com cm.everesttech.net assets.adobedtm.com jhfsjhtravel.112.2o7.net;upgrade-insecure-requests;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.johnhancocktravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self';connect-src 'self' *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.demdex.net cm.everesttech.net *.bing.com wss://*.bing.com assets.adobedtm.com;script-src 'self' *.googleadservices.com *.google.com *.googletagmanager.com assets.adobedtm.com connect.facebook.net facebook.com bat.bing.com *.demdex.net r.bing.com cm.everesttech.net;frame-src 'self' *.demdex.net sdx.microsoft.com;img-src 'self' *.fls.doubleclick.net *.google-analytics.com *.googletagmanager.com googleads.g.doubleclick.net www.google.com facebook.com *.demdex.net *.bing.com *.microsoft.com cm.everesttech.net assets.adobedtm.com jhfsjhtravel.112.2o7.net;upgrade-insecure-requests;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Date: Thu, 06 Apr 2023 11:20:13 GMT
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15768000 ; includeSubDomains
X-Permitted-Cross-Domain-Policies: none
X-DNS-Prefetch-Control: off
Connection: keep-alive
Content-Length: 159882
X-XSS-Protection: 0
Referrer-Policy: no-referrer
Last-Modified: Wed, 15 Jun 2022 17:15:14 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"2708a-181685cb2fc"
Expect-CT: max-age=0
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: public, max-age=0
Accept-Ranges: bytes

GET
H/1.1 200
OK info-tooltip-icon.svg
www.johnhancocktravel.com/images/ 1005 B
2 KB 474ms
198ms Image
image/svg+xml 23.218.166.70
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.johnhancocktravel.com/images/info-tooltip-icon.svg

Requested by

Host: www.johnhancocktravel.com
URL: https://www.johnhancocktravel.com/css/app.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.218.166.70 Munich, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-218-166-70.deploy.static.akamaitechnologies.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

7886e68cae125e02469198038f5a5abea894d2526d1ae6c20505b8268a073872

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';connect-src 'self' .google-analytics.com .analytics.google.com .googletagmanager.com .demdex.net cm.everesttech.net .bing.com wss://.bing.com assets.adobedtm.com;script-src 'self' .googleadservices.com .google.com .googletagmanager.com assets.adobedtm.com connect.facebook.net facebook.com bat.bing.com .demdex.net r.bing.com cm.everesttech.net;frame-src 'self' .demdex.net sdx.microsoft.com;img-src 'self' .fls.doubleclick.net .google-analytics.com .googletagmanager.com googleads.g.doubleclick.net www.google.com facebook.com .demdex.net .bing.com *.microsoft.com cm.everesttech.net assets.adobedtm.com jhfsjhtravel.112.2o7.net;upgrade-insecure-requests;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self';connect-src 'self' *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.demdex.net cm.everesttech.net *.bing.com wss://*.bing.com assets.adobedtm.com;script-src 'self' *.googleadservices.com *.google.com *.googletagmanager.com assets.adobedtm.com connect.facebook.net facebook.com bat.bing.com *.demdex.net r.bing.com cm.everesttech.net;frame-src 'self' *.demdex.net sdx.microsoft.com;img-src 'self' *.fls.doubleclick.net *.google-analytics.com *.googletagmanager.com googleads.g.doubleclick.net www.google.com facebook.com *.demdex.net *.bing.com *.microsoft.com cm.everesttech.net assets.adobedtm.com jhfsjhtravel.112.2o7.net;upgrade-insecure-requests;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Thu, 06 Apr 2023 11:20:13 GMT
X-Permitted-Cross-Domain-Policies: none
Strict-Transport-Security: max-age=15768000 ; includeSubDomains
X-DNS-Prefetch-Control: off
Connection: keep-alive
Content-Length: 553
X-XSS-Protection: 0
Referrer-Policy: no-referrer
Last-Modified: Wed, 15 Jun 2022 17:15:11 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"3ed-181685ca764"
X-Download-Options: noopen
Expect-CT: max-age=0
X-Frame-Options: SAMEORIGIN
Content-Type: image/svg+xml
Vary: Accept-Encoding
Cache-Control: public, max-age=0
Accept-Ranges: bytes

GET
H/1.1 200
OK date-range.svg
www.johnhancocktravel.com/images/ 1006 B
2 KB 442ms
145ms Image
image/svg+xml 23.218.166.70
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.johnhancocktravel.com/images/date-range.svg

Requested by

Host: www.johnhancocktravel.com
URL: https://www.johnhancocktravel.com/css/app.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.218.166.70 Munich, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-218-166-70.deploy.static.akamaitechnologies.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

f91d6d1509554ad401d10a2b7792151c61f3b1d6d0dad5de4d6cddbefe79c324

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';connect-src 'self' .google-analytics.com .analytics.google.com .googletagmanager.com .demdex.net cm.everesttech.net .bing.com wss://.bing.com assets.adobedtm.com;script-src 'self' .googleadservices.com .google.com .googletagmanager.com assets.adobedtm.com connect.facebook.net facebook.com bat.bing.com .demdex.net r.bing.com cm.everesttech.net;frame-src 'self' .demdex.net sdx.microsoft.com;img-src 'self' .fls.doubleclick.net .google-analytics.com .googletagmanager.com googleads.g.doubleclick.net www.google.com facebook.com .demdex.net .bing.com *.microsoft.com cm.everesttech.net assets.adobedtm.com jhfsjhtravel.112.2o7.net;upgrade-insecure-requests;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self';connect-src 'self' *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.demdex.net cm.everesttech.net *.bing.com wss://*.bing.com assets.adobedtm.com;script-src 'self' *.googleadservices.com *.google.com *.googletagmanager.com assets.adobedtm.com connect.facebook.net facebook.com bat.bing.com *.demdex.net r.bing.com cm.everesttech.net;frame-src 'self' *.demdex.net sdx.microsoft.com;img-src 'self' *.fls.doubleclick.net *.google-analytics.com *.googletagmanager.com googleads.g.doubleclick.net www.google.com facebook.com *.demdex.net *.bing.com *.microsoft.com cm.everesttech.net assets.adobedtm.com jhfsjhtravel.112.2o7.net;upgrade-insecure-requests;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Thu, 06 Apr 2023 11:20:13 GMT
X-Permitted-Cross-Domain-Policies: none
Strict-Transport-Security: max-age=15768000 ; includeSubDomains
X-DNS-Prefetch-Control: off
Connection: keep-alive
Content-Length: 537
X-XSS-Protection: 0
Referrer-Policy: no-referrer
Last-Modified: Wed, 15 Jun 2022 17:15:11 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"3ee-181685ca6f8"
X-Download-Options: noopen
Expect-CT: max-age=0
X-Frame-Options: SAMEORIGIN
Content-Type: image/svg+xml
Vary: Accept-Encoding
Cache-Control: public, max-age=0
Accept-Ranges: bytes

GET
H/1.1 200
OK select-dropdown-arrow.svg
www.johnhancocktravel.com/images/ 219 B
2 KB 305ms
158ms Image
image/svg+xml 23.218.166.70
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.johnhancocktravel.com/images/select-dropdown-arrow.svg

Requested by

Host: www.johnhancocktravel.com
URL: https://www.johnhancocktravel.com/css/app.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.218.166.70 Munich, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-218-166-70.deploy.static.akamaitechnologies.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

8f054c0c2d694dae199afdf795d4680226c06f6de38849c14c1a30c5f107433b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';connect-src 'self' .google-analytics.com .analytics.google.com .googletagmanager.com .demdex.net cm.everesttech.net .bing.com wss://.bing.com assets.adobedtm.com;script-src 'self' .googleadservices.com .google.com .googletagmanager.com assets.adobedtm.com connect.facebook.net facebook.com bat.bing.com .demdex.net r.bing.com cm.everesttech.net;frame-src 'self' .demdex.net sdx.microsoft.com;img-src 'self' .fls.doubleclick.net .google-analytics.com .googletagmanager.com googleads.g.doubleclick.net www.google.com facebook.com .demdex.net .bing.com *.microsoft.com cm.everesttech.net assets.adobedtm.com jhfsjhtravel.112.2o7.net;upgrade-insecure-requests;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self';connect-src 'self' *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.demdex.net cm.everesttech.net *.bing.com wss://*.bing.com assets.adobedtm.com;script-src 'self' *.googleadservices.com *.google.com *.googletagmanager.com assets.adobedtm.com connect.facebook.net facebook.com bat.bing.com *.demdex.net r.bing.com cm.everesttech.net;frame-src 'self' *.demdex.net sdx.microsoft.com;img-src 'self' *.fls.doubleclick.net *.google-analytics.com *.googletagmanager.com googleads.g.doubleclick.net www.google.com facebook.com *.demdex.net *.bing.com *.microsoft.com cm.everesttech.net assets.adobedtm.com jhfsjhtravel.112.2o7.net;upgrade-insecure-requests;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Thu, 06 Apr 2023 11:20:13 GMT
X-Permitted-Cross-Domain-Policies: none
Strict-Transport-Security: max-age=15768000 ; includeSubDomains
X-DNS-Prefetch-Control: off
Connection: keep-alive
Content-Length: 190
X-XSS-Protection: 0
Referrer-Policy: no-referrer
Last-Modified: Wed, 15 Jun 2022 17:15:11 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"db-181685ca790"
X-Download-Options: noopen
Expect-CT: max-age=0
X-Frame-Options: SAMEORIGIN
Content-Type: image/svg+xml
Vary: Accept-Encoding
Cache-Control: public, max-age=0
Accept-Ranges: bytes

GET
H/1.1 200
OK btn-icon-sprite.svg
www.johnhancocktravel.com/images/ 3 KB
3 KB 548ms
142ms Image
image/svg+xml 23.218.166.70
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.johnhancocktravel.com/images/btn-icon-sprite.svg

Requested by

Host: www.johnhancocktravel.com
URL: https://www.johnhancocktravel.com/css/app.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.218.166.70 Munich, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-218-166-70.deploy.static.akamaitechnologies.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

39be64a0ba71dc35e58852ea1347bf8742b28e123cc7fbb7bf49c75a6fea9c40

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';connect-src 'self' .google-analytics.com .analytics.google.com .googletagmanager.com .demdex.net cm.everesttech.net .bing.com wss://.bing.com assets.adobedtm.com;script-src 'self' .googleadservices.com .google.com .googletagmanager.com assets.adobedtm.com connect.facebook.net facebook.com bat.bing.com .demdex.net r.bing.com cm.everesttech.net;frame-src 'self' .demdex.net sdx.microsoft.com;img-src 'self' .fls.doubleclick.net .google-analytics.com .googletagmanager.com googleads.g.doubleclick.net www.google.com facebook.com .demdex.net .bing.com *.microsoft.com cm.everesttech.net assets.adobedtm.com jhfsjhtravel.112.2o7.net;upgrade-insecure-requests;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self';connect-src 'self' *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.demdex.net cm.everesttech.net *.bing.com wss://*.bing.com assets.adobedtm.com;script-src 'self' *.googleadservices.com *.google.com *.googletagmanager.com assets.adobedtm.com connect.facebook.net facebook.com bat.bing.com *.demdex.net r.bing.com cm.everesttech.net;frame-src 'self' *.demdex.net sdx.microsoft.com;img-src 'self' *.fls.doubleclick.net *.google-analytics.com *.googletagmanager.com googleads.g.doubleclick.net www.google.com facebook.com *.demdex.net *.bing.com *.microsoft.com cm.everesttech.net assets.adobedtm.com jhfsjhtravel.112.2o7.net;upgrade-insecure-requests;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Thu, 06 Apr 2023 11:20:13 GMT
X-Permitted-Cross-Domain-Policies: none
Strict-Transport-Security: max-age=15768000 ; includeSubDomains
X-DNS-Prefetch-Control: off
Connection: keep-alive
Content-Length: 1077
X-XSS-Protection: 0
Referrer-Policy: no-referrer
Last-Modified: Wed, 15 Jun 2022 17:15:11 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"bc0-181685ca6f4"
X-Download-Options: noopen
Expect-CT: max-age=0
X-Frame-Options: SAMEORIGIN
Content-Type: image/svg+xml
Vary: Accept-Encoding
Cache-Control: public, max-age=0
Accept-Ranges: bytes

GET
H/1.1 200
OK icon-contact.svg
www.johnhancocktravel.com/images/ 302 B
2 KB 182ms
182ms Image
image/svg+xml 23.218.166.70
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.johnhancocktravel.com/images/icon-contact.svg

Requested by

Host: www.johnhancocktravel.com
URL: https://www.johnhancocktravel.com/css/app.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.218.166.70 Munich, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-218-166-70.deploy.static.akamaitechnologies.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

b2fe3eca9799ae94bf2cca092575e85a1ecd33f7920991b38eb280b334b51d5c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';connect-src 'self' .google-analytics.com .analytics.google.com .googletagmanager.com .demdex.net cm.everesttech.net .bing.com wss://.bing.com assets.adobedtm.com;script-src 'self' .googleadservices.com .google.com .googletagmanager.com assets.adobedtm.com connect.facebook.net facebook.com bat.bing.com .demdex.net r.bing.com cm.everesttech.net;frame-src 'self' .demdex.net sdx.microsoft.com;img-src 'self' .fls.doubleclick.net .google-analytics.com .googletagmanager.com googleads.g.doubleclick.net www.google.com facebook.com .demdex.net .bing.com *.microsoft.com cm.everesttech.net assets.adobedtm.com jhfsjhtravel.112.2o7.net;upgrade-insecure-requests;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self';connect-src 'self' *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.demdex.net cm.everesttech.net *.bing.com wss://*.bing.com assets.adobedtm.com;script-src 'self' *.googleadservices.com *.google.com *.googletagmanager.com assets.adobedtm.com connect.facebook.net facebook.com bat.bing.com *.demdex.net r.bing.com cm.everesttech.net;frame-src 'self' *.demdex.net sdx.microsoft.com;img-src 'self' *.fls.doubleclick.net *.google-analytics.com *.googletagmanager.com googleads.g.doubleclick.net www.google.com facebook.com *.demdex.net *.bing.com *.microsoft.com cm.everesttech.net assets.adobedtm.com jhfsjhtravel.112.2o7.net;upgrade-insecure-requests;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Thu, 06 Apr 2023 11:20:14 GMT
X-Permitted-Cross-Domain-Policies: none
Strict-Transport-Security: max-age=15768000 ; includeSubDomains
X-DNS-Prefetch-Control: off
Connection: keep-alive
Content-Length: 231
X-XSS-Protection: 0
Referrer-Policy: no-referrer
Last-Modified: Wed, 15 Jun 2022 17:15:11 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"12e-181685ca73c"
X-Download-Options: noopen
Expect-CT: max-age=0
X-Frame-Options: SAMEORIGIN
Content-Type: image/svg+xml
Vary: Accept-Encoding
Cache-Control: public, max-age=0
Accept-Ranges: bytes

GET
H/1.1 200
OK ManulifeJHSans-Regular.woff2
www.johnhancocktravel.com/fonts/ 47 KB
48 KB 276ms
149ms Font
font/woff2 23.218.166.70
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.johnhancocktravel.com/fonts/ManulifeJHSans-Regular.woff2

Requested by

Host: www.johnhancocktravel.com
URL: https://www.johnhancocktravel.com/css/app.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.218.166.70 Munich, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-218-166-70.deploy.static.akamaitechnologies.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

365690660f64c87ecad36962bacce3bb1f810c23697a5d0e52b6a3928ea547ac

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';connect-src 'self' .google-analytics.com .analytics.google.com .googletagmanager.com .demdex.net cm.everesttech.net .bing.com wss://.bing.com assets.adobedtm.com;script-src 'self' .googleadservices.com .google.com .googletagmanager.com assets.adobedtm.com connect.facebook.net facebook.com bat.bing.com .demdex.net r.bing.com cm.everesttech.net;frame-src 'self' .demdex.net sdx.microsoft.com;img-src 'self' .fls.doubleclick.net .google-analytics.com .googletagmanager.com googleads.g.doubleclick.net www.google.com facebook.com .demdex.net .bing.com *.microsoft.com cm.everesttech.net assets.adobedtm.com jhfsjhtravel.112.2o7.net;upgrade-insecure-requests;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
Origin: https://www.johnhancocktravel.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self';connect-src 'self' *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.demdex.net cm.everesttech.net *.bing.com wss://*.bing.com assets.adobedtm.com;script-src 'self' *.googleadservices.com *.google.com *.googletagmanager.com assets.adobedtm.com connect.facebook.net facebook.com bat.bing.com *.demdex.net r.bing.com cm.everesttech.net;frame-src 'self' *.demdex.net sdx.microsoft.com;img-src 'self' *.fls.doubleclick.net *.google-analytics.com *.googletagmanager.com googleads.g.doubleclick.net www.google.com facebook.com *.demdex.net *.bing.com *.microsoft.com cm.everesttech.net assets.adobedtm.com jhfsjhtravel.112.2o7.net;upgrade-insecure-requests;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Date: Thu, 06 Apr 2023 11:20:13 GMT
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15768000 ; includeSubDomains
X-Permitted-Cross-Domain-Policies: none
X-DNS-Prefetch-Control: off
Connection: keep-alive
Content-Length: 48060
X-XSS-Protection: 0
Referrer-Policy: no-referrer
Last-Modified: Wed, 15 Jun 2022 17:15:11 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"bbbc-181685ca584"
Expect-CT: max-age=0
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Content-Type: font/woff2
Cache-Control: public, max-age=0
Accept-Ranges: bytes

GET
H/1.1 200
OK ManulifeJHSans-Bold.woff2
www.johnhancocktravel.com/fonts/ 44 KB
46 KB 279ms
148ms Font
font/woff2 23.218.166.70
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.johnhancocktravel.com/fonts/ManulifeJHSans-Bold.woff2

Requested by

Host: www.johnhancocktravel.com
URL: https://www.johnhancocktravel.com/css/app.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.218.166.70 Munich, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-218-166-70.deploy.static.akamaitechnologies.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

8b209e2366b79d4a7228952bdeee2f7c9f0845d6394e0bc040cc514f3fdf012e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';connect-src 'self' .google-analytics.com .analytics.google.com .googletagmanager.com .demdex.net cm.everesttech.net .bing.com wss://.bing.com assets.adobedtm.com;script-src 'self' .googleadservices.com .google.com .googletagmanager.com assets.adobedtm.com connect.facebook.net facebook.com bat.bing.com .demdex.net r.bing.com cm.everesttech.net;frame-src 'self' .demdex.net sdx.microsoft.com;img-src 'self' .fls.doubleclick.net .google-analytics.com .googletagmanager.com googleads.g.doubleclick.net www.google.com facebook.com .demdex.net .bing.com *.microsoft.com cm.everesttech.net assets.adobedtm.com jhfsjhtravel.112.2o7.net;upgrade-insecure-requests;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
Origin: https://www.johnhancocktravel.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self';connect-src 'self' *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.demdex.net cm.everesttech.net *.bing.com wss://*.bing.com assets.adobedtm.com;script-src 'self' *.googleadservices.com *.google.com *.googletagmanager.com assets.adobedtm.com connect.facebook.net facebook.com bat.bing.com *.demdex.net r.bing.com cm.everesttech.net;frame-src 'self' *.demdex.net sdx.microsoft.com;img-src 'self' *.fls.doubleclick.net *.google-analytics.com *.googletagmanager.com googleads.g.doubleclick.net www.google.com facebook.com *.demdex.net *.bing.com *.microsoft.com cm.everesttech.net assets.adobedtm.com jhfsjhtravel.112.2o7.net;upgrade-insecure-requests;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Date: Thu, 06 Apr 2023 11:20:13 GMT
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15768000 ; includeSubDomains
X-Permitted-Cross-Domain-Policies: none
X-DNS-Prefetch-Control: off
Connection: keep-alive
Content-Length: 45276
X-XSS-Protection: 0
Referrer-Policy: no-referrer
Last-Modified: Wed, 15 Jun 2022 17:15:10 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"b0dc-181685ca474"
Expect-CT: max-age=0
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Content-Type: font/woff2
Cache-Control: public, max-age=0
Accept-Ranges: bytes

GET
H/1.1 200
OK ManulifeJHSans-Semibold.woff2
www.johnhancocktravel.com/fonts/ 45 KB
46 KB 288ms
154ms Font
font/woff2 23.218.166.70
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.johnhancocktravel.com/fonts/ManulifeJHSans-Semibold.woff2

Requested by

Host: www.johnhancocktravel.com
URL: https://www.johnhancocktravel.com/css/app.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.218.166.70 Munich, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-218-166-70.deploy.static.akamaitechnologies.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

5e92ab03190640edfb9979313426abfafbec230fab768df4ed04af7c7369346c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';connect-src 'self' .google-analytics.com .analytics.google.com .googletagmanager.com .demdex.net cm.everesttech.net .bing.com wss://.bing.com assets.adobedtm.com;script-src 'self' .googleadservices.com .google.com .googletagmanager.com assets.adobedtm.com connect.facebook.net facebook.com bat.bing.com .demdex.net r.bing.com cm.everesttech.net;frame-src 'self' .demdex.net sdx.microsoft.com;img-src 'self' .fls.doubleclick.net .google-analytics.com .googletagmanager.com googleads.g.doubleclick.net www.google.com facebook.com .demdex.net .bing.com *.microsoft.com cm.everesttech.net assets.adobedtm.com jhfsjhtravel.112.2o7.net;upgrade-insecure-requests;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
Origin: https://www.johnhancocktravel.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self';connect-src 'self' *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.demdex.net cm.everesttech.net *.bing.com wss://*.bing.com assets.adobedtm.com;script-src 'self' *.googleadservices.com *.google.com *.googletagmanager.com assets.adobedtm.com connect.facebook.net facebook.com bat.bing.com *.demdex.net r.bing.com cm.everesttech.net;frame-src 'self' *.demdex.net sdx.microsoft.com;img-src 'self' *.fls.doubleclick.net *.google-analytics.com *.googletagmanager.com googleads.g.doubleclick.net www.google.com facebook.com *.demdex.net *.bing.com *.microsoft.com cm.everesttech.net assets.adobedtm.com jhfsjhtravel.112.2o7.net;upgrade-insecure-requests;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Date: Thu, 06 Apr 2023 11:20:13 GMT
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15768000 ; includeSubDomains
X-Permitted-Cross-Domain-Policies: none
X-DNS-Prefetch-Control: off
Connection: keep-alive
Content-Length: 45596
X-XSS-Protection: 0
Referrer-Policy: no-referrer
Last-Modified: Wed, 15 Jun 2022 17:15:11 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"b21c-181685ca5bc"
Expect-CT: max-age=0
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Content-Type: font/woff2
Cache-Control: public, max-age=0
Accept-Ranges: bytes

GET
H2 200 fa-solid-900.woff2
use.fontawesome.com/releases/v5.1.0/webfonts/ 58 KB
59 KB 42ms
41ms Font
font/woff2 2606:4700:e2::ac40:850f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.1.0/webfonts/fa-solid-900.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.1.0/css/all.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:850f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a83079124373d924ad1402fbc08d2e24d0043234d4c26565f1c368745f55f5d9

Request headers

Referer: https://use.fontawesome.com/releases/v5.1.0/css/all.css
Origin: https://www.johnhancocktravel.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 11:20:12 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: A9KRJQY0F7YG1TEV
age: 27076
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 59572
x-amz-id-2: Z150jbbkF+HeoO2XQp6NbimmKjbMfFw1VheGhL4A1ao/sATBq6CDPl8sQCGTW8N8amlZus6jV5Q=
last-modified: Wed, 30 Jun 2021 15:30:49 GMT
server: cloudflare
etag: "18d2347ab2a9f40ca2247cdb03303d84"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dwtSlgewon8KQsGp1eTSZVaLp%2Br7ld9rbMyPxEGW6HeH7d05CYg7QNz0nG%2BwCC1PAXmaQZYBmEu9DJbkp4msRzauU02xA1Nj364Bwg6FT%2B1hwT559%2Fqv0n5ZOBX1VG417gRFB7nqVql6A0XEpPgaz2wa"}],"group":"cf-nel","max_age":604800}
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 7b39a3e8ec019ba0-FRA

GET
H2 200 AppMeasurement.min.js Show response
assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/ 33 KB
12 KB 32ms
31ms Script
application/x-javascript 2a02:26f0:3500:591::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/AppMeasurement.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/122318bb3e34/1b90b12e34aa/launch-046391c7a3d0.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 9219086b4f2c3bf77854b2e06ccd97ad32b9b7a140e65ff8b974a3bae6c7854c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 11:20:13 GMT
content-encoding: gzip
last-modified: Mon, 14 Feb 2022 16:35:31 GMT
server: AkamaiNetStorage
etag: "d860c16ac938f7d839f0ec158d02d0f0:1644856531.418573"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 12163
expires: Thu, 06 Apr 2023 12:20:13 GMT

GET
H2 200 AppMeasurement_Module_ActivityMap.min.js Show response
assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/ 3 KB
2 KB 36ms
35ms Script
application/x-javascript 2a02:26f0:3500:591::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/AppMeasurement_Module_ActivityMap.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/122318bb3e34/1b90b12e34aa/launch-046391c7a3d0.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 462a66acbf50e933685e7587e9f1441df8225b2bb4d6b7bc5e757eccf4ff6575

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 11:20:13 GMT
content-encoding: gzip
last-modified: Mon, 14 Feb 2022 16:35:31 GMT
server: AkamaiNetStorage
etag: "2d1382c349d480b6b41574ac0c1af066:1644856531.739514"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 1597
expires: Thu, 06 Apr 2023 12:20:13 GMT

GET truncated
/ 0
0

GET
H/1.1 200
OK update.js Show response
www.johnhancocktravel.com/js/vendor/ 7 KB
5 KB 177ms
177ms Script
application/javascript 23.218.166.70
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.johnhancocktravel.com/js/vendor/update.js

Requested by

Host: www.johnhancocktravel.com
URL: https://www.johnhancocktravel.com/js/backdated-browser.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.218.166.70 Munich, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-218-166-70.deploy.static.akamaitechnologies.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

b34ea4149903d44dc9c25c5df44521c124a60f2439053770b0c7fe00b2fad48e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';connect-src 'self' .google-analytics.com .analytics.google.com .googletagmanager.com .demdex.net cm.everesttech.net .bing.com wss://.bing.com assets.adobedtm.com;script-src 'self' .googleadservices.com .google.com .googletagmanager.com assets.adobedtm.com connect.facebook.net facebook.com bat.bing.com .demdex.net r.bing.com cm.everesttech.net;frame-src 'self' .demdex.net sdx.microsoft.com;img-src 'self' .fls.doubleclick.net .google-analytics.com .googletagmanager.com googleads.g.doubleclick.net www.google.com facebook.com .demdex.net .bing.com *.microsoft.com cm.everesttech.net assets.adobedtm.com jhfsjhtravel.112.2o7.net;upgrade-insecure-requests;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self';connect-src 'self' *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.demdex.net cm.everesttech.net *.bing.com wss://*.bing.com assets.adobedtm.com;script-src 'self' *.googleadservices.com *.google.com *.googletagmanager.com assets.adobedtm.com connect.facebook.net facebook.com bat.bing.com *.demdex.net r.bing.com cm.everesttech.net;frame-src 'self' *.demdex.net sdx.microsoft.com;img-src 'self' *.fls.doubleclick.net *.google-analytics.com *.googletagmanager.com googleads.g.doubleclick.net www.google.com facebook.com *.demdex.net *.bing.com *.microsoft.com cm.everesttech.net assets.adobedtm.com jhfsjhtravel.112.2o7.net;upgrade-insecure-requests;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Thu, 06 Apr 2023 11:20:14 GMT
X-Permitted-Cross-Domain-Policies: none
Strict-Transport-Security: max-age=15768000 ; includeSubDomains
X-DNS-Prefetch-Control: off
Connection: keep-alive
Content-Length: 3112
X-XSS-Protection: 0
Referrer-Policy: no-referrer
Last-Modified: Wed, 15 Jun 2022 17:15:23 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"1bef-181685cd411"
X-Download-Options: noopen
Expect-CT: max-age=0
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript; charset=UTF-8
Vary: Accept-Encoding
Cache-Control: public, max-age=0
Accept-Ranges: bytes

GET
H2

200

s78543333673988
jhfsjhtravel.112.2o7.net/b/ss/jhfsjhtravel/1/JS-2.22.4-LCUM/
Redirect Chain

https://jhfsjhtravel.112.2o7.net/b/ss/jhfsjhtravel/1/JS-2.22.4-LCUM/s78543333673988?AQB=1&ndh=1&pf=1&t=6%2F3%2F2023%2011%3A20%3A14%204%200&fid=785E5D38453BFD5D-3A33C952188603DA&ce=UTF-8&pageName=jh...
https://jhfsjhtravel.112.2o7.net/b/ss/jhfsjhtravel/1/JS-2.22.4-LCUM/s78543333673988?AQB=1&pccr=true&ndh=1&pf=1&t=6%2F3%2F2023%2011%3A20%3A14%204%200&fid=785E5D38453BFD5D-3A33C952188603DA&ce=UTF-8&p...

43 B
285 B

29ms
29ms

Image
image/gif

13.37.25.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://jhfsjhtravel.112.2o7.net/b/ss/jhfsjhtravel/1/JS-2.22.4-LCUM/s78543333673988?AQB=1&pccr=true&ndh=1&pf=1&t=6%2F3%2F2023%2011%3A20%3A14%204%200&fid=785E5D38453BFD5D-3A33C952188603DA&ce=UTF-8&pageName=jh%3Atr%3A&g=https%3A%2F%2Fwww.johnhancocktravel.com%2F&cc=USD&v52=jh%3Atr%3A&v70=jh%3Atr%3A&v71=https%3A%2F%2Fwww.johnhancocktravel.com%2F&v115=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F111.0.5563.146%20Safari%2F537.36&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1

Protocol

Server

13.37.25.97 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-37-25-97.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Apr 2023 11:20:14 GMT
x-content-type-options: nosniff
last-modified: Fri, 07 Apr 2023 11:20:14 GMT
server: jag
etag: 3609447596394151936-4619383942589016596
vary: *
p3p: CP="This is not a P3P policy"
access-control-allow-origin: *
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0, no-transform, private
content-length: 43
x-xss-protection: 1; mode=block
expires: Wed, 05 Apr 2023 11:20:14 GMT

Redirect headers

pragma: no-cache
date: Thu, 06 Apr 2023 11:20:14 GMT
x-content-type-options: nosniff
last-modified: Fri, 07 Apr 2023 11:20:14 GMT
server: jag
vary: Origin
p3p: CP="This is not a P3P policy"
access-control-allow-origin: *
location: https://jhfsjhtravel.112.2o7.net/b/ss/jhfsjhtravel/1/JS-2.22.4-LCUM/s78543333673988?AQB=1&pccr=true&ndh=1&pf=1&t=6%2F3%2F2023%2011%3A20%3A14%204%200&fid=785E5D38453BFD5D-3A33C952188603DA&ce=UTF-8&pageName=jh%3Atr%3A&g=https%3A%2F%2Fwww.johnhancocktravel.com%2F&cc=USD&v52=jh%3Atr%3A&v70=jh%3Atr%3A&v71=https%3A%2F%2Fwww.johnhancocktravel.com%2F&v115=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F111.0.5563.146%20Safari%2F537.36&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1
content-type: text/plain;charset=utf-8
cache-control: no-cache, no-store, max-age=0, no-transform, private
content-length: 0
x-xss-protection: 1; mode=block
expires: Wed, 05 Apr 2023 11:20:14 GMT

GET
H2 200 RC04a465365ba64dc1ad5168fa63eb4c9b-source.min.js Show response
assets.adobedtm.com/122318bb3e34/1b90b12e34aa/78768ba76059/ 628 B
626 B 37ms
37ms Script
application/x-javascript 2a02:26f0:3500:591::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/122318bb3e34/1b90b12e34aa/78768ba76059/RC04a465365ba64dc1ad5168fa63eb4c9b-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/122318bb3e34/1b90b12e34aa/launch-046391c7a3d0.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: e6661d0eaab446d02fd56cdd1246d320dc55f32fb0037276d4e034e1f46684ef

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 11:20:14 GMT
content-encoding: gzip
last-modified: Thu, 07 Jul 2022 17:40:19 GMT
server: AkamaiNetStorage
etag: "5d4cf948ad75713d4e672da8c16431fb:1657215619.361591"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 380
expires: Thu, 06 Apr 2023 12:20:14 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 132 KB
51 KB 53ms
23ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-803172548

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/122318bb3e34/1b90b12e34aa/launch-046391c7a3d0.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

28e663779867ae3e6ea5cb92b6bcbd8634fe89fe356b7382999efda48452ca57

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 11:20:14 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51813
x-xss-protection: 0
last-modified: Thu, 06 Apr 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 06 Apr 2023 11:20:14 GMT

POST
H/1.1 200
OK pixel_e54b287 Show response
www.johnhancocktravel.com/akam/13/ 0
885 B 86ms
86ms XHR
text/html 23.218.166.70
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.johnhancocktravel.com/akam/13/pixel_e54b287

Requested by

Host: www.johnhancocktravel.com
URL: https://www.johnhancocktravel.com/akam/13/e54b287

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.218.166.70 Munich, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-218-166-70.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Date: Thu, 06 Apr 2023 11:20:14 GMT
Strict-Transport-Security: max-age=15768000 ; includeSubDomains
Connection: keep-alive
Content-Length: 0
Content-Type: text/html

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: truncated
URL: data:truncated

Domain: truncated
URL: data:truncated

Verdicts & Comments Add Verdict or Comment

68 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.johnhancocktravel.com/	1969-12-31 23:59:59	Name: _csrf Value: yZzpAoJUqBbB4-0TVChvZhc3
www.johnhancocktravel.com/	1969-12-31 23:59:59	Name: connect.sid Value: s%3AdId0Pzb9DgQL0EdtowIQcdLMHJedc_S1.x9jVUMVgRdPr2Z9AVArtRNiKMwrHUu0yiZtrLU9Yz0U
.johnhancocktravel.com/	1970-01-20 20:29:00	Name: s_fid Value: 785E5D38453BFD5D-3A33C952188603DA
.johnhancocktravel.com/	1969-12-31 23:59:59	Name: s_cc Value: true
.2o7.net/	1970-01-20 20:29:00	Name: s_vi_fdjx7Ffdxxx7Emzix60 Value: [CS]v4\|321755771A7610C6-40001938A3296A15\|642EAAEE[CE]
.johnhancocktravel.com/	1970-01-20 10:53:07	Name: ak_bmsc Value: 164F151003201C8AA2AA7337B7AB7875~000000000000000000000000000000~YAAQO1oWAi4OOReHAQAAWbVLVhOYgJT4XXOz+edoIGASNNJPOZufcfRU3ovy+rU5gimrP3M8V3rM1anIlaJqdw94zZUjy+0/FM6YEj0KdMd8ty34xxLBUZVOR479AH2HlAHKaU5TZcchSN6yfbE7H7NXAjcWs5BGh5OxJvHqadeV78Y0smiqlgf+5tiuhHM+W37uUCDDZrvPrZLegC7Seu0233wZa3bGW814+RBwzuParqlbRvyKNCz/AZnPIHRTTmgDDU6GJYNL2Q8Zxp0XXZclzIIOlcLtjrvYYl9tDy9E3/PgYmPagumzGx+X3yoFzProcrYoI6WXWP/Ki6kCczUrrbgaKNwTYsjjslLOkDrumZYPizI/p52AI+K7txzDnRqilfahQVpOMa9Jo6i0mnKKwfLhGnVqYC9tZt4v0o/6xo6i+79eoK0zextIrI2OUCQl+g2fiNOGXxUadhOCaq2ophywXL5s7PHcTpw1T3j+AA0kP92MbJapsS2W

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://www.johnhancocktravel.com/ Message: The Content-Security-Policy directive 'script-src-attr' contains the keyword 'none' alongside with other source expressions. The keyword 'none' must be the only source expression in the directive value, otherwise it is ignored.
security	error	URL: https://www.johnhancocktravel.com/ Message: Refused to load the image 'data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAASwAAACWCAYAAABkW7XSAAAAAXNSR0IArs4c6QAAIABJREFUeF7tnXt8VNXV93/rTEICwQAil1AroGhp5DYzgKgVFFBbFQqKKIpahWQSArT61No+7dM3bZ8WrTfuySQIBkRqfVRAfbyBrWhBhTmJgBQtKFpBlIsQCCaZmbPfz9pzYSaZ3ID4zMF1/tKwc2ad79rnN2uvtfYOQS4hIASEgE0IkE3sFDOFgBAQAhDBkkkgBISAbQj8nwuWKim5EMFgfxD1hGFUIxAw8eWX/6DCQss2FMOGqiVL0uH3uxAMXgSlVtG0aR819gwtHW83Hi21Vy1Y0B0pKcMA9CKPZ3ZLf7+p8aqwsA26dx8AYCgsy6Rp095u8ncWLuwEw7gIhuHEnj0P2HFeNvWMdvr3hIKliovPB9ElUKoHAAtEhxAMbgfRP2EYI8jjefpUPKQqKrocRGciL+85PPhgO2RmT...auEkOFgBAQwZI5IASEgG0IiGDZxlViqBAQAiJYMgeEgBCwDQERLNu4SgwVAkJABEvmgBAQArYhIIJlG1eJoUJACIhgyRwQAkLANgREsGzjKjFUCAgBESyZA0JACNiGgAiWbVwlhgoBISCCJXNACAgB2xAQwbKNq8RQISAERLBkDggBIWAbAiJYtnGVGCoEhIAIlswBISAEbENABMs2rhJDhYAQEMGSOSAEhIBtCIhg2cZVYqgQEAIiWDIHhIAQsA0BESzbuEoMFQJCQARL5oAQEAK2ISCCZRtXiaFCQAiIYMkcEAJCwDYERLBs4yoxVAgIAREsmQNCQAjYhoAIlm1cJYYKASEggiVzQAgIAdsQEMGyjavEUCEgBESwZA4IASFgGwIiWLZxlRgqBISACJbMASEgBGxDQATLNq4SQ4WAEBDBkjkgBISAbQiIYNnGVWKoEBACIlgyB4SAELANAREs27hKDBUCQuD/AwKpepZPRxlWAAAAAElFTkSuQmCC' because it violates the following Content Security Policy directive: "img-src 'self' .fls.doubleclick.net .google-analytics.com .googletagmanager.com googleads.g.doubleclick.net www.google.com facebook.com .demdex.net .bing.com .microsoft.com cm.everesttech.net assets.adobedtm.com jhfsjhtravel.112.2o7.net".
security	error	URL: https://www.johnhancocktravel.com/ Message: Refused to load the image 'data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAACGFjVEwAAAABAAAAAcMq2TYAAAANSURBVAiZY2BgYPgPAAEEAQB9ssjfAAAAGmZjVEwAAAAAAAAAAQAAAAEAAAAAAAAAAAD6A+gBAbNU+2sAAAARZmRBVAAAAAEImWNgYGBgAAAABQAB6MzFdgAAAABJRU5ErkJggg==' because it violates the following Content Security Policy directive: "img-src 'self' .fls.doubleclick.net .google-analytics.com .googletagmanager.com googleads.g.doubleclick.net www.google.com facebook.com .demdex.net .bing.com .microsoft.com cm.everesttech.net assets.adobedtm.com jhfsjhtravel.112.2o7.net".
security	error	URL: https://assets.adobedtm.com/122318bb3e34/1b90b12e34aa/launch-046391c7a3d0.min.js(Line 1) Message: Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'nonce-e397bb09a4880910f6f8db7924f0f6af' 'self' .googleadservices.com .google.com .googletagmanager.com assets.adobedtm.com connect.facebook.net facebook.com bat.bing.com .demdex.net r.bing.com cm.everesttech.net". Either the 'unsafe-inline' keyword, a hash ('sha256-OuSJQICM33t8hRtD2223HvHooGB6+QCV2eQ+kho+aIw='), or a nonce ('nonce-...') is required to enable inline execution.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'nonce-e397bb09a4880910f6f8db7924f0f6af' 'self';connect-src 'self' .google-analytics.com .analytics.google.com .googletagmanager.com .demdex.net cm.everesttech.net .bing.com wss://.bing.com assets.adobedtm.com;script-src 'nonce-e397bb09a4880910f6f8db7924f0f6af' 'self' .googleadservices.com .google.com .googletagmanager.com assets.adobedtm.com connect.facebook.net facebook.com bat.bing.com .demdex.net r.bing.com cm.everesttech.net;frame-src 'self' .demdex.net sdx.microsoft.com;img-src 'self' .fls.doubleclick.net .google-analytics.com .googletagmanager.com googleads.g.doubleclick.net www.google.com facebook.com .demdex.net .bing.com *.microsoft.com cm.everesttech.net assets.adobedtm.com jhfsjhtravel.112.2o7.net;upgrade-insecure-requests;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src-attr 'nonce-e397bb09a4880910f6f8db7924f0f6af' 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.adobedtm.com
jhfsjhtravel.112.2o7.net
truncated
use.fontawesome.com
www.googletagmanager.com
www.johnhancocktravel.com
truncated
13.37.25.97
23.218.166.70
2606:4700:e2::ac40:850f
2a00:1450:4001:82f::2008
2a02:26f0:3500:591::1e80
06ef5874dce3d7c33d5ffd189bca826cdb917b64352561297167dcc17b845d36
0dd1a0f12ae5d5d0567627fb94360243c506ca708c1332063c1269d8b890346d
12e7a4c2bd49578fe212f14dd6e6d4aff4fa282e9e4d6bc33c7bab0b3abc64c2
130ba9b22e06342d6fa2ce06d131b0a0033ab184becd181f6c0ca0755dcf02b2
1fe2bb5390a75e5d61e72c107cab528fc3c29a837d69aab7d200e1dbb5dcd239
281fbe58c9d79547f47186abf842de54641ebb57f94e600c0e8b2229f4cfa626
28e663779867ae3e6ea5cb92b6bcbd8634fe89fe356b7382999efda48452ca57
2ec938f32bd00672a6da7e12ddb01363fea5592c739b239d346304a283f60b70
365690660f64c87ecad36962bacce3bb1f810c23697a5d0e52b6a3928ea547ac
375f60243ab99c2bc50ff4ae511faa8457bae022ca74c941aa75bf39d4d6fc22
39be64a0ba71dc35e58852ea1347bf8742b28e123cc7fbb7bf49c75a6fea9c40
3a3e8792e3bfc0ced99ab6b1403c4989a5d12afd305b9b02a17cf87b989e23dd
3b34d9527ec5ca979f8e519099ec9001874f1e8cb8a88070008ec7454f0c8da8
3c37210a335725390c5a17b694191b626b15cdb33635f5fc5ef30a112a54e93c
41d9f7a9cb58af9a5e5aef544a2198551172c2a43a471b46aee6857a61b9c6bd
462a66acbf50e933685e7587e9f1441df8225b2bb4d6b7bc5e757eccf4ff6575
51e2fd255a9adc10679094454f1e26d732454e89ec5c6ce39029e7dcee51ac1f
535ba6ed9422003793065b56d0e763fab2d60fce9ebf1d675692d5b39bc0a025
54a6ba00bbd84f4819b751893af786e492312278de9aa10e61b8ce29f09f0f65
58ee289cc3b0e66d80a8860ab61c78b003b2794a2b01059f5e5a1d6da47e7327
5c36e28c9a7bd864b673e223db7e1934923227536ffbdf871f58b6f09b9ac8c9
5e92ab03190640edfb9979313426abfafbec230fab768df4ed04af7c7369346c
5f15c999a69b36d2fb7ed8bd7edd3e11a19eca38c8d9c8031cae6a281b332d85
61c0376f7a24edbfc10251067f110559b98547ad9f8a0498e82848eec7f16698
6ccb5c39148806897e9e680227bd2a2d9be33278832fe337768c70210b2f743b
6dde612674680d9cd9dacc0778832f0e48fe3c864417bfd60d0d315fe0a318d5
7886e68cae125e02469198038f5a5abea894d2526d1ae6c20505b8268a073872
7e90846efa990cca616457a36dc2564a9b7a2c7552021a38a0ba3740a5e16fa9
8338536908dbf97a2eeaf21a1390f707b867571d222dcf7be3d905e0a882b9aa
842dfdacd537aba61ff5317ba698eaa391cca5be136da5dd897e9dd8a1b257c9
874d9ea203ac292a0f30166f6d1c706e3b766a072f5b4afdc8a5443258a119af
8b209e2366b79d4a7228952bdeee2f7c9f0845d6394e0bc040cc514f3fdf012e
8f054c0c2d694dae199afdf795d4680226c06f6de38849c14c1a30c5f107433b
91a9338a03dab101c956390ff0b85d0cb8f7d554b387278face91a82363d3f49
9219086b4f2c3bf77854b2e06ccd97ad32b9b7a140e65ff8b974a3bae6c7854c
92ad677def892fa914b5a442cfdb7933f3512f09a5c11c6b2bfdbb83ccf1e4b1
971ef9fcb6600d293eb84202d5f28dbc432cf6aa5558575991c468e3c2de4823
9c1b17a04179f8dd742df80f6dffc2abccda645d90e4760583cfa2ff5c10891c
9c652e9d2d91d8834f7a55bc96e8f8eb68962213e4607e7cd31850ae9a24bf13
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a81e930e26cb243f74c64b0ab548606e28a83bc5509e62cb00bd9f726cd34dea
a83079124373d924ad1402fbc08d2e24d0043234d4c26565f1c368745f55f5d9
afea7d0a51eba55bd8d3ad7ebfa0fb6ad9dbd996e230f5f37af8ac8fcf7bbb3b
afeb78c77848adff17299def1146d31508cdc614016b50e616fb7337a91feb54
b02388e81be035549ce9f678c2266da8067fcda46d853b5efcd42565008652b1
b2c43cccdef8d4cbc43fef10346354ec8252b76a10d0717da1654374cda6445c
b2fe3eca9799ae94bf2cca092575e85a1ecd33f7920991b38eb280b334b51d5c
b34ea4149903d44dc9c25c5df44521c124a60f2439053770b0c7fe00b2fad48e
b7fd6bf50ed4a780a1b950ef73fbd7415f77bc314ece9bf19ef2787142312778
b9c6264b8c4973a229cf76880f71217337b49af819c0c1f7868bc17c72494fe1
bdad8e57fa792f363d8b1c797dda9f91ed2c2834f2cd43e46fd52293be479cad
c085df67ce43310d11a78d263d92fd1ce16ea3d52622a23422ed27d1aa154cf6
c088373e36fd880195dc66e94c3f519b47bb625031e94944b8b91ecef1d55989
ca3467342a31c75c088d6058cc48740faf0b2cac0c593bb8a6df4ad2f9adeb36
ccc0ee783158d1ab3ae590ef8c982a827e38e8b82fd121551cdd4c20041fcd1b
ce91e2144ea27f82292ef2c87c5d9e1d0b9994df63836130293865aca18fc550
d618d4869738e0dc22360f0ec0cbb6433257843f24723fac240dda0906685238
db9d6cf3c1c4b047c62f646e7d9991c06a212931c362bf53f9a2406b30f09466
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6661d0eaab446d02fd56cdd1246d320dc55f32fb0037276d4e034e1f46684ef
f37d492cf0f9327059fb29e322dfe7f876371b6508a4dcae386221e358ae9581
f427007a6d6b3e26fed945cd8fa062d538805fab49355bdef1d55c738ad6d997
f4bb5ca3cac09cf26c817d139f27d9e702b5bf05181c7423a67d36d899b9e210
f8d407f58f43e2151c1a38c8423d85f1b6a5f335b6aea2717eb12ddf601df290
f91d6d1509554ad401d10a2b7792151c61f3b1d6d0dad5de4d6cddbefe79c324
fc66f2496afd6a86552e852404bf5cf3fc9a13b2a8dfa1cfc3e28c891439c291

www.johnhancocktravel.com Open in urlscan Pro 23.218.166.70 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

66 Requests

98 %HTTPS

60 %IPv6

6 Domains

6 Subdomains

6 IPs

3 Countries

941 kBTransfer

2293 kBSize

6 Cookies

3 Outgoing links

Redirected requests

66 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.johnhancocktravel.com Open in urlscan Pro
23.218.166.70 Public Scan

Screenshot
Live screenshot

Full Image

66
Requests

98 %
HTTPS

60 %
IPv6

6
Domains

6
Subdomains

6
IPs

3
Countries

941 kB
Transfer

2293 kB
Size

6
Cookies

66 HTTP transactions
2 data transactions