correos.travel.win Open in urlscan Pro
52.0.203.200 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://correos.travel.win/
Submission: On June 09 via api (June 9th 2024, 11:32:55 am UTC) from US — Scanned from DE

Summary HTTP 112 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 22 IPs in 4 countries across 14 domains to perform 112 HTTP transactions. The main IP is 52.0.203.200, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is correos.travel.win.
TLS certificate: Issued by R3 on April 15th 2024. Valid for: 3 months.

This is the only time correos.travel.win was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
36	52.0.203.200 52.0.203.200	14618 (AMAZON-AES) (AMAZON-AES)
1	104.18.10.207 104.18.10.207	13335 (CLOUDFLAR...) (CLOUDFLARENET)
22	2606:4700:310... 2606:4700:3108::ac42:288b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:81c::2008	15169 (GOOGLE) (GOOGLE)
9	2600:9000:275... 2600:9000:275d:6200:14:503f:7d40:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2600:9000:20e... 2600:9000:20eb:d000:5:8133:e80:93a1	16509 (AMAZON-02) (AMAZON-02)
3	3.5.129.145 3.5.129.145	16509 (AMAZON-02) (AMAZON-02)
8	2606:4700:10:... 2606:4700:10::6816:3a5b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f08... 2a03:2880:f084:105:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	18.66.102.11 18.66.102.11	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:264... 2600:9000:2644:3e00:f:1b37:e600:93a1	16509 (AMAZON-02) (AMAZON-02)
2	52.31.17.134 52.31.17.134	16509 (AMAZON-02) (AMAZON-02)
3	2600:9000:276... 2600:9000:2761:5e00:d:4445:fe80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	13.32.27.21 13.32.27.21	16509 (AMAZON-02) (AMAZON-02)
1	18.66.112.79 18.66.112.79	16509 (AMAZON-02) (AMAZON-02)
2	13.225.78.129 13.225.78.129	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1 2	2600:9000:275... 2600:9000:275b:5000:e:d088:5c40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	54.158.164.13 54.158.164.13	14618 (AMAZON-AES) (AMAZON-AES)
5	34.225.5.197 34.225.5.197	14618 (AMAZON-AES) (AMAZON-AES)
3	2600:9000:225... 2600:9000:2251:5600:10:f40e:dd80:21	16509 (AMAZON-02) (AMAZON-02)
112	22

36 52.0.203.200 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-0-203-200.compute-1.amazonaws.com

correos.travel.win	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.10.207 (None, )

ASN13335 (CLOUDFLARENET, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2606:4700:3108::ac42:288b (United States)

ASN13335 (CLOUDFLARENET, US)

media.travsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81c::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2600:9000:275d:6200:14:503f:7d40:93a1 (United States)

ASN16509 (AMAZON-02, US)

siteimages.travel.win	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:20eb:d000:5:8133:e80:93a1 (United States)

ASN16509 (AMAZON-02, US)

images.travel.win	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.5.129.145 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-r-w.us-east-2.amazonaws.com

travelwinimages.s3.us-east-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700:10::6816:3a5b (United States)

ASN13335 (CLOUDFLARENET, US)

cdn-cookieyes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.102.11 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-102-11.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2644:3e00:f:1b37:e600:93a1 (United States)

ASN16509 (AMAZON-02, US)

f12dab486be1.cdn4.forter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.31.17.134 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-17-134.eu-west-1.compute.amazonaws.com

log.cookieyes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2761:5e00:d:4445:fe80:93a1 (United States)

ASN16509 (AMAZON-02, US)

locationimages.travel.win	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.27.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-21.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.79 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-79.fra56.r.cloudfront.net

vc.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.225.78.129 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-129.fra2.r.cloudfront.net

cdn3.forter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:275b:5000:e:d088:5c40:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

cdn9.forter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.158.164.13 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-158-164-13.compute-1.amazonaws.com

92b2e8b72f8441549155b55e7c75d761-f12dab486be1.cdn.forter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.225.5.197 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-225-5-197.compute-1.amazonaws.com

cdn0.forter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2251:5600:10:f40e:dd80:21 (United States)

ASN16509 (AMAZON-02, US)

df45ay5pw60dy.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
52	travel.win correos.travel.win siteimages.travel.win — Cisco Umbrella Rank: 870097 images.travel.win — Cisco Umbrella Rank: 858394 locationimages.travel.win	3 MB
22	travsrv.com media.travsrv.com — Cisco Umbrella Rank: 188116	2 MB
11	forter.com 1 redirects f12dab486be1.cdn4.forter.com — Cisco Umbrella Rank: 350225 cdn3.forter.com — Cisco Umbrella Rank: 4206 cdn9.forter.com — Cisco Umbrella Rank: 5203 92b2e8b72f8441549155b55e7c75d761-f12dab486be1.cdn.forter.com cdn0.forter.com — Cisco Umbrella Rank: 4689	157 KB
8	cdn-cookieyes.com cdn-cookieyes.com — Cisco Umbrella Rank: 8922	78 KB
3	cloudfront.net df45ay5pw60dy.cloudfront.net	840 B
3	amazonaws.com travelwinimages.s3.us-east-2.amazonaws.com — Cisco Umbrella Rank: 907774	11 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 78	251 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 119	3 KB
2	cookieyes.com log.cookieyes.com — Cisco Umbrella Rank: 9855	305 B
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 887 script.hotjar.com — Cisco Umbrella Rank: 1282	59 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 205	71 KB
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2406	256 B
1	hotjar.io vc.hotjar.io — Cisco Umbrella Rank: 3438	232 B
1	bootstrapcdn.com stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 3330	17 KB
112	14

	Domain	Requested by
36	correos.travel.win	correos.travel.win
22	media.travsrv.com	correos.travel.win
9	siteimages.travel.win	correos.travel.win
8	cdn-cookieyes.com	correos.travel.win cdn-cookieyes.com
5	cdn0.forter.com
4	images.travel.win	correos.travel.win
3	df45ay5pw60dy.cloudfront.net
3	locationimages.travel.win	correos.travel.win
3	travelwinimages.s3.us-east-2.amazonaws.com	correos.travel.win
3	www.googletagmanager.com	correos.travel.win www.googletagmanager.com
2	cdn9.forter.com	1 redirects correos.travel.win
2	www.facebook.com	correos.travel.win
2	cdn3.forter.com
2	log.cookieyes.com	cdn-cookieyes.com
2	connect.facebook.net	correos.travel.win connect.facebook.net
1	92b2e8b72f8441549155b55e7c75d761-f12dab486be1.cdn.forter.com
1	region1.google-analytics.com	www.googletagmanager.com
1	vc.hotjar.io	script.hotjar.com
1	script.hotjar.com	static.hotjar.com
1	f12dab486be1.cdn4.forter.com	media.travsrv.com
1	static.hotjar.com	correos.travel.win
1	stackpath.bootstrapcdn.com	correos.travel.win
112	22

This site contains links to these domains. Also see Links.

Domain
www.cookieyes.com
blog.bookingcredits.com
travel.win

Subject Issuer	Validity	Valid
*.travel.win R3	`2024-04-15` - `2024-07-14`	3 months	crt.sh
bootstrapcdn.com GTS CA 1P5	`2024-05-25` - `2024-08-23`	3 months	crt.sh
travsrv.com E5	`2024-06-07` - `2024-09-05`	3 months	crt.sh
*.google-analytics.com WR2	`2024-05-21` - `2024-08-13`	3 months	crt.sh
siteimages.travel.win Amazon RSA 2048 M02	`2023-11-19` - `2024-12-17`	a year	crt.sh
images.travel.win Amazon RSA 2048 M02	`2023-11-18` - `2024-12-16`	a year	crt.sh
*.s3.us-east-2.amazonaws.com Amazon RSA 2048 M01	`2024-02-29` - `2025-02-12`	a year	crt.sh
cdn-cookieyes.com GTS CA 1P5	`2024-05-27` - `2024-08-25`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-03-18` - `2024-06-16`	3 months	crt.sh
*.hotjar.com Amazon RSA 2048 M03	`2024-05-22` - `2025-06-20`	a year	crt.sh
*.cdn4.forter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-28` - `2024-12-15`	a year	crt.sh
log.cookieyes.com Amazon RSA 2048 M02	`2024-03-26` - `2025-04-25`	a year	crt.sh
locationimages.travel.win Amazon RSA 2048 M03	`2023-11-28` - `2024-12-26`	a year	crt.sh
*.hotjar.io Amazon ECDSA 256 M02	`2024-02-07` - `2025-03-08`	a year	crt.sh
cdn3.forter.com GeoTrust TLS RSA CA G1	`2023-06-22` - `2024-07-03`	a year	crt.sh
*.cdn.forter.com DigiCert Global G3 TLS ECC SHA384 2020 CA1	`2023-11-23` - `2024-07-22`	8 months	crt.sh
cdn0.forter.com GeoTrust TLS RSA CA G1	`2023-06-22` - `2024-07-22`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://correos.travel.win/
Frame ID: 163EBBE7EA744CAE739E698B441BDF0D
Requests: 111 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Correos Prepago Viajes - Obtenga hasta un 30% de reembolso después de 30 días al completar su estadía

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Forter (Analytics) Expand

Overall confidence: 100%
Detected patterns

forter\.com

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Moment.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

moment(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

112
Requests

99 %
HTTPS

55 %
IPv6

14
Domains

22
Subdomains

22
IPs

4
Countries

5697 kB
Transfer

7403 kB
Size

13
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://www.cookieyes.com/product/cookie-consent

Search URL Search Domain Scan URL

URL: https://blog.bookingcredits.com/
Title: Blog

Search URL Search Domain Scan URL

URL: https://travel.win/
Title: Travel.win

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 87

https://cdn9.forter.com/vchk2 HTTP 301
https://cdn9.forter.com/vchk2/v1/77bd089969427e7c3f72ba1e18af03bbf9b29b0e7c8d4330bfb5665aebc3c415ac7f4acf641e54e5def640d2ab71

112 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
correos.travel.win/ 122 KB
125 KB 458ms
218ms Document
text/html 52.0.203.200
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://correos.travel.win/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.0.203.200 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-0-203-200.compute-1.amazonaws.com

Software

Resource Hash

b77617a27de4c47bc1ad57f5caa9fed90dfc60a28a86c4fa2873ee9bc0eb41fd

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'nonce-hzzp/p8ClvF1qrZRV3J3A0PR/sbs0az57DtywOVFkhA=' 'unsafe-eval' https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js https://www.googletagmanager.com/gtm.js https://www.googletagmanager.com/gtag/ ajax.cloudflare.com https://ajax.cloudflare.com https://img.ips.ms/gl.js https://www.dwin1.com/19038.js https://script.hotjar.com/* https://script.hotjar.com/ https://connect.facebook.net/en_US/fbevents.js https://cdn.jsdelivr.net/npm/daterangepicker/daterangepicker.min.js https://www.mczbf.com/tags/11157/tag.js https://connect.facebook.net/ https://maps.googleapis.com/ https://checkout-sdk.sezzle.com/checkout.min.js https://gateway.sezzle.com/ https://www.google-analytics.com https://optimize.google.com https://maps.googleapis.com https://maps.gstatic.com https://rum-static.pingdom.net/ https://static.hotjar.com/ https://.forter.com/ https://cdn.quilljs.com/ https://stackpath.bootstrapcdn.com/ .ggpht.com .googleapis.com https://.kaptcha.com https://ncr-front.marketplace.smartlink.valuedynamx.com https://qa-ncr-front.marketplace.smartlink.valuedynamx.com/ https://fonts.googleapis.com https://acsbapp.com/apps/app/dist/js/app.js https://accounts.google.com/* https://accounts.google.com/o/oauth2/auth https://cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/script.js https://cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/banner.js https://cdn-cookieyes.com/client_data/ https://www.paypal.com/ https://js.stripe.com/ https://merchant-ui-api.stripe.com/ https://s3-us-west-2.amazonaws.com
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Security-Policy	frame-ancestors self
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-language: de-DE
content-security-policy: script-src 'self' 'nonce-hzzp/p8ClvF1qrZRV3J3A0PR/sbs0az57DtywOVFkhA=' 'unsafe-eval' https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js https://www.googletagmanager.com/gtm.js https://www.googletagmanager.com/gtag/ ajax.cloudflare.com https://ajax.cloudflare.com https://img.ips.ms/gl.js https://www.dwin1.com/19038.js https://script.hotjar.com/* https://script.hotjar.com/ https://connect.facebook.net/en_US/fbevents.js https://cdn.jsdelivr.net/npm/daterangepicker/daterangepicker.min.js https://www.mczbf.com/tags/11157/tag.js https://connect.facebook.net/ https://maps.googleapis.com/ https://checkout-sdk.sezzle.com/checkout.min.js https://gateway.sezzle.com/ https://www.google-analytics.com https://optimize.google.com https://maps.googleapis.com https://maps.gstatic.com https://rum-static.pingdom.net/ https://static.hotjar.com/ https://*.forter.com/ https://cdn.quilljs.com/ https://stackpath.bootstrapcdn.com/ *.ggpht.com *.googleapis.com https://*.kaptcha.com https://ncr-front.marketplace.smartlink.valuedynamx.com https://qa-ncr-front.marketplace.smartlink.valuedynamx.com/ https://fonts.googleapis.com https://acsbapp.com/apps/app/dist/js/app.js https://accounts.google.com/* https://accounts.google.com/o/oauth2/auth https://cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/script.js https://cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/banner.js https://cdn-cookieyes.com/client_data/ https://www.paypal.com/ https://js.stripe.com/ https://merchant-ui-api.stripe.com/ https://s3-us-west-2.amazonaws.com
content-type: text/html;charset=UTF-8
date: Sun, 09 Jun 2024 11:32:44 GMT
expires: 0
permissions-policy: geolocation=(self)
pragma: no-cache
referrer-policy: no-referrer
strict-transport-security: max-age=31536000 ; includeSubDomains
x-content-security-policy: frame-ancestors self
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 typeahead.css
correos.travel.win/css/ 2 KB
4 KB 468ms
459ms Stylesheet
text/css 52.0.203.200
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://correos.travel.win/css/typeahead.css

Requested by

Host: correos.travel.win
URL: https://correos.travel.win/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.0.203.200 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-0-203-200.compute-1.amazonaws.com

Software

Resource Hash

64590714ae9c85f00eaf0fe3bf3d108a4940a6e1ffc89e63a15c851de91c1911

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'nonce-VS13bKRrIWFQanz4fp5B55SFmqCfmz0CN+kifAXQlnI=' 'unsafe-eval' https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js https://www.googletagmanager.com/gtm.js https://www.googletagmanager.com/gtag/ ajax.cloudflare.com https://ajax.cloudflare.com https://img.ips.ms/gl.js https://www.dwin1.com/19038.js https://script.hotjar.com/* https://script.hotjar.com/ https://connect.facebook.net/en_US/fbevents.js https://cdn.jsdelivr.net/npm/daterangepicker/daterangepicker.min.js https://www.mczbf.com/tags/11157/tag.js https://connect.facebook.net/ https://maps.googleapis.com/ https://checkout-sdk.sezzle.com/checkout.min.js https://gateway.sezzle.com/ https://www.google-analytics.com https://optimize.google.com https://maps.googleapis.com https://maps.gstatic.com https://rum-static.pingdom.net/ https://static.hotjar.com/ https://.forter.com/ https://cdn.quilljs.com/ https://stackpath.bootstrapcdn.com/ .ggpht.com .googleapis.com https://.kaptcha.com https://ncr-front.marketplace.smartlink.valuedynamx.com https://qa-ncr-front.marketplace.smartlink.valuedynamx.com/ https://fonts.googleapis.com https://acsbapp.com/apps/app/dist/js/app.js https://accounts.google.com/* https://accounts.google.com/o/oauth2/auth https://cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/script.js https://cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/banner.js https://cdn-cookieyes.com/client_data/ https://www.paypal.com/ https://js.stripe.com/ https://merchant-ui-api.stripe.com/ https://s3-us-west-2.amazonaws.com
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Security-Policy	frame-ancestors self
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-content-security-policy: frame-ancestors self
date: Sun, 09 Jun 2024 11:32:44 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
x-content-type-options: nosniff
content-security-policy: script-src 'self' 'nonce-VS13bKRrIWFQanz4fp5B55SFmqCfmz0CN+kifAXQlnI=' 'unsafe-eval' https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js https://www.googletagmanager.com/gtm.js https://www.googletagmanager.com/gtag/ ajax.cloudflare.com https://ajax.cloudflare.com https://img.ips.ms/gl.js https://www.dwin1.com/19038.js https://script.hotjar.com/* https://script.hotjar.com/ https://connect.facebook.net/en_US/fbevents.js https://cdn.jsdelivr.net/npm/daterangepicker/daterangepicker.min.js https://www.mczbf.com/tags/11157/tag.js https://connect.facebook.net/ https://maps.googleapis.com/ https://checkout-sdk.sezzle.com/checkout.min.js https://gateway.sezzle.com/ https://www.google-analytics.com https://optimize.google.com https://maps.googleapis.com https://maps.gstatic.com https://rum-static.pingdom.net/ https://static.hotjar.com/ https://*.forter.com/ https://cdn.quilljs.com/ https://stackpath.bootstrapcdn.com/ *.ggpht.com *.googleapis.com https://*.kaptcha.com https://ncr-front.marketplace.smartlink.valuedynamx.com https://qa-ncr-front.marketplace.smartlink.valuedynamx.com/ https://fonts.googleapis.com https://acsbapp.com/apps/app/dist/js/app.js https://accounts.google.com/* https://accounts.google.com/o/oauth2/auth https://cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/script.js https://cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/banner.js https://cdn-cookieyes.com/client_data/ https://www.paypal.com/ https://js.stripe.com/ https://merchant-ui-api.stripe.com/ https://s3-us-west-2.amazonaws.com
content-length: 1877
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: no-referrer
last-modified: Fri, 07 Jun 2024 16:19:42 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: text/css
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: geolocation=(self)
accept-ranges: bytes
expires: 0

GET
H2 200 home.css
correos.travel.win/css/ 7 KB
9 KB 467ms
458ms Stylesheet
text/css 52.0.203.200
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://correos.travel.win/css/home.css

Requested by

Host: correos.travel.win
URL: https://correos.travel.win/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.0.203.200 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-0-203-200.compute-1.amazonaws.com

Software

Resource Hash

5df004c01f0dc584b8b7242b4f252c726ed0f6948e2e594a3e09dfdea4e79999

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'nonce-4I7wIb/yaVYZb7QJOrtIB6X4JWtmZuCgb6Cc3AhdsvU=' 'unsafe-eval' https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js https://www.googletagmanager.com/gtm.js https://www.googletagmanager.com/gtag/ ajax.cloudflare.com https://ajax.cloudflare.com https://img.ips.ms/gl.js https://www.dwin1.com/19038.js https://script.hotjar.com/* https://script.hotjar.com/ https://connect.facebook.net/en_US/fbevents.js https://cdn.jsdelivr.net/npm/daterangepicker/daterangepicker.min.js https://www.mczbf.com/tags/11157/tag.js https://connect.facebook.net/ https://maps.googleapis.com/ https://checkout-sdk.sezzle.com/checkout.min.js https://gateway.sezzle.com/ https://www.google-analytics.com https://optimize.google.com https://maps.googleapis.com https://maps.gstatic.com https://rum-static.pingdom.net/ https://static.hotjar.com/ https://.forter.com/ https://cdn.quilljs.com/ https://stackpath.bootstrapcdn.com/ .ggpht.com .googleapis.com https://.kaptcha.com https://ncr-front.marketplace.smartlink.valuedynamx.com https://qa-ncr-front.marketplace.smartlink.valuedynamx.com/ https://fonts.googleapis.com https://acsbapp.com/apps/app/dist/js/app.js https://accounts.google.com/* https://accounts.google.com/o/oauth2/auth https://cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/script.js https://cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/banner.js https://cdn-cookieyes.com/client_data/ https://www.paypal.com/ https://js.stripe.com/ https://merchant-ui-api.stripe.com/ https://s3-us-west-2.amazonaws.com
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Security-Policy	frame-ancestors self
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-content-security-policy: frame-ancestors self
date: Sun, 09 Jun 2024 11:32:44 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
x-content-type-options: nosniff
content-security-policy: script-src 'self' 'nonce-4I7wIb/yaVYZb7QJOrtIB6X4JWtmZuCgb6Cc3AhdsvU=' 'unsafe-eval' https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js https://www.googletagmanager.com/gtm.js https://www.googletagmanager.com/gtag/ ajax.cloudflare.com https://ajax.cloudflare.com https://img.ips.ms/gl.js https://www.dwin1.com/19038.js https://script.hotjar.com/* https://script.hotjar.com/ https://connect.facebook.net/en_US/fbevents.js https://cdn.jsdelivr.net/npm/daterangepicker/daterangepicker.min.js https://www.mczbf.com/tags/11157/tag.js https://connect.facebook.net/ https://maps.googleapis.com/ https://checkout-sdk.sezzle.com/checkout.min.js https://gateway.sezzle.com/ https://www.google-analytics.com https://optimize.google.com https://maps.googleapis.com https://maps.gstatic.com https://rum-static.pingdom.net/ https://static.hotjar.com/ https://*.forter.com/ https://cdn.quilljs.com/ https://stackpath.bootstrapcdn.com/ *.ggpht.com *.googleapis.com https://*.kaptcha.com https://ncr-front.marketplace.smartlink.valuedynamx.com https://qa-ncr-front.marketplace.smartlink.valuedynamx.com/ https://fonts.googleapis.com https://acsbapp.com/apps/app/dist/js/app.js https://accounts.google.com/* https://accounts.google.com/o/oauth2/auth https://cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/script.js https://cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/banner.js https://cdn-cookieyes.com/client_data/ https://www.paypal.com/ https://js.stripe.com/ https://merchant-ui-api.stripe.com/ https://s3-us-west-2.amazonaws.com
content-length: 7435
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: no-referrer
last-modified: Fri, 07 Jun 2024 16:19:42 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: text/css
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: geolocation=(self)
accept-ranges: bytes
expires: 0

GET
H2 200 queryModule.css
correos.travel.win/css/ 4 KB
6 KB 468ms
460ms Stylesheet
text/css 52.0.203.200
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://correos.travel.win/css/queryModule.css

Requested by

Host: correos.travel.win
URL: https://correos.travel.win/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.0.203.200 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-0-203-200.compute-1.amazonaws.com

Software

Resource Hash

9703c6099c7745538767834b9873e6ebb3f314ce467aa761132e4af2f85b9a91

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'nonce-bH1q+5ZVC58lYVlIQ8iVuDVXL/npygpKO8upvsbsNrs=' 'unsafe-eval' https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js https://www.googletagmanager.com/gtm.js https://www.googletagmanager.com/gtag/ ajax.cloudflare.com https://ajax.cloudflare.com https://img.ips.ms/gl.js https://www.dwin1.com/19038.js https://script.hotjar.com/* https://script.hotjar.com/ https://connect.facebook.net/en_US/fbevents.js https://cdn.jsdelivr.net/npm/daterangepicker/daterangepicker.min.js https://www.mczbf.com/tags/11157/tag.js https://connect.facebook.net/ https://maps.googleapis.com/ https://checkout-sdk.sezzle.com/checkout.min.js https://gateway.sezzle.com/ https://www.google-analytics.com https://optimize.google.com https://maps.googleapis.com https://maps.gstatic.com https://rum-static.pingdom.net/ https://static.hotjar.com/ https://.forter.com/ https://cdn.quilljs.com/ https://stackpath.bootstrapcdn.com/ .ggpht.com .googleapis.com https://.kaptcha.com https://ncr-front.marketplace.smartlink.valuedynamx.com https://qa-ncr-front.marketplace.smartlink.valuedynamx.com/ https://fonts.googleapis.com https://acsbapp.com/apps/app/dist/js/app.js https://accounts.google.com/* https://accounts.google.com/o/oauth2/auth https://cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/script.js https://cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/banner.js https://cdn-cookieyes.com/client_data/ https://www.paypal.com/ https://js.stripe.com/ https://merchant-ui-api.stripe.com/ https://s3-us-west-2.amazonaws.com
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Security-Policy	frame-ancestors self
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-content-security-policy: frame-ancestors self
date: Sun, 09 Jun 2024 11:32:44 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
x-content-type-options: nosniff
content-security-policy: script-src 'self' 'nonce-bH1q+5ZVC58lYVlIQ8iVuDVXL/npygpKO8upvsbsNrs=' 'unsafe-eval' https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js https://www.googletagmanager.com/gtm.js https://www.googletagmanager.com/gtag/ ajax.cloudflare.com https://ajax.cloudflare.com https://img.ips.ms/gl.js https://www.dwin1.com/19038.js https://script.hotjar.com/* https://script.hotjar.com/ https://connect.facebook.net/en_US/fbevents.js https://cdn.jsdelivr.net/npm/daterangepicker/daterangepicker.min.js https://www.mczbf.com/tags/11157/tag.js https://connect.facebook.net/ https://maps.googleapis.com/ https://checkout-sdk.sezzle.com/checkout.min.js https://gateway.sezzle.com/ https://www.google-analytics.com https://optimize.google.com https://maps.googleapis.com https://maps.gstatic.com https://rum-static.pingdom.net/ https://static.hotjar.com/ https://*.forter.com/ https://cdn.quilljs.com/ https://stackpath.bootstrapcdn.com/ *.ggpht.com *.googleapis.com https://*.kaptcha.com https://ncr-front.marketplace.smartlink.valuedynamx.com https://qa-ncr-front.marketplace.smartlink.valuedynamx.com/ https://fonts.googleapis.com https://acsbapp.com/apps/app/dist/js/app.js https://accounts.google.com/* https://accounts.google.com/o/oauth2/auth https://cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/script.js https://cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/banner.js https://cdn-cookieyes.com/client_data/ https://www.paypal.com/ https://js.stripe.com/ https://merchant-ui-api.stripe.com/ https://s3-us-west-2.amazonaws.com
content-length: 4080
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: no-referrer
last-modified: Fri, 07 Jun 2024 16:19:42 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: text/css
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: geolocation=(self)
accept-ranges: bytes
expires: 0

GET
H2 200 daterangepicker.css
correos.travel.win/css/ 7 KB
9 KB 468ms
459ms Stylesheet
text/css 52.0.203.200
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://correos.travel.win/css/daterangepicker.css

Requested by

Host: correos.travel.win
URL: https://correos.travel.win/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.0.203.200 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-0-203-200.compute-1.amazonaws.com

Software

Resource Hash

f5ef4c7e64475909a9e32315f91f5cc5753af998f3076c7e61c1386752a6b9a8

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'nonce-T9kNXdGl3C+kJqBVmn6GPt6jSJOnU8KkGmIk+lPEVS0=' 'unsafe-eval' https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js https://www.googletagmanager.com/gtm.js https://www.googletagmanager.com/gtag/ ajax.cloudflare.com https://ajax.cloudflare.com https://img.ips.ms/gl.js https://www.dwin1.com/19038.js https://script.hotjar.com/* https://script.hotjar.com/ https://connect.facebook.net/en_US/fbevents.js https://cdn.jsdelivr.net/npm/daterangepicker/daterangepicker.min.js https://www.mczbf.com/tags/11157/tag.js https://connect.facebook.net/ https://maps.googleapis.com/ https://checkout-sdk.sezzle.com/checkout.min.js https://gateway.sezzle.com/ https://www.google-analytics.com https://optimize.google.com https://maps.googleapis.com https://maps.gstatic.com https://rum-static.pingdom.net/ https://static.hotjar.com/ https://.forter.com/ https://cdn.quilljs.com/ https://stackpath.bootstrapcdn.com/ .ggpht.com .googleapis.com https://.kaptcha.com https://ncr-front.marketplace.smartlink.valuedynamx.com https://qa-ncr-front.marketplace.smartlink.valuedynamx.com/ https://fonts.googleapis.com https://acsbapp.com/apps/app/dist/js/app.js https://accounts.google.com/* https://accounts.google.com/o/oauth2/auth https://cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/script.js https://cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/banner.js https://cdn-cookieyes.com/client_data/ https://www.paypal.com/ https://js.stripe.com/ https://merchant-ui-api.stripe.com/ https://s3-us-west-2.amazonaws.com
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Security-Policy	frame-ancestors self
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-content-security-policy: frame-ancestors self
date: Sun, 09 Jun 2024 11:32:44 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
x-content-type-options: nosniff
content-security-policy: script-src 'self' 'nonce-T9kNXdGl3C+kJqBVmn6GPt6jSJOnU8KkGmIk+lPEVS0=' 'unsafe-eval' https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js https://www.googletagmanager.com/gtm.js https://www.googletagmanager.com/gtag/ ajax.cloudflare.com https://ajax.cloudflare.com https://img.ips.ms/gl.js https://www.dwin1.com/19038.js https://script.hotjar.com/* https://script.hotjar.com/ https://connect.facebook.net/en_US/fbevents.js https://cdn.jsdelivr.net/npm/daterangepicker/daterangepicker.min.js https://www.mczbf.com/tags/11157/tag.js https://connect.facebook.net/ https://maps.googleapis.com/ https://checkout-sdk.sezzle.com/checkout.min.js https://gateway.sezzle.com/ https://www.google-analytics.com https://optimize.google.com https://maps.googleapis.com https://maps.gstatic.com https://rum-static.pingdom.net/ https://static.hotjar.com/ https://*.forter.com/ https://cdn.quilljs.com/ https://stackpath.bootstrapcdn.com/ *.ggpht.com *.googleapis.com https://*.kaptcha.com https://ncr-front.marketplace.smartlink.valuedynamx.com https://qa-ncr-front.marketplace.smartlink.valuedynamx.com/ https://fonts.googleapis.com https://acsbapp.com/apps/app/dist/js/app.js https://accounts.google.com/* https://accounts.google.com/o/oauth2/auth https://cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/script.js https://cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/banner.js https://cdn-cookieyes.com/client_data/ https://www.paypal.com/ https://js.stripe.com/ https://merchant-ui-api.stripe.com/ https://s3-us-west-2.amazonaws.com
content-length: 7659
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: no-referrer
last-modified: Fri, 07 Jun 2024 16:19:42 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: text/css
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: geolocation=(self)
accept-ranges: bytes
expires: 0

GET
H2 200 lazyLoadCarousel.css
correos.travel.win/css/ 563 B
2 KB 549ms
540ms Stylesheet
text/css 52.0.203.200
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://correos.travel.win/css/lazyLoadCarousel.css

Requested by

Host: correos.travel.win
URL: https://correos.travel.win/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.0.203.200 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-0-203-200.compute-1.amazonaws.com

Software

Resource Hash

05d793a967b8fb9821fd185840a8fdaa509bc029b1224427a4f4470dabc3b643

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'nonce-nfdpLLRZ1KYmR6tXjf8pcxGSgrse70SJpQ86ThNuVLg=' 'unsafe-eval' https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js https://www.googletagmanager.com/gtm.js https://www.googletagmanager.com/gtag/ ajax.cloudflare.com https://ajax.cloudflare.com https://img.ips.ms/gl.js https://www.dwin1.com/19038.js https://script.hotjar.com/* https://script.hotjar.com/ https://connect.facebook.net/en_US/fbevents.js https://cdn.jsdelivr.net/npm/daterangepicker/daterangepicker.min.js https://www.mczbf.com/tags/11157/tag.js https://connect.facebook.net/ https://maps.googleapis.com/ https://checkout-sdk.sezzle.com/checkout.min.js https://gateway.sezzle.com/ https://www.google-analytics.com https://optimize.google.com https://maps.googleapis.com https://maps.gstatic.com https://rum-static.pingdom.net/ https://static.hotjar.com/ https://.forter.com/ https://cdn.quilljs.com/ https://stackpath.bootstrapcdn.com/ .ggpht.com .googleapis.com https://.kaptcha.com https://ncr-front.marketplace.smartlink.valuedynamx.com https://qa-ncr-front.marketplace.smartlink.valuedynamx.com/ https://fonts.googleapis.com https://acsbapp.com/apps/app/dist/js/app.js https://accounts.google.com/* https://accounts.google.com/o/oauth2/auth https://cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/script.js https://cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/banner.js https://cdn-cookieyes.com/client_data/ https://www.paypal.com/ https://js.stripe.com/ https://merchant-ui-api.stripe.com/ https://s3-us-west-2.amazonaws.com
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Security-Policy	frame-ancestors self
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-content-security-policy: frame-ancestors self
date: Sun, 09 Jun 2024 11:32:44 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
x-content-type-options: nosniff
content-security-policy: script-src 'self' 'nonce-nfdpLLRZ1KYmR6tXjf8pcxGSgrse70SJpQ86ThNuVLg=' 'unsafe-eval' https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js https://www.googletagmanager.com/gtm.js https://www.googletagmanager.com/gtag/ ajax.cloudflare.com https://ajax.cloudflare.com https://img.ips.ms/gl.js https://www.dwin1.com/19038.js https://script.hotjar.com/* https://script.hotjar.com/ https://connect.facebook.net/en_US/fbevents.js https://cdn.jsdelivr.net/npm/daterangepicker/daterangepicker.min.js https://www.mczbf.com/tags/11157/tag.js https://connect.facebook.net/ https://maps.googleapis.com/ https://checkout-sdk.sezzle.com/checkout.min.js https://gateway.sezzle.com/ https://www.google-analytics.com https://optimize.google.com https://maps.googleapis.com https://maps.gstatic.com https://rum-static.pingdom.net/ https://static.hotjar.com/ https://*.forter.com/ https://cdn.quilljs.com/ https://stackpath.bootstrapcdn.com/ *.ggpht.com *.googleapis.com https://*.kaptcha.com https://ncr-front.marketplace.smartlink.valuedynamx.com https://qa-ncr-front.marketplace.smartlink.valuedynamx.com/ https://fonts.googleapis.com https://acsbapp.com/apps/app/dist/js/app.js https://accounts.google.com/* https://accounts.google.com/o/oauth2/auth https://cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/script.js https://cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/banner.js https://cdn-cookieyes.com/client_data/ https://www.paypal.com/ https://js.stripe.com/ https://merchant-ui-api.stripe.com/ https://s3-us-west-2.amazonaws.com
content-length: 563
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: no-referrer
last-modified: Fri, 07 Jun 2024 16:19:42 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: text/css
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: geolocation=(self)
accept-ranges: bytes
expires: 0

GET
H2 200 bootstrap-datepicker.css
correos.travel.win/css/ 32 KB
34 KB 549ms
541ms Stylesheet
text/css 52.0.203.200
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://correos.travel.win/css/bootstrap-datepicker.css

Requested by

Host: correos.travel.win
URL: https://correos.travel.win/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.0.203.200 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-0-203-200.compute-1.amazonaws.com

Software

Resource Hash

da7736997c748b673901a8b311a8aa6e91e7538019161990a660a6cf720f0134

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'nonce-b1TxbvsGgqAaVBp4/4ajFOiywOlOI3GTe0Yo7GjyQ6Y=' 'unsafe-eval' https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js https://www.googletagmanager.com/gtm.js https://www.googletagmanager.com/gtag/ ajax.cloudflare.com https://ajax.cloudflare.com https://img.ips.ms/gl.js https://www.dwin1.com/19038.js https://script.hotjar.com/* https://script.hotjar.com/ https://connect.facebook.net/en_US/fbevents.js https://cdn.jsdelivr.net/npm/daterangepicker/daterangepicker.min.js https://www.mczbf.com/tags/11157/tag.js https://connect.facebook.net/ https://maps.googleapis.com/ https://checkout-sdk.sezzle.com/checkout.min.js https://gateway.sezzle.com/ https://www.google-analytics.com https://optimize.google.com https://maps.googleapis.com https://maps.gstatic.com https://rum-static.pingdom.net/ https://static.hotjar.com/ https://.forter.com/ https://cdn.quilljs.com/ https://stackpath.bootstrapcdn.com/ .ggpht.com .googleapis.com https://.kaptcha.com https://ncr-front.marketplace.smartlink.valuedynamx.com https://qa-ncr-front.marketplace.smartlink.valuedynamx.com/ https://fonts.googleapis.com https://acsbapp.com/apps/app/dist/js/app.js https://accounts.google.com/* https://accounts.google.com/o/oauth2/auth https://cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/script.js https://cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/banner.js https://cdn-cookieyes.com/client_data/ https://www.paypal.com/ https://js.stripe.com/ https://merchant-ui-api.stripe.com/ https://s3-us-west-2.amazonaws.com
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Security-Policy	frame-ancestors self
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-content-security-policy: frame-ancestors self
date: Sun, 09 Jun 2024 11:32:44 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
x-content-type-options: nosniff
content-security-policy: script-src 'self' 'nonce-b1TxbvsGgqAaVBp4/4ajFOiywOlOI3GTe0Yo7GjyQ6Y=' 'unsafe-eval' https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js https://www.googletagmanager.com/gtm.js https://www.googletagmanager.com/gtag/ ajax.cloudflare.com https://ajax.cloudflare.com https://img.ips.ms/gl.js https://www.dwin1.com/19038.js https://script.hotjar.com/* https://script.hotjar.com/ https://connect.facebook.net/en_US/fbevents.js https://cdn.jsdelivr.net/npm/daterangepicker/daterangepicker.min.js https://www.mczbf.com/tags/11157/tag.js https://connect.facebook.net/ https://maps.googleapis.com/ https://checkout-sdk.sezzle.com/checkout.min.js https://gateway.sezzle.com/ https://www.google-analytics.com https://optimize.google.com https://maps.googleapis.com https://maps.gstatic.com https://rum-static.pingdom.net/ https://static.hotjar.com/ https://*.forter.com/ https://cdn.quilljs.com/ https://stackpath.bootstrapcdn.com/ *.ggpht.com *.googleapis.com https://*.kaptcha.com https://ncr-front.marketplace.smartlink.valuedynamx.com https://qa-ncr-front.marketplace.smartlink.valuedynamx.com/ https://fonts.googleapis.com https://acsbapp.com/apps/app/dist/js/app.js https://accounts.google.com/* https://accounts.google.com/o/oauth2/auth https://cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/script.js https://cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/banner.js https://cdn-cookieyes.com/client_data/ https://www.paypal.com/ https://js.stripe.com/ https://merchant-ui-api.stripe.com/ https://s3-us-west-2.amazonaws.com
content-length: 32846
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: no-referrer
last-modified: Fri, 07 Jun 2024 16:19:42 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: text/css
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: geolocation=(self)
accept-ranges: bytes
expires: 0

GET
H2 200 crossSellTemplate2.css
correos.travel.win/css/ 726 B
3 KB 550ms
542ms Stylesheet
text/css 52.0.203.200
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://correos.travel.win/css/crossSellTemplate2.css

Requested by

Host: correos.travel.win
URL: https://correos.travel.win/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.0.203.200 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-0-203-200.compute-1.amazonaws.com

Software

Resource Hash

ebd9e2e9c503d4bb62b9ffc193a207bfae08dc5bfbfa676e6af034f1731b3282

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'nonce-wt+/dTY+FDe1tOWSt8dCiMjtNIeNoGyDHW7y6QdwB7w=' 'unsafe-eval' https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js https://www.googletagmanager.com/gtm.js https://www.googletagmanager.com/gtag/ ajax.cloudflare.com https://ajax.cloudflare.com https://img.ips.ms/gl.js https://www.dwin1.com/19038.js https://script.hotjar.com/* https://script.hotjar.com/ https://connect.facebook.net/en_US/fbevents.js https://cdn.jsdelivr.net/npm/daterangepicker/daterangepicker.min.js https://www.mczbf.com/tags/11157/tag.js https://connect.facebook.net/ https://maps.googleapis.com/ https://checkout-sdk.sezzle.com/checkout.min.js https://gateway.sezzle.com/ https://www.google-analytics.com https://optimize.google.com https://maps.googleapis.com https://maps.gstatic.com https://rum-static.pingdom.net/ https://static.hotjar.com/ https://.forter.com/ https://cdn.quilljs.com/ https://stackpath.bootstrapcdn.com/ .ggpht.com .googleapis.com https://.kaptcha.com https://ncr-front.marketplace.smartlink.valuedynamx.com https://qa-ncr-front.marketplace.smartlink.valuedynamx.com/ https://fonts.googleapis.com https://acsbapp.com/apps/app/dist/js/app.js https://accounts.google.com/* https://accounts.google.com/o/oauth2/auth https://cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/script.js https://cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/banner.js https://cdn-cookieyes.com/client_data/ https://www.paypal.com/ https://js.stripe.com/ https://merchant-ui-api.stripe.com/ https://s3-us-west-2.amazonaws.com
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Security-Policy	frame-ancestors self
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-content-security-policy: frame-ancestors self
date: Sun, 09 Jun 2024 11:32:44 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
x-content-type-options: nosniff
content-security-policy: script-src 'self' 'nonce-wt+/dTY+FDe1tOWSt8dCiMjtNIeNoGyDHW7y6QdwB7w=' 'unsafe-eval' https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js https://www.googletagmanager.com/gtm.js https://www.googletagmanager.com/gtag/ ajax.cloudflare.com https://ajax.cloudflare.com https://img.ips.ms/gl.js https://www.dwin1.com/19038.js https://script.hotjar.com/* https://script.hotjar.com/ https://connect.facebook.net/en_US/fbevents.js https://cdn.jsdelivr.net/npm/daterangepicker/daterangepicker.min.js https://www.mczbf.com/tags/11157/tag.js https://connect.facebook.net/ https://maps.googleapis.com/ https://checkout-sdk.sezzle.com/checkout.min.js https://gateway.sezzle.com/ https://www.google-analytics.com https://optimize.google.com https://maps.googleapis.com https://maps.gstatic.com https://rum-static.pingdom.net/ https://static.hotjar.com/ https://*.forter.com/ https://cdn.quilljs.com/ https://stackpath.bootstrapcdn.com/ *.ggpht.com *.googleapis.com https://*.kaptcha.com https://ncr-front.marketplace.smartlink.valuedynamx.com https://qa-ncr-front.marketplace.smartlink.valuedynamx.com/ https://fonts.googleapis.com https://acsbapp.com/apps/app/dist/js/app.js https://accounts.google.com/* https://accounts.google.com/o/oauth2/auth https://cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/script.js https://cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/banner.js https://cdn-cookieyes.com/client_data/ https://www.paypal.com/ https://js.stripe.com/ https://merchant-ui-api.stripe.com/ https://s3-us-west-2.amazonaws.com
content-length: 726
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: no-referrer
last-modified: Fri, 07 Jun 2024 16:19:42 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: text/css
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: geolocation=(self)
accept-ranges: bytes
expires: 0

GET
H2 200 crossSellTemplate2.js Show response
correos.travel.win/js/ 6 KB
8 KB 551ms
543ms Script
application/javascript 52.0.203.200
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://correos.travel.win/js/crossSellTemplate2.js

Requested by

Host: correos.travel.win
URL: https://correos.travel.win/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.0.203.200 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-0-203-200.compute-1.amazonaws.com

Software

Resource Hash

8251256b2c78cd1ea4bfd33247451aeee36843dc9d4f7fd4a29783338c061971

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'nonce-v/gAxItcRTzqLLJoqTc3Id8aLxOrUSe0BYhSZY6qWTc=' 'unsafe-eval' https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js https://www.googletagmanager.com/gtm.js https://www.googletagmanager.com/gtag/ ajax.cloudflare.com https://ajax.cloudflare.com https://img.ips.ms/gl.js https://www.dwin1.com/19038.js https://script.hotjar.com/* https://script.hotjar.com/ https://connect.facebook.net/en_US/fbevents.js https://cdn.jsdelivr.net/npm/daterangepicker/daterangepicker.min.js https://www.mczbf.com/tags/11157/tag.js https://connect.facebook.net/ https://maps.googleapis.com/ https://checkout-sdk.sezzle.com/checkout.min.js https://gateway.sezzle.com/ https://www.google-analytics.com https://optimize.google.com https://maps.googleapis.com https://maps.gstatic.com https://rum-static.pingdom.net/ https://static.hotjar.com/ https://.forter.com/ https://cdn.quilljs.com/ https://stackpath.bootstrapcdn.com/ .ggpht.com .googleapis.com https://.kaptcha.com https://ncr-front.marketplace.smartlink.valuedynamx.com https://qa-ncr-front.marketplace.smartlink.valuedynamx.com/ https://fonts.googleapis.com https://acsbapp.com/apps/app/dist/js/app.js https://accounts.google.com/* https://accounts.google.com/o/oauth2/auth https://cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/script.js https://cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/banner.js https://cdn-cookieyes.com/client_data/ https://www.paypal.com/ https://js.stripe.com/ https://merchant-ui-api.stripe.com/ https://s3-us-west-2.amazonaws.com
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Security-Policy	frame-ancestors self
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-content-security-policy: frame-ancestors self
date: Sun, 09 Jun 2024 11:32:44 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
x-content-type-options: nosniff
content-security-policy: script-src 'self' 'nonce-v/gAxItcRTzqLLJoqTc3Id8aLxOrUSe0BYhSZY6qWTc=' 'unsafe-eval' https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js https://www.googletagmanager.com/gtm.js https://www.googletagmanager.com/gtag/ ajax.cloudflare.com https://ajax.cloudflare.com https://img.ips.ms/gl.js https://www.dwin1.com/19038.js https://script.hotjar.com/* https://script.hotjar.com/ https://connect.facebook.net/en_US/fbevents.js https://cdn.jsdelivr.net/npm/daterangepicker/daterangepicker.min.js https://www.mczbf.com/tags/11157/tag.js https://connect.facebook.net/ https://maps.googleapis.com/ https://checkout-sdk.sezzle.com/checkout.min.js https://gateway.sezzle.com/ https://www.google-analytics.com https://optimize.google.com https://maps.googleapis.com https://maps.gstatic.com https://rum-static.pingdom.net/ https://static.hotjar.com/ https://*.forter.com/ https://cdn.quilljs.com/ https://stackpath.bootstrapcdn.com/ *.ggpht.com *.googleapis.com https://*.kaptcha.com https://ncr-front.marketplace.smartlink.valuedynamx.com https://qa-ncr-front.marketplace.smartlink.valuedynamx.com/ https://fonts.googleapis.com https://acsbapp.com/apps/app/dist/js/app.js https://accounts.google.com/* https://accounts.google.com/o/oauth2/auth https://cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/script.js https://cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/banner.js https://cdn-cookieyes.com/client_data/ https://www.paypal.com/ https://js.stripe.com/ https://merchant-ui-api.stripe.com/ https://s3-us-west-2.amazonaws.com
content-length: 6095
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: no-referrer
last-modified: Fri, 07 Jun 2024 16:19:42 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: application/javascript
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: geolocation=(self)
accept-ranges: bytes
expires: 0

GET
H2 200 crossSellTemplate3.js Show response
correos.travel.win/js/ 5 KB
7 KB 638ms
630ms Script
application/javascript 52.0.203.200
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://correos.travel.win/js/crossSellTemplate3.js

Requested by

Host: correos.travel.win
URL: https://correos.travel.win/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.0.203.200 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-0-203-200.compute-1.amazonaws.com

Software

Resource Hash

4c36646bd290eee3ee665960f0e81a92c2c08264e72fb711848e832129104203

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'nonce-d+3jc2PzLNYO5YqSnp4pwfjLVqGN1kaYMiEa4zPSKV0=' 'unsafe-eval' https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js https://www.googletagmanager.com/gtm.js https://www.googletagmanager.com/gtag/ ajax.cloudflare.com https://ajax.cloudflare.com https://img.ips.ms/gl.js https://www.dwin1.com/19038.js https://script.hotjar.com/* https://script.hotjar.com/ https://connect.facebook.net/en_US/fbevents.js https://cdn.jsdelivr.net/npm/daterangepicker/daterangepicker.min.js https://www.mczbf.com/tags/11157/tag.js https://connect.facebook.net/ https://maps.googleapis.com/ https://checkout-sdk.sezzle.com/checkout.min.js https://gateway.sezzle.com/ https://www.google-analytics.com https://optimize.google.com https://maps.googleapis.com https://maps.gstatic.com https://rum-static.pingdom.net/ https://static.hotjar.com/ https://.forter.com/ https://cdn.quilljs.com/ https://stackpath.bootstrapcdn.com/ .ggpht.com .googleapis.com https://.kaptcha.com https://ncr-front.marketplace.smartlink.valuedynamx.com https://qa-ncr-front.marketplace.smartlink.valuedynamx.com/ https://fonts.googleapis.com https://acsbapp.com/apps/app/dist/js/app.js https://accounts.google.com/* https://accounts.google.com/o/oauth2/auth https://cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/script.js https://cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/banner.js https://cdn-cookieyes.com/client_data/ https://www.paypal.com/ https://js.stripe.com/ https://merchant-ui-api.stripe.com/ https://s3-us-west-2.amazonaws.com
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Security-Policy	frame-ancestors self
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-content-security-policy: frame-ancestors self
date: Sun, 09 Jun 2024 11:32:44 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
x-content-type-options: nosniff
content-security-policy: script-src 'self' 'nonce-d+3jc2PzLNYO5YqSnp4pwfjLVqGN1kaYMiEa4zPSKV0=' 'unsafe-eval' https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js https://www.googletagmanager.com/gtm.js https://www.googletagmanager.com/gtag/ ajax.cloudflare.com https://ajax.cloudflare.com https://img.ips.ms/gl.js https://www.dwin1.com/19038.js https://script.hotjar.com/* https://script.hotjar.com/ https://connect.facebook.net/en_US/fbevents.js https://cdn.jsdelivr.net/npm/daterangepicker/daterangepicker.min.js https://www.mczbf.com/tags/11157/tag.js https://connect.facebook.net/ https://maps.googleapis.com/ https://checkout-sdk.sezzle.com/checkout.min.js https://gateway.sezzle.com/ https://www.google-analytics.com https://optimize.google.com https://maps.googleapis.com https://maps.gstatic.com https://rum-static.pingdom.net/ https://static.hotjar.com/ https://*.forter.com/ https://cdn.quilljs.com/ https://stackpath.bootstrapcdn.com/ *.ggpht.com *.googleapis.com https://*.kaptcha.com https://ncr-front.marketplace.smartlink.valuedynamx.com https://qa-ncr-front.marketplace.smartlink.valuedynamx.com/ https://fonts.googleapis.com https://acsbapp.com/apps/app/dist/js/app.js https://accounts.google.com/* https://accounts.google.com/o/oauth2/auth https://cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/script.js https://cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/banner.js https://cdn-cookieyes.com/client_data/ https://www.paypal.com/ https://js.stripe.com/ https://merchant-ui-api.stripe.com/ https://s3-us-west-2.amazonaws.com
content-length: 5349
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: no-referrer
last-modified: Fri, 07 Jun 2024 16:19:42 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: application/javascript
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: geolocation=(self)
accept-ranges: bytes
expires: 0

GET
H2 200 crossSell.js Show response
correos.travel.win/js/ 9 KB
11 KB 551ms
543ms Script
application/javascript 52.0.203.200
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://correos.travel.win/js/crossSell.js

Requested by

Host: correos.travel.win
URL: https://correos.travel.win/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.0.203.200 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-0-203-200.compute-1.amazonaws.com

Software

Resource Hash

6e8cbd6b0bc64625b243c4fd1482c997d03b9319eb4ce98eb017299d9bc2753f

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'nonce-s1Ag2N9d0XGmk4JStGv9UUiRyNQFnYR5eQDgXaFAuVU=' 'unsafe-eval' https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js https://www.googletagmanager.com/gtm.js https://www.googletagmanager.com/gtag/ ajax.cloudflare.com https://ajax.cloudflare.com https://img.ips.ms/gl.js https://www.dwin1.com/19038.js https://script.hotjar.com/* https://script.hotjar.com/ https://connect.facebook.net/en_US/fbevents.js https://cdn.jsdelivr.net/npm/daterangepicker/daterangepicker.min.js https://www.mczbf.com/tags/11157/tag.js https://connect.facebook.net/ https://maps.googleapis.com/ https://checkout-sdk.sezzle.com/checkout.min.js https://gateway.sezzle.com/ https://www.google-analytics.com https://optimize.google.com https://maps.googleapis.com https://maps.gstatic.com https://rum-static.pingdom.net/ https://static.hotjar.com/ https://.forter.com/ https://cdn.quilljs.com/ https://stackpath.bootstrapcdn.com/ .ggpht.com .googleapis.com https://.kaptcha.com https://ncr-front.marketplace.smartlink.valuedynamx.com https://qa-ncr-front.marketplace.smartlink.valuedynamx.com/ https://fonts.googleapis.com https://acsbapp.com/apps/app/dist/js/app.js https://accounts.google.com/* https://accounts.google.com/o/oauth2/auth https://cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/script.js https://cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/banner.js https://cdn-cookieyes.com/client_data/ https://www.paypal.com/ https://js.stripe.com/ https://merchant-ui-api.stripe.com/ https://s3-us-west-2.amazonaws.com
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Security-Policy	frame-ancestors self
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-content-security-policy: frame-ancestors self
date: Sun, 09 Jun 2024 11:32:44 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
x-content-type-options: nosniff
content-security-policy: script-src 'self' 'nonce-s1Ag2N9d0XGmk4JStGv9UUiRyNQFnYR5eQDgXaFAuVU=' 'unsafe-eval' https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js https://www.googletagmanager.com/gtm.js https://www.googletagmanager.com/gtag/ ajax.cloudflare.com https://ajax.cloudflare.com https://img.ips.ms/gl.js https://www.dwin1.com/19038.js https://script.hotjar.com/* https://script.hotjar.com/ https://connect.facebook.net/en_US/fbevents.js https://cdn.jsdelivr.net/npm/daterangepicker/daterangepicker.min.js https://www.mczbf.com/tags/11157/tag.js https://connect.facebook.net/ https://maps.googleapis.com/ https://checkout-sdk.sezzle.com/checkout.min.js https://gateway.sezzle.com/ https://www.google-analytics.com https://optimize.google.com https://maps.googleapis.com https://maps.gstatic.com https://rum-static.pingdom.net/ https://static.hotjar.com/ https://*.forter.com/ https://cdn.quilljs.com/ https://stackpath.bootstrapcdn.com/ *.ggpht.com *.googleapis.com https://*.kaptcha.com https://ncr-front.marketplace.smartlink.valuedynamx.com https://qa-ncr-front.marketplace.smartlink.valuedynamx.com/ https://fonts.googleapis.com https://acsbapp.com/apps/app/dist/js/app.js https://accounts.google.com/* https://accounts.google.com/o/oauth2/auth https://cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/script.js https://cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/banner.js https://cdn-cookieyes.com/client_data/ https://www.paypal.com/ https://js.stripe.com/ https://merchant-ui-api.stripe.com/ https://s3-us-west-2.amazonaws.com
content-length: 8928
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: no-referrer
last-modified: Fri, 07 Jun 2024 16:19:42 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: application/javascript
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: geolocation=(self)
accept-ranges: bytes
expires: 0

GET
H2 200 home.js Show response
correos.travel.win/js/ 15 KB
17 KB 551ms
544ms Script
application/javascript 52.0.203.200
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://correos.travel.win/js/home.js

Requested by

Host: correos.travel.win
URL: https://correos.travel.win/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.0.203.200 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-0-203-200.compute-1.amazonaws.com

Software

Resource Hash

5124d2867eabbbf09c3d61a0924b1700fadb65221b2278e33ce745a863ac6272

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'nonce-Q68EwapLAHRDdifK133LUinCZYsOSmpbcpsvDB98BXQ=' 'unsafe-eval' https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js https://www.googletagmanager.com/gtm.js https://www.googletagmanager.com/gtag/ ajax.cloudflare.com https://ajax.cloudflare.com https://img.ips.ms/gl.js https://www.dwin1.com/19038.js https://script.hotjar.com/* https://script.hotjar.com/ https://connect.facebook.net/en_US/fbevents.js https://cdn.jsdelivr.net/npm/daterangepicker/daterangepicker.min.js https://www.mczbf.com/tags/11157/tag.js https://connect.facebook.net/ https://maps.googleapis.com/ https://checkout-sdk.sezzle.com/checkout.min.js https://gateway.sezzle.com/ https://www.google-analytics.com https://optimize.google.com https://maps.googleapis.com https://maps.gstatic.com https://rum-static.pingdom.net/ https://static.hotjar.com/ https://.forter.com/ https://cdn.quilljs.com/ https://stackpath.bootstrapcdn.com/ .ggpht.com .googleapis.com https://.kaptcha.com https://ncr-front.marketplace.smartlink.valuedynamx.com https://qa-ncr-front.marketplace.smartlink.valuedynamx.com/ https://fonts.googleapis.com https://acsbapp.com/apps/app/dist/js/app.js https://accounts.google.com/* https://accounts.google.com/o/oauth2/auth https://cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/script.js https://cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/banner.js https://cdn-cookieyes.com/client_data/ https://www.paypal.com/ https://js.stripe.com/ https://merchant-ui-api.stripe.com/ https://s3-us-west-2.amazonaws.com
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Security-Policy	frame-ancestors self
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-content-security-policy: frame-ancestors self
date: Sun, 09 Jun 2024 11:32:44 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
x-content-type-options: nosniff
content-security-policy: script-src 'self' 'nonce-Q68EwapLAHRDdifK133LUinCZYsOSmpbcpsvDB98BXQ=' 'unsafe-eval' https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js https://www.googletagmanager.com/gtm.js https://www.googletagmanager.com/gtag/ ajax.cloudflare.com https://ajax.cloudflare.com https://img.ips.ms/gl.js https://www.dwin1.com/19038.js https://script.hotjar.com/* https://script.hotjar.com/ https://connect.facebook.net/en_US/fbevents.js https://cdn.jsdelivr.net/npm/daterangepicker/daterangepicker.min.js https://www.mczbf.com/tags/11157/tag.js https://connect.facebook.net/ https://maps.googleapis.com/ https://checkout-sdk.sezzle.com/checkout.min.js https://gateway.sezzle.com/ https://www.google-analytics.com https://optimize.google.com https://maps.googleapis.com https://maps.gstatic.com https://rum-static.pingdom.net/ https://static.hotjar.com/ https://*.forter.com/ https://cdn.quilljs.com/ https://stackpath.bootstrapcdn.com/ *.ggpht.com *.googleapis.com https://*.kaptcha.com https://ncr-front.marketplace.smartlink.valuedynamx.com https://qa-ncr-front.marketplace.smartlink.valuedynamx.com/ https://fonts.googleapis.com https://acsbapp.com/apps/app/dist/js/app.js https://accounts.google.com/* https://accounts.google.com/o/oauth2/auth https://cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/script.js https://cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/banner.js https://cdn-cookieyes.com/client_data/ https://www.paypal.com/ https://js.stripe.com/ https://merchant-ui-api.stripe.com/ https://s3-us-west-2.amazonaws.com
content-length: 15798
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: no-referrer
last-modified: Fri, 07 Jun 2024 16:19:42 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: application/javascript
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: geolocation=(self)
accept-ranges: bytes
expires: 0

GET
H2 200 typeahead.js Show response
correos.travel.win/js/ 8 KB
10 KB 638ms
631ms Script
application/javascript 52.0.203.200
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://correos.travel.win/js/typeahead.js

Requested by

Host: correos.travel.win
URL: https://correos.travel.win/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.0.203.200 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-0-203-200.compute-1.amazonaws.com

Software

Resource Hash

c717503c84c6e0335941c3ee96eb5ac213897fef096898ec38bf69e230abf56e

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'nonce-8P0OMN0zN+zGGEzjMo0fnq+p6MMRfNpsIiGkOcPOGBQ=' 'unsafe-eval' https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js https://www.googletagmanager.com/gtm.js https://www.googletagmanager.com/gtag/ ajax.cloudflare.com https://ajax.cloudflare.com https://img.ips.ms/gl.js https://www.dwin1.com/19038.js https://script.hotjar.com/* https://script.hotjar.com/ https://connect.facebook.net/en_US/fbevents.js https://cdn.jsdelivr.net/npm/daterangepicker/daterangepicker.min.js https://www.mczbf.com/tags/11157/tag.js https://connect.facebook.net/ https://maps.googleapis.com/ https://checkout-sdk.sezzle.com/checkout.min.js https://gateway.sezzle.com/ https://www.google-analytics.com https://optimize.google.com https://maps.googleapis.com https://maps.gstatic.com https://rum-static.pingdom.net/ https://static.hotjar.com/ https://.forter.com/ https://cdn.quilljs.com/ https://stackpath.bootstrapcdn.com/ .ggpht.com .googleapis.com https://.kaptcha.com https://ncr-front.marketplace.smartlink.valuedynamx.com https://qa-ncr-front.marketplace.smartlink.valuedynamx.com/ https://fonts.googleapis.com https://acsbapp.com/apps/app/dist/js/app.js https://accounts.google.com/* https://accounts.google.com/o/oauth2/auth https://cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/script.js https://cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/banner.js https://cdn-cookieyes.com/client_data/ https://www.paypal.com/ https://js.stripe.com/ https://merchant-ui-api.stripe.com/ https://s3-us-west-2.amazonaws.com
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Security-Policy	frame-ancestors self
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-content-security-policy: frame-ancestors self
date: Sun, 09 Jun 2024 11:32:44 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
x-content-type-options: nosniff
content-security-policy: script-src 'self' 'nonce-8P0OMN0zN+zGGEzjMo0fnq+p6MMRfNpsIiGkOcPOGBQ=' 'unsafe-eval' https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js https://www.googletagmanager.com/gtm.js https://www.googletagmanager.com/gtag/ ajax.cloudflare.com https://ajax.cloudflare.com https://img.ips.ms/gl.js https://www.dwin1.com/19038.js https://script.hotjar.com/* https://script.hotjar.com/ https://connect.facebook.net/en_US/fbevents.js https://cdn.jsdelivr.net/npm/daterangepicker/daterangepicker.min.js https://www.mczbf.com/tags/11157/tag.js https://connect.facebook.net/ https://maps.googleapis.com/ https://checkout-sdk.sezzle.com/checkout.min.js https://gateway.sezzle.com/ https://www.google-analytics.com https://optimize.google.com https://maps.googleapis.com https://maps.gstatic.com https://rum-static.pingdom.net/ https://static.hotjar.com/ https://*.forter.com/ https://cdn.quilljs.com/ https://stackpath.bootstrapcdn.com/ *.ggpht.com *.googleapis.com https://*.kaptcha.com https://ncr-front.marketplace.smartlink.valuedynamx.com https://qa-ncr-front.marketplace.smartlink.valuedynamx.com/ https://fonts.googleapis.com https://acsbapp.com/apps/app/dist/js/app.js https://accounts.google.com/* https://accounts.google.com/o/oauth2/auth https://cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/script.js https://cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/banner.js https://cdn-cookieyes.com/client_data/ https://www.paypal.com/ https://js.stripe.com/ https://merchant-ui-api.stripe.com/ https://s3-us-west-2.amazonaws.com
content-length: 8331
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: no-referrer
last-modified: Fri, 07 Jun 2024 16:19:42 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: application/javascript
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: geolocation=(self)
accept-ranges: bytes
expires: 0

GET
H2 200 lazyLoadCarousel.js Show response
correos.travel.win/js/ 3 KB
4 KB 639ms
632ms Script
application/javascript 52.0.203.200
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://correos.travel.win/js/lazyLoadCarousel.js

Requested by

Host: correos.travel.win
URL: https://correos.travel.win/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.0.203.200 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-0-203-200.compute-1.amazonaws.com

Software

Resource Hash

487eaa9d36937a27cc839a28cf1c044c9401a760fbd8560442d63478502409c5

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'nonce-UgvCAKF6CDNokKzvB44O/ug42kY3U2BtnzbNAmRO7ZM=' 'unsafe-eval' https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js https://www.googletagmanager.com/gtm.js https://www.googletagmanager.com/gtag/ ajax.cloudflare.com https://ajax.cloudflare.com https://img.ips.ms/gl.js https://www.dwin1.com/19038.js https://script.hotjar.com/* https://script.hotjar.com/ https://connect.facebook.net/en_US/fbevents.js https://cdn.jsdelivr.net/npm/daterangepicker/daterangepicker.min.js https://www.mczbf.com/tags/11157/tag.js https://connect.facebook.net/ https://maps.googleapis.com/ https://checkout-sdk.sezzle.com/checkout.min.js https://gateway.sezzle.com/ https://www.google-analytics.com https://optimize.google.com https://maps.googleapis.com https://maps.gstatic.com https://rum-static.pingdom.net/ https://static.hotjar.com/ https://.forter.com/ https://cdn.quilljs.com/ https://stackpath.bootstrapcdn.com/ .ggpht.com .googleapis.com https://.kaptcha.com https://ncr-front.marketplace.smartlink.valuedynamx.com https://qa-ncr-front.marketplace.smartlink.valuedynamx.com/ https://fonts.googleapis.com https://acsbapp.com/apps/app/dist/js/app.js https://accounts.google.com/* https://accounts.google.com/o/oauth2/auth https://cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/script.js https://cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/banner.js https://cdn-cookieyes.com/client_data/ https://www.paypal.com/ https://js.stripe.com/ https://merchant-ui-api.stripe.com/ https://s3-us-west-2.amazonaws.com
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Security-Policy	frame-ancestors self
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-content-security-policy: frame-ancestors self
date: Sun, 09 Jun 2024 11:32:44 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
x-content-type-options: nosniff
content-security-policy: script-src 'self' 'nonce-UgvCAKF6CDNokKzvB44O/ug42kY3U2BtnzbNAmRO7ZM=' 'unsafe-eval' https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js https://www.googletagmanager.com/gtm.js https://www.googletagmanager.com/gtag/ ajax.cloudflare.com https://ajax.cloudflare.com https://img.ips.ms/gl.js https://www.dwin1.com/19038.js https://script.hotjar.com/* https://script.hotjar.com/ https://connect.facebook.net/en_US/fbevents.js https://cdn.jsdelivr.net/npm/daterangepicker/daterangepicker.min.js https://www.mczbf.com/tags/11157/tag.js https://connect.facebook.net/ https://maps.googleapis.com/ https://checkout-sdk.sezzle.com/checkout.min.js https://gateway.sezzle.com/ https://www.google-analytics.com https://optimize.google.com https://maps.googleapis.com https://maps.gstatic.com https://rum-static.pingdom.net/ https://static.hotjar.com/ https://*.forter.com/ https://cdn.quilljs.com/ https://stackpath.bootstrapcdn.com/ *.ggpht.com *.googleapis.com https://*.kaptcha.com https://ncr-front.marketplace.smartlink.valuedynamx.com https://qa-ncr-front.marketplace.smartlink.valuedynamx.com/ https://fonts.googleapis.com https://acsbapp.com/apps/app/dist/js/app.js https://accounts.google.com/* https://accounts.google.com/o/oauth2/auth https://cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/script.js https://cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/banner.js https://cdn-cookieyes.com/client_data/ https://www.paypal.com/ https://js.stripe.com/ https://merchant-ui-api.stripe.com/ https://s3-us-west-2.amazonaws.com
content-length: 2670
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: no-referrer
last-modified: Fri, 07 Jun 2024 16:19:42 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: application/javascript
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: geolocation=(self)
accept-ranges: bytes
expires: 0

GET
H2 200 recentlyViewed.js Show response
correos.travel.win/js/ 2 KB
4 KB 637ms
631ms Script
application/javascript 52.0.203.200
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://correos.travel.win/js/recentlyViewed.js

Requested by

Host: correos.travel.win
URL: https://correos.travel.win/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.0.203.200 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-0-203-200.compute-1.amazonaws.com

Software

Resource Hash

3d1d668742362ae68eeeb43165b7672f88cec36d5b1caa95ee90dc8903189278

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'nonce-VmrFl5T14UnuKCbQ1HXBYXsZOrT9/Z8UR+Fbl2N6YY4=' 'unsafe-eval' https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js https://www.googletagmanager.com/gtm.js https://www.googletagmanager.com/gtag/ ajax.cloudflare.com https://ajax.cloudflare.com https://img.ips.ms/gl.js https://www.dwin1.com/19038.js https://script.hotjar.com/* https://script.hotjar.com/ https://connect.facebook.net/en_US/fbevents.js https://cdn.jsdelivr.net/npm/daterangepicker/daterangepicker.min.js https://www.mczbf.com/tags/11157/tag.js https://connect.facebook.net/ https://maps.googleapis.com/ https://checkout-sdk.sezzle.com/checkout.min.js https://gateway.sezzle.com/ https://www.google-analytics.com https://optimize.google.com https://maps.googleapis.com https://maps.gstatic.com https://rum-static.pingdom.net/ https://static.hotjar.com/ https://.forter.com/ https://cdn.quilljs.com/ https://stackpath.bootstrapcdn.com/ .ggpht.com .googleapis.com https://.kaptcha.com https://ncr-front.marketplace.smartlink.valuedynamx.com https://qa-ncr-front.marketplace.smartlink.valuedynamx.com/ https://fonts.googleapis.com https://acsbapp.com/apps/app/dist/js/app.js https://accounts.google.com/* https://accounts.google.com/o/oauth2/auth https://cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/script.js https://cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/banner.js https://cdn-cookieyes.com/client_data/ https://www.paypal.com/ https://js.stripe.com/ https://merchant-ui-api.stripe.com/ https://s3-us-west-2.amazonaws.com
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Security-Policy	frame-ancestors self
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-content-security-policy: frame-ancestors self
date: Sun, 09 Jun 2024 11:32:44 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
x-content-type-options: nosniff
content-security-policy: script-src 'self' 'nonce-VmrFl5T14UnuKCbQ1HXBYXsZOrT9/Z8UR+Fbl2N6YY4=' 'unsafe-eval' https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js https://www.googletagmanager.com/gtm.js https://www.googletagmanager.com/gtag/ ajax.cloudflare.com https://ajax.cloudflare.com https://img.ips.ms/gl.js https://www.dwin1.com/19038.js https://script.hotjar.com/* https://script.hotjar.com/ https://connect.facebook.net/en_US/fbevents.js https://cdn.jsdelivr.net/npm/daterangepicker/daterangepicker.min.js https://www.mczbf.com/tags/11157/tag.js https://connect.facebook.net/ https://maps.googleapis.com/ https://checkout-sdk.sezzle.com/checkout.min.js https://gateway.sezzle.com/ https://www.google-analytics.com https://optimize.google.com https://maps.googleapis.com https://maps.gstatic.com https://rum-static.pingdom.net/ https://static.hotjar.com/ https://*.forter.com/ https://cdn.quilljs.com/ https://stackpath.bootstrapcdn.com/ *.ggpht.com *.googleapis.com https://*.kaptcha.com https://ncr-front.marketplace.smartlink.valuedynamx.com https://qa-ncr-front.marketplace.smartlink.valuedynamx.com/ https://fonts.googleapis.com https://acsbapp.com/apps/app/dist/js/app.js https://accounts.google.com/* https://accounts.google.com/o/oauth2/auth https://cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/script.js https://cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/banner.js https://cdn-cookieyes.com/client_data/ https://www.paypal.com/ https://js.stripe.com/ https://merchant-ui-api.stripe.com/ https://s3-us-west-2.amazonaws.com
content-length: 2231
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: no-referrer
last-modified: Fri, 07 Jun 2024 16:19:42 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: application/javascript
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: geolocation=(self)
accept-ranges: bytes
expires: 0

GET
H2 200 loginToken.js Show response
correos.travel.win/js/ 6 KB
8 KB 639ms
633ms Script
application/javascript 52.0.203.200
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://correos.travel.win/js/loginToken.js

Requested by

Host: correos.travel.win
URL: https://correos.travel.win/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.0.203.200 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-0-203-200.compute-1.amazonaws.com

Software

Resource Hash

b3c1281896d726e45316a81a0716f4d684632af744c6f38d4feba16bdcd1d4c8

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'nonce-+0V+CLxEKDSnFE9a7iAtuuDnn3MzD7StGAYpg6Y5FUY=' 'unsafe-eval' https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js https://www.googletagmanager.com/gtm.js https://www.googletagmanager.com/gtag/ ajax.cloudflare.com https://ajax.cloudflare.com https://img.ips.ms/gl.js https://www.dwin1.com/19038.js https://script.hotjar.com/* https://script.hotjar.com/ https://connect.facebook.net/en_US/fbevents.js https://cdn.jsdelivr.net/npm/daterangepicker/daterangepicker.min.js https://www.mczbf.com/tags/11157/tag.js https://connect.facebook.net/ https://maps.googleapis.com/ https://checkout-sdk.sezzle.com/checkout.min.js https://gateway.sezzle.com/ https://www.google-analytics.com https://optimize.google.com https://maps.googleapis.com https://maps.gstatic.com https://rum-static.pingdom.net/ https://static.hotjar.com/ https://.forter.com/ https://cdn.quilljs.com/ https://stackpath.bootstrapcdn.com/ .ggpht.com .googleapis.com https://.kaptcha.com https://ncr-front.marketplace.smartlink.valuedynamx.com https://qa-ncr-front.marketplace.smartlink.valuedynamx.com/ https://fonts.googleapis.com https://acsbapp.com/apps/app/dist/js/app.js https://accounts.google.com/* https://accounts.google.com/o/oauth2/auth https://cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/script.js https://cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/banner.js https://cdn-cookieyes.com/client_data/ https://www.paypal.com/ https://js.stripe.com/ https://merchant-ui-api.stripe.com/ https://s3-us-west-2.amazonaws.com
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Security-Policy	frame-ancestors self
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-content-security-policy: frame-ancestors self
date: Sun, 09 Jun 2024 11:32:44 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
x-content-type-options: nosniff
content-security-policy: script-src 'self' 'nonce-+0V+CLxEKDSnFE9a7iAtuuDnn3MzD7StGAYpg6Y5FUY=' 'unsafe-eval' https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js https://www.googletagmanager.com/gtm.js https://www.googletagmanager.com/gtag/ ajax.cloudflare.com https://ajax.cloudflare.com https://img.ips.ms/gl.js https://www.dwin1.com/19038.js https://script.hotjar.com/* https://script.hotjar.com/ https://connect.facebook.net/en_US/fbevents.js https://cdn.jsdelivr.net/npm/daterangepicker/daterangepicker.min.js https://www.mczbf.com/tags/11157/tag.js https://connect.facebook.net/ https://maps.googleapis.com/ https://checkout-sdk.sezzle.com/checkout.min.js https://gateway.sezzle.com/ https://www.google-analytics.com https://optimize.google.com https://maps.googleapis.com https://maps.gstatic.com https://rum-static.pingdom.net/ https://static.hotjar.com/ https://*.forter.com/ https://cdn.quilljs.com/ https://stackpath.bootstrapcdn.com/ *.ggpht.com *.googleapis.com https://*.kaptcha.com https://ncr-front.marketplace.smartlink.valuedynamx.com https://qa-ncr-front.marketplace.smartlink.valuedynamx.com/ https://fonts.googleapis.com https://acsbapp.com/apps/app/dist/js/app.js https://accounts.google.com/* https://accounts.google.com/o/oauth2/auth https://cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/script.js https://cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/banner.js https://cdn-cookieyes.com/client_data/ https://www.paypal.com/ https://js.stripe.com/ https://merchant-ui-api.stripe.com/ https://s3-us-west-2.amazonaws.com
content-length: 5881
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: no-referrer
last-modified: Fri, 07 Jun 2024 16:19:42 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: application/javascript
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: geolocation=(self)
accept-ranges: bytes
expires: 0

GET
H2 200 carouselListing2.js Show response
correos.travel.win/js/ 4 KB
6 KB 640ms
633ms Script
application/javascript 52.0.203.200
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://correos.travel.win/js/carouselListing2.js

Requested by

Host: correos.travel.win
URL: https://correos.travel.win/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.0.203.200 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-0-203-200.compute-1.amazonaws.com

Software

Resource Hash

f14b85af2e005aacaaf5dd539e2dd06aa657a6dd01949daf04b2ba4675ceddb4

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'nonce-ZbikgRSC791HkSKKg9+nRb8a2hR65XEsn/v5YM/INKc=' 'unsafe-eval' https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js https://www.googletagmanager.com/gtm.js https://www.googletagmanager.com/gtag/ ajax.cloudflare.com https://ajax.cloudflare.com https://img.ips.ms/gl.js https://www.dwin1.com/19038.js https://script.hotjar.com/* https://script.hotjar.com/ https://connect.facebook.net/en_US/fbevents.js https://cdn.jsdelivr.net/npm/daterangepicker/daterangepicker.min.js https://www.mczbf.com/tags/11157/tag.js https://connect.facebook.net/ https://maps.googleapis.com/ https://checkout-sdk.sezzle.com/checkout.min.js https://gateway.sezzle.com/ https://www.google-analytics.com https://optimize.google.com https://maps.googleapis.com https://maps.gstatic.com https://rum-static.pingdom.net/ https://static.hotjar.com/ https://.forter.com/ https://cdn.quilljs.com/ https://stackpath.bootstrapcdn.com/ .ggpht.com .googleapis.com https://.kaptcha.com https://ncr-front.marketplace.smartlink.valuedynamx.com https://qa-ncr-front.marketplace.smartlink.valuedynamx.com/ https://fonts.googleapis.com https://acsbapp.com/apps/app/dist/js/app.js https://accounts.google.com/* https://accounts.google.com/o/oauth2/auth https://cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/script.js https://cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/banner.js https://cdn-cookieyes.com/client_data/ https://www.paypal.com/ https://js.stripe.com/ https://merchant-ui-api.stripe.com/ https://s3-us-west-2.amazonaws.com
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Security-Policy	frame-ancestors self
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-content-security-policy: frame-ancestors self
date: Sun, 09 Jun 2024 11:32:44 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
x-content-type-options: nosniff
content-security-policy: script-src 'self' 'nonce-ZbikgRSC791HkSKKg9+nRb8a2hR65XEsn/v5YM/INKc=' 'unsafe-eval' https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js https://www.googletagmanager.com/gtm.js https://www.googletagmanager.com/gtag/ ajax.cloudflare.com https://ajax.cloudflare.com https://img.ips.ms/gl.js https://www.dwin1.com/19038.js https://script.hotjar.com/* https://script.hotjar.com/ https://connect.facebook.net/en_US/fbevents.js https://cdn.jsdelivr.net/npm/daterangepicker/daterangepicker.min.js https://www.mczbf.com/tags/11157/tag.js https://connect.facebook.net/ https://maps.googleapis.com/ https://checkout-sdk.sezzle.com/checkout.min.js https://gateway.sezzle.com/ https://www.google-analytics.com https://optimize.google.com https://maps.googleapis.com https://maps.gstatic.com https://rum-static.pingdom.net/ https://static.hotjar.com/ https://*.forter.com/ https://cdn.quilljs.com/ https://stackpath.bootstrapcdn.com/ *.ggpht.com *.googleapis.com https://*.kaptcha.com https://ncr-front.marketplace.smartlink.valuedynamx.com https://qa-ncr-front.marketplace.smartlink.valuedynamx.com/ https://fonts.googleapis.com https://acsbapp.com/apps/app/dist/js/app.js https://accounts.google.com/* https://accounts.google.com/o/oauth2/auth https://cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/script.js https://cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/banner.js https://cdn-cookieyes.com/client_data/ https://www.paypal.com/ https://js.stripe.com/ https://merchant-ui-api.stripe.com/ https://s3-us-west-2.amazonaws.com
content-length: 4336
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: no-referrer
last-modified: Fri, 07 Jun 2024 16:19:42 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: application/javascript
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: geolocation=(self)
accept-ranges: bytes
expires: 0

GET
H2 200 carouselListing3.js Show response
correos.travel.win/js/ 4 KB
6 KB 707ms
701ms Script
application/javascript 52.0.203.200
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://correos.travel.win/js/carouselListing3.js

Requested by

Host: correos.travel.win
URL: https://correos.travel.win/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.0.203.200 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-0-203-200.compute-1.amazonaws.com

Software

Resource Hash

1bd8abff0339f15542ee8645f7d533af5be3c6080502ac52d449cbd0a1e2f87a

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'nonce-1wVXeFXLLoEapHURPqJjWHy31tGL9BJ9LqvfCc+LA9s=' 'unsafe-eval' https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js https://www.googletagmanager.com/gtm.js https://www.googletagmanager.com/gtag/ ajax.cloudflare.com https://ajax.cloudflare.com https://img.ips.ms/gl.js https://www.dwin1.com/19038.js https://script.hotjar.com/* https://script.hotjar.com/ https://connect.facebook.net/en_US/fbevents.js https://cdn.jsdelivr.net/npm/daterangepicker/daterangepicker.min.js https://www.mczbf.com/tags/11157/tag.js https://connect.facebook.net/ https://maps.googleapis.com/ https://checkout-sdk.sezzle.com/checkout.min.js https://gateway.sezzle.com/ https://www.google-analytics.com https://optimize.google.com https://maps.googleapis.com https://maps.gstatic.com https://rum-static.pingdom.net/ https://static.hotjar.com/ https://.forter.com/ https://cdn.quilljs.com/ https://stackpath.bootstrapcdn.com/ .ggpht.com .googleapis.com https://.kaptcha.com https://ncr-front.marketplace.smartlink.valuedynamx.com https://qa-ncr-front.marketplace.smartlink.valuedynamx.com/ https://fonts.googleapis.com https://acsbapp.com/apps/app/dist/js/app.js https://accounts.google.com/* https://accounts.google.com/o/oauth2/auth https://cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/script.js https://cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/banner.js https://cdn-cookieyes.com/client_data/ https://www.paypal.com/ https://js.stripe.com/ https://merchant-ui-api.stripe.com/ https://s3-us-west-2.amazonaws.com
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Security-Policy	frame-ancestors self
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-content-security-policy: frame-ancestors self
date: Sun, 09 Jun 2024 11:32:44 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
x-content-type-options: nosniff
content-security-policy: script-src 'self' 'nonce-1wVXeFXLLoEapHURPqJjWHy31tGL9BJ9LqvfCc+LA9s=' 'unsafe-eval' https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js https://www.googletagmanager.com/gtm.js https://www.googletagmanager.com/gtag/ ajax.cloudflare.com https://ajax.cloudflare.com https://img.ips.ms/gl.js https://www.dwin1.com/19038.js https://script.hotjar.com/* https://script.hotjar.com/ https://connect.facebook.net/en_US/fbevents.js https://cdn.jsdelivr.net/npm/daterangepicker/daterangepicker.min.js https://www.mczbf.com/tags/11157/tag.js https://connect.facebook.net/ https://maps.googleapis.com/ https://checkout-sdk.sezzle.com/checkout.min.js https://gateway.sezzle.com/ https://www.google-analytics.com https://optimize.google.com https://maps.googleapis.com https://maps.gstatic.com https://rum-static.pingdom.net/ https://static.hotjar.com/ https://*.forter.com/ https://cdn.quilljs.com/ https://stackpath.bootstrapcdn.com/ *.ggpht.com *.googleapis.com https://*.kaptcha.com https://ncr-front.marketplace.smartlink.valuedynamx.com https://qa-ncr-front.marketplace.smartlink.valuedynamx.com/ https://fonts.googleapis.com https://acsbapp.com/apps/app/dist/js/app.js https://accounts.google.com/* https://accounts.google.com/o/oauth2/auth https://cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/script.js https://cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/banner.js https://cdn-cookieyes.com/client_data/ https://www.paypal.com/ https://js.stripe.com/ https://merchant-ui-api.stripe.com/ https://s3-us-west-2.amazonaws.com
content-length: 4193
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: no-referrer
last-modified: Fri, 07 Jun 2024 16:19:42 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: application/javascript
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: geolocation=(self)
accept-ranges: bytes
expires: 0

GET
H2 200 singleDatepicker.js Show response
correos.travel.win/js/ 7 KB
9 KB 640ms
634ms Script
application/javascript 52.0.203.200
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://correos.travel.win/js/singleDatepicker.js

Requested by

Host: correos.travel.win
URL: https://correos.travel.win/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.0.203.200 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-0-203-200.compute-1.amazonaws.com

Software

Resource Hash

1a4b7f20c38c2bac63e6164da99429f219364c4169e77a546a37c115424ce52c

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'nonce-1WJv4qukUHkgpbBbkJ3j1X0VeNQC3Fd+cAylfyPaRg0=' 'unsafe-eval' https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js https://www.googletagmanager.com/gtm.js https://www.googletagmanager.com/gtag/ ajax.cloudflare.com https://ajax.cloudflare.com https://img.ips.ms/gl.js https://www.dwin1.com/19038.js https://script.hotjar.com/* https://script.hotjar.com/ https://connect.facebook.net/en_US/fbevents.js https://cdn.jsdelivr.net/npm/daterangepicker/daterangepicker.min.js https://www.mczbf.com/tags/11157/tag.js https://connect.facebook.net/ https://maps.googleapis.com/ https://checkout-sdk.sezzle.com/checkout.min.js https://gateway.sezzle.com/ https://www.google-analytics.com https://optimize.google.com https://maps.googleapis.com https://maps.gstatic.com https://rum-static.pingdom.net/ https://static.hotjar.com/ https://.forter.com/ https://cdn.quilljs.com/ https://stackpath.bootstrapcdn.com/ .ggpht.com .googleapis.com https://.kaptcha.com https://ncr-front.marketplace.smartlink.valuedynamx.com https://qa-ncr-front.marketplace.smartlink.valuedynamx.com/ https://fonts.googleapis.com https://acsbapp.com/apps/app/dist/js/app.js https://accounts.google.com/* https://accounts.google.com/o/oauth2/auth https://cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/script.js https://cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/banner.js https://cdn-cookieyes.com/client_data/ https://www.paypal.com/ https://js.stripe.com/ https://merchant-ui-api.stripe.com/ https://s3-us-west-2.amazonaws.com
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Security-Policy	frame-ancestors self
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-content-security-policy: frame-ancestors self
date: Sun, 09 Jun 2024 11:32:44 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
x-content-type-options: nosniff
content-security-policy: script-src 'self' 'nonce-1WJv4qukUHkgpbBbkJ3j1X0VeNQC3Fd+cAylfyPaRg0=' 'unsafe-eval' https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js https://www.googletagmanager.com/gtm.js https://www.googletagmanager.com/gtag/ ajax.cloudflare.com https://ajax.cloudflare.com https://img.ips.ms/gl.js https://www.dwin1.com/19038.js https://script.hotjar.com/* https://script.hotjar.com/ https://connect.facebook.net/en_US/fbevents.js https://cdn.jsdelivr.net/npm/daterangepicker/daterangepicker.min.js https://www.mczbf.com/tags/11157/tag.js https://connect.facebook.net/ https://maps.googleapis.com/ https://checkout-sdk.sezzle.com/checkout.min.js https://gateway.sezzle.com/ https://www.google-analytics.com https://optimize.google.com https://maps.googleapis.com https://maps.gstatic.com https://rum-static.pingdom.net/ https://static.hotjar.com/ https://*.forter.com/ https://cdn.quilljs.com/ https://stackpath.bootstrapcdn.com/ *.ggpht.com *.googleapis.com https://*.kaptcha.com https://ncr-front.marketplace.smartlink.valuedynamx.com https://qa-ncr-front.marketplace.smartlink.valuedynamx.com/ https://fonts.googleapis.com https://acsbapp.com/apps/app/dist/js/app.js https://accounts.google.com/* https://accounts.google.com/o/oauth2/auth https://cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/script.js https://cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/banner.js https://cdn-cookieyes.com/client_data/ https://www.paypal.com/ https://js.stripe.com/ https://merchant-ui-api.stripe.com/ https://s3-us-west-2.amazonaws.com
content-length: 6847
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: no-referrer
last-modified: Fri, 07 Jun 2024 16:19:42 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: application/javascript
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: geolocation=(self)
accept-ranges: bytes
expires: 0

GET
H2 200 carQueryModule.js Show response
correos.travel.win/js/ 814 B
3 KB 706ms
701ms Script
application/javascript 52.0.203.200
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://correos.travel.win/js/carQueryModule.js

Requested by

Host: correos.travel.win
URL: https://correos.travel.win/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.0.203.200 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-0-203-200.compute-1.amazonaws.com

Software

Resource Hash

bca20e38a3ec90061fa6a05aebbcd07abf2fd082262138e0fd98710d7fa47973

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'nonce-JTb/jS1xIEShIJTm119A1r1/AEkUd6NKbDRlPLcwjSI=' 'unsafe-eval' https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js https://www.googletagmanager.com/gtm.js https://www.googletagmanager.com/gtag/ ajax.cloudflare.com https://ajax.cloudflare.com https://img.ips.ms/gl.js https://www.dwin1.com/19038.js https://script.hotjar.com/* https://script.hotjar.com/ https://connect.facebook.net/en_US/fbevents.js https://cdn.jsdelivr.net/npm/daterangepicker/daterangepicker.min.js https://www.mczbf.com/tags/11157/tag.js https://connect.facebook.net/ https://maps.googleapis.com/ https://checkout-sdk.sezzle.com/checkout.min.js https://gateway.sezzle.com/ https://www.google-analytics.com https://optimize.google.com https://maps.googleapis.com https://maps.gstatic.com https://rum-static.pingdom.net/ https://static.hotjar.com/ https://.forter.com/ https://cdn.quilljs.com/ https://stackpath.bootstrapcdn.com/ .ggpht.com .googleapis.com https://.kaptcha.com https://ncr-front.marketplace.smartlink.valuedynamx.com https://qa-ncr-front.marketplace.smartlink.valuedynamx.com/ https://fonts.googleapis.com https://acsbapp.com/apps/app/dist/js/app.js https://accounts.google.com/* https://accounts.google.com/o/oauth2/auth https://cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/script.js https://cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/banner.js https://cdn-cookieyes.com/client_data/ https://www.paypal.com/ https://js.stripe.com/ https://merchant-ui-api.stripe.com/ https://s3-us-west-2.amazonaws.com
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Security-Policy	frame-ancestors self
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-content-security-policy: frame-ancestors self
date: Sun, 09 Jun 2024 11:32:44 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
x-content-type-options: nosniff
content-security-policy: script-src 'self' 'nonce-JTb/jS1xIEShIJTm119A1r1/AEkUd6NKbDRlPLcwjSI=' 'unsafe-eval' https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js https://www.googletagmanager.com/gtm.js https://www.googletagmanager.com/gtag/ ajax.cloudflare.com https://ajax.cloudflare.com https://img.ips.ms/gl.js https://www.dwin1.com/19038.js https://script.hotjar.com/* https://script.hotjar.com/ https://connect.facebook.net/en_US/fbevents.js https://cdn.jsdelivr.net/npm/daterangepicker/daterangepicker.min.js https://www.mczbf.com/tags/11157/tag.js https://connect.facebook.net/ https://maps.googleapis.com/ https://checkout-sdk.sezzle.com/checkout.min.js https://gateway.sezzle.com/ https://www.google-analytics.com https://optimize.google.com https://maps.googleapis.com https://maps.gstatic.com https://rum-static.pingdom.net/ https://static.hotjar.com/ https://*.forter.com/ https://cdn.quilljs.com/ https://stackpath.bootstrapcdn.com/ *.ggpht.com *.googleapis.com https://*.kaptcha.com https://ncr-front.marketplace.smartlink.valuedynamx.com https://qa-ncr-front.marketplace.smartlink.valuedynamx.com/ https://fonts.googleapis.com https://acsbapp.com/apps/app/dist/js/app.js https://accounts.google.com/* https://accounts.google.com/o/oauth2/auth https://cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/script.js https://cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/banner.js https://cdn-cookieyes.com/client_data/ https://www.paypal.com/ https://js.stripe.com/ https://merchant-ui-api.stripe.com/ https://s3-us-west-2.amazonaws.com
content-length: 814
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: no-referrer
last-modified: Fri, 07 Jun 2024 16:19:42 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: application/javascript
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: geolocation=(self)
accept-ranges: bytes
expires: 0

GET
H2 200 jquery-3.7.1.min.js Show response
correos.travel.win/js/ 85 KB
87 KB 706ms
700ms Script
application/javascript 52.0.203.200
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://correos.travel.win/js/jquery-3.7.1.min.js

Requested by

Host: correos.travel.win
URL: https://correos.travel.win/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.0.203.200 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-0-203-200.compute-1.amazonaws.com

Software

Resource Hash

fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'nonce-IRnNpnNm1P0Dih6sjLpmf3fpufET03HX1AJQMmk91nM=' 'unsafe-eval' https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js https://www.googletagmanager.com/gtm.js https://www.googletagmanager.com/gtag/ ajax.cloudflare.com https://ajax.cloudflare.com https://img.ips.ms/gl.js https://www.dwin1.com/19038.js https://script.hotjar.com/* https://script.hotjar.com/ https://connect.facebook.net/en_US/fbevents.js https://cdn.jsdelivr.net/npm/daterangepicker/daterangepicker.min.js https://www.mczbf.com/tags/11157/tag.js https://connect.facebook.net/ https://maps.googleapis.com/ https://checkout-sdk.sezzle.com/checkout.min.js https://gateway.sezzle.com/ https://www.google-analytics.com https://optimize.google.com https://maps.googleapis.com https://maps.gstatic.com https://rum-static.pingdom.net/ https://static.hotjar.com/ https://.forter.com/ https://cdn.quilljs.com/ https://stackpath.bootstrapcdn.com/ .ggpht.com .googleapis.com https://.kaptcha.com https://ncr-front.marketplace.smartlink.valuedynamx.com https://qa-ncr-front.marketplace.smartlink.valuedynamx.com/ https://fonts.googleapis.com https://acsbapp.com/apps/app/dist/js/app.js https://accounts.google.com/* https://accounts.google.com/o/oauth2/auth https://cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/script.js https://cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/banner.js https://cdn-cookieyes.com/client_data/ https://www.paypal.com/ https://js.stripe.com/ https://merchant-ui-api.stripe.com/ https://s3-us-west-2.amazonaws.com
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Security-Policy	frame-ancestors self
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-content-security-policy: frame-ancestors self
date: Sun, 09 Jun 2024 11:32:44 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
x-content-type-options: nosniff
content-security-policy: script-src 'self' 'nonce-IRnNpnNm1P0Dih6sjLpmf3fpufET03HX1AJQMmk91nM=' 'unsafe-eval' https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js https://www.googletagmanager.com/gtm.js https://www.googletagmanager.com/gtag/ ajax.cloudflare.com https://ajax.cloudflare.com https://img.ips.ms/gl.js https://www.dwin1.com/19038.js https://script.hotjar.com/* https://script.hotjar.com/ https://connect.facebook.net/en_US/fbevents.js https://cdn.jsdelivr.net/npm/daterangepicker/daterangepicker.min.js https://www.mczbf.com/tags/11157/tag.js https://connect.facebook.net/ https://maps.googleapis.com/ https://checkout-sdk.sezzle.com/checkout.min.js https://gateway.sezzle.com/ https://www.google-analytics.com https://optimize.google.com https://maps.googleapis.com https://maps.gstatic.com https://rum-static.pingdom.net/ https://static.hotjar.com/ https://*.forter.com/ https://cdn.quilljs.com/ https://stackpath.bootstrapcdn.com/ *.ggpht.com *.googleapis.com https://*.kaptcha.com https://ncr-front.marketplace.smartlink.valuedynamx.com https://qa-ncr-front.marketplace.smartlink.valuedynamx.com/ https://fonts.googleapis.com https://acsbapp.com/apps/app/dist/js/app.js https://accounts.google.com/* https://accounts.google.com/o/oauth2/auth https://cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/script.js https://cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/banner.js https://cdn-cookieyes.com/client_data/ https://www.paypal.com/ https://js.stripe.com/ https://merchant-ui-api.stripe.com/ https://s3-us-west-2.amazonaws.com
content-length: 87533
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: no-referrer
last-modified: Fri, 07 Jun 2024 16:19:42 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: application/javascript
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: geolocation=(self)
accept-ranges: bytes
expires: 0

GET
H2 200 popper.min.js Show response
correos.travel.win/js/ 19 KB
21 KB 705ms
699ms Script
application/javascript 52.0.203.200
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://correos.travel.win/js/popper.min.js

Requested by

Host: correos.travel.win
URL: https://correos.travel.win/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.0.203.200 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-0-203-200.compute-1.amazonaws.com

Software

Resource Hash

5353f2b2a0fc4032834e44c622da9f519ca08b12252c849389fcf8fa60fe8c42

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'nonce-nX2JTwZElZ+viazdTP9CbledH5DFj1PPw09jE6OtWHo=' 'unsafe-eval' https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js https://www.googletagmanager.com/gtm.js https://www.googletagmanager.com/gtag/ ajax.cloudflare.com https://ajax.cloudflare.com https://img.ips.ms/gl.js https://www.dwin1.com/19038.js https://script.hotjar.com/* https://script.hotjar.com/ https://connect.facebook.net/en_US/fbevents.js https://cdn.jsdelivr.net/npm/daterangepicker/daterangepicker.min.js https://www.mczbf.com/tags/11157/tag.js https://connect.facebook.net/ https://maps.googleapis.com/ https://checkout-sdk.sezzle.com/checkout.min.js https://gateway.sezzle.com/ https://www.google-analytics.com https://optimize.google.com https://maps.googleapis.com https://maps.gstatic.com https://rum-static.pingdom.net/ https://static.hotjar.com/ https://.forter.com/ https://cdn.quilljs.com/ https://stackpath.bootstrapcdn.com/ .ggpht.com .googleapis.com https://.kaptcha.com https://ncr-front.marketplace.smartlink.valuedynamx.com https://qa-ncr-front.marketplace.smartlink.valuedynamx.com/ https://fonts.googleapis.com https://acsbapp.com/apps/app/dist/js/app.js https://accounts.google.com/* https://accounts.google.com/o/oauth2/auth https://cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/script.js https://cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/banner.js https://cdn-cookieyes.com/client_data/ https://www.paypal.com/ https://js.stripe.com/ https://merchant-ui-api.stripe.com/ https://s3-us-west-2.amazonaws.com
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Security-Policy	frame-ancestors self
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-content-security-policy: frame-ancestors self
date: Sun, 09 Jun 2024 11:32:44 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
x-content-type-options: nosniff
content-security-policy: script-src 'self' 'nonce-nX2JTwZElZ+viazdTP9CbledH5DFj1PPw09jE6OtWHo=' 'unsafe-eval' https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js https://www.googletagmanager.com/gtm.js https://www.googletagmanager.com/gtag/ ajax.cloudflare.com https://ajax.cloudflare.com https://img.ips.ms/gl.js https://www.dwin1.com/19038.js https://script.hotjar.com/* https://script.hotjar.com/ https://connect.facebook.net/en_US/fbevents.js https://cdn.jsdelivr.net/npm/daterangepicker/daterangepicker.min.js https://www.mczbf.com/tags/11157/tag.js https://connect.facebook.net/ https://maps.googleapis.com/ https://checkout-sdk.sezzle.com/checkout.min.js https://gateway.sezzle.com/ https://www.google-analytics.com https://optimize.google.com https://maps.googleapis.com https://maps.gstatic.com https://rum-static.pingdom.net/ https://static.hotjar.com/ https://*.forter.com/ https://cdn.quilljs.com/ https://stackpath.bootstrapcdn.com/ *.ggpht.com *.googleapis.com https://*.kaptcha.com https://ncr-front.marketplace.smartlink.valuedynamx.com https://qa-ncr-front.marketplace.smartlink.valuedynamx.com/ https://fonts.googleapis.com https://acsbapp.com/apps/app/dist/js/app.js https://accounts.google.com/* https://accounts.google.com/o/oauth2/auth https://cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/script.js https://cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/banner.js https://cdn-cookieyes.com/client_data/ https://www.paypal.com/ https://js.stripe.com/ https://merchant-ui-api.stripe.com/ https://s3-us-west-2.amazonaws.com
content-length: 19149
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: no-referrer
last-modified: Fri, 07 Jun 2024 16:19:42 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: application/javascript
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: geolocation=(self)
accept-ranges: bytes
expires: 0

GET
H2 200 analytics.js Show response
correos.travel.win/js/ 920 B
3 KB 637ms
632ms Script
application/javascript 52.0.203.200
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://correos.travel.win/js/analytics.js

Requested by

Host: correos.travel.win
URL: https://correos.travel.win/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.0.203.200 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-0-203-200.compute-1.amazonaws.com

Software

Resource Hash

6a398c0c51fef00c4a0e31d556500aba5764c68614aa47f97f3a9e0911521c79

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'nonce-3oBicob3jO19JcY7DSLXmIR3Miz8MmvjprXdHdV+FR0=' 'unsafe-eval' https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js https://www.googletagmanager.com/gtm.js https://www.googletagmanager.com/gtag/ ajax.cloudflare.com https://ajax.cloudflare.com https://img.ips.ms/gl.js https://www.dwin1.com/19038.js https://script.hotjar.com/* https://script.hotjar.com/ https://connect.facebook.net/en_US/fbevents.js https://cdn.jsdelivr.net/npm/daterangepicker/daterangepicker.min.js https://www.mczbf.com/tags/11157/tag.js https://connect.facebook.net/ https://maps.googleapis.com/ https://checkout-sdk.sezzle.com/checkout.min.js https://gateway.sezzle.com/ https://www.google-analytics.com https://optimize.google.com https://maps.googleapis.com https://maps.gstatic.com https://rum-static.pingdom.net/ https://static.hotjar.com/ https://.forter.com/ https://cdn.quilljs.com/ https://stackpath.bootstrapcdn.com/ .ggpht.com .googleapis.com https://.kaptcha.com https://ncr-front.marketplace.smartlink.valuedynamx.com https://qa-ncr-front.marketplace.smartlink.valuedynamx.com/ https://fonts.googleapis.com https://acsbapp.com/apps/app/dist/js/app.js https://accounts.google.com/* https://accounts.google.com/o/oauth2/auth https://cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/script.js https://cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/banner.js https://cdn-cookieyes.com/client_data/ https://www.paypal.com/ https://js.stripe.com/ https://merchant-ui-api.stripe.com/ https://s3-us-west-2.amazonaws.com
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Security-Policy	frame-ancestors self
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-content-security-policy: frame-ancestors self
date: Sun, 09 Jun 2024 11:32:44 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
x-content-type-options: nosniff
content-security-policy: script-src 'self' 'nonce-3oBicob3jO19JcY7DSLXmIR3Miz8MmvjprXdHdV+FR0=' 'unsafe-eval' https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js https://www.googletagmanager.com/gtm.js https://www.googletagmanager.com/gtag/ ajax.cloudflare.com https://ajax.cloudflare.com https://img.ips.ms/gl.js https://www.dwin1.com/19038.js https://script.hotjar.com/* https://script.hotjar.com/ https://connect.facebook.net/en_US/fbevents.js https://cdn.jsdelivr.net/npm/daterangepicker/daterangepicker.min.js https://www.mczbf.com/tags/11157/tag.js https://connect.facebook.net/ https://maps.googleapis.com/ https://checkout-sdk.sezzle.com/checkout.min.js https://gateway.sezzle.com/ https://www.google-analytics.com https://optimize.google.com https://maps.googleapis.com https://maps.gstatic.com https://rum-static.pingdom.net/ https://static.hotjar.com/ https://*.forter.com/ https://cdn.quilljs.com/ https://stackpath.bootstrapcdn.com/ *.ggpht.com *.googleapis.com https://*.kaptcha.com https://ncr-front.marketplace.smartlink.valuedynamx.com https://qa-ncr-front.marketplace.smartlink.valuedynamx.com/ https://fonts.googleapis.com https://acsbapp.com/apps/app/dist/js/app.js https://accounts.google.com/* https://accounts.google.com/o/oauth2/auth https://cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/script.js https://cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/banner.js https://cdn-cookieyes.com/client_data/ https://www.paypal.com/ https://js.stripe.com/ https://merchant-ui-api.stripe.com/ https://s3-us-west-2.amazonaws.com
content-length: 920
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: no-referrer
last-modified: Fri, 07 Jun 2024 16:19:42 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: application/javascript
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: geolocation=(self)
accept-ranges: bytes
expires: 0

GET
H2 200 chatModule.js Show response
correos.travel.win/js/ 4 KB
6 KB 704ms
699ms Script
application/javascript 52.0.203.200
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://correos.travel.win/js/chatModule.js

Requested by

Host: correos.travel.win
URL: https://correos.travel.win/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.0.203.200 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-0-203-200.compute-1.amazonaws.com

Software

Resource Hash

6d8c2cf19c1f849692c09b7b8fbdc5091e45e2004fd3c57b1e18d4fc75e30423

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'nonce-bHkMObEoicGPM5MYOKv8pI2O4n4WWzOEmxckyAQPLG4=' 'unsafe-eval' https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js https://www.googletagmanager.com/gtm.js https://www.googletagmanager.com/gtag/ ajax.cloudflare.com https://ajax.cloudflare.com https://img.ips.ms/gl.js https://www.dwin1.com/19038.js https://script.hotjar.com/* https://script.hotjar.com/ https://connect.facebook.net/en_US/fbevents.js https://cdn.jsdelivr.net/npm/daterangepicker/daterangepicker.min.js https://www.mczbf.com/tags/11157/tag.js https://connect.facebook.net/ https://maps.googleapis.com/ https://checkout-sdk.sezzle.com/checkout.min.js https://gateway.sezzle.com/ https://www.google-analytics.com https://optimize.google.com https://maps.googleapis.com https://maps.gstatic.com https://rum-static.pingdom.net/ https://static.hotjar.com/ https://.forter.com/ https://cdn.quilljs.com/ https://stackpath.bootstrapcdn.com/ .ggpht.com .googleapis.com https://.kaptcha.com https://ncr-front.marketplace.smartlink.valuedynamx.com https://qa-ncr-front.marketplace.smartlink.valuedynamx.com/ https://fonts.googleapis.com https://acsbapp.com/apps/app/dist/js/app.js https://accounts.google.com/* https://accounts.google.com/o/oauth2/auth https://cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/script.js https://cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/banner.js https://cdn-cookieyes.com/client_data/ https://www.paypal.com/ https://js.stripe.com/ https://merchant-ui-api.stripe.com/ https://s3-us-west-2.amazonaws.com
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Security-Policy	frame-ancestors self
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-content-security-policy: frame-ancestors self
date: Sun, 09 Jun 2024 11:32:44 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
x-content-type-options: nosniff
content-security-policy: script-src 'self' 'nonce-bHkMObEoicGPM5MYOKv8pI2O4n4WWzOEmxckyAQPLG4=' 'unsafe-eval' https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js https://www.googletagmanager.com/gtm.js https://www.googletagmanager.com/gtag/ ajax.cloudflare.com https://ajax.cloudflare.com https://img.ips.ms/gl.js https://www.dwin1.com/19038.js https://script.hotjar.com/* https://script.hotjar.com/ https://connect.facebook.net/en_US/fbevents.js https://cdn.jsdelivr.net/npm/daterangepicker/daterangepicker.min.js https://www.mczbf.com/tags/11157/tag.js https://connect.facebook.net/ https://maps.googleapis.com/ https://checkout-sdk.sezzle.com/checkout.min.js https://gateway.sezzle.com/ https://www.google-analytics.com https://optimize.google.com https://maps.googleapis.com https://maps.gstatic.com https://rum-static.pingdom.net/ https://static.hotjar.com/ https://*.forter.com/ https://cdn.quilljs.com/ https://stackpath.bootstrapcdn.com/ *.ggpht.com *.googleapis.com https://*.kaptcha.com https://ncr-front.marketplace.smartlink.valuedynamx.com https://qa-ncr-front.marketplace.smartlink.valuedynamx.com/ https://fonts.googleapis.com https://acsbapp.com/apps/app/dist/js/app.js https://accounts.google.com/* https://accounts.google.com/o/oauth2/auth https://cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/script.js https://cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/banner.js https://cdn-cookieyes.com/client_data/ https://www.paypal.com/ https://js.stripe.com/ https://merchant-ui-api.stripe.com/ https://s3-us-west-2.amazonaws.com
content-length: 3794
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: no-referrer
last-modified: Fri, 07 Jun 2024 16:19:42 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: application/javascript
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: geolocation=(self)
accept-ranges: bytes
expires: 0

GET
H3 200 bootstrap.min.js Show response
stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/ 57 KB
17 KB 37ms
21ms Script
application/javascript 104.18.10.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js

Requested by

Host: correos.travel.win
URL: https://correos.travel.win/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Origin: https://correos.travel.win
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 09 Jun 2024 11:32:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 1078
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 101286
cdn-cachedat: 03/18/2024 12:53:16
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:08 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"e1d98d47689e00f8ecbc5d9f61bdb42e"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: b209fbc59e8d8ed5cb4c1454ca39ef25
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 8910cd815af235fd-FRA
cdn-requestpullsuccess: True

GET
H2 200 forter.js Show response
media.travsrv.com/appSkins/64/v6/themes/global/ 8 KB
4 KB 80ms
39ms Script
text/javascript 2606:4700:3108::ac42:288b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://media.travsrv.com/appSkins/64/v6/themes/global/forter.js
Requested by: Host: correos.travel.win
URL: https://correos.travel.win/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:3108::ac42:288b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d54d610a683413f96e56caf901bc9cf509102f6152f88e93c6b9aceb455dd4c8

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 09 Jun 2024 11:32:44 GMT
x-amz-version-id: null
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: TXN64KV2Y919AV9Z
age: 316303
x-amz-server-side-encryption: AES256
x-amz-id-2: 15re9V+ZRWhxMJPgA9rbV0Py8N86noAiNyv16vCU92K6Hyd2XXt6ATgFpc6VTEtjji78Zml89RqVEMPNliUpETqMBWFJ9tSn
last-modified: Mon, 08 Jan 2024 15:20:45 GMT
server: cloudflare
etag: W/"2c6e2cbb9ebd06bca6a8478c43e0b3de"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cf-ray: 8910cd8179cf9180-FRA
expires: Mon, 09 Jun 2025 11:32:44 GMT

GET
H2 200 style.css
correos.travel.win/css/ 17 KB
19 KB 546ms
542ms Stylesheet
text/css 52.0.203.200
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://correos.travel.win/css/style.css

Requested by

Host: correos.travel.win
URL: https://correos.travel.win/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.0.203.200 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-0-203-200.compute-1.amazonaws.com

Software

Resource Hash

895b5ce4d99d1a90a087fe6748df79ff5f4070485f1f3d2dcdf0e622a84208e8

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'nonce-B9jxzRJS4su9ODeeMZM/bBRTIr3NS40ZG0R09sBOh8o=' 'unsafe-eval' https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js https://www.googletagmanager.com/gtm.js https://www.googletagmanager.com/gtag/ ajax.cloudflare.com https://ajax.cloudflare.com https://img.ips.ms/gl.js https://www.dwin1.com/19038.js https://script.hotjar.com/* https://script.hotjar.com/ https://connect.facebook.net/en_US/fbevents.js https://cdn.jsdelivr.net/npm/daterangepicker/daterangepicker.min.js https://www.mczbf.com/tags/11157/tag.js https://connect.facebook.net/ https://maps.googleapis.com/ https://checkout-sdk.sezzle.com/checkout.min.js https://gateway.sezzle.com/ https://www.google-analytics.com https://optimize.google.com https://maps.googleapis.com https://maps.gstatic.com https://rum-static.pingdom.net/ https://static.hotjar.com/ https://.forter.com/ https://cdn.quilljs.com/ https://stackpath.bootstrapcdn.com/ .ggpht.com .googleapis.com https://.kaptcha.com https://ncr-front.marketplace.smartlink.valuedynamx.com https://qa-ncr-front.marketplace.smartlink.valuedynamx.com/ https://fonts.googleapis.com https://acsbapp.com/apps/app/dist/js/app.js https://accounts.google.com/* https://accounts.google.com/o/oauth2/auth https://cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/script.js https://cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/banner.js https://cdn-cookieyes.com/client_data/ https://www.paypal.com/ https://js.stripe.com/ https://merchant-ui-api.stripe.com/ https://s3-us-west-2.amazonaws.com
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Security-Policy	frame-ancestors self
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-content-security-policy: frame-ancestors self
date: Sun, 09 Jun 2024 11:32:44 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
x-content-type-options: nosniff
content-security-policy: script-src 'self' 'nonce-B9jxzRJS4su9ODeeMZM/bBRTIr3NS40ZG0R09sBOh8o=' 'unsafe-eval' https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js https://www.googletagmanager.com/gtm.js https://www.googletagmanager.com/gtag/ ajax.cloudflare.com https://ajax.cloudflare.com https://img.ips.ms/gl.js https://www.dwin1.com/19038.js https://script.hotjar.com/* https://script.hotjar.com/ https://connect.facebook.net/en_US/fbevents.js https://cdn.jsdelivr.net/npm/daterangepicker/daterangepicker.min.js https://www.mczbf.com/tags/11157/tag.js https://connect.facebook.net/ https://maps.googleapis.com/ https://checkout-sdk.sezzle.com/checkout.min.js https://gateway.sezzle.com/ https://www.google-analytics.com https://optimize.google.com https://maps.googleapis.com https://maps.gstatic.com https://rum-static.pingdom.net/ https://static.hotjar.com/ https://*.forter.com/ https://cdn.quilljs.com/ https://stackpath.bootstrapcdn.com/ *.ggpht.com *.googleapis.com https://*.kaptcha.com https://ncr-front.marketplace.smartlink.valuedynamx.com https://qa-ncr-front.marketplace.smartlink.valuedynamx.com/ https://fonts.googleapis.com https://acsbapp.com/apps/app/dist/js/app.js https://accounts.google.com/* https://accounts.google.com/o/oauth2/auth https://cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/script.js https://cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/banner.js https://cdn-cookieyes.com/client_data/ https://www.paypal.com/ https://js.stripe.com/ https://merchant-ui-api.stripe.com/ https://s3-us-west-2.amazonaws.com
content-length: 17247
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: no-referrer
last-modified: Fri, 07 Jun 2024 16:19:42 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: text/css
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: geolocation=(self)
accept-ranges: bytes
expires: 0

GET
H2 200 bootstrap.css
correos.travel.win/css/bootstrap/ 193 KB
195 KB 546ms
542ms Stylesheet
text/css 52.0.203.200
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://correos.travel.win/css/bootstrap/bootstrap.css

Requested by

Host: correos.travel.win
URL: https://correos.travel.win/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.0.203.200 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-0-203-200.compute-1.amazonaws.com

Software

Resource Hash

c5721c0e4826005a78073948927ce45eb1c13353285e9f99d303a35fc583d135

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'nonce-sf40tQO46tJGjnOlURKyEaht5RVDaSCSaDJQSaiC6Ek=' 'unsafe-eval' https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js https://www.googletagmanager.com/gtm.js https://www.googletagmanager.com/gtag/ ajax.cloudflare.com https://ajax.cloudflare.com https://img.ips.ms/gl.js https://www.dwin1.com/19038.js https://script.hotjar.com/* https://script.hotjar.com/ https://connect.facebook.net/en_US/fbevents.js https://cdn.jsdelivr.net/npm/daterangepicker/daterangepicker.min.js https://www.mczbf.com/tags/11157/tag.js https://connect.facebook.net/ https://maps.googleapis.com/ https://checkout-sdk.sezzle.com/checkout.min.js https://gateway.sezzle.com/ https://www.google-analytics.com https://optimize.google.com https://maps.googleapis.com https://maps.gstatic.com https://rum-static.pingdom.net/ https://static.hotjar.com/ https://.forter.com/ https://cdn.quilljs.com/ https://stackpath.bootstrapcdn.com/ .ggpht.com .googleapis.com https://.kaptcha.com https://ncr-front.marketplace.smartlink.valuedynamx.com https://qa-ncr-front.marketplace.smartlink.valuedynamx.com/ https://fonts.googleapis.com https://acsbapp.com/apps/app/dist/js/app.js https://accounts.google.com/* https://accounts.google.com/o/oauth2/auth https://cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/script.js https://cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/banner.js https://cdn-cookieyes.com/client_data/ https://www.paypal.com/ https://js.stripe.com/ https://merchant-ui-api.stripe.com/ https://s3-us-west-2.amazonaws.com
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Security-Policy	frame-ancestors self
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-content-security-policy: frame-ancestors self
date: Sun, 09 Jun 2024 11:32:44 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
x-content-type-options: nosniff
content-security-policy: script-src 'self' 'nonce-sf40tQO46tJGjnOlURKyEaht5RVDaSCSaDJQSaiC6Ek=' 'unsafe-eval' https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js https://www.googletagmanager.com/gtm.js https://www.googletagmanager.com/gtag/ ajax.cloudflare.com https://ajax.cloudflare.com https://img.ips.ms/gl.js https://www.dwin1.com/19038.js https://script.hotjar.com/* https://script.hotjar.com/ https://connect.facebook.net/en_US/fbevents.js https://cdn.jsdelivr.net/npm/daterangepicker/daterangepicker.min.js https://www.mczbf.com/tags/11157/tag.js https://connect.facebook.net/ https://maps.googleapis.com/ https://checkout-sdk.sezzle.com/checkout.min.js https://gateway.sezzle.com/ https://www.google-analytics.com https://optimize.google.com https://maps.googleapis.com https://maps.gstatic.com https://rum-static.pingdom.net/ https://static.hotjar.com/ https://*.forter.com/ https://cdn.quilljs.com/ https://stackpath.bootstrapcdn.com/ *.ggpht.com *.googleapis.com https://*.kaptcha.com https://ncr-front.marketplace.smartlink.valuedynamx.com https://qa-ncr-front.marketplace.smartlink.valuedynamx.com/ https://fonts.googleapis.com https://acsbapp.com/apps/app/dist/js/app.js https://accounts.google.com/* https://accounts.google.com/o/oauth2/auth https://cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/script.js https://cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/banner.js https://cdn-cookieyes.com/client_data/ https://www.paypal.com/ https://js.stripe.com/ https://merchant-ui-api.stripe.com/ https://s3-us-west-2.amazonaws.com
content-length: 197230
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: no-referrer
last-modified: Fri, 07 Jun 2024 16:19:42 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: text/css
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: geolocation=(self)
accept-ranges: bytes
expires: 0

GET
H2 200 bootstrap-icons.css
correos.travel.win/css/ 93 KB
95 KB 545ms
541ms Stylesheet
text/css 52.0.203.200
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://correos.travel.win/css/bootstrap-icons.css

Requested by

Host: correos.travel.win
URL: https://correos.travel.win/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.0.203.200 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-0-203-200.compute-1.amazonaws.com

Software

Resource Hash

e8623ffb8964b867d2b2b27571db4c5030f283203e23ef2e280da984dbeae474

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'nonce-AdIgC55CEeL0Uw08daV5ZsJtxtvcwgGErHeL0prH29k=' 'unsafe-eval' https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js https://www.googletagmanager.com/gtm.js https://www.googletagmanager.com/gtag/ ajax.cloudflare.com https://ajax.cloudflare.com https://img.ips.ms/gl.js https://www.dwin1.com/19038.js https://script.hotjar.com/* https://script.hotjar.com/ https://connect.facebook.net/en_US/fbevents.js https://cdn.jsdelivr.net/npm/daterangepicker/daterangepicker.min.js https://www.mczbf.com/tags/11157/tag.js https://connect.facebook.net/ https://maps.googleapis.com/ https://checkout-sdk.sezzle.com/checkout.min.js https://gateway.sezzle.com/ https://www.google-analytics.com https://optimize.google.com https://maps.googleapis.com https://maps.gstatic.com https://rum-static.pingdom.net/ https://static.hotjar.com/ https://.forter.com/ https://cdn.quilljs.com/ https://stackpath.bootstrapcdn.com/ .ggpht.com .googleapis.com https://.kaptcha.com https://ncr-front.marketplace.smartlink.valuedynamx.com https://qa-ncr-front.marketplace.smartlink.valuedynamx.com/ https://fonts.googleapis.com https://acsbapp.com/apps/app/dist/js/app.js https://accounts.google.com/* https://accounts.google.com/o/oauth2/auth https://cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/script.js https://cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/banner.js https://cdn-cookieyes.com/client_data/ https://www.paypal.com/ https://js.stripe.com/ https://merchant-ui-api.stripe.com/ https://s3-us-west-2.amazonaws.com
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Security-Policy	frame-ancestors self
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-content-security-policy: frame-ancestors self
date: Sun, 09 Jun 2024 11:32:44 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
x-content-type-options: nosniff
content-security-policy: script-src 'self' 'nonce-AdIgC55CEeL0Uw08daV5ZsJtxtvcwgGErHeL0prH29k=' 'unsafe-eval' https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js https://www.googletagmanager.com/gtm.js https://www.googletagmanager.com/gtag/ ajax.cloudflare.com https://ajax.cloudflare.com https://img.ips.ms/gl.js https://www.dwin1.com/19038.js https://script.hotjar.com/* https://script.hotjar.com/ https://connect.facebook.net/en_US/fbevents.js https://cdn.jsdelivr.net/npm/daterangepicker/daterangepicker.min.js https://www.mczbf.com/tags/11157/tag.js https://connect.facebook.net/ https://maps.googleapis.com/ https://checkout-sdk.sezzle.com/checkout.min.js https://gateway.sezzle.com/ https://www.google-analytics.com https://optimize.google.com https://maps.googleapis.com https://maps.gstatic.com https://rum-static.pingdom.net/ https://static.hotjar.com/ https://*.forter.com/ https://cdn.quilljs.com/ https://stackpath.bootstrapcdn.com/ *.ggpht.com *.googleapis.com https://*.kaptcha.com https://ncr-front.marketplace.smartlink.valuedynamx.com https://qa-ncr-front.marketplace.smartlink.valuedynamx.com/ https://fonts.googleapis.com https://acsbapp.com/apps/app/dist/js/app.js https://accounts.google.com/* https://accounts.google.com/o/oauth2/auth https://cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/script.js https://cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/banner.js https://cdn-cookieyes.com/client_data/ https://www.paypal.com/ https://js.stripe.com/ https://merchant-ui-api.stripe.com/ https://s3-us-west-2.amazonaws.com
content-length: 95611
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: no-referrer
last-modified: Fri, 07 Jun 2024 16:19:42 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: text/css
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: geolocation=(self)
accept-ranges: bytes
expires: 0

GET
H2 200 Roboto-Regular.ttf
correos.travel.win/fonts/ 164 KB
166 KB 706ms
702ms Font
font/ttf 52.0.203.200
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://correos.travel.win/fonts/Roboto-Regular.ttf

Requested by

Host: correos.travel.win
URL: https://correos.travel.win/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.0.203.200 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-0-203-200.compute-1.amazonaws.com

Software

Resource Hash

4e147ab64b9fdf6d89d01f6b8c3ca0b3cddc59d608a8e2218f9a2504b5c98e14

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'nonce-DlUOKBl9ET2adYDhnDmFdEPfKcZzfAGBenOnYjBOrlo=' 'unsafe-eval' https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js https://www.googletagmanager.com/gtm.js https://www.googletagmanager.com/gtag/ ajax.cloudflare.com https://ajax.cloudflare.com https://img.ips.ms/gl.js https://www.dwin1.com/19038.js https://script.hotjar.com/* https://script.hotjar.com/ https://connect.facebook.net/en_US/fbevents.js https://cdn.jsdelivr.net/npm/daterangepicker/daterangepicker.min.js https://www.mczbf.com/tags/11157/tag.js https://connect.facebook.net/ https://maps.googleapis.com/ https://checkout-sdk.sezzle.com/checkout.min.js https://gateway.sezzle.com/ https://www.google-analytics.com https://optimize.google.com https://maps.googleapis.com https://maps.gstatic.com https://rum-static.pingdom.net/ https://static.hotjar.com/ https://.forter.com/ https://cdn.quilljs.com/ https://stackpath.bootstrapcdn.com/ .ggpht.com .googleapis.com https://.kaptcha.com https://ncr-front.marketplace.smartlink.valuedynamx.com https://qa-ncr-front.marketplace.smartlink.valuedynamx.com/ https://fonts.googleapis.com https://acsbapp.com/apps/app/dist/js/app.js https://accounts.google.com/* https://accounts.google.com/o/oauth2/auth https://cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/script.js https://cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/banner.js https://cdn-cookieyes.com/client_data/ https://www.paypal.com/ https://js.stripe.com/ https://merchant-ui-api.stripe.com/ https://s3-us-west-2.amazonaws.com
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Security-Policy	frame-ancestors self
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Origin: https://correos.travel.win
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-content-security-policy: frame-ancestors self
date: Sun, 09 Jun 2024 11:32:44 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
x-content-type-options: nosniff
content-security-policy: script-src 'self' 'nonce-DlUOKBl9ET2adYDhnDmFdEPfKcZzfAGBenOnYjBOrlo=' 'unsafe-eval' https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js https://www.googletagmanager.com/gtm.js https://www.googletagmanager.com/gtag/ ajax.cloudflare.com https://ajax.cloudflare.com https://img.ips.ms/gl.js https://www.dwin1.com/19038.js https://script.hotjar.com/* https://script.hotjar.com/ https://connect.facebook.net/en_US/fbevents.js https://cdn.jsdelivr.net/npm/daterangepicker/daterangepicker.min.js https://www.mczbf.com/tags/11157/tag.js https://connect.facebook.net/ https://maps.googleapis.com/ https://checkout-sdk.sezzle.com/checkout.min.js https://gateway.sezzle.com/ https://www.google-analytics.com https://optimize.google.com https://maps.googleapis.com https://maps.gstatic.com https://rum-static.pingdom.net/ https://static.hotjar.com/ https://*.forter.com/ https://cdn.quilljs.com/ https://stackpath.bootstrapcdn.com/ *.ggpht.com *.googleapis.com https://*.kaptcha.com https://ncr-front.marketplace.smartlink.valuedynamx.com https://qa-ncr-front.marketplace.smartlink.valuedynamx.com/ https://fonts.googleapis.com https://acsbapp.com/apps/app/dist/js/app.js https://accounts.google.com/* https://accounts.google.com/o/oauth2/auth https://cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/script.js https://cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/banner.js https://cdn-cookieyes.com/client_data/ https://www.paypal.com/ https://js.stripe.com/ https://merchant-ui-api.stripe.com/ https://s3-us-west-2.amazonaws.com
content-length: 168260
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: no-referrer
last-modified: Fri, 07 Jun 2024 16:19:42 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: font/ttf
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: geolocation=(self)
accept-ranges: bytes
expires: 0

GET
H2 200 Roboto-Bold.ttf
correos.travel.win/fonts/ 163 KB
165 KB 705ms
702ms Font
font/ttf 52.0.203.200
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://correos.travel.win/fonts/Roboto-Bold.ttf

Requested by

Host: correos.travel.win
URL: https://correos.travel.win/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.0.203.200 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-0-203-200.compute-1.amazonaws.com

Software

Resource Hash

ec685a46105296fe46c8744da4a11cf8118ba6c11271941766f7a546df6aa7c7

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'nonce-c7WGIhPcpkFVY9kYPlKce9GT5ClV5E6Z3RM2zSqdq00=' 'unsafe-eval' https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js https://www.googletagmanager.com/gtm.js https://www.googletagmanager.com/gtag/ ajax.cloudflare.com https://ajax.cloudflare.com https://img.ips.ms/gl.js https://www.dwin1.com/19038.js https://script.hotjar.com/* https://script.hotjar.com/ https://connect.facebook.net/en_US/fbevents.js https://cdn.jsdelivr.net/npm/daterangepicker/daterangepicker.min.js https://www.mczbf.com/tags/11157/tag.js https://connect.facebook.net/ https://maps.googleapis.com/ https://checkout-sdk.sezzle.com/checkout.min.js https://gateway.sezzle.com/ https://www.google-analytics.com https://optimize.google.com https://maps.googleapis.com https://maps.gstatic.com https://rum-static.pingdom.net/ https://static.hotjar.com/ https://.forter.com/ https://cdn.quilljs.com/ https://stackpath.bootstrapcdn.com/ .ggpht.com .googleapis.com https://.kaptcha.com https://ncr-front.marketplace.smartlink.valuedynamx.com https://qa-ncr-front.marketplace.smartlink.valuedynamx.com/ https://fonts.googleapis.com https://acsbapp.com/apps/app/dist/js/app.js https://accounts.google.com/* https://accounts.google.com/o/oauth2/auth https://cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/script.js https://cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/banner.js https://cdn-cookieyes.com/client_data/ https://www.paypal.com/ https://js.stripe.com/ https://merchant-ui-api.stripe.com/ https://s3-us-west-2.amazonaws.com
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Security-Policy	frame-ancestors self
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Origin: https://correos.travel.win
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-content-security-policy: frame-ancestors self
date: Sun, 09 Jun 2024 11:32:44 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
x-content-type-options: nosniff
content-security-policy: script-src 'self' 'nonce-c7WGIhPcpkFVY9kYPlKce9GT5ClV5E6Z3RM2zSqdq00=' 'unsafe-eval' https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js https://www.googletagmanager.com/gtm.js https://www.googletagmanager.com/gtag/ ajax.cloudflare.com https://ajax.cloudflare.com https://img.ips.ms/gl.js https://www.dwin1.com/19038.js https://script.hotjar.com/* https://script.hotjar.com/ https://connect.facebook.net/en_US/fbevents.js https://cdn.jsdelivr.net/npm/daterangepicker/daterangepicker.min.js https://www.mczbf.com/tags/11157/tag.js https://connect.facebook.net/ https://maps.googleapis.com/ https://checkout-sdk.sezzle.com/checkout.min.js https://gateway.sezzle.com/ https://www.google-analytics.com https://optimize.google.com https://maps.googleapis.com https://maps.gstatic.com https://rum-static.pingdom.net/ https://static.hotjar.com/ https://*.forter.com/ https://cdn.quilljs.com/ https://stackpath.bootstrapcdn.com/ *.ggpht.com *.googleapis.com https://*.kaptcha.com https://ncr-front.marketplace.smartlink.valuedynamx.com https://qa-ncr-front.marketplace.smartlink.valuedynamx.com/ https://fonts.googleapis.com https://acsbapp.com/apps/app/dist/js/app.js https://accounts.google.com/* https://accounts.google.com/o/oauth2/auth https://cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/script.js https://cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/banner.js https://cdn-cookieyes.com/client_data/ https://www.paypal.com/ https://js.stripe.com/ https://merchant-ui-api.stripe.com/ https://s3-us-west-2.amazonaws.com
content-length: 167336
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: no-referrer
last-modified: Fri, 07 Jun 2024 16:19:42 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: font/ttf
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: geolocation=(self)
accept-ranges: bytes
expires: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 189 KB
68 KB 79ms
38ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=GTM-TMF2H2JV

Requested by

Host: correos.travel.win
URL: https://correos.travel.win/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

04adad48aaeafce47caa4e3dd6c7a7ba8ca8195a6c401af5b88975dee4b689ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 09 Jun 2024 11:32:49 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 69233
x-xss-protection: 0
last-modified: Sun, 09 Jun 2024 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 09 Jun 2024 11:32:49 GMT

GET
H2 200 moment.min.js Show response
correos.travel.win/js/ 172 KB
174 KB 523ms
522ms Script
application/javascript 52.0.203.200
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://correos.travel.win/js/moment.min.js

Requested by

Host: correos.travel.win
URL: https://correos.travel.win/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.0.203.200 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-0-203-200.compute-1.amazonaws.com

Software

Resource Hash

7dc0a51c32dae143f2eade235145dfd6a7756388c0f0bf409fa373dd6c233629

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'nonce-WrsQQzgX0SbwwIyo2Dt5uHViYJ1GpFBW4BODOk4uuOI=' 'unsafe-eval' https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js https://www.googletagmanager.com/gtm.js https://www.googletagmanager.com/gtag/ ajax.cloudflare.com https://ajax.cloudflare.com https://img.ips.ms/gl.js https://www.dwin1.com/19038.js https://script.hotjar.com/* https://script.hotjar.com/ https://connect.facebook.net/en_US/fbevents.js https://cdn.jsdelivr.net/npm/daterangepicker/daterangepicker.min.js https://www.mczbf.com/tags/11157/tag.js https://connect.facebook.net/ https://maps.googleapis.com/ https://checkout-sdk.sezzle.com/checkout.min.js https://gateway.sezzle.com/ https://www.google-analytics.com https://optimize.google.com https://maps.googleapis.com https://maps.gstatic.com https://rum-static.pingdom.net/ https://static.hotjar.com/ https://.forter.com/ https://cdn.quilljs.com/ https://stackpath.bootstrapcdn.com/ .ggpht.com .googleapis.com https://.kaptcha.com https://ncr-front.marketplace.smartlink.valuedynamx.com https://qa-ncr-front.marketplace.smartlink.valuedynamx.com/ https://fonts.googleapis.com https://acsbapp.com/apps/app/dist/js/app.js https://accounts.google.com/* https://accounts.google.com/o/oauth2/auth https://cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/script.js https://cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/banner.js https://cdn-cookieyes.com/client_data/ https://www.paypal.com/ https://js.stripe.com/ https://merchant-ui-api.stripe.com/ https://s3-us-west-2.amazonaws.com
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Security-Policy	frame-ancestors self
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-content-security-policy: frame-ancestors self
date: Sun, 09 Jun 2024 11:32:44 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
x-content-type-options: nosniff
content-security-policy: script-src 'self' 'nonce-WrsQQzgX0SbwwIyo2Dt5uHViYJ1GpFBW4BODOk4uuOI=' 'unsafe-eval' https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js https://www.googletagmanager.com/gtm.js https://www.googletagmanager.com/gtag/ ajax.cloudflare.com https://ajax.cloudflare.com https://img.ips.ms/gl.js https://www.dwin1.com/19038.js https://script.hotjar.com/* https://script.hotjar.com/ https://connect.facebook.net/en_US/fbevents.js https://cdn.jsdelivr.net/npm/daterangepicker/daterangepicker.min.js https://www.mczbf.com/tags/11157/tag.js https://connect.facebook.net/ https://maps.googleapis.com/ https://checkout-sdk.sezzle.com/checkout.min.js https://gateway.sezzle.com/ https://www.google-analytics.com https://optimize.google.com https://maps.googleapis.com https://maps.gstatic.com https://rum-static.pingdom.net/ https://static.hotjar.com/ https://*.forter.com/ https://cdn.quilljs.com/ https://stackpath.bootstrapcdn.com/ *.ggpht.com *.googleapis.com https://*.kaptcha.com https://ncr-front.marketplace.smartlink.valuedynamx.com https://qa-ncr-front.marketplace.smartlink.valuedynamx.com/ https://fonts.googleapis.com https://acsbapp.com/apps/app/dist/js/app.js https://accounts.google.com/* https://accounts.google.com/o/oauth2/auth https://cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/script.js https://cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/banner.js https://cdn-cookieyes.com/client_data/ https://www.paypal.com/ https://js.stripe.com/ https://merchant-ui-api.stripe.com/ https://s3-us-west-2.amazonaws.com
content-length: 176435
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: no-referrer
last-modified: Fri, 07 Jun 2024 16:19:42 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: application/javascript
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: geolocation=(self)
accept-ranges: bytes
expires: 0

GET
H2 200 daterangepicker.js Show response
correos.travel.win/js/ 65 KB
67 KB 523ms
523ms Script
application/javascript 52.0.203.200
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://correos.travel.win/js/daterangepicker.js

Requested by

Host: correos.travel.win
URL: https://correos.travel.win/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.0.203.200 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-0-203-200.compute-1.amazonaws.com

Software

Resource Hash

12976cb2da883511669c17b79d22c703e78f113aa502fa7c734cfffa168b8b74

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'nonce-LBH7VoBsMrSQbUYbWoTsVVN4/EkKHg/DWs8j0oyMwRM=' 'unsafe-eval' https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js https://www.googletagmanager.com/gtm.js https://www.googletagmanager.com/gtag/ ajax.cloudflare.com https://ajax.cloudflare.com https://img.ips.ms/gl.js https://www.dwin1.com/19038.js https://script.hotjar.com/* https://script.hotjar.com/ https://connect.facebook.net/en_US/fbevents.js https://cdn.jsdelivr.net/npm/daterangepicker/daterangepicker.min.js https://www.mczbf.com/tags/11157/tag.js https://connect.facebook.net/ https://maps.googleapis.com/ https://checkout-sdk.sezzle.com/checkout.min.js https://gateway.sezzle.com/ https://www.google-analytics.com https://optimize.google.com https://maps.googleapis.com https://maps.gstatic.com https://rum-static.pingdom.net/ https://static.hotjar.com/ https://.forter.com/ https://cdn.quilljs.com/ https://stackpath.bootstrapcdn.com/ .ggpht.com .googleapis.com https://.kaptcha.com https://ncr-front.marketplace.smartlink.valuedynamx.com https://qa-ncr-front.marketplace.smartlink.valuedynamx.com/ https://fonts.googleapis.com https://acsbapp.com/apps/app/dist/js/app.js https://accounts.google.com/* https://accounts.google.com/o/oauth2/auth https://cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/script.js https://cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/banner.js https://cdn-cookieyes.com/client_data/ https://www.paypal.com/ https://js.stripe.com/ https://merchant-ui-api.stripe.com/ https://s3-us-west-2.amazonaws.com
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Security-Policy	frame-ancestors self
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-content-security-policy: frame-ancestors self
date: Sun, 09 Jun 2024 11:32:44 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
x-content-type-options: nosniff
content-security-policy: script-src 'self' 'nonce-LBH7VoBsMrSQbUYbWoTsVVN4/EkKHg/DWs8j0oyMwRM=' 'unsafe-eval' https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js https://www.googletagmanager.com/gtm.js https://www.googletagmanager.com/gtag/ ajax.cloudflare.com https://ajax.cloudflare.com https://img.ips.ms/gl.js https://www.dwin1.com/19038.js https://script.hotjar.com/* https://script.hotjar.com/ https://connect.facebook.net/en_US/fbevents.js https://cdn.jsdelivr.net/npm/daterangepicker/daterangepicker.min.js https://www.mczbf.com/tags/11157/tag.js https://connect.facebook.net/ https://maps.googleapis.com/ https://checkout-sdk.sezzle.com/checkout.min.js https://gateway.sezzle.com/ https://www.google-analytics.com https://optimize.google.com https://maps.googleapis.com https://maps.gstatic.com https://rum-static.pingdom.net/ https://static.hotjar.com/ https://*.forter.com/ https://cdn.quilljs.com/ https://stackpath.bootstrapcdn.com/ *.ggpht.com *.googleapis.com https://*.kaptcha.com https://ncr-front.marketplace.smartlink.valuedynamx.com https://qa-ncr-front.marketplace.smartlink.valuedynamx.com/ https://fonts.googleapis.com https://acsbapp.com/apps/app/dist/js/app.js https://accounts.google.com/* https://accounts.google.com/o/oauth2/auth https://cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/script.js https://cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/banner.js https://cdn-cookieyes.com/client_data/ https://www.paypal.com/ https://js.stripe.com/ https://merchant-ui-api.stripe.com/ https://s3-us-west-2.amazonaws.com
content-length: 66759
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: no-referrer
last-modified: Fri, 07 Jun 2024 16:19:42 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: application/javascript
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: geolocation=(self)
accept-ranges: bytes
expires: 0

GET
H2 200 bootstrap-datepicker.js Show response
correos.travel.win/js/ 57 KB
58 KB 560ms
559ms Script
application/javascript 52.0.203.200
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://correos.travel.win/js/bootstrap-datepicker.js

Requested by

Host: correos.travel.win
URL: https://correos.travel.win/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.0.203.200 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-0-203-200.compute-1.amazonaws.com

Software

Resource Hash

7722fd62abb67099b8d5fea97232f4aa6fda5dcb97f3a08268cae4a2391dfd35

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'nonce-ebeNbKsOEGXskTkZzE7oPT8/H+oHImYclYDjrCZdQjo=' 'unsafe-eval' https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js https://www.googletagmanager.com/gtm.js https://www.googletagmanager.com/gtag/ ajax.cloudflare.com https://ajax.cloudflare.com https://img.ips.ms/gl.js https://www.dwin1.com/19038.js https://script.hotjar.com/* https://script.hotjar.com/ https://connect.facebook.net/en_US/fbevents.js https://cdn.jsdelivr.net/npm/daterangepicker/daterangepicker.min.js https://www.mczbf.com/tags/11157/tag.js https://connect.facebook.net/ https://maps.googleapis.com/ https://checkout-sdk.sezzle.com/checkout.min.js https://gateway.sezzle.com/ https://www.google-analytics.com https://optimize.google.com https://maps.googleapis.com https://maps.gstatic.com https://rum-static.pingdom.net/ https://static.hotjar.com/ https://.forter.com/ https://cdn.quilljs.com/ https://stackpath.bootstrapcdn.com/ .ggpht.com .googleapis.com https://.kaptcha.com https://ncr-front.marketplace.smartlink.valuedynamx.com https://qa-ncr-front.marketplace.smartlink.valuedynamx.com/ https://fonts.googleapis.com https://acsbapp.com/apps/app/dist/js/app.js https://accounts.google.com/* https://accounts.google.com/o/oauth2/auth https://cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/script.js https://cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/banner.js https://cdn-cookieyes.com/client_data/ https://www.paypal.com/ https://js.stripe.com/ https://merchant-ui-api.stripe.com/ https://s3-us-west-2.amazonaws.com
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Security-Policy	frame-ancestors self
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-content-security-policy: frame-ancestors self
date: Sun, 09 Jun 2024 11:32:44 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
x-content-type-options: nosniff
content-security-policy: script-src 'self' 'nonce-ebeNbKsOEGXskTkZzE7oPT8/H+oHImYclYDjrCZdQjo=' 'unsafe-eval' https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js https://www.googletagmanager.com/gtm.js https://www.googletagmanager.com/gtag/ ajax.cloudflare.com https://ajax.cloudflare.com https://img.ips.ms/gl.js https://www.dwin1.com/19038.js https://script.hotjar.com/* https://script.hotjar.com/ https://connect.facebook.net/en_US/fbevents.js https://cdn.jsdelivr.net/npm/daterangepicker/daterangepicker.min.js https://www.mczbf.com/tags/11157/tag.js https://connect.facebook.net/ https://maps.googleapis.com/ https://checkout-sdk.sezzle.com/checkout.min.js https://gateway.sezzle.com/ https://www.google-analytics.com https://optimize.google.com https://maps.googleapis.com https://maps.gstatic.com https://rum-static.pingdom.net/ https://static.hotjar.com/ https://*.forter.com/ https://cdn.quilljs.com/ https://stackpath.bootstrapcdn.com/ *.ggpht.com *.googleapis.com https://*.kaptcha.com https://ncr-front.marketplace.smartlink.valuedynamx.com https://qa-ncr-front.marketplace.smartlink.valuedynamx.com/ https://fonts.googleapis.com https://acsbapp.com/apps/app/dist/js/app.js https://accounts.google.com/* https://accounts.google.com/o/oauth2/auth https://cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/script.js https://cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/banner.js https://cdn-cookieyes.com/client_data/ https://www.paypal.com/ https://js.stripe.com/ https://merchant-ui-api.stripe.com/ https://s3-us-west-2.amazonaws.com
content-length: 57896
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: no-referrer
last-modified: Fri, 07 Jun 2024 16:19:42 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: application/javascript
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: geolocation=(self)
accept-ranges: bytes
expires: 0

GET
H2 200 header.js Show response
correos.travel.win/js/ 941 B
3 KB 461ms
460ms Script
application/javascript 52.0.203.200
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://correos.travel.win/js/header.js

Requested by

Host: correos.travel.win
URL: https://correos.travel.win/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.0.203.200 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-0-203-200.compute-1.amazonaws.com

Software

Resource Hash

74550320673b42c3fe0b3f82cc1cd3ed039d4e053559f406d464e1babdccb1f5

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'nonce-h1OW5Pftm+vCdiZiIOXWuGTGsfChU3Qon3yxKBsLIxo=' 'unsafe-eval' https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js https://www.googletagmanager.com/gtm.js https://www.googletagmanager.com/gtag/ ajax.cloudflare.com https://ajax.cloudflare.com https://img.ips.ms/gl.js https://www.dwin1.com/19038.js https://script.hotjar.com/* https://script.hotjar.com/ https://connect.facebook.net/en_US/fbevents.js https://cdn.jsdelivr.net/npm/daterangepicker/daterangepicker.min.js https://www.mczbf.com/tags/11157/tag.js https://connect.facebook.net/ https://maps.googleapis.com/ https://checkout-sdk.sezzle.com/checkout.min.js https://gateway.sezzle.com/ https://www.google-analytics.com https://optimize.google.com https://maps.googleapis.com https://maps.gstatic.com https://rum-static.pingdom.net/ https://static.hotjar.com/ https://.forter.com/ https://cdn.quilljs.com/ https://stackpath.bootstrapcdn.com/ .ggpht.com .googleapis.com https://.kaptcha.com https://ncr-front.marketplace.smartlink.valuedynamx.com https://qa-ncr-front.marketplace.smartlink.valuedynamx.com/ https://fonts.googleapis.com https://acsbapp.com/apps/app/dist/js/app.js https://accounts.google.com/* https://accounts.google.com/o/oauth2/auth https://cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/script.js https://cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/banner.js https://cdn-cookieyes.com/client_data/ https://www.paypal.com/ https://js.stripe.com/ https://merchant-ui-api.stripe.com/ https://s3-us-west-2.amazonaws.com
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Security-Policy	frame-ancestors self
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-content-security-policy: frame-ancestors self
date: Sun, 09 Jun 2024 11:32:44 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
x-content-type-options: nosniff
content-security-policy: script-src 'self' 'nonce-h1OW5Pftm+vCdiZiIOXWuGTGsfChU3Qon3yxKBsLIxo=' 'unsafe-eval' https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js https://www.googletagmanager.com/gtm.js https://www.googletagmanager.com/gtag/ ajax.cloudflare.com https://ajax.cloudflare.com https://img.ips.ms/gl.js https://www.dwin1.com/19038.js https://script.hotjar.com/* https://script.hotjar.com/ https://connect.facebook.net/en_US/fbevents.js https://cdn.jsdelivr.net/npm/daterangepicker/daterangepicker.min.js https://www.mczbf.com/tags/11157/tag.js https://connect.facebook.net/ https://maps.googleapis.com/ https://checkout-sdk.sezzle.com/checkout.min.js https://gateway.sezzle.com/ https://www.google-analytics.com https://optimize.google.com https://maps.googleapis.com https://maps.gstatic.com https://rum-static.pingdom.net/ https://static.hotjar.com/ https://*.forter.com/ https://cdn.quilljs.com/ https://stackpath.bootstrapcdn.com/ *.ggpht.com *.googleapis.com https://*.kaptcha.com https://ncr-front.marketplace.smartlink.valuedynamx.com https://qa-ncr-front.marketplace.smartlink.valuedynamx.com/ https://fonts.googleapis.com https://acsbapp.com/apps/app/dist/js/app.js https://accounts.google.com/* https://accounts.google.com/o/oauth2/auth https://cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/script.js https://cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/banner.js https://cdn-cookieyes.com/client_data/ https://www.paypal.com/ https://js.stripe.com/ https://merchant-ui-api.stripe.com/ https://s3-us-west-2.amazonaws.com
content-length: 941
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: no-referrer
last-modified: Fri, 07 Jun 2024 16:19:42 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: application/javascript
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: geolocation=(self)
accept-ranges: bytes
expires: 0

GET
H2 200 44_Correos%20Travel%20Logo%201%202024-04-23%20at%2011.12.16%20AM.png
siteimages.travel.win/ 194 KB
194 KB 527ms
457ms Image
image/png 2600:9000:275d:6200:14:503f:7d40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://siteimages.travel.win/44_Correos%20Travel%20Logo%201%202024-04-23%20at%2011.12.16%20AM.png
Requested by: Host: correos.travel.win
URL: https://correos.travel.win/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275d:6200:14:503f:7d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1975041d83cb06ead6a87e352acd72dbb5d98147eac2f586422e662bbca26a62

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: null
date: Sun, 09 Jun 2024 11:32:46 GMT
via: 1.1 8614f084c2572336b13eed108c40e01e.cloudfront.net (CloudFront)
last-modified: Tue, 23 Apr 2024 16:13:35 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P11
x-amz-server-side-encryption: AES256
etag: "d2ca020e0bcfc0c91229b1021efc99bb"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: image/png
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 198365
x-amz-cf-id: jDcjaXHR7O0YOynvF7pkbdnlPBzSDhP6LDy40HXk3E6piCpXSVuCdQ==

GET
H2 200 godo-video-preview.png
images.travel.win/godo/ 907 KB
909 KB 106ms
27ms Image
image/png 2600:9000:20eb:d000:5:8133:e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.travel.win/godo/godo-video-preview.png
Requested by: Host: correos.travel.win
URL: https://correos.travel.win/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:d000:5:8133:e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 013fc5fff54274dee8838e96f7f67a882873c945eec5224a075ebe4078fc2ad8

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: GUTAxLC2sUbNJyfzFG1_Uk6ZVqp5_3dA
date: Sat, 08 Jun 2024 16:44:32 GMT
via: 1.1 8f20db43ba7579b7216cf908572d5054.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
age: 67694
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 929019
last-modified: Tue, 24 Jan 2023 14:02:51 GMT
server: AmazonS3
etag: "68b11cbf8d0dbb08a8f49fa70bdab78a"
vary: Accept-Encoding
content-type: image/png
accept-ranges: bytes
x-amz-cf-id: wpURy2HllHboy0s85sGpiSi3AKbEFwgxHlB8aWTp-7z9ASpGtmEUHw==

GET
H/1.1 200
OK hotelIcon_small.svg
travelwinimages.s3.us-east-2.amazonaws.com/ 5 KB
5 KB 375ms
127ms Image
image/svg+xml 3.5.129.145
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://travelwinimages.s3.us-east-2.amazonaws.com/hotelIcon_small.svg
Requested by: Host: correos.travel.win
URL: https://correos.travel.win/
Protocol: HTTP/1.1
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 3.5.129.145 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-r-w.us-east-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 210f6648c476a17b5c19dd11083e62eddc195785be23b2f93ec3469344a4944d

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sun, 09 Jun 2024 11:32:46 GMT
x-amz-version-id: QnhU4sMqVuSehSOn4M5tRmz1Nmdjwkyl
Last-Modified: Thu, 03 Nov 2022 13:13:52 GMT
Server: AmazonS3
x-amz-request-id: 87Z4CDQ4D07XC7HV
ETag: "d1fb89149727f7519b7f206bcb21835a"
Content-Type: image/svg+xml
x-amz-replication-status: FAILED
Accept-Ranges: bytes
Content-Length: 4975
x-amz-id-2: 7TBHH5zFqrXZHOJHre+CjjQQmKcC/wT2aD9/ZZRZJyKhwgynkFywnbb3qG6uXPpMELWrQSZkKdihiTG9KBDqNg==

GET
H/1.1 200
OK markup_small.svg
travelwinimages.s3.us-east-2.amazonaws.com/ 3 KB
4 KB 384ms
122ms Image
image/svg+xml 3.5.129.145
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://travelwinimages.s3.us-east-2.amazonaws.com/markup_small.svg
Requested by: Host: correos.travel.win
URL: https://correos.travel.win/
Protocol: HTTP/1.1
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 3.5.129.145 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-r-w.us-east-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 45358c5db2cf827d440e10b7b55e662ec21ae94eca03f7fdb15e6c1af05cfa46

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sun, 09 Jun 2024 11:32:46 GMT
x-amz-version-id: EQTzdTcSLD4uGES.d0PCEWdq7gCi8mqk
Last-Modified: Thu, 03 Nov 2022 13:13:48 GMT
Server: AmazonS3
x-amz-request-id: 87Z2Z4JT1HWNK4SY
ETag: "04c80cb9538b269e03b75bb501b86fd9"
Content-Type: image/svg+xml
x-amz-replication-status: FAILED
Accept-Ranges: bytes
Content-Length: 3174
x-amz-id-2: EOz+cPMsauPoN0/I3F1BXVd7DgOWMfikB0egzZoS/10AwBAgkc3QiNyOo5iK94zVqiQpbg/s53SFoye0fqKSBw==

GET
H/1.1 200
OK cash_small.svg
travelwinimages.s3.us-east-2.amazonaws.com/ 2 KB
2 KB 120ms
119ms Image
image/svg+xml 3.5.129.145
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://travelwinimages.s3.us-east-2.amazonaws.com/cash_small.svg
Requested by: Host: correos.travel.win
URL: https://correos.travel.win/
Protocol: HTTP/1.1
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 3.5.129.145 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-r-w.us-east-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 4e45e3298e1d175b44bc34854a52c532fd6c78c6b206ae74072cc4071ab9dfda

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sun, 09 Jun 2024 11:32:50 GMT
x-amz-version-id: KH66Z679VQV1GuTQY13IH_lLKzhYMOu9
Last-Modified: Thu, 03 Nov 2022 13:13:45 GMT
Server: AmazonS3
x-amz-request-id: 34BRV9DC0J069ETK
ETag: "680fc4cd417783e19eb33d2db07155f0"
Content-Type: image/svg+xml
x-amz-replication-status: FAILED
Accept-Ranges: bytes
Content-Length: 1784
x-amz-id-2: RVGoZDlnIXAW5KFC5hISy4pgQX4MYm5yaMtRjXQWhCcwXHcyBayx4INHASFa07PWUYWmnOq18c/Y/x0NRbDx9Q==

GET
H2 200 0_JenniferLopez1-2.png
siteimages.travel.win/ 192 KB
193 KB 16ms
8ms Image
image/png 2600:9000:275d:6200:14:503f:7d40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://siteimages.travel.win/0_JenniferLopez1-2.png
Requested by: Host: correos.travel.win
URL: https://correos.travel.win/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275d:6200:14:503f:7d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4d85e6134ab9f3aaf5a0b111d70ce6e6d353a086af3890ecfd0345dc9e4f2d00

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 19:04:24 GMT
via: 1.1 8614f084c2572336b13eed108c40e01e.cloudfront.net (CloudFront)
last-modified: Tue, 23 May 2023 15:59:31 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P11
age: 59306
x-amz-server-side-encryption: AES256
etag: "03ef4e216d3ab1c3a41ae437e2eb238d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 196539
x-amz-cf-id: MmNg1LeKv_Du2LrNjJPIPAqhzJ-9RErlUgIdQsBYjZgHj-x_qqM2ow==

GET
H2 200 GettyImages-155379130_reduced.jpg
images.travel.win/ 208 KB
209 KB 26ms
19ms Image
image/jpeg 2600:9000:20eb:d000:5:8133:e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.travel.win/GettyImages-155379130_reduced.jpg
Requested by: Host: correos.travel.win
URL: https://correos.travel.win/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:d000:5:8133:e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b08948630f2da127f1f8e40ac884aac8dc7304404eba813f6e3e32fdbbabb3d3

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: VV_v4v8JKUTu4U4sNCbxR9B1uwxIZGdk
date: Sat, 08 Jun 2024 19:51:48 GMT
via: 1.1 8f20db43ba7579b7216cf908572d5054.cloudfront.net (CloudFront)
last-modified: Mon, 08 Feb 2021 15:41:45 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
age: 56462
etag: "752596b445a68e9b79eab9c21d3efd58"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 213426
x-amz-cf-id: Tr-hIpG0LO1OcN5yogavrW3RHIsld6fhkoYfDheYpBmg_Fn-hO8KIA==

GET
H2 200 tw-footer-logo%402x.png
images.travel.win/ 17 KB
18 KB 15ms
9ms Image
image/png 2600:9000:20eb:d000:5:8133:e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.travel.win/tw-footer-logo%402x.png
Requested by: Host: correos.travel.win
URL: https://correos.travel.win/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:d000:5:8133:e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 09b1ac6f707b78a8a6f8336ed116048bb1649c420a404abfed793600ff4247b3

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: qvhkmb2IxDL3Ut8jYg3KpnMLorTN8K9s
date: Sat, 08 Jun 2024 17:19:56 GMT
via: 1.1 8f20db43ba7579b7216cf908572d5054.cloudfront.net (CloudFront)
last-modified: Tue, 24 Jan 2023 13:34:05 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
age: 65574
x-amz-server-side-encryption: AES256
etag: "ed77a6ee15e8401e2181a2d00922fb52"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 17734
x-amz-cf-id: atWuu9J_ueCLZV5fBbcWsZJCWr1fUp3ZWXFniBqWyuyxB5NXHTHyvg==

GET
H2 200 script.js Show response
cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/ 97 KB
34 KB 127ms
74ms Script
application/javascript 2606:4700:10::6816:3a5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/script.js
Requested by: Host: correos.travel.win
URL: https://correos.travel.win/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3a5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 75780bb49ddeb755aa28aa946e06135a3392911355bb50ab94c06911ec9e0d0c

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 09 Jun 2024 11:32:45 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 04 Jun 2024 20:10:50 GMT
server: cloudflare
etag: "182f2-61a160bd229b2-gzip"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=0, must-revalidate, s-maxage=604800, proxy-revalidate
accept-ranges: bytes
cf-ray: 8910cd8a79a535fa-FRA
content-length: 34318

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 219 KB
59 KB 35ms
8ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: correos.travel.win
URL: https://correos.travel.win/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

83ebe8170b3b5dda2d20a80fe205ec14e1f8cb19ed40cfe73d480087b588e56c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 09 Jun 2024 11:32:49 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57975
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=12, mss=1297, tbw=2790, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: CI3YrpYdv+fxc9JmDYLhaMCPD8B4P3028066NhuzBCwRaGeB1kvFckXuCnUNbCktIFBjVlQeCwNovGqiOjqlEA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 hotjar-3377341.js Show response
static.hotjar.com/c/ 9 KB
4 KB 99ms
48ms Script
application/javascript 18.66.102.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-3377341.js?sv=6

Requested by

Host: correos.travel.win
URL: https://correos.travel.win/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.102.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-102-11.fra56.r.cloudfront.net

Software

Resource Hash

f1f2ab18e0d53989dfe257e19d5c5d9b908d3ccbc6d93e829d9d74ffae684e2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 09 Jun 2024 11:32:49 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 c387974a86541bbcc6c5141a85eeaf36.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
etag: W/89da9dbb0e1f112e27aff516245a64db
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=60
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
x-amz-cf-id: s0ok_hM-4ei4j4kDOfEy7U_hrv6rEel7yVcs3oprOpQraa8aVCRFig==

GET
H2 200 script.js Show response
f12dab486be1.cdn4.forter.com/sn/f12dab486be1/ 324 KB
153 KB 47ms
9ms Script
application/javascript 2600:9000:2644:3e00:f:1b37:e600:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://f12dab486be1.cdn4.forter.com/sn/f12dab486be1/script.js

Requested by

Host: media.travsrv.com
URL: https://media.travsrv.com/appSkins/64/v6/themes/global/forter.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2644:3e00:f:1b37:e600:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

883c18e4c59098f5bc9083f30ea61665c96d7e581f12f70be11aa09d45cae783

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 09 Jun 2024 11:32:49 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
via: 1.1 e221f111ed3ebc025b531e81056d37a4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P6
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Sun, 09 Jun 2024 08:34:00 GMT
x-sourcemap: https://cdn4.forter.com/map/suid/f12dab486be1/35069369593
etag: W/"8658a8faecd2d5b0b0717c31831ecd9e"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, immutable, max-age=600
timing-allow-origin: *
x-amz-cf-id: fUvqqrMX1IqGDBOafcEXr_2ignxAzfy4HWHyuFlhPeG7IGip9sdDBw==

GET
H2 200 44_Correos%20Travel%20Logo%201%202024-04-23%20at%2011.12.16%20AM.png
siteimages.travel.win/ 194 KB
0 0ms
0ms Image
image/png 2600:9000:275d:6200:14:503f:7d40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://siteimages.travel.win/44_Correos%20Travel%20Logo%201%202024-04-23%20at%2011.12.16%20AM.png
Requested by: Host: correos.travel.win
URL: https://correos.travel.win/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275d:6200:14:503f:7d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1975041d83cb06ead6a87e352acd72dbb5d98147eac2f586422e662bbca26a62

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: null
date: Sun, 09 Jun 2024 11:32:46 GMT
via: 1.1 8614f084c2572336b13eed108c40e01e.cloudfront.net (CloudFront)
last-modified: Tue, 23 Apr 2024 16:13:35 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P11
x-amz-server-side-encryption: AES256
etag: "d2ca020e0bcfc0c91229b1021efc99bb"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: image/png
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 198365
x-amz-cf-id: jDcjaXHR7O0YOynvF7pkbdnlPBzSDhP6LDy40HXk3E6piCpXSVuCdQ==

GET
H2 200 bootstrap-icons.woff2
correos.travel.win/fonts/ 118 KB
120 KB 95ms
95ms Font
font/woff2 52.0.203.200
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://correos.travel.win/fonts/bootstrap-icons.woff2?24e3eb84d0bcaf83d77f904c78ac1f47

Requested by

Host: correos.travel.win
URL: https://correos.travel.win/css/bootstrap-icons.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.0.203.200 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-0-203-200.compute-1.amazonaws.com

Software

Resource Hash

966620f9e3bec428663687f9e8d67a6b8e35d79adebf6fb204e9b139eada7599

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'nonce-uZzSBAvX3nErBnV2OB5adRfMCivmiXsP7/MRJkBhw80=' 'unsafe-eval' https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js https://www.googletagmanager.com/gtm.js https://www.googletagmanager.com/gtag/ ajax.cloudflare.com https://ajax.cloudflare.com https://img.ips.ms/gl.js https://www.dwin1.com/19038.js https://script.hotjar.com/* https://script.hotjar.com/ https://connect.facebook.net/en_US/fbevents.js https://cdn.jsdelivr.net/npm/daterangepicker/daterangepicker.min.js https://www.mczbf.com/tags/11157/tag.js https://connect.facebook.net/ https://maps.googleapis.com/ https://checkout-sdk.sezzle.com/checkout.min.js https://gateway.sezzle.com/ https://www.google-analytics.com https://optimize.google.com https://maps.googleapis.com https://maps.gstatic.com https://rum-static.pingdom.net/ https://static.hotjar.com/ https://.forter.com/ https://cdn.quilljs.com/ https://stackpath.bootstrapcdn.com/ .ggpht.com .googleapis.com https://.kaptcha.com https://ncr-front.marketplace.smartlink.valuedynamx.com https://qa-ncr-front.marketplace.smartlink.valuedynamx.com/ https://fonts.googleapis.com https://acsbapp.com/apps/app/dist/js/app.js https://accounts.google.com/* https://accounts.google.com/o/oauth2/auth https://cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/script.js https://cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/banner.js https://cdn-cookieyes.com/client_data/ https://www.paypal.com/ https://js.stripe.com/ https://merchant-ui-api.stripe.com/ https://s3-us-west-2.amazonaws.com
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Security-Policy	frame-ancestors self
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Origin: https://correos.travel.win
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-content-security-policy: frame-ancestors self
date: Sun, 09 Jun 2024 11:32:49 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
x-content-type-options: nosniff
content-security-policy: script-src 'self' 'nonce-uZzSBAvX3nErBnV2OB5adRfMCivmiXsP7/MRJkBhw80=' 'unsafe-eval' https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js https://www.googletagmanager.com/gtm.js https://www.googletagmanager.com/gtag/ ajax.cloudflare.com https://ajax.cloudflare.com https://img.ips.ms/gl.js https://www.dwin1.com/19038.js https://script.hotjar.com/* https://script.hotjar.com/ https://connect.facebook.net/en_US/fbevents.js https://cdn.jsdelivr.net/npm/daterangepicker/daterangepicker.min.js https://www.mczbf.com/tags/11157/tag.js https://connect.facebook.net/ https://maps.googleapis.com/ https://checkout-sdk.sezzle.com/checkout.min.js https://gateway.sezzle.com/ https://www.google-analytics.com https://optimize.google.com https://maps.googleapis.com https://maps.gstatic.com https://rum-static.pingdom.net/ https://static.hotjar.com/ https://*.forter.com/ https://cdn.quilljs.com/ https://stackpath.bootstrapcdn.com/ *.ggpht.com *.googleapis.com https://*.kaptcha.com https://ncr-front.marketplace.smartlink.valuedynamx.com https://qa-ncr-front.marketplace.smartlink.valuedynamx.com/ https://fonts.googleapis.com https://acsbapp.com/apps/app/dist/js/app.js https://accounts.google.com/* https://accounts.google.com/o/oauth2/auth https://cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/script.js https://cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/banner.js https://cdn-cookieyes.com/client_data/ https://www.paypal.com/ https://js.stripe.com/ https://merchant-ui-api.stripe.com/ https://s3-us-west-2.amazonaws.com
content-length: 121296
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: no-referrer
last-modified: Fri, 07 Jun 2024 16:19:42 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: font/woff2
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: geolocation=(self)
accept-ranges: bytes
expires: 0

GET
H2 200 GettyImages-155379130_reduced.jpg
images.travel.win/ 208 KB
0 0ms
0ms Image
image/jpeg 2600:9000:20eb:d000:5:8133:e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.travel.win/GettyImages-155379130_reduced.jpg
Requested by: Host: correos.travel.win
URL: https://correos.travel.win/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:d000:5:8133:e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b08948630f2da127f1f8e40ac884aac8dc7304404eba813f6e3e32fdbbabb3d3

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: VV_v4v8JKUTu4U4sNCbxR9B1uwxIZGdk
date: Sat, 08 Jun 2024 19:51:48 GMT
via: 1.1 8f20db43ba7579b7216cf908572d5054.cloudfront.net (CloudFront)
last-modified: Mon, 08 Feb 2021 15:41:45 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
age: 56462
etag: "752596b445a68e9b79eab9c21d3efd58"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 213426
x-amz-cf-id: Tr-hIpG0LO1OcN5yogavrW3RHIsld6fhkoYfDheYpBmg_Fn-hO8KIA==

POST
H2 200 log
log.cookieyes.com/api/v1/ 2 B
153 B 91ms
29ms Ping
text/plain 52.31.17.134
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://log.cookieyes.com/api/v1/log
Requested by: Host: cdn-cookieyes.com
URL: https://cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.17.134 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-31-17-134.eu-west-1.compute.amazonaws.com
Software: / Express
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryKS6017CErcPOhqzs

Response headers

access-control-allow-origin: *
date: Sun, 09 Jun 2024 11:32:49 GMT
x-powered-by: Express
content-length: 2
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
content-type: text/plain; charset=utf-8

GET
H2 200 banner.js Show response
cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/ 100 KB
33 KB 36ms
36ms Script
application/javascript 2606:4700:10::6816:3a5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/banner.js
Requested by: Host: cdn-cookieyes.com
URL: https://cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3a5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2481ff8a4ab61a7cb4403d88a7a6269c610d40dc8ec1e23f0d6eed7d718ca442

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 09 Jun 2024 11:32:49 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 04 Jun 2024 20:10:50 GMT
server: cloudflare
etag: "18e85-61a160bd21a12-gzip"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=0, must-revalidate, s-maxage=604800, proxy-revalidate
accept-ranges: bytes
cf-ray: 8910cd9fff9f35fa-FRA
content-length: 33416

GET
H2 200 IMG_5063.jpeg
locationimages.travel.win/ 158 KB
159 KB 522ms
461ms Image
image/jpeg 2600:9000:2761:5e00:d:4445:fe80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://locationimages.travel.win/IMG_5063.jpeg
Requested by: Host: correos.travel.win
URL: https://correos.travel.win/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2761:5e00:d:4445:fe80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d0aa6b0a69b25b4dd1ea2d634fc7e432a93637c8df4d97ec9ea932b814400f27

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://correos.travel.win/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: 2Kmz.mlK0eXObX_VqdcG7m8rmi8Nbj.W
date: Sun, 09 Jun 2024 11:32:50 GMT
via: 1.1 fc3eb7fa4cd190aa982f25199966ad5a.cloudfront.net (CloudFront)
last-modified: Mon, 06 Feb 2023 15:22:40 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P8
x-amz-server-side-encryption: AES256
etag: "40f347800efb23f31e3d552bf8a2dbcb"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 162011
x-amz-cf-id: ZqQAH6oelsYxIhu16q_8e519-BjWNtHThovy58AL40waHFsQRgDkYQ==

GET
H2 200 madrid_med.jpeg
locationimages.travel.win/ 73 KB
73 KB 583ms
523ms Image
image/jpeg 2600:9000:2761:5e00:d:4445:fe80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://locationimages.travel.win/madrid_med.jpeg
Requested by: Host: correos.travel.win
URL: https://correos.travel.win/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2761:5e00:d:4445:fe80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fa2755650e71be9248da7a8372c4b89dc7e35710c0864ca0f83de241c468b291

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://correos.travel.win/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: PP6Jjht2ja3OfeKIu0nMiwrdhut31Hbj
date: Sun, 09 Jun 2024 11:32:50 GMT
via: 1.1 fc3eb7fa4cd190aa982f25199966ad5a.cloudfront.net (CloudFront)
last-modified: Thu, 26 Jan 2023 12:10:53 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P8
x-amz-server-side-encryption: AES256
etag: "be8b957271e44da611301c4f1c0eedce"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 74350
x-amz-cf-id: J-99pk0cC92GtUaGOOULdqupqbJi1dYY_DMZspclHWdbqnMcGcYikA==

GET
H2 200 malaga5.jpeg
locationimages.travel.win/ 205 KB
205 KB 569ms
509ms Image
image/jpeg 2600:9000:2761:5e00:d:4445:fe80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://locationimages.travel.win/malaga5.jpeg
Requested by: Host: correos.travel.win
URL: https://correos.travel.win/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2761:5e00:d:4445:fe80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4716f928c2078d60e0de09a9cdfbbaac3f84c82ac62a26c5cc2f9a1869c97d09

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://correos.travel.win/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: GuGoNXBvQghYvDoHduZfpN8vR9PVJv27
date: Sun, 09 Jun 2024 11:32:50 GMT
via: 1.1 fc3eb7fa4cd190aa982f25199966ad5a.cloudfront.net (CloudFront)
last-modified: Thu, 02 Feb 2023 15:44:09 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P8
x-amz-server-side-encryption: AES256
etag: "714075d2af42183c5eef2ad1b104245e"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 209770
x-amz-cf-id: 9NLGYfcZ_9Lfh4znmDwrk0mYaY8WPkc02-YM9Ge3ClUvgRZdPX0HTQ==

GET
H2 200 945945145_0.jpg
media.travsrv.com/246572/ 89 KB
90 KB 159ms
157ms Image
image/jpeg 2606:4700:3108::ac42:288b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.travsrv.com/246572/945945145_0.jpg
Requested by: Host: correos.travel.win
URL: https://correos.travel.win/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:3108::ac42:288b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 35d5f98816048d874c9e98da67a21560976a3daf1275e4b7112dcdae7216cad8

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://correos.travel.win/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 09 Jun 2024 11:32:49 GMT
x-amz-version-id: .sh.5kafEpVR5b_oDy.6z1PWumDjXvkb
cf-cache-status: REVALIDATED
x-amz-request-id: 62Z1R9J3DQ4FA8EA
cf-polished: origSize=92285
x-amz-server-side-encryption: AES256
content-length: 91606
x-amz-id-2: T0GT6D5RestnDxa3c5KsjROsbnzLxiNjgvcKp0TCgOmI/EroEzlFiTiTGZmp3wKT01hc1zs4m3oXBpvvzzk3G6RriYJ983nN
cf-bgj: imgq:100,h2pri
last-modified: Mon, 06 May 2024 15:24:26 GMT
server: cloudflare
etag: "09a702cd8614eb4a722d453b0fc9fc42"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8910cd9ffb359180-FRA
expires: Mon, 09 Jun 2025 11:32:49 GMT

GET
H2 200 1104552024_0.jpg
media.travsrv.com/748765/ 188 KB
188 KB 174ms
172ms Image
image/jpeg 2606:4700:3108::ac42:288b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.travsrv.com/748765/1104552024_0.jpg
Requested by: Host: correos.travel.win
URL: https://correos.travel.win/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:3108::ac42:288b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 19252dd78d9ccebe6c52e73b037b3a3687979db4949605cfb6f6863bd9161729

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://correos.travel.win/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 09 Jun 2024 11:32:49 GMT
x-amz-version-id: 87Lhaqx4FdtNJM_HIMNpVgn0obST.yVU
cf-cache-status: REVALIDATED
x-amz-request-id: SA3DJH64412NJXZ6
cf-polished: origSize=192675
x-amz-server-side-encryption: AES256
content-length: 192409
x-amz-id-2: pG3kKkPhIzy3Sty0DVBVtZoBlzUEONMnyBIeAVN27ZYlaQwpc49ZfAxR8yfpDr0FNrnl8bSBQVA=
cf-bgj: imgq:100,h2pri
last-modified: Wed, 10 Apr 2024 11:08:40 GMT
server: cloudflare
etag: "bfda4e67c0ebdf7e149ed4afa6c5f270"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8910cd9ffb389180-FRA
expires: Mon, 09 Jun 2025 11:32:49 GMT

GET
H2 200 1385439373_0.jpg
media.travsrv.com/1141576/ 143 KB
143 KB 185ms
183ms Image
image/jpeg 2606:4700:3108::ac42:288b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.travsrv.com/1141576/1385439373_0.jpg
Requested by: Host: correos.travel.win
URL: https://correos.travel.win/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:3108::ac42:288b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0701719c7501d63c6dd38508123a8951db9582e8c904b19e7921977973f1b943

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://correos.travel.win/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 09 Jun 2024 11:32:49 GMT
x-amz-version-id: xPV8TjSEhULNkctB93.ZtdOtr2eDNNIg
cf-cache-status: HIT
x-amz-request-id: C9238D5MQWCA7FH7
cf-polished: origSize=178176
x-amz-server-side-encryption: AES256
content-length: 146093
x-amz-id-2: Fpc94WSNoITUe0Z5JEpMMgEPxXGshyvaEORCCdJDF7aUHwWGgg/qvWwhdv1ksXin+OxoEbCEzYE=
cf-bgj: imgq:100,h2pri
last-modified: Mon, 18 Mar 2024 17:07:25 GMT
server: cloudflare
etag: "f962502445a51c651d364b28fe99b47a"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8910cd9ffb3a9180-FRA
expires: Mon, 09 Jun 2025 11:32:49 GMT

GET
H2 200 1387739936_0.jpg
media.travsrv.com/1812493/ 58 KB
58 KB 167ms
165ms Image
image/jpeg 2606:4700:3108::ac42:288b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.travsrv.com/1812493/1387739936_0.jpg
Requested by: Host: correos.travel.win
URL: https://correos.travel.win/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:3108::ac42:288b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3cf1617f66acfc26391fed8355f8cb4e99dbfeb9fc747c313bf3cc992e0f269d

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://correos.travel.win/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 09 Jun 2024 11:32:49 GMT
x-amz-version-id: NwW1pN2VESSB9Zr.G6RbyMz0EYt347Jq
cf-cache-status: REVALIDATED
x-amz-request-id: 5TXGY5DX08416RTP
cf-polished: origSize=61961
x-amz-server-side-encryption: AES256
content-length: 59361
x-amz-id-2: gcVn7iFY8byGtIp4RotFskMG30QJRaU6yzLGTBFAY/zhJwjtKk4jcc2aUMSUNbAjmMpTX7z5Dc0meoWsfcqyig==
cf-bgj: imgq:100,h2pri
last-modified: Wed, 13 Mar 2024 17:28:37 GMT
server: cloudflare
etag: "9f58ae6608e21035c91ee7dc5154e441"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8910cd9ffb3d9180-FRA
expires: Mon, 09 Jun 2025 11:32:49 GMT

GET
H2 200 795217476_0.jpg
media.travsrv.com/3413201/ 114 KB
115 KB 166ms
165ms Image
image/jpeg 2606:4700:3108::ac42:288b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.travsrv.com/3413201/795217476_0.jpg
Requested by: Host: correos.travel.win
URL: https://correos.travel.win/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:3108::ac42:288b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 49355dc44037a2694c7eb0777b7bb49b75075199e0059e6c64f846aba2a93153

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://correos.travel.win/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 09 Jun 2024 11:32:49 GMT
x-amz-version-id: null
cf-cache-status: HIT
x-amz-request-id: 6X524HABW2ERQ3NQ
cf-polished: origSize=117945
content-length: 117099
x-amz-id-2: X4aDPmc3wauay8gCZdQyOrxLbxMouIkBdHlvhMRz8V6b/vTtI5H4NR/Ot+5Pz/gwRkO688esI5E=
cf-bgj: imgq:100,h2pri
last-modified: Sat, 06 Nov 2021 09:25:08 GMT
server: cloudflare
etag: "f7f5f4c7ec3a5b1ab40dbab6e4a2a376"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8910cd9ffb3e9180-FRA
expires: Mon, 09 Jun 2025 11:32:49 GMT

GET
H2 200 1375228575_0.jpg
media.travsrv.com/516128/ 283 KB
284 KB 184ms
183ms Image
image/jpeg 2606:4700:3108::ac42:288b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.travsrv.com/516128/1375228575_0.jpg
Requested by: Host: correos.travel.win
URL: https://correos.travel.win/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:3108::ac42:288b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2c939a3eabd84f998fe1357edf172bba421a222328afefee5995f52d9edcbc0b

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://correos.travel.win/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 09 Jun 2024 11:32:49 GMT
x-amz-version-id: TkiDQLNr3Gd_iu2.sePBGlhe4Bvyayyu
cf-cache-status: REVALIDATED
x-amz-request-id: J9GVD9ZN4C2BFC2Y
cf-polished: origSize=290548
x-amz-server-side-encryption: AES256
content-length: 290224
x-amz-id-2: 8fraelXNaJZcHstNqRoiofJv3S0jsAroV3eUUoPPpHYfYyIm29ieYdLTgv7hisoxf7tQLQQ2OJ4=
cf-bgj: imgq:100,h2pri
last-modified: Fri, 26 Apr 2024 20:31:31 GMT
server: cloudflare
etag: "32c631f30b7b04b6f4f514c48588b5ea"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8910cda00b429180-FRA
expires: Mon, 09 Jun 2025 11:32:49 GMT

GET
H2 200 10222135_0.jpg
media.travsrv.com/452161/ 194 KB
194 KB 184ms
183ms Image
image/jpeg 2606:4700:3108::ac42:288b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.travsrv.com/452161/10222135_0.jpg
Requested by: Host: correos.travel.win
URL: https://correos.travel.win/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:3108::ac42:288b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 861aa542f073b94b4ecb65a93fe9dfc473f21302c226a71c1fd856a21f513253

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://correos.travel.win/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 09 Jun 2024 11:32:49 GMT
x-amz-version-id: gzn6mz4SwtXcCi4eRkwC5dRhvn_7RPP.
cf-cache-status: REVALIDATED
x-amz-request-id: 04280QFYFDVPCJAV
cf-polished: origSize=199198
x-amz-server-side-encryption: AES256
content-length: 198540
x-amz-id-2: JsYNxDITQctsRZZolGncrLBtrEJ7DYjSTRZL/xvutYhXCs9uTNthFPYn8T+xt8frYQ0x0NImRXU=
cf-bgj: imgq:100,h2pri
last-modified: Sun, 14 Apr 2024 11:48:16 GMT
server: cloudflare
etag: "b551279277ad3b0bf2c96943266befba"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8910cda00b439180-FRA
expires: Mon, 09 Jun 2025 11:32:49 GMT

GET
H2 200 191606130_0.jpg
media.travsrv.com/2145308/ 161 KB
161 KB 183ms
182ms Image
image/jpeg 2606:4700:3108::ac42:288b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.travsrv.com/2145308/191606130_0.jpg
Requested by: Host: correos.travel.win
URL: https://correos.travel.win/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:3108::ac42:288b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 02d9245ad64e20061d6f6e64b417a98d1245f94869cc8e3ad05e8a18b6ea5a94

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://correos.travel.win/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 09 Jun 2024 11:32:49 GMT
x-amz-version-id: sbIZNNameIiz2hDdVO_S6hmIqNAlIzfZ
cf-cache-status: REVALIDATED
x-amz-request-id: M50G973RFZ5YSPSJ
cf-polished: origSize=164977
x-amz-server-side-encryption: AES256
content-length: 164649
x-amz-id-2: kifljSyEdxw8X6DyUg84WrWm7W636yzUqW6OI3XcDCtrOiP77vFvQ70j0gRQCSpyQpvFKlIhWkI=
cf-bgj: imgq:100,h2pri
last-modified: Tue, 02 Apr 2024 11:05:09 GMT
server: cloudflare
etag: "12e8bf4c817cb4026d7f8f251e8128f0"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8910cda00b459180-FRA
expires: Mon, 09 Jun 2025 11:32:49 GMT

GET
H2 200 1387695239_0.jpg
media.travsrv.com/662275/ 83 KB
84 KB 193ms
192ms Image
image/jpeg 2606:4700:3108::ac42:288b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.travsrv.com/662275/1387695239_0.jpg
Requested by: Host: correos.travel.win
URL: https://correos.travel.win/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:3108::ac42:288b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6401037b740a36cb4a76dffc4ec7b33120751283de952ce2d5cad28b8748ca8b

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://correos.travel.win/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 09 Jun 2024 11:32:49 GMT
x-amz-version-id: UYlAr.1rDGcGhQ6f9dPBJWrydOuNT6Ot
cf-cache-status: REVALIDATED
x-amz-request-id: PQSPGVK96BMTWTF1
cf-polished: origSize=91418
x-amz-server-side-encryption: AES256
content-length: 85334
x-amz-id-2: jyRZjUBzjxg+iZIByGCfiepJY9uFd7x8s/FwfqKrJ9cj1PNaWCEQTFWYKSrFkJa7LSgQA+KtjfQ=
cf-bgj: imgq:100,h2pri
last-modified: Thu, 06 Jun 2024 16:10:15 GMT
server: cloudflare
etag: "885466fc00f8afcb3d9279fc13806756"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8910cda00b489180-FRA
expires: Mon, 09 Jun 2025 11:32:49 GMT

GET
H2 200 getRecentlyViewed_fe Show response
correos.travel.win/ 48 B
2 KB 294ms
293ms XHR
text/plain 52.0.203.200
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://correos.travel.win/getRecentlyViewed_fe?userID=0&ipAddress=81.95.5.37

Requested by

Host: correos.travel.win
URL: https://correos.travel.win/js/jquery-3.7.1.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.0.203.200 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-0-203-200.compute-1.amazonaws.com

Software

Resource Hash

c672ab680062577674831ddb657774f2f95541a8df806b142998b06a5b08fdc3

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'nonce-U0eTWulHCtFoAeCbeZ37PRgspWz+Mq2L2JKmvLR/uNs=' 'unsafe-eval' https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js https://www.googletagmanager.com/gtm.js https://www.googletagmanager.com/gtag/ ajax.cloudflare.com https://ajax.cloudflare.com https://img.ips.ms/gl.js https://www.dwin1.com/19038.js https://script.hotjar.com/* https://script.hotjar.com/ https://connect.facebook.net/en_US/fbevents.js https://cdn.jsdelivr.net/npm/daterangepicker/daterangepicker.min.js https://www.mczbf.com/tags/11157/tag.js https://connect.facebook.net/ https://maps.googleapis.com/ https://checkout-sdk.sezzle.com/checkout.min.js https://gateway.sezzle.com/ https://www.google-analytics.com https://optimize.google.com https://maps.googleapis.com https://maps.gstatic.com https://rum-static.pingdom.net/ https://static.hotjar.com/ https://.forter.com/ https://cdn.quilljs.com/ https://stackpath.bootstrapcdn.com/ .ggpht.com .googleapis.com https://.kaptcha.com https://ncr-front.marketplace.smartlink.valuedynamx.com https://qa-ncr-front.marketplace.smartlink.valuedynamx.com/ https://fonts.googleapis.com https://acsbapp.com/apps/app/dist/js/app.js https://accounts.google.com/* https://accounts.google.com/o/oauth2/auth https://cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/script.js https://cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/banner.js https://cdn-cookieyes.com/client_data/ https://www.paypal.com/ https://js.stripe.com/ https://merchant-ui-api.stripe.com/ https://s3-us-west-2.amazonaws.com
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Security-Policy	frame-ancestors self
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Accept: */*
Referer
X-Requested-With: XMLHttpRequest
sec-ch-ua-platform: "Win32"

Response headers

expires: 0
pragma: no-cache
date: Sun, 09 Jun 2024 11:32:49 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
x-content-type-options: nosniff
content-security-policy: script-src 'self' 'nonce-U0eTWulHCtFoAeCbeZ37PRgspWz+Mq2L2JKmvLR/uNs=' 'unsafe-eval' https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js https://www.googletagmanager.com/gtm.js https://www.googletagmanager.com/gtag/ ajax.cloudflare.com https://ajax.cloudflare.com https://img.ips.ms/gl.js https://www.dwin1.com/19038.js https://script.hotjar.com/* https://script.hotjar.com/ https://connect.facebook.net/en_US/fbevents.js https://cdn.jsdelivr.net/npm/daterangepicker/daterangepicker.min.js https://www.mczbf.com/tags/11157/tag.js https://connect.facebook.net/ https://maps.googleapis.com/ https://checkout-sdk.sezzle.com/checkout.min.js https://gateway.sezzle.com/ https://www.google-analytics.com https://optimize.google.com https://maps.googleapis.com https://maps.gstatic.com https://rum-static.pingdom.net/ https://static.hotjar.com/ https://*.forter.com/ https://cdn.quilljs.com/ https://stackpath.bootstrapcdn.com/ *.ggpht.com *.googleapis.com https://*.kaptcha.com https://ncr-front.marketplace.smartlink.valuedynamx.com https://qa-ncr-front.marketplace.smartlink.valuedynamx.com/ https://fonts.googleapis.com https://acsbapp.com/apps/app/dist/js/app.js https://accounts.google.com/* https://accounts.google.com/o/oauth2/auth https://cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/script.js https://cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/banner.js https://cdn-cookieyes.com/client_data/ https://www.paypal.com/ https://js.stripe.com/ https://merchant-ui-api.stripe.com/ https://s3-us-west-2.amazonaws.com
referrer-policy: no-referrer
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: text/plain;charset=ISO-8859-1
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: geolocation=(self)
content-length: 48
x-xss-protection: 1; mode=block
x-content-security-policy: frame-ancestors self

POST
H2 200 LoadCarousel Show response
correos.travel.win/ 8 KB
10 KB 275ms
274ms XHR
text/plain 52.0.203.200
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://correos.travel.win/LoadCarousel

Requested by

Host: correos.travel.win
URL: https://correos.travel.win/js/jquery-3.7.1.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.0.203.200 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-0-203-200.compute-1.amazonaws.com

Software

Resource Hash

2b824cb23cd30edecaa5847d4f93f2d14ecc024e31ab688394848a302a060f81

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'nonce-4PNwkznbzRMw+Dl1IvSNwwFqikOwUuqItRV907CuDgo=' 'unsafe-eval' https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js https://www.googletagmanager.com/gtm.js https://www.googletagmanager.com/gtag/ ajax.cloudflare.com https://ajax.cloudflare.com https://img.ips.ms/gl.js https://www.dwin1.com/19038.js https://script.hotjar.com/* https://script.hotjar.com/ https://connect.facebook.net/en_US/fbevents.js https://cdn.jsdelivr.net/npm/daterangepicker/daterangepicker.min.js https://www.mczbf.com/tags/11157/tag.js https://connect.facebook.net/ https://maps.googleapis.com/ https://checkout-sdk.sezzle.com/checkout.min.js https://gateway.sezzle.com/ https://www.google-analytics.com https://optimize.google.com https://maps.googleapis.com https://maps.gstatic.com https://rum-static.pingdom.net/ https://static.hotjar.com/ https://.forter.com/ https://cdn.quilljs.com/ https://stackpath.bootstrapcdn.com/ .ggpht.com .googleapis.com https://.kaptcha.com https://ncr-front.marketplace.smartlink.valuedynamx.com https://qa-ncr-front.marketplace.smartlink.valuedynamx.com/ https://fonts.googleapis.com https://acsbapp.com/apps/app/dist/js/app.js https://accounts.google.com/* https://accounts.google.com/o/oauth2/auth https://cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/script.js https://cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/banner.js https://cdn-cookieyes.com/client_data/ https://www.paypal.com/ https://js.stripe.com/ https://merchant-ui-api.stripe.com/ https://s3-us-west-2.amazonaws.com
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Security-Policy	frame-ancestors self
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Accept: */*
Referer
X-Requested-With: XMLHttpRequest
sec-ch-ua-platform: "Win32"

Response headers

expires: 0
pragma: no-cache
date: Sun, 09 Jun 2024 11:32:49 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
x-content-type-options: nosniff
content-security-policy: script-src 'self' 'nonce-4PNwkznbzRMw+Dl1IvSNwwFqikOwUuqItRV907CuDgo=' 'unsafe-eval' https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js https://www.googletagmanager.com/gtm.js https://www.googletagmanager.com/gtag/ ajax.cloudflare.com https://ajax.cloudflare.com https://img.ips.ms/gl.js https://www.dwin1.com/19038.js https://script.hotjar.com/* https://script.hotjar.com/ https://connect.facebook.net/en_US/fbevents.js https://cdn.jsdelivr.net/npm/daterangepicker/daterangepicker.min.js https://www.mczbf.com/tags/11157/tag.js https://connect.facebook.net/ https://maps.googleapis.com/ https://checkout-sdk.sezzle.com/checkout.min.js https://gateway.sezzle.com/ https://www.google-analytics.com https://optimize.google.com https://maps.googleapis.com https://maps.gstatic.com https://rum-static.pingdom.net/ https://static.hotjar.com/ https://*.forter.com/ https://cdn.quilljs.com/ https://stackpath.bootstrapcdn.com/ *.ggpht.com *.googleapis.com https://*.kaptcha.com https://ncr-front.marketplace.smartlink.valuedynamx.com https://qa-ncr-front.marketplace.smartlink.valuedynamx.com/ https://fonts.googleapis.com https://acsbapp.com/apps/app/dist/js/app.js https://accounts.google.com/* https://accounts.google.com/o/oauth2/auth https://cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/script.js https://cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/banner.js https://cdn-cookieyes.com/client_data/ https://www.paypal.com/ https://js.stripe.com/ https://merchant-ui-api.stripe.com/ https://s3-us-west-2.amazonaws.com
referrer-policy: no-referrer
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: text/plain;charset=ISO-8859-1
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: geolocation=(self)
content-length: 8354
x-xss-protection: 1; mode=block
x-content-security-policy: frame-ancestors self

GET
H2 200 1227020460979223 Show response
connect.facebook.net/signals/config/ 59 KB
12 KB 86ms
85ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1227020460979223?v=2.9.157&r=stable&domain=correos.travel.win&hme=446fb981c8c3baeb03730fe3cbd404f7f15f64c693f24c7fe75da498bc2c95d8&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C174%2C170%2C171%2C173%2C28%2C94%2C50%2C73%2C172%2C155%2C158%2C167%2C168%2C175%2C122%2C14%2C48%2C180%2C179%2C124%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

828f009f26097cf5d0d026a6f2ce1efe70d1537b7199c5b6a338a5251eca3a85

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 09 Jun 2024 11:32:49 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=8, rtx=0, c=65, mss=1297, tbw=63501, tp=-1, tpl=-1, uplat=75, ullat=0
pragma: public
x-fb-debug: JLvLd9Mo8x6FPRttHnpPwkN2P6K2RbSkwZkgyXl+YzFByioi0PgmfjgPd0z9SOAoSd7DddLe/UtBzBYEGDqyng==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 305 KB
101 KB 41ms
40ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-76WT7NSSDX&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=GTM-TMF2H2JV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

86cb6bb51db99e2a4aac6d4b49827f96fc4cf772e2bcda1d2dc0aba6a481ccec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 09 Jun 2024 11:32:49 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 103687
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 09 Jun 2024 11:32:49 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 225 KB
81 KB 61ms
61ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-529346946&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=GTM-TMF2H2JV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

13006c717fe86547892cb52e6a7592cf2a65f50a601e4c8a29994dce88a9435a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 09 Jun 2024 11:32:49 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 83141
x-xss-protection: 0
last-modified: Sun, 09 Jun 2024 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 09 Jun 2024 11:32:49 GMT

GET
H2 200 modules.349061f2d87d84c4c336.js Show response
script.hotjar.com/ 222 KB
55 KB 41ms
11ms Script
application/javascript 13.32.27.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.349061f2d87d84c4c336.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-3377341.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-21.fra56.r.cloudfront.net

Software

Resource Hash

5ade1526f1674ac49650f04fa328b8aec7266c24c9a045f5efbb96b6984422c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 11:43:07 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 08b9c2fd11813ffdb8fa03129d0a465c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 344982
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 56093
last-modified: Wed, 05 Jun 2024 11:42:10 GMT
etag: "4aa8ac29ac41e30cfd27b0bfd1a19aca"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: ork-HXOAsgVKKeWmm0tnW4-9yi-00lbLsm2We1rSjZ5DDChQDyn_CQ==

GET
H2 204 3377341 Show response
vc.hotjar.io/sessions/ 0
232 B 75ms
32ms XHR
text/plain 18.66.112.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vc.hotjar.io/sessions/3377341?s=0.25&r=0.2132530914417723
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.349061f2d87d84c4c336.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-79.fra56.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
date: Sun, 09 Jun 2024 11:32:49 GMT
cache-control: no-store
via: 1.1 5e28951e5f2b6d7d562636473d26d7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-cf-id: aGut3Q_cDVZ8lSIKzCVaqywdNoC5XdrIUM13k7ZkfsSE0mbD-e25_Q==
x-cache: Miss from cloudfront

POST
H2 200 events
cdn3.forter.com/ 0
416 B 132ms
105ms Ping
text/plain 13.225.78.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn3.forter.com/events

Requested by

Host:
URL: (program):2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.129 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-129.fra2.r.cloudfront.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain; charset=utf-8

Response headers

pragma: no-cache
date: Sun, 09 Jun 2024 11:32:49 GMT
strict-transport-security: max-age=86400; includeSubDomains
via: 1.1 a32f966fc5896281eb3de44fd8f57d40.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
vary: Origin
x-cache: Miss from cloudfront
access-control-allow-origin: https://correos.travel.win
cache-control: private, no-cache, no-store
access-control-allow-credentials: true
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 0
x-amz-cf-id: aCzzompprXA2TvElIPlPjs6uB6GrvH8T-SdppLZ9oDDRA5D1RUi6Lg==
expires: -1

GET
H2 200 /
www.facebook.com/tr/ 0
273 B 23ms
7ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1227020460979223&ev=PageView&dl=https%3A%2F%2Fcorreos.travel.win%2F&rl=&if=false&ts=1717932769643&sw=1600&sh=1200&v=2.9.157&r=stable&ec=0&o=4126&fbp=fb.1.1717932769641.939425234905803280&ler=empty&cdl=API_unavailable&it=1717932769392&coo=false&rqm=GET

Requested by

Host: correos.travel.win
URL: https://correos.travel.win/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=5, rtx=0, c=10, mss=1297, tbw=2773, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 09 Jun 2024 11:32:49 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 314ms
299ms Image
image/png 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1227020460979223&ev=PageView&dl=https%3A%2F%2Fcorreos.travel.win%2F&rl=&if=false&ts=1717932769643&sw=1600&sh=1200&v=2.9.157&r=stable&ec=0&o=4126&fbp=fb.1.1717932769641.939425234905803280&ler=empty&cdl=API_unavailable&it=1717932769392&coo=false&rqm=FGET

Requested by

Host: correos.travel.win
URL: https://correos.travel.win/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x358f86ae0fa88b8d","source_keys":["1","2"]},{"key_piece":"0xe9ce0dac0cd519f3","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Sun, 09 Jun 2024 11:32:49 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=5, rtx=0, c=10, mss=1297, tbw=3090, tp=-1, tpl=-1, uplat=290, ullat=0
pragma: no-cache
x-fb-debug: tSLgbFR+699MC4wRqcEWH2wvcOqVqOkAP89QZgipPtxGWhZZubryN5DlHqV0yn5gX4BRaB0x0QqILzXlVe8YZg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
256 B 37ms
14ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-76WT7NSSDX&gtm=45je4650v9184988016z89184987750za200zb9184987750&_p=1717932768634&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=1501998180.1717932770&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1717932769&sct=1&seg=0&dl=https%3A%2F%2Fcorreos.travel.win%2F&dt=Correos%20Prepago%20Viajes%20-%20Obtenga%20hasta%20un%2030%25%20de%20reembolso%20despu%C3%A9s%20de%2030%20d%C3%ADas%20al%20completar%20su%20estad%C3%ADa&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=5797
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-76WT7NSSDX&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sun, 09 Jun 2024 11:32:49 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://correos.travel.win
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1065565965_300.jpg
media.travsrv.com/957/ 19 KB
19 KB 149ms
146ms Image
image/jpeg 2606:4700:3108::ac42:288b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.travsrv.com/957/1065565965_300.jpg
Requested by: Host: correos.travel.win
URL: https://correos.travel.win/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:3108::ac42:288b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 36b06368bee9a097028e618774db423a2ef6e10ce4d32c13488f0f762e848344

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 09 Jun 2024 11:32:49 GMT
x-amz-version-id: sgZJ57T5fJc8U86eNgrq_vzcRA.EYU48
cf-cache-status: HIT
x-amz-request-id: 70BQJ433MPKAEY4M
cf-polished: origSize=19949
x-amz-server-side-encryption: AES256
content-length: 19000
x-amz-id-2: cgkoFCTnUNEas0abTEbu5iFriIFurGSzMmS4JB9BiX7RM1FOskdRn8nDu2P/N9XbR/6shGVzRmJDKX9YJKS/kRKuuQ2VxwWX
cf-bgj: imgq:100,h2pri
last-modified: Wed, 20 Mar 2024 15:23:39 GMT
server: cloudflare
etag: "a5d065497e6470ceb929eee0456a7f74"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8910cda2be699180-FRA
expires: Mon, 09 Jun 2025 11:32:49 GMT

GET
H2 200 1065887267_300.jpg
media.travsrv.com/21405/ 22 KB
22 KB 184ms
182ms Image
image/jpeg 2606:4700:3108::ac42:288b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.travsrv.com/21405/1065887267_300.jpg
Requested by: Host: correos.travel.win
URL: https://correos.travel.win/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:3108::ac42:288b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bf9eb12c83b384d7c2079f9b010ebfd9834c8caaad81f456ba9fbfbc3e6002d3

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 09 Jun 2024 11:32:49 GMT
x-amz-version-id: pTNSCSNZJIz_ZSb0mLdZCBYJjbvz9xbl
cf-cache-status: HIT
x-amz-request-id: CB8H5A5JXQ7325T1
cf-polished: origSize=23812
x-amz-server-side-encryption: AES256
content-length: 22406
x-amz-id-2: 6TOGucxQt8DRhKI1jtcf9UsQA6W6dQfntRVcmEoXRJ6YCraJCn6pHGcZhJ2MYIA8J0TzhEfmNrU=
cf-bgj: imgq:100,h2pri
last-modified: Sat, 02 Mar 2024 19:12:23 GMT
server: cloudflare
etag: "a40935fa13942f055f99ce0319cc480a"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8910cda2be6c9180-FRA
expires: Mon, 09 Jun 2025 11:32:49 GMT

GET
H2 200 1065899042_300.jpg
media.travsrv.com/22674/ 25 KB
25 KB 158ms
155ms Image
image/jpeg 2606:4700:3108::ac42:288b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.travsrv.com/22674/1065899042_300.jpg
Requested by: Host: correos.travel.win
URL: https://correos.travel.win/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:3108::ac42:288b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 93359f2c0236b518186339910a6688d12e88e3175ff43366fec75ef36e38f611

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 09 Jun 2024 11:32:49 GMT
x-amz-version-id: null
cf-cache-status: HIT
x-amz-request-id: 7EA3HNNKEY3PK33G
cf-polished: origSize=26798
x-amz-server-side-encryption: AES256
content-length: 25277
x-amz-id-2: sQMkPkJap/LmMAaA0KMb6yk6CLS0hKnJAes7KL584H7sqrOp6H1Lk07zkG78hbBMdrU3pUl1gQM=
cf-bgj: imgq:100,h2pri
last-modified: Sat, 27 Jan 2024 06:23:35 GMT
server: cloudflare
etag: "ccf69d5a2f06169cb79f73c920cbe43b"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8910cda2be6f9180-FRA
expires: Mon, 09 Jun 2025 11:32:49 GMT

GET
H2 200 1161349558_300.jpg
media.travsrv.com/3406883/ 26 KB
26 KB 150ms
148ms Image
image/jpeg 2606:4700:3108::ac42:288b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.travsrv.com/3406883/1161349558_300.jpg
Requested by: Host: correos.travel.win
URL: https://correos.travel.win/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:3108::ac42:288b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: edc2bbafe3261df8432f60b3b23ba5b21ba46ca732e286e20992dd90e8412c58

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 09 Jun 2024 11:32:49 GMT
x-amz-version-id: vbA0LwuSkVyRH8mT.yjRZofD4uQUy3xc
cf-cache-status: HIT
x-amz-request-id: 4D7B1S943CWXQRFZ
cf-polished: origSize=28627
x-amz-server-side-encryption: AES256
content-length: 26790
x-amz-id-2: hDZeJjGARcboQc9SeEJuTEovbsPVdn+F491KF2Ya/rU9CifGwd6xpiK0KUKRp+Ihrtxk8xbkqMr+0++HeQu8yA==
cf-bgj: imgq:100,h2pri
last-modified: Sun, 21 Apr 2024 08:54:50 GMT
server: cloudflare
etag: "c0afba8c1077dfaa0077f08948747b53"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8910cda2be739180-FRA
expires: Mon, 09 Jun 2025 11:32:49 GMT

GET
H2 200 1387348957_300.jpg
media.travsrv.com/5230015/ 28 KB
29 KB 151ms
149ms Image
image/jpeg 2606:4700:3108::ac42:288b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.travsrv.com/5230015/1387348957_300.jpg
Requested by: Host: correos.travel.win
URL: https://correos.travel.win/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:3108::ac42:288b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2a8c01e570b1131c9c2e1b7b71f2fcf3fb8393a8e11c2876a8a06dc77932a564

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 09 Jun 2024 11:32:49 GMT
x-amz-version-id: rWdK379dYAGECW7pWN2vRJWxShfqYG73
cf-cache-status: HIT
x-amz-request-id: 6W4AXJVXKNNG4R9D
cf-polished: origSize=30742
x-amz-server-side-encryption: AES256
content-length: 28916
x-amz-id-2: H0TD4TleOoNZhf0lxF+hTTmyHxnQlud508SujvQDCw9UXeIkk35Me0xaaCSY2v0/t5U4pnN66r4=
cf-bgj: imgq:100,h2pri
last-modified: Thu, 11 Apr 2024 21:02:28 GMT
server: cloudflare
etag: "d0b8db36147a63dab27d098d703f867d"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8910cda2be759180-FRA
expires: Mon, 09 Jun 2025 11:32:49 GMT

GET
H2 200 1065805025_300.jpg
media.travsrv.com/16800/ 16 KB
16 KB 166ms
164ms Image
image/jpeg 2606:4700:3108::ac42:288b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.travsrv.com/16800/1065805025_300.jpg
Requested by: Host: correos.travel.win
URL: https://correos.travel.win/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:3108::ac42:288b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27521f3b1559c57356c3d48b3357bd5f7fb5a29d1d0cfdc5e4ee920a1f9aae88

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 09 Jun 2024 11:32:49 GMT
x-amz-version-id: vjJqAHwdM2__0ekGGwxN3OvW6e7cA8I5
cf-cache-status: HIT
x-amz-request-id: KJV0C67GNRAPCH40
cf-polished: origSize=16831
x-amz-server-side-encryption: AES256
content-length: 16151
x-amz-id-2: lEj9hg6SrnwlKsqwzp9rKnU454jp5fubyqxm+a8dFc+BFGa6TI96ixSgOTm7ANc8NIR/nLFegi+UqPqH4ehKcfi/cJskwa0Vn2wjCyfE+cY=
cf-bgj: imgq:100,h2pri
last-modified: Tue, 14 May 2024 11:01:27 GMT
server: cloudflare
etag: "d1e2cb5a4bc120cf67a48cc42e09dea5"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8910cda2be799180-FRA
expires: Mon, 09 Jun 2025 11:32:49 GMT

GET
H2 200 1385645766_300.jpg
media.travsrv.com/33831/ 14 KB
15 KB 152ms
150ms Image
image/jpeg 2606:4700:3108::ac42:288b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.travsrv.com/33831/1385645766_300.jpg
Requested by: Host: correos.travel.win
URL: https://correos.travel.win/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:3108::ac42:288b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 57271e107bff1057f31ef13b242f29f1fc3ec75a9ccf15b93583fd752d1547b7

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 09 Jun 2024 11:32:49 GMT
x-amz-version-id: c919KISWKq53n7.D96y.WK2VFFafhfzF
cf-cache-status: HIT
x-amz-request-id: H0GSYJR9PC07QEAJ
cf-polished: origSize=15566
x-amz-server-side-encryption: AES256
content-length: 14764
x-amz-id-2: Ce/AxK2oXZTEoO2XzUAz7ZzOtKM7EBPNEz5Tfu9I0MOWfoc5zvaPn5JpI3HKX81QWC8RSEKHxiQ=
cf-bgj: imgq:100,h2pri
last-modified: Fri, 19 Apr 2024 00:01:32 GMT
server: cloudflare
etag: "21ee98c36375adf9a7c8fcc8b4f18cf2"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8910cda2be7a9180-FRA
expires: Mon, 09 Jun 2025 11:32:49 GMT

GET
H2 200 1353660975_300.jpg
media.travsrv.com/451314/ 23 KB
23 KB 146ms
144ms Image
image/jpeg 2606:4700:3108::ac42:288b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.travsrv.com/451314/1353660975_300.jpg
Requested by: Host: correos.travel.win
URL: https://correos.travel.win/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:3108::ac42:288b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b4fc2ad957f3e71c425c514b5671f904d9172fffdf82574a40f0bac248743346

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 09 Jun 2024 11:32:49 GMT
x-amz-version-id: 3uMflDCCoK0LLNFwJHSLtRdM1OlGr77Q
cf-cache-status: HIT
x-amz-request-id: VJZJ7JV4XW71V7B9
cf-polished: origSize=25189
x-amz-server-side-encryption: AES256
content-length: 23578
x-amz-id-2: EUGBIhVWVvZim7k7370vq4XPh/+O/zUyyTzTSUHt5RYbM05OCPVmD2HmLiNYgo+UU0ZRKUmNXzQ=
cf-bgj: imgq:100,h2pri
last-modified: Sun, 26 May 2024 12:35:09 GMT
server: cloudflare
etag: "8fd474b1a70bf89e4a89ec831f7227f9"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8910cda2be7b9180-FRA
expires: Mon, 09 Jun 2025 11:32:49 GMT

GET
H2 200 1066087206_300.jpg
media.travsrv.com/37812/ 24 KB
25 KB 149ms
147ms Image
image/jpeg 2606:4700:3108::ac42:288b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.travsrv.com/37812/1066087206_300.jpg
Requested by: Host: correos.travel.win
URL: https://correos.travel.win/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:3108::ac42:288b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13ea1fc4ff11d9c3c8d4d8cea7688556f087e875be902b1cb4ce35351d8ba98e

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 09 Jun 2024 11:32:49 GMT
x-amz-version-id: VlsLwMWWVhFR0QFHdNyAyyXPe9E4vUDH
cf-cache-status: HIT
x-amz-request-id: VNFBS5HXKDCJ018D
cf-polished: origSize=26424
x-amz-server-side-encryption: AES256
content-length: 24869
x-amz-id-2: Tsz+g71B8lS8NgITbtcNIAk6KwxB7mkuTVilp5XJ2hn0j5JKfFf9BStqZCH/Ft4lBY/PzRxli4Y=
cf-bgj: imgq:100,h2pri
last-modified: Sun, 02 Jun 2024 07:25:38 GMT
server: cloudflare
etag: "58556c135c85b427350d80e730b9a207"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8910cda2be7c9180-FRA
expires: Mon, 09 Jun 2025 11:32:49 GMT

GET
H2 200 1385286323_300.jpg
media.travsrv.com/209007/ 16 KB
17 KB 154ms
153ms Image
image/jpeg 2606:4700:3108::ac42:288b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.travsrv.com/209007/1385286323_300.jpg
Requested by: Host: correos.travel.win
URL: https://correos.travel.win/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:3108::ac42:288b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0430154b1f87dba86f616877ddcc001f47b6b0b066f5b52b045d87ec84e376c3

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 09 Jun 2024 11:32:49 GMT
x-amz-version-id: u0rGEzS1HZgIpBOpuZqb_K8y2NYnCOYG
cf-cache-status: HIT
x-amz-request-id: B59H365Y8DMMR00D
cf-polished: origSize=17567
x-amz-server-side-encryption: AES256
content-length: 16828
x-amz-id-2: ElrWl6xadSybJBKTzEhKTXDh16hmXedSeKpgzD2mW9xV9VC9FnOCBImNTmddayI9/9YpCEILIgo=
cf-bgj: imgq:100,h2pri
last-modified: Sun, 26 May 2024 12:22:36 GMT
server: cloudflare
etag: "be60c247405eba3037a9b700fc8327e6"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8910cda2be7e9180-FRA
expires: Mon, 09 Jun 2025 11:32:49 GMT

GET
H2 200 36648875_300.jpg
media.travsrv.com/1198950/ 22 KB
22 KB 155ms
154ms Image
image/jpeg 2606:4700:3108::ac42:288b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.travsrv.com/1198950/36648875_300.jpg
Requested by: Host: correos.travel.win
URL: https://correos.travel.win/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:3108::ac42:288b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6c20a9653b4919dfbf1359c1469dc8b6197ea53b402f7e41698d40da7c9ed8cb

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 09 Jun 2024 11:32:49 GMT
x-amz-version-id: Q2F70OoWSPcMrJMho5OV9qgpWyuCUcWw
cf-cache-status: HIT
x-amz-request-id: D44JGB32PN111YZJ
cf-polished: origSize=23295
x-amz-server-side-encryption: AES256
content-length: 22221
x-amz-id-2: JiiZqKHDvpQIYo7t3DwtiFGnqfUo3iFCk+PhEOBkRVbLc0L1lKylBC+i/UaHZ9yomOP8/j9vAgk=
cf-bgj: imgq:100,h2pri
last-modified: Sat, 11 May 2024 13:11:03 GMT
server: cloudflare
etag: "bb1373a04518d9225007682157ff2291"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8910cda2ce849180-FRA
expires: Mon, 09 Jun 2025 11:32:49 GMT

GET
H2 200 1065891604_300.jpg
media.travsrv.com/21776/ 19 KB
19 KB 171ms
170ms Image
image/jpeg 2606:4700:3108::ac42:288b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.travsrv.com/21776/1065891604_300.jpg
Requested by: Host: correos.travel.win
URL: https://correos.travel.win/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:3108::ac42:288b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8881531d6c9eaf78dd382c94d5794cde4166d199ac6b77b41241551e1a513651

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 09 Jun 2024 11:32:49 GMT
x-amz-version-id: z9HnHp9CMX9uUzcw_iiLnLZkl0TX_u2a
cf-cache-status: HIT
x-amz-request-id: 0YPJEMYXH06EA72H
cf-polished: origSize=19880
x-amz-server-side-encryption: AES256
content-length: 18966
x-amz-id-2: 2VNvZmjsfCS5dMfwdi6TGagpXVswEVdveGkFW2ZbjoSmMGLqLUUSqoDeUaMqqnxDeK3p8b5MACHxESjcARFYDA==
cf-bgj: imgq:100,h2pri
last-modified: Mon, 27 May 2024 17:17:08 GMT
server: cloudflare
etag: "fa72e05712a080849e1bad95042290b2"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8910cda2ce869180-FRA
expires: Mon, 09 Jun 2025 11:32:49 GMT

GET
H2

200

77bd089969427e7c3f72ba1e18af03bbf9b29b0e7c8d4330bfb5665aebc3c415ac7f4acf641e54e5def640d2ab71 Show response
cdn9.forter.com/vchk2/v1/
Redirect Chain

https://cdn9.forter.com/vchk2
https://cdn9.forter.com/vchk2/v1/77bd089969427e7c3f72ba1e18af03bbf9b29b0e7c8d4330bfb5665aebc3c415ac7f4acf641e54e5def640d2ab71

0
318 B

105ms
105ms

XHR
text/plain

2600:9000:275b:5000:e:d088:5c40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn9.forter.com/vchk2/v1/77bd089969427e7c3f72ba1e18af03bbf9b29b0e7c8d4330bfb5665aebc3c415ac7f4acf641e54e5def640d2ab71

Requested by

Host: correos.travel.win
URL: https://correos.travel.win/

Protocol

Server

2600:9000:275b:5000:e:d088:5c40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

date: Sun, 09 Jun 2024 11:32:49 GMT
via: 1.1 e9b74ccbde368a1365608891aeccb498.cloudfront.net (CloudFront)
strict-transport-security: max-age=86400; includeSubDomains
x-amz-cf-pop: FRA60-P7
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: private, s-maxage=0, proxy-revalidate
timing-allow-origin: *
content-length: 0
x-amz-cf-id: VKiebv1XpOfopV91fMOpfyNIwD73WG-YZdJHNlIOUUeRTyiOx7uEkQ==

Redirect headers

date: Sun, 09 Jun 2024 11:32:49 GMT
strict-transport-security: max-age=86400; includeSubDomains
via: 1.1 e9b74ccbde368a1365608891aeccb498.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P7
x-cache: Miss from cloudfront
location: https://cdn9.forter.com/vchk2/v1/77bd089969427e7c3f72ba1e18af03bbf9b29b0e7c8d4330bfb5665aebc3c415ac7f4acf641e54e5def640d2ab71
access-control-allow-origin: *
cache-control: private, s-maxage=0, proxy-revalidate
timing-allow-origin: *
content-length: 0
x-amz-cf-id: YC0Bty29V_NjSI9kMZlEBVpm93bbT_3R6m06KAaCg-hzD0hJCxq0jg==

POST
H/1.1 200
OK prop.json
92b2e8b72f8441549155b55e7c75d761-f12dab486be1.cdn.forter.com/ 2 B
626 B 310ms
93ms Ping
application/json 54.158.164.13
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://92b2e8b72f8441549155b55e7c75d761-f12dab486be1.cdn.forter.com/prop.json
Requested by: Host:
URL: (program):2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 54.158.164.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-158-164-13.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Sun, 09 Jun 2024 11:32:49 GMT
Connection: close
Content-Length: 2
Pragma: no-cache
Last-Modified: Sat, 08 Jun 2024 12:06:17 GMT
Server: Apache
ETag: "2-61a5fbe506cd9"
Access-Control-Allow-Methods: PUT, GET, POST, DELETE, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://correos.travel.win
Cache-Control: max-age=0, no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: origin, x-requested-with, content-type, x-csrf-token
Expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H/1.1 200
OK prop.json Show response
cdn0.forter.com/f12dab486be1/92b2e8b72f8441549155b55e7c75d761/ 20 B
362 B 384ms
184ms XHR
application/json 34.225.5.197
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn0.forter.com/f12dab486be1/92b2e8b72f8441549155b55e7c75d761/prop.json?_=1717932769719
Requested by: Host:
URL: (program):2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 34.225.5.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-225-5-197.compute-1.amazonaws.com
Software: /
Resource Hash: 912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Pragma: no-cache
Date: Sun, 09 Jun 2024 11:32:49 GMT
Vary: Origin
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: https://correos.travel.win
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Expires: -1

GET
H2 200 a0nDotjj.json Show response
cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/ 44 B
334 B 38ms
19ms Fetch
application/json 2606:4700:10::6816:3a5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/a0nDotjj.json
Requested by: Host: cdn-cookieyes.com
URL: https://cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/banner.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3a5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a3a162b6a5bc394ddaeafabc686b94e9657f9dfe37f012247bc748de69aae1dd

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 09 Jun 2024 11:32:49 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 04 Jun 2024 20:10:50 GMT
server: cloudflare
age: 101289
etag: W/"2c-61a160bd1eb32"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0, must-revalidate, s-maxage=604800, proxy-revalidate
cf-ray: 8910cda46a121d9a-FRA

GET
H2 200 44_Correos%20Favicon%202024-04-08%20at%2011.36.17%20AM.png
siteimages.travel.win/ 34 KB
35 KB 466ms
465ms Other
image/png 2600:9000:275d:6200:14:503f:7d40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://siteimages.travel.win/44_Correos%20Favicon%202024-04-08%20at%2011.36.17%20AM.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275d:6200:14:503f:7d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e9bc656e791415f5354da77d988eb448c87db413811968066f14d36bc3e4426a

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: null
date: Sun, 09 Jun 2024 11:32:51 GMT
via: 1.1 8614f084c2572336b13eed108c40e01e.cloudfront.net (CloudFront)
last-modified: Mon, 08 Apr 2024 17:18:27 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P11
x-amz-server-side-encryption: AES256
etag: "69e699a565bd89c6b6034c5485c0de19"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: image/png
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 34882
x-amz-cf-id: TgvjVBVHKZbvmTq_uJ9U02Nqoa_HGLywaRLPyqY3M5AH1cC2Oz5Xig==

GET
H2 200 nKN_iLZ8.json Show response
cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/config/ 31 KB
5 KB 21ms
20ms Fetch
application/json 2606:4700:10::6816:3a5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/config/nKN_iLZ8.json
Requested by: Host: cdn-cookieyes.com
URL: https://cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/banner.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3a5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d59fc491ed63c2ba41a2d610612b0dae3a964d5b9bd4a5b688e6fbb3223f6367

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 09 Jun 2024 11:32:50 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 04 Jun 2024 20:10:50 GMT
server: cloudflare
age: 101290
etag: W/"7cf4-61a160bd21a12"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0, must-revalidate, s-maxage=604800, proxy-revalidate
cf-ray: 8910cda48a701d9a-FRA

GET
H2 200 uOKdxj2C.json Show response
cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/translations/ 2 KB
907 B 17ms
17ms Fetch
application/json 2606:4700:10::6816:3a5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/translations/uOKdxj2C.json
Requested by: Host: cdn-cookieyes.com
URL: https://cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/banner.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3a5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c4b84ff63a579b431d68e17acbfa46c105ad091cd47c5b9f378d080b770f35a1

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 09 Jun 2024 11:32:50 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 04 Jun 2024 20:10:50 GMT
server: cloudflare
age: 101290
etag: W/"7cf-61a160bd23952"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0, must-revalidate, s-maxage=604800, proxy-revalidate
cf-ray: 8910cda4aab81d9a-FRA

GET
H2 200 l8ZI8d1V.json Show response
cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/audit-table/ 7 KB
2 KB 19ms
19ms Fetch
application/json 2606:4700:10::6816:3a5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/audit-table/l8ZI8d1V.json
Requested by: Host: cdn-cookieyes.com
URL: https://cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/banner.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3a5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f5a81a87d78e1f3f823ef1275b92e86dcea12352825cb517399f1f47a3df6b8

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 09 Jun 2024 11:32:50 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 04 Jun 2024 20:10:50 GMT
server: cloudflare
age: 101290
etag: W/"1b07-61a160bd1fad2"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0, must-revalidate, s-maxage=604800, proxy-revalidate
cf-ray: 8910cda4cae01d9a-FRA

GET
H2 200 close.svg
cdn-cookieyes.com/assets/images/ 1 KB
841 B 27ms
27ms Image
image/svg+xml 2606:4700:10::6816:3a5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-cookieyes.com/assets/images/close.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3a5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a049e1abe441835a2bcf35258936072189a0a52d0000c4ed2094e59d2afd189b

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 09 Jun 2024 11:32:50 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 15 Mar 2022 04:40:50 GMT
server: cloudflare
age: 497461
etag: W/"541-5da3a66c769d4"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=0, s-maxage=604800, proxy-revalidate
cf-ray: 8910cda4ff6035fa-FRA

GET
H2 200 poweredbtcky.svg
cdn-cookieyes.com/assets/images/ 4 KB
2 KB 30ms
29ms Image
image/svg+xml 2606:4700:10::6816:3a5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-cookieyes.com/assets/images/poweredbtcky.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3a5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 911f58b8d14bd6f73a83fd774e44bec97e896317c7093dc83e96921e64f1fbd5

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 09 Jun 2024 11:32:50 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 15 Mar 2022 04:41:24 GMT
server: cloudflare
age: 488452
etag: W/"eb2-5da3a68c50d09"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=0, s-maxage=604800, proxy-revalidate
cf-ray: 8910cda4ff6435fa-FRA

POST
H2 200 log
log.cookieyes.com/api/v1/ 2 B
152 B 29ms
29ms Ping
text/plain 52.31.17.134
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://log.cookieyes.com/api/v1/log
Requested by: Host: cdn-cookieyes.com
URL: https://cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.17.134 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-31-17-134.eu-west-1.compute.amazonaws.com
Software: / Express
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundary7V4fZDoQbgsB5eKR

Response headers

access-control-allow-origin: *
date: Sun, 09 Jun 2024 11:32:50 GMT
x-powered-by: Express
content-length: 2
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
content-type: text/plain; charset=utf-8

GET
H/1.1 200
OK prop.json Show response
cdn0.forter.com/f12dab486be1/92b2e8b72f8441549155b55e7c75d761/ 20 B
362 B 90ms
90ms XHR
application/json 34.225.5.197
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn0.forter.com/f12dab486be1/92b2e8b72f8441549155b55e7c75d761/prop.json?_=1717932770105
Requested by: Host:
URL: (program):2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 34.225.5.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-225-5-197.compute-1.amazonaws.com
Software: /
Resource Hash: 912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Pragma: no-cache
Date: Sun, 09 Jun 2024 11:32:50 GMT
Vary: Origin
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: https://correos.travel.win
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Expires: -1

GET
H/1.1 200
OK prop.json Show response
cdn0.forter.com/f12dab486be1/92b2e8b72f8441549155b55e7c75d761/ 20 B
362 B 93ms
92ms XHR
application/json 34.225.5.197
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn0.forter.com/f12dab486be1/92b2e8b72f8441549155b55e7c75d761/prop.json?_=1717932770287
Requested by: Host:
URL: (program):2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 34.225.5.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-225-5-197.compute-1.amazonaws.com
Software: /
Resource Hash: 912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Pragma: no-cache
Date: Sun, 09 Jun 2024 11:32:50 GMT
Vary: Origin
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: https://correos.travel.win
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Expires: -1

GET
H2 200 44_Correos%20Favicon%202024-04-08%20at%2011.36.17%20AM.png
siteimages.travel.win/ 34 KB
0 0ms
0ms Other
image/png 2600:9000:275d:6200:14:503f:7d40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://siteimages.travel.win/44_Correos%20Favicon%202024-04-08%20at%2011.36.17%20AM.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275d:6200:14:503f:7d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e9bc656e791415f5354da77d988eb448c87db413811968066f14d36bc3e4426a

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: null
date: Sun, 09 Jun 2024 11:32:51 GMT
via: 1.1 8614f084c2572336b13eed108c40e01e.cloudfront.net (CloudFront)
last-modified: Mon, 08 Apr 2024 17:18:27 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P11
x-amz-server-side-encryption: AES256
etag: "69e699a565bd89c6b6034c5485c0de19"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: image/png
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 34882
x-amz-cf-id: TgvjVBVHKZbvmTq_uJ9U02Nqoa_HGLywaRLPyqY3M5AH1cC2Oz5Xig==

GET
H2 200 44_Correos%20Favicon%202024-04-08%20at%2011.36.17%20AM.png
siteimages.travel.win/ 34 KB
0 0ms
0ms Other
image/png 2600:9000:275d:6200:14:503f:7d40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://siteimages.travel.win/44_Correos%20Favicon%202024-04-08%20at%2011.36.17%20AM.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275d:6200:14:503f:7d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e9bc656e791415f5354da77d988eb448c87db413811968066f14d36bc3e4426a

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: null
date: Sun, 09 Jun 2024 11:32:51 GMT
via: 1.1 8614f084c2572336b13eed108c40e01e.cloudfront.net (CloudFront)
last-modified: Mon, 08 Apr 2024 17:18:27 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P11
x-amz-server-side-encryption: AES256
etag: "69e699a565bd89c6b6034c5485c0de19"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: image/png
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 34882
x-amz-cf-id: TgvjVBVHKZbvmTq_uJ9U02Nqoa_HGLywaRLPyqY3M5AH1cC2Oz5Xig==

GET
H2 200 44_Correos%20Favicon%202024-04-08%20at%2011.36.17%20AM.png
siteimages.travel.win/ 34 KB
0 0ms
0ms Other
image/png 2600:9000:275d:6200:14:503f:7d40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://siteimages.travel.win/44_Correos%20Favicon%202024-04-08%20at%2011.36.17%20AM.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275d:6200:14:503f:7d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e9bc656e791415f5354da77d988eb448c87db413811968066f14d36bc3e4426a

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: null
date: Sun, 09 Jun 2024 11:32:51 GMT
via: 1.1 8614f084c2572336b13eed108c40e01e.cloudfront.net (CloudFront)
last-modified: Mon, 08 Apr 2024 17:18:27 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P11
x-amz-server-side-encryption: AES256
etag: "69e699a565bd89c6b6034c5485c0de19"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: image/png
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 34882
x-amz-cf-id: TgvjVBVHKZbvmTq_uJ9U02Nqoa_HGLywaRLPyqY3M5AH1cC2Oz5Xig==

GET
H2 200 44_Correos%20Favicon%202024-04-08%20at%2011.36.17%20AM.png
siteimages.travel.win/ 34 KB
0 0ms
0ms Other
image/png 2600:9000:275d:6200:14:503f:7d40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://siteimages.travel.win/44_Correos%20Favicon%202024-04-08%20at%2011.36.17%20AM.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275d:6200:14:503f:7d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e9bc656e791415f5354da77d988eb448c87db413811968066f14d36bc3e4426a

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: null
date: Sun, 09 Jun 2024 11:32:51 GMT
via: 1.1 8614f084c2572336b13eed108c40e01e.cloudfront.net (CloudFront)
last-modified: Mon, 08 Apr 2024 17:18:27 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P11
x-amz-server-side-encryption: AES256
etag: "69e699a565bd89c6b6034c5485c0de19"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: image/png
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 34882
x-amz-cf-id: TgvjVBVHKZbvmTq_uJ9U02Nqoa_HGLywaRLPyqY3M5AH1cC2Oz5Xig==

GET
H2 200 44_Correos%20Favicon%202024-04-08%20at%2011.36.17%20AM.png
siteimages.travel.win/ 34 KB
0 0ms
0ms Other
image/png 2600:9000:275d:6200:14:503f:7d40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://siteimages.travel.win/44_Correos%20Favicon%202024-04-08%20at%2011.36.17%20AM.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275d:6200:14:503f:7d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e9bc656e791415f5354da77d988eb448c87db413811968066f14d36bc3e4426a

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: null
date: Sun, 09 Jun 2024 11:32:51 GMT
via: 1.1 8614f084c2572336b13eed108c40e01e.cloudfront.net (CloudFront)
last-modified: Mon, 08 Apr 2024 17:18:27 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P11
x-amz-server-side-encryption: AES256
etag: "69e699a565bd89c6b6034c5485c0de19"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: image/png
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 34882
x-amz-cf-id: TgvjVBVHKZbvmTq_uJ9U02Nqoa_HGLywaRLPyqY3M5AH1cC2Oz5Xig==

POST
H/1.1 200
OK wpt.json Show response
cdn0.forter.com/f12dab486be1/92b2e8b72f8441549155b55e7c75d761/ 20 B
443 B 99ms
99ms XHR
application/json 34.225.5.197
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn0.forter.com/f12dab486be1/92b2e8b72f8441549155b55e7c75d761/wpt.json
Requested by: Host:
URL: (program):2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 34.225.5.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-225-5-197.compute-1.amazonaws.com
Software: /
Resource Hash: 912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

Pragma: no-cache
Date: Sun, 09 Jun 2024 11:32:50 GMT
ETag: W/"14-Y53wuE/mmbSikKcT/WualL1N65U"
Vary: Origin
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://correos.travel.win
Cache-Control: private, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Keep-Alive: timeout=10
Content-Length: 20
Expires: -1

OPTIONS
H/1.1 204
No Content wpt.json
cdn0.forter.com/f12dab486be1/92b2e8b72f8441549155b55e7c75d761/ 0
0 97ms
97ms Preflight 34.225.5.197
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn0.forter.com/f12dab486be1/92b2e8b72f8441549155b55e7c75d761/wpt.json
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 34.225.5.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-225-5-197.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://correos.travel.win
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 0
Date: Sun, 09 Jun 2024 11:32:50 GMT
Keep-Alive: timeout=10
Vary: Access-Control-Request-Headers

POST
H2 200 events
cdn3.forter.com/ 0
414 B 139ms
138ms Ping
text/plain 13.225.78.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn3.forter.com/events

Requested by

Host:
URL: (program):2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.129 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-129.fra2.r.cloudfront.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain; charset=utf-8

Response headers

pragma: no-cache
date: Sun, 09 Jun 2024 11:32:50 GMT
strict-transport-security: max-age=86400; includeSubDomains
via: 1.1 a32f966fc5896281eb3de44fd8f57d40.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
vary: Origin
x-cache: Miss from cloudfront
access-control-allow-origin: https://correos.travel.win
cache-control: private, no-cache, no-store
access-control-allow-credentials: true
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 0
x-amz-cf-id: qrVVu9-kNyezdt3lUEeActRgN-kN4K2VFj0kn1A39Z1V_Ice7N87wg==
expires: -1

GET
H2 200 logo_small.gif
df45ay5pw60dy.cloudfront.net/ 48 B
280 B 69ms
11ms Image
image/gif 2600:9000:2251:5600:10:f40e:dd80:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://df45ay5pw60dy.cloudfront.net/logo_small.gif?dfpadname=&check=1717932770963
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:5600:10:f40e:dd80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 0a66aa00275ce9c21012bcc686cc4016ed3f0ef6addb4b0d18dfb3489d7632b5

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 09 Jun 2024 11:32:51 GMT
via: 1.1 68b2682a924ac399aa2724b5b439e75c.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA60-P3
x-cache: FunctionGeneratedResponse from cloudfront
content-type: image/gif
content-length: 48
x-amz-cf-id: IEzaIDGAxvkF_SA4oo_nP5HuGtxcStcW_czAfZb7z9z-LxzFwToOcw==

GET
H2 200 logo_medium.gif
df45ay5pw60dy.cloudfront.net/ 48 B
279 B 68ms
10ms Image
image/gif 2600:9000:2251:5600:10:f40e:dd80:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://df45ay5pw60dy.cloudfront.net/logo_medium.gif?check=1717932770963&refererPageDetail=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:5600:10:f40e:dd80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 0a66aa00275ce9c21012bcc686cc4016ed3f0ef6addb4b0d18dfb3489d7632b5

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 09 Jun 2024 11:32:51 GMT
via: 1.1 68b2682a924ac399aa2724b5b439e75c.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA60-P3
x-cache: FunctionGeneratedResponse from cloudfront
content-type: image/gif
content-length: 48
x-amz-cf-id: 1ric5Ztn-dvmNV0EbuA2bmICuSBGZBz1yWEet4b_Yo5K4EWp0fs29g==

GET
H2 200 logo_large.gif
df45ay5pw60dy.cloudfront.net/ 48 B
281 B 67ms
10ms Image
image/gif 2600:9000:2251:5600:10:f40e:dd80:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://df45ay5pw60dy.cloudfront.net/logo_large.gif?1717932770963&-linkd-32.
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:5600:10:f40e:dd80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 0a66aa00275ce9c21012bcc686cc4016ed3f0ef6addb4b0d18dfb3489d7632b5

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 09 Jun 2024 11:32:51 GMT
via: 1.1 68b2682a924ac399aa2724b5b439e75c.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA60-P3
x-cache: FunctionGeneratedResponse from cloudfront
content-type: image/gif
content-length: 48
x-amz-cf-id: nL-R2DCwcTIXDOOl6x19QKRWIjrh3YKJkq3CfAUb4aewLyb27Uirtw==

Verdicts & Comments Add Verdict or Comment

188 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
correos.travel.win/	1969-12-31 23:59:59	Name: JSESSIONID Value: 363E8E938F5FF91BC47844B64C837B9C
correos.travel.win/	1969-12-31 23:59:59	Name: storedURL Value: /
correos.travel.win/	1970-01-20 21:55:24	Name: loc Value: 0
.travsrv.com/	1970-01-20 21:12:14	Name: __cf_bm Value: fR5eOuxCM5ADRTwddK.ssGZ4dO8BSuP4A6VMH7vRWS0-1717932764-1.0.1.1-PkImt8RzO8hXJ2ll7RLCRC2aqUhQMbfLrZ2YCpW3vaA_V1IC04RxPUnS0OxvR9xN5DRFuslleey2sFKVvptseg
.travel.win/	1970-01-21 05:57:48	Name: _hjSessionUser_3377341 Value: eyJpZCI6IjRmOTJmZWY1LWU2MDMtNWQ0ZS04YWY4LThhYzE3MmU1M2QzOCIsImNyZWF0ZWQiOjE3MTc5MzI3Njk1MTcsImV4aXN0aW5nIjpmYWxzZX0=
.travel.win/	1970-01-20 21:12:14	Name: _hjSession_3377341 Value: eyJpZCI6IjhjM2I5NDUzLTRjZWQtNDE0OS1hM2RhLTE1OWE4NzA1YTExYiIsImMiOjE3MTc5MzI3Njk1MTcsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MX0=
.travel.win/	1970-01-20 23:21:48	Name: _gcl_au Value: 1.1.582077566.1717932770
.travel.win/	1970-01-20 23:21:48	Name: _fbp Value: fb.1.1717932769641.939425234905803280
correos.travel.win/	1970-01-20 21:22:17	Name: AWSALBCORS Value: GC3mRj7ugHM6hXtUL+xZz43B3VJc/9FANqiUklGjvIode615PCCTSIYIJ8ru3HsLvhxVFWZ1k2C1bqXBccm96RFf8vgfzJt2PiimOfG5WpVSgsebCoeCAqVOP2f4
.travel.win/	1970-01-21 06:48:12	Name: _ga_76WT7NSSDX Value: GS1.1.1717932769.1.0.1717932769.0.0.0
.travel.win/	1970-01-21 06:48:12	Name: _ga Value: GA1.1.1501998180.1717932770
.travel.win/	1970-01-21 06:48:12	Name: forterToken Value: 92b2e8b72f8441549155b55e7c75d761_1717932768621__UDF43-m4_17ck_
.travel.win/	1970-01-21 05:57:48	Name: cookieyes-consent Value: consentid:Q2QySUpUMDZhbHNpNnE4TUs2OW0zWjlPcUZHSlEyelE,consent:no,action:,necessary:yes,functional:no,analytics:no,performance:no,advertisement:no,other:no

25 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://correos.travel.win/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
security	error	URL: https://correos.travel.win/(Line 2088) Message: Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'self' 'nonce-hzzp/p8ClvF1qrZRV3J3A0PR/sbs0az57DtywOVFkhA=' 'unsafe-eval' https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js https://www.googletagmanager.com/gtm.js https://www.googletagmanager.com/gtag/ ajax.cloudflare.com https://ajax.cloudflare.com https://img.ips.ms/gl.js https://www.dwin1.com/19038.js https://script.hotjar.com/* https://script.hotjar.com/ https://connect.facebook.net/en_US/fbevents.js https://cdn.jsdelivr.net/npm/daterangepicker/daterangepicker.min.js https://www.mczbf.com/tags/11157/tag.js https://connect.facebook.net/ https://maps.googleapis.com/ https://checkout-sdk.sezzle.com/checkout.min.js https://gateway.sezzle.com/ https://www.google-analytics.com https://optimize.google.com https://maps.googleapis.com https://maps.gstatic.com https://rum-static.pingdom.net/ https://static.hotjar.com/ https://.forter.com/ https://cdn.quilljs.com/ https://stackpath.bootstrapcdn.com/ .ggpht.com .googleapis.com https://.kaptcha.com https://ncr-front.marketplace.smartlink.valuedynamx.com https://qa-ncr-front.marketplace.smartlink.valuedynamx.com/ https://fonts.googleapis.com https://acsbapp.com/apps/app/dist/js/app.js https://accounts.google.com/* https://accounts.google.com/o/oauth2/auth https://cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/script.js https://cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/banner.js https://cdn-cookieyes.com/client_data/ https://www.paypal.com/ https://js.stripe.com/ https://merchant-ui-api.stripe.com/ https://s3-us-west-2.amazonaws.com". Either the 'unsafe-inline' keyword, a hash ('sha256-4UgSc92kSGExEJQyVVstZ74rMhOpMzOf0s/MsrVlXe0='), or a nonce ('nonce-...') is required to enable inline execution.
security	error	URL: (program):2(Line 17) Message: Refused to create a worker from 'blob:https://correos.travel.win/5e0c2277-85e2-41f9-badd-5aad318229ca' because it violates the following Content Security Policy directive: "script-src 'self' 'nonce-hzzp/p8ClvF1qrZRV3J3A0PR/sbs0az57DtywOVFkhA=' 'unsafe-eval' https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js https://www.googletagmanager.com/gtm.js https://www.googletagmanager.com/gtag/ ajax.cloudflare.com https://ajax.cloudflare.com https://img.ips.ms/gl.js https://www.dwin1.com/19038.js https://script.hotjar.com/* https://script.hotjar.com/ https://connect.facebook.net/en_US/fbevents.js https://cdn.jsdelivr.net/npm/daterangepicker/daterangepicker.min.js https://www.mczbf.com/tags/11157/tag.js https://connect.facebook.net/ https://maps.googleapis.com/ https://checkout-sdk.sezzle.com/checkout.min.js https://gateway.sezzle.com/ https://www.google-analytics.com https://optimize.google.com https://maps.googleapis.com https://maps.gstatic.com https://rum-static.pingdom.net/ https://static.hotjar.com/ https://.forter.com/ https://cdn.quilljs.com/ https://stackpath.bootstrapcdn.com/ .ggpht.com .googleapis.com https://.kaptcha.com https://ncr-front.marketplace.smartlink.valuedynamx.com https://qa-ncr-front.marketplace.smartlink.valuedynamx.com/ https://fonts.googleapis.com https://acsbapp.com/apps/app/dist/js/app.js https://accounts.google.com/* https://accounts.google.com/o/oauth2/auth https://cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/script.js https://cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/banner.js https://cdn-cookieyes.com/client_data/ https://www.paypal.com/ https://js.stripe.com/ https://merchant-ui-api.stripe.com/ https://s3-us-west-2.amazonaws.com". Note that 'worker-src' was not explicitly set, so 'script-src' is used as a fallback.
other	warning	URL: https://correos.travel.win/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://correos.travel.win/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://correos.travel.win/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://correos.travel.win/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://correos.travel.win/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://correos.travel.win/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://correos.travel.win/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://correos.travel.win/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://correos.travel.win/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
security	error	URL: (program):2(Line 17) Message: Refused to create a worker from 'blob:https://correos.travel.win/d035aabf-fb91-469c-9544-d0a2f13af728' because it violates the following Content Security Policy directive: "script-src 'self' 'nonce-hzzp/p8ClvF1qrZRV3J3A0PR/sbs0az57DtywOVFkhA=' 'unsafe-eval' https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js https://www.googletagmanager.com/gtm.js https://www.googletagmanager.com/gtag/ ajax.cloudflare.com https://ajax.cloudflare.com https://img.ips.ms/gl.js https://www.dwin1.com/19038.js https://script.hotjar.com/* https://script.hotjar.com/ https://connect.facebook.net/en_US/fbevents.js https://cdn.jsdelivr.net/npm/daterangepicker/daterangepicker.min.js https://www.mczbf.com/tags/11157/tag.js https://connect.facebook.net/ https://maps.googleapis.com/ https://checkout-sdk.sezzle.com/checkout.min.js https://gateway.sezzle.com/ https://www.google-analytics.com https://optimize.google.com https://maps.googleapis.com https://maps.gstatic.com https://rum-static.pingdom.net/ https://static.hotjar.com/ https://.forter.com/ https://cdn.quilljs.com/ https://stackpath.bootstrapcdn.com/ .ggpht.com .googleapis.com https://.kaptcha.com https://ncr-front.marketplace.smartlink.valuedynamx.com https://qa-ncr-front.marketplace.smartlink.valuedynamx.com/ https://fonts.googleapis.com https://acsbapp.com/apps/app/dist/js/app.js https://accounts.google.com/* https://accounts.google.com/o/oauth2/auth https://cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/script.js https://cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/banner.js https://cdn-cookieyes.com/client_data/ https://www.paypal.com/ https://js.stripe.com/ https://merchant-ui-api.stripe.com/ https://s3-us-west-2.amazonaws.com". Note that 'worker-src' was not explicitly set, so 'script-src' is used as a fallback.
other	warning	URL: https://correos.travel.win/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://correos.travel.win/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://correos.travel.win/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://correos.travel.win/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://correos.travel.win/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://correos.travel.win/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://correos.travel.win/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://correos.travel.win/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://correos.travel.win/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://correos.travel.win/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://correos.travel.win/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://correos.travel.win/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	script-src 'self' 'nonce-hzzp/p8ClvF1qrZRV3J3A0PR/sbs0az57DtywOVFkhA=' 'unsafe-eval' https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js https://www.googletagmanager.com/gtm.js https://www.googletagmanager.com/gtag/ ajax.cloudflare.com https://ajax.cloudflare.com https://img.ips.ms/gl.js https://www.dwin1.com/19038.js https://script.hotjar.com/* https://script.hotjar.com/ https://connect.facebook.net/en_US/fbevents.js https://cdn.jsdelivr.net/npm/daterangepicker/daterangepicker.min.js https://www.mczbf.com/tags/11157/tag.js https://connect.facebook.net/ https://maps.googleapis.com/ https://checkout-sdk.sezzle.com/checkout.min.js https://gateway.sezzle.com/ https://www.google-analytics.com https://optimize.google.com https://maps.googleapis.com https://maps.gstatic.com https://rum-static.pingdom.net/ https://static.hotjar.com/ https://.forter.com/ https://cdn.quilljs.com/ https://stackpath.bootstrapcdn.com/ .ggpht.com .googleapis.com https://.kaptcha.com https://ncr-front.marketplace.smartlink.valuedynamx.com https://qa-ncr-front.marketplace.smartlink.valuedynamx.com/ https://fonts.googleapis.com https://acsbapp.com/apps/app/dist/js/app.js https://accounts.google.com/* https://accounts.google.com/o/oauth2/auth https://cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/script.js https://cdn-cookieyes.com/client_data/7bfc0478700098c2d255da2d/banner.js https://cdn-cookieyes.com/client_data/ https://www.paypal.com/ https://js.stripe.com/ https://merchant-ui-api.stripe.com/ https://s3-us-west-2.amazonaws.com
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Security-Policy	frame-ancestors self
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

92b2e8b72f8441549155b55e7c75d761-f12dab486be1.cdn.forter.com
cdn-cookieyes.com
cdn0.forter.com
cdn3.forter.com
cdn9.forter.com
connect.facebook.net
correos.travel.win
df45ay5pw60dy.cloudfront.net
f12dab486be1.cdn4.forter.com
images.travel.win
locationimages.travel.win
log.cookieyes.com
media.travsrv.com
region1.google-analytics.com
script.hotjar.com
siteimages.travel.win
stackpath.bootstrapcdn.com
static.hotjar.com
travelwinimages.s3.us-east-2.amazonaws.com
vc.hotjar.io
www.facebook.com
www.googletagmanager.com
104.18.10.207
13.225.78.129
13.32.27.21
18.66.102.11
18.66.112.79
2001:4860:4802:34::36
2600:9000:20eb:d000:5:8133:e80:93a1
2600:9000:2251:5600:10:f40e:dd80:21
2600:9000:2644:3e00:f:1b37:e600:93a1
2600:9000:275b:5000:e:d088:5c40:93a1
2600:9000:275d:6200:14:503f:7d40:93a1
2600:9000:2761:5e00:d:4445:fe80:93a1
2606:4700:10::6816:3a5b
2606:4700:3108::ac42:288b
2a00:1450:4001:81c::2008
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
3.5.129.145
34.225.5.197
52.0.203.200
52.31.17.134
54.158.164.13
013fc5fff54274dee8838e96f7f67a882873c945eec5224a075ebe4078fc2ad8
02d9245ad64e20061d6f6e64b417a98d1245f94869cc8e3ad05e8a18b6ea5a94
0430154b1f87dba86f616877ddcc001f47b6b0b066f5b52b045d87ec84e376c3
04adad48aaeafce47caa4e3dd6c7a7ba8ca8195a6c401af5b88975dee4b689ce
05d793a967b8fb9821fd185840a8fdaa509bc029b1224427a4f4470dabc3b643
0701719c7501d63c6dd38508123a8951db9582e8c904b19e7921977973f1b943
09b1ac6f707b78a8a6f8336ed116048bb1649c420a404abfed793600ff4247b3
0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b
0a66aa00275ce9c21012bcc686cc4016ed3f0ef6addb4b0d18dfb3489d7632b5
12976cb2da883511669c17b79d22c703e78f113aa502fa7c734cfffa168b8b74
13006c717fe86547892cb52e6a7592cf2a65f50a601e4c8a29994dce88a9435a
13ea1fc4ff11d9c3c8d4d8cea7688556f087e875be902b1cb4ce35351d8ba98e
19252dd78d9ccebe6c52e73b037b3a3687979db4949605cfb6f6863bd9161729
1975041d83cb06ead6a87e352acd72dbb5d98147eac2f586422e662bbca26a62
1a4b7f20c38c2bac63e6164da99429f219364c4169e77a546a37c115424ce52c
1bd8abff0339f15542ee8645f7d533af5be3c6080502ac52d449cbd0a1e2f87a
210f6648c476a17b5c19dd11083e62eddc195785be23b2f93ec3469344a4944d
2481ff8a4ab61a7cb4403d88a7a6269c610d40dc8ec1e23f0d6eed7d718ca442
27521f3b1559c57356c3d48b3357bd5f7fb5a29d1d0cfdc5e4ee920a1f9aae88
2a8c01e570b1131c9c2e1b7b71f2fcf3fb8393a8e11c2876a8a06dc77932a564
2b824cb23cd30edecaa5847d4f93f2d14ecc024e31ab688394848a302a060f81
2c939a3eabd84f998fe1357edf172bba421a222328afefee5995f52d9edcbc0b
2f5a81a87d78e1f3f823ef1275b92e86dcea12352825cb517399f1f47a3df6b8
35d5f98816048d874c9e98da67a21560976a3daf1275e4b7112dcdae7216cad8
36b06368bee9a097028e618774db423a2ef6e10ce4d32c13488f0f762e848344
3cf1617f66acfc26391fed8355f8cb4e99dbfeb9fc747c313bf3cc992e0f269d
3d1d668742362ae68eeeb43165b7672f88cec36d5b1caa95ee90dc8903189278
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45358c5db2cf827d440e10b7b55e662ec21ae94eca03f7fdb15e6c1af05cfa46
4716f928c2078d60e0de09a9cdfbbaac3f84c82ac62a26c5cc2f9a1869c97d09
487eaa9d36937a27cc839a28cf1c044c9401a760fbd8560442d63478502409c5
49355dc44037a2694c7eb0777b7bb49b75075199e0059e6c64f846aba2a93153
4c36646bd290eee3ee665960f0e81a92c2c08264e72fb711848e832129104203
4d85e6134ab9f3aaf5a0b111d70ce6e6d353a086af3890ecfd0345dc9e4f2d00
4e147ab64b9fdf6d89d01f6b8c3ca0b3cddc59d608a8e2218f9a2504b5c98e14
4e45e3298e1d175b44bc34854a52c532fd6c78c6b206ae74072cc4071ab9dfda
5124d2867eabbbf09c3d61a0924b1700fadb65221b2278e33ce745a863ac6272
5353f2b2a0fc4032834e44c622da9f519ca08b12252c849389fcf8fa60fe8c42
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
57271e107bff1057f31ef13b242f29f1fc3ec75a9ccf15b93583fd752d1547b7
5ade1526f1674ac49650f04fa328b8aec7266c24c9a045f5efbb96b6984422c0
5df004c01f0dc584b8b7242b4f252c726ed0f6948e2e594a3e09dfdea4e79999
6401037b740a36cb4a76dffc4ec7b33120751283de952ce2d5cad28b8748ca8b
64590714ae9c85f00eaf0fe3bf3d108a4940a6e1ffc89e63a15c851de91c1911
6a398c0c51fef00c4a0e31d556500aba5764c68614aa47f97f3a9e0911521c79
6c20a9653b4919dfbf1359c1469dc8b6197ea53b402f7e41698d40da7c9ed8cb
6d8c2cf19c1f849692c09b7b8fbdc5091e45e2004fd3c57b1e18d4fc75e30423
6e8cbd6b0bc64625b243c4fd1482c997d03b9319eb4ce98eb017299d9bc2753f
74550320673b42c3fe0b3f82cc1cd3ed039d4e053559f406d464e1babdccb1f5
75780bb49ddeb755aa28aa946e06135a3392911355bb50ab94c06911ec9e0d0c
7722fd62abb67099b8d5fea97232f4aa6fda5dcb97f3a08268cae4a2391dfd35
7dc0a51c32dae143f2eade235145dfd6a7756388c0f0bf409fa373dd6c233629
8251256b2c78cd1ea4bfd33247451aeee36843dc9d4f7fd4a29783338c061971
828f009f26097cf5d0d026a6f2ce1efe70d1537b7199c5b6a338a5251eca3a85
83ebe8170b3b5dda2d20a80fe205ec14e1f8cb19ed40cfe73d480087b588e56c
861aa542f073b94b4ecb65a93fe9dfc473f21302c226a71c1fd856a21f513253
86cb6bb51db99e2a4aac6d4b49827f96fc4cf772e2bcda1d2dc0aba6a481ccec
883c18e4c59098f5bc9083f30ea61665c96d7e581f12f70be11aa09d45cae783
8881531d6c9eaf78dd382c94d5794cde4166d199ac6b77b41241551e1a513651
895b5ce4d99d1a90a087fe6748df79ff5f4070485f1f3d2dcdf0e622a84208e8
911f58b8d14bd6f73a83fd774e44bec97e896317c7093dc83e96921e64f1fbd5
912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d
93359f2c0236b518186339910a6688d12e88e3175ff43366fec75ef36e38f611
966620f9e3bec428663687f9e8d67a6b8e35d79adebf6fb204e9b139eada7599
9703c6099c7745538767834b9873e6ebb3f314ce467aa761132e4af2f85b9a91
a049e1abe441835a2bcf35258936072189a0a52d0000c4ed2094e59d2afd189b
a3a162b6a5bc394ddaeafabc686b94e9657f9dfe37f012247bc748de69aae1dd
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
b08948630f2da127f1f8e40ac884aac8dc7304404eba813f6e3e32fdbbabb3d3
b3c1281896d726e45316a81a0716f4d684632af744c6f38d4feba16bdcd1d4c8
b4fc2ad957f3e71c425c514b5671f904d9172fffdf82574a40f0bac248743346
b77617a27de4c47bc1ad57f5caa9fed90dfc60a28a86c4fa2873ee9bc0eb41fd
bca20e38a3ec90061fa6a05aebbcd07abf2fd082262138e0fd98710d7fa47973
bf9eb12c83b384d7c2079f9b010ebfd9834c8caaad81f456ba9fbfbc3e6002d3
c4b84ff63a579b431d68e17acbfa46c105ad091cd47c5b9f378d080b770f35a1
c5721c0e4826005a78073948927ce45eb1c13353285e9f99d303a35fc583d135
c672ab680062577674831ddb657774f2f95541a8df806b142998b06a5b08fdc3
c717503c84c6e0335941c3ee96eb5ac213897fef096898ec38bf69e230abf56e
d0aa6b0a69b25b4dd1ea2d634fc7e432a93637c8df4d97ec9ea932b814400f27
d54d610a683413f96e56caf901bc9cf509102f6152f88e93c6b9aceb455dd4c8
d59fc491ed63c2ba41a2d610612b0dae3a964d5b9bd4a5b688e6fbb3223f6367
da7736997c748b673901a8b311a8aa6e91e7538019161990a660a6cf720f0134
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8623ffb8964b867d2b2b27571db4c5030f283203e23ef2e280da984dbeae474
e9bc656e791415f5354da77d988eb448c87db413811968066f14d36bc3e4426a
ebd9e2e9c503d4bb62b9ffc193a207bfae08dc5bfbfa676e6af034f1731b3282
ec685a46105296fe46c8744da4a11cf8118ba6c11271941766f7a546df6aa7c7
edc2bbafe3261df8432f60b3b23ba5b21ba46ca732e286e20992dd90e8412c58
f14b85af2e005aacaaf5dd539e2dd06aa657a6dd01949daf04b2ba4675ceddb4
f1f2ab18e0d53989dfe257e19d5c5d9b908d3ccbc6d93e829d9d74ffae684e2b
f5ef4c7e64475909a9e32315f91f5cc5753af998f3076c7e61c1386752a6b9a8
fa2755650e71be9248da7a8372c4b89dc7e35710c0864ca0f83de241c468b291
fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a

correos.travel.win Open in urlscan Pro 52.0.203.200 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

112 Requests

99 %HTTPS

55 %IPv6

14 Domains

22 Subdomains

22 IPs

4 Countries

5697 kBTransfer

7403 kBSize

13 Cookies

3 Outgoing links

Redirected requests

112 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

correos.travel.win Open in urlscan Pro
52.0.203.200 Public Scan

Screenshot
Live screenshot

Full Image

112
Requests

99 %
HTTPS

55 %
IPv6

14
Domains

22
Subdomains

22
IPs

4
Countries

5697 kB
Transfer

7403 kB
Size

13
Cookies

112 HTTP transactions
0 data transactions