URL: https://ufxtravel.gttwl2.com/
Submission: On May 17 via api from US — Scanned from DE

Summary

This website contacted 10 IPs in 3 countries across 7 domains to perform 51 HTTP transactions. The main IP is 51.81.245.63, located in Hillsboro, United States and belongs to OVH, FR. The main domain is ufxtravel.gttwl2.com.
TLS certificate: Issued by R3 on May 17th 2024. Valid for: 3 months.
This is the only time ufxtravel.gttwl2.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 14 51.81.245.63 16276 (OVH)
3 104.18.11.207 13335 (CLOUDFLAR...)
1 18 2400:52e0:1e0... 200325 (BUNNYCDN)
1 52.217.206.193 16509 (AMAZON-02)
8 2a00:1450:400... 15169 (GOOGLE)
2 65.51.132.157 54004 (OPTIMUM-W...)
3 2a00:1450:400... 15169 (GOOGLE)
1 172.217.18.10 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 52.216.40.248 16509 (AMAZON-02)
51 10
Apex Domain
Subdomains
Transfer
19 gttwl.net
cdn3.gttwl.net
cdn4.gttwl.net
cdn1.gttwl.net
cdn2.gttwl.net
ads.gttwl.net
4 MB
13 gttwl2.com
ufxtravel.gttwl2.com
133 KB
9 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 380
fonts.googleapis.com — Cisco Umbrella Rank: 33
maps.googleapis.com — Cisco Umbrella Rank: 361
267 KB
5 gstatic.com
fonts.gstatic.com
maps.gstatic.com
96 KB
3 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1103
48 KB
2 travelsavers.com
tacticals.travelsavers.com
221 KB
2 amazonaws.com
gttwl.s3.amazonaws.com
s3.amazonaws.com
85 KB
51 7
Domain Requested by
13 ufxtravel.gttwl2.com 1 redirects ufxtravel.gttwl2.com
11 cdn3.gttwl.net 1 redirects ufxtravel.gttwl2.com
6 maps.googleapis.com ufxtravel.gttwl2.com
maps.googleapis.com
3 fonts.gstatic.com fonts.googleapis.com
3 cdn1.gttwl.net ufxtravel.gttwl2.com
3 maxcdn.bootstrapcdn.com ufxtravel.gttwl2.com
maxcdn.bootstrapcdn.com
2 maps.gstatic.com ufxtravel.gttwl2.com
2 cdn2.gttwl.net ufxtravel.gttwl2.com
2 tacticals.travelsavers.com ufxtravel.gttwl2.com
2 fonts.googleapis.com ufxtravel.gttwl2.com
2 cdn4.gttwl.net ufxtravel.gttwl2.com
1 s3.amazonaws.com ufxtravel.gttwl2.com
1 ads.gttwl.net cdn3.gttwl.net
1 ajax.googleapis.com ufxtravel.gttwl2.com
1 gttwl.s3.amazonaws.com ufxtravel.gttwl2.com
51 15

This site contains links to these domains. Also see Links.

Domain
ads.gttwl.net
twitter.com
www.facebook.com
Subject Issuer Validity Valid
ufxtravel.gttwl2.com
R3
2024-05-17 -
2024-08-15
3 months crt.sh
bootstrapcdn.com
GTS CA 1P5
2024-03-27 -
2024-06-25
3 months crt.sh
cdn3.gttwl.net
R3
2024-05-12 -
2024-08-10
3 months crt.sh
cdn4.gttwl.net
R3
2024-05-12 -
2024-08-10
3 months crt.sh
upload.video.google.com
WR2
2024-05-06 -
2024-07-29
3 months crt.sh
*.travelsavers.com
Go Daddy Secure Certificate Authority - G2
2024-02-05 -
2025-03-08
a year crt.sh
cdn1.gttwl.net
R3
2024-04-11 -
2024-07-10
3 months crt.sh
cdn2.gttwl.net
R3
2024-04-07 -
2024-07-06
3 months crt.sh
*.gstatic.com
WR2
2024-05-06 -
2024-07-29
3 months crt.sh
ads.gttwl.net
R3
2024-05-09 -
2024-08-07
3 months crt.sh
s3.amazonaws.com
Amazon RSA 2048 M01
2024-02-08 -
2025-01-11
a year crt.sh

This page contains 1 frames:

Primary Page: https://ufxtravel.gttwl2.com/
Frame ID: 661C5C8711EB470817E135F9E019439A
Requests: 51 HTTP requests in this frame

Screenshot

Page Title

Welcome | United Fairfax Travel

Detected technologies

Overall confidence: 100%
Detected patterns
  • //maps\.google(?:apis)?\.com/maps/api/js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

51
Requests

96 %
HTTPS

40 %
IPv6

7
Domains

15
Subdomains

10
IPs

3
Countries

4534 kB
Transfer

5459 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14
  • https://cdn3.gttwl.net/js/v1/serve.js HTTP 302
  • https://gttwl.s3.amazonaws.com/js/v1/serve.js
Request Chain 49
  • https://ufxtravel.gttwl2.com/favicon.ico HTTP 302
  • https://cdn3.gttwl.net/attachments/848ea4f4-0500-4f45-955c-9b5cfcb35267.jpg?auto=enhance&q=80&h=48&w=48

51 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
ufxtravel.gttwl2.com/
20 KB
6 KB
Document
General
Full URL
https://ufxtravel.gttwl2.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.81.245.63 Hillsboro, United States, ASN16276 (OVH, FR),
Reverse DNS
ovh1.gttwl.net
Software
/
Resource Hash
03d5db71f7bc1afd0fc62981f0d16551a73f605c495e859463a01d33d433f487
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000
cache-control
max-age=0, private, must-revalidate
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 17 May 2024 22:32:44 GMT
referrer-policy
strict-origin-when-cross-origin
strict-transport-security
max-age=31536000;
vary
Accept-Encoding
x-content-type-options
nosniff
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-request-id
F9Bnahen82vQQNMdju0B
app-1ab4e6e42964d7dc8e7dad2df8bc7004.js
ufxtravel.gttwl2.com/application/
116 KB
41 KB
Script
General
Full URL
https://ufxtravel.gttwl2.com/application/app-1ab4e6e42964d7dc8e7dad2df8bc7004.js?vsn=d
Requested by
Host: ufxtravel.gttwl2.com
URL: https://ufxtravel.gttwl2.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.81.245.63 Hillsboro, United States, ASN16276 (OVH, FR),
Reverse DNS
ovh1.gttwl.net
Software
/
Resource Hash
c9dd86afa390f99a84a1ae7a647d9e360270b58fa1613ef24f1402de766a2039
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ufxtravel.gttwl2.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 22:32:44 GMT
cache-control
public, max-age=31536000
content-encoding
gzip
strict-transport-security
max-age=31536000;
alt-svc
h3=":443"; ma=2592000
vary
Accept-Encoding
content-type
text/javascript
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.4/css/
115 KB
20 KB
Stylesheet
General
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.4/css/bootstrap.min.css
Requested by
Host: ufxtravel.gttwl2.com
URL: https://ufxtravel.gttwl2.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f04b517ba5d6a0510485689a3e42dac000f51640fd71b986804cba178eae42a5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ufxtravel.gttwl2.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 22:32:44 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
722
age
5637001
cdn-cachedat
08/04/2023 12:50:24
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:03:58 GMT
cdn-proxyver
1.04
cdn-requestpullcode
200
server
cloudflare
etag
W/"eedf9ee80c2faa4e1b9ab9017cdfcb88"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
7e74c5fea2151758aaf7c8cf1f839c4a
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
885710accf973680-FRA
cdn-requestpullsuccess
True
custom.css
ufxtravel.gttwl2.com/
40 KB
6 KB
Stylesheet
General
Full URL
https://ufxtravel.gttwl2.com/custom.css
Requested by
Host: ufxtravel.gttwl2.com
URL: https://ufxtravel.gttwl2.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.81.245.63 Hillsboro, United States, ASN16276 (OVH, FR),
Reverse DNS
ovh1.gttwl.net
Software
/
Resource Hash
c5e0713602754bf5d5d429c881b2c9357593021c9a4bbc71528cc6939e37ee9f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ufxtravel.gttwl2.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 22:32:44 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000;
etag
W/"42F978D8"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
cache-control
public, must-revalidate
alt-svc
h3=":443"; ma=2592000
colors.css
ufxtravel.gttwl2.com/
0
0
Stylesheet
General
Full URL
https://ufxtravel.gttwl2.com/colors.css
Requested by
Host: ufxtravel.gttwl2.com
URL: https://ufxtravel.gttwl2.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.81.245.63 Hillsboro, United States, ASN16276 (OVH, FR),
Reverse DNS
ovh1.gttwl.net
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ufxtravel.gttwl2.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 22:32:44 GMT
cache-control
max-age=0, private, must-revalidate
strict-transport-security
max-age=31536000;
alt-svc
h3=":443"; ma=2592000
content-length
18
x-request-id
F9BnalBzMu1JHz4ASgOI
content-type
text/css; charset=utf-8
table.css
ufxtravel.gttwl2.com/
203 B
245 B
Stylesheet
General
Full URL
https://ufxtravel.gttwl2.com/table.css
Requested by
Host: ufxtravel.gttwl2.com
URL: https://ufxtravel.gttwl2.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.81.245.63 Hillsboro, United States, ASN16276 (OVH, FR),
Reverse DNS
ovh1.gttwl.net
Software
/
Resource Hash
8193cae45e6154bd5986067d9d91cbd82ba2a024c92e6a728a5cc5a843dc6103
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ufxtravel.gttwl2.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 22:32:44 GMT
cache-control
public, must-revalidate
strict-transport-security
max-age=31536000;
alt-svc
h3=":443"; ma=2592000
etag
"C23F65CD"
content-length
203
content-type
text/css; charset=utf-8
font-awesome.css
ufxtravel.gttwl2.com/assets/font-awesome-4.6.3/css/
34 KB
7 KB
Stylesheet
General
Full URL
https://ufxtravel.gttwl2.com/assets/font-awesome-4.6.3/css/font-awesome.css
Requested by
Host: ufxtravel.gttwl2.com
URL: https://ufxtravel.gttwl2.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.81.245.63 Hillsboro, United States, ASN16276 (OVH, FR),
Reverse DNS
ovh1.gttwl.net
Software
/
Resource Hash
b977f453450222a069d89dd2e776f6f21f9fa42f6e15c03c7fe6ff34d9a2c159
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ufxtravel.gttwl2.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 22:32:44 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000;
etag
W/"7451A5B"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=15552000, immutable
alt-svc
h3=":443"; ma=2592000
jquery.feedek.js
ufxtravel.gttwl2.com/feedek/
2 KB
915 B
Script
General
Full URL
https://ufxtravel.gttwl2.com/feedek/jquery.feedek.js
Requested by
Host: ufxtravel.gttwl2.com
URL: https://ufxtravel.gttwl2.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.81.245.63 Hillsboro, United States, ASN16276 (OVH, FR),
Reverse DNS
ovh1.gttwl.net
Software
/
Resource Hash
263b6405960a6f5d41b49b3254d0db93cc6c83e2f2c7af7cdb6d039ccf927ef4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ufxtravel.gttwl2.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 22:32:44 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000;
etag
W/"A2231AE1"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
public, must-revalidate
alt-svc
h3=":443"; ma=2592000
jquery.feedek.css
ufxtravel.gttwl2.com/feedek/
640 B
395 B
Stylesheet
General
Full URL
https://ufxtravel.gttwl2.com/feedek/jquery.feedek.css
Requested by
Host: ufxtravel.gttwl2.com
URL: https://ufxtravel.gttwl2.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.81.245.63 Hillsboro, United States, ASN16276 (OVH, FR),
Reverse DNS
ovh1.gttwl.net
Software
/
Resource Hash
fe404eac5811b85401d5cb44759bb04fe3d57d2383e48571e19a7c3db223c811
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ufxtravel.gttwl2.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 22:32:44 GMT
content-encoding
zstd
strict-transport-security
max-age=31536000;
etag
"5C892E2D"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
cache-control
public, must-revalidate
alt-svc
h3=":443"; ma=2592000
content-length
328
848ea4f4-0500-4f45-955c-9b5cfcb35267.jpg
cdn3.gttwl.net/attachments/
9 KB
10 KB
Image
General
Full URL
https://cdn3.gttwl.net/attachments/848ea4f4-0500-4f45-955c-9b5cfcb35267.jpg?auto=enhance&q=80
Requested by
Host: ufxtravel.gttwl2.com
URL: https://ufxtravel.gttwl2.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1079:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1079 /
Resource Hash
69e0d3750271a57e55634d06de743047cf59ec44e83196f8382236f1395f65e3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ufxtravel.gttwl2.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 22:32:44 GMT
strict-transport-security
max-age=31536000;
cdn-edgestorageid
1082
cdn-cachedat
05/17/2024 22:32:44
cdn-pullzone
134292
alt-svc
h3=":443"; ma=2592000
content-length
9618
server
BunnyCDN-DE1-1079
cdn-proxyver
1.04
cdn-requestpullcode
200
content-type
image/jpeg
access-control-allow-origin
*
cdn-cache
MISS
cdn-uid
5a0a72eb-b254-4e7d-afa7-e34e4a4b62f4
cache-control
public, max-age=10800
access-control-allow-credentials
true
cdn-requestid
4be49c4a633f00bca5bd5133791628c7
cdn-requestcountrycode
DE
link
<https://imager.gttwl.net/attachments/848ea4f4-0500-4f45-955c-9b5cfcb35267.jpg?auto=enhance&q=80>; rel="canonical"
cdn-status
200
cdn-requestpullsuccess
True
1435262423_original.jpeg
cdn3.gttwl.net/attachments/global/
671 KB
672 KB
Image
General
Full URL
https://cdn3.gttwl.net/attachments/global/1435262423_original.jpeg
Requested by
Host: ufxtravel.gttwl2.com
URL: https://ufxtravel.gttwl2.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1079:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1079 /
Resource Hash
ef2c9b32b017bb767a6733e692ac72a904477e6943d54cea4a75b85ae0f69970
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ufxtravel.gttwl2.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 22:32:44 GMT
strict-transport-security
max-age=31536000;
cdn-edgestorageid
1079
cdn-cachedat
05/06/2024 15:13:41
cdn-pullzone
134292
alt-svc
h3=":443"; ma=2592000
content-length
687059
server
BunnyCDN-DE1-1079
cdn-proxyver
1.04
cdn-requestpullcode
200
content-type
image/jpeg
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
5a0a72eb-b254-4e7d-afa7-e34e4a4b62f4
cache-control
public, max-age=10800
access-control-allow-credentials
true
cdn-requestid
48567fb00c1a0c4109992bd7f7730d1a
cdn-requestcountrycode
DE
link
<https://imager.gttwl.net/attachments/global/1435262423_original.jpeg>; rel="canonical"
cdn-status
200
cdn-requestpullsuccess
True
1435261540_original.jpeg
cdn3.gttwl.net/attachments/global/
1 MB
1 MB
Image
General
Full URL
https://cdn3.gttwl.net/attachments/global/1435261540_original.jpeg
Requested by
Host: ufxtravel.gttwl2.com
URL: https://ufxtravel.gttwl2.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1079:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1079 /
Resource Hash
91fef37724e1353a6612eab71385fd71cabac3811a2c33201466a407246ed152
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ufxtravel.gttwl2.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 22:32:44 GMT
strict-transport-security
max-age=31536000;
cdn-edgestorageid
1080
cdn-cachedat
05/06/2024 15:13:41
cdn-pullzone
134292
alt-svc
h3=":443"; ma=2592000
content-length
1137223
server
BunnyCDN-DE1-1079
cdn-proxyver
1.04
cdn-requestpullcode
200
content-type
image/jpeg
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
5a0a72eb-b254-4e7d-afa7-e34e4a4b62f4
cache-control
public, max-age=10800
access-control-allow-credentials
true
cdn-requestid
f1af3351afd07ff50b804b7f8413935b
cdn-requestcountrycode
DE
link
<https://imager.gttwl.net/attachments/global/1435261540_original.jpeg>; rel="canonical"
cdn-status
200
cdn-requestpullsuccess
True
1435262130_original.jpeg
cdn3.gttwl.net/attachments/global/
1 MB
1 MB
Image
General
Full URL
https://cdn3.gttwl.net/attachments/global/1435262130_original.jpeg
Requested by
Host: ufxtravel.gttwl2.com
URL: https://ufxtravel.gttwl2.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1079:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1079 /
Resource Hash
0b95137685a5fe6350a0033612ea9da82e440d6da20b8adf308c3e116dfd1410
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ufxtravel.gttwl2.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 22:32:44 GMT
strict-transport-security
max-age=31536000;
cdn-edgestorageid
1080
cdn-cachedat
05/06/2024 15:13:41
cdn-pullzone
134292
alt-svc
h3=":443"; ma=2592000
content-length
1056369
server
BunnyCDN-DE1-1079
cdn-proxyver
1.04
cdn-requestpullcode
200
content-type
image/jpeg
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
5a0a72eb-b254-4e7d-afa7-e34e4a4b62f4
cache-control
public, max-age=10800
access-control-allow-credentials
true
cdn-requestid
615b6c19d5493fad32b6c4cc5bfe84fa
cdn-requestcountrycode
DE
link
<https://imager.gttwl.net/attachments/global/1435262130_original.jpeg>; rel="canonical"
cdn-status
200
cdn-requestpullsuccess
True
1518633380_original.jpeg
cdn3.gttwl.net/attachments/travelsavers1.gttwl2.com/ltmq6z/
95 KB
96 KB
Image
General
Full URL
https://cdn3.gttwl.net/attachments/travelsavers1.gttwl2.com/ltmq6z/1518633380_original.jpeg
Requested by
Host: ufxtravel.gttwl2.com
URL: https://ufxtravel.gttwl2.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1079:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1079 /
Resource Hash
37b3cc9a1ab930b2684a8822c7fad160f7002b7b353a2e64c85c412159430ceb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ufxtravel.gttwl2.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 22:32:44 GMT
strict-transport-security
max-age=31536000;
cdn-edgestorageid
1080
cdn-cachedat
05/06/2024 15:13:41
cdn-pullzone
134292
alt-svc
h3=":443"; ma=2592000
content-length
97504
server
BunnyCDN-DE1-1079
cdn-proxyver
1.04
cdn-requestpullcode
200
content-type
image/jpeg
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
5a0a72eb-b254-4e7d-afa7-e34e4a4b62f4
cache-control
public, max-age=10800
access-control-allow-credentials
true
cdn-requestid
2a4eb1325c4dd79d0e3b4f679ad9337c
cdn-requestcountrycode
DE
link
<https://imager.gttwl.net/attachments/travelsavers1.gttwl2.com/ltmq6z/1518633380_original.jpeg>; rel="canonical"
cdn-status
200
cdn-requestpullsuccess
True
travel-personality.jpg
cdn3.gttwl.net/travesavers1.gttwl2.com/images/
42 KB
43 KB
Image
General
Full URL
https://cdn3.gttwl.net/travesavers1.gttwl2.com/images/travel-personality.jpg
Requested by
Host: ufxtravel.gttwl2.com
URL: https://ufxtravel.gttwl2.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1079:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1079 /
Resource Hash
1a0ca52071fdec5838c4f398b427d65379ca161b022c1c2606c4d6cd7ddf874d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ufxtravel.gttwl2.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 22:32:44 GMT
strict-transport-security
max-age=31536000;
cdn-edgestorageid
1082
cdn-cachedat
05/06/2024 17:47:05
cdn-pullzone
134292
alt-svc
h3=":443"; ma=2592000
content-length
43001
server
BunnyCDN-DE1-1079
cdn-proxyver
1.04
cdn-requestpullcode
200
content-type
image/jpeg
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
5a0a72eb-b254-4e7d-afa7-e34e4a4b62f4
cache-control
public, max-age=10800
access-control-allow-credentials
true
cdn-requestid
db819696f34b616c79db5f77f5727353
cdn-requestcountrycode
DE
link
<https://imager.gttwl.net/travesavers1.gttwl2.com/images/travel-personality.jpg>; rel="canonical"
cdn-status
200
cdn-requestpullsuccess
True
serve.js
gttwl.s3.amazonaws.com/js/v1/
Redirect Chain
  • https://cdn3.gttwl.net/js/v1/serve.js
  • https://gttwl.s3.amazonaws.com/js/v1/serve.js
4 KB
5 KB
Script
General
Full URL
https://gttwl.s3.amazonaws.com/js/v1/serve.js
Requested by
Host: ufxtravel.gttwl2.com
URL: https://ufxtravel.gttwl2.com/
Protocol
HTTP/1.1
Server
52.217.206.193 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
cd914c00ef906926ecaf463b781677a805da94d535ccc9f3d3b18afecc02a8bf

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://ufxtravel.gttwl2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Date
Fri, 17 May 2024 22:32:45 GMT
x-amz-version-id
lsYK_Q_hAexH8EOv_w5Z.37XfjJAEjiQ
Last-Modified
Thu, 14 Mar 2024 05:19:38 GMT
Server
AmazonS3
x-amz-request-id
53K6BNHY8XY55DA0
ETag
"6212bae3bcc0543188ef93668633e204-1"
x-amz-server-side-encryption
AES256
Content-Type
text/javascript
Accept-Ranges
bytes
Content-Length
4302
x-amz-id-2
bFehDrRmI+GIM78JTphl9y+d16b3wZOxd38UftZNvAua/p2qrMb/LfIfufW6WOEwm/kTn9wg758=

Redirect headers

date
Fri, 17 May 2024 22:32:44 GMT
strict-transport-security
max-age=31536000;
cdn-edgestorageid
1082
cdn-cachedat
05/06/2024 11:26:57
cdn-pullzone
134292
alt-svc
h3=":443"; ma=2592000
content-length
111
server
BunnyCDN-DE1-1079
cdn-proxyver
1.04
cdn-requestpullcode
302
vary
Accept-Encoding
content-type
text/html; charset=utf-8
location
https://gttwl.s3.amazonaws.com/js/v1/serve.js
access-control-allow-origin
*
cdn-uid
5a0a72eb-b254-4e7d-afa7-e34e4a4b62f4
cache-control
public, max-age=10800
access-control-allow-credentials
true
cdn-cache
HIT
cdn-requestid
c9ef605948635e2206a9e2e505f08c55
cdn-requestcountrycode
DE
link
<https://imager.gttwl.net/js/v1/serve.js>; rel="canonical"
cdn-status
302
cdn-requestpullsuccess
True
travelclub300x250.jpg
cdn3.gttwl.net/travesavers1.gttwl2.com/images/
81 KB
81 KB
Image
General
Full URL
https://cdn3.gttwl.net/travesavers1.gttwl2.com/images/travelclub300x250.jpg
Requested by
Host: ufxtravel.gttwl2.com
URL: https://ufxtravel.gttwl2.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1079:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1079 /
Resource Hash
0bd40bf448afa601c396c2da9b0d81004447af4be50bea972ebc4f62fb389932
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ufxtravel.gttwl2.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 22:32:44 GMT
strict-transport-security
max-age=31536000;
cdn-edgestorageid
1082
cdn-cachedat
05/06/2024 15:13:41
cdn-pullzone
134292
alt-svc
h3=":443"; ma=2592000
content-length
82641
server
BunnyCDN-DE1-1079
cdn-proxyver
1.04
cdn-requestpullcode
200
content-type
image/jpeg
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
5a0a72eb-b254-4e7d-afa7-e34e4a4b62f4
cache-control
public, max-age=10800
access-control-allow-credentials
true
cdn-requestid
5e7f4ba117e5918d286e07b69f2d6b13
cdn-requestcountrycode
DE
link
<https://imager.gttwl.net/travesavers1.gttwl2.com/images/travelclub300x250.jpg>; rel="canonical"
cdn-status
200
cdn-requestpullsuccess
True
61a2c9b7-e720-4497-b04e-0e770bb43ee6.jpg
cdn4.gttwl.net/attachments/
135 KB
136 KB
Image
General
Full URL
https://cdn4.gttwl.net/attachments/61a2c9b7-e720-4497-b04e-0e770bb43ee6.jpg?auto=enhance&q=80
Requested by
Host: ufxtravel.gttwl2.com
URL: https://ufxtravel.gttwl2.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1079:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1079 /
Resource Hash
4080fd7a493870ee5d6e4a70e543e3fd36143a5b015570cc85314b2076c3b059
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ufxtravel.gttwl2.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 22:32:44 GMT
strict-transport-security
max-age=31536000;
cdn-edgestorageid
1081
cdn-cachedat
05/06/2024 19:54:03
cdn-pullzone
134292
alt-svc
h3=":443"; ma=2592000
content-length
138583
server
BunnyCDN-DE1-1079
cdn-proxyver
1.04
cdn-requestpullcode
200
content-type
image/jpeg
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
5a0a72eb-b254-4e7d-afa7-e34e4a4b62f4
cache-control
public, max-age=10800
access-control-allow-credentials
true
cdn-requestid
b6c3f963835bd185eba6d9b4cb669f69
cdn-requestcountrycode
DE
link
<https://imager.gttwl.net/attachments/61a2c9b7-e720-4497-b04e-0e770bb43ee6.jpg?auto=enhance&q=80>; rel="canonical"
cdn-status
200
cdn-requestpullsuccess
True
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.11.2/
94 KB
33 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.11.2/jquery.min.js
Requested by
Host: ufxtravel.gttwl2.com
URL: https://ufxtravel.gttwl2.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ufxtravel.gttwl2.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 12:55:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
207433
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33495
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 15 May 2025 12:55:31 GMT
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/3.3.4/js/
35 KB
10 KB
Script
General
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.4/js/bootstrap.min.js
Requested by
Host: ufxtravel.gttwl2.com
URL: https://ufxtravel.gttwl2.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5fd173d00d9733900834e0e1083de86b532e048b15c0420ba5c2db0623644b8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ufxtravel.gttwl2.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 22:32:44 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
617, 617
age
5632362
cdn-cachedat
2021-06-01 19:39:17
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:03:58 GMT
server
cloudflare
cdn-requestpullcode
200
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
cc9c4f0d341b28a2bf97da1ba3da67e8
timing-allow-origin
*
cdn-requestcountrycode
US
cf-ray
885710af399f3680-FRA
cdn-requestpullsuccess
True
custom.js
ufxtravel.gttwl2.com/
2 KB
694 B
Script
General
Full URL
https://ufxtravel.gttwl2.com/custom.js
Requested by
Host: ufxtravel.gttwl2.com
URL: https://ufxtravel.gttwl2.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.81.245.63 Hillsboro, United States, ASN16276 (OVH, FR),
Reverse DNS
ovh1.gttwl.net
Software
/
Resource Hash
d776a8a2f8f3381658305d690fff1f6b79f0220cd0f51324fd43c5a4ec4fbe49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ufxtravel.gttwl2.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 22:32:44 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000;
etag
W/"3AD0A9EB"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
public, must-revalidate
alt-svc
h3=":443"; ma=2592000
css
fonts.googleapis.com/
11 KB
2 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:700,300
Requested by
Host: ufxtravel.gttwl2.com
URL: https://ufxtravel.gttwl2.com/custom.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f5dd2822f43fe98a2e541d325e5c507d070bb68fd660eefe6b18699be7cbec58
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ufxtravel.gttwl2.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Fri, 17 May 2024 22:32:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 17 May 2024 22:24:24 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 17 May 2024 22:32:44 GMT
css
fonts.googleapis.com/
9 KB
2 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Lora:400,400italic
Requested by
Host: ufxtravel.gttwl2.com
URL: https://ufxtravel.gttwl2.com/custom.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5a3bd2c1dfe19a1aff3e252ce30ca4703fcce42150be06b4172f5ab6935cc153
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ufxtravel.gttwl2.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Fri, 17 May 2024 22:32:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 17 May 2024 22:32:44 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 17 May 2024 22:32:44 GMT
background.jpg
tacticals.travelsavers.com/2015/OXP-templates/images/
219 KB
219 KB
Image
General
Full URL
https://tacticals.travelsavers.com/2015/OXP-templates/images/background.jpg
Requested by
Host: ufxtravel.gttwl2.com
URL: https://ufxtravel.gttwl2.com/custom.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
65.51.132.157 Levittown, United States, ASN54004 (OPTIMUM-WIFI2, US),
Reverse DNS
4133849d.cst.lightpath.net
Software
WEB2 / ASP.NET
Resource Hash
af437a806b585a6ffc10ef011a7409f4a3f058ed29a344b8eebbc9d652bad59a

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ufxtravel.gttwl2.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 17 May 2024 22:32:23 GMT
Last-Modified
Thu, 09 Apr 2015 14:03:33 GMT
Server
WEB2
ETag
"80e8e7f6cd72d01:0"
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
224396
circle-texture.png
tacticals.travelsavers.com/2015/OXP-templates/images/
1 KB
1 KB
Image
General
Full URL
https://tacticals.travelsavers.com/2015/OXP-templates/images/circle-texture.png
Requested by
Host: ufxtravel.gttwl2.com
URL: https://ufxtravel.gttwl2.com/custom.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
65.51.132.157 Levittown, United States, ASN54004 (OPTIMUM-WIFI2, US),
Reverse DNS
4133849d.cst.lightpath.net
Software
WEB2 / ASP.NET
Resource Hash
9d8b3f0d222a2d523d9feed28a5a7e8674fb02ab0140eee2de083948e4fbcc17

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ufxtravel.gttwl2.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 17 May 2024 22:32:23 GMT
Last-Modified
Thu, 09 Apr 2015 17:08:39 GMT
Server
WEB2
ETag
"80599d2e772d01:0"
X-Powered-By
ASP.NET
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
1039
1439484589_original.jpeg
cdn1.gttwl.net/attachments/global/
33 KB
33 KB
Image
General
Full URL
https://cdn1.gttwl.net/attachments/global/1439484589_original.jpeg?auto=enhance&q=80&h=480&w=640
Requested by
Host: ufxtravel.gttwl2.com
URL: https://ufxtravel.gttwl2.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1079:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1079 /
Resource Hash
902bacd9558a31d417ea68fd75ebe79355ee32ccb9d4700957cff6992a3d585e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ufxtravel.gttwl2.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 22:32:44 GMT
strict-transport-security
max-age=31536000;
cdn-edgestorageid
1082
cdn-cachedat
05/06/2024 15:13:42
cdn-pullzone
134292
alt-svc
h3=":443"; ma=2592000
content-length
33689
server
BunnyCDN-DE1-1079
cdn-proxyver
1.04
cdn-requestpullcode
200
content-type
image/jpeg
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
5a0a72eb-b254-4e7d-afa7-e34e4a4b62f4
cache-control
public, max-age=10800
access-control-allow-credentials
true
cdn-requestid
64f50794b96f5baeaf2e87f14f28b05d
cdn-requestcountrycode
DE
link
<https://imager.gttwl.net/attachments/global/1439484589_original.jpeg?auto=enhance&q=80&h=480&w=640>; rel="canonical"
cdn-status
200
cdn-requestpullsuccess
True
1435251898_original.jpeg
cdn1.gttwl.net/attachments/global/
65 KB
65 KB
Image
General
Full URL
https://cdn1.gttwl.net/attachments/global/1435251898_original.jpeg?auto=enhance&q=80&h=480&w=640
Requested by
Host: ufxtravel.gttwl2.com
URL: https://ufxtravel.gttwl2.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1079:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1079 /
Resource Hash
7a50d8ddbd5336e4f837599d66eb80af4fb0df02402130b89f4f6070cdc2ee6f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ufxtravel.gttwl2.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 22:32:44 GMT
strict-transport-security
max-age=31536000;
cdn-edgestorageid
1081
cdn-cachedat
05/06/2024 19:54:03
cdn-pullzone
134292
alt-svc
h3=":443"; ma=2592000
content-length
66107
server
BunnyCDN-DE1-1079
cdn-proxyver
1.04
cdn-requestpullcode
200
content-type
image/jpeg
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
5a0a72eb-b254-4e7d-afa7-e34e4a4b62f4
cache-control
public, max-age=10800
access-control-allow-credentials
true
cdn-requestid
63a25e6fb253ffe8e083e62ee06e01be
cdn-requestcountrycode
DE
link
<https://imager.gttwl.net/attachments/global/1435251898_original.jpeg?auto=enhance&q=80&h=480&w=640>; rel="canonical"
cdn-status
200
cdn-requestpullsuccess
True
1437412684_original.jpeg
cdn1.gttwl.net/attachments/global/
95 KB
96 KB
Image
General
Full URL
https://cdn1.gttwl.net/attachments/global/1437412684_original.jpeg?auto=enhance&q=80&h=480&w=640
Requested by
Host: ufxtravel.gttwl2.com
URL: https://ufxtravel.gttwl2.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1079:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1079 /
Resource Hash
1f46eb7220cc8d37cf04ad880bbe4abad07e272d19ab5b40c732c20a44c2a194
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ufxtravel.gttwl2.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 22:32:44 GMT
strict-transport-security
max-age=31536000;
cdn-edgestorageid
1082
cdn-cachedat
05/06/2024 19:54:03
cdn-pullzone
134292
alt-svc
h3=":443"; ma=2592000
content-length
97478
server
BunnyCDN-DE1-1079
cdn-proxyver
1.04
cdn-requestpullcode
200
content-type
image/jpeg
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
5a0a72eb-b254-4e7d-afa7-e34e4a4b62f4
cache-control
public, max-age=10800
access-control-allow-credentials
true
cdn-requestid
0ba410ecff4ee7fc4643552251aa79b2
cdn-requestcountrycode
DE
link
<https://imager.gttwl.net/attachments/global/1437412684_original.jpeg?auto=enhance&q=80&h=480&w=640>; rel="canonical"
cdn-status
200
cdn-requestpullsuccess
True
1431912178_original.jpeg
cdn3.gttwl.net/attachments/global/
58 KB
58 KB
Image
General
Full URL
https://cdn3.gttwl.net/attachments/global/1431912178_original.jpeg?auto=enhance&q=80&h=480&w=640
Requested by
Host: ufxtravel.gttwl2.com
URL: https://ufxtravel.gttwl2.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1079:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1079 /
Resource Hash
69071c852adc5421087ffa71ed87006b88d4f3cf75cf14aa10e703cc401629aa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ufxtravel.gttwl2.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 22:32:44 GMT
strict-transport-security
max-age=31536000;
cdn-edgestorageid
1079
cdn-cachedat
05/06/2024 19:54:03
cdn-pullzone
134292
alt-svc
h3=":443"; ma=2592000
content-length
59123
server
BunnyCDN-DE1-1079
cdn-proxyver
1.04
cdn-requestpullcode
200
content-type
image/jpeg
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
5a0a72eb-b254-4e7d-afa7-e34e4a4b62f4
cache-control
public, max-age=10800
access-control-allow-credentials
true
cdn-requestid
34a65d5ec684fb4113f5a3cef6eaf9d5
cdn-requestcountrycode
DE
link
<https://imager.gttwl.net/attachments/global/1431912178_original.jpeg?auto=enhance&q=80&h=480&w=640>; rel="canonical"
cdn-status
200
cdn-requestpullsuccess
True
1435164498_original.jpeg
cdn2.gttwl.net/attachments/global/
60 KB
61 KB
Image
General
Full URL
https://cdn2.gttwl.net/attachments/global/1435164498_original.jpeg?auto=enhance&q=80&h=480&w=640
Requested by
Host: ufxtravel.gttwl2.com
URL: https://ufxtravel.gttwl2.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1079:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1079 /
Resource Hash
265582a922d87e533759fdd256d05b33faa24b42f8979db8b2b19708da311007
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ufxtravel.gttwl2.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 22:32:44 GMT
strict-transport-security
max-age=31536000;
cdn-edgestorageid
1080
cdn-cachedat
05/15/2024 22:11:04
cdn-pullzone
134292
alt-svc
h3=":443"; ma=2592000
content-length
61510
server
BunnyCDN-DE1-1079
cdn-proxyver
1.04
cdn-requestpullcode
200
content-type
image/jpeg
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
5a0a72eb-b254-4e7d-afa7-e34e4a4b62f4
cache-control
public, max-age=10800
access-control-allow-credentials
true
cdn-requestid
4035e044e9e5e923b1c5b2c24ffb6a2a
cdn-requestcountrycode
DE
link
<https://imager.gttwl.net/attachments/global/1435164498_original.jpeg?auto=enhance&q=80&h=480&w=640>; rel="canonical"
cdn-status
200
cdn-requestpullsuccess
True
1440878325_original.jpeg
cdn2.gttwl.net/attachments/global/
87 KB
87 KB
Image
General
Full URL
https://cdn2.gttwl.net/attachments/global/1440878325_original.jpeg?auto=enhance&q=80&h=480&w=640
Requested by
Host: ufxtravel.gttwl2.com
URL: https://ufxtravel.gttwl2.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1079:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1079 /
Resource Hash
b6f3d66945d0dd4570b83920f180010512a2ddd8ec4f68c2685bbba8ccf0e1e5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ufxtravel.gttwl2.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 22:32:44 GMT
strict-transport-security
max-age=31536000;
cdn-edgestorageid
1082
cdn-cachedat
05/06/2024 21:00:22
cdn-pullzone
134292
alt-svc
h3=":443"; ma=2592000
content-length
88886
server
BunnyCDN-DE1-1079
cdn-proxyver
1.04
cdn-requestpullcode
200
content-type
image/jpeg
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
5a0a72eb-b254-4e7d-afa7-e34e4a4b62f4
cache-control
public, max-age=10800
access-control-allow-credentials
true
cdn-requestid
aa46a502e3119d107dac89b8b51c2bdf
cdn-requestcountrycode
DE
link
<https://imager.gttwl.net/attachments/global/1440878325_original.jpeg?auto=enhance&q=80&h=480&w=640>; rel="canonical"
cdn-status
200
cdn-requestpullsuccess
True
1431911483_original.jpeg
cdn3.gttwl.net/attachments/global/
64 KB
64 KB
Image
General
Full URL
https://cdn3.gttwl.net/attachments/global/1431911483_original.jpeg?auto=enhance&q=80&h=480&w=640
Requested by
Host: ufxtravel.gttwl2.com
URL: https://ufxtravel.gttwl2.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1079:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1079 /
Resource Hash
f22b078669fde25da07f4bdaa0fe76f723fa13eda629ca73084a17bfb9f807ce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ufxtravel.gttwl2.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 22:32:44 GMT
strict-transport-security
max-age=31536000;
cdn-edgestorageid
1080
cdn-cachedat
05/06/2024 15:13:41
cdn-pullzone
134292
alt-svc
h3=":443"; ma=2592000
content-length
65337
server
BunnyCDN-DE1-1079
cdn-proxyver
1.04
cdn-requestpullcode
200
content-type
image/jpeg
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
5a0a72eb-b254-4e7d-afa7-e34e4a4b62f4
cache-control
public, max-age=10800
access-control-allow-credentials
true
cdn-requestid
d32e940fd483e8a4bf621eae2c7338d8
cdn-requestcountrycode
DE
link
<https://imager.gttwl.net/attachments/global/1431911483_original.jpeg?auto=enhance&q=80&h=480&w=640>; rel="canonical"
cdn-status
200
cdn-requestpullsuccess
True
1431913692_original.jpeg
cdn4.gttwl.net/attachments/global/
35 KB
35 KB
Image
General
Full URL
https://cdn4.gttwl.net/attachments/global/1431913692_original.jpeg?auto=enhance&q=80&h=480&w=640
Requested by
Host: ufxtravel.gttwl2.com
URL: https://ufxtravel.gttwl2.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1079:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1079 /
Resource Hash
1b57f61d7ec9f6d134efe6806bf3da939189dbb0033f3a5f92dfd5c8ffd1a386
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ufxtravel.gttwl2.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 22:32:44 GMT
strict-transport-security
max-age=31536000;
cdn-edgestorageid
1081
cdn-cachedat
05/09/2024 15:10:25
cdn-pullzone
134292
alt-svc
h3=":443"; ma=2592000
content-length
35469
server
BunnyCDN-DE1-1079
cdn-proxyver
1.04
cdn-requestpullcode
200
content-type
image/jpeg
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
5a0a72eb-b254-4e7d-afa7-e34e4a4b62f4
cache-control
public, max-age=10800
access-control-allow-credentials
true
cdn-requestid
4a45cca7ce1f442d0837447c27cbb7be
cdn-requestcountrycode
DE
link
<https://imager.gttwl.net/attachments/global/1431913692_original.jpeg?auto=enhance&q=80&h=480&w=640>; rel="canonical"
cdn-status
200
cdn-requestpullsuccess
True
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/
47 KB
48 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:700,300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://ufxtravel.gttwl2.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 00:50:53 GMT
x-content-type-options
nosniff
age
337311
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48236
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 14 May 2025 00:50:53 GMT
glyphicons-halflings-regular.woff2
maxcdn.bootstrapcdn.com/bootstrap/3.3.4/fonts/
18 KB
18 KB
Font
General
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.4/fonts/glyphicons-halflings-regular.woff2
Requested by
Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/bootstrap/3.3.4/css/bootstrap.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.4/css/bootstrap.min.css
Origin
https://ufxtravel.gttwl2.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 22:32:45 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
941
cdn-cachedat
12/09/2022 03:36:29
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
18028
last-modified
Mon, 25 Jan 2021 22:03:58 GMT
cdn-proxyver
1.03
cdn-requestpullcode
200
server
cloudflare
etag
"448c34a56d699c29117adc64c43affeb"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
1f49faf8f5b68f4ff6b1bb33173a1537
accept-ranges
bytes
timing-allow-origin
*
cdn-requestcountrycode
US
cdn-status
200
cf-ray
885710b0ae46365d-FRA
cdn-requestpullsuccess
True
0QI8MX1D_JOuMw_hLdO6T2wV9KnW-MoFoq92nA.woff2
fonts.gstatic.com/s/lora/v35/
22 KB
22 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lora/v35/0QI8MX1D_JOuMw_hLdO6T2wV9KnW-MoFoq92nA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lora:400,400italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9e6e380dc70aa0d116772b28a820ecbc3ba8ff7927e2f9de6ac09742bb1e1b49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://ufxtravel.gttwl2.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 07:55:10 GMT
x-content-type-options
nosniff
age
311854
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22696
x-xss-protection
0
last-modified
Wed, 31 Jan 2024 23:11:28 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 14 May 2025 07:55:10 GMT
0QI6MX1D_JOuGQbT0gvTJPa787weuxJBkq0.woff2
fonts.gstatic.com/s/lora/v35/
21 KB
21 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lora/v35/0QI6MX1D_JOuGQbT0gvTJPa787weuxJBkq0.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lora:400,400italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5aaa941328e6c9b4c140a8dfb8ab73187627cbf522c4b3309c71ec68be0b6325
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://ufxtravel.gttwl2.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 11 May 2024 13:51:47 GMT
x-content-type-options
nosniff
age
549657
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21108
x-xss-protection
0
last-modified
Wed, 31 Jan 2024 23:12:26 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 11 May 2025 13:51:47 GMT
fontawesome-webfont.woff2
ufxtravel.gttwl2.com/assets/font-awesome-4.6.3/fonts/
70 KB
70 KB
Font
General
Full URL
https://ufxtravel.gttwl2.com/assets/font-awesome-4.6.3/fonts/fontawesome-webfont.woff2?v=4.6.3
Requested by
Host: ufxtravel.gttwl2.com
URL: https://ufxtravel.gttwl2.com/assets/font-awesome-4.6.3/css/font-awesome.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.81.245.63 Hillsboro, United States, ASN16276 (OVH, FR),
Reverse DNS
ovh1.gttwl.net
Software
/
Resource Hash
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ufxtravel.gttwl2.com/assets/font-awesome-4.6.3/css/font-awesome.css
Origin
https://ufxtravel.gttwl2.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 22:32:44 GMT
strict-transport-security
max-age=31536000;
etag
"56122FE"
content-type
font/woff2
cache-control
public, max-age=15552000, immutable
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000
content-length
71896
3xdcmkhs4uv
ads.gttwl.net/serve/v1/
701 B
860 B
Script
General
Full URL
https://ads.gttwl.net/serve/v1/3xdcmkhs4uv?r=&q=https%3A%2F%2Fufxtravel.gttwl2.com%2F&u=fdca839b-91bd-4d85-86a5-fa2446e9ee9c&tags=&f=j
Requested by
Host: cdn3.gttwl.net
URL: https://cdn3.gttwl.net/js/v1/serve.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.81.245.63 Hillsboro, United States, ASN16276 (OVH, FR),
Reverse DNS
ovh1.gttwl.net
Software
/
Resource Hash
7a33f6d2385f6a5c307f945cc8d55dbf31453e78e3a09c79482ac2b7a82b5a0c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ufxtravel.gttwl2.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 22:32:45 GMT
cache-control
max-age=0, private, must-revalidate
strict-transport-security
max-age=31536000;
alt-svc
h3=":443"; ma=2592000
content-length
701
x-request-id
F9BnapAtGb3CfCwAaxKB
content-type
text/javascript
hits
ufxtravel.gttwl2.com/
37 B
85 B
Fetch
General
Full URL
https://ufxtravel.gttwl2.com/hits?js=1&u=fdca839b-91bd-4d85-86a5-fa2446e9ee9c&r=&q=https%3A%2F%2Fufxtravel.gttwl2.com%2F
Requested by
Host: ufxtravel.gttwl2.com
URL: https://ufxtravel.gttwl2.com/application/app-1ab4e6e42964d7dc8e7dad2df8bc7004.js?vsn=d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.81.245.63 Hillsboro, United States, ASN16276 (OVH, FR),
Reverse DNS
ovh1.gttwl.net
Software
/
Resource Hash
3f8bbf8b986dbaba8f5fe853f72a6224a5008c0e9b0ffec12b3f5acb04391817
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ufxtravel.gttwl2.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 22:32:45 GMT
strict-transport-security
max-age=31536000;
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000
content-length
37
x-request-id
F9Bnanynj5nDVwwSjv-D
6630
ufxtravel.gttwl2.com/tm/h/
37 B
188 B
Fetch
General
Full URL
https://ufxtravel.gttwl2.com/tm/h/6630?js=1&t=fdca839b-91bd-4d85-86a5-fa2446e9ee9c&req=https%3A%2F%2Fufxtravel.gttwl2.com%2F&ref=&kind=&kind_id=
Requested by
Host: ufxtravel.gttwl2.com
URL: https://ufxtravel.gttwl2.com/application/app-1ab4e6e42964d7dc8e7dad2df8bc7004.js?vsn=d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.81.245.63 Hillsboro, United States, ASN16276 (OVH, FR),
Reverse DNS
ovh1.gttwl.net
Software
/
Resource Hash
3f8bbf8b986dbaba8f5fe853f72a6224a5008c0e9b0ffec12b3f5acb04391817
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ufxtravel.gttwl2.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 22:32:45 GMT
strict-transport-security
max-age=31536000;
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000
content-length
37
x-request-id
F9BnanyIdcGVbRwkuzOB
js
maps.googleapis.com/maps/api/
245 KB
80 KB
Script
General
Full URL
https://maps.googleapis.com/maps/api/js?libraries=places&key=AIzaSyBa0KhpPIkUCNdYfyGCyaxM5f5dtMkd0fQ&v=weekly&callback=google.maps.__ib__
Requested by
Host: ufxtravel.gttwl2.com
URL: https://ufxtravel.gttwl2.com/application/app-1ab4e6e42964d7dc8e7dad2df8bc7004.js?vsn=d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
239ee49ac55b85afb4b0b66b41e4cb57e31723ec11c9e29a8a042c2ea5d489ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ufxtravel.gttwl2.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 22:32:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
vary
Accept-Language, Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
81820
x-xss-protection
0
gen_204
maps.googleapis.com/maps/api/mapsjs/
3 B
45 B
XHR
General
Full URL
https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?libraries=places&key=AIzaSyBa0KhpPIkUCNdYfyGCyaxM5f5dtMkd0fQ&v=weekly&callback=google.maps.__ib__
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.10 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f10.1e100.net
Software
scaffolding on HTTPServer2 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ufxtravel.gttwl2.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 22:32:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://ufxtravel.gttwl2.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23
x-xss-protection
0
common.js
maps.googleapis.com/maps-api-v3/api/js/56/12a/intl/de_ALL/
256 KB
56 KB
Script
General
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/56/12a/intl/de_ALL/common.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?libraries=places&key=AIzaSyBa0KhpPIkUCNdYfyGCyaxM5f5dtMkd0fQ&v=weekly&callback=google.maps.__ib__
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6e02652bb3712b0d6c86d46b57605d17f3620592c070f87889855a180047079d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ufxtravel.gttwl2.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 14:04:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
289698
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57202
x-xss-protection
0
last-modified
Tue, 07 May 2024 21:52:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 14 May 2025 14:04:27 GMT
util.js
maps.googleapis.com/maps-api-v3/api/js/56/12a/intl/de_ALL/
182 KB
56 KB
Script
General
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/56/12a/intl/de_ALL/util.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?libraries=places&key=AIzaSyBa0KhpPIkUCNdYfyGCyaxM5f5dtMkd0fQ&v=weekly&callback=google.maps.__ib__
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
99fef3f878b819e7ed61ba40a1d4cb9aa10a115ce5861823f7d67f5623d4440c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ufxtravel.gttwl2.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 14:18:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
288832
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57145
x-xss-protection
0
last-modified
Tue, 07 May 2024 21:52:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 14 May 2025 14:18:53 GMT
controls.js
maps.googleapis.com/maps-api-v3/api/js/56/12a/intl/de_ALL/
94 KB
25 KB
Script
General
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/56/12a/intl/de_ALL/controls.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?libraries=places&key=AIzaSyBa0KhpPIkUCNdYfyGCyaxM5f5dtMkd0fQ&v=weekly&callback=google.maps.__ib__
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
808ea90cebc0f9a52fc022bdb3a5221d58cdd28336333e2ad94a7f85c665f26d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ufxtravel.gttwl2.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 13:56:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
290156
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25278
x-xss-protection
0
last-modified
Tue, 07 May 2024 21:52:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 14 May 2025 13:56:49 GMT
places_impl.js
maps.googleapis.com/maps-api-v3/api/js/56/12a/intl/de_ALL/
43 KB
13 KB
Script
General
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/56/12a/intl/de_ALL/places_impl.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?libraries=places&key=AIzaSyBa0KhpPIkUCNdYfyGCyaxM5f5dtMkd0fQ&v=weekly&callback=google.maps.__ib__
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2595ce2de7420236eaec8d2051f0e811c51f0c1bd18e3394684e5e1fde14d0c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ufxtravel.gttwl2.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 14:12:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
289224
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13342
x-xss-protection
0
last-modified
Tue, 07 May 2024 21:52:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 14 May 2025 14:12:21 GMT
powered-by-google-on-white3.png
maps.gstatic.com/mapfiles/api-3/images/
2 KB
2 KB
Image
General
Full URL
https://maps.gstatic.com/mapfiles/api-3/images/powered-by-google-on-white3.png
Requested by
Host: ufxtravel.gttwl2.com
URL: https://ufxtravel.gttwl2.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cd80d0dcb2a44bd30c11fcdf13d4c280f336dad9442ee7da79146f2bb77381a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ufxtravel.gttwl2.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 22:32:45 GMT
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/geo-tactile
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1616
x-xss-protection
0
last-modified
Tue, 18 May 2021 19:15:00 GMT
server
sffe
report-to
{"group":"geo-tactile","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/geo-tactile"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
private, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="geo-tactile"
expires
Fri, 17 May 2024 22:32:45 GMT
autocomplete-icons.png
maps.gstatic.com/mapfiles/api-3/images/
3 KB
3 KB
Image
General
Full URL
https://maps.gstatic.com/mapfiles/api-3/images/autocomplete-icons.png
Requested by
Host: ufxtravel.gttwl2.com
URL: https://ufxtravel.gttwl2.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
db209390b90b70f4b1ef3540cb581e4ec8edbba21980971b68e4aef5c5d352fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ufxtravel.gttwl2.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 22:32:45 GMT
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/geo-tactile
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3351
x-xss-protection
0
last-modified
Tue, 18 May 2021 19:15:00 GMT
server
sffe
report-to
{"group":"geo-tactile","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/geo-tactile"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
private, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="geo-tactile"
expires
Fri, 17 May 2024 22:32:45 GMT
6227e097-9a05-42fc-b016-2cf994e723bf.jpg
s3.amazonaws.com/gttwl/attachments/
80 KB
81 KB
Image
General
Full URL
https://s3.amazonaws.com/gttwl/attachments/6227e097-9a05-42fc-b016-2cf994e723bf.jpg
Requested by
Host: ufxtravel.gttwl2.com
URL: https://ufxtravel.gttwl2.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.216.40.248 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
d3dcbf4fb6b1090cede9f019e1461923ca0d8adb434b76a74bae8a1a05c54019

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ufxtravel.gttwl2.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 17 May 2024 22:32:46 GMT
x-amz-version-id
mwBZUmIzmOjgBe_O01.qfG2jx3SdMpwk
Last-Modified
Tue, 14 May 2024 18:39:29 GMT
Server
AmazonS3
x-amz-request-id
QYS65KRQKKPVRPE2
ETag
"7db66d6e4c315fa6203f548aeb1a0cb9-1"
x-amz-server-side-encryption
AES256
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
82211
x-amz-id-2
0bZ55fhBxkw32ddTnfd+w6kJ7KiXd7HVzelBbv0z+ggQxxpwbcQN6NJGtMXb5RD0R4Ot/xnWu/E=
848ea4f4-0500-4f45-955c-9b5cfcb35267.jpg
cdn3.gttwl.net/attachments/
Redirect Chain
  • https://ufxtravel.gttwl2.com/favicon.ico
  • https://cdn3.gttwl.net/attachments/848ea4f4-0500-4f45-955c-9b5cfcb35267.jpg?auto=enhance&q=80&h=48&w=48
1 KB
2 KB
Other
General
Full URL
https://cdn3.gttwl.net/attachments/848ea4f4-0500-4f45-955c-9b5cfcb35267.jpg?auto=enhance&q=80&h=48&w=48
Protocol
H2
Server
2400:52e0:1e00::1079:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1079 /
Resource Hash
60cfd52cdee33fdbfd23e123d1d37f75b41953b19cc1c5a079fe89e7d83b254c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://ufxtravel.gttwl2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date
Fri, 17 May 2024 22:32:46 GMT
strict-transport-security
max-age=31536000;
cdn-edgestorageid
1081
cdn-cachedat
05/17/2024 19:37:25
cdn-pullzone
134292
alt-svc
h3=":443"; ma=2592000
content-length
1340
server
BunnyCDN-DE1-1079
cdn-proxyver
1.04
cdn-requestpullcode
200
content-type
image/jpeg
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
5a0a72eb-b254-4e7d-afa7-e34e4a4b62f4
cache-control
public, max-age=10800
access-control-allow-credentials
true
cdn-requestid
2bfbd1f840ee3900b1d01f87f14f977a
cdn-requestcountrycode
DE
link
<https://imager.gttwl.net/attachments/848ea4f4-0500-4f45-955c-9b5cfcb35267.jpg?auto=enhance&q=80&h=48&w=48>; rel="canonical"
cdn-status
200
cdn-requestpullsuccess
True

Redirect headers

date
Fri, 17 May 2024 22:32:46 GMT
strict-transport-security
max-age=31536000;
content-type
text/html; charset=utf-8
location
https://cdn3.gttwl.net/attachments/848ea4f4-0500-4f45-955c-9b5cfcb35267.jpg?auto=enhance&q=80&h=48&w=48
cache-control
max-age=0, private, must-revalidate
alt-svc
h3=":443"; ma=2592000
content-length
181
x-request-id
F9Bnar7y6RnfIS4kuzWB

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery object| Cookies function| md5 string| _tat_adcode number| _tat_width number| _tat_height string| _tat_tags boolean| _tat_noframe object| jQuery111209920172245804209 object| google object| module$exports$mapsapi$geometry$spherical object| reactiveElementVersions object| module$contents$mapsapi$overlay$overlayView_OverlayView object| geo_autocomplete2 object| geo_autocomplete object| geo_place object| __e3_

4 Cookies

Domain/Path Name / Value
ufxtravel.gttwl2.com/ Name: _gttwl2_session
Value: SFMyNTY.g3QAAAABbQAAAARjYXJ0bQAAAC5jYXJ0OjY2MzA6MDQ5MjllOWUtOTg0ZC00NGRkLWEzZTUtYzRmMDNkYWZmMGI0.WJmpufpT7qxufAecqLbG9aszstHtpF6SGLD5zkVbknQ
ufxtravel.gttwl2.com/ Name: agency_locale
Value: de
ufxtravel.gttwl2.com/ Name: cart
Value: 04929e9e-984d-44dd-a3e5-c4f03daff0b4
ufxtravel.gttwl2.com/ Name: __tat_u
Value: fdca839b-91bd-4d85-86a5-fa2446e9ee9c

1 Console Messages

Source Level URL
Text
network error URL: https://ufxtravel.gttwl2.com/colors.css
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.gttwl.net
ajax.googleapis.com
cdn1.gttwl.net
cdn2.gttwl.net
cdn3.gttwl.net
cdn4.gttwl.net
fonts.googleapis.com
fonts.gstatic.com
gttwl.s3.amazonaws.com
maps.googleapis.com
maps.gstatic.com
maxcdn.bootstrapcdn.com
s3.amazonaws.com
tacticals.travelsavers.com
ufxtravel.gttwl2.com
104.18.11.207
172.217.18.10
2400:52e0:1e00::1079:1
2a00:1450:4001:80e::2003
2a00:1450:4001:81d::2003
2a00:1450:4001:827::200a
51.81.245.63
52.216.40.248
52.217.206.193
65.51.132.157
03d5db71f7bc1afd0fc62981f0d16551a73f605c495e859463a01d33d433f487
0b95137685a5fe6350a0033612ea9da82e440d6da20b8adf308c3e116dfd1410
0bd40bf448afa601c396c2da9b0d81004447af4be50bea972ebc4f62fb389932
1a0ca52071fdec5838c4f398b427d65379ca161b022c1c2606c4d6cd7ddf874d
1b57f61d7ec9f6d134efe6806bf3da939189dbb0033f3a5f92dfd5c8ffd1a386
1f46eb7220cc8d37cf04ad880bbe4abad07e272d19ab5b40c732c20a44c2a194
239ee49ac55b85afb4b0b66b41e4cb57e31723ec11c9e29a8a042c2ea5d489ab
2595ce2de7420236eaec8d2051f0e811c51f0c1bd18e3394684e5e1fde14d0c2
263b6405960a6f5d41b49b3254d0db93cc6c83e2f2c7af7cdb6d039ccf927ef4
265582a922d87e533759fdd256d05b33faa24b42f8979db8b2b19708da311007
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0
37b3cc9a1ab930b2684a8822c7fad160f7002b7b353a2e64c85c412159430ceb
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3f8bbf8b986dbaba8f5fe853f72a6224a5008c0e9b0ffec12b3f5acb04391817
4080fd7a493870ee5d6e4a70e543e3fd36143a5b015570cc85314b2076c3b059
5a3bd2c1dfe19a1aff3e252ce30ca4703fcce42150be06b4172f5ab6935cc153
5aaa941328e6c9b4c140a8dfb8ab73187627cbf522c4b3309c71ec68be0b6325
60cfd52cdee33fdbfd23e123d1d37f75b41953b19cc1c5a079fe89e7d83b254c
69071c852adc5421087ffa71ed87006b88d4f3cf75cf14aa10e703cc401629aa
69e0d3750271a57e55634d06de743047cf59ec44e83196f8382236f1395f65e3
6e02652bb3712b0d6c86d46b57605d17f3620592c070f87889855a180047079d
7a33f6d2385f6a5c307f945cc8d55dbf31453e78e3a09c79482ac2b7a82b5a0c
7a50d8ddbd5336e4f837599d66eb80af4fb0df02402130b89f4f6070cdc2ee6f
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
808ea90cebc0f9a52fc022bdb3a5221d58cdd28336333e2ad94a7f85c665f26d
8193cae45e6154bd5986067d9d91cbd82ba2a024c92e6a728a5cc5a843dc6103
902bacd9558a31d417ea68fd75ebe79355ee32ccb9d4700957cff6992a3d585e
91fef37724e1353a6612eab71385fd71cabac3811a2c33201466a407246ed152
99fef3f878b819e7ed61ba40a1d4cb9aa10a115ce5861823f7d67f5623d4440c
9d8b3f0d222a2d523d9feed28a5a7e8674fb02ab0140eee2de083948e4fbcc17
9e6e380dc70aa0d116772b28a820ecbc3ba8ff7927e2f9de6ac09742bb1e1b49
af437a806b585a6ffc10ef011a7409f4a3f058ed29a344b8eebbc9d652bad59a
b6f3d66945d0dd4570b83920f180010512a2ddd8ec4f68c2685bbba8ccf0e1e5
b977f453450222a069d89dd2e776f6f21f9fa42f6e15c03c7fe6ff34d9a2c159
c5e0713602754bf5d5d429c881b2c9357593021c9a4bbc71528cc6939e37ee9f
c9dd86afa390f99a84a1ae7a647d9e360270b58fa1613ef24f1402de766a2039
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cd80d0dcb2a44bd30c11fcdf13d4c280f336dad9442ee7da79146f2bb77381a4
cd914c00ef906926ecaf463b781677a805da94d535ccc9f3d3b18afecc02a8bf
d3dcbf4fb6b1090cede9f019e1461923ca0d8adb434b76a74bae8a1a05c54019
d5fd173d00d9733900834e0e1083de86b532e048b15c0420ba5c2db0623644b8
d776a8a2f8f3381658305d690fff1f6b79f0220cd0f51324fd43c5a4ec4fbe49
db209390b90b70f4b1ef3540cb581e4ec8edbba21980971b68e4aef5c5d352fb
ef2c9b32b017bb767a6733e692ac72a904477e6943d54cea4a75b85ae0f69970
f04b517ba5d6a0510485689a3e42dac000f51640fd71b986804cba178eae42a5
f22b078669fde25da07f4bdaa0fe76f723fa13eda629ca73084a17bfb9f807ce
f5dd2822f43fe98a2e541d325e5c507d070bb68fd660eefe6b18699be7cbec58
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c
fe404eac5811b85401d5cb44759bb04fe3d57d2383e48571e19a7c3db223c811