fdew.ouhgfgfhg.cloudns.biz Open in urlscan Pro
172.67.149.129 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://fdew.ouhgfgfhg.cloudns.biz/
Submission: On March 30 via api (March 30th 2024, 10:17:28 am UTC) from US — Scanned from US

Summary HTTP 53 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 12 IPs in 2 countries across 8 domains to perform 53 HTTP transactions. The main IP is 172.67.149.129, located in United States and belongs to CLOUDFLARENET, US. The main domain is fdew.ouhgfgfhg.cloudns.biz.
TLS certificate: Issued by E1 on January 29th 2024. Valid for: 3 months.

This is the only time fdew.ouhgfgfhg.cloudns.biz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
29	172.67.149.129 172.67.149.129	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4006:80f::2016	15169 (GOOGLE) (GOOGLE)
10	172.66.42.221 172.66.42.221	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2607:f8b0:400... 2607:f8b0:4006:809::2008	15169 (GOOGLE) (GOOGLE)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2600:9000:24f... 2600:9000:24f0:a800:c:7d55:b3c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	142.250.72.98 142.250.72.98	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:80b::200e	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c06::9d	15169 (GOOGLE) (GOOGLE)
2	3.126.133.169 3.126.133.169	16509 (AMAZON-02) (AMAZON-02)
1	142.251.40.164 142.251.40.164	15169 (GOOGLE) (GOOGLE)
53	12

29 172.67.149.129 (United States)

ASN13335 (CLOUDFLARENET, US)

fdew.ouhgfgfhg.cloudns.biz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80f::2016 (United States)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 172.66.42.221 (United States)

ASN13335 (CLOUDFLARENET, US)

img.jaywaytravel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:809::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:24f0:a800:c:7d55:b3c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.matomo.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.72.98 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s32-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80b::200e (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c06::9d (Washington, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.126.133.169 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-133-169.eu-central-1.compute.amazonaws.com

jaywaytravel.matomo.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.40.164 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s81-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
29	cloudns.biz fdew.ouhgfgfhg.cloudns.biz	619 KB
10	jaywaytravel.com img.jaywaytravel.com	486 KB
3	matomo.cloud cdn.matomo.cloud — Cisco Umbrella Rank: 16777 jaywaytravel.matomo.cloud	59 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 360	14 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 42	286 KB
2	google.com analytics.google.com — Cisco Umbrella Rank: 148 www.google.com — Cisco Umbrella Rank: 2	326 B
2	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 39 stats.g.doubleclick.net — Cisco Umbrella Rank: 91	2 KB
1	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 93	170 KB
53	8

	Domain	Requested by
29	fdew.ouhgfgfhg.cloudns.biz	fdew.ouhgfgfhg.cloudns.biz
10	img.jaywaytravel.com	fdew.ouhgfgfhg.cloudns.biz
3	bat.bing.com	www.googletagmanager.com bat.bing.com fdew.ouhgfgfhg.cloudns.biz
3	www.googletagmanager.com	fdew.ouhgfgfhg.cloudns.biz www.googletagmanager.com
2	jaywaytravel.matomo.cloud	cdn.matomo.cloud
1	www.google.com	fdew.ouhgfgfhg.cloudns.biz
1	stats.g.doubleclick.net	www.googletagmanager.com
1	analytics.google.com	www.googletagmanager.com
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	cdn.matomo.cloud	www.googletagmanager.com
1	i.ytimg.com	fdew.ouhgfgfhg.cloudns.biz
53	11

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.youtube.com
www.twitter.com
www.instagram.com
pinterest.com
guests.jaywaytravel.com

Subject Issuer	Validity	Valid
ouhgfgfhg.cloudns.biz E1	`2024-01-29` - `2024-04-28`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
jaywaytravel.com E1	`2024-02-15` - `2024-05-15`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 05	`2024-03-29` - `2024-06-27`	3 months	crt.sh
cdn.matomo.cloud Amazon RSA 2048 M03	`2023-10-27` - `2024-11-23`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
*.matomo.cloud Amazon RSA 2048 M02	`2023-06-21` - `2024-07-19`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://fdew.ouhgfgfhg.cloudns.biz/
Frame ID: 45C4776EA1E931203149BFE4C4B4E760
Requests: 86 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

JayWay Travel – Boutique Europe Tour Company

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

53
Requests

100 %
HTTPS

55 %
IPv6

8
Domains

11
Subdomains

12
IPs

2
Countries

1636 kB
Transfer

2853 kB
Size

10
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/jaywaytravel/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/jaywaytravel

Search URL Search Domain Scan URL

URL: https://www.twitter.com/jaywaytravel/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/jaywaytravel/

Search URL Search Domain Scan URL

URL: https://pinterest.com/jaywaytravel

Search URL Search Domain Scan URL

URL: https://guests.jaywaytravel.com/
Title: Guest Page Login

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

53 HTTP transactions
33 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 Primary Request / Show response
fdew.ouhgfgfhg.cloudns.biz/ 56 KB
13 KB 366ms
237ms Document
text/html 172.67.149.129
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fdew.ouhgfgfhg.cloudns.biz/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.149.129 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

fd97d79c7ba0a0820ffa4010f900b49016751ffc1d7a53e2e7b32f576a215170

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: en-US,en;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 86c7596e194039f5-YYZ
content-encoding: br
content-security-policy: upgrade-insecure-requests;
content-type: text/html; charset=utf-8
date: Sat, 30 Mar 2024 10:17:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Kupop5%2FpewzDf8yoP2zSbYIzTRr4kXT9b2V%2BcnCLvLzJYh0sH8xdnr2sP7EPt0nwyHj%2BVRdVJz0mVLelq2WEQUSSpErTeWSVodgpDxktjSqq9puOfvWVFVDB4x07jFfyydfSzuWebjt7b1KY5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-envoy-upstream-service-time: 157
x-powered-by: Express

GET
H3 200 bootstrap.min.css
fdew.ouhgfgfhg.cloudns.biz/vendor/bootstrap-4.1.2-dist/css/ 139 KB
22 KB 43ms
42ms Stylesheet
text/css 172.67.149.129
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fdew.ouhgfgfhg.cloudns.biz/vendor/bootstrap-4.1.2-dist/css/bootstrap.min.css

Requested by

Host: fdew.ouhgfgfhg.cloudns.biz
URL: https://fdew.ouhgfgfhg.cloudns.biz/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.149.129 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

cd5525bc887734465161af57feaa4d63c3f5681cb477816b23b6e17d94995707

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fdew.ouhgfgfhg.cloudns.biz/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 30 Mar 2024 10:17:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy: upgrade-insecure-requests;
age: 232654
x-powered-by: Express
x-envoy-upstream-service-time: 2
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 27 Mar 2024 17:29:18 GMT
server: cloudflare
etag: W/"22ad9-1882832818"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xZWNaLOgD5XdAxSH4fq49hej0AsVe1CuXAbYmAgP0tHV76zt3ihlsE7l4tQ8mVK%2FVhuDzSC4V38ASPigxkmr5sxZsmdvTwQ0LAnfQcexTk6LtSYudhnuSF6IUP7qTADEqkkpf3AM60%2FH92jp7g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 86c7596faa4639f5-YYZ

GET
H3 200 bootstrap-select.min.css
fdew.ouhgfgfhg.cloudns.biz/vendor/bootstrap-select-1.13.14/dist/css/ 11 KB
3 KB 42ms
39ms Stylesheet
text/css 172.67.149.129
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fdew.ouhgfgfhg.cloudns.biz/vendor/bootstrap-select-1.13.14/dist/css/bootstrap-select.min.css

Requested by

Host: fdew.ouhgfgfhg.cloudns.biz
URL: https://fdew.ouhgfgfhg.cloudns.biz/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.149.129 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

69279bee49c5f3502f7a3f07358da1562cc0a10d57e8a56cfc0f8977d367c99f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fdew.ouhgfgfhg.cloudns.biz/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 30 Mar 2024 10:17:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy: upgrade-insecure-requests;
age: 232654
x-powered-by: Express
x-envoy-upstream-service-time: 1
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 27 Mar 2024 17:29:18 GMT
server: cloudflare
etag: W/"2b70-1413499648"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lWIwu9v30%2Bd1Fu6GMss4YJBc9%2ByxsWEncnmeALEMDL2BpMU9qkN9uw7T8dnTZMpo18KOMLRmIvkCGhMyFAVpJFvdosktyCNqPU49vJHLu6gNISzZbS7lIt8Prd4NceB%2BMv%2FSxb%2BGn%2FGsMvt7rA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 86c7596faa4a39f5-YYZ

GET
H3 200 style.css
fdew.ouhgfgfhg.cloudns.biz/stylesheets/ 19 KB
6 KB 70ms
67ms Stylesheet
text/css 172.67.149.129
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fdew.ouhgfgfhg.cloudns.biz/stylesheets/style.css

Requested by

Host: fdew.ouhgfgfhg.cloudns.biz
URL: https://fdew.ouhgfgfhg.cloudns.biz/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.149.129 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

7b822800fa46123fc740c4271062f6d800d8c65a574333bc433602134c1f44dc

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fdew.ouhgfgfhg.cloudns.biz/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 30 Mar 2024 10:17:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy: upgrade-insecure-requests;
age: 232654
cf-polished: origSize=25224
x-powered-by: Express
x-envoy-upstream-service-time: 2
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 27 Mar 2024 17:29:17 GMT
cf-bgj: minify
server: cloudflare
etag: W/"6288-1029576368"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S%2BVXk2YXRkAM0fKfcNPQtgCX1bOClxcvwxmrpXSpjLmbJ5Ji%2FHM3gC8QLAE19kuqIEIkqCcwpXDmiOhwdLttr35wOXi8tvOcfvaXxadH5LEGlNPKvqmT7GXzd3eLDgYzjEXfvfeOu7yi8KXDwg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 86c7596faa4c39f5-YYZ

GET
H3 200 branding.css
fdew.ouhgfgfhg.cloudns.biz/stylesheets/ 6 KB
2 KB 44ms
42ms Stylesheet
text/css 172.67.149.129
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fdew.ouhgfgfhg.cloudns.biz/stylesheets/branding.css

Requested by

Host: fdew.ouhgfgfhg.cloudns.biz
URL: https://fdew.ouhgfgfhg.cloudns.biz/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.149.129 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

1a9ea5f5ccdbcb787c9aa78fe7166a3cd23c76809536dd5041a86d8e117946a1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fdew.ouhgfgfhg.cloudns.biz/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 30 Mar 2024 10:17:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy: upgrade-insecure-requests;
age: 232654
cf-polished: origSize=7140
x-powered-by: Express
x-envoy-upstream-service-time: 1
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 27 Mar 2024 17:29:17 GMT
cf-bgj: minify
server: cloudflare
etag: W/"1be4-1029576368"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2F049ShY%2BshMIrAUgoH41y%2FmOlVFBSamWliIl6r62Mp6fW0K6D41JuR4%2Ft3antkCjy3bxhZVXVX%2F7nNIVxhOTLJ2OxWMiCVGrx5UCMSpDCmdFkaMjuO8xQBSr2%2Bgy69Aa%2F0MiNrIGf1IfYsQFhg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 86c7596faa4d39f5-YYZ

GET
H3 200 fontawesome-webfont.woff2
fdew.ouhgfgfhg.cloudns.biz/vendor/font-awesome-4.7.0/fonts/ 75 KB
76 KB 115ms
113ms Font
application/font-woff2 172.67.149.129
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fdew.ouhgfgfhg.cloudns.biz/vendor/font-awesome-4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: fdew.ouhgfgfhg.cloudns.biz
URL: https://fdew.ouhgfgfhg.cloudns.biz/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.149.129 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fdew.ouhgfgfhg.cloudns.biz/
Origin: https://fdew.ouhgfgfhg.cloudns.biz
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 30 Mar 2024 10:17:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy: upgrade-insecure-requests;
x-powered-by: Express
x-envoy-upstream-service-time: 1
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Thu, 28 Mar 2024 18:39:26 GMT
server: cloudflare
etag: W/"12d68-3164323944"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2F1z9DHtPpHQ91G3Nm2n%2BPY%2FitMKzmpHrjqpzhI3abpLXITeZHJZdADF8W3BssbfIMclaY%2Fu9%2Fh719o1HcdoP8ccDbd9j1w1dIIJ9A1hCZtNXyNRq9splRDNClb2Sw75a2FPA%2FsXSRxNwPdPuCg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff2
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 86c7596faa4e39f5-YYZ

GET
H3 200 Montserrat-Medium.woff2
fdew.ouhgfgfhg.cloudns.biz/fonts/montserratj/ 109 KB
110 KB 162ms
160ms Font
application/font-woff2 172.67.149.129
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fdew.ouhgfgfhg.cloudns.biz/fonts/montserratj/Montserrat-Medium.woff2

Requested by

Host: fdew.ouhgfgfhg.cloudns.biz
URL: https://fdew.ouhgfgfhg.cloudns.biz/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.149.129 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

454f52f4d2a1a5d7a2cf9a0f4fe04fbf7dcce04ba9f5c643b9264116f0f015e8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fdew.ouhgfgfhg.cloudns.biz/
Origin: https://fdew.ouhgfgfhg.cloudns.biz
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 30 Mar 2024 10:17:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy: upgrade-insecure-requests;
x-powered-by: Express
x-envoy-upstream-service-time: 4
alt-svc: h3=":443"; ma=86400
content-length: 111544
last-modified: Thu, 28 Mar 2024 18:39:25 GMT
server: cloudflare
etag: W/"1b3b8-2964279625"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=et0Ob68WBExSnPsZTyUxYCLuAM77VZ9UXYGnE3BMUtqXMkf9hOZcBHl89XFmFlY5edkroqxewYy6CHm9ypVt22Dg87GUPYEABpGGFgomU0O8yJGyWBTaW0Q1Kqk6dmK62SofbFZOuR%2Fp%2BXwA8w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff2
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 86c7596faa4f39f5-YYZ

GET
H3 200 Montserrat-SemiBold.woff2
fdew.ouhgfgfhg.cloudns.biz/fonts/montserratj/ 109 KB
110 KB 91ms
89ms Font
application/font-woff2 172.67.149.129
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fdew.ouhgfgfhg.cloudns.biz/fonts/montserratj/Montserrat-SemiBold.woff2

Requested by

Host: fdew.ouhgfgfhg.cloudns.biz
URL: https://fdew.ouhgfgfhg.cloudns.biz/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.149.129 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

9b09d51999c45d153dc1f59ea1f1074eecca53d633df9a84aac1f541309e57a0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fdew.ouhgfgfhg.cloudns.biz/
Origin: https://fdew.ouhgfgfhg.cloudns.biz
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 30 Mar 2024 10:17:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy: upgrade-insecure-requests;
x-powered-by: Express
x-envoy-upstream-service-time: 2
alt-svc: h3=":443"; ma=86400
content-length: 111640
last-modified: Thu, 28 Mar 2024 18:39:25 GMT
server: cloudflare
etag: W/"1b418-2571182125"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8UOSz71NJOIV7jHeJHWfXb%2F%2F5O3Id4TbhSMjAn4GawXF0gfwLCRv8nwHUcjpJjolW%2BnDU5xJ%2B9MQTnTx6NoaexahTbe1maiClW6tA0SfXuEF1XMyVpeDJzoQduzm1lFQGQUrDSnV0bsC4G6Feg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff2
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 86c7596faa5039f5-YYZ

GET
H3 200 Montserrat-Regular.woff2
fdew.ouhgfgfhg.cloudns.biz/fonts/montserratj/ 108 KB
109 KB 144ms
142ms Font
application/font-woff2 172.67.149.129
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fdew.ouhgfgfhg.cloudns.biz/fonts/montserratj/Montserrat-Regular.woff2

Requested by

Host: fdew.ouhgfgfhg.cloudns.biz
URL: https://fdew.ouhgfgfhg.cloudns.biz/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.149.129 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

b265492523411edf9e6c4119d18252933401ac93ed4991a1825c285be6164dd4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fdew.ouhgfgfhg.cloudns.biz/
Origin: https://fdew.ouhgfgfhg.cloudns.biz
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 30 Mar 2024 10:17:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy: upgrade-insecure-requests;
x-powered-by: Express
x-envoy-upstream-service-time: 1
alt-svc: h3=":443"; ma=86400
content-length: 110872
last-modified: Thu, 28 Mar 2024 18:39:25 GMT
server: cloudflare
etag: W/"1b118-905211681"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=H%2BJaBRd6ZQxTS2C9yTzPYOedbZojURxoEC1ozBu1VvZJAKeBBlSzljFmy0ZGX%2BdH8eXe7OWn0UCw20Lb%2BhdvQX8zijB80fOa9DQrDsNS8GdxEU2maEcFDo9%2FHPbLDWfxKsV6Ss9sOou3tgXDAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff2
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 86c7596faa5339f5-YYZ

GET
H3 200 jayway-travel-logo.png
fdew.ouhgfgfhg.cloudns.biz/images/ 5 KB
6 KB 114ms
113ms Image
image/png 172.67.149.129
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fdew.ouhgfgfhg.cloudns.biz/images/jayway-travel-logo.png

Requested by

Host: fdew.ouhgfgfhg.cloudns.biz
URL: https://fdew.ouhgfgfhg.cloudns.biz/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.149.129 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

fa978b25425c672f94d0568ba554109b797462447fe6fa649c93963c283af101

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fdew.ouhgfgfhg.cloudns.biz/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 30 Mar 2024 10:17:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy: upgrade-insecure-requests;
x-powered-by: Express
x-envoy-upstream-service-time: 1
alt-svc: h3=":443"; ma=86400
content-length: 5452
last-modified: Thu, 28 Mar 2024 18:39:25 GMT
server: cloudflare
etag: W/"154c-1726078498"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VUjObvjyPTFjpuRZeTbe3Mr%2BspgNQPXyRDmM363vbV%2B6VgOnkZkcCDvYz69Y%2BnAL4H0wFfBq9rUkaaRCBoQmLaolQkcFINRpFxGG8C%2F%2BGC6Lg%2BREIk6pd%2Bzyk5sDzQq13bNGP7cOSoLXPrv0Ng%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 86c7596ffa8839f5-YYZ

GET
H2 200 maxresdefault.jpg
i.ytimg.com/vi/E54haBz2064/ 170 KB
170 KB 129ms
37ms Image
image/jpeg 2607:f8b0:4006:80f::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/E54haBz2064/maxresdefault.jpg

Requested by

Host: fdew.ouhgfgfhg.cloudns.biz
URL: https://fdew.ouhgfgfhg.cloudns.biz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2016 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f9bc87df41fb9fda2e39fd0fb135a2e2d0e402b4e19662be87204681b865636c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fdew.ouhgfgfhg.cloudns.biz/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 30 Mar 2024 09:06:08 GMT
x-content-type-options: nosniff
age: 4272
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 173714
x-xss-protection: 0
server: sffe
etag: "1580394415"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 30 Mar 2024 11:06:08 GMT

GET
H3 200 play-button.png
fdew.ouhgfgfhg.cloudns.biz/images/ 2 KB
3 KB 83ms
81ms Image
image/png 172.67.149.129
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fdew.ouhgfgfhg.cloudns.biz/images/play-button.png

Requested by

Host: fdew.ouhgfgfhg.cloudns.biz
URL: https://fdew.ouhgfgfhg.cloudns.biz/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.149.129 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

f1b1be2a3c9ac4363202c47f23fa2b01602715052223a4f5e61908b8f15a8503

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fdew.ouhgfgfhg.cloudns.biz/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 30 Mar 2024 10:17:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy: upgrade-insecure-requests;
x-powered-by: Express
x-envoy-upstream-service-time: 1
alt-svc: h3=":443"; ma=86400
content-length: 2461
last-modified: Thu, 28 Mar 2024 18:39:25 GMT
server: cloudflare
etag: W/"99d-1603009437"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=C6iFz1MQoPNwK90swvR556ZSFZqpPpah%2FrxGoJXNDisbJHwVgZFfd%2BV7gwe7B%2FUFJCPhEnE4hxBxT3fGybQOzbTwByqJoM6tMPi68dD4t9nOU0whl2bHc4WPbfLPcnxDEHcRaXnXJu9%2BK7tM9g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 86c7596faa5439f5-YYZ

GET
H3 200 customize-your-trip.jpg
img.jaywaytravel.com/jayway-travel/static-content/homepage/ 56 KB
56 KB 330ms
265ms Image
image/jpeg 172.66.42.221
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.jaywaytravel.com/jayway-travel/static-content/homepage/customize-your-trip.jpg

Requested by

Host: fdew.ouhgfgfhg.cloudns.biz
URL: https://fdew.ouhgfgfhg.cloudns.biz/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.42.221 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

7fc4aef90e470c8d3e5f3f699740c1c4fa843b59198fa17e06ba1fcdc975d523

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fdew.ouhgfgfhg.cloudns.biz/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 30 Mar 2024 10:17:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: Express
x-cache-status: MISS
x-envoy-upstream-service-time: 20
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 30 Mar 2024 10:17:20 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5k4anfUEDhDl51PgeolUVS7swlj1fznd%2FvAjtnYPwDVF7lWE5ITR66oy%2FpevWxb6ieFf81wCVVJjUNB7KRwUIbOd7Ki%2B04t6iBR6VEF8VMGZKC9JbwaikRjWmDCKH%2Fi%2BKa2%2BDaie"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 86c759706a894bcc-BUF
expires: Mon, 29 Apr 2024 10:17:20 GMT

GET
H3 200 font-awesome.min.css
fdew.ouhgfgfhg.cloudns.biz/vendor/font-awesome-4.7.0/css/ 30 KB
7 KB 42ms
41ms Stylesheet
text/css 172.67.149.129
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fdew.ouhgfgfhg.cloudns.biz/vendor/font-awesome-4.7.0/css/font-awesome.min.css

Requested by

Host: fdew.ouhgfgfhg.cloudns.biz
URL: https://fdew.ouhgfgfhg.cloudns.biz/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.149.129 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

6de5f10ccef7544ae2724a6baaf888e54031959cd40e133126d64fc913a005fa

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fdew.ouhgfgfhg.cloudns.biz/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 30 Mar 2024 10:17:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy: upgrade-insecure-requests;
age: 232654
x-powered-by: Express
x-envoy-upstream-service-time: 3
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 27 Mar 2024 17:29:18 GMT
server: cloudflare
etag: W/"792a-1696742581"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K806DLxYOq65JBHiYWPKxdwlBWHy6fiPuAaonvkXvh27R5WsbRfuCDuvL5mpKACEAReo5hUxmqn%2FwIXo9zMhNXUVCGMr5wkYNj8BUGtRGXsjQqzV3ahqap7vs3doUCyCvC91roue38grnXBcjw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 86c7596ffa8939f5-YYZ

GET
H3 200 bootstrap-datepicker3.min.css
fdew.ouhgfgfhg.cloudns.biz/vendor/bootstrap-datepicker-master/dist/css/ 21 KB
3 KB 115ms
114ms Stylesheet
text/css 172.67.149.129
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fdew.ouhgfgfhg.cloudns.biz/vendor/bootstrap-datepicker-master/dist/css/bootstrap-datepicker3.min.css

Requested by

Host: fdew.ouhgfgfhg.cloudns.biz
URL: https://fdew.ouhgfgfhg.cloudns.biz/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.149.129 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

9a52891414b58db670c03ad90f50293bb6054ba300d570cddfb8d9f460c50bae

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fdew.ouhgfgfhg.cloudns.biz/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 30 Mar 2024 10:17:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy: upgrade-insecure-requests;
age: 232654
x-powered-by: Express
x-envoy-upstream-service-time: 1
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 27 Mar 2024 17:29:18 GMT
server: cloudflare
etag: W/"526c-516642748"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=szCa4z%2BIhc2jFJwYXaN7w%2FJMmGJjq2Bjcni9ohkc4IRXLSjp%2BNS%2FwNxEKpxrXKma8ACJajH4S7J8fsaxBQnMol79WcbXzBQectNdnBvPZrg1rEpa8RpuOUAfWJU11bGMXKI3rU9NFMOXHxQ6vg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 86c7596ffa8b39f5-YYZ

GET
H3 200 progressive-image.min.css
fdew.ouhgfgfhg.cloudns.biz/vendor/progressive-image.js-master/css/ 446 B
801 B 42ms
41ms Stylesheet
text/css 172.67.149.129
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fdew.ouhgfgfhg.cloudns.biz/vendor/progressive-image.js-master/css/progressive-image.min.css

Requested by

Host: fdew.ouhgfgfhg.cloudns.biz
URL: https://fdew.ouhgfgfhg.cloudns.biz/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.149.129 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

f09f627eef5c178ca2b40d36c0beedd3e9508ced719f80aad5ff983685913e67

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fdew.ouhgfgfhg.cloudns.biz/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 30 Mar 2024 10:17:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy: upgrade-insecure-requests;
age: 232654
x-powered-by: Express
x-envoy-upstream-service-time: 3
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 27 Mar 2024 17:29:18 GMT
server: cloudflare
etag: W/"1be-4079231340"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w5qzcXcv1%2B6fTVndGsaiz5ycWEMrnw2W2ApMc5BNmK4pnw%2BVUijGaUn%2BLHQXE6n68IjBCwnk9mA9qsm7XW7Sk01Avr4hKBXFl3IfyYHCppWMpI5TgSzZxHUR0DJ2ABKTmhghdRZGV%2BOjYN9eRw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 86c7596ffa8c39f5-YYZ

GET
H3 200 fonts.css
fdew.ouhgfgfhg.cloudns.biz/stylesheets/ 1 KB
887 B 41ms
40ms Stylesheet
text/css 172.67.149.129
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fdew.ouhgfgfhg.cloudns.biz/stylesheets/fonts.css

Requested by

Host: fdew.ouhgfgfhg.cloudns.biz
URL: https://fdew.ouhgfgfhg.cloudns.biz/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.149.129 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

7f3776d3b13c85f32c608d97f4effeca685ac83b0aaf033a05f20a658d0a6263

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fdew.ouhgfgfhg.cloudns.biz/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 30 Mar 2024 10:17:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy: upgrade-insecure-requests;
age: 232654
cf-polished: origSize=2258
x-powered-by: Express
x-envoy-upstream-service-time: 1
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 27 Mar 2024 17:29:17 GMT
cf-bgj: minify
server: cloudflare
etag: W/"8d2-1029576368"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tlxDVvJaVWnoRbwade1%2BCz7PHH8El77pZl398CdxCVVAXfwkh2%2FPOiiN7RIRFzGMG2C41JkXXc%2BbJQfFDK3uGlmGtAA9%2BVgvT23szkoeB5gXHVnrnwD%2FSh3%2F21qFcPlsckG6ZJ0h00wHY0BwAA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 86c7596ffa8e39f5-YYZ

GET
H3 200 krakow-poland.jpg
img.jaywaytravel.com/jayway-travel/static-content/homepage/hero/ 318 KB
319 KB 393ms
357ms Image
image/jpeg 172.66.42.221
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.jaywaytravel.com/jayway-travel/static-content/homepage/hero/krakow-poland.jpg?width=1600&height=900

Requested by

Host: fdew.ouhgfgfhg.cloudns.biz
URL: https://fdew.ouhgfgfhg.cloudns.biz/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.42.221 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

d74c9f9a801f04b6f1804e2bb1762be96abb5e3922f643a979b69353de454d03

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fdew.ouhgfgfhg.cloudns.biz/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 30 Mar 2024 10:17:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: Express
x-cache-status: MISS
x-envoy-upstream-service-time: 83
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 30 Mar 2024 10:17:21 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rBWkcODX9kftTkapAIfzAz%2Ft1BMUwjvkryTaO4DMg%2FCQmAa4WWgtNFyn5eng1cnfw5aQr70OVEqeJK%2Bi9rQRYT7zGG7VczO730f4FELZ17et4ryXCXb0OHl8Rw42cAcRHiQCWgyb"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 86c759706a884bcc-BUF
expires: Mon, 29 Apr 2024 10:17:20 GMT

GET
H3 200 customize-your-trip-bg.jpg
img.jaywaytravel.com/jayway-travel/static-content/homepage/ 91 KB
91 KB 337ms
302ms Image
image/jpeg 172.66.42.221
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.jaywaytravel.com/jayway-travel/static-content/homepage/customize-your-trip-bg.jpg

Requested by

Host: fdew.ouhgfgfhg.cloudns.biz
URL: https://fdew.ouhgfgfhg.cloudns.biz/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.42.221 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

fe006c326d6d8d127c9f95d24ded528187676d20aacd8f28e1ba917f0dae0cd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fdew.ouhgfgfhg.cloudns.biz/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 30 Mar 2024 10:17:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: Express
x-cache-status: MISS
x-envoy-upstream-service-time: 34
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 30 Mar 2024 10:17:20 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NBKnO1XvOOveCwMnq3Ct1cBZbJn6N%2FsFWJCvFNDCCYAoM4%2FjdhcZNWDeOq1UrXemxoMgXjjhH8AcTKf%2FzJXY%2FFaTnKbfbOmmgmcMxSaGZ%2FakIgs9O16V1g5LXDjD%2BAYlDiw5AF%2BO"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 86c759706a8a4bcc-BUF
expires: Mon, 29 Apr 2024 10:17:20 GMT

GET
H3 200 email-decode.min.js Show response
fdew.ouhgfgfhg.cloudns.biz/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 50ms
49ms Script
application/javascript 172.67.149.129
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fdew.ouhgfgfhg.cloudns.biz/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: fdew.ouhgfgfhg.cloudns.biz
URL: https://fdew.ouhgfgfhg.cloudns.biz/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.149.129 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fdew.ouhgfgfhg.cloudns.biz/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 30 Mar 2024 10:17:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 22 Mar 2024 11:37:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65fd6d96-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QPJ5N1PhiSWaJwiJdeNNYYwqeVo1IEEMfyGPr8n4Gbhq42cFj51e3NM%2FjLsXEuWx77l64t0%2B%2Fx9aEgXGRCRcX6Bv2SE9ES%2FVy%2BcvjJ5L29pDZcHUvQ1dDaXAIykHPCj7YfNMnHkoWCMCtJ0ZPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 86c759706acb39f5-YYZ
expires: Mon, 01 Apr 2024 10:17:20 GMT

GET
H3 200 jquery-2.1.3.min.js Show response
fdew.ouhgfgfhg.cloudns.biz/vendor/jquery/2.1.3/ 82 KB
31 KB 50ms
49ms Script
application/javascript 172.67.149.129
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fdew.ouhgfgfhg.cloudns.biz/vendor/jquery/2.1.3/jquery-2.1.3.min.js

Requested by

Host: fdew.ouhgfgfhg.cloudns.biz
URL: https://fdew.ouhgfgfhg.cloudns.biz/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.149.129 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fdew.ouhgfgfhg.cloudns.biz/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 30 Mar 2024 10:17:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy: upgrade-insecure-requests;
age: 232654
x-powered-by: Express
x-envoy-upstream-service-time: 2
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 27 Mar 2024 17:29:18 GMT
server: cloudflare
etag: W/"14960-4155071966"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=X7o1KdefR9fsw2JKHpzkX7bdORFKCsEgCUPv8g8kU21ugSiy8RJBShgWH6dxIhyTW5%2FvXRiBbUhDFyhZ1Ty2t3b07fEJEerlaXhhzUyVaiEKQlskWSwjqljwq3FNRevkq122VXwLWkW1UST1HA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 86c759706acc39f5-YYZ

GET
H3 200 bootstrap.bundle.min.js Show response
fdew.ouhgfgfhg.cloudns.biz/vendor/bootstrap-4.1.2-dist/js/ 69 KB
21 KB 51ms
50ms Script
application/javascript 172.67.149.129
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fdew.ouhgfgfhg.cloudns.biz/vendor/bootstrap-4.1.2-dist/js/bootstrap.bundle.min.js

Requested by

Host: fdew.ouhgfgfhg.cloudns.biz
URL: https://fdew.ouhgfgfhg.cloudns.biz/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.149.129 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

e6249266ea92f60bbb67c338022758e4f5adfbcac60c4d57dd16a9b25f489343

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fdew.ouhgfgfhg.cloudns.biz/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 30 Mar 2024 10:17:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy: upgrade-insecure-requests;
age: 232654
x-powered-by: Express
x-envoy-upstream-service-time: 2
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 27 Mar 2024 17:29:18 GMT
server: cloudflare
etag: W/"11536-664891907"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4Z3F7QJbfigiQbKsBl5gOneTfMyUvkCPzjpBL992S0u9ngFGw3jjJ8mEIg%2FYDacNCIjA2mBruBoCI9N65M%2Bww796jBhjmjOg%2ByaGJ26LALEub5aZBNazK9eWCaWJo3oZlWFRoxHe2W6r8EssFg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 86c759706ace39f5-YYZ

GET
H3 200 bootstrap-select.min.js Show response
fdew.ouhgfgfhg.cloudns.biz/vendor/bootstrap-select-1.13.14/dist/js/ 51 KB
16 KB 54ms
53ms Script
application/javascript 172.67.149.129
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fdew.ouhgfgfhg.cloudns.biz/vendor/bootstrap-select-1.13.14/dist/js/bootstrap-select.min.js

Requested by

Host: fdew.ouhgfgfhg.cloudns.biz
URL: https://fdew.ouhgfgfhg.cloudns.biz/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.149.129 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

6763de73150d26e3296cd0154ff12dede3b5d39251c734c0ae4f8af4e437e4cc

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fdew.ouhgfgfhg.cloudns.biz/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 30 Mar 2024 10:17:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy: upgrade-insecure-requests;
age: 232654
x-powered-by: Express
x-envoy-upstream-service-time: 1
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 27 Mar 2024 17:29:18 GMT
server: cloudflare
etag: W/"cc19-2900958675"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=D7E1EQq165amP8Nk1%2BOMf60AM4Tnp%2FD7avVzDi%2FPrphpg3rqpm2RAMEBfkuFEsF%2F9RznVo%2B0Fa1mKq54SV56BC2GsYqXmr1H4g9eC7SLpR%2B%2BDqanGahbVfYBBHGtry4yWE7M6llACpxwlh6gCA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 86c759706ad239f5-YYZ

GET
H3 200 lazyload.min.js Show response
fdew.ouhgfgfhg.cloudns.biz/vendor/vanilla-lazyload/ 7 KB
3 KB 70ms
69ms Script
application/javascript 172.67.149.129
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fdew.ouhgfgfhg.cloudns.biz/vendor/vanilla-lazyload/lazyload.min.js

Requested by

Host: fdew.ouhgfgfhg.cloudns.biz
URL: https://fdew.ouhgfgfhg.cloudns.biz/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.149.129 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

c94b350d90e850fefdbfc5d9498770dac371f18876191821eec42c0bfc69484d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fdew.ouhgfgfhg.cloudns.biz/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 30 Mar 2024 10:17:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy: upgrade-insecure-requests;
age: 232654
x-powered-by: Express
x-envoy-upstream-service-time: 2
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 27 Mar 2024 17:29:18 GMT
server: cloudflare
etag: W/"1d60-4079231340"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DTTqWDaRTUBzee0ZtPbTxJwlgFWnf2H%2BlXUnJI9fBLR1%2FFsk0zQEC%2BEW5ende5ebR7vffwuWjTUoWWOS%2FKiTuB0ozbHqbDmhEaILknBvgRBxXTxIqkTwox2e3j5LtXhznQMgz8EDh0CjhpGPBA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 86c759706ad339f5-YYZ

GET
H3 200 main.js Show response
fdew.ouhgfgfhg.cloudns.biz/javascript/ 2 KB
1 KB 70ms
69ms Script
application/javascript 172.67.149.129
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fdew.ouhgfgfhg.cloudns.biz/javascript/main.js

Requested by

Host: fdew.ouhgfgfhg.cloudns.biz
URL: https://fdew.ouhgfgfhg.cloudns.biz/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.149.129 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

8cca16a9d623bba46ae2b88ba5797d3e4987afabd21e358bd915d4c12c71daca

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fdew.ouhgfgfhg.cloudns.biz/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 30 Mar 2024 10:17:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy: upgrade-insecure-requests;
age: 232654
cf-polished: origSize=2623
x-powered-by: Express
x-envoy-upstream-service-time: 1
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 27 Mar 2024 17:29:17 GMT
cf-bgj: minify
server: cloudflare
etag: W/"a3f-1496503220"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0QrbxinYiwLFCq%2FzmlehXmH%2FR4VUxTrWj%2Bf46k3Ov5XPWKmS8H8EB5fQcPDDGQyn6Zv0rR%2F96XesKk3IdEuzqYwRzPLPsf00Z%2BOdcwTljW%2F%2FTEmR4MdxHobjQGIa5l3LAln%2B2cHFEW1cL%2BeN4g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 86c759706ad439f5-YYZ

GET
H3 200 bootstrap-datepicker.min.js Show response
fdew.ouhgfgfhg.cloudns.biz/vendor/bootstrap-datepicker-master/dist/js/ 33 KB
11 KB 71ms
70ms Script
application/javascript 172.67.149.129
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fdew.ouhgfgfhg.cloudns.biz/vendor/bootstrap-datepicker-master/dist/js/bootstrap-datepicker.min.js

Requested by

Host: fdew.ouhgfgfhg.cloudns.biz
URL: https://fdew.ouhgfgfhg.cloudns.biz/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.149.129 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

b56e4bcc40bb423846d02880bf196c78c4ecdaa252eeedc344f6ae0e3149df3a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fdew.ouhgfgfhg.cloudns.biz/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 30 Mar 2024 10:17:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy: upgrade-insecure-requests;
age: 232654
x-powered-by: Express
x-envoy-upstream-service-time: 1
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 27 Mar 2024 17:29:18 GMT
server: cloudflare
etag: W/"833f-516642748"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Fs7U9pagcrTu%2Bckj9Yd5XTFlASztLe6YJEc0Zm%2F%2F0IoOEU3oo2eAHrdYZF1pBVwxK83ZGqITDcpj9Y4tAxfWpH0q7PsYGHp%2Fpu7eLCNor0xhlP5BuLAZd4EQ2YsIjZknWgkR%2FYSgdrLPmoN7SQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 86c759706ad539f5-YYZ

GET
H3 200 get-free-trip-plan-unified.js Show response
fdew.ouhgfgfhg.cloudns.biz/javascript/ 3 KB
2 KB 72ms
71ms Script
application/javascript 172.67.149.129
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fdew.ouhgfgfhg.cloudns.biz/javascript/get-free-trip-plan-unified.js

Requested by

Host: fdew.ouhgfgfhg.cloudns.biz
URL: https://fdew.ouhgfgfhg.cloudns.biz/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.149.129 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

ebcec06c4c80d3ac9a065028ec717d5b773a1a316ee6b014b44ba037f880c7bd

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fdew.ouhgfgfhg.cloudns.biz/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 30 Mar 2024 10:17:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy: upgrade-insecure-requests;
age: 232654
cf-polished: origSize=4066
x-powered-by: Express
x-envoy-upstream-service-time: 1
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 27 Mar 2024 17:29:17 GMT
cf-bgj: minify
server: cloudflare
etag: W/"fe2-1496503220"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rbbJyzMV2qU1dlHPq7Gg%2FAccobTXTJMwSDBF3cYABo0ecyPzfqKcgohrutF6kRncnLpQuhhE%2BpVjMnKnMfVgYWLCnEKEfo0jGXMIne%2BotWKI9oojmroj5l9nQLvsQVb%2BdypLAF848eM6KaCm0g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 86c759706ad639f5-YYZ

GET
H3 200 fonts.css
fdew.ouhgfgfhg.cloudns.biz/stylesheets/ 1 KB
879 B 67ms
67ms Stylesheet
text/css 172.67.149.129
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fdew.ouhgfgfhg.cloudns.biz/stylesheets/fonts.css

Requested by

Host: fdew.ouhgfgfhg.cloudns.biz
URL: https://fdew.ouhgfgfhg.cloudns.biz/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.149.129 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

7f3776d3b13c85f32c608d97f4effeca685ac83b0aaf033a05f20a658d0a6263

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fdew.ouhgfgfhg.cloudns.biz/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 30 Mar 2024 10:17:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy: upgrade-insecure-requests;
age: 232654
cf-polished: origSize=2258
x-powered-by: Express
x-envoy-upstream-service-time: 1
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 27 Mar 2024 17:29:17 GMT
cf-bgj: minify
server: cloudflare
etag: W/"8d2-1029576368"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IHP4MqsAQHL98FnuaCeC1h47zzh37J1d52Yqlv7k8Z61LRvotePFx5Qk8gqeaGZ1vwwtvdwe%2FG9n7YwwLZC7TBs5S6WsIEqvA2fwOCxq%2B6rTpaJtc0hPO002XETmeS1ZKIVtkyX%2FrRWz1y7w5g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 86c759707ad939f5-YYZ

GET
H3 200 progressive-image.min.css
fdew.ouhgfgfhg.cloudns.biz/vendor/progressive-image.js-master/css/ 446 B
798 B 67ms
67ms Stylesheet
text/css 172.67.149.129
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fdew.ouhgfgfhg.cloudns.biz/vendor/progressive-image.js-master/css/progressive-image.min.css

Requested by

Host: fdew.ouhgfgfhg.cloudns.biz
URL: https://fdew.ouhgfgfhg.cloudns.biz/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.149.129 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

f09f627eef5c178ca2b40d36c0beedd3e9508ced719f80aad5ff983685913e67

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fdew.ouhgfgfhg.cloudns.biz/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 30 Mar 2024 10:17:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy: upgrade-insecure-requests;
age: 232654
x-powered-by: Express
x-envoy-upstream-service-time: 3
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 27 Mar 2024 17:29:18 GMT
server: cloudflare
etag: W/"1be-4079231340"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BQ%2BWlEfSt1dPf6Bgum5z%2FYmt1umlu%2F8kcqVUAD7eXZOMB2yba6xerZN3b9O6sYCy0am0YaCboPH6mZ2laK%2FHz19fBgmPt7eCPQHKDgp3UST5iZA1VBZFydsPjBmcraCX8WJqHQNVxYE%2Fox3bWA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 86c759707adb39f5-YYZ

GET
H3 200 font-awesome.min.css
fdew.ouhgfgfhg.cloudns.biz/vendor/font-awesome-4.7.0/css/ 30 KB
7 KB 38ms
38ms Stylesheet
text/css 172.67.149.129
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fdew.ouhgfgfhg.cloudns.biz/vendor/font-awesome-4.7.0/css/font-awesome.min.css

Requested by

Host: fdew.ouhgfgfhg.cloudns.biz
URL: https://fdew.ouhgfgfhg.cloudns.biz/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.149.129 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

6de5f10ccef7544ae2724a6baaf888e54031959cd40e133126d64fc913a005fa

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fdew.ouhgfgfhg.cloudns.biz/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 30 Mar 2024 10:17:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy: upgrade-insecure-requests;
age: 232654
x-powered-by: Express
x-envoy-upstream-service-time: 3
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 27 Mar 2024 17:29:18 GMT
server: cloudflare
etag: W/"792a-1696742581"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yMRdOrRgmJvISd0xbZq%2B4vhVghhlhLr%2FSRbowuQ5AhzSo11XpNL%2BYFJX9bp6OtzZ9EbnMnAgDfKWLMrkAW6j0A%2FPbIIgaz40iDBMF2DX4nGnPhCY1sT1b1SOI6scjvQ0qWjN2lhirqo3t2DWYA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 86c75970bb1939f5-YYZ

GET
H3 200 bootstrap-datepicker3.min.css
fdew.ouhgfgfhg.cloudns.biz/vendor/bootstrap-datepicker-master/dist/css/ 21 KB
3 KB 38ms
38ms Stylesheet
text/css 172.67.149.129
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fdew.ouhgfgfhg.cloudns.biz/vendor/bootstrap-datepicker-master/dist/css/bootstrap-datepicker3.min.css

Requested by

Host: fdew.ouhgfgfhg.cloudns.biz
URL: https://fdew.ouhgfgfhg.cloudns.biz/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.149.129 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

9a52891414b58db670c03ad90f50293bb6054ba300d570cddfb8d9f460c50bae

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fdew.ouhgfgfhg.cloudns.biz/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 30 Mar 2024 10:17:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy: upgrade-insecure-requests;
age: 232654
x-powered-by: Express
x-envoy-upstream-service-time: 1
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 27 Mar 2024 17:29:18 GMT
server: cloudflare
etag: W/"526c-516642748"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nzwzcBoEdGUh%2Fr2x4SUm1wgf%2FLvplh8jtux8jjCbPflcnFJ0xaLQ9Vh7%2FSigggrGU9g9RMcuqkrE%2BSGAhlS%2FudvxMo0A%2FHbwbBZsau4watzcnhXewrRXhAzQ1ldqRdQpys0Se8BIQlfVlCwsMw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 86c75970cb1c39f5-YYZ

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 280 KB
98 KB 163ms
79ms Script
application/javascript 2607:f8b0:4006:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T9K9PS9

Requested by

Host: fdew.ouhgfgfhg.cloudns.biz
URL: https://fdew.ouhgfgfhg.cloudns.biz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6846ddb0a8d20f2cd6000f268cb75e2eecec8d176dced4e9e771e1e7d3df4e03

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fdew.ouhgfgfhg.cloudns.biz/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 30 Mar 2024 10:17:20 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100024
x-xss-protection: 0
last-modified: Sat, 30 Mar 2024 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 30 Mar 2024 10:17:20 GMT

GET
H3 200 travel-and-leisure.png
img.jaywaytravel.com/jayway-travel/static-content/logos/recommended-in/ 1 KB
2 KB 93ms
92ms Image
image/jpeg 172.66.42.221
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.jaywaytravel.com/jayway-travel/static-content/logos/recommended-in/travel-and-leisure.png

Requested by

Host: fdew.ouhgfgfhg.cloudns.biz
URL: https://fdew.ouhgfgfhg.cloudns.biz/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.42.221 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

5822fe59505d4aafbd4e5fe0a2cca11ea66f25aca2a948c0ef0dcddc15d34dc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fdew.ouhgfgfhg.cloudns.biz/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 30 Mar 2024 10:17:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: Express
x-cache-status: HIT
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 30 Mar 2024 10:17:20 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qQkMGtIKTuKQK%2FN0Ycq0f8lGI1c%2F0V7z4uOSdGwr2d9Q%2BqCb9oWgcjpN2OueywbaSMP6B5z%2ByDZJH0KrIiFvmixo%2Bnd3hSBTlfLdoMDZpDdjlp%2FdPKs9It944ZFR9K8QyqnZOS3I"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 86c759714acd4bcc-BUF
expires: Mon, 29 Apr 2024 10:17:20 GMT

GET
H3 200 fodors.png
img.jaywaytravel.com/jayway-travel/static-content/logos/recommended-in/ 2 KB
2 KB 93ms
92ms Image
image/jpeg 172.66.42.221
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.jaywaytravel.com/jayway-travel/static-content/logos/recommended-in/fodors.png

Requested by

Host: fdew.ouhgfgfhg.cloudns.biz
URL: https://fdew.ouhgfgfhg.cloudns.biz/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.42.221 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

6671822cdc8052279ada49fe906f8caceabc94d652867e9698f05a2627356e8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fdew.ouhgfgfhg.cloudns.biz/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 30 Mar 2024 10:17:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: Express
x-cache-status: HIT
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 30 Mar 2024 10:17:20 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ns%2F5MYzaO0zRY5aU9zp5Kxp7UP24dT3MOJn7jK0jD5vbO2JGnVmw7CR9wsxnnCYTCw4Qz1UNNU66II78f680nVITwAXAuwBmZ6SjMs%2BmtzGZsqxvUoR%2F63CCvSGQYV2wHxXv8iIs"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 86c759714ad04bcc-BUF
expires: Mon, 29 Apr 2024 10:17:20 GMT

GET
H3 200 usa-today.png
img.jaywaytravel.com/jayway-travel/static-content/logos/recommended-in/ 2 KB
2 KB 31ms
30ms Image
image/webp 172.66.42.221
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.jaywaytravel.com/jayway-travel/static-content/logos/recommended-in/usa-today.png

Requested by

Host: fdew.ouhgfgfhg.cloudns.biz
URL: https://fdew.ouhgfgfhg.cloudns.biz/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.42.221 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

c04c013a68fdcbdee453047766b8cad0201c27f1eabdfef56cbb239670742df5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fdew.ouhgfgfhg.cloudns.biz/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 30 Mar 2024 10:17:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 201016
cf-polished: origFmt=png, origSize=2622
x-cache-status: HIT
x-powered-by: Express
x-envoy-upstream-service-time: 1
content-disposition: inline; filename="usa-today.webp"
alt-svc: h3=":443"; ma=86400
cf-bgj: imgq:85,h2pri
last-modified: Thu, 28 Mar 2024 02:27:04 GMT
server: cloudflare
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8N4vRoyNnmVxZ2qBEBAocWoHdSWiAcF16qV4ew3%2BjIwY1Y2Jr54U7zX1iW9AdeglYVT%2BmkY493S2qi%2B1rvnXysEWbkKYpxQOXudsPKLMh1nCjXHdMhBMUUxw%2FeoncKLT%2BlgTj24%2F"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 86c759714ad14bcc-BUF
expires: Sat, 27 Apr 2024 02:27:04 GMT

GET
H3 200 new-york-times.png
img.jaywaytravel.com/jayway-travel/static-content/logos/recommended-in/ 4 KB
4 KB 85ms
84ms Image
image/jpeg 172.66.42.221
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.jaywaytravel.com/jayway-travel/static-content/logos/recommended-in/new-york-times.png

Requested by

Host: fdew.ouhgfgfhg.cloudns.biz
URL: https://fdew.ouhgfgfhg.cloudns.biz/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.42.221 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

39e7a5224a01686931bcfcad635f998d354cad63d15dbf88015c547c09057187

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fdew.ouhgfgfhg.cloudns.biz/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 30 Mar 2024 10:17:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: Express
x-cache-status: HIT
x-envoy-upstream-service-time: 1
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 30 Mar 2024 10:17:20 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XtXUv%2FOF%2Bkz7jGeqaEZPcrt8pmqoyON20teDRmJxVeM%2BavzGAO%2F29ZG8nY6yhINbMdd080JKsJXrtgSqi4GWyx%2B1LjvxsHMlxVuWNz8xidyDnX3abxXdlTKEm8YQu5wyUsgUxJhS"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 86c759717ae14bcc-BUF
expires: Mon, 29 Apr 2024 10:17:20 GMT

GET
H3 200 national-geographic.png
img.jaywaytravel.com/jayway-travel/static-content/logos/recommended-in/ 1 KB
2 KB 31ms
30ms Image
image/webp 172.66.42.221
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.jaywaytravel.com/jayway-travel/static-content/logos/recommended-in/national-geographic.png

Requested by

Host: fdew.ouhgfgfhg.cloudns.biz
URL: https://fdew.ouhgfgfhg.cloudns.biz/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.42.221 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

613bd5b9ac2e470f10f9ae156302414b7f1a14a009c7bc5a63f21424907314d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fdew.ouhgfgfhg.cloudns.biz/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 30 Mar 2024 10:17:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 201016
cf-polished: origFmt=png, origSize=1899
x-cache-status: HIT
x-powered-by: Express
x-envoy-upstream-service-time: 0
content-disposition: inline; filename="national-geographic.webp"
alt-svc: h3=":443"; ma=86400
cf-bgj: imgq:85,h2pri
last-modified: Thu, 28 Mar 2024 02:27:04 GMT
server: cloudflare
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CodWRk4yjjtzuSbDBGn9e74WbJXnJpc%2BQFpUQSrB1WGKvfWSwsdDgpnuozG5DTnWLzLnf3hGgbRroJae3JjvUqLGU8H1dCcH2nrhF1kmntdWbmA0vo3eONVPrzi%2BFsE1LAv78bNu"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 86c759717ae24bcc-BUF
expires: Sat, 27 Apr 2024 02:27:04 GMT

GET
H3 200 washington-post.png
img.jaywaytravel.com/jayway-travel/static-content/logos/recommended-in/ 3 KB
4 KB 85ms
85ms Image
image/jpeg 172.66.42.221
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.jaywaytravel.com/jayway-travel/static-content/logos/recommended-in/washington-post.png

Requested by

Host: fdew.ouhgfgfhg.cloudns.biz
URL: https://fdew.ouhgfgfhg.cloudns.biz/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.42.221 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

22cb0f2120e9ec71f89b6932e8fd8628bfb430eba5b52fe93976bc5b171f64c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fdew.ouhgfgfhg.cloudns.biz/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 30 Mar 2024 10:17:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: Express
x-cache-status: HIT
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 30 Mar 2024 10:17:20 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Wx0NMqK6S5Zo%2FuYrMCVuLAJAGEcswKdkbuXnfQ7Ym4TtIqCFvpIIfq8u2vcHQw4gt25k0v0CBLMMmpQz%2BEEWjqPxpX4DpZnE7WHNRRmNHktL%2BuY5YQvOpw3vVd6zuxNlyXqdjvX3"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 86c759717ae44bcc-BUF
expires: Mon, 29 Apr 2024 10:17:20 GMT

GET
H3 200 vogue.png
img.jaywaytravel.com/jayway-travel/static-content/logos/recommended-in/ 2 KB
2 KB 84ms
83ms Image
image/jpeg 172.66.42.221
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.jaywaytravel.com/jayway-travel/static-content/logos/recommended-in/vogue.png

Requested by

Host: fdew.ouhgfgfhg.cloudns.biz
URL: https://fdew.ouhgfgfhg.cloudns.biz/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.42.221 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

241d8ba8a52dbbcb1ff0271e1872d44fb6a3e8dd4e212bbe00a6c35f19852d0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fdew.ouhgfgfhg.cloudns.biz/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 30 Mar 2024 10:17:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: Express
x-cache-status: HIT
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 18 Mar 2024 19:15:00 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vyybd3%2FhNn9G%2FM3e%2BTVQPQ8IWdedxXUAoqMumPKJKh4eZDmnbdQwoY5NFdhN4q2e%2BJAh%2B%2BdN%2FHTbf8%2FPhY11dT%2BazLZX%2F%2FyX0mULlwCwT1C9uwNWbK9FwB2thHnjLV8bYKkSJUJn"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 86c759717ae54bcc-BUF
expires: Mon, 29 Apr 2024 10:17:20 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 307 KB
101 KB 90ms
85ms Script
application/javascript 2607:f8b0:4006:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-QNYCKQ7ZYF&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T9K9PS9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1294f3d6522d1139fab9b25977ec39e819904ce6cb42609f3b655175942ced29

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fdew.ouhgfgfhg.cloudns.biz/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 30 Mar 2024 10:17:21 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 102916
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 30 Mar 2024 10:17:21 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 45 KB
13 KB 160ms
50ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T9K9PS9

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fdew.ouhgfgfhg.cloudns.biz/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Sat, 30 Mar 2024 10:17:21 GMT
last-modified: Thu, 29 Feb 2024 19:58:06 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F745430885AE42928FAAA55222CFEBD6 Ref B: NYCEDGE1616 Ref C: 2024-03-30T10:17:21Z
etag: "01b4e9c496bda1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13261

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 252 KB
87 KB 80ms
79ms Script
application/javascript 2607:f8b0:4006:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-1059986709&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T9K9PS9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

40c03ffb0aa179183a238612a8b2fef117aca5dc9d1f4e63dc58f544db2122d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fdew.ouhgfgfhg.cloudns.biz/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 30 Mar 2024 10:17:21 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 89401
x-xss-protection: 0
last-modified: Sat, 30 Mar 2024 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 30 Mar 2024 10:17:21 GMT

GET
H2 200 matomo.js Show response
cdn.matomo.cloud/jaywaytravel.matomo.cloud/ 201 KB
59 KB 132ms
45ms Script
application/javascript 2600:9000:24f0:a800:c:7d55:b3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.matomo.cloud/jaywaytravel.matomo.cloud/matomo.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T9K9PS9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f0:a800:c:7d55:b3c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

fe03d4956589bc1d63cc9ff8bd998fab626f3ba20447146369b8cdb28c8195d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fdew.ouhgfgfhg.cloudns.biz/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 30 Mar 2024 06:00:47 GMT
x-amz-version-id: FAPsbJOOjHolXd.L0eZFoDZka0MvXjNA
content-encoding: gzip
strict-transport-security: max-age=31536000
via: 1.1 84fd743af5e8639c32332cec06beef46.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P3
age: 15394
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 21 Mar 2024 00:39:40 GMT
server: CloudFront
etag: W/"b497a6c98a2a84938d6866c55f164e4d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=691200
x-amz-cf-id: m1fXz7fYx3V4XhH7NjElV0trPtV-7mgNGArbA7eBazASzCQXt0m7LQ==

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1059986709/ 2 KB
1 KB 156ms
66ms Script
text/javascript 142.250.72.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1059986709/?random=1711793841220&cv=11&fst=1711793841220&bg=ffffff&guid=ON&async=1&gtm=45be43r0v885021561z8811817648za201&gcd=13l3l3l3l1&dma=0&u_w=800&u_h=600&url=https%3A%2F%2Ffdew.ouhgfgfhg.cloudns.biz%2F&label=RXh0CP-7rAMQlbq4-QM&hn=www.googleadservices.com&frm=0&tiba=JayWay%20Travel%20%E2%80%93%20Boutique%20Europe%20Tour%20Company&npa=0&pscdl=noapi&auid=747190339.1711793841&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.86%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.86&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-1059986709&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.72.98 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f2.1e100.net

Software

cafe /

Resource Hash

f7e1e70f6bffee0dff04ad4a9c40a818adc95c717e881fa58740efa4a8f68c16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fdew.ouhgfgfhg.cloudns.biz/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 30 Mar 2024 10:17:21 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1347
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
262 B 139ms
51ms Ping
text/plain 2607:f8b0:4006:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-QNYCKQ7ZYF&gtm=45je43r0v869757941z8811817648za200&_p=1711793840755&_gaz=1&gcd=13l3l3l3l1&npa=0&dma=0&cid=2126948847.1711793841&ul=en-us&sr=800x600&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.86%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.86&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&sid=1711793841&sct=1&seg=0&dl=https%3A%2F%2Ffdew.ouhgfgfhg.cloudns.biz%2F&dt=JayWay%20Travel%20%E2%80%93%20Boutique%20Europe%20Tour%20Company&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1103
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QNYCKQ7ZYF&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:80b::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fdew.ouhgfgfhg.cloudns.biz/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 30 Mar 2024 10:17:21 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://fdew.ouhgfgfhg.cloudns.biz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
262 B 144ms
54ms Ping
text/plain 2607:f8b0:4004:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-QNYCKQ7ZYF&cid=2126948847.1711793841&gtm=45je43r0v869757941z8811817648za200&aip=1&dma=0&gcd=13l3l3l3l1&npa=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QNYCKQ7ZYF&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c06::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fdew.ouhgfgfhg.cloudns.biz/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 30 Mar 2024 10:17:21 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://fdew.ouhgfgfhg.cloudns.biz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 matomo.php
jaywaytravel.matomo.cloud/ 0
176 B 430ms
178ms Ping
text/plain 3.126.133.169
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://jaywaytravel.matomo.cloud/matomo.php?action_name=JayWay%20Travel%20%E2%80%93%20Boutique%20Europe%20Tour%20Company&idsite=2&rec=1&r=349115&h=0&m=17&s=21&url=https%3A%2F%2Ffdew.ouhgfgfhg.cloudns.biz%2F&_id=4efd10546f38a5d2&_idn=1&send_image=0&_refts=0&pv_id=miTKfu&fa_pv=1&fa_fp[0][fa_vid]=NislzJ&fa_fp[0][fa_id]=getFreeTripPlanModal&fa_fp[0][fa_fv]=1&pf_net=130&pf_srv=237&pf_tfr=25&pf_dm1=267&uadata=%7B%7D
Requested by: Host: cdn.matomo.cloud
URL: https://cdn.matomo.cloud/jaywaytravel.matomo.cloud/matomo.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.126.133.169 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-133-169.eu-central-1.compute.amazonaws.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://fdew.ouhgfgfhg.cloudns.biz/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=utf-8

Response headers

access-control-allow-origin: https://fdew.ouhgfgfhg.cloudns.biz
date: Sat, 30 Mar 2024 10:17:21 GMT
access-control-allow-credentials: true
server: Apache
vary: X-Forwarded-Port-Override,X-Forwarded-Proto-Override,User-Agent

GET
H2 204 5975791.js Show response
bat.bing.com/p/action/ 0
116 B 45ms
45ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/5975791.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fdew.ouhgfgfhg.cloudns.biz/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Sat, 30 Mar 2024 10:17:21 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 111FDA3C8F3B48A1B63B5654B87BEA24 Ref B: NYCEDGE1616 Ref C: 2024-03-30T10:17:21Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
358 B 115ms
115ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=5975791&tm=gtm002&Ver=2&mid=e88b2329-ff5c-4ef7-8ace-f483dc8ed7c1&sid=b1ec6500ee7e11eeaa37b3ae53de1125&vid=b1eca580ee7e11ee99a8e3638d309582&vids=1&msclkid=N&pi=918639831&lg=en-US&sw=800&sh=600&sc=24&tl=JayWay%20Travel%20%E2%80%93%20Boutique%20Europe%20Tour%20Company&p=https%3A%2F%2Ffdew.ouhgfgfhg.cloudns.biz%2F&r=&lt=643&evt=pageLoad&sv=1&rn=873244

Requested by

Host: fdew.ouhgfgfhg.cloudns.biz
URL: https://fdew.ouhgfgfhg.cloudns.biz/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fdew.ouhgfgfhg.cloudns.biz/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 30 Mar 2024 10:17:21 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 3A08D5FFD06444458B317A83FC4126FA Ref B: NYCEDGE1616 Ref C: 2024-03-30T10:17:21Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 configs.php Show response
jaywaytravel.matomo.cloud/plugins/HeatmapSessionRecording/ 116 B
291 B 405ms
173ms Script
application/javascript 3.126.133.169
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://jaywaytravel.matomo.cloud/plugins/HeatmapSessionRecording/configs.php?idsite=2&trackerid=4PtIHt&url=https%3A%2F%2Ffdew.ouhgfgfhg.cloudns.biz%2F
Requested by: Host: cdn.matomo.cloud
URL: https://cdn.matomo.cloud/jaywaytravel.matomo.cloud/matomo.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.126.133.169 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-133-169.eu-central-1.compute.amazonaws.com
Software: Apache /
Resource Hash: e0827582ea8c12b78a99cdd6a261f436e10cd62da8ec39219a61b53ade1a5c25

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fdew.ouhgfgfhg.cloudns.biz/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 30 Mar 2024 10:17:21 GMT
content-encoding: gzip
server: Apache
content-length: 119
vary: X-Forwarded-Port-Override,X-Forwarded-Proto-Override,Accept-Encoding,User-Agent
content-type: application/javascript

GET
H3 200 /
www.google.com/pagead/1p-user-list/1059986709/ 42 B
64 B 128ms
55ms Image
image/gif 142.251.40.164
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1059986709/?random=1711793841220&cv=11&fst=1711792800000&bg=ffffff&guid=ON&async=1&gtm=45be43r0v885021561z8811817648za201&gcd=13l3l3l3l1&dma=0&u_w=800&u_h=600&url=https%3A%2F%2Ffdew.ouhgfgfhg.cloudns.biz%2F&label=RXh0CP-7rAMQlbq4-QM&frm=0&tiba=JayWay%20Travel%20%E2%80%93%20Boutique%20Europe%20Tour%20Company&npa=0&fmt=3&is_vtc=1&cid=CAQSGwB7FLtqM-w8viiVuEZyp5DbtOtRMG9Fbv0JuQ&random=4128731402&rmt_tld=0&ipr=y

Requested by

Host: fdew.ouhgfgfhg.cloudns.biz
URL: https://fdew.ouhgfgfhg.cloudns.biz/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.164 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fdew.ouhgfgfhg.cloudns.biz/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 30 Mar 2024 10:17:21 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 iso-flags.css
fdew.ouhgfgfhg.cloudns.biz/stylesheets/ 82 KB
50 KB 48ms
47ms Stylesheet
text/css 172.67.149.129
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fdew.ouhgfgfhg.cloudns.biz/stylesheets/iso-flags.css

Requested by

Host: fdew.ouhgfgfhg.cloudns.biz
URL: https://fdew.ouhgfgfhg.cloudns.biz/vendor/jquery/2.1.3/jquery-2.1.3.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.149.129 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

aad0aad5463a72558682879a9d99b469f420d97ac4b5a3dcc60df1724c420b50

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fdew.ouhgfgfhg.cloudns.biz/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 30 Mar 2024 10:17:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy: upgrade-insecure-requests;
age: 232653
cf-polished: origSize=84854
x-powered-by: Express
x-envoy-upstream-service-time: 15
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 27 Mar 2024 17:29:17 GMT
cf-bgj: minify
server: cloudflare
etag: W/"14b76-1029576368"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7NVxX0YOv3TWD4bPg9BNh39U%2BjPraftyFMrQIhDi3pUt12Uu63wzAgV%2BWw7Iqf%2Fo7PnrI8BlUt%2FKYS38Itv3NUsdI%2BosCyXSUjhp%2F7v3ybi9riexCloY4w%2FujePBQajp3t8StoMSmg4Lwn9%2FvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 86c75977180039f5-YYZ

GET
H3 200 favicon-32x32.png
fdew.ouhgfgfhg.cloudns.biz/ 471 B
1017 B 105ms
103ms Other
image/png 172.67.149.129
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fdew.ouhgfgfhg.cloudns.biz/favicon-32x32.png

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.149.129 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

c120fc22ec091ec33cdf4237d6c4150dcb861ff5492f367fecf45068504eb8a5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fdew.ouhgfgfhg.cloudns.biz/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 30 Mar 2024 10:17:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy: upgrade-insecure-requests;
x-powered-by: Express
x-envoy-upstream-service-time: 2
alt-svc: h3=":443"; ma=86400
content-length: 471
last-modified: Thu, 28 Mar 2024 18:39:25 GMT
server: cloudflare
etag: W/"1d7-628112378"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gTCc0NrRGdQB1IpZQSS7RWLdcMlyMpAn5Uu6SRpNZOKAlrLfKyBLVXniJrHftI499XUSAtYIRgh9VwDtfqUXlgEcBBCU8oTB6ViekOdsqgkHxYyqhJmeYasAHgbPePZMxpYACsWo9oYYraOEzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 86c75977582e39f5-YYZ

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c9f37cd05e259826df136818498eaa5689e9fc5c8e3989b629bd7c03461ea9bc

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 628 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9a744807487a83ddfad684a0f2ad1fe94ea196a77e35c7d5cd4249e786c5116e

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 887 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e4e3e511772c0a3dcecac8f4d3696aa76c2448e437d6d73285438c7ed03ac897

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f8c54b9d8186538c641116b47702d07b9dd3ad66f7a0b8d9b81c2fe1c7b53aa2

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 624 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aad538c49039cae7ec9685d38c7f8d9e1a6901217ac266fadeb31dd7b23861ca

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 48335e1e2d80f57ae9a834abf4e55fa6362e5a74bd633c093d2aee7c8a00543c

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f7a9e603e575979065b064a6e2cdbdb93d0031ee5689eafb3dce1f8fcb1aa390

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 781 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2df6c6ab073389f7bd65372be4ece6ed4b17fbbefb1bfaf03a9fc86019610eb4

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 711 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 657618503d979139be062b0dc35cd56021e3300904178ac89ff377a7603904f2

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 941 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 62d7b6352a8cce421c720975f912d479099c6fb7ab1248d11b6832d3976633a3

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 808 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c928a543fe42025cb70a060ca7c67e240f9a94d1758a0fc850601593aca1d263

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 885 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bd2e1fa37ee24d6b3b003bfd869a2e50f8a6ad13502c196ead6ec4e5f0ef11b0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 729 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 05008e6dee8ec28ebffe3c72bb1e9d538fde9270c49a49bb8ab522ecc7afb50f

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 861 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e413a4e680048b1da541245f71e6f4fb98139ace4f1f6947f88baf497e2864e9

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dc46a4b2fd4095db6400eaa572153a8b0f61f6c66f45e33b72246a847cb02820

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 803 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 49317d75f714e613171491137381a7279480fce718d42afe2e93bec9bb2af015

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 744 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 95d8274c4f06832efa3471b6e5c27a9bb7fd5a5a5de7b681af87959cdc97a63a

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 635 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b5340f648cf62ac2651d4d6d353dde6aa2a030d87fcb972ce22a82c724a11d16

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 869 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c156dee5bfb5de1eb8f155bd3cc5e378e0365b83344dce24964ff61e402d1011

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5c5f5cd88903f53b81584968382e21926cf927c1799b6549933cd1540fdda152

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3931da9a7b4b9c3a1ab999a1a7ccde146bfa6e486b3b2d5d977b36f74b821902

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 635 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 07200d627bebc245fc2bfe074d17fd87833f51dbec936a55010819de9189139e

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ccdf7ae063f91949517e44aafed5015e60432d08107a365d1cb66d3a855c811f

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 491 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8750b6e2ec3f9c96c27114bc98c0eb86d51d9cc211173e14226124890e5eccf0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cfe83abab42f9b080ce9c1791bd7506cdb1a3589cd594849f690772c3fc606de

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 900 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: de48bd23fe7de3f8585e1b11684552ed472172056d83b5b80b1dca715ede2f28

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0f0fa1c998d93f436677b8f671b9ba4825293718a3c23450557bc138832f373e

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5be0062a4473c19fb1f4628e7fd920f04375ce0b575fc993145dc40712557eb7

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8672e04eaa13e9c7b8edec8c167e1fc340ff8a8b6aaf3e98426f662ec5f828c9

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: be43a359784fbe7cf3dbd75efa11a22b8c3927830626acbb977083cefcb7897c

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 828 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e9e4278c885354e9a9913cc836776c093e0e09adca23e2f92d6db46b74d4df08

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1cbc369d04074ab0cdf66dcc2ee0f7867d5e343418beb811170c8d5d38f488b4

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 737 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 33baef1813318ac342b10d5c15af9ce5f36ad09f901f66c1ea0e9f130d77b861

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.ouhgfgfhg.cloudns.biz/	1970-01-20 21:39:29	Name: _gcl_au Value: 1.1.747190339.1711793841
.ouhgfgfhg.cloudns.biz/	1970-01-21 05:05:53	Name: _ga_QNYCKQ7ZYF Value: GS1.1.1711793841.1.0.1711793841.60.0.0
.ouhgfgfhg.cloudns.biz/	1970-01-21 05:05:53	Name: _ga Value: GA1.1.2126948847.1711793841
fdew.ouhgfgfhg.cloudns.biz/	1970-01-21 04:55:49	Name: _pk_id.2.e7f0 Value: 4efd10546f38a5d2.1711793841.
fdew.ouhgfgfhg.cloudns.biz/	1970-01-20 19:29:55	Name: _pk_ses.2.e7f0 Value: 1
.ouhgfgfhg.cloudns.biz/	1970-01-20 19:31:20	Name: _uetsid Value: b1ec6500ee7e11eeaa37b3ae53de1125
.ouhgfgfhg.cloudns.biz/	1970-01-21 04:51:29	Name: _uetvid Value: b1eca580ee7e11ee99a8e3638d309582
.doubleclick.net/	1970-01-20 19:29:54	Name: test_cookie Value: CheckForPermission
.bing.com/	1970-01-21 04:51:29	Name: MUID Value: 3056A710255F68E93C4BB342248B699E
.bat.bing.com/	1970-01-20 19:39:58	Name: MR Value: 0

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://fdew.ouhgfgfhg.cloudns.biz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fdew.ouhgfgfhg.cloudns.biz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fdew.ouhgfgfhg.cloudns.biz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
bat.bing.com
cdn.matomo.cloud
fdew.ouhgfgfhg.cloudns.biz
googleads.g.doubleclick.net
i.ytimg.com
img.jaywaytravel.com
jaywaytravel.matomo.cloud
stats.g.doubleclick.net
www.google.com
www.googletagmanager.com
142.250.72.98
142.251.40.164
172.66.42.221
172.67.149.129
2600:9000:24f0:a800:c:7d55:b3c0:93a1
2607:f8b0:4004:c06::9d
2607:f8b0:4006:809::2008
2607:f8b0:4006:80b::200e
2607:f8b0:4006:80f::2016
2620:1ec:c11::200
3.126.133.169
05008e6dee8ec28ebffe3c72bb1e9d538fde9270c49a49bb8ab522ecc7afb50f
07200d627bebc245fc2bfe074d17fd87833f51dbec936a55010819de9189139e
0f0fa1c998d93f436677b8f671b9ba4825293718a3c23450557bc138832f373e
1294f3d6522d1139fab9b25977ec39e819904ce6cb42609f3b655175942ced29
1a9ea5f5ccdbcb787c9aa78fe7166a3cd23c76809536dd5041a86d8e117946a1
1cbc369d04074ab0cdf66dcc2ee0f7867d5e343418beb811170c8d5d38f488b4
22cb0f2120e9ec71f89b6932e8fd8628bfb430eba5b52fe93976bc5b171f64c5
241d8ba8a52dbbcb1ff0271e1872d44fb6a3e8dd4e212bbe00a6c35f19852d0c
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2df6c6ab073389f7bd65372be4ece6ed4b17fbbefb1bfaf03a9fc86019610eb4
33baef1813318ac342b10d5c15af9ce5f36ad09f901f66c1ea0e9f130d77b861
3931da9a7b4b9c3a1ab999a1a7ccde146bfa6e486b3b2d5d977b36f74b821902
39e7a5224a01686931bcfcad635f998d354cad63d15dbf88015c547c09057187
40c03ffb0aa179183a238612a8b2fef117aca5dc9d1f4e63dc58f544db2122d3
454f52f4d2a1a5d7a2cf9a0f4fe04fbf7dcce04ba9f5c643b9264116f0f015e8
48335e1e2d80f57ae9a834abf4e55fa6362e5a74bd633c093d2aee7c8a00543c
49317d75f714e613171491137381a7279480fce718d42afe2e93bec9bb2af015
5822fe59505d4aafbd4e5fe0a2cca11ea66f25aca2a948c0ef0dcddc15d34dc5
5be0062a4473c19fb1f4628e7fd920f04375ce0b575fc993145dc40712557eb7
5c5f5cd88903f53b81584968382e21926cf927c1799b6549933cd1540fdda152
613bd5b9ac2e470f10f9ae156302414b7f1a14a009c7bc5a63f21424907314d1
62d7b6352a8cce421c720975f912d479099c6fb7ab1248d11b6832d3976633a3
657618503d979139be062b0dc35cd56021e3300904178ac89ff377a7603904f2
6671822cdc8052279ada49fe906f8caceabc94d652867e9698f05a2627356e8f
6763de73150d26e3296cd0154ff12dede3b5d39251c734c0ae4f8af4e437e4cc
6846ddb0a8d20f2cd6000f268cb75e2eecec8d176dced4e9e771e1e7d3df4e03
69279bee49c5f3502f7a3f07358da1562cc0a10d57e8a56cfc0f8977d367c99f
6de5f10ccef7544ae2724a6baaf888e54031959cd40e133126d64fc913a005fa
7b822800fa46123fc740c4271062f6d800d8c65a574333bc433602134c1f44dc
7f3776d3b13c85f32c608d97f4effeca685ac83b0aaf033a05f20a658d0a6263
7fc4aef90e470c8d3e5f3f699740c1c4fa843b59198fa17e06ba1fcdc975d523
823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721
8672e04eaa13e9c7b8edec8c167e1fc340ff8a8b6aaf3e98426f662ec5f828c9
8750b6e2ec3f9c96c27114bc98c0eb86d51d9cc211173e14226124890e5eccf0
8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3
8cca16a9d623bba46ae2b88ba5797d3e4987afabd21e358bd915d4c12c71daca
95d8274c4f06832efa3471b6e5c27a9bb7fd5a5a5de7b681af87959cdc97a63a
9a52891414b58db670c03ad90f50293bb6054ba300d570cddfb8d9f460c50bae
9a744807487a83ddfad684a0f2ad1fe94ea196a77e35c7d5cd4249e786c5116e
9b09d51999c45d153dc1f59ea1f1074eecca53d633df9a84aac1f541309e57a0
aad0aad5463a72558682879a9d99b469f420d97ac4b5a3dcc60df1724c420b50
aad538c49039cae7ec9685d38c7f8d9e1a6901217ac266fadeb31dd7b23861ca
b265492523411edf9e6c4119d18252933401ac93ed4991a1825c285be6164dd4
b5340f648cf62ac2651d4d6d353dde6aa2a030d87fcb972ce22a82c724a11d16
b56e4bcc40bb423846d02880bf196c78c4ecdaa252eeedc344f6ae0e3149df3a
bd2e1fa37ee24d6b3b003bfd869a2e50f8a6ad13502c196ead6ec4e5f0ef11b0
be43a359784fbe7cf3dbd75efa11a22b8c3927830626acbb977083cefcb7897c
c04c013a68fdcbdee453047766b8cad0201c27f1eabdfef56cbb239670742df5
c120fc22ec091ec33cdf4237d6c4150dcb861ff5492f367fecf45068504eb8a5
c156dee5bfb5de1eb8f155bd3cc5e378e0365b83344dce24964ff61e402d1011
c928a543fe42025cb70a060ca7c67e240f9a94d1758a0fc850601593aca1d263
c94b350d90e850fefdbfc5d9498770dac371f18876191821eec42c0bfc69484d
c9f37cd05e259826df136818498eaa5689e9fc5c8e3989b629bd7c03461ea9bc
ccdf7ae063f91949517e44aafed5015e60432d08107a365d1cb66d3a855c811f
cd5525bc887734465161af57feaa4d63c3f5681cb477816b23b6e17d94995707
cfe83abab42f9b080ce9c1791bd7506cdb1a3589cd594849f690772c3fc606de
d74c9f9a801f04b6f1804e2bb1762be96abb5e3922f643a979b69353de454d03
dc46a4b2fd4095db6400eaa572153a8b0f61f6c66f45e33b72246a847cb02820
de48bd23fe7de3f8585e1b11684552ed472172056d83b5b80b1dca715ede2f28
e0827582ea8c12b78a99cdd6a261f436e10cd62da8ec39219a61b53ade1a5c25
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e413a4e680048b1da541245f71e6f4fb98139ace4f1f6947f88baf497e2864e9
e4e3e511772c0a3dcecac8f4d3696aa76c2448e437d6d73285438c7ed03ac897
e6249266ea92f60bbb67c338022758e4f5adfbcac60c4d57dd16a9b25f489343
e9e4278c885354e9a9913cc836776c093e0e09adca23e2f92d6db46b74d4df08
ebcec06c4c80d3ac9a065028ec717d5b773a1a316ee6b014b44ba037f880c7bd
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f09f627eef5c178ca2b40d36c0beedd3e9508ced719f80aad5ff983685913e67
f1b1be2a3c9ac4363202c47f23fa2b01602715052223a4f5e61908b8f15a8503
f7a9e603e575979065b064a6e2cdbdb93d0031ee5689eafb3dce1f8fcb1aa390
f7e1e70f6bffee0dff04ad4a9c40a818adc95c717e881fa58740efa4a8f68c16
f8c54b9d8186538c641116b47702d07b9dd3ad66f7a0b8d9b81c2fe1c7b53aa2
f9bc87df41fb9fda2e39fd0fb135a2e2d0e402b4e19662be87204681b865636c
fa978b25425c672f94d0568ba554109b797462447fe6fa649c93963c283af101
fd97d79c7ba0a0820ffa4010f900b49016751ffc1d7a53e2e7b32f576a215170
fe006c326d6d8d127c9f95d24ded528187676d20aacd8f28e1ba917f0dae0cd1
fe03d4956589bc1d63cc9ff8bd998fab626f3ba20447146369b8cdb28c8195d3

fdew.ouhgfgfhg.cloudns.biz Open in urlscan Pro 172.67.149.129 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

53 Requests

100 %HTTPS

55 %IPv6

8 Domains

11 Subdomains

12 IPs

2 Countries

1636 kBTransfer

2853 kBSize

10 Cookies

6 Outgoing links

Redirected requests

53 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 33 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

fdew.ouhgfgfhg.cloudns.biz Open in urlscan Pro
172.67.149.129 Public Scan

Screenshot
Live screenshot

Full Image

53
Requests

100 %
HTTPS

55 %
IPv6

8
Domains

11
Subdomains

12
IPs

2
Countries

1636 kB
Transfer

2853 kB
Size

10
Cookies

53 HTTP transactions
33 data transactions