8318eb1a8a07.usapremiumtrips.com Open in urlscan Pro
18.172.112.27 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://8318eb1a8a07.usapremiumtrips.com/
Submission: On April 12 via api (April 12th 2024, 11:23:32 am UTC) from US — Scanned from DE

Summary HTTP 26 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 26 HTTP transactions. The main IP is 18.172.112.27, located in United States and belongs to AMAZON-02, US. The main domain is 8318eb1a8a07.usapremiumtrips.com.
TLS certificate: Issued by Amazon RSA 2048 M02 on April 12th 2024. Valid for: a year.

This is the only time 8318eb1a8a07.usapremiumtrips.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
18	18.172.112.27 18.172.112.27	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
26	4

18 18.172.112.27 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-172-112-27.fra60.r.cloudfront.net

8318eb1a8a07.usapremiumtrips.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	usapremiumtrips.com 8318eb1a8a07.usapremiumtrips.com	508 KB
3	gstatic.com fonts.gstatic.com	64 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	975 B
26	3

	Domain	Requested by
18	8318eb1a8a07.usapremiumtrips.com	8318eb1a8a07.usapremiumtrips.com
3	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	8318eb1a8a07.usapremiumtrips.com
26	3

This site contains links to these domains. Also see Links.

Domain
travel.state.gov

Subject Issuer	Validity	Valid
8318eb1a8a07.usapremiumtrips.com Amazon RSA 2048 M02	`2024-04-12` - `2025-05-12`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://8318eb1a8a07.usapremiumtrips.com/
Frame ID: A006F22E06126F5211317156E39B4F4C
Requests: 28 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react

Page Statistics

26
Requests

85 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

4
IPs

2
Countries

573 kB
Transfer

1697 kB
Size

0
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://travel.state.gov/content/passports/en/passports.html
Title: Visit Government Site

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

26 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
8318eb1a8a07.usapremiumtrips.com/ 414 KB
120 KB 910ms
868ms Document
text/html 18.172.112.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://8318eb1a8a07.usapremiumtrips.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.172.112.27 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-172-112-27.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

86ba3c6ea567862e730c994efc0fbdee82eb7f476e9fa5fbd57c66fde2a20da3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=0, must-revalidate
content-encoding: gzip
content-type: text/html
date: Fri, 12 Apr 2024 11:23:27 GMT
etag: W/"eb62e0e69587470dbdbc3cfc770b036b"
last-modified: Fri, 12 Apr 2024 06:02:00 GMT
referrer-policy: strict-origin-when-cross-origin
server: AmazonS3
strict-transport-security: max-age=31536000
vary: Accept-Encoding
via: 1.1 db38c5279288cd1c6aea4fa2c0409120.cloudfront.net (CloudFront)
x-amz-cf-id: m6IiFVoMOWp4OlfIIYFmlYch2B6ZlmOakWXc9kSU4683pRW1cda5Jw==
x-amz-cf-pop: FRA60-P8
x-amz-id-2: ut665WzyPKe9rU47PNbR0bJPW9v3GT8M4BJ1xMgp+c/0oeCSNjFcq8yrzTcXjI60EJNUrlQv5Zw=
x-amz-request-id: AC67NR8PCX754TCR
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 css
fonts.googleapis.com/ 5 KB
975 B 41ms
19ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Barlow:400,400i,600,700&display=swap

Requested by

Host: 8318eb1a8a07.usapremiumtrips.com
URL: https://8318eb1a8a07.usapremiumtrips.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5d6e6f8762ae55c0cf67c256780f1007fa1e618673d296425e2eee9281c7763b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://8318eb1a8a07.usapremiumtrips.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Fri, 12 Apr 2024 11:23:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 12 Apr 2024 11:23:26 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 12 Apr 2024 11:23:26 GMT

GET
H2 200 logo.svg
8318eb1a8a07.usapremiumtrips.com/images/logos/american/ 29 KB
12 KB 572ms
571ms Image
image/svg+xml 18.172.112.27
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://8318eb1a8a07.usapremiumtrips.com/images/logos/american/logo.svg

Requested by

Host: 8318eb1a8a07.usapremiumtrips.com
URL: https://8318eb1a8a07.usapremiumtrips.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.172.112.27 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-172-112-27.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

e9d151bd5eb3af85efa746ab8b9e8210e78eeabb15933ebdfa2718b3c9b6c7d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://8318eb1a8a07.usapremiumtrips.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 11:23:27 GMT
content-encoding: gzip
via: 1.1 db38c5279288cd1c6aea4fa2c0409120.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: 9TA6D5C391CS4GCK
x-amz-cf-pop: FRA60-P8
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 0i/U9k+3fxRUVQxFfngFb3UXP/vbnt0KyaCS5Yzm+iFDD7KP6O3wPnrNzgNxj+GmO8pc7N3eALk=
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 12 Apr 2024 06:02:06 GMT
server: AmazonS3
etag: W/"2e8d3d44e60702a0f9fd838a9aad1301"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
x-amz-cf-id: v1fxFrGiRcYgKW55BlI2Z6jd4qSsPo8gtH2OIRFAKN4FyKv5uIvYCA==

GET
DATA 200
OK truncated
/ 6 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 33217f52df55863a8bcb40e71ee7821e55c41dae1928f4702dca47c8f36d8568

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 5 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 11467039690701b0f08c37a5be6fcdfdf8ba0f6c55d436b635d7b3c05ae5f6a8

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 app-4fa92725b9779bdf316e.js Show response
8318eb1a8a07.usapremiumtrips.com/ 400 KB
123 KB 1252ms
1251ms Script
application/javascript 18.172.112.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://8318eb1a8a07.usapremiumtrips.com/app-4fa92725b9779bdf316e.js

Requested by

Host: 8318eb1a8a07.usapremiumtrips.com
URL: https://8318eb1a8a07.usapremiumtrips.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.172.112.27 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-172-112-27.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

fde9863c5b4deab5ef4aed07971fa0a7cc6a90838c7f62daa5927aaa6792e5e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://8318eb1a8a07.usapremiumtrips.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 11:23:28 GMT
content-encoding: gzip
via: 1.1 db38c5279288cd1c6aea4fa2c0409120.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: WX9Q0NWK868H3MHS
x-amz-cf-pop: FRA60-P8
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
x-amz-id-2: tXH3PNdxdrccZCvOA2kVSNRSwAtbaMUxOupHOMWnG0REL8zMCC9BOFQKNhaLAHP3/P+fHU+nREM=
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 12 Apr 2024 06:01:58 GMT
server: AmazonS3
etag: W/"636b4d8ba1e55a51920241b88f6ab854"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=31536000, immutable
x-amz-cf-id: F0sqj6hjoyVY54HbGaiasHcCrYGm6mUgTNuf8e59nj79cutvepEEFQ==

GET
H2 200 framework-7ce1d57d8e8e609be007.js Show response
8318eb1a8a07.usapremiumtrips.com/ 137 KB
45 KB 907ms
906ms Script
application/javascript 18.172.112.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://8318eb1a8a07.usapremiumtrips.com/framework-7ce1d57d8e8e609be007.js

Requested by

Host: 8318eb1a8a07.usapremiumtrips.com
URL: https://8318eb1a8a07.usapremiumtrips.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.172.112.27 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-172-112-27.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

6ebcd380bea6b92d8e393bc70b07e8ae71c90b3f9d64e1334b6d429b80f6c4f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://8318eb1a8a07.usapremiumtrips.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 11:23:28 GMT
content-encoding: gzip
via: 1.1 db38c5279288cd1c6aea4fa2c0409120.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: WX9SKPFYT2TPC9KJ
x-amz-cf-pop: FRA60-P8
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
x-amz-id-2: vosEZTtDEtyf9h29R0DHHa8bMK25+TNe9YoxtEJ0CMwVX5U/qon5fxQ4KuGdFjtqRbvwaIga7FM=
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 12 Apr 2024 06:02:00 GMT
server: AmazonS3
etag: W/"391c8268be24c87c8aef058eea899888"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=31536000, immutable
x-amz-cf-id: OQeA5_gMQ3KM-2Oc88zgXgM7cZPiD8zhgG7BWN0S0_25YNz6iKTh_A==

GET
H2 200 webpack-runtime-4be20f44919ca974f8bc.js Show response
8318eb1a8a07.usapremiumtrips.com/ 7 KB
4 KB 905ms
905ms Script
application/javascript 18.172.112.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://8318eb1a8a07.usapremiumtrips.com/webpack-runtime-4be20f44919ca974f8bc.js

Requested by

Host: 8318eb1a8a07.usapremiumtrips.com
URL: https://8318eb1a8a07.usapremiumtrips.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.172.112.27 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-172-112-27.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

26dc83ebe8b16bc5287f14229c002002ee355992278ddbcbe66fd265a2a642fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://8318eb1a8a07.usapremiumtrips.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 11:23:28 GMT
content-encoding: gzip
via: 1.1 db38c5279288cd1c6aea4fa2c0409120.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: WX9W7TEGDD45F0DD
x-amz-cf-pop: FRA60-P8
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
x-amz-id-2: qpDPNoTeU6tIokBnpgkVu5/dJWiQ4fvZ+Llp6ErV8cUzvH8BJ47D9dqHoqUDXV7tg4DPIK6txM4=
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 12 Apr 2024 06:02:00 GMT
server: AmazonS3
etag: W/"dc6a95a4e7a592dbb35fff661250af40"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=31536000, immutable
x-amz-cf-id: ZYnqi0Ebp1DkYX4jz3O-3ghPs92x2HPT5lt7aOSDafcxUtNo9ee76Q==

GET
H2 200 7cHqv4kjgoGqM7E30-8s51os.woff2
fonts.gstatic.com/s/barlow/v12/ 21 KB
22 KB 32ms
8ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlow/v12/7cHqv4kjgoGqM7E30-8s51os.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Barlow:400,400i,600,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b14e8397d552f351a4396dec25ec5da1348865683100e94c4ab0faea4a9a254

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fonts.googleapis.com/
Origin: https://8318eb1a8a07.usapremiumtrips.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 06 Apr 2024 13:32:09 GMT
x-content-type-options: nosniff
age: 510677
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21796
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:35:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 06 Apr 2025 13:32:09 GMT

GET
H2 200 7cHqv4kjgoGqM7E3t-4s51os.woff2
fonts.gstatic.com/s/barlow/v12/ 21 KB
21 KB 35ms
11ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlow/v12/7cHqv4kjgoGqM7E3t-4s51os.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Barlow:400,400i,600,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65a47caa5183b035bf78d0f93adbe5cea500333410259c54abf2de356740df7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fonts.googleapis.com/
Origin: https://8318eb1a8a07.usapremiumtrips.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 08 Apr 2024 21:42:41 GMT
x-content-type-options: nosniff
age: 308445
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21724
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:29:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 08 Apr 2025 21:42:41 GMT

GET
H2 200 7cHpv4kjgoGqM7E_DMs5.woff2
fonts.gstatic.com/s/barlow/v12/ 21 KB
21 KB 41ms
17ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlow/v12/7cHpv4kjgoGqM7E_DMs5.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Barlow:400,400i,600,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c9c80a6c32c0619d61c28f28723e68c5f8f75163e77ee5cf64c39e640e0d71e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fonts.googleapis.com/
Origin: https://8318eb1a8a07.usapremiumtrips.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 08 Apr 2024 19:32:23 GMT
x-content-type-options: nosniff
age: 316263
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21144
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:43:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 08 Apr 2025 19:32:23 GMT

GET
H3 200 app-data.json Show response
8318eb1a8a07.usapremiumtrips.com/page-data/ 50 B
496 B 541ms
541ms XHR
application/json 18.172.112.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://8318eb1a8a07.usapremiumtrips.com/page-data/app-data.json

Requested by

Host: 8318eb1a8a07.usapremiumtrips.com
URL: https://8318eb1a8a07.usapremiumtrips.com/app-4fa92725b9779bdf316e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

18.172.112.27 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-172-112-27.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

f2574a302233bee6fa0281bfa3c0d1f87d378a6b63d2e202b23737ac144569bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://8318eb1a8a07.usapremiumtrips.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Fri, 12 Apr 2024 11:23:29 GMT
via: 1.1 db38c5279288cd1c6aea4fa2c0409120.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-request-id: 44EFTGFQMN43AD6T
x-amz-cf-pop: FRA60-P8
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 50
x-amz-id-2: gPhPcPz22o/7mkIN1m71QHtw6bBvA4r7TeRFl9fy/qdgUeGkNaRLSg2manjxeTh5nDD6VPTmN7Y=
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 12 Apr 2024 06:02:01 GMT
server: AmazonS3
etag: "eb3f32099352ebae3caf3b974b7f441b"
x-frame-options: SAMEORIGIN
content-type: application/json
accept-ranges: bytes
x-amz-cf-id: Mk9V6ycrMbfJkjkSZPlZ3se3d_3VH-kdyKVcmWrY1yPdrhjaLR1reQ==

GET
H3 200 page-data.json Show response
8318eb1a8a07.usapremiumtrips.com/page-data/index/ 14 KB
4 KB 569ms
568ms XHR
application/json 18.172.112.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://8318eb1a8a07.usapremiumtrips.com/page-data/index/page-data.json

Requested by

Host: 8318eb1a8a07.usapremiumtrips.com
URL: https://8318eb1a8a07.usapremiumtrips.com/app-4fa92725b9779bdf316e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

18.172.112.27 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-172-112-27.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

5ddaceba96cbfd57edd295be85738fe3a36645ae6b21074b8accf299e90dc7ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://8318eb1a8a07.usapremiumtrips.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Fri, 12 Apr 2024 11:23:29 GMT
x-content-type-options: nosniff
content-encoding: gzip
x-amz-request-id: 44E77N65Q30B1SNA
x-amz-cf-pop: FRA60-P8
x-amz-server-side-encryption: AES256
via: 1.1 db38c5279288cd1c6aea4fa2c0409120.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
x-amz-id-2: EFOD9J8nGue+2ybjv8CJk3hY9C2SSNL553cY/KbWsHAVvrC32GTozsTnaWaRm419PY50KjysFTE=
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 12 Apr 2024 06:02:04 GMT
server: AmazonS3
etag: W/"f4effedf9b91b538af5ac6e509a79578"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json
x-amz-cf-id: b7GLdMDRWaP6CI1ILiFkZxk8_8sVdeAXzPViShzkHvkJOCRa3uLBjA==

GET
H3 200 favicon-32x32.png
8318eb1a8a07.usapremiumtrips.com/ 688 B
1 KB 669ms
668ms Other
image/png 18.172.112.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://8318eb1a8a07.usapremiumtrips.com/favicon-32x32.png?v=542c96a6573063e2783ac1b3b2cf40e9

Protocol

Security

QUIC, , AES_128_GCM

Server

18.172.112.27 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-172-112-27.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

778db528786f29c9ab6628b8e3870a2179ba4afba0adc1db4ebd7d8a255c3939

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://8318eb1a8a07.usapremiumtrips.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Fri, 12 Apr 2024 11:23:29 GMT
via: 1.1 db38c5279288cd1c6aea4fa2c0409120.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-request-id: 44EAMGZ12BD3VV23
x-amz-cf-pop: FRA60-P8
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 688
x-amz-id-2: Gk5VgpbvUOwBx+3oWllkyxTBXTr3AetBxKLDDmcUa4ux4rBHv2kmfHawL4G59P9yqIlLMmBjP/4=
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 12 Apr 2024 06:02:00 GMT
server: AmazonS3
etag: "ff1760eb1c34581620225d6289977e44"
x-frame-options: SAMEORIGIN
content-type: image/png
accept-ranges: bytes
x-amz-cf-id: G8Fey2mdXqfHE_7A9W185CZnBvutflaQWy2oXEkt_987uN_0r1wvNA==

GET
H3 200 41d164fa08c2a271ae039668375bbfcf2abbf1a6-244c2306c5531bb6ff72.js Show response
8318eb1a8a07.usapremiumtrips.com/ 329 KB
114 KB 621ms
621ms Script
application/javascript 18.172.112.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://8318eb1a8a07.usapremiumtrips.com/41d164fa08c2a271ae039668375bbfcf2abbf1a6-244c2306c5531bb6ff72.js

Requested by

Host: 8318eb1a8a07.usapremiumtrips.com
URL: https://8318eb1a8a07.usapremiumtrips.com/webpack-runtime-4be20f44919ca974f8bc.js

Protocol

Security

QUIC, , AES_128_GCM

Server

18.172.112.27 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-172-112-27.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

2141b1918aa6c210f3c4ffef68a4c1f975e7f4184c252f1529927067a2e0e52e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://8318eb1a8a07.usapremiumtrips.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Fri, 12 Apr 2024 11:23:29 GMT
x-content-type-options: nosniff
content-encoding: gzip
x-amz-request-id: 44E19VA3BYG0MT78
x-amz-cf-pop: FRA60-P8
x-amz-server-side-encryption: AES256
via: 1.1 db38c5279288cd1c6aea4fa2c0409120.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 5KoQykHEziPpi0K1PiyiG5SYpWxRYxP09s+a6eJu/NT1xZDqzc3+yYAnxQFhhEAKh8YF8KIg3tE=
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 12 Apr 2024 06:01:58 GMT
server: AmazonS3
etag: W/"ace36e0d14f5df605970f93dfef4c0a3"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=31536000, immutable
x-amz-cf-id: tXdfhZ2qS04K9QIzxDM796BJKLtqBTK-u1kvHeCCZWVJJqfl_nNovA==

GET
H3 200 fece967efd2a09820740203ae8ebfe63e9dd8deb-75aae0f2acfd6ed48a5d.js Show response
8318eb1a8a07.usapremiumtrips.com/ 215 KB
64 KB 748ms
747ms Script
application/javascript 18.172.112.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://8318eb1a8a07.usapremiumtrips.com/fece967efd2a09820740203ae8ebfe63e9dd8deb-75aae0f2acfd6ed48a5d.js

Requested by

Host: 8318eb1a8a07.usapremiumtrips.com
URL: https://8318eb1a8a07.usapremiumtrips.com/webpack-runtime-4be20f44919ca974f8bc.js

Protocol

Security

QUIC, , AES_128_GCM

Server

18.172.112.27 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-172-112-27.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

d97dcbf95d212fa5d7ba728a5bcbef79393e95603b1094a10d71d48ad7b3c42c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://8318eb1a8a07.usapremiumtrips.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Fri, 12 Apr 2024 11:23:30 GMT
x-content-type-options: nosniff
content-encoding: gzip
x-amz-request-id: SRXKVEKKGTRPT79C
x-amz-cf-pop: FRA60-P8
x-amz-server-side-encryption: AES256
via: 1.1 db38c5279288cd1c6aea4fa2c0409120.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
x-amz-id-2: pT96pXmwiTTPLTsmmHnR/Kf5mcGe0W6/USepHcexI3NEMGis+HxdYmL+aQCauCSQ2+uboovij4k=
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 12 Apr 2024 06:02:00 GMT
server: AmazonS3
etag: W/"6d4a42e1bc9d532f079b203bb9e56e3b"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=31536000, immutable
x-amz-cf-id: az_7pbNwDuEqUIoYtu_VMBktIhugLgAe_Vo_Uexljcv23tF4cBdM6w==

GET
H3 200 66c5595c98c8c5c8ef31a13df28515d7dee55588-863df629156ab9dda7cf.js Show response
8318eb1a8a07.usapremiumtrips.com/ 37 KB
10 KB 819ms
818ms Script
application/javascript 18.172.112.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://8318eb1a8a07.usapremiumtrips.com/66c5595c98c8c5c8ef31a13df28515d7dee55588-863df629156ab9dda7cf.js

Requested by

Host: 8318eb1a8a07.usapremiumtrips.com
URL: https://8318eb1a8a07.usapremiumtrips.com/webpack-runtime-4be20f44919ca974f8bc.js

Protocol

Security

QUIC, , AES_128_GCM

Server

18.172.112.27 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-172-112-27.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

96ed030217b7a65ff59d8e55c32c511af62325997b04c00b81ef6c1063e08c38

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://8318eb1a8a07.usapremiumtrips.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Fri, 12 Apr 2024 11:23:30 GMT
x-content-type-options: nosniff
content-encoding: gzip
x-amz-request-id: SRXGSMQKFEQRKF8A
x-amz-cf-pop: FRA60-P8
x-amz-server-side-encryption: AES256
via: 1.1 db38c5279288cd1c6aea4fa2c0409120.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
x-amz-id-2: fCohdHxI3lXg18FmkqrYDx4OqQ10lH2PNZD1DlU9/VLI/iKPiYWV48X+XD+Y0Oggvg2EMwHW3Yw=
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 12 Apr 2024 06:01:58 GMT
server: AmazonS3
etag: W/"6171446483da24ad578d33f654f09175"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=31536000, immutable
x-amz-cf-id: TDHQuuT8k7dUTS5Qia9_33kPthW5yRMy8tX7tKIncw0nEYPJl7uMRg==

GET
H3 200 component---src-templates-home-index-js-88cafb330c2b3fbe846e.js Show response
8318eb1a8a07.usapremiumtrips.com/ 14 KB
5 KB 563ms
562ms Script
application/javascript 18.172.112.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://8318eb1a8a07.usapremiumtrips.com/component---src-templates-home-index-js-88cafb330c2b3fbe846e.js

Requested by

Host: 8318eb1a8a07.usapremiumtrips.com
URL: https://8318eb1a8a07.usapremiumtrips.com/webpack-runtime-4be20f44919ca974f8bc.js

Protocol

Security

QUIC, , AES_128_GCM

Server

18.172.112.27 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-172-112-27.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

7ac80f555d1c6734077f9bcc984e2bdf901864049029b7b7b1593ce8cfe34852

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://8318eb1a8a07.usapremiumtrips.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Fri, 12 Apr 2024 11:23:29 GMT
x-content-type-options: nosniff
content-encoding: gzip
x-amz-request-id: 44E400BG9DJC0AJS
x-amz-cf-pop: FRA60-P8
x-amz-server-side-encryption: AES256
via: 1.1 db38c5279288cd1c6aea4fa2c0409120.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
x-amz-id-2: lq/3VsOWjZnaP/6ogVDSdIgCvq0nXaR1ms7r6x7Lw/wVDiWEJ1Y7gFQ2dT7JCKf3fhqGHMVt7fo=
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 12 Apr 2024 06:01:59 GMT
server: AmazonS3
etag: W/"ad7be8c0b2f91117532cb3f9064de489"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=31536000, immutable
x-amz-cf-id: Gn3U-I1jDVHp9B9Q54YvyI4Q60zajMYlxblUrij_JHzJCAEPUE6L1w==

GET
H3 200 2036441351.json Show response
8318eb1a8a07.usapremiumtrips.com/page-data/sq/d/ 60 B
509 B 884ms
882ms XHR
application/json 18.172.112.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://8318eb1a8a07.usapremiumtrips.com/page-data/sq/d/2036441351.json

Requested by

Host: 8318eb1a8a07.usapremiumtrips.com
URL: https://8318eb1a8a07.usapremiumtrips.com/app-4fa92725b9779bdf316e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

18.172.112.27 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-172-112-27.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

279e51ddfb8b4ca16b49093eb15a3671188a6e3bac15d7b90083b93a0d265d00

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://8318eb1a8a07.usapremiumtrips.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Fri, 12 Apr 2024 11:23:30 GMT
via: 1.1 db38c5279288cd1c6aea4fa2c0409120.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-request-id: SRXXCYCG4DCF77W3
x-amz-cf-pop: FRA60-P8
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 60
x-amz-id-2: epa9d+BUhYBtj1FAzvxWtthcZLSQQNDlwJIzhfbuEO6E/qAIufBc3bkVVj2InR9ybco+865A6WY=
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 12 Apr 2024 06:02:07 GMT
server: AmazonS3
etag: "494f8de8d937c92ed2f11ddf40f9c1e3"
x-frame-options: SAMEORIGIN
content-type: application/json
accept-ranges: bytes
x-amz-cf-id: n_VRjWM7mziwxWIXNp7FzIBoJ111BJMn63H9wPzwUW49kWgpCRRKZg==

GET
H3 200 3667958217.json Show response
8318eb1a8a07.usapremiumtrips.com/page-data/sq/d/ 6 KB
1 KB 558ms
557ms XHR
application/json 18.172.112.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://8318eb1a8a07.usapremiumtrips.com/page-data/sq/d/3667958217.json

Requested by

Host: 8318eb1a8a07.usapremiumtrips.com
URL: https://8318eb1a8a07.usapremiumtrips.com/app-4fa92725b9779bdf316e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

18.172.112.27 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-172-112-27.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

e9b5ecdf0bc007c4c877bf9e32d02423292152cb38a3fb8ab0eb7d0c85862de0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://8318eb1a8a07.usapremiumtrips.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Fri, 12 Apr 2024 11:23:29 GMT
x-content-type-options: nosniff
content-encoding: gzip
x-amz-request-id: 44E5YZE2QD8R2YBM
x-amz-cf-pop: FRA60-P8
x-amz-server-side-encryption: AES256
via: 1.1 db38c5279288cd1c6aea4fa2c0409120.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
x-amz-id-2: pmzEngELmObk0+sEKXgX1h81MBcylZO419F3sL08RLPzF9basN4NyyY7955rmj7wxCXj5MMDpYI=
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 12 Apr 2024 06:02:07 GMT
server: AmazonS3
etag: W/"2b8f5c1c20cd3e4b2136ad4aba52ac15"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json
x-amz-cf-id: w7ArxHVRmBolArlT9HDJqVge8NqS-BNXYkGxrNV-o-IagFhRUP70YQ==

GET
H3 200 3901604883.json Show response
8318eb1a8a07.usapremiumtrips.com/page-data/sq/d/ 15 KB
2 KB 545ms
544ms XHR
application/json 18.172.112.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://8318eb1a8a07.usapremiumtrips.com/page-data/sq/d/3901604883.json

Requested by

Host: 8318eb1a8a07.usapremiumtrips.com
URL: https://8318eb1a8a07.usapremiumtrips.com/app-4fa92725b9779bdf316e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

18.172.112.27 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-172-112-27.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

8e4fa1dcfbd5f9f59c2336f894a2c0e9bfde770e7c36997c7e0880373920645c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://8318eb1a8a07.usapremiumtrips.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Fri, 12 Apr 2024 11:23:29 GMT
x-content-type-options: nosniff
content-encoding: gzip
x-amz-request-id: 44EF76S1FYYPGP0B
x-amz-cf-pop: FRA60-P8
x-amz-server-side-encryption: AES256
via: 1.1 db38c5279288cd1c6aea4fa2c0409120.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 2KwWaVIfXgh2N7UPfgFmXGQoLmLvvLf7kTH2qmgGtU5xMjVvQ6g6W6RgeC9BCBUIuzcEOir/1iI=
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 12 Apr 2024 06:02:07 GMT
server: AmazonS3
etag: W/"8a670d905af3caabe9a0037622011b70"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json
x-amz-cf-id: F7Qjafo_K7bLvFrxCUKApPiQ5OFVsffzLmTcN5aXGVujnW0Miflzug==

GET
H3 200 521013288.json Show response
8318eb1a8a07.usapremiumtrips.com/page-data/sq/d/ 401 B
847 B 898ms
897ms XHR
application/json 18.172.112.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://8318eb1a8a07.usapremiumtrips.com/page-data/sq/d/521013288.json

Requested by

Host: 8318eb1a8a07.usapremiumtrips.com
URL: https://8318eb1a8a07.usapremiumtrips.com/app-4fa92725b9779bdf316e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

18.172.112.27 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-172-112-27.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

18032efc27aa1d99839515ec8834cd8a408cc5cfe34ca6f4c0bffcefaaaf06d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://8318eb1a8a07.usapremiumtrips.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Fri, 12 Apr 2024 11:23:30 GMT
via: 1.1 db38c5279288cd1c6aea4fa2c0409120.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-request-id: SRXNJ48G6W6HM39N
x-amz-cf-pop: FRA60-P8
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 401
x-amz-id-2: /hvnBtJvCoRP04EoiWO3gsRdBOT1n76T6CLcLsbLtGcRf32hcJUhMGLuQejNvdY6Ues1bPKRdPM=
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 12 Apr 2024 06:02:07 GMT
server: AmazonS3
etag: "116548289d2c2c504e97c9c77a3a8409"
x-frame-options: SAMEORIGIN
content-type: application/json
accept-ranges: bytes
x-amz-cf-id: hogAMwglVPYEuk0wcJQofQDu1OXjlGUcECG3uBN7LNw18q0YLCrNGg==

GET
H3 200 525316420.json Show response
8318eb1a8a07.usapremiumtrips.com/page-data/sq/d/ 165 B
615 B 864ms
863ms XHR
application/json 18.172.112.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://8318eb1a8a07.usapremiumtrips.com/page-data/sq/d/525316420.json

Requested by

Host: 8318eb1a8a07.usapremiumtrips.com
URL: https://8318eb1a8a07.usapremiumtrips.com/app-4fa92725b9779bdf316e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

18.172.112.27 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-172-112-27.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

c8a22bb48cca1b1f7ffbbe77eac8dd11af7142046c154a3820e88c020cbfcea5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://8318eb1a8a07.usapremiumtrips.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Fri, 12 Apr 2024 11:23:30 GMT
via: 1.1 db38c5279288cd1c6aea4fa2c0409120.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-request-id: SRXHESTVK4KPPHPQ
x-amz-cf-pop: FRA60-P8
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 165
x-amz-id-2: tA0fV9UcxZB3osmVMFXoLYU5IMfeRLeseMImRI3hmI0Zb1gVrFuh3Z8y/A5WbP0H2ZwKNSjYI9s=
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 12 Apr 2024 06:02:07 GMT
server: AmazonS3
etag: "5af2a43394233fb08e7058a4f9aa5b75"
x-frame-options: SAMEORIGIN
content-type: application/json
accept-ranges: bytes
x-amz-cf-id: UUPKV15i97-0TKIvXTkjVt6X-i_Lky_jTkR7WxE4dL9Re7wXo7jJug==

GET 715490869.json
8318eb1a8a07.usapremiumtrips.com/page-data/sq/d/ 0
0

GET
H3 200 755493591.json Show response
8318eb1a8a07.usapremiumtrips.com/page-data/sq/d/ 952 B
1 KB 920ms
919ms XHR
application/json 18.172.112.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://8318eb1a8a07.usapremiumtrips.com/page-data/sq/d/755493591.json

Requested by

Host: 8318eb1a8a07.usapremiumtrips.com
URL: https://8318eb1a8a07.usapremiumtrips.com/app-4fa92725b9779bdf316e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

18.172.112.27 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-172-112-27.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

d4ddacb85f3832fc9559bd57fb0af351181f6b0092aa1983b24bf19858cc4d5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://8318eb1a8a07.usapremiumtrips.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Fri, 12 Apr 2024 11:23:30 GMT
via: 1.1 db38c5279288cd1c6aea4fa2c0409120.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-request-id: SRXZ73CCSDGEBM9P
x-amz-cf-pop: FRA60-P8
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 952
x-amz-id-2: rYMxS4skXtg0Ess/AmK6xgaxSa3lpgg8Kj1FxnK1xkJ+7gdsd5W1ehbxxvFlgb1CXsSAkXeulvA=
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 12 Apr 2024 06:02:07 GMT
server: AmazonS3
etag: "07aaf3ede93ba458994deb3422d24135"
x-frame-options: SAMEORIGIN
content-type: application/json
accept-ranges: bytes
x-amz-cf-id: INLEUz-naZ721C37hXed0X2YSVZVshiWuhZwLFltLVtPljkNLLPaZw==

GET 348-1b1635b1df98bac17854.js
8318eb1a8a07.usapremiumtrips.com/ 0
0

GET 371-4d1d5f5f5b2f92762895.js
8318eb1a8a07.usapremiumtrips.com/ 0
0

GET 87-ff99df5884d952dd64d4.js
8318eb1a8a07.usapremiumtrips.com/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: 8318eb1a8a07.usapremiumtrips.com
URL: https://8318eb1a8a07.usapremiumtrips.com/page-data/sq/d/715490869.json

Domain: 8318eb1a8a07.usapremiumtrips.com
URL: https://8318eb1a8a07.usapremiumtrips.com/348-1b1635b1df98bac17854.js

Domain: 8318eb1a8a07.usapremiumtrips.com
URL: https://8318eb1a8a07.usapremiumtrips.com/371-4d1d5f5f5b2f92762895.js

Domain: 8318eb1a8a07.usapremiumtrips.com
URL: https://8318eb1a8a07.usapremiumtrips.com/87-ff99df5884d952dd64d4.js

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8318eb1a8a07.usapremiumtrips.com
fonts.googleapis.com
fonts.gstatic.com
8318eb1a8a07.usapremiumtrips.com
18.172.112.27
2a00:1450:4001:828::200a
2a00:1450:4001:82f::2003
11467039690701b0f08c37a5be6fcdfdf8ba0f6c55d436b635d7b3c05ae5f6a8
18032efc27aa1d99839515ec8834cd8a408cc5cfe34ca6f4c0bffcefaaaf06d7
2141b1918aa6c210f3c4ffef68a4c1f975e7f4184c252f1529927067a2e0e52e
26dc83ebe8b16bc5287f14229c002002ee355992278ddbcbe66fd265a2a642fb
279e51ddfb8b4ca16b49093eb15a3671188a6e3bac15d7b90083b93a0d265d00
2b14e8397d552f351a4396dec25ec5da1348865683100e94c4ab0faea4a9a254
33217f52df55863a8bcb40e71ee7821e55c41dae1928f4702dca47c8f36d8568
5d6e6f8762ae55c0cf67c256780f1007fa1e618673d296425e2eee9281c7763b
5ddaceba96cbfd57edd295be85738fe3a36645ae6b21074b8accf299e90dc7ae
65a47caa5183b035bf78d0f93adbe5cea500333410259c54abf2de356740df7e
6ebcd380bea6b92d8e393bc70b07e8ae71c90b3f9d64e1334b6d429b80f6c4f0
778db528786f29c9ab6628b8e3870a2179ba4afba0adc1db4ebd7d8a255c3939
7ac80f555d1c6734077f9bcc984e2bdf901864049029b7b7b1593ce8cfe34852
7c9c80a6c32c0619d61c28f28723e68c5f8f75163e77ee5cf64c39e640e0d71e
86ba3c6ea567862e730c994efc0fbdee82eb7f476e9fa5fbd57c66fde2a20da3
8e4fa1dcfbd5f9f59c2336f894a2c0e9bfde770e7c36997c7e0880373920645c
96ed030217b7a65ff59d8e55c32c511af62325997b04c00b81ef6c1063e08c38
c8a22bb48cca1b1f7ffbbe77eac8dd11af7142046c154a3820e88c020cbfcea5
d4ddacb85f3832fc9559bd57fb0af351181f6b0092aa1983b24bf19858cc4d5a
d97dcbf95d212fa5d7ba728a5bcbef79393e95603b1094a10d71d48ad7b3c42c
e9b5ecdf0bc007c4c877bf9e32d02423292152cb38a3fb8ab0eb7d0c85862de0
e9d151bd5eb3af85efa746ab8b9e8210e78eeabb15933ebdfa2718b3c9b6c7d5
f2574a302233bee6fa0281bfa3c0d1f87d378a6b63d2e202b23737ac144569bd
fde9863c5b4deab5ef4aed07971fa0a7cc6a90838c7f62daa5927aaa6792e5e0

8318eb1a8a07.usapremiumtrips.com Open in urlscan Pro 18.172.112.27 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

26 Requests

85 %HTTPS

67 %IPv6

3 Domains

3 Subdomains

4 IPs

2 Countries

573 kBTransfer

1697 kBSize

0 Cookies

1 Outgoing links

Redirected requests

26 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

0 Cookies

Security Headers

Indicators

8318eb1a8a07.usapremiumtrips.com Open in urlscan Pro
18.172.112.27 Public Scan

Screenshot
Live screenshot

Full Image

26
Requests

85 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

4
IPs

2
Countries

573 kB
Transfer

1697 kB
Size

0
Cookies

26 HTTP transactions
2 data transactions