urlscan.io logo urlscan.io
SecurityTrails logo

www.nyctours.us Open in urlscan Pro
35.208.140.250  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.nyctour.us/
Effective URL: https://www.nyctours.us/
Submission: On July 01 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 1 countries across 11 domains to perform 58 HTTP transactions. The main IP is 35.208.140.250, located in Council Bluffs, United States and belongs to GOOGLE, US. The main domain is www.nyctours.us.
TLS certificate: Issued by R3 on June 2nd 2024. Valid for: 3 months.
This is the only time www.nyctours.us was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 3.33.251.168 16509 (AMAZON-02)
18 35.208.140.250 15169 (GOOGLE)
2 142.251.174.95 15169 (GOOGLE)
1 172.67.152.205 13335 (CLOUDFLAR...)
15 13.84.181.47 8075 (MICROSOFT...)
1 54.215.45.200 16509 (AMAZON-02)
2 173.194.68.113 15169 (GOOGLE)
3 173.194.68.94 15169 (GOOGLE)
1 54.183.116.64 16509 (AMAZON-02)
12 72.21.81.200 15133 (EDGECAST)
1 13.107.253.38 8075 (MICROSOFT...)
2 173.194.205.97 15169 (GOOGLE)
58 11
1    3.33.251.168 (United States)

ASN16509 (AMAZON-02, US)
PTR: aec037177372cc6cd.awsglobalaccelerator.com
www.nyctour.us
18    35.208.140.250 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 250.140.208.35.bc.googleusercontent.com
www.nyctours.us
2    142.251.174.95 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: qc-in-f95.1e100.net
fonts.googleapis.com
1    172.67.152.205 (United States)

ASN13335 (CLOUDFLARENET, US)
fh-kit.com
15    13.84.181.47 (San Antonio, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
trytn.com
1    54.215.45.200 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-215-45-200.us-west-1.compute.amazonaws.com
fareharbor.com
2    173.194.68.113 (United States)

ASN15169 (GOOGLE, US)
PTR: qr-in-f113.1e100.net
www.google-analytics.com
3    173.194.68.94 (United States)

ASN15169 (GOOGLE, US)
PTR: qr-in-f94.1e100.net
fonts.gstatic.com
1    54.183.116.64 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-183-116-64.us-west-1.compute.amazonaws.com
fareharbor.com
12    72.21.81.200 (United States)

ASN15133 (EDGECAST, US)
trytn1.azureedge.net
1    13.107.253.38 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
js.monitor.azure.com
2    173.194.205.97 (United States)

ASN15169 (GOOGLE, US)
PTR: qm-in-f97.1e100.net
www.googletagmanager.com
Apex Domain
Subdomains		 Transfer
18 nyctours.us
www.nyctours.us
463 KB
15 trytn.com
trytn.com
1 MB
12 azureedge.net
trytn1.azureedge.net
1012 KB
3 gstatic.com
fonts.gstatic.com
121 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 81
190 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 71
21 KB
2 fareharbor.com
fareharbor.com — Cisco Umbrella Rank: 23367
11 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 83
3 KB
1 azure.com
js.monitor.azure.com — Cisco Umbrella Rank: 609
906 B
1 fh-kit.com
fh-kit.com — Cisco Umbrella Rank: 100516
34 KB
1 nyctour.us
www.nyctour.us
165 B
58 11
Domain Requested by
18 www.nyctours.us www.nyctours.us
15 trytn.com www.nyctours.us
trytn.com
12 trytn1.azureedge.net trytn.com
www.nyctours.us
3 fonts.gstatic.com fonts.googleapis.com
2 www.googletagmanager.com www.nyctours.us
www.googletagmanager.com
2 www.google-analytics.com www.nyctours.us
www.google-analytics.com
2 fareharbor.com www.nyctours.us
fareharbor.com
2 fonts.googleapis.com www.nyctours.us
1 js.monitor.azure.com trytn.com
1 fh-kit.com www.nyctours.us
1 www.nyctour.us 1 redirects
58 11

This site contains links to these domains. Also see Links.

Domain
trytn.com
www.peek.com
www.elegantthemes.com
www.wordpress.org
www.trytn.com
Subject Issuer Validity Valid
*.nyctours.us
R3		 2024-06-02 -
2024-08-31		 3 months crt.sh
upload.video.google.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
fh-kit.com
E1		 2024-06-02 -
2024-08-31		 3 months crt.sh
trytn.com
Sectigo RSA Domain Validation Secure Server CA		 2024-04-05 -
2025-05-06		 a year crt.sh
production.fareharbor.com
Amazon RSA 2048 M02		 2024-03-26 -
2025-04-24		 a year crt.sh
*.google-analytics.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
*.gstatic.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
*.vo.msecnd.net
DigiCert SHA2 Secure Server CA		 2024-06-06 -
2025-06-06		 a year crt.sh
js.monitor.azure.com
Microsoft Azure RSA TLS Issuing CA 04		 2024-05-22 -
2025-05-17		 a year crt.sh

This page contains 2 frames:

Primary Page: https://www.nyctours.us/
Frame ID: 7991129B0DC311930544907DF8A0611A
Requests: 57 HTTP requests in this frame

Frame: https://fareharbor.com/embeds/cart/?u=069c2492-2781-4d3a-9344-7f1afa9485dd&from-ssl=yes&ga4t=&g4=no&cp=no&csp=no&back=https%3A%2F%2Fwww.nyctours.us%2F
Frame ID: 820EB3CC87CE7CB85F72A5F3F2DA10AD
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

NYC Tours | Not to be missed Entertaining & Informative Tours of New York City

Page URL History Show full URLs

  1. https://www.nyctour.us/ HTTP 301
    http://www.nyctours.us/ HTTP 307
    https://www.nyctours.us/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • fareharbor\.com/embeds/api/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • lodash.*\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

58
Requests

100 %
HTTPS

0 %
IPv6

11
Domains

11
Subdomains

11
IPs

1
Countries

3045 kB
Transfer

5638 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.nyctour.us/ HTTP 301
    http://www.nyctours.us/ HTTP 307
    https://www.nyctours.us/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

58 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.nyctours.us/
Redirect Chain
  • https://www.nyctour.us/
  • http://www.nyctours.us/
  • https://www.nyctours.us/
137 KB
23 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.nyctours.us/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.208.140.250 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
250.140.208.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
27df35881f0e45e83ceda92dfe4327423756f83cc57da2012412ee7983eb37b2

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 01 Jul 2024 15:14:22 GMT
host-header
8441280b0c35cbc1147f8ba998a563a7
link
<https://www.nyctours.us/wp-json/>; rel="https://api.w.org/" <https://www.nyctours.us/wp-json/wp/v2/pages/1423>; rel="alternate"; type="application/json" <https://www.nyctours.us/>; rel=shortlink
server
nginx
vary
Accept-Encoding
x-cache-enabled
True
x-httpd-modphp
1
x-proxy-cache
HIT

Redirect headers

Location
https://www.nyctours.us/
Non-Authoritative-Reason
HttpsUpgrades
css
fonts.googleapis.com/ 		57 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800&subset=cyrillic,cyrillic-ext,greek,greek-ext,hebrew,latin,latin-ext,vietnamese&display=swap
Requested by
Host: www.nyctours.us
URL: https://www.nyctours.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.174.95 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
qc-in-f95.1e100.net
Software
ESF /
Resource Hash
f322afdaf7184e4ddd7fca589f89cdd7e2e2721dffbf8abed7cb1eca88b0915f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.nyctours.us/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Mon, 01 Jul 2024 15:14:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 01 Jul 2024 14:20:10 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 01 Jul 2024 15:14:23 GMT
et-divi-dynamic-1423-late.css
www.nyctours.us/wp-content/et-cache/1423/ 		623 B
425 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.nyctours.us/wp-content/et-cache/1423/et-divi-dynamic-1423-late.css?ver=1717802250
Requested by
Host: www.nyctours.us
URL: https://www.nyctours.us/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.208.140.250 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
250.140.208.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
1461b17855a66d342f54b55b914c63c378036b4d102717190e45c5d65027185c

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.nyctours.us/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 15:14:23 GMT
content-encoding
br
last-modified
Fri, 07 Jun 2024 23:17:30 GMT
server
nginx
etag
W/"6663950a-26f"
vary
Accept-Encoding
x-proxy-cache-info
DT:1
content-type
text/css
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
expires
Tue, 01 Jul 2025 15:14:23 GMT
css
fonts.googleapis.com/ 		700 B
435 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Freehand:regular&subset=khmer,latin&display=swap
Requested by
Host: www.nyctours.us
URL: https://www.nyctours.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.174.95 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
qc-in-f95.1e100.net
Software
ESF /
Resource Hash
aa3684215c6bb172b34ba82b37b71e59a9c26730c28530a37faea72134c4cace
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.nyctours.us/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Mon, 01 Jul 2024 15:14:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 01 Jul 2024 15:14:23 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 01 Jul 2024 15:14:23 GMT
/
fh-kit.com/buttons/v2/ 		228 KB
34 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fh-kit.com/buttons/v2/?orange=fa5320
Requested by
Host: www.nyctours.us
URL: https://www.nyctours.us/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.152.205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
02be8c798b1ca758b6020a2b83c8e45480c3c16031356e40dde395eb3c056033
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.nyctours.us/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 15:14:23 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Mon, 01 Jul 2024 12:52:43 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"02be8c798b1ca758b6020a2b83c8e45480c3c16031356e40dde395eb3c056033"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css;charset=UTF-8
x-scss-cache
true
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=o6tOnRE3Rdr%2FrqYmmjeikoVa5iwE1v4G7fEYySBZwg6dw1hgfXWd2IxefYOfIsgHAH149i8Q6TWQPUYRhieVXJKpCGWLtGoF%2BXjaMtyTq5ZA4Qfy9wKDG0e8x1Td"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31536000
cf-ray
89c7586e8986a32f-SEA
alt-svc
h3=":443"; ma=86400
et-divi-customizer-global.min.css
www.nyctours.us/wp-content/et-cache/global/ 		9 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.nyctours.us/wp-content/et-cache/global/et-divi-customizer-global.min.css?ver=1717802250
Requested by
Host: www.nyctours.us
URL: https://www.nyctours.us/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.208.140.250 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
250.140.208.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
a71c4df74f14e35fb5fe1876e3ed18e14f72e8ef364b101d4b5896ae36fbdd90

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.nyctours.us/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 15:14:23 GMT
content-encoding
br
last-modified
Fri, 07 Jun 2024 23:17:30 GMT
server
nginx
etag
W/"6663950a-228c"
vary
Accept-Encoding
x-proxy-cache-info
DT:1
content-type
text/css
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
expires
Tue, 01 Jul 2025 15:14:23 GMT
New-York-City-Tours-Logo1.png
www.nyctours.us/wp-content/uploads/2015/06/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nyctours.us/wp-content/uploads/2015/06/New-York-City-Tours-Logo1.png
Requested by
Host: www.nyctours.us
URL: https://www.nyctours.us/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.208.140.250 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
250.140.208.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
1ff3e897ce4fcb72873efabed4a25425fa66cc077d358b33d88cce8b6f9b244d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.nyctours.us/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 15:14:23 GMT
last-modified
Wed, 03 Jun 2015 13:56:58 GMT
server
nginx
etag
"556f07aa-1526"
x-proxy-cache-info
DT:1
content-type
image/png
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
accept-ranges
bytes
content-length
5414
expires
Tue, 01 Jul 2025 15:14:23 GMT
Night-View-of-the-City-from-the-Water-2.jpg
www.nyctours.us/wp-content/uploads/2016/11/ 		133 KB
134 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nyctours.us/wp-content/uploads/2016/11/Night-View-of-the-City-from-the-Water-2.jpg
Requested by
Host: www.nyctours.us
URL: https://www.nyctours.us/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.208.140.250 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
250.140.208.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
9e002a6a42f9faf9b9caf08ae538fac6e43af2a737a678b949d320e334ea8698

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.nyctours.us/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 15:14:23 GMT
last-modified
Wed, 02 Nov 2016 23:45:49 GMT
server
nginx
etag
"581a7aad-2159c"
x-proxy-cache-info
DT:1
content-type
image/jpeg
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
accept-ranges
bytes
content-length
136604
expires
Tue, 01 Jul 2025 15:14:23 GMT
View-of-TS-from-Tk-Tk-Booth.jpg
www.nyctours.us/wp-content/uploads/2017/06/ 		55 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nyctours.us/wp-content/uploads/2017/06/View-of-TS-from-Tk-Tk-Booth.jpg
Requested by
Host: www.nyctours.us
URL: https://www.nyctours.us/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.208.140.250 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
250.140.208.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
6551cfe215344087a5db3bd6d10fb3deffe0a7d5e589b1c9c67d763bb692698d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.nyctours.us/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 15:14:23 GMT
last-modified
Thu, 22 Jun 2017 12:19:42 GMT
server
nginx
etag
"594bb5de-dc6a"
x-proxy-cache-info
DT:1
content-type
image/jpeg
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
accept-ranges
bytes
content-length
56426
expires
Tue, 01 Jul 2025 15:14:23 GMT
main.js
trytn.com/scripts/embedding/ 		494 KB
192 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trytn.com/scripts/embedding/main.js
Requested by
Host: www.nyctours.us
URL: https://www.nyctours.us/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.84.181.47 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
4623fbfab4943cc65d71bc3eb594084394f7aabdc3051fd2a5c5af1604320cda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.nyctours.us/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 15:14:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
age
111
content-security-policy-report-only
default-src https:; base-uri 'self'; connect-src 'self' https://*.doubleclick.net https://*.facebook.com https://adservice.google.com https://analytics.google.com https://*.analytics.google.com https://google.com https://www.google.com https://www.google.com.ar https://www.google.com.ua https://adservice.google.com https://*.google-analytics.com https://*.paypal.com https://southcentralus-0.in.applicationinsights.azure.com https://*.stripe.com https://trytn-webapp-booking-scus-staging.azurewebsites.net https://www.trytn.com trytn.com; font-src 'self' https://trytn1.azureedge.net; form-action 'self'; frame-ancestors 'self' https://*.trytn.com; frame-src 'self' https://*.doubleclick.net https://*.facebook.com https://*.paypal.com https://*.paypalobjects.com https://ct.pinterest.com https://js.stripe.com; img-src 'self' https://*.doubleclick.net https://*.facebook.com https://*.google-analytics.com https://*.googletagmanager.com https://www.google.co.uk https://www.google.se https://www.google.nl https://www.google.fr https://www.google.ch https://www.google.com.pk https://*.paypal.com https://*.google.com https://*.paypalobjects.com https://trytn1.azureedge.net https://trytnsouthcentralus.blob.core.windows.net data:; object-src 'none'; style-src 'self'; style-src-attr 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' https://*.adroll.com https://connect.facebook.net https://*.googleadservices.com https://*.google-analytics.com https://*.googletagmanager.com https://*.doubleclick.net https://*.paypal.com https://*.paypalobjects.com https://js.monitor.azure.com https://*.stripe.com https://trytn1.azureedge.net; script-src-elem https://connect.facebook.net; worker-src 'self'; report-uri /Home/Report
x-xss-protection
1; mode=block
request-context
appId=cid-v1:62d48e65-d95f-43f6-a3f9-ab554f591924
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 12 Jun 2024 18:20:52 GMT
etag
"1dabcf541e9ec08"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=300
x-frame-options
SAMEORIGIN
accept-ranges
bytes
access-control-allow-headers
Content-Type
/
fareharbor.com/embeds/api/v1/ 		36 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fareharbor.com/embeds/api/v1/?autolightframe=yes
Requested by
Host: www.nyctours.us
URL: https://www.nyctours.us/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.215.45.200 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-215-45-200.us-west-1.compute.amazonaws.com
Software
/
Resource Hash
3be7dc839031789da91d911aa87c82f5cb8e9310e585248a10faaebb2301a619
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.nyctours.us/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Mon, 01 Jul 2024 15:14:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-fh-loadbalancer
production
x-amzn-trace-id
Root=1-6682c7cf-1f3fa7001a6a875b7b55ddf2
content-security-policy-report-only
form-action 'self'; script-src 'unsafe-inline' 'unsafe-eval' https://content.fareharbor.me https://js.stripe.com *.adyen.com *.mxpnl.com cdn.mxpnl.com *.filestackapi.com https://js.pusher.com https://www.google.com *.googleapis.com https://ssl.google-analytics.com https://www.google-analytics.com *.adroll.com *.adroll.mgr.consensu.org *.facebook.net *.facebook.com *.cloudflare.com *.hotjar.com https://www.googletagmanager.com https://googleads.g.doubleclick.net https://www.googleadservices.com *.gstatic.com *.paypal.com https://translate.google.com https://*.pusher.com https://ssl.google-analytics.com https://www.google-analytics.com dipr2nuwo661l.cloudfront.net fareharbor.com; frame-src https://js.stripe.com https://hooks.stripe.com *.adyen.com *.filestackapi.com *.googletagmanager.com *.hotjar.com https://www.google.com airtable.com player.vimeo.com facebook.com *.paypal.com https://bid.g.doubleclick.net fareharbor.com; default-src 'none'; base-uri 'self'; object-src 'none'; style-src 'unsafe-inline' content.fareharbor.me *.googleapis.com https://www.gstatic.com dipr2nuwo661l.cloudfront.net fareharbor.com; font-src 'self' data: fh-sites.imgix.net; connect-src wss://ws.pusherapp.com https://api.stripe.com https://www.google-analytics.com https://*.google-analytics.com https://*.analytics.google.com https: fareharbor.com wss:; img-src data: image/svg+xml image/png cdn.filestackcontent.com fh-sites.imgix.net https://www.google-analytics.com www.tripadvisor.com https://www.google.com d.adroll.com facebook.com bat.bing.com www.googletagmanager.com https://googleads.g.doubleclick.net https://www.facebook.com https://www.filepicker.io https//*.gstatic.com dipr2nuwo661l.cloudfront.net d1a2dkr8rai8e2.cloudfront.net fareharbor.com; report-uri /csp-report/
vary
Accept-Encoding, Cookie
content-language
en-us
p3p
CP="This is not a P3P policy."
content-type
text/javascript; charset=utf-8
cache-control
no-cache, no-store, must-revalidate
x-xss-protection
1; mode=block
expires
0
jquery.min.js
www.nyctours.us/wp-includes/js/jquery/ 		86 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nyctours.us/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by
Host: www.nyctours.us
URL: https://www.nyctours.us/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.208.140.250 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
250.140.208.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.nyctours.us/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 15:14:23 GMT
content-encoding
br
last-modified
Fri, 10 Nov 2023 04:56:22 GMT
server
nginx
etag
W/"654db7f6-15601"
vary
Accept-Encoding
x-proxy-cache-info
DT:1
content-type
application/javascript
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
expires
Tue, 01 Jul 2025 15:14:23 GMT
jquery-migrate.min.js
www.nyctours.us/wp-includes/js/jquery/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nyctours.us/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by
Host: www.nyctours.us
URL: https://www.nyctours.us/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.208.140.250 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
250.140.208.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.nyctours.us/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 15:14:23 GMT
content-encoding
br
last-modified
Thu, 10 Aug 2023 06:38:29 GMT
server
nginx
etag
W/"64d485e5-3509"
vary
Accept-Encoding
x-proxy-cache-info
DT:1
content-type
application/javascript
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
expires
Tue, 01 Jul 2025 15:14:23 GMT
scripts.min.js
www.nyctours.us/wp-content/themes/Divi/js/ 		268 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nyctours.us/wp-content/themes/Divi/js/scripts.min.js?ver=4.21.1
Requested by
Host: www.nyctours.us
URL: https://www.nyctours.us/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.208.140.250 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
250.140.208.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
ce0fba73135b78cdb43aaf2b57313570e3b98caadc21d30dcad5cc7211b839c4

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.nyctours.us/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 15:14:23 GMT
content-encoding
br
last-modified
Fri, 14 Jul 2023 11:40:09 GMT
server
nginx
etag
W/"64b13419-42f72"
vary
Accept-Encoding
x-proxy-cache-info
DT:1
content-type
application/javascript
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
expires
Tue, 01 Jul 2025 15:14:23 GMT
smoothscroll.js
www.nyctours.us/wp-content/themes/Divi/js/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nyctours.us/wp-content/themes/Divi/js/smoothscroll.js?ver=4.21.1
Requested by
Host: www.nyctours.us
URL: https://www.nyctours.us/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.208.140.250 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
250.140.208.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
75079f39fe739015589a0f995f41b4c1c29d4ebac85c93a792926af09f61cc83

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.nyctours.us/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 15:14:23 GMT
content-encoding
br
last-modified
Fri, 14 Jul 2023 11:40:09 GMT
server
nginx
etag
W/"64b13419-1652"
vary
Accept-Encoding
x-proxy-cache-info
DT:1
content-type
application/javascript
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
expires
Tue, 01 Jul 2025 15:14:23 GMT
jquery.fitvids.js
www.nyctours.us/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nyctours.us/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/jquery.fitvids.js?ver=4.21.0
Requested by
Host: www.nyctours.us
URL: https://www.nyctours.us/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.208.140.250 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
250.140.208.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
462747422c6af30aa81a0373fa1cfd736455cef52bdbb816f67be9531d84eace

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.nyctours.us/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 15:14:23 GMT
content-encoding
br
last-modified
Fri, 14 Jul 2023 11:40:09 GMT
server
nginx
etag
W/"64b13419-d15"
vary
Accept-Encoding
x-proxy-cache-info
DT:1
content-type
application/javascript
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
expires
Tue, 01 Jul 2025 15:14:23 GMT
common.js
www.nyctours.us/wp-content/themes/Divi/core/admin/js/ 		1 KB
738 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nyctours.us/wp-content/themes/Divi/core/admin/js/common.js?ver=4.21.0
Requested by
Host: www.nyctours.us
URL: https://www.nyctours.us/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.208.140.250 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
250.140.208.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
1ca76922f55b389b8f590ae7e3bcc3a2dccdce3aff1e5a4335af081b76a414ea

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.nyctours.us/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 15:14:23 GMT
content-encoding
br
last-modified
Fri, 14 Jul 2023 11:40:08 GMT
server
nginx
etag
W/"64b13418-53f"
vary
Accept-Encoding
x-proxy-cache-info
DT:1
content-type
application/javascript
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
expires
Tue, 01 Jul 2025 15:14:23 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.nyctours.us
URL: https://www.nyctours.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.194.68.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qr-in-f113.1e100.net
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.nyctours.us/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 01 Jul 2024 14:36:46 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
2257
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Mon, 01 Jul 2024 16:36:46 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 		47 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800&subset=cyrillic,cyrillic-ext,greek,greek-ext,hebrew,latin,latin-ext,vietnamese&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.194.68.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qr-in-f94.1e100.net
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://www.nyctours.us
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 24 Jun 2024 23:46:09 GMT
x-content-type-options
nosniff
age
574094
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48236
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 24 Jun 2025 23:46:09 GMT
modules.woff
www.nyctours.us/wp-content/themes/Divi/core/admin/fonts/modules/all/ 		90 KB
91 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.nyctours.us/wp-content/themes/Divi/core/admin/fonts/modules/all/modules.woff
Requested by
Host: www.nyctours.us
URL: https://www.nyctours.us/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.208.140.250 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
250.140.208.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
88795f28bb66a45f9c32245dd21d6319ed5d26a45bf5afa31d91a0f83ee855f7

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.nyctours.us/
Origin
https://www.nyctours.us
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 15:14:23 GMT
last-modified
Fri, 14 Jul 2023 11:40:08 GMT
server
nginx
etag
"64b13418-1693c"
x-proxy-cache-info
DT:1
content-type
font/woff
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
accept-ranges
bytes
content-length
92476
expires
Tue, 01 Jul 2025 15:14:23 GMT
memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
fonts.gstatic.com/s/opensans/v40/ 		49 KB
49 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800&subset=cyrillic,cyrillic-ext,greek,greek-ext,hebrew,latin,latin-ext,vietnamese&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.194.68.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qr-in-f94.1e100.net
Software
sffe /
Resource Hash
0d8601a776b7dc777cd23bc42392d05a43df0d6402328e8913b58811083b513d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://www.nyctours.us
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 05:49:30 GMT
x-content-type-options
nosniff
age
552293
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50296
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:10:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 Jun 2025 05:49:30 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTUGmu1aB.woff2
fonts.gstatic.com/s/opensans/v40/ 		24 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTUGmu1aB.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800&subset=cyrillic,cyrillic-ext,greek,greek-ext,hebrew,latin,latin-ext,vietnamese&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.194.68.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qr-in-f94.1e100.net
Software
sffe /
Resource Hash
7e510e61c497d334da21eccda06df5d3a428c9ea94d6903b6138e7c7255aba0f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://www.nyctours.us
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 23:13:34 GMT
x-content-type-options
nosniff
age
403249
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24984
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:04:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 26 Jun 2025 23:13:34 GMT
1498315836_new-year-time-clock-twelve-countdown-1.png
www.nyctours.us/wp-content/uploads/2017/06/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nyctours.us/wp-content/uploads/2017/06/1498315836_new-year-time-clock-twelve-countdown-1.png
Requested by
Host: www.nyctours.us
URL: https://www.nyctours.us/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.208.140.250 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
250.140.208.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
882d926ab981ad074ed86a835a7cfe00602f680736c1a06e5d7e457c6bc061ba

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.nyctours.us/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 15:14:23 GMT
last-modified
Sat, 24 Jun 2017 09:53:43 GMT
server
nginx
etag
"594e36a7-5d4"
x-proxy-cache-info
DT:1
content-type
image/png
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
accept-ranges
bytes
content-length
1492
expires
Tue, 01 Jul 2025 15:14:23 GMT
9-11-Memorial-w-Marching-Flags-408W-X-283H.jpg
www.nyctours.us/wp-content/uploads/2017/06/ 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nyctours.us/wp-content/uploads/2017/06/9-11-Memorial-w-Marching-Flags-408W-X-283H.jpg
Requested by
Host: www.nyctours.us
URL: https://www.nyctours.us/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.208.140.250 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
250.140.208.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e91a569fd8017a815b12e2fd5c56c8c82ea69a0cbd88e3577ad2799a68dee085

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.nyctours.us/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 15:14:23 GMT
last-modified
Mon, 26 Jun 2017 13:27:05 GMT
server
nginx
etag
"59510ba9-a7e9"
x-proxy-cache-info
DT:1
content-type
image/jpeg
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
accept-ranges
bytes
content-length
42985
expires
Tue, 01 Jul 2025 15:14:23 GMT
et-divi-dynamic-1423-late.css
www.nyctours.us/wp-content/et-cache/1423/ 		623 B
425 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.nyctours.us/wp-content/et-cache/1423/et-divi-dynamic-1423-late.css
Requested by
Host: www.nyctours.us
URL: https://www.nyctours.us/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.208.140.250 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
250.140.208.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
1461b17855a66d342f54b55b914c63c378036b4d102717190e45c5d65027185c

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.nyctours.us/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 15:14:23 GMT
content-encoding
br
last-modified
Fri, 07 Jun 2024 23:17:30 GMT
server
nginx
etag
W/"6663950a-26f"
vary
Accept-Encoding
x-proxy-cache-info
DT:1
content-type
text/css
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
expires
Tue, 01 Jul 2025 15:14:23 GMT
/
fareharbor.com/embeds/cart/ Frame 820E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://fareharbor.com/embeds/cart/?u=069c2492-2781-4d3a-9344-7f1afa9485dd&from-ssl=yes&ga4t=&g4=no&cp=no&csp=no&back=https%3A%2F%2Fwww.nyctours.us%2F
Requested by
Host: fareharbor.com
URL: https://fareharbor.com/embeds/api/v1/?autolightframe=yes
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.183.116.64 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-183-116-64.us-west-1.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
https://www.nyctours.us/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-encoding
gzip
content-language
en-us
content-security-policy-report-only
form-action 'self'; script-src 'unsafe-inline' 'unsafe-eval' https://content.fareharbor.me https://js.stripe.com *.adyen.com *.mxpnl.com cdn.mxpnl.com *.filestackapi.com https://js.pusher.com https://www.google.com *.googleapis.com https://ssl.google-analytics.com https://www.google-analytics.com *.adroll.com *.adroll.mgr.consensu.org *.facebook.net *.facebook.com *.cloudflare.com *.hotjar.com https://www.googletagmanager.com https://googleads.g.doubleclick.net https://www.googleadservices.com *.gstatic.com *.paypal.com https://translate.google.com https://*.pusher.com https://ssl.google-analytics.com https://www.google-analytics.com dipr2nuwo661l.cloudfront.net fareharbor.com; frame-src https://js.stripe.com https://hooks.stripe.com *.adyen.com *.filestackapi.com *.googletagmanager.com *.hotjar.com https://www.google.com airtable.com player.vimeo.com facebook.com *.paypal.com https://bid.g.doubleclick.net fareharbor.com; default-src 'none'; base-uri 'self'; object-src 'none'; style-src 'unsafe-inline' content.fareharbor.me *.googleapis.com https://www.gstatic.com dipr2nuwo661l.cloudfront.net fareharbor.com; font-src 'self' data: fh-sites.imgix.net; connect-src wss://ws.pusherapp.com https://api.stripe.com https://www.google-analytics.com https://*.google-analytics.com https://*.analytics.google.com https: fareharbor.com wss:; img-src data: image/svg+xml image/png cdn.filestackcontent.com fh-sites.imgix.net https://www.google-analytics.com www.tripadvisor.com https://www.google.com d.adroll.com facebook.com bat.bing.com www.googletagmanager.com https://googleads.g.doubleclick.net https://www.facebook.com https://www.filepicker.io https//*.gstatic.com dipr2nuwo661l.cloudfront.net d1a2dkr8rai8e2.cloudfront.net fareharbor.com; report-uri /csp-report/
content-type
text/html; charset=utf-8
date
Mon, 01 Jul 2024 15:14:23 GMT
p3p
CP="This is not a P3P policy."
strict-transport-security
max-age=31536000
vary
Accept-Encoding Cookie
x-amzn-trace-id
Root=1-6682c7cf-32d7095d5f450a4b1e4802e4
x-content-type-options
nosniff
x-fh-loadbalancer
production
x-xss-protection
1; mode=block
style.min.css
www.nyctours.us/wp-includes/css/dist/block-library/ 		111 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.nyctours.us/wp-includes/css/dist/block-library/style.min.css?ver=6.5.5
Requested by
Host: www.nyctours.us
URL: https://www.nyctours.us/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.208.140.250 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
250.140.208.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
98cecf88a23542fa047ce46eedb650b5c5128761ed4386c0977b847094ddfa20

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.nyctours.us/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 15:14:23 GMT
content-encoding
br
last-modified
Thu, 04 Apr 2024 03:10:50 GMT
server
nginx
etag
W/"660e1a3a-1bae5"
vary
Accept-Encoding
x-proxy-cache-info
DT:1
content-type
text/css
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
expires
Tue, 01 Jul 2025 15:14:23 GMT
lodash.min.js
trytn1.azureedge.net/uploads/StaticAssets/vendor/lodash/v4.17.21/ 		71 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trytn1.azureedge.net/uploads/StaticAssets/vendor/lodash/v4.17.21/lodash.min.js
Requested by
Host: trytn.com
URL: https://trytn.com/scripts/embedding/main.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.21.81.200 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (sac/2578) /
Resource Hash
a9705dfc47c0763380d851ab1801be6f76019f6b67e40e9b873f8b4a0603f7a9

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.nyctours.us/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 01 Jul 2024 15:14:24 GMT
content-encoding
gzip
content-md5
m+zED7HYXSHQyjji9waVEQ==
age
8654930
x-cache
HIT
content-length
25927
x-ms-lease-status
unlocked
last-modified
Wed, 10 Aug 2022 18:18:37 GMT
server
ECAcc (sac/2578)
etag
0x8DA7AFCBE91B995
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
629306a9-401e-0053-1612-7d6935000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=31536000
x-ms-version
2009-09-19
collect
www.google-analytics.com/j/ 		3 B
208 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1833725135&t=pageview&_s=1&dl=https%3A%2F%2Fwww.nyctours.us%2F&ul=en-us&de=UTF-8&dt=NYC%20Tours%20%7C%20Not%20to%20be%20missed%20Entertaining%20%26%20Informative%20Tours%20of%20New%20York%20City&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1788453614&gjid=1401021352&cid=1956812297.1719846864&tid=UA-87785862-1&_gid=2117768254.1719846864&_r=1&_slc=1&z=727993334
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.194.68.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qr-in-f113.1e100.net
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.nyctours.us/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 01 Jul 2024 15:14:24 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.nyctours.us
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
ai.config.1.cfg.json
js.monitor.azure.com/scripts/b/ 		1 KB
906 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://js.monitor.azure.com/scripts/b/ai.config.1.cfg.json
Requested by
Host: trytn.com
URL: https://trytn.com/scripts/embedding/main.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.253.38 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
64ac278a67256ae70d462c23307e75416d4e5a0a060f95e124be57772ee5b43f

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.nyctours.us/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 15:14:24 GMT
content-encoding
br
last-modified
Tue, 02 Apr 2024 18:24:43 GMT
x-ms-meta-aijssdkver
1.0.0
vary
Accept-Encoding
x-azure-ref
20240701T151424Z-r1559f9d855mvq9gh5bkk887rw0000000crg000000003a41
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
341f7354-701e-00e7-1487-c3fd86000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,x-ms-meta-aijssdkver,x-ms-meta-aijssdksrc,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=1800, immutable, no-transform
x-cache
TCP_HIT
x-ms-version
2009-09-19
x-ms-meta-aijssdksrc
[cdn]/scripts/b/ai.config.1.0.0.cfg.json
x-fd-int-roxy-purgeid
0
shopinfobyid
trytn.com/embeddedV2/ 		2 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trytn.com/embeddedV2/shopinfobyid?businessid=f322af7f-f194-4450-bb4e-c017ddec5624&culture=en
Requested by
Host: trytn.com
URL: https://trytn.com/scripts/embedding/main.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.84.181.47 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f2465dd56b65e9c0cfcd24d7911f6f3818b7933c3ab402d6909bdee6cc5d354a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept
*/*
Referer
https://www.nyctours.us/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 15:14:24 GMT
content-encoding
gzip
referrer-policy
strict-origin-when-cross-origin
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=300
content-security-policy-report-only
default-src https:; base-uri 'self'; connect-src 'self' https://*.doubleclick.net https://*.facebook.com https://adservice.google.com https://analytics.google.com https://*.analytics.google.com https://google.com https://www.google.com https://www.google.com.ar https://www.google.com.ua https://adservice.google.com https://*.google-analytics.com https://*.paypal.com https://southcentralus-0.in.applicationinsights.azure.com https://*.stripe.com https://trytn-webapp-booking-scus-staging.azurewebsites.net https://www.trytn.com trytn.com; font-src 'self' https://trytn1.azureedge.net; form-action 'self'; frame-ancestors 'self' https://*.trytn.com; frame-src 'self' https://*.doubleclick.net https://*.facebook.com https://*.paypal.com https://*.paypalobjects.com https://ct.pinterest.com https://js.stripe.com; img-src 'self' https://*.doubleclick.net https://*.facebook.com https://*.google-analytics.com https://*.googletagmanager.com https://www.google.co.uk https://www.google.se https://www.google.nl https://www.google.fr https://www.google.ch https://www.google.com.pk https://*.paypal.com https://*.google.com https://*.paypalobjects.com https://trytn1.azureedge.net https://trytnsouthcentralus.blob.core.windows.net data:; object-src 'none'; style-src 'self'; style-src-attr 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' https://*.adroll.com https://connect.facebook.net https://*.googleadservices.com https://*.google-analytics.com https://*.googletagmanager.com https://*.doubleclick.net https://*.paypal.com https://*.paypalobjects.com https://js.monitor.azure.com https://*.stripe.com https://trytn1.azureedge.net; script-src-elem https://connect.facebook.net; worker-src 'self'; report-uri /Home/Report
access-control-allow-headers
Content-Type
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
request-context
appId=cid-v1:62d48e65-d95f-43f6-a3f9-ab554f591924
main.css
trytn.com/styles/embedding/ 		210 KB
32 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://trytn.com/styles/embedding/main.css?c=5732823
Requested by
Host: www.nyctours.us
URL: https://www.nyctours.us/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.84.181.47 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f35f082a51f20f87980cbcc71371ad2db6f5ba905636cb8bc6114e5b18b3f716
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.nyctours.us/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 15:14:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
age
48
content-security-policy-report-only
default-src https:; base-uri 'self'; connect-src 'self' https://*.doubleclick.net https://*.facebook.com https://adservice.google.com https://analytics.google.com https://*.analytics.google.com https://google.com https://www.google.com https://www.google.com.ar https://www.google.com.ua https://adservice.google.com https://*.google-analytics.com https://*.paypal.com https://southcentralus-0.in.applicationinsights.azure.com https://*.stripe.com https://trytn-webapp-booking-scus-staging.azurewebsites.net https://www.trytn.com trytn.com; font-src 'self' https://trytn1.azureedge.net; form-action 'self'; frame-ancestors 'self' https://*.trytn.com; frame-src 'self' https://*.doubleclick.net https://*.facebook.com https://*.paypal.com https://*.paypalobjects.com https://ct.pinterest.com https://js.stripe.com; img-src 'self' https://*.doubleclick.net https://*.facebook.com https://*.google-analytics.com https://*.googletagmanager.com https://www.google.co.uk https://www.google.se https://www.google.nl https://www.google.fr https://www.google.ch https://www.google.com.pk https://*.paypal.com https://*.google.com https://*.paypalobjects.com https://trytn1.azureedge.net https://trytnsouthcentralus.blob.core.windows.net data:; object-src 'none'; style-src 'self'; style-src-attr 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' https://*.adroll.com https://connect.facebook.net https://*.googleadservices.com https://*.google-analytics.com https://*.googletagmanager.com https://*.doubleclick.net https://*.paypal.com https://*.paypalobjects.com https://js.monitor.azure.com https://*.stripe.com https://trytn1.azureedge.net; script-src-elem https://connect.facebook.net; worker-src 'self'; report-uri /Home/Report
x-xss-protection
1; mode=block
request-context
appId=cid-v1:62d48e65-d95f-43f6-a3f9-ab554f591924
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 12 Jun 2024 18:20:52 GMT
etag
"1dabcf541ed1ce7"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=300
x-frame-options
SAMEORIGIN
accept-ranges
bytes
access-control-allow-headers
Content-Type
print.css
trytn.com/styles/embedding/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://trytn.com/styles/embedding/print.css?c=5732823
Requested by
Host: www.nyctours.us
URL: https://www.nyctours.us/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.84.181.47 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a335d290cbcb7f29d01b95f46fe2f438c78b94fcc00aa02a0b91347d4d052373
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.nyctours.us/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 15:14:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
age
48
content-security-policy-report-only
default-src https:; base-uri 'self'; connect-src 'self' https://*.doubleclick.net https://*.facebook.com https://adservice.google.com https://analytics.google.com https://*.analytics.google.com https://google.com https://www.google.com https://www.google.com.ar https://www.google.com.ua https://adservice.google.com https://*.google-analytics.com https://*.paypal.com https://southcentralus-0.in.applicationinsights.azure.com https://*.stripe.com https://trytn-webapp-booking-scus-staging.azurewebsites.net https://www.trytn.com trytn.com; font-src 'self' https://trytn1.azureedge.net; form-action 'self'; frame-ancestors 'self' https://*.trytn.com; frame-src 'self' https://*.doubleclick.net https://*.facebook.com https://*.paypal.com https://*.paypalobjects.com https://ct.pinterest.com https://js.stripe.com; img-src 'self' https://*.doubleclick.net https://*.facebook.com https://*.google-analytics.com https://*.googletagmanager.com https://www.google.co.uk https://www.google.se https://www.google.nl https://www.google.fr https://www.google.ch https://www.google.com.pk https://*.paypal.com https://*.google.com https://*.paypalobjects.com https://trytn1.azureedge.net https://trytnsouthcentralus.blob.core.windows.net data:; object-src 'none'; style-src 'self'; style-src-attr 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' https://*.adroll.com https://connect.facebook.net https://*.googleadservices.com https://*.google-analytics.com https://*.googletagmanager.com https://*.doubleclick.net https://*.paypal.com https://*.paypalobjects.com https://js.monitor.azure.com https://*.stripe.com https://trytn1.azureedge.net; script-src-elem https://connect.facebook.net; worker-src 'self'; report-uri /Home/Report
x-xss-protection
1; mode=block
request-context
appId=cid-v1:62d48e65-d95f-43f6-a3f9-ab554f591924
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 12 Jun 2024 18:20:52 GMT
etag
"1dabcf541ee49d4"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=300
x-frame-options
SAMEORIGIN
accept-ranges
bytes
access-control-allow-headers
Content-Type
AllTranslations
trytn.com/Home/ 		95 KB
39 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trytn.com/Home/AllTranslations
Requested by
Host: trytn.com
URL: https://trytn.com/scripts/embedding/main.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.84.181.47 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
cb2a6faf162ea1b6a526141f808986415dc95fcee8773ff92d06d3f19444d3f3
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept
*/*
Referer
https://www.nyctours.us/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 15:14:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
age
1764
content-security-policy-report-only
default-src https:; base-uri 'self'; connect-src 'self' https://*.doubleclick.net https://*.facebook.com https://adservice.google.com https://analytics.google.com https://*.analytics.google.com https://google.com https://www.google.com https://www.google.com.ar https://www.google.com.ua https://adservice.google.com https://*.google-analytics.com https://*.paypal.com https://southcentralus-0.in.applicationinsights.azure.com https://*.stripe.com https://trytn-webapp-booking-scus-staging.azurewebsites.net https://www.trytn.com trytn.com; font-src 'self' https://trytn1.azureedge.net; form-action 'self'; frame-ancestors 'self' https://*.trytn.com; frame-src 'self' https://*.doubleclick.net https://*.facebook.com https://*.paypal.com https://*.paypalobjects.com https://ct.pinterest.com https://js.stripe.com; img-src 'self' https://*.doubleclick.net https://*.facebook.com https://*.google-analytics.com https://*.googletagmanager.com https://www.google.co.uk https://www.google.se https://www.google.nl https://www.google.fr https://www.google.ch https://www.google.com.pk https://*.paypal.com https://*.google.com https://*.paypalobjects.com https://trytn1.azureedge.net https://trytnsouthcentralus.blob.core.windows.net data:; object-src 'none'; style-src 'self'; style-src-attr 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' https://*.adroll.com https://connect.facebook.net https://*.googleadservices.com https://*.google-analytics.com https://*.googletagmanager.com https://*.doubleclick.net https://*.paypal.com https://*.paypalobjects.com https://js.monitor.azure.com https://*.stripe.com https://trytn1.azureedge.net; script-src-elem https://connect.facebook.net; worker-src 'self'; report-uri /Home/Report
x-xss-protection
1; mode=block
request-context
appId=cid-v1:62d48e65-d95f-43f6-a3f9-ab554f591924
referrer-policy
strict-origin-when-cross-origin
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
*
cache-control
public,max-age=3600
x-frame-options
SAMEORIGIN
access-control-allow-headers
Content-Type
cart
trytn.com/embeddedV2/ 		0
394 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trytn.com/embeddedV2/cart?cartId=c4324468-ec0d-4143-7a86-5a469f2162c8&culture=en
Requested by
Host: trytn.com
URL: https://trytn.com/scripts/embedding/main.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.84.181.47 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept
*/*
Referer
https://www.nyctours.us/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 15:14:24 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
content-security-policy-report-only
default-src https:; base-uri 'self'; connect-src 'self' https://*.doubleclick.net https://*.facebook.com https://adservice.google.com https://analytics.google.com https://*.analytics.google.com https://google.com https://www.google.com https://www.google.com.ar https://www.google.com.ua https://adservice.google.com https://*.google-analytics.com https://*.paypal.com https://southcentralus-0.in.applicationinsights.azure.com https://*.stripe.com https://trytn-webapp-booking-scus-staging.azurewebsites.net https://www.trytn.com trytn.com; font-src 'self' https://trytn1.azureedge.net; form-action 'self'; frame-ancestors 'self' https://*.trytn.com; frame-src 'self' https://*.doubleclick.net https://*.facebook.com https://*.paypal.com https://*.paypalobjects.com https://ct.pinterest.com https://js.stripe.com; img-src 'self' https://*.doubleclick.net https://*.facebook.com https://*.google-analytics.com https://*.googletagmanager.com https://www.google.co.uk https://www.google.se https://www.google.nl https://www.google.fr https://www.google.ch https://www.google.com.pk https://*.paypal.com https://*.google.com https://*.paypalobjects.com https://trytn1.azureedge.net https://trytnsouthcentralus.blob.core.windows.net data:; object-src 'none'; style-src 'self'; style-src-attr 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' https://*.adroll.com https://connect.facebook.net https://*.googleadservices.com https://*.google-analytics.com https://*.googletagmanager.com https://*.doubleclick.net https://*.paypal.com https://*.paypalobjects.com https://js.monitor.azure.com https://*.stripe.com https://trytn1.azureedge.net; script-src-elem https://connect.facebook.net; worker-src 'self'; report-uri /Home/Report
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
x-frame-options
SAMEORIGIN
access-control-allow-headers
Content-Type
x-xss-protection
1; mode=block
request-context
appId=cid-v1:62d48e65-d95f-43f6-a3f9-ab554f591924
js
www.googletagmanager.com/gtag/ 		275 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-95RMRTKEXF
Requested by
Host: www.nyctours.us
URL: https://www.nyctours.us/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.194.205.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qm-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
77fdbdf9c28d162d58cc0803d13b0feed543212e131b09221861453a3c4ad8fa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.nyctours.us/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 15:14:25 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
96969
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 01 Jul 2024 15:14:25 GMT
checkout.js
trytn.com/scripts/embedding/ 		843 KB
264 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trytn.com/scripts/embedding/checkout.js?c=5732823
Requested by
Host: trytn.com
URL: https://trytn.com/scripts/embedding/main.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.84.181.47 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e7fb8bda5039150258c0710e6019d2d244645e1f0bc66ba86f4f152e152ca4cb
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.nyctours.us/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 15:14:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
age
48
content-security-policy-report-only
default-src https:; base-uri 'self'; connect-src 'self' https://*.doubleclick.net https://*.facebook.com https://adservice.google.com https://analytics.google.com https://*.analytics.google.com https://google.com https://www.google.com https://www.google.com.ar https://www.google.com.ua https://adservice.google.com https://*.google-analytics.com https://*.paypal.com https://southcentralus-0.in.applicationinsights.azure.com https://*.stripe.com https://trytn-webapp-booking-scus-staging.azurewebsites.net https://www.trytn.com trytn.com; font-src 'self' https://trytn1.azureedge.net; form-action 'self'; frame-ancestors 'self' https://*.trytn.com; frame-src 'self' https://*.doubleclick.net https://*.facebook.com https://*.paypal.com https://*.paypalobjects.com https://ct.pinterest.com https://js.stripe.com; img-src 'self' https://*.doubleclick.net https://*.facebook.com https://*.google-analytics.com https://*.googletagmanager.com https://www.google.co.uk https://www.google.se https://www.google.nl https://www.google.fr https://www.google.ch https://www.google.com.pk https://*.paypal.com https://*.google.com https://*.paypalobjects.com https://trytn1.azureedge.net https://trytnsouthcentralus.blob.core.windows.net data:; object-src 'none'; style-src 'self'; style-src-attr 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' https://*.adroll.com https://connect.facebook.net https://*.googleadservices.com https://*.google-analytics.com https://*.googletagmanager.com https://*.doubleclick.net https://*.paypal.com https://*.paypalobjects.com https://js.monitor.azure.com https://*.stripe.com https://trytn1.azureedge.net; script-src-elem https://connect.facebook.net; worker-src 'self'; report-uri /Home/Report
x-xss-protection
1; mode=block
request-context
appId=cid-v1:62d48e65-d95f-43f6-a3f9-ab554f591924
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 12 Jun 2024 18:20:52 GMT
etag
"1dabcf541e377f1"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=300
x-frame-options
SAMEORIGIN
accept-ranges
bytes
access-control-allow-headers
Content-Type
pages.js
trytn.com/scripts/embedding/ 		288 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trytn.com/scripts/embedding/pages.js?c=5732823
Requested by
Host: trytn.com
URL: https://trytn.com/scripts/embedding/main.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.84.181.47 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
b5c51a6aa62687e6917997a7ecb161a82e21b646a0356534cc12ffb036326c5b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.nyctours.us/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 15:14:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
age
48
content-security-policy-report-only
default-src https:; base-uri 'self'; connect-src 'self' https://*.doubleclick.net https://*.facebook.com https://adservice.google.com https://analytics.google.com https://*.analytics.google.com https://google.com https://www.google.com https://www.google.com.ar https://www.google.com.ua https://adservice.google.com https://*.google-analytics.com https://*.paypal.com https://southcentralus-0.in.applicationinsights.azure.com https://*.stripe.com https://trytn-webapp-booking-scus-staging.azurewebsites.net https://www.trytn.com trytn.com; font-src 'self' https://trytn1.azureedge.net; form-action 'self'; frame-ancestors 'self' https://*.trytn.com; frame-src 'self' https://*.doubleclick.net https://*.facebook.com https://*.paypal.com https://*.paypalobjects.com https://ct.pinterest.com https://js.stripe.com; img-src 'self' https://*.doubleclick.net https://*.facebook.com https://*.google-analytics.com https://*.googletagmanager.com https://www.google.co.uk https://www.google.se https://www.google.nl https://www.google.fr https://www.google.ch https://www.google.com.pk https://*.paypal.com https://*.google.com https://*.paypalobjects.com https://trytn1.azureedge.net https://trytnsouthcentralus.blob.core.windows.net data:; object-src 'none'; style-src 'self'; style-src-attr 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' https://*.adroll.com https://connect.facebook.net https://*.googleadservices.com https://*.google-analytics.com https://*.googletagmanager.com https://*.doubleclick.net https://*.paypal.com https://*.paypalobjects.com https://js.monitor.azure.com https://*.stripe.com https://trytn1.azureedge.net; script-src-elem https://connect.facebook.net; worker-src 'self'; report-uri /Home/Report
x-xss-protection
1; mode=block
request-context
appId=cid-v1:62d48e65-d95f-43f6-a3f9-ab554f591924
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 12 Jun 2024 18:20:52 GMT
etag
"1dabcf541ea25ba"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=300
x-frame-options
SAMEORIGIN
accept-ranges
bytes
access-control-allow-headers
Content-Type
product.js
trytn.com/scripts/embedding/ 		525 KB
172 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trytn.com/scripts/embedding/product.js?c=5732823
Requested by
Host: trytn.com
URL: https://trytn.com/scripts/embedding/main.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.84.181.47 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
9140c898f7007f2261286f28703b7f0aeb0f337981cedcbe86f47979e933b322
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.nyctours.us/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 15:14:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
age
48
content-security-policy-report-only
default-src https:; base-uri 'self'; connect-src 'self' https://*.doubleclick.net https://*.facebook.com https://adservice.google.com https://analytics.google.com https://*.analytics.google.com https://google.com https://www.google.com https://www.google.com.ar https://www.google.com.ua https://adservice.google.com https://*.google-analytics.com https://*.paypal.com https://southcentralus-0.in.applicationinsights.azure.com https://*.stripe.com https://trytn-webapp-booking-scus-staging.azurewebsites.net https://www.trytn.com trytn.com; font-src 'self' https://trytn1.azureedge.net; form-action 'self'; frame-ancestors 'self' https://*.trytn.com; frame-src 'self' https://*.doubleclick.net https://*.facebook.com https://*.paypal.com https://*.paypalobjects.com https://ct.pinterest.com https://js.stripe.com; img-src 'self' https://*.doubleclick.net https://*.facebook.com https://*.google-analytics.com https://*.googletagmanager.com https://www.google.co.uk https://www.google.se https://www.google.nl https://www.google.fr https://www.google.ch https://www.google.com.pk https://*.paypal.com https://*.google.com https://*.paypalobjects.com https://trytn1.azureedge.net https://trytnsouthcentralus.blob.core.windows.net data:; object-src 'none'; style-src 'self'; style-src-attr 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' https://*.adroll.com https://connect.facebook.net https://*.googleadservices.com https://*.google-analytics.com https://*.googletagmanager.com https://*.doubleclick.net https://*.paypal.com https://*.paypalobjects.com https://js.monitor.azure.com https://*.stripe.com https://trytn1.azureedge.net; script-src-elem https://connect.facebook.net; worker-src 'self'; report-uri /Home/Report
x-xss-protection
1; mode=block
request-context
appId=cid-v1:62d48e65-d95f-43f6-a3f9-ab554f591924
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 12 Jun 2024 18:20:52 GMT
etag
"1dabcf541e66ea0"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=300
x-frame-options
SAMEORIGIN
accept-ranges
bytes
access-control-allow-headers
Content-Type
calendar.js
trytn.com/scripts/embedding/widgets/ 		418 KB
144 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trytn.com/scripts/embedding/widgets/calendar.js?c=5732823
Requested by
Host: trytn.com
URL: https://trytn.com/scripts/embedding/main.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.84.181.47 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
7d7dc61d054655298fa88d1bd16a272d2650e53e0b1f24f85927a2ba71ad8276
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.nyctours.us/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 15:14:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
age
48
content-security-policy-report-only
default-src https:; base-uri 'self'; connect-src 'self' https://*.doubleclick.net https://*.facebook.com https://adservice.google.com https://analytics.google.com https://*.analytics.google.com https://google.com https://www.google.com https://www.google.com.ar https://www.google.com.ua https://adservice.google.com https://*.google-analytics.com https://*.paypal.com https://southcentralus-0.in.applicationinsights.azure.com https://*.stripe.com https://trytn-webapp-booking-scus-staging.azurewebsites.net https://www.trytn.com trytn.com; font-src 'self' https://trytn1.azureedge.net; form-action 'self'; frame-ancestors 'self' https://*.trytn.com; frame-src 'self' https://*.doubleclick.net https://*.facebook.com https://*.paypal.com https://*.paypalobjects.com https://ct.pinterest.com https://js.stripe.com; img-src 'self' https://*.doubleclick.net https://*.facebook.com https://*.google-analytics.com https://*.googletagmanager.com https://www.google.co.uk https://www.google.se https://www.google.nl https://www.google.fr https://www.google.ch https://www.google.com.pk https://*.paypal.com https://*.google.com https://*.paypalobjects.com https://trytn1.azureedge.net https://trytnsouthcentralus.blob.core.windows.net data:; object-src 'none'; style-src 'self'; style-src-attr 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' https://*.adroll.com https://connect.facebook.net https://*.googleadservices.com https://*.google-analytics.com https://*.googletagmanager.com https://*.doubleclick.net https://*.paypal.com https://*.paypalobjects.com https://js.monitor.azure.com https://*.stripe.com https://trytn1.azureedge.net; script-src-elem https://connect.facebook.net; worker-src 'self'; report-uri /Home/Report
x-xss-protection
1; mode=block
request-context
appId=cid-v1:62d48e65-d95f-43f6-a3f9-ab554f591924
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 12 Jun 2024 18:20:52 GMT
etag
"1dabcf541e8d22a"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=300
x-frame-options
SAMEORIGIN
accept-ranges
bytes
access-control-allow-headers
Content-Type
card.js
trytn.com/scripts/embedding/widgets/ 		298 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trytn.com/scripts/embedding/widgets/card.js?c=5732823
Requested by
Host: trytn.com
URL: https://trytn.com/scripts/embedding/main.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.84.181.47 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f946d4b3b204bfa1b930bb5037718395bdc0bb22d121a8f8eb4e1f21c9ae6f5f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.nyctours.us/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 15:14:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
age
47
content-security-policy-report-only
default-src https:; base-uri 'self'; connect-src 'self' https://*.doubleclick.net https://*.facebook.com https://adservice.google.com https://analytics.google.com https://*.analytics.google.com https://google.com https://www.google.com https://www.google.com.ar https://www.google.com.ua https://adservice.google.com https://*.google-analytics.com https://*.paypal.com https://southcentralus-0.in.applicationinsights.azure.com https://*.stripe.com https://trytn-webapp-booking-scus-staging.azurewebsites.net https://www.trytn.com trytn.com; font-src 'self' https://trytn1.azureedge.net; form-action 'self'; frame-ancestors 'self' https://*.trytn.com; frame-src 'self' https://*.doubleclick.net https://*.facebook.com https://*.paypal.com https://*.paypalobjects.com https://ct.pinterest.com https://js.stripe.com; img-src 'self' https://*.doubleclick.net https://*.facebook.com https://*.google-analytics.com https://*.googletagmanager.com https://www.google.co.uk https://www.google.se https://www.google.nl https://www.google.fr https://www.google.ch https://www.google.com.pk https://*.paypal.com https://*.google.com https://*.paypalobjects.com https://trytn1.azureedge.net https://trytnsouthcentralus.blob.core.windows.net data:; object-src 'none'; style-src 'self'; style-src-attr 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' https://*.adroll.com https://connect.facebook.net https://*.googleadservices.com https://*.google-analytics.com https://*.googletagmanager.com https://*.doubleclick.net https://*.paypal.com https://*.paypalobjects.com https://js.monitor.azure.com https://*.stripe.com https://trytn1.azureedge.net; script-src-elem https://connect.facebook.net; worker-src 'self'; report-uri /Home/Report
x-xss-protection
1; mode=block
request-context
appId=cid-v1:62d48e65-d95f-43f6-a3f9-ab554f591924
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 12 Jun 2024 18:20:52 GMT
etag
"1dabcf541eafdc4"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=300
x-frame-options
SAMEORIGIN
accept-ranges
bytes
access-control-allow-headers
Content-Type
grid.js
trytn.com/scripts/embedding/widgets/ 		355 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trytn.com/scripts/embedding/widgets/grid.js?c=5732823
Requested by
Host: trytn.com
URL: https://trytn.com/scripts/embedding/main.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.84.181.47 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f854dea9de16f579d2341b3a4af6744316622b9e8850f7eac8944ab31f92896b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.nyctours.us/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 15:14:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
age
47
content-security-policy-report-only
default-src https:; base-uri 'self'; connect-src 'self' https://*.doubleclick.net https://*.facebook.com https://adservice.google.com https://analytics.google.com https://*.analytics.google.com https://google.com https://www.google.com https://www.google.com.ar https://www.google.com.ua https://adservice.google.com https://*.google-analytics.com https://*.paypal.com https://southcentralus-0.in.applicationinsights.azure.com https://*.stripe.com https://trytn-webapp-booking-scus-staging.azurewebsites.net https://www.trytn.com trytn.com; font-src 'self' https://trytn1.azureedge.net; form-action 'self'; frame-ancestors 'self' https://*.trytn.com; frame-src 'self' https://*.doubleclick.net https://*.facebook.com https://*.paypal.com https://*.paypalobjects.com https://ct.pinterest.com https://js.stripe.com; img-src 'self' https://*.doubleclick.net https://*.facebook.com https://*.google-analytics.com https://*.googletagmanager.com https://www.google.co.uk https://www.google.se https://www.google.nl https://www.google.fr https://www.google.ch https://www.google.com.pk https://*.paypal.com https://*.google.com https://*.paypalobjects.com https://trytn1.azureedge.net https://trytnsouthcentralus.blob.core.windows.net data:; object-src 'none'; style-src 'self'; style-src-attr 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' https://*.adroll.com https://connect.facebook.net https://*.googleadservices.com https://*.google-analytics.com https://*.googletagmanager.com https://*.doubleclick.net https://*.paypal.com https://*.paypalobjects.com https://js.monitor.azure.com https://*.stripe.com https://trytn1.azureedge.net; script-src-elem https://connect.facebook.net; worker-src 'self'; report-uri /Home/Report
x-xss-protection
1; mode=block
request-context
appId=cid-v1:62d48e65-d95f-43f6-a3f9-ab554f591924
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 12 Jun 2024 18:20:52 GMT
etag
"1dabcf541ebd1d0"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=300
x-frame-options
SAMEORIGIN
accept-ranges
bytes
access-control-allow-headers
Content-Type
product-card.css
trytn.com/styles/widgets/ 		1002 B
825 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://trytn.com/styles/widgets/product-card.css?c=5732823
Requested by
Host: www.nyctours.us
URL: https://www.nyctours.us/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.84.181.47 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
59889e29c8800a5571f20b5e4b1792174fbe10f3b5bfa70127ca0f44a20a8a9c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.nyctours.us/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 15:14:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
age
47
content-security-policy-report-only
default-src https:; base-uri 'self'; connect-src 'self' https://*.doubleclick.net https://*.facebook.com https://adservice.google.com https://analytics.google.com https://*.analytics.google.com https://google.com https://www.google.com https://www.google.com.ar https://www.google.com.ua https://adservice.google.com https://*.google-analytics.com https://*.paypal.com https://southcentralus-0.in.applicationinsights.azure.com https://*.stripe.com https://trytn-webapp-booking-scus-staging.azurewebsites.net https://www.trytn.com trytn.com; font-src 'self' https://trytn1.azureedge.net; form-action 'self'; frame-ancestors 'self' https://*.trytn.com; frame-src 'self' https://*.doubleclick.net https://*.facebook.com https://*.paypal.com https://*.paypalobjects.com https://ct.pinterest.com https://js.stripe.com; img-src 'self' https://*.doubleclick.net https://*.facebook.com https://*.google-analytics.com https://*.googletagmanager.com https://www.google.co.uk https://www.google.se https://www.google.nl https://www.google.fr https://www.google.ch https://www.google.com.pk https://*.paypal.com https://*.google.com https://*.paypalobjects.com https://trytn1.azureedge.net https://trytnsouthcentralus.blob.core.windows.net data:; object-src 'none'; style-src 'self'; style-src-attr 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' https://*.adroll.com https://connect.facebook.net https://*.googleadservices.com https://*.google-analytics.com https://*.googletagmanager.com https://*.doubleclick.net https://*.paypal.com https://*.paypalobjects.com https://js.monitor.azure.com https://*.stripe.com https://trytn1.azureedge.net; script-src-elem https://connect.facebook.net; worker-src 'self'; report-uri /Home/Report
x-xss-protection
1; mode=block
request-context
appId=cid-v1:62d48e65-d95f-43f6-a3f9-ab554f591924
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 12 Jun 2024 18:20:52 GMT
etag
"1dabcf541ee59ea"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=300
x-frame-options
SAMEORIGIN
accept-ranges
bytes
access-control-allow-headers
Content-Type
calendar.css
trytn.com/styles/widgets/ 		13 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://trytn.com/styles/widgets/calendar.css?c=5732823
Requested by
Host: www.nyctours.us
URL: https://www.nyctours.us/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.84.181.47 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
97ef78ead1696b3de0f891335fdafaab7182745edb55c1d66939f7721df6f283
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.nyctours.us/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 15:14:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
age
48
content-security-policy-report-only
default-src https:; base-uri 'self'; connect-src 'self' https://*.doubleclick.net https://*.facebook.com https://adservice.google.com https://analytics.google.com https://*.analytics.google.com https://google.com https://www.google.com https://www.google.com.ar https://www.google.com.ua https://adservice.google.com https://*.google-analytics.com https://*.paypal.com https://southcentralus-0.in.applicationinsights.azure.com https://*.stripe.com https://trytn-webapp-booking-scus-staging.azurewebsites.net https://www.trytn.com trytn.com; font-src 'self' https://trytn1.azureedge.net; form-action 'self'; frame-ancestors 'self' https://*.trytn.com; frame-src 'self' https://*.doubleclick.net https://*.facebook.com https://*.paypal.com https://*.paypalobjects.com https://ct.pinterest.com https://js.stripe.com; img-src 'self' https://*.doubleclick.net https://*.facebook.com https://*.google-analytics.com https://*.googletagmanager.com https://www.google.co.uk https://www.google.se https://www.google.nl https://www.google.fr https://www.google.ch https://www.google.com.pk https://*.paypal.com https://*.google.com https://*.paypalobjects.com https://trytn1.azureedge.net https://trytnsouthcentralus.blob.core.windows.net data:; object-src 'none'; style-src 'self'; style-src-attr 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' https://*.adroll.com https://connect.facebook.net https://*.googleadservices.com https://*.google-analytics.com https://*.googletagmanager.com https://*.doubleclick.net https://*.paypal.com https://*.paypalobjects.com https://js.monitor.azure.com https://*.stripe.com https://trytn1.azureedge.net; script-src-elem https://connect.facebook.net; worker-src 'self'; report-uri /Home/Report
x-xss-protection
1; mode=block
request-context
appId=cid-v1:62d48e65-d95f-43f6-a3f9-ab554f591924
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 12 Jun 2024 18:20:52 GMT
etag
"1dabcf541ee6e6c"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=300
x-frame-options
SAMEORIGIN
accept-ranges
bytes
access-control-allow-headers
Content-Type
product-grid.css
trytn.com/styles/widgets/ 		12 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://trytn.com/styles/widgets/product-grid.css?c=5732823
Requested by
Host: www.nyctours.us
URL: https://www.nyctours.us/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.84.181.47 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
0b72cef5f2527e1535e4c9f1e0c02d668d9e766d6d2e71a0eadfdb581a8675f8
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.nyctours.us/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 15:14:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
age
47
content-security-policy-report-only
default-src https:; base-uri 'self'; connect-src 'self' https://*.doubleclick.net https://*.facebook.com https://adservice.google.com https://analytics.google.com https://*.analytics.google.com https://google.com https://www.google.com https://www.google.com.ar https://www.google.com.ua https://adservice.google.com https://*.google-analytics.com https://*.paypal.com https://southcentralus-0.in.applicationinsights.azure.com https://*.stripe.com https://trytn-webapp-booking-scus-staging.azurewebsites.net https://www.trytn.com trytn.com; font-src 'self' https://trytn1.azureedge.net; form-action 'self'; frame-ancestors 'self' https://*.trytn.com; frame-src 'self' https://*.doubleclick.net https://*.facebook.com https://*.paypal.com https://*.paypalobjects.com https://ct.pinterest.com https://js.stripe.com; img-src 'self' https://*.doubleclick.net https://*.facebook.com https://*.google-analytics.com https://*.googletagmanager.com https://www.google.co.uk https://www.google.se https://www.google.nl https://www.google.fr https://www.google.ch https://www.google.com.pk https://*.paypal.com https://*.google.com https://*.paypalobjects.com https://trytn1.azureedge.net https://trytnsouthcentralus.blob.core.windows.net data:; object-src 'none'; style-src 'self'; style-src-attr 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' https://*.adroll.com https://connect.facebook.net https://*.googleadservices.com https://*.google-analytics.com https://*.googletagmanager.com https://*.doubleclick.net https://*.paypal.com https://*.paypalobjects.com https://js.monitor.azure.com https://*.stripe.com https://trytn1.azureedge.net; script-src-elem https://connect.facebook.net; worker-src 'self'; report-uri /Home/Report
x-xss-protection
1; mode=block
request-context
appId=cid-v1:62d48e65-d95f-43f6-a3f9-ab554f591924
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 12 Jun 2024 18:20:52 GMT
etag
"1dabcf541ee6b43"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=300
x-frame-options
SAMEORIGIN
accept-ranges
bytes
access-control-allow-headers
Content-Type
js
www.googletagmanager.com/gtag/ 		276 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-4SPM318608&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-95RMRTKEXF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.194.205.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qm-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
7e2e578d999a7e1f331095508e44a813ce83527a8f425563e4065c9c1cb65616
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.nyctours.us/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 15:14:25 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
97013
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 01 Jul 2024 15:14:25 GMT
default-image-1.webp
trytn1.azureedge.net/uploads/StaticAssets/ 		0
158 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://trytn1.azureedge.net/uploads/StaticAssets/default-image-1.webp
Requested by
Host: www.nyctours.us
URL: https://www.nyctours.us/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.21.81.200 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (sac/2514) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.nyctours.us/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 01 Jul 2024 15:14:25 GMT
content-md5
01RJM+W3bbFZINkOPzqZww==
age
8482036
x-cache
HIT
content-length
162008
x-ms-lease-status
unlocked
last-modified
Wed, 04 Jan 2023 14:54:37 GMT
server
ECAcc (sac/2514)
etag
0x8DAEE6399BE4ABC
content-type
image/webp
access-control-allow-origin
*
x-ms-request-id
8b94af0e-801e-000a-1ca4-7e6cb3000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
default-image-2.webp
trytn1.azureedge.net/uploads/StaticAssets/ 		0
171 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://trytn1.azureedge.net/uploads/StaticAssets/default-image-2.webp
Requested by
Host: www.nyctours.us
URL: https://www.nyctours.us/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.21.81.200 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (sac/254D) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.nyctours.us/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 01 Jul 2024 15:14:25 GMT
content-md5
4d1zN4dD+VLW3K9ElXYJZQ==
age
8561908
x-cache
HIT
content-length
175022
x-ms-lease-status
unlocked
last-modified
Wed, 04 Jan 2023 14:54:45 GMT
server
ECAcc (sac/254D)
etag
0x8DAEE639E501F25
content-type
image/webp
access-control-allow-origin
*
x-ms-request-id
43d8cd7c-901e-005a-2dea-7d73bb000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
default-image-3.webp
trytn1.azureedge.net/uploads/StaticAssets/ 		0
110 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://trytn1.azureedge.net/uploads/StaticAssets/default-image-3.webp
Requested by
Host: www.nyctours.us
URL: https://www.nyctours.us/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.21.81.200 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (sac/2509) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.nyctours.us/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 01 Jul 2024 15:14:25 GMT
content-md5
fKuh7lUjYUe7jEbgGDWjow==
age
8648502
x-cache
HIT
content-length
112654
x-ms-lease-status
unlocked
last-modified
Wed, 04 Jan 2023 14:54:54 GMT
server
ECAcc (sac/2509)
etag
0x8DAEE63A3CFDA24
content-type
image/webp
access-control-allow-origin
*
x-ms-request-id
0e112be0-601e-006d-5620-7ddf14000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
default-image-4.webp
trytn1.azureedge.net/uploads/StaticAssets/ 		0
93 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://trytn1.azureedge.net/uploads/StaticAssets/default-image-4.webp
Requested by
Host: www.nyctours.us
URL: https://www.nyctours.us/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.21.81.200 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (sac/254E) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.nyctours.us/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 01 Jul 2024 15:14:25 GMT
content-md5
CqmRmZ2nxBzLsO/RghWWOQ==
age
8654225
x-cache
HIT
content-length
94714
x-ms-lease-status
unlocked
last-modified
Wed, 04 Jan 2023 14:55:06 GMT
server
ECAcc (sac/254E)
etag
0x8DAEE63AB093931
content-type
image/webp
access-control-allow-origin
*
x-ms-request-id
7313391b-201e-0007-7513-7d83bf000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
default-image-5.webp
trytn1.azureedge.net/uploads/StaticAssets/ 		0
67 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://trytn1.azureedge.net/uploads/StaticAssets/default-image-5.webp
Requested by
Host: www.nyctours.us
URL: https://www.nyctours.us/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.21.81.200 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (sac/250E) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.nyctours.us/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 01 Jul 2024 15:14:25 GMT
content-md5
WsXDDcv+wDPin89UvMP+uw==
age
8648502
x-cache
HIT
content-length
68654
x-ms-lease-status
unlocked
last-modified
Wed, 04 Jan 2023 14:55:17 GMT
server
ECAcc (sac/250E)
etag
0x8DAEE63B185096A
content-type
image/webp
access-control-allow-origin
*
x-ms-request-id
414395b3-e01e-0077-7220-7df07b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
default-image-6.webp
trytn1.azureedge.net/uploads/StaticAssets/ 		0
68 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://trytn1.azureedge.net/uploads/StaticAssets/default-image-6.webp
Requested by
Host: www.nyctours.us
URL: https://www.nyctours.us/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.21.81.200 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (sac/254B) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.nyctours.us/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 01 Jul 2024 15:14:25 GMT
content-md5
dZyaH+X3UWK6cK0TZC18Wg==
age
8648502
x-cache
HIT
content-length
68994
x-ms-lease-status
unlocked
last-modified
Wed, 04 Jan 2023 14:55:23 GMT
server
ECAcc (sac/254B)
etag
0x8DAEE63B551D61D
content-type
image/webp
access-control-allow-origin
*
x-ms-request-id
8948279b-a01e-001d-3c20-7dacd0000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
default-image-7.webp
trytn1.azureedge.net/uploads/StaticAssets/ 		0
78 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://trytn1.azureedge.net/uploads/StaticAssets/default-image-7.webp
Requested by
Host: www.nyctours.us
URL: https://www.nyctours.us/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.21.81.200 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (sac/2534) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.nyctours.us/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 01 Jul 2024 15:14:25 GMT
content-md5
qiANcpd3ggEFjNJ2iCT3jg==
age
8567822
x-cache
HIT
content-length
79300
x-ms-lease-status
unlocked
last-modified
Wed, 04 Jan 2023 14:55:32 GMT
server
ECAcc (sac/2534)
etag
0x8DAEE63BA8D8D3D
content-type
image/webp
access-control-allow-origin
*
x-ms-request-id
687142a0-e01e-0033-3bdc-7d2c17000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
default-image-8.webp
trytn1.azureedge.net/uploads/StaticAssets/ 		0
116 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://trytn1.azureedge.net/uploads/StaticAssets/default-image-8.webp
Requested by
Host: www.nyctours.us
URL: https://www.nyctours.us/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.21.81.200 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (sac/256F) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.nyctours.us/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 01 Jul 2024 15:14:25 GMT
content-md5
DIoSaif90/VK1Yv2LmLZiA==
age
8479998
x-cache
HIT
content-length
118074
x-ms-lease-status
unlocked
last-modified
Wed, 04 Jan 2023 14:55:40 GMT
server
ECAcc (sac/256F)
etag
0x8DAEE63BF5F4791
content-type
image/webp
access-control-allow-origin
*
x-ms-request-id
ef65ab0b-701e-001f-63a9-7eae2a000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
gift-certificate.webp
trytn1.azureedge.net/uploads/StaticAssets/ 		0
89 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://trytn1.azureedge.net/uploads/StaticAssets/gift-certificate.webp
Requested by
Host: www.nyctours.us
URL: https://www.nyctours.us/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.21.81.200 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (sac/2507) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.nyctours.us/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 01 Jul 2024 15:14:25 GMT
content-md5
aRVk4pr5FyHvPt8qukZa8A==
age
8561908
x-cache
HIT
content-length
90986
x-ms-lease-status
unlocked
last-modified
Wed, 04 Jan 2023 14:58:41 GMT
server
ECAcc (sac/2507)
etag
0x8DAEE642B06B0A9
content-type
image/webp
access-control-allow-origin
*
x-ms-request-id
f3e81938-a01e-0034-11ea-7dda92000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
202306290823273857-Daytour.webp
trytn1.azureedge.net/uploads/ApplicationUser/ 		0
32 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://trytn1.azureedge.net/uploads/ApplicationUser/202306290823273857-Daytour.webp
Requested by
Host: www.nyctours.us
URL: https://www.nyctours.us/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.21.81.200 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.nyctours.us/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Mon, 01 Jul 2024 15:14:25 GMT
last-modified
Thu, 29 Jun 2023 13:23:27 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB78A40606F8D0
content-type
image/webp
access-control-allow-origin
*
x-ms-request-id
198fff1c-401e-0058-11c9-cb7141000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000, immutable
x-ms-version
2009-09-19
content-length
32602
trytn_primary_trytn_black_horizontal-200px.webp
trytn1.azureedge.net/uploads/StaticAssets/ 		0
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://trytn1.azureedge.net/uploads/StaticAssets/trytn_primary_trytn_black_horizontal-200px.webp
Requested by
Host: www.nyctours.us
URL: https://www.nyctours.us/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.21.81.200 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (sac/2528) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.nyctours.us/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 01 Jul 2024 15:14:25 GMT
content-md5
YImQn0eo1i42e4wHYt99sQ==
age
8568525
x-cache
HIT
content-length
4394
x-ms-lease-status
unlocked
last-modified
Fri, 12 Aug 2022 12:50:19 GMT
server
ECAcc (sac/2528)
etag
0x8DA7C613670C99E
content-type
image/webp
access-control-allow-origin
*
x-ms-request-id
ce24120f-d01e-0019-19db-7d5952000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=31536000, immutable
x-ms-version
2009-09-19
accept-ranges
bytes
favicon.ico
www.nyctours.us/ 		0
199 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.nyctours.us/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.208.140.250 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
250.140.208.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.nyctours.us/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 15:14:25 GMT
x-cache-enabled
True
server
nginx
content-type
text/html; charset=UTF-8
x-httpd-modphp
1
host-header
8441280b0c35cbc1147f8ba998a563a7
link
<https://www.nyctours.us/wp-json/>; rel="https://api.w.org/"
content-length
0
x-proxy-cache
HIT

Verdicts & Comments Add Verdict or Comment

106 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 undefined| event object| fence object| sharedStorage function| jQuery function| $ string| GoogleAnalyticsObject function| ga object| FH object| DIVI object| et_builder_utils_params object| et_frontend_scripts object| et_pb_custom object| et_pb_box_shadow_elements function| Waypoint function| et_pb_debounce function| et_pb_smooth_scroll function| et_pb_form_placeholders_init function| et_duplicate_menu function| et_pb_remove_placeholder_text function| et_fix_fullscreen_section function| et_bar_counters_init function| et_fix_pricing_currency_position function| et_pb_set_responsive_grid function| et_pb_set_tabs_height function| et_pb_box_shadow_apply_overlay function| et_pb_init_nav_menu function| et_pb_toggle_nav_menu function| et_pb_apply_sticky_image_effect function| et_pb_menu_inject_inline_centered_logo function| et_pb_menu_inject_item function| et_pb_reposition_menu_module_dropdowns boolean| et_load_event_fired boolean| et_is_transparent_nav boolean| et_is_vertical_nav boolean| et_is_fixed_nav boolean| et_is_minified_js boolean| et_is_minified_css boolean| et_force_width_container_change function| et_pb_init_woo_star_rating function| et_pb_wrap_woo_attribute_fields_in_span function| et_calculate_fullscreen_section_size function| et_pb_init_modules function| etFixDividerSpacing function| etInitWooReviewsRatingStars boolean| et_calculating_scroll_position boolean| et_side_nav_links_initialized object| ET_SmoothScroll function| et_calculate_header_values function| et_change_primary_nav_position function| et_fix_page_container_position function| et_pb_window_side_nav_scroll_init function| et_pb_side_nav_page_init function| et_pb_slider_init function| et_countdown_timer function| et_countdown_timer_labels function| et_pb_tabs_init function| et_pb_circle_counter_update function| et_apply_parallax function| et_parallax_set_height function| et_apply_builder_css_parallax function| et_pb_play_overlayed_video function| et_pb_resize_section_video_bg function| et_pb_center_video function| et_pb_adjust_video_margin function| et_fix_slider_height function| et_pb_submit_newsletter function| et_fix_testimonial_inner_width function| et_pb_video_background_init function| et_animate_element function| et_process_animation_data function| et_has_animation_data function| et_get_animation_classes function| et_remove_animation function| et_remove_animation_data function| et_reinit_waypoint_modules function| et_calc_fullscreen_section function| debounced_et_apply_builder_css_parallax function| et_pb_parallax_init function| et_pb_fullwidth_header_scroll function| et_pb_search_init function| et_pb_search_percentage_custom_margin_fix function| et_pb_comments_init function| et_pb_shop_add_hover_class object| __tsUtils$gblCfg object| __dynProto$Gbl function| trytnJQuery object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| _ function| trytnLodash object| globalSettings object| trytnAppInsights string| overflowDefaultValue function| gtag object| dataLayer boolean| trytn_intialized object| trytn function| flatpickr object| google_tag_manager function| onYouTubeIframeAPIReady string| et_location_hash function| et_pb_init_woo_custom_button_icon string| waypointContextKey

7 Cookies

Domain/Path Name / Value
.trytn.com/ Name: ARRAffinitySameSite
Value: 2d22b3b3e5c99e70a659ed7e538f916bee565053fd094218d36d1a812c5448e6
.nyctours.us/ Name: _ga
Value: GA1.2.1956812297.1719846864
.nyctours.us/ Name: _gid
Value: GA1.2.2117768254.1719846864
.nyctours.us/ Name: _gat
Value: 1
www.nyctours.us/ Name: ai_user
Value: IE13leDOqbso/HoW/Bbr7r|2024-07-01T15:14:24.357Z
www.nyctours.us/ Name: cartID
Value: c4324468-ec0d-4143-7a86-5a469f2162c8
www.nyctours.us/ Name: ai_session
Value: hP0Nwkc6HCzezmyNVKtY3r|1719846864674|1719846864674

5 Console Messages

Source Level URL
Text
security warning URL: https://www.nyctours.us/(Line 458)
Message:
Mixed Content: The page at 'https://www.nyctours.us/' was loaded over HTTPS, but requested an insecure element 'http://www.nyctours.us/wp-content/uploads/2015/06/New-York-City-Tours-Logo1.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://www.nyctours.us/
Message:
Mixed Content: The page at 'https://www.nyctours.us/' was loaded over HTTPS, but requested an insecure element 'http://www.nyctours.us/wp-content/uploads/2015/06/New-York-City-Tours-Logo1.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://www.nyctours.us/
Message:
Mixed Content: The page at 'https://www.nyctours.us/' was loaded over HTTPS, but requested an insecure element 'http://www.nyctours.us/wp-content/uploads/2015/06/New-York-City-Tours-Logo1.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://www.nyctours.us/
Message:
Mixed Content: The page at 'https://www.nyctours.us/' was loaded over HTTPS, but requested an insecure element 'http://www.nyctours.us/wp-content/uploads/2015/06/New-York-City-Tours-Logo1.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://www.nyctours.us/
Message:
Mixed Content: The page at 'https://www.nyctours.us/' was loaded over HTTPS, but requested an insecure element 'http://www.nyctours.us/wp-content/uploads/2015/06/New-York-City-Tours-Logo1.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fareharbor.com
fh-kit.com
fonts.googleapis.com
fonts.gstatic.com
js.monitor.azure.com
trytn.com
trytn1.azureedge.net
www.google-analytics.com
www.googletagmanager.com
www.nyctour.us
www.nyctours.us
13.107.253.38
13.84.181.47
142.251.174.95
172.67.152.205
173.194.205.97
173.194.68.113
173.194.68.94
3.33.251.168
35.208.140.250
54.183.116.64
54.215.45.200
72.21.81.200
02be8c798b1ca758b6020a2b83c8e45480c3c16031356e40dde395eb3c056033
0b72cef5f2527e1535e4c9f1e0c02d668d9e766d6d2e71a0eadfdb581a8675f8
0d8601a776b7dc777cd23bc42392d05a43df0d6402328e8913b58811083b513d
1461b17855a66d342f54b55b914c63c378036b4d102717190e45c5d65027185c
1ca76922f55b389b8f590ae7e3bcc3a2dccdce3aff1e5a4335af081b76a414ea
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1ff3e897ce4fcb72873efabed4a25425fa66cc077d358b33d88cce8b6f9b244d
27df35881f0e45e83ceda92dfe4327423756f83cc57da2012412ee7983eb37b2
3be7dc839031789da91d911aa87c82f5cb8e9310e585248a10faaebb2301a619
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
4623fbfab4943cc65d71bc3eb594084394f7aabdc3051fd2a5c5af1604320cda
462747422c6af30aa81a0373fa1cfd736455cef52bdbb816f67be9531d84eace
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
59889e29c8800a5571f20b5e4b1792174fbe10f3b5bfa70127ca0f44a20a8a9c
64ac278a67256ae70d462c23307e75416d4e5a0a060f95e124be57772ee5b43f
6551cfe215344087a5db3bd6d10fb3deffe0a7d5e589b1c9c67d763bb692698d
75079f39fe739015589a0f995f41b4c1c29d4ebac85c93a792926af09f61cc83
77fdbdf9c28d162d58cc0803d13b0feed543212e131b09221861453a3c4ad8fa
7d7dc61d054655298fa88d1bd16a272d2650e53e0b1f24f85927a2ba71ad8276
7e2e578d999a7e1f331095508e44a813ce83527a8f425563e4065c9c1cb65616
7e510e61c497d334da21eccda06df5d3a428c9ea94d6903b6138e7c7255aba0f
882d926ab981ad074ed86a835a7cfe00602f680736c1a06e5d7e457c6bc061ba
88795f28bb66a45f9c32245dd21d6319ed5d26a45bf5afa31d91a0f83ee855f7
9140c898f7007f2261286f28703b7f0aeb0f337981cedcbe86f47979e933b322
97ef78ead1696b3de0f891335fdafaab7182745edb55c1d66939f7721df6f283
98cecf88a23542fa047ce46eedb650b5c5128761ed4386c0977b847094ddfa20
9e002a6a42f9faf9b9caf08ae538fac6e43af2a737a678b949d320e334ea8698
a335d290cbcb7f29d01b95f46fe2f438c78b94fcc00aa02a0b91347d4d052373
a71c4df74f14e35fb5fe1876e3ed18e14f72e8ef364b101d4b5896ae36fbdd90
a9705dfc47c0763380d851ab1801be6f76019f6b67e40e9b873f8b4a0603f7a9
aa3684215c6bb172b34ba82b37b71e59a9c26730c28530a37faea72134c4cace
b5c51a6aa62687e6917997a7ecb161a82e21b646a0356534cc12ffb036326c5b
cb2a6faf162ea1b6a526141f808986415dc95fcee8773ff92d06d3f19444d3f3
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
ce0fba73135b78cdb43aaf2b57313570e3b98caadc21d30dcad5cc7211b839c4
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7fb8bda5039150258c0710e6019d2d244645e1f0bc66ba86f4f152e152ca4cb
e91a569fd8017a815b12e2fd5c56c8c82ea69a0cbd88e3577ad2799a68dee085
f2465dd56b65e9c0cfcd24d7911f6f3818b7933c3ab402d6909bdee6cc5d354a
f322afdaf7184e4ddd7fca589f89cdd7e2e2721dffbf8abed7cb1eca88b0915f
f35f082a51f20f87980cbcc71371ad2db6f5ba905636cb8bc6114e5b18b3f716
f854dea9de16f579d2341b3a4af6744316622b9e8850f7eac8944ab31f92896b
f946d4b3b204bfa1b930bb5037718395bdc0bb22d121a8f8eb4e1f21c9ae6f5f