wicked.tours Open in urlscan Pro
161.35.113.156 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://wicked.tours/
Submission Tags: phishingrod
Submission: On October 28 via api (October 28th 2023, 8:06:26 am UTC) from DE — Scanned from DE

Summary HTTP 105 Redirects Links 18 Behaviour Indicators

Summary

This website contacted 22 IPs in 4 countries across 17 domains to perform 105 HTTP transactions. The main IP is 161.35.113.156, located in North Bergen, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is wicked.tours.
TLS certificate: Issued by R3 on October 27th 2023. Valid for: 3 months.

This is the only time wicked.tours was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
44	161.35.113.156 161.35.113.156	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
3	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
2	151.101.194.38 151.101.194.38	54113 (FASTLY) (FASTLY)
8	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
19	2400:52e0:1e0... 2400:52e0:1e00::1080:1	200325 (BUNNYCDN) (BUNNYCDN)
2	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	18.66.112.19 18.66.112.19	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:400c:c0b::9d	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
4	2600:9000:206... 2600:9000:206f:fa00:15:c281:3500:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82f::2004	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	18.66.97.49 18.66.97.49	16509 (AMAZON-02) (AMAZON-02)
1	13.32.27.21 13.32.27.21	16509 (AMAZON-02) (AMAZON-02)
1	99.81.165.243 99.81.165.243	16509 (AMAZON-02) (AMAZON-02)
1	178.128.135.232 178.128.135.232	() ()
105	22

44 161.35.113.156 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: 624165.cloudwaysapps.com

wicked.tours	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

analytics.gondola.travel	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.194.38 (United States)

ASN54113 (FASTLY, US)

media-cdn.tripadvisor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2400:52e0:1e00::1080:1 (Germany)

ASN200325 (BUNNYCDN, SI)

a.omappapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.19 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-19.fra56.r.cloudfront.net

api.omappapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c0b::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:206f:fa00:15:c281:3500:93a1 (United States)

ASN16509 (AMAZON-02, US)

ik.imagekit.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-49.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.27.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-21.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.81.165.243 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-81-165-243.eu-west-1.compute.amazonaws.com

content.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.128.135.232 (None, )

ASN- ()

z.omappapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
44	wicked.tours wicked.tours	3 MB
21	omappapi.com a.omappapi.com — Cisco Umbrella Rank: 5303 api.omappapi.com — Cisco Umbrella Rank: 5594 z.omappapi.com	123 KB
8	googleusercontent.com lh3.googleusercontent.com — Cisco Umbrella Rank: 49	296 KB
4	imagekit.io ik.imagekit.io — Cisco Umbrella Rank: 22793	234 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 174	125 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31	2 KB
3	gondola.travel analytics.gondola.travel	3 KB
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 727 script.hotjar.com — Cisco Umbrella Rank: 901	60 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 110	216 B
2	google.de www.google.de — Cisco Umbrella Rank: 6862	515 B
2	google.com region1.analytics.google.com — Cisco Umbrella Rank: 3040 www.google.com — Cisco Umbrella Rank: 2	660 B
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 78	403 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
2	gstatic.com fonts.gstatic.com	55 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	169 KB
2	tripadvisor.com media-cdn.tripadvisor.com — Cisco Umbrella Rank: 12523	273 KB
1	hotjar.io content.hotjar.io — Cisco Umbrella Rank: 6398	161 B
105	17

	Domain	Requested by
44	wicked.tours	wicked.tours
19	a.omappapi.com	wicked.tours a.omappapi.com
8	lh3.googleusercontent.com	wicked.tours
4	ik.imagekit.io	wicked.tours
3	connect.facebook.net	wicked.tours connect.facebook.net
3	fonts.googleapis.com	wicked.tours a.omappapi.com
3	analytics.gondola.travel	wicked.tours analytics.gondola.travel
2	www.facebook.com	wicked.tours
2	www.google.de	wicked.tours
2	stats.g.doubleclick.net	www.google-analytics.com www.googletagmanager.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	fonts.gstatic.com	fonts.googleapis.com
2	www.googletagmanager.com	wicked.tours www.googletagmanager.com
2	media-cdn.tripadvisor.com	wicked.tours
1	z.omappapi.com	a.omappapi.com
1	content.hotjar.io	script.hotjar.com
1	script.hotjar.com	static.hotjar.com
1	static.hotjar.com	www.googletagmanager.com
1	www.google.com	wicked.tours
1	region1.analytics.google.com	www.googletagmanager.com
1	api.omappapi.com	a.omappapi.com
105	21

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.instagram.com
twitter.com
www.linkedin.com
www.youtube.com
wicked-tours.checkfront.com
gondola.travel

Subject Issuer	Validity	Valid
icystraitpointexcursions.com R3	`2023-10-27` - `2024-01-25`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-02-21` - `2024-02-20`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
media.tacdn.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-04-06` - `2024-04-22`	a year	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
a.omappapi.com R3	`2023-10-05` - `2024-01-03`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-08-06` - `2023-11-04`	3 months	crt.sh
api.opmnstr.com Amazon RSA 2048 M01	`2023-03-01` - `2024-02-08`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
*.imagekit.io Amazon RSA 2048 M01	`2023-02-22` - `2024-03-22`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
*.hotjar.com Amazon ECDSA 256 M01	`2023-03-09` - `2024-04-06`	a year	crt.sh
*.hotjar.io Amazon ECDSA 256 M02	`2023-03-02` - `2024-03-30`	a year	crt.sh
z.omappapi.com R3	`2023-09-03` - `2023-12-02`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://wicked.tours/
Frame ID: A22A58C320D8B1791DA0FAE24794201A
Requests: 105 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Award Winning Kelowna Wine Tours | Wicked Tours

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Flickity (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/flickity(?:\.pkgd)?(?:\.min)?\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

105
Requests

100 %
HTTPS

67 %
IPv6

17
Domains

21
Subdomains

22
IPs

4
Countries

4289 kB
Transfer

6135 kB
Size

12
Cookies

18 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/wickedwinetours

Search URL Search Domain Scan URL

URL: https://www.instagram.com/wickedwinetours

Search URL Search Domain Scan URL

URL: https://twitter.com/wickedwinetours

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/wickedtours/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/c/Wickedwinetours

Search URL Search Domain Scan URL

URL: https://wicked-tours.checkfront.com/reserve
Title: Book Now

Search URL Search Domain Scan URL

URL: https://wicked-tours.checkfront.com/reserve/?item_id=4,28
Title: Book Now

Search URL Search Domain Scan URL

URL: https://wicked-tours.checkfront.com/reserve/?item_id=42
Title: Book Now

Search URL Search Domain Scan URL

URL: https://wicked-tours.checkfront.com/reserve/?item_id=8,30
Title: Book Now

Search URL Search Domain Scan URL

URL: https://wicked-tours.checkfront.com/reserve/?item_id=5,39
Title: Book Now

Search URL Search Domain Scan URL

URL: https://wicked-tours.checkfront.com/reserve/?item_id=9,31
Title: Book Now

Search URL Search Domain Scan URL

URL: https://wicked-tours.checkfront.com/reserve/?item_id=38,32
Title: Book Now

Search URL Search Domain Scan URL

URL: https://wicked-tours.checkfront.com/reserve/?item_id=16
Title: Book Now

Search URL Search Domain Scan URL

URL: https://wicked-tours.checkfront.com/reserve/?item_id=21
Title: Book Now

Search URL Search Domain Scan URL

URL: https://wicked-tours.checkfront.com/reserve/?item_id=15
Title: Book Now

Search URL Search Domain Scan URL

URL: https://wicked-tours.checkfront.com/reserve/?category_id=10
Title: Buy Now

Search URL Search Domain Scan URL

URL: https://wicked-tours.checkfront.com/reserve/
Title: Book Now

Search URL Search Domain Scan URL

URL: https://gondola.travel/?utm_source=client&utm_medium=referral&utm_campaign=footer-refer&utm_term=wicked.tours
Title: .footer-text-color-svg{fill:#ffffff;}

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

105 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
wicked.tours/ 350 KB
39 KB 542ms
325ms Document
text/html 161.35.113.156
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://wicked.tours/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 161.35.113.156 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 624165.cloudwaysapps.com
Software: nginx /
Resource Hash: 3d873bb40a283af2f4cb7e67dd9c5592920314760032a3aa0516c0e83e0690fd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=0
content-encoding: gzip
content-length: 39771
content-type: text/html; charset=UTF-8
date: Sat, 28 Oct 2023 08:06:19 GMT
expires: Sat, 28 Oct 2023 08:06:18 GMT
link: <https://wicked.tours/wp-json/>; rel="https://api.w.org/", <https://wicked.tours/wp-json/wp/v2/pages/30>; rel="alternate"; type="application/json", <https://wicked.tours/>; rel=shortlink
server: nginx
vary: Accept-Encoding

GET
H2 200 flickity.min.css
wicked.tours/wp-content/themes/gondola-wp/lib/flickity/ 2 KB
815 B 92ms
90ms Stylesheet
text/css 161.35.113.156
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://wicked.tours/wp-content/themes/gondola-wp/lib/flickity/flickity.min.css?ver=5.8.8
Requested by: Host: wicked.tours
URL: https://wicked.tours/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 161.35.113.156 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 624165.cloudwaysapps.com
Software: nginx /
Resource Hash: 0e9008c12d77bda2b94815770d9cb95a1a1b34463208bc5170cdc9c2d3f01f7c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 08:06:19 GMT
content-encoding: gzip
last-modified: Wed, 25 Oct 2023 07:04:19 GMT
server: nginx
etag: W/"6538bdf3-706"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000

GET
H2 200 fullscreen.css
wicked.tours/wp-content/themes/gondola-wp/lib/flickity-fullscreen/ 1 KB
573 B 92ms
91ms Stylesheet
text/css 161.35.113.156
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://wicked.tours/wp-content/themes/gondola-wp/lib/flickity-fullscreen/fullscreen.css?ver=5.8.8
Requested by: Host: wicked.tours
URL: https://wicked.tours/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 161.35.113.156 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 624165.cloudwaysapps.com
Software: nginx /
Resource Hash: d4c1270f7869730d1490f7df3d4bf63e21b5baa51ebbc67c31001317d4e50dbb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 08:06:19 GMT
content-encoding: gzip
last-modified: Wed, 25 Oct 2023 07:04:19 GMT
server: nginx
etag: W/"6538bdf3-46f"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000

GET
H2 200 style.basic.css
wicked.tours/wp-content/plugins/ajax-search-lite/css/ 21 KB
4 KB 92ms
91ms Stylesheet
text/css 161.35.113.156
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://wicked.tours/wp-content/plugins/ajax-search-lite/css/style.basic.css?ver=4.10
Requested by: Host: wicked.tours
URL: https://wicked.tours/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 161.35.113.156 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 624165.cloudwaysapps.com
Software: nginx /
Resource Hash: 947e611b2cb75cb862f3802ca9d4f81cce21680d57204dfa300396e6c5526479

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 08:06:19 GMT
content-encoding: gzip
last-modified: Thu, 04 Aug 2022 13:37:29 GMT
server: nginx
etag: W/"62ebcb99-541c"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000

GET
H2 200 style-curvy-black.css
wicked.tours/wp-content/plugins/ajax-search-lite/css/ 6 KB
1 KB 94ms
93ms Stylesheet
text/css 161.35.113.156
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://wicked.tours/wp-content/plugins/ajax-search-lite/css/style-curvy-black.css?ver=4.10
Requested by: Host: wicked.tours
URL: https://wicked.tours/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 161.35.113.156 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 624165.cloudwaysapps.com
Software: nginx /
Resource Hash: 5c80505133c2b387dbe571c9b908be7e815b86ec57d1cb8de7f1b8212cb0d304

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 08:06:19 GMT
content-encoding: gzip
last-modified: Thu, 04 Aug 2022 13:37:29 GMT
server: nginx
etag: W/"62ebcb99-1927"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000

GET
H2 200 home_0864909f.css
wicked.tours/wp-content/themes/gondola-wp/dist/styles/ 182 KB
30 KB 176ms
175ms Stylesheet
text/css 161.35.113.156
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://wicked.tours/wp-content/themes/gondola-wp/dist/styles/home_0864909f.css?ver=5.8.8
Requested by: Host: wicked.tours
URL: https://wicked.tours/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 161.35.113.156 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 624165.cloudwaysapps.com
Software: nginx /
Resource Hash: 047416b8ce2c9e00998e2c12b4de373176e62dc7bd1000a4c6e5e88404622bb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 08:06:19 GMT
content-encoding: gzip
last-modified: Thu, 19 Oct 2023 08:26:01 GMT
server: nginx
etag: W/"6530e819-2d7ce"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000

GET
H2 200 gondola-custom-css.css
wicked.tours/wp-content/uploads/sites/459/gondola-custom-css/ 7 KB
1 KB 176ms
176ms Stylesheet
text/css 161.35.113.156
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://wicked.tours/wp-content/uploads/sites/459/gondola-custom-css/gondola-custom-css.css
Requested by: Host: wicked.tours
URL: https://wicked.tours/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 161.35.113.156 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 624165.cloudwaysapps.com
Software: nginx /
Resource Hash: 6c9801a204c5021a580ceab7cadfeb06694bb584f18c66a67e2c1c65854dfd5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 08:06:19 GMT
content-encoding: gzip
last-modified: Thu, 26 Oct 2023 16:06:15 GMT
server: nginx
etag: W/"653a8e77-1bb7"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000

GET
H2 200 umami.js Show response
analytics.gondola.travel/ 3 KB
2 KB 185ms
138ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.gondola.travel/umami.js

Requested by

Host: wicked.tours
URL: https://wicked.tours/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

614147a2fbc289fa4de70bb92786157cfa72044b31128f46c8f83202a4a0d675

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; img-src *; script-src 'self' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self' api.umami.is; frame-ancestors 'self';
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 08:06:19 GMT
content-security-policy: default-src 'self'; img-src *; script-src 'self' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self' api.umami.is; frame-ancestors 'self';
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=2670
x-dns-prefetch-control: on
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 10 Jan 2023 11:03:04 GMT
server: cloudflare
etag: W/"a6e-1859b59147a"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nqqcnv6eDe%2B8xPpYRw%2BT6XfWZ2Ld8Ze8hcZTx9s2u2u3X6yZBpRSoa0TlU0jes0JBxrsBhVazAwd%2FnUqtW9eTzhry9lFW5DQd2oM6CUzNaA%2FyQRCfvZvj6aSYaRfSgww1vkW4oNCHN7N6dIRZwnV7jz56eK7Tfc%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=14400
cf-ray: 81d1adc2b93d9136-FRA

GET
H2 200 css
fonts.googleapis.com/ 3 KB
1 KB 40ms
18ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans&display=swap

Requested by

Host: wicked.tours
URL: https://wicked.tours/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fa1af1cbf201b91b7b02cc4531ded17078f035ca5daec87e9767ca7edb4b3328

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 28 Oct 2023 08:06:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 28 Oct 2023 06:58:26 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 28 Oct 2023 08:06:19 GMT

GET
H2 200 WickedTours_Logo_RGB_DarkonLight-4-4.jpg.webp
wicked.tours/wp-content/uploads/sites/459/2023/08/ 5 KB
5 KB 177ms
176ms Image
image/webp 161.35.113.156
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wicked.tours/wp-content/uploads/sites/459/2023/08/WickedTours_Logo_RGB_DarkonLight-4-4.jpg.webp
Requested by: Host: wicked.tours
URL: https://wicked.tours/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 161.35.113.156 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 624165.cloudwaysapps.com
Software: nginx /
Resource Hash: 79796fbb26ba2657716333085f5f97f70907d487be8186afb6d1b3882c698a1a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 08:06:19 GMT
last-modified: Wed, 30 Aug 2023 16:19:52 GMT
server: nginx
etag: "64ef6c28-12a8"
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 4776

GET
H2 200 verify.png
wicked.tours/wp-content/themes/gondola-wp/resources/assets/images/ 4 KB
4 KB 177ms
176ms Image
image/png 161.35.113.156
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wicked.tours/wp-content/themes/gondola-wp/resources/assets/images/verify.png
Requested by: Host: wicked.tours
URL: https://wicked.tours/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 161.35.113.156 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 624165.cloudwaysapps.com
Software: nginx /
Resource Hash: b3ff07a3bed2a2caf71349a34d93f15630b6caee6ca625d8a0a45c1e021b6aac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 08:06:19 GMT
last-modified: Wed, 25 Oct 2023 07:04:19 GMT
server: nginx
etag: "6538bdf3-e20"
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 3616

GET
H2 200 default-avatar-2020-36.jpg
media-cdn.tripadvisor.com/media/photo-o/1a/f6/de/5a/ 258 KB
258 KB 51ms
9ms Image
image/jpeg 151.101.194.38
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media-cdn.tripadvisor.com/media/photo-o/1a/f6/de/5a/default-avatar-2020-36.jpg
Requested by: Host: wicked.tours
URL: https://wicked.tours/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.38 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 487b450594c9ba50688a89a870e4983b7ab69a707dd1826e9595d701710753f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 08:06:19 GMT
via: 1.1 varnish, 1.1 varnish
x-media-cdn: 1040253013
age: 2084322
x-cache: HIT, HIT
content-length: 263689
x-served-by: cache-iad-kiad7000157-IAD, cache-fra-eddf8230040-FRA
last-modified: Fri, 21 Feb 2020 20:40:03 GMT
x-timer: S1698480379.288277,VS0,VE2
etag: "1ad4c285bd1d1d9b6bb5a954431f7fa5"
x-media-cdn-cache-hits: 0
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
x-media-cdn-cache: PASS
timing-allow-origin: https://www.tripadvisor.com
x-cache-hits: 3491, 1

GET
H2 200 tripadvisor-reviews.png
wicked.tours/wp-content/themes/gondola-wp/resources/assets/images/ 46 KB
46 KB 168ms
165ms Image
image/png 161.35.113.156
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wicked.tours/wp-content/themes/gondola-wp/resources/assets/images/tripadvisor-reviews.png
Requested by: Host: wicked.tours
URL: https://wicked.tours/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 161.35.113.156 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 624165.cloudwaysapps.com
Software: nginx /
Resource Hash: f2f7a4714f97e0f2a0f5ccd6c69d169a688465d2cebeed90db670d86fe85b3d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 08:06:19 GMT
last-modified: Wed, 25 Oct 2023 07:04:19 GMT
server: nginx
etag: "6538bdf3-b773"
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 46963

GET
H2 200 ALV-UjVDTlDeHoJLXNn49ZLSTz-4RCST8olXvVWWG4AMlsIulA=s240-c-rp-mo-ba2-br100
lh3.googleusercontent.com/a-/ 86 KB
86 KB 456ms
431ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/a-/ALV-UjVDTlDeHoJLXNn49ZLSTz-4RCST8olXvVWWG4AMlsIulA=s240-c-rp-mo-ba2-br100

Requested by

Host: wicked.tours
URL: https://wicked.tours/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

875f7447920757fc576e5540f0c8b4798abfeabb22cfe616013c3c77873b2dfc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 08:06:19 GMT
x-content-type-options: nosniff
server: fife
etag: "v3c"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 87982
x-xss-protection: 0
expires: Sun, 29 Oct 2023 08:06:19 GMT

GET
H2 200 google-reviews.png
wicked.tours/wp-content/themes/gondola-wp/resources/assets/images/ 62 KB
62 KB 168ms
165ms Image
image/png 161.35.113.156
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wicked.tours/wp-content/themes/gondola-wp/resources/assets/images/google-reviews.png
Requested by: Host: wicked.tours
URL: https://wicked.tours/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 161.35.113.156 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 624165.cloudwaysapps.com
Software: nginx /
Resource Hash: 2cca9425a6cfd78413a633f610ae0c99c2406515ef867b0c65c01393df4c6e3a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 08:06:19 GMT
last-modified: Wed, 25 Oct 2023 07:04:19 GMT
server: nginx
etag: "6538bdf3-f7ba"
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 63418

GET
H2 200 ALV-UjVX-OTrn6KYKBmlR1Q-7WDPNqnGoVYLukcjqkzSukp0dDU=s240-c-rp-mo-br100
lh3.googleusercontent.com/a-/ 90 KB
90 KB 393ms
368ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/a-/ALV-UjVX-OTrn6KYKBmlR1Q-7WDPNqnGoVYLukcjqkzSukp0dDU=s240-c-rp-mo-br100

Requested by

Host: wicked.tours
URL: https://wicked.tours/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

0e0d2baa393fe916f38e48a2daf1ef6bbde420d138d2fc56199ae22d87220139

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 08:06:19 GMT
x-content-type-options: nosniff
server: fife
etag: "v3509"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 92179
x-xss-protection: 0
expires: Sun, 29 Oct 2023 08:06:19 GMT

GET
H2 200 ACg8ocIxIqMydM3uJTHyYaVcTvPXbbTwM5qyHnULl5Wtj12a=s240-c-rp-mo-br100
lh3.googleusercontent.com/a/ 7 KB
7 KB 188ms
163ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/a/ACg8ocIxIqMydM3uJTHyYaVcTvPXbbTwM5qyHnULl5Wtj12a=s240-c-rp-mo-br100

Requested by

Host: wicked.tours
URL: https://wicked.tours/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

7a5055116ad7c18af3f2b20162a07d56c0691fa8037a82aeb6dfa9adbb441e58

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 08:06:19 GMT
x-content-type-options: nosniff
server: fife
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7367
x-xss-protection: 0
expires: Sun, 29 Oct 2023 08:06:19 GMT

GET
H2 200 marion-y.jpg
media-cdn.tripadvisor.com/media/photo-s/07/57/ba/4b/ 15 KB
15 KB 27ms
7ms Image
image/jpeg 151.101.194.38
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media-cdn.tripadvisor.com/media/photo-s/07/57/ba/4b/marion-y.jpg
Requested by: Host: wicked.tours
URL: https://wicked.tours/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.38 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: ba8921e0c27b2c3392f74b1b599b684ed193b16d880466c05a2381629187cdd9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 08:06:19 GMT
via: 1.1 varnish, 1.1 varnish
x-media-cdn: 88220789
age: 733340
x-cache: HIT, HIT
content-length: 14908
x-served-by: cache-iad-kcgs7200063-IAD, cache-fra-eddf8230040-FRA
last-modified: Sat, 14 Feb 2015 16:53:34 GMT
x-timer: S1698480379.288485,VS0,VE1
etag: "e90b0645173100bbde73a4904340571b"
x-media-cdn-cache-hits: 0
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
x-media-cdn-cache: PASS
timing-allow-origin: https://www.tripadvisor.com
x-cache-hits: 6, 1

GET
H2 200 ACg8ocIOszmodhlQDXXr1uhNHK8yxVj6BP1CZt_v5x42rIBt=s240-c-rp-mo-br100
lh3.googleusercontent.com/a/ 6 KB
6 KB 234ms
209ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/a/ACg8ocIOszmodhlQDXXr1uhNHK8yxVj6BP1CZt_v5x42rIBt=s240-c-rp-mo-br100

Requested by

Host: wicked.tours
URL: https://wicked.tours/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9f319c6e2632fe1504913253a8fb6a98e4411039814eb975e7d170a90d721815

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 08:06:19 GMT
x-content-type-options: nosniff
server: fife
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5743
x-xss-protection: 0
expires: Sun, 29 Oct 2023 08:06:19 GMT

GET
H2 200 ALV-UjUBPXmRVYsYsTiXzv_fgJWediX7qjZI1B876ZIuaa8k8A=s240-c-rp-mo-br100
lh3.googleusercontent.com/a-/ 87 KB
87 KB 507ms
482ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/a-/ALV-UjUBPXmRVYsYsTiXzv_fgJWediX7qjZI1B876ZIuaa8k8A=s240-c-rp-mo-br100

Requested by

Host: wicked.tours
URL: https://wicked.tours/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

3ab54cd9a313a7e330ef31b8e5d39fb1bca7c2b985f37a6c68b5904411d3d0ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 08:06:19 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 88675
x-xss-protection: 0
server: fife
etag: "v42"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sun, 29 Oct 2023 08:06:19 GMT

GET
H2 200 ACg8ocJqLGcEHJBATKJw3QnTnduuWqhn0q4bStyna5t6u2SA4Q=s240-c-rp-mo-br100
lh3.googleusercontent.com/a/ 6 KB
6 KB 282ms
257ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/a/ACg8ocJqLGcEHJBATKJw3QnTnduuWqhn0q4bStyna5t6u2SA4Q=s240-c-rp-mo-br100

Requested by

Host: wicked.tours
URL: https://wicked.tours/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

ba70f702bd93a670e7f34c5195c5ce30dfe71ce72eeefc9a2acaad0eec3dd689

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 08:06:19 GMT
x-content-type-options: nosniff
server: fife
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: private, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6510
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ACg8ocLANZ5qSOnp7lXwOV0dqtYDTykDsnCCrQmRebjzQyzu=s240-c-rp-mo-br100
lh3.googleusercontent.com/a/ 6 KB
7 KB 151ms
150ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/a/ACg8ocLANZ5qSOnp7lXwOV0dqtYDTykDsnCCrQmRebjzQyzu=s240-c-rp-mo-br100

Requested by

Host: wicked.tours
URL: https://wicked.tours/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

0867457a9d690f06be44d101ce3cb9ed3b946446dba670d2f77b5bf0c12dda65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 08:06:19 GMT
x-content-type-options: nosniff
server: fife
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6584
x-xss-protection: 0
expires: Sun, 29 Oct 2023 08:06:19 GMT

GET
H2 200 ACg8ocIPVXkJcv8wEzl9S0zXFO7jXFsRyi-b-kaontCCOvWx=s240-c-rp-mo-br100
lh3.googleusercontent.com/a/ 7 KB
7 KB 181ms
181ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/a/ACg8ocIPVXkJcv8wEzl9S0zXFO7jXFsRyi-b-kaontCCOvWx=s240-c-rp-mo-br100

Requested by

Host: wicked.tours
URL: https://wicked.tours/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

563c970e0d2d56fdc6159cff94a28adff5654fbff0d280f1dbabcf8085942d48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 08:06:19 GMT
x-content-type-options: nosniff
server: fife
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6826
x-xss-protection: 0
expires: Sun, 29 Oct 2023 08:06:19 GMT

GET
H2 200 sh4-1.jpeg.webp
wicked.tours/wp-content/uploads/sites/459/2022/10/ 422 KB
423 KB 168ms
166ms Image
image/webp 161.35.113.156
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wicked.tours/wp-content/uploads/sites/459/2022/10/sh4-1.jpeg.webp
Requested by: Host: wicked.tours
URL: https://wicked.tours/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 161.35.113.156 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 624165.cloudwaysapps.com
Software: nginx /
Resource Hash: f17dd997533ce70ba71e1a22cefc1129190437da5cfc6484b60d5fd6da6fa98c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 08:06:19 GMT
last-modified: Tue, 28 Feb 2023 19:45:38 GMT
server: nginx
etag: "63fe59e2-69856"
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 432214

GET
H2 200 shutterstock_1120638302-540x359.jpg.webp
wicked.tours/wp-content/uploads/sites/459/2023/02/ 39 KB
39 KB 168ms
166ms Image
image/webp 161.35.113.156
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wicked.tours/wp-content/uploads/sites/459/2023/02/shutterstock_1120638302-540x359.jpg.webp
Requested by: Host: wicked.tours
URL: https://wicked.tours/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 161.35.113.156 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 624165.cloudwaysapps.com
Software: nginx /
Resource Hash: 41f5212f4270e9a2aa1c0424680c80b0c49872fa4dc59ee0c39c746c2afbfc1e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 08:06:19 GMT
last-modified: Wed, 08 Feb 2023 15:57:38 GMT
server: nginx
etag: "63e3c672-9d34"
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 40244

GET
H2 200 WickedTours_Logo_RGB_DarkonLight-4-removebg-preview-1.png.webp
wicked.tours/wp-content/uploads/sites/459/2022/11/ 8 KB
8 KB 168ms
166ms Image
image/webp 161.35.113.156
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wicked.tours/wp-content/uploads/sites/459/2022/11/WickedTours_Logo_RGB_DarkonLight-4-removebg-preview-1.png.webp
Requested by: Host: wicked.tours
URL: https://wicked.tours/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 161.35.113.156 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 624165.cloudwaysapps.com
Software: nginx /
Resource Hash: e0af33d404ac5c5f5e20b992d902ac415e3834484131bf5f2e980d9a0bff9311

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 08:06:19 GMT
last-modified: Wed, 30 Nov 2022 19:50:08 GMT
server: nginx
etag: "6387b3f0-210c"
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 8460

GET
H2 200 jquery.min.js Show response
wicked.tours/wp-content/themes/gondola-wp/lib/jquery/ 87 KB
30 KB 95ms
95ms Script
application/javascript 161.35.113.156
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://wicked.tours/wp-content/themes/gondola-wp/lib/jquery/jquery.min.js?ver=5.8.8
Requested by: Host: wicked.tours
URL: https://wicked.tours/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 161.35.113.156 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 624165.cloudwaysapps.com
Software: nginx /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 08:06:19 GMT
content-encoding: gzip
last-modified: Wed, 25 Oct 2023 07:04:19 GMT
server: nginx
etag: W/"6538bdf3-15d9d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000

GET
H2 200 jquery-migrate.min.js Show response
wicked.tours/wp-content/themes/gondola-wp/lib/jquery-migrate/ 13 KB
5 KB 168ms
166ms Script
application/javascript 161.35.113.156
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://wicked.tours/wp-content/themes/gondola-wp/lib/jquery-migrate/jquery-migrate.min.js?ver=5.8.8
Requested by: Host: wicked.tours
URL: https://wicked.tours/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 161.35.113.156 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 624165.cloudwaysapps.com
Software: nginx /
Resource Hash: 81aa619758b89d5cd2ad0a7fb00d875ab6685e69ab853f5e5247a62547e0cdb3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 08:06:19 GMT
content-encoding: gzip
last-modified: Wed, 25 Oct 2023 07:04:19 GMT
server: nginx
etag: W/"6538bdf3-349c"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000

GET
H2 200 flickity.min.js Show response
wicked.tours/wp-content/themes/gondola-wp/lib/flickity/ 56 KB
14 KB 96ms
92ms Script
application/javascript 161.35.113.156
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://wicked.tours/wp-content/themes/gondola-wp/lib/flickity/flickity.min.js?ver=5.8.8
Requested by: Host: wicked.tours
URL: https://wicked.tours/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 161.35.113.156 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 624165.cloudwaysapps.com
Software: nginx /
Resource Hash: d1f5c9696f46364e47602c9015a3a85b4ce559c54be49b5f6a16874264a30e2f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 08:06:19 GMT
content-encoding: gzip
last-modified: Wed, 25 Oct 2023 07:04:19 GMT
server: nginx
etag: W/"6538bdf3-e137"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000

GET
H2 200 fullscreen.js Show response
wicked.tours/wp-content/themes/gondola-wp/lib/flickity-fullscreen/ 5 KB
2 KB 96ms
92ms Script
application/javascript 161.35.113.156
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://wicked.tours/wp-content/themes/gondola-wp/lib/flickity-fullscreen/fullscreen.js?ver=5.8.8
Requested by: Host: wicked.tours
URL: https://wicked.tours/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 161.35.113.156 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 624165.cloudwaysapps.com
Software: nginx /
Resource Hash: f24bfd0f1b0a80c8097bca01b9d7550369b6c5aa6284ca205e64af9db180fa80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 08:06:19 GMT
content-encoding: gzip
last-modified: Wed, 25 Oct 2023 07:04:19 GMT
server: nginx
etag: W/"6538bdf3-12f2"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000

GET
H2 200 simplebar.js Show response
wicked.tours/wp-content/plugins/ajax-search-lite/js/min/external/ 36 KB
10 KB 98ms
94ms Script
application/javascript 161.35.113.156
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://wicked.tours/wp-content/plugins/ajax-search-lite/js/min/external/simplebar.js?ver=4751
Requested by: Host: wicked.tours
URL: https://wicked.tours/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 161.35.113.156 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 624165.cloudwaysapps.com
Software: nginx /
Resource Hash: 6f74cd5afbfe6fab11489dfcc70fb996ccd7b3dc935927d7402aa285d9692207

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 08:06:19 GMT
content-encoding: gzip
last-modified: Thu, 04 Aug 2022 13:37:29 GMT
server: nginx
etag: W/"62ebcb99-8e7c"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000

GET
H2 200 asl-prereq.js Show response
wicked.tours/wp-content/plugins/ajax-search-lite/js/min/plugin/optimized/ 19 KB
6 KB 98ms
94ms Script
application/javascript 161.35.113.156
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://wicked.tours/wp-content/plugins/ajax-search-lite/js/min/plugin/optimized/asl-prereq.js?ver=4751
Requested by: Host: wicked.tours
URL: https://wicked.tours/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 161.35.113.156 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 624165.cloudwaysapps.com
Software: nginx /
Resource Hash: 202ee5b585222e2c8660b175f70624ec845320e95ec306ede1e9ad6ca12ec453

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 08:06:19 GMT
content-encoding: gzip
last-modified: Thu, 04 Aug 2022 13:37:29 GMT
server: nginx
etag: W/"62ebcb99-4c8e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000

GET
H2 200 asl-core.js Show response
wicked.tours/wp-content/plugins/ajax-search-lite/js/min/plugin/optimized/ 37 KB
10 KB 99ms
95ms Script
application/javascript 161.35.113.156
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://wicked.tours/wp-content/plugins/ajax-search-lite/js/min/plugin/optimized/asl-core.js?ver=4751
Requested by: Host: wicked.tours
URL: https://wicked.tours/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 161.35.113.156 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 624165.cloudwaysapps.com
Software: nginx /
Resource Hash: 5d2daebf3aef880f90c88253bcd48338de8886ee772559966c2594fae8e14e3a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 08:06:19 GMT
content-encoding: gzip
last-modified: Thu, 04 Aug 2022 13:37:29 GMT
server: nginx
etag: W/"62ebcb99-93c5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000

GET
H2 200 asl-results-vertical.js Show response
wicked.tours/wp-content/plugins/ajax-search-lite/js/min/plugin/optimized/ 1 KB
841 B 99ms
96ms Script
application/javascript 161.35.113.156
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://wicked.tours/wp-content/plugins/ajax-search-lite/js/min/plugin/optimized/asl-results-vertical.js?ver=4751
Requested by: Host: wicked.tours
URL: https://wicked.tours/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 161.35.113.156 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 624165.cloudwaysapps.com
Software: nginx /
Resource Hash: ece88845d2c0a327f6a7957ec596d1014820fbfb62b31a13b8152a28dbd41bb5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 08:06:19 GMT
content-encoding: gzip
last-modified: Thu, 04 Aug 2022 13:37:29 GMT
server: nginx
etag: W/"62ebcb99-594"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000

GET
H2 200 asl-load.js Show response
wicked.tours/wp-content/plugins/ajax-search-lite/js/min/plugin/optimized/ 71 B
242 B 100ms
96ms Script
application/javascript 161.35.113.156
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://wicked.tours/wp-content/plugins/ajax-search-lite/js/min/plugin/optimized/asl-load.js?ver=4751
Requested by: Host: wicked.tours
URL: https://wicked.tours/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 161.35.113.156 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 624165.cloudwaysapps.com
Software: nginx /
Resource Hash: 1771aad88d0164b8f869d097851c94cc83d1a837f12fe8de39d0f309fe45f33c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 08:06:19 GMT
content-encoding: gzip
last-modified: Thu, 04 Aug 2022 13:37:29 GMT
server: nginx
etag: W/"62ebcb99-47"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000

GET
H2 200 asl-wrapper.js Show response
wicked.tours/wp-content/plugins/ajax-search-lite/js/min/plugin/optimized/ 5 KB
2 KB 100ms
96ms Script
application/javascript 161.35.113.156
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://wicked.tours/wp-content/plugins/ajax-search-lite/js/min/plugin/optimized/asl-wrapper.js?ver=4751
Requested by: Host: wicked.tours
URL: https://wicked.tours/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 161.35.113.156 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 624165.cloudwaysapps.com
Software: nginx /
Resource Hash: c2c2302b5ee2629a243e633d6b69610fd35586ccd25f9402332ee496b51ceb3e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 08:06:19 GMT
content-encoding: gzip
last-modified: Thu, 04 Aug 2022 13:37:29 GMT
server: nginx
etag: W/"62ebcb99-129d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000

GET
H2 200 home_0864909f.js Show response
wicked.tours/wp-content/themes/gondola-wp/dist/scripts/ 172 KB
53 KB 104ms
100ms Script
application/javascript 161.35.113.156
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://wicked.tours/wp-content/themes/gondola-wp/dist/scripts/home_0864909f.js?ver=5.8.8
Requested by: Host: wicked.tours
URL: https://wicked.tours/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 161.35.113.156 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 624165.cloudwaysapps.com
Software: nginx /
Resource Hash: ece889d87186517d243ef3c4b1ec7795a1b635fdd6b0a18fe6b3015223f9ec45

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 08:06:19 GMT
content-encoding: gzip
last-modified: Thu, 19 Oct 2023 08:26:01 GMT
server: nginx
etag: W/"6530e819-2aeca"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000

GET
H2 200 lazyload.min.js Show response
wicked.tours/wp-content/plugins/rocket-lazy-load/assets/js/16.1/ 8 KB
3 KB 168ms
167ms Script
application/javascript 161.35.113.156
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://wicked.tours/wp-content/plugins/rocket-lazy-load/assets/js/16.1/lazyload.min.js
Requested by: Host: wicked.tours
URL: https://wicked.tours/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 161.35.113.156 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 624165.cloudwaysapps.com
Software: nginx /
Resource Hash: 6e86a52a9858206302e32036d89907e3ac87762055e7f9c6364aec33221b3e41

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 08:06:19 GMT
content-encoding: gzip
last-modified: Tue, 10 May 2022 11:27:06 GMT
server: nginx
etag: W/"627a4c0a-1ed2"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000

GET
H2 200 css2
fonts.googleapis.com/ 5 KB
694 B 17ms
17ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat:wght@200;400;700&display=swap

Requested by

Host: wicked.tours
URL: https://wicked.tours/wp-content/themes/gondola-wp/dist/styles/home_0864909f.css?ver=5.8.8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bb99204bf1f35c6103216e140736ef19be06b3255a6ece419a6ff526ccdf63d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 28 Oct 2023 08:06:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 28 Oct 2023 08:06:19 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 28 Oct 2023 08:06:19 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 220 KB
77 KB 52ms
28ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-54TM3L

Requested by

Host: wicked.tours
URL: https://wicked.tours/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

abea82a73bd7320dd12a90292e8b0fa900c51056e8017b7604bc3896e88373ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 08:06:19 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 78844
x-xss-protection: 0
last-modified: Sat, 28 Oct 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 28 Oct 2023 08:06:19 GMT

GET
H2 200 api.min.js Show response
a.omappapi.com/app/js/ 51 KB
18 KB 47ms
6ms Script
application/javascript 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/api.min.js
Requested by: Host: wicked.tours
URL: https://wicked.tours/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1080 /
Resource Hash: a2558a61b38a7b03525f0b74a510f4483332f14059245769233ede3f66dec7e0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 08:06:19 GMT
content-encoding: br
cdn-edgestorageid: 1080
perma-cache: HIT
cdn-storageserver: DE-164
cdn-cachedat: 10/27/2023 14:19:25
cdn-pullzone: 293267
last-modified: Wed, 25 Oct 2023 17:45:57 GMT
server: BunnyCDN-DE1-1080
cdn-fileserver: 709
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"65395455-cb8d"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 77307bea4cd7876331b89f8d4db3cc5a
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 Wicked-WIne-Tours-Kelowna-150-1280x778.jpeg.webp
wicked.tours/wp-content/uploads/sites/459/2022/12/ 195 KB
195 KB 160ms
160ms Image
image/webp 161.35.113.156
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wicked.tours/wp-content/uploads/sites/459/2022/12/Wicked-WIne-Tours-Kelowna-150-1280x778.jpeg.webp
Requested by: Host: wicked.tours
URL: https://wicked.tours/wp-content/uploads/sites/459/gondola-custom-css/gondola-custom-css.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 161.35.113.156 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 624165.cloudwaysapps.com
Software: nginx /
Resource Hash: e5e3d6fdd78fb14597e2501ec74b3d5c730d13a2e6718a18a8639e43cdc9d34e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/wp-content/uploads/sites/459/gondola-custom-css/gondola-custom-css.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 08:06:19 GMT
last-modified: Thu, 26 Oct 2023 16:06:13 GMT
server: nginx
etag: "653a8e75-30a16"
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 199190

GET
H2 200 sh4.jpeg.webp
wicked.tours/wp-content/uploads/sites/459/2022/10/ 349 KB
349 KB 159ms
159ms Image
image/webp 161.35.113.156
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wicked.tours/wp-content/uploads/sites/459/2022/10/sh4.jpeg.webp
Requested by: Host: wicked.tours
URL: https://wicked.tours/wp-content/uploads/sites/459/gondola-custom-css/gondola-custom-css.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 161.35.113.156 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 624165.cloudwaysapps.com
Software: nginx /
Resource Hash: bdd6e29b3886816b933e6c994cf33b6f01d7239a484b844c676c473bc53bfc83

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/wp-content/uploads/sites/459/gondola-custom-css/gondola-custom-css.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 08:06:19 GMT
last-modified: Thu, 26 Oct 2023 16:06:15 GMT
server: nginx
etag: "653a8e77-57298"
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 357016

GET
H2 200 Wicked-WIne-Tours-Kelowna-149-scaled-e1687731432851-2000x411.jpg.webp
wicked.tours/wp-content/uploads/sites/459/2023/06/ 93 KB
93 KB 155ms
155ms Image
image/webp 161.35.113.156
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wicked.tours/wp-content/uploads/sites/459/2023/06/Wicked-WIne-Tours-Kelowna-149-scaled-e1687731432851-2000x411.jpg.webp
Requested by: Host: wicked.tours
URL: https://wicked.tours/wp-content/uploads/sites/459/gondola-custom-css/gondola-custom-css.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 161.35.113.156 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 624165.cloudwaysapps.com
Software: nginx /
Resource Hash: a46da94dfac27524612777c4490056d31db2b35c757b6da2b82537602ea3a022

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/wp-content/uploads/sites/459/gondola-custom-css/gondola-custom-css.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 08:06:19 GMT
last-modified: Thu, 26 Oct 2023 16:06:15 GMT
server: nginx
etag: "653a8e77-173d8"
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 95192

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 32 KB
33 KB 30ms
8ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@200;400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://wicked.tours
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 18:19:05 GMT
x-content-type-options: nosniff
age: 136034
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33092
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 25 Oct 2024 18:19:05 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 279 KB
92 KB 26ms
25ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-G2TMJJ58WS&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-54TM3L

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

29b9d26d9f4e94dd7a64a030ce363c1eeb54bc301a4d1598940fe2f020619d54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 08:06:19 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 94019
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 28 Oct 2023 08:06:19 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 28ms
8ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-54TM3L

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 28 Oct 2023 07:51:32 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 887
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sat, 28 Oct 2023 09:51:32 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 202 KB
54 KB 22ms
7ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: wicked.tours
URL: https://wicked.tours/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

da88b5aaa98c29a87e083a9edc66b83263a994d39634d80696eaf0532485c142

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 28 Oct 2023 08:06:19 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54253
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: FSb86ibzQcTO4/Zes+oQBwW0VCDhDZKlkIFQOw6mTvc8FsPCPzGpG3IjvgJxOlNWrdzzHXCbqZc4mSwoAUHNdQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 api.min.css
a.omappapi.com/app/js/ 10 KB
3 KB 15ms
14ms Stylesheet
text/css 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/api.min.css
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1080 /
Resource Hash: 9c80b2722f72540a8210e5f5a4c46a118422c79608489a796a0af3e204db45f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 08:06:19 GMT
content-encoding: br
cdn-edgestorageid: 1082
perma-cache: HIT
cdn-storageserver: DE-51
cdn-cachedat: 10/27/2023 14:19:24
cdn-pullzone: 293267
last-modified: Wed, 25 Oct 2023 17:46:53 GMT
server: BunnyCDN-DE1-1080
cdn-fileserver: 709
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"6539548d-2644"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: d19fee7aa1ebd3cda01b26a5c541afc6
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 282505 Show response
api.omappapi.com/v2/embed/ 4 KB
2 KB 188ms
144ms XHR
application/json 18.66.112.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.omappapi.com/v2/embed/282505?d=wicked.tours
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-19.fra56.r.cloudfront.net
Software: Pagely Gateway/1.5.1 /
Resource Hash: 972b80cd953a2bb255edd4f53fdc208a247f01aee61e14971093ac28250eab39

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 08:06:19 GMT
content-encoding: gzip
via: 1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
x-cache-config: 0 0
x-amz-cf-pop: FRA56-P5
x-cache-status: MISS
x-cache: Miss from cloudfront
x-optinmonster-account: 300415
x-user-agent: standard--
last-modified: Tue, 29 Aug 2023 17:28:44 GMT
server: Pagely Gateway/1.5.1
etag: W/"c8166eb93c26a64503e5de0f9f4965d4"
vary: Accept-Encoding, User-Agent
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: X-OptinMonster-Account, X-User-Agent
cache-control: public, max-age=30, stale-while-revalidate=1800
access-control-allow-headers: X-CSRF-Token
x-amz-cf-id: kqYl5Uwnb-eiUM8Tg5n4P_lXVh2cJ2uEwuc4XYS12RC46qT_XGIXeA==
expires: Sat, 28 Oct 2023 08:06:49 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
206 B 14ms
13ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=938067359&t=pageview&_s=1&dl=https%3A%2F%2Fwicked.tours%2F&ul=en-us&de=UTF-8&dt=Award%20Winning%20Kelowna%20Wine%20Tours%20%7C%20Wicked%20Tours&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAiEABBAAAACAAIC~&jid=1712139795&gjid=1837179421&cid=1858828170.1698480379&tid=UA-11247999-2&_gid=379447954.1698480379&_slc=1&gtm=45He3ap0n7154TM3Lv6845581&gcd=11l1l1l1l1&z=854745394

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://wicked.tours/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 28 Oct 2023 08:06:19 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://wicked.tours
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
347 B 191ms
26ms XHR
text/plain 2a00:1450:400c:c0b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-11247999-2&cid=1858828170.1698480379&jid=1712139795&gjid=1837179421&_gid=379447954.1698480379&_u=YGBAiEABBAAAAGAAIC~&z=1199565465

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0b::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://wicked.tours/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 28 Oct 2023 08:06:19 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://wicked.tours
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 585564213285457 Show response
connect.facebook.net/signals/config/ 139 KB
36 KB 204ms
203ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/585564213285457?v=2.9.136&r=stable&domain=wicked.tours

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4374501061082dcbc96c41d57944d715334327b1288b679ccbc6bd8788f7da4a

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 28 Oct 2023 08:06:19 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: dfER5Qx4iduViOtkBL/8HNqVan+ckHTP09bWg/XArlEmVPe1ulrat3AkBh58hJGusAXll3vF2KIlB5Ab1x8qew==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
252 B 103ms
15ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-G2TMJJ58WS&gtm=45je3ap0v898572988z86845581&_p=938067359&_gaz=1&gcd=11l1l1l1l1&cid=1858828170.1698480379&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=1&sid=1698480379&sct=1&seg=0&dl=https%3A%2F%2Fwicked.tours%2F&dt=Award%20Winning%20Kelowna%20Wine%20Tours%20%7C%20Wicked%20Tours&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-G2TMJJ58WS&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 28 Oct 2023 08:06:19 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://wicked.tours
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
56 B 114ms
26ms Ping
text/plain 2a00:1450:400c:c0b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-G2TMJJ58WS&cid=1858828170.1698480379&gtm=45je3ap0v898572988z86845581&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-G2TMJJ58WS&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0b::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 28 Oct 2023 08:06:19 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://wicked.tours
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 105ms
18ms Image
image/gif 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-G2TMJJ58WS&cid=1858828170.1698480379&gtm=45je3ap0v898572988z86845581&aip=1&z=148877397

Requested by

Host: wicked.tours
URL: https://wicked.tours/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 28 Oct 2023 08:06:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 categories Show response
wicked.tours/wp-json/wp/v2/ 5 KB
2 KB 235ms
235ms XHR
application/json 161.35.113.156
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://wicked.tours/wp-json/wp/v2/categories

Requested by

Host: wicked.tours
URL: https://wicked.tours/wp-content/themes/gondola-wp/lib/jquery/jquery.min.js?ver=5.8.8

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

161.35.113.156 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

624165.cloudwaysapps.com

Software

nginx /

Resource Hash

da79bf82e83c251f1c37d7b60ea9489c7584fa50ae379b9ddbd95d8317aad109

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://wicked.tours/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 08:06:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-length: 1717
x-wp-doingitwrong: register_rest_route (since 5.5.0; The REST API route definition for <code>wp/v2/sites/delete/?(?P<blog_id>\d+)?</code> is missing the required <code>permission_callback</code> argument. For REST API routes that are intended to be public, use <code>__return_true</code> as the permission callback.)
server: nginx
x-wp-totalpages: 1
allow: GET
vary: Origin,Accept-Encoding
content-type: application/json; charset=UTF-8
access-control-expose-headers: X-WP-Total, X-WP-TotalPages, Link
cache-control: max-age=0
x-wp-total: 3
x-robots-tag: noindex
link: <https://wicked.tours/wp-json/>; rel="https://api.w.org/"
access-control-allow-headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
expires: Sat, 28 Oct 2023 08:06:19 GMT

GET
H2 200 5.c3191d3c.min.js Show response
a.omappapi.com/app/js/ 16 KB
6 KB 7ms
7ms Script
application/javascript 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/5.c3191d3c.min.js
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1080 /
Resource Hash: 745b79544835c8ee16198c039bdde0b6ec42333c0f830df5770bd4dcd60a6ac6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 08:06:19 GMT
content-encoding: br
cdn-edgestorageid: 1081
perma-cache: HIT
cdn-storageserver: DE-663
cdn-cachedat: 10/27/2023 14:19:24
cdn-pullzone: 293267
last-modified: Wed, 25 Oct 2023 17:45:58 GMT
server: BunnyCDN-DE1-1080
cdn-fileserver: 709
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"65395456-4146"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 128058c7e69f60d0f683f4f4d030de3b
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 OWFS-128x40.png.webp
wicked.tours/wp-content/uploads/sites/459/2023/02/ 3 KB
4 KB 96ms
93ms Image
image/webp 161.35.113.156
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wicked.tours/wp-content/uploads/sites/459/2023/02/OWFS-128x40.png.webp
Requested by: Host: wicked.tours
URL: https://wicked.tours/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 161.35.113.156 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 624165.cloudwaysapps.com
Software: nginx /
Resource Hash: 91c88ba09686f1391fe968314a39a50749c546da6bd6cdadd20bcdc2026bef86

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 08:06:19 GMT
last-modified: Wed, 08 Feb 2023 19:00:21 GMT
server: nginx
etag: "63e3f145-de8"
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 3560

GET
H2 200 rsw_363h_200cg_true-128x71.webp
wicked.tours/wp-content/uploads/sites/459/2022/10/ 3 KB
3 KB 97ms
93ms Image
image/webp 161.35.113.156
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wicked.tours/wp-content/uploads/sites/459/2022/10/rsw_363h_200cg_true-128x71.webp
Requested by: Host: wicked.tours
URL: https://wicked.tours/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 161.35.113.156 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 624165.cloudwaysapps.com
Software: nginx /
Resource Hash: 6efab6d334551dc2f787603f093acf40abb37df4219d78aa53c02c71c917e9fa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 08:06:19 GMT
last-modified: Fri, 21 Oct 2022 14:25:19 GMT
server: nginx
etag: "6352abcf-a4a"
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 2634

GET
H2 200 rsw_297h_200cg_true-128x86.webp
wicked.tours/wp-content/uploads/sites/459/2022/10/ 3 KB
3 KB 97ms
94ms Image
image/webp 161.35.113.156
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wicked.tours/wp-content/uploads/sites/459/2022/10/rsw_297h_200cg_true-128x86.webp
Requested by: Host: wicked.tours
URL: https://wicked.tours/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 161.35.113.156 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 624165.cloudwaysapps.com
Software: nginx /
Resource Hash: c212941bd3343394223cad357d82517cf533e8cd0d0ca8f211bfa0d990f38952

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 08:06:19 GMT
last-modified: Fri, 21 Oct 2022 14:25:44 GMT
server: nginx
etag: "6352abe8-ab8"
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 2744

GET
H2 200 TIABC-removebg-preview-e1669838183572-128x31.png.webp
wicked.tours/wp-content/uploads/sites/459/2022/11/ 3 KB
3 KB 97ms
94ms Image
image/webp 161.35.113.156
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wicked.tours/wp-content/uploads/sites/459/2022/11/TIABC-removebg-preview-e1669838183572-128x31.png.webp
Requested by: Host: wicked.tours
URL: https://wicked.tours/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 161.35.113.156 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 624165.cloudwaysapps.com
Software: nginx /
Resource Hash: 5108d0adbc43671f8d004a74b15ae5c567291feb89ff81c0fe4cab24ed7a19f9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 08:06:19 GMT
last-modified: Wed, 30 Nov 2022 21:31:17 GMT
server: nginx
etag: "6387cba5-c34"
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 3124

GET
H2 200 rsw_436h_200cg_true-128x59.webp
wicked.tours/wp-content/uploads/sites/459/2022/10/ 2 KB
3 KB 97ms
95ms Image
image/webp 161.35.113.156
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wicked.tours/wp-content/uploads/sites/459/2022/10/rsw_436h_200cg_true-128x59.webp
Requested by: Host: wicked.tours
URL: https://wicked.tours/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 161.35.113.156 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 624165.cloudwaysapps.com
Software: nginx /
Resource Hash: 19dc97be99f367c5d9f9af51571bc1f698d1673f754a39f1b14cf268682cb004

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 08:06:19 GMT
last-modified: Fri, 21 Oct 2022 14:26:13 GMT
server: nginx
etag: "6352ac05-9ae"
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 2478

GET
H2 200 rsw_575h_178cg_true-128x40.webp
wicked.tours/wp-content/uploads/sites/459/2022/10/ 3 KB
3 KB 98ms
95ms Image
image/webp 161.35.113.156
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wicked.tours/wp-content/uploads/sites/459/2022/10/rsw_575h_178cg_true-128x40.webp
Requested by: Host: wicked.tours
URL: https://wicked.tours/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 161.35.113.156 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 624165.cloudwaysapps.com
Software: nginx /
Resource Hash: f4230ced8d4264c7d87c89dd662ed160243569667d5d1fc586b94d65fb771618

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 08:06:19 GMT
last-modified: Fri, 21 Oct 2022 14:26:38 GMT
server: nginx
etag: "6352ac1e-c28"
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 3112

GET
H2 200 5-Star-Reviews-on-Facebook-128x71.png.webp
wicked.tours/wp-content/uploads/sites/459/2023/02/ 4 KB
4 KB 98ms
96ms Image
image/webp 161.35.113.156
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wicked.tours/wp-content/uploads/sites/459/2023/02/5-Star-Reviews-on-Facebook-128x71.png.webp
Requested by: Host: wicked.tours
URL: https://wicked.tours/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 161.35.113.156 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 624165.cloudwaysapps.com
Software: nginx /
Resource Hash: aac4ba6b7203c941d7d21fecf64d5753c3a291671e8da7de1dbddda459aaf722

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 08:06:19 GMT
last-modified: Wed, 08 Feb 2023 19:01:48 GMT
server: nginx
etag: "63e3f19c-10e6"
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 4326

GET
H2 200 sh4-1-768x768.jpeg.webp
wicked.tours/wp-content/uploads/sites/459/2022/10/ 151 KB
151 KB 99ms
96ms Image
image/webp 161.35.113.156
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wicked.tours/wp-content/uploads/sites/459/2022/10/sh4-1-768x768.jpeg.webp
Requested by: Host: wicked.tours
URL: https://wicked.tours/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 161.35.113.156 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 624165.cloudwaysapps.com
Software: nginx /
Resource Hash: af3f31a029322f6e117b17fde89adbebdfb3bbfbe2361d36cd385ac615fc6c63

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 08:06:19 GMT
last-modified: Tue, 28 Feb 2023 19:45:31 GMT
server: nginx
etag: "63fe59db-25bec"
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 154604

GET
H2 200 Wicked-WIne-Tours-Kelowna-43.jpeg.webp
wicked.tours/wp-content/uploads/sites/459/2023/02/ 81 KB
81 KB 100ms
98ms Image
image/webp 161.35.113.156
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wicked.tours/wp-content/uploads/sites/459/2023/02/Wicked-WIne-Tours-Kelowna-43.jpeg.webp
Requested by: Host: wicked.tours
URL: https://wicked.tours/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 161.35.113.156 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 624165.cloudwaysapps.com
Software: nginx /
Resource Hash: fd4efe40acd43d619b031d46c98f308eea7ad54931e554b0ea85506bcf0c81bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 08:06:19 GMT
last-modified: Sun, 12 Feb 2023 05:46:01 GMT
server: nginx
etag: "63e87d19-142da"
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 82650

GET
H2 200 Wicked-WIne-Tours-Kelowna-117-1.jpeg.webp
wicked.tours/wp-content/uploads/sites/459/2023/02/ 77 KB
77 KB 101ms
98ms Image
image/webp 161.35.113.156
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wicked.tours/wp-content/uploads/sites/459/2023/02/Wicked-WIne-Tours-Kelowna-117-1.jpeg.webp
Requested by: Host: wicked.tours
URL: https://wicked.tours/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 161.35.113.156 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 624165.cloudwaysapps.com
Software: nginx /
Resource Hash: e307d892526152a8e7af856c927e54c6857499da2ab1f35e40891f5b56374b37

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 08:06:19 GMT
last-modified: Sun, 12 Feb 2023 05:46:51 GMT
server: nginx
etag: "63e87d4b-134c2"
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 79042

GET
H2 200 sh3-768x512.jpeg.webp
wicked.tours/wp-content/uploads/sites/459/2022/10/ 45 KB
45 KB 101ms
99ms Image
image/webp 161.35.113.156
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wicked.tours/wp-content/uploads/sites/459/2022/10/sh3-768x512.jpeg.webp
Requested by: Host: wicked.tours
URL: https://wicked.tours/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 161.35.113.156 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 624165.cloudwaysapps.com
Software: nginx /
Resource Hash: ca83f5237bc6b98ceab569a5709e871834ffb1ac43c6ca3800d099d3b188f2e3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 08:06:19 GMT
last-modified: Fri, 21 Oct 2022 16:12:39 GMT
server: nginx
etag: "6352c4f7-b448"
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 46152

GET
H2 200 the_view_winery_kelowna_f14f2ed801.jpg
ik.imagekit.io/gondolatravel/uploads/ 50 KB
50 KB 57ms
20ms Image
image/webp 2600:9000:206f:fa00:15:c281:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ik.imagekit.io/gondolatravel/uploads/the_view_winery_kelowna_f14f2ed801.jpg?tr=w-708,h-386,c-maintain_ratio,f-auto
Requested by: Host: wicked.tours
URL: https://wicked.tours/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:fa00:15:c281:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: b3f40cc249c507ec26e8bbf192f73afc6cf1f4293b6db3f77ae9b64bdcc1773f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 17:58:05 GMT
via: 1.1 a300dbfb49a2eb50edb83038642c9f82.cloudfront.net (CloudFront), 1.1 14b10bd09a0531ef477d0a404ca26900.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
age: 742094
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 50690
x-request-id: 5d9b6519-bdec-4727-b35b-c5c0dc21116a
last-modified: Tue, 17 Oct 2023 05:05:01 GMT
etag: "6b18b7d54ec4a0df6ade067e763a0d54"
vary: Accept
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: public, s-maxage=15552000, max-age=15552000, must-revalidate
x-server: ImageKit.io
timing-allow-origin: *
access-control-allow-headers: *
x-amz-cf-id: TXEtHMIJ79NKnS7UQkdWSXiPAJzb6pX4R5E4y5QmRzEo_bBCjbtLbg==

GET
H2 200 wickedwinetours_lightupthevines_a5829817d3.jpg
ik.imagekit.io/gondolatravel/uploads/ 55 KB
55 KB 60ms
24ms Image
image/webp 2600:9000:206f:fa00:15:c281:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ik.imagekit.io/gondolatravel/uploads/wickedwinetours_lightupthevines_a5829817d3.jpg?tr=w-708,h-386,c-maintain_ratio,f-auto
Requested by: Host: wicked.tours
URL: https://wicked.tours/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:fa00:15:c281:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 14297d759d60f36a72f5da973d86ff5d8412a6e2df9bd012dec3a16af617ae21

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 14:39:51 GMT
via: 1.1 75a13c74495137fb5435dc4030981df6.cloudfront.net (CloudFront), 1.1 14b10bd09a0531ef477d0a404ca26900.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
age: 667588
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 55862
x-request-id: 871e13f1-c0be-475b-9e39-fdb6b49bf3a8
etag: W/"da36-pdKI92QXvUbLqjUDU1DWn5Q+xig"
vary: Accept
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: public, s-maxage=15552000, max-age=15552000, must-revalidate
x-server: ImageKit.io
timing-allow-origin: *
access-control-allow-headers: *
x-amz-cf-id: xEkv6cksbijjJawpupwCly_13M9kB16hM-fwMNG4B8mkQMKJgGd7-Q==

GET
H2 200 wicked_wine_tours_west_kelowna_seller_7dd3bbf8e2.png
ik.imagekit.io/gondolatravel/uploads/ 57 KB
57 KB 47ms
10ms Image
image/webp 2600:9000:206f:fa00:15:c281:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ik.imagekit.io/gondolatravel/uploads/wicked_wine_tours_west_kelowna_seller_7dd3bbf8e2.png?tr=w-708,h-386,c-maintain_ratio,f-auto
Requested by: Host: wicked.tours
URL: https://wicked.tours/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:fa00:15:c281:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: bc3918667ec7b4d9ea186a765913f8fdc285a27d243e5ecaf21e94d0d040b280

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 17:58:04 GMT
via: 1.1 6b17c6258978715ba0681e1d5589502c.cloudfront.net (CloudFront), 1.1 14b10bd09a0531ef477d0a404ca26900.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
age: 742095
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 58000
x-request-id: e22666c8-5ce0-48c3-92a1-5508e124ca0c
last-modified: Thu, 05 Oct 2023 13:35:38 GMT
etag: "7466e17db71db87c8bc439ded9a3ba4a"
vary: Accept
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: public, s-maxage=15552000, max-age=15552000, must-revalidate
x-server: ImageKit.io
timing-allow-origin: *
access-control-allow-headers: *
x-amz-cf-id: cEb2Wi_SEiI71-Hduh-iUZNFyKn4Z7eENsSGv96JAdEMW0ODaUyIFQ==

GET
H2 200 wicked_tours_lake_country_seller_45ec862409.png
ik.imagekit.io/gondolatravel/uploads/ 70 KB
71 KB 58ms
21ms Image
image/webp 2600:9000:206f:fa00:15:c281:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ik.imagekit.io/gondolatravel/uploads/wicked_tours_lake_country_seller_45ec862409.png?tr=w-708,h-386,c-maintain_ratio,f-auto
Requested by: Host: wicked.tours
URL: https://wicked.tours/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:fa00:15:c281:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8ec9cc6f675126d6056d17b9cf75658eda4c57a6e135f8e992c1f927a4aea41f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 17:58:04 GMT
via: 1.1 490f651effcacfa7d80143d3047d794e.cloudfront.net (CloudFront), 1.1 14b10bd09a0531ef477d0a404ca26900.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
age: 742095
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 72178
x-request-id: 918b272a-bb68-4796-9096-fb8effa5195d
last-modified: Tue, 03 Oct 2023 14:29:07 GMT
etag: "bfb8b8c8e453793536ab44292fbe75ea"
vary: Accept
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: public, s-maxage=15552000, max-age=15552000, must-revalidate
x-server: ImageKit.io
timing-allow-origin: *
access-control-allow-headers: *
x-amz-cf-id: qUs-_Wdrvn8t80Bc86Geiw1QlM-P1DOWWVytocglsyFxprrwSnnuZA==

GET
H2 200 Wicked-WIne-Tours-Kelowna-43.jpeg
wicked.tours/wp-content/uploads/sites/459/2023/02/ 444 KB
444 KB 93ms
91ms Image
image/jpeg 161.35.113.156
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wicked.tours/wp-content/uploads/sites/459/2023/02/Wicked-WIne-Tours-Kelowna-43.jpeg
Requested by: Host: wicked.tours
URL: https://wicked.tours/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 161.35.113.156 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 624165.cloudwaysapps.com
Software: nginx /
Resource Hash: 95223abdb937d7365d19dd9619a22e265450cc09de74c369489763f711d20cfe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 08:06:19 GMT
last-modified: Sun, 12 Feb 2023 05:45:38 GMT
server: nginx
etag: "63e87d02-6ee07"
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 454151

GET
H2 200 Wicked-WIne-Tours-Kelowna-117-1.jpeg
wicked.tours/wp-content/uploads/sites/459/2023/02/ 475 KB
476 KB 98ms
96ms Image
image/jpeg 161.35.113.156
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wicked.tours/wp-content/uploads/sites/459/2023/02/Wicked-WIne-Tours-Kelowna-117-1.jpeg
Requested by: Host: wicked.tours
URL: https://wicked.tours/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 161.35.113.156 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 624165.cloudwaysapps.com
Software: nginx /
Resource Hash: b8e5412a78d02cc5ed796b66b81974eb87ad2d4c9205c099e1ed01bed5127af0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 08:06:19 GMT
last-modified: Sun, 12 Feb 2023 05:46:28 GMT
server: nginx
etag: "63e87d34-76ca8"
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 486568

GET
H2 200 sh3.jpeg
wicked.tours/wp-content/uploads/sites/459/2022/10/ 190 KB
191 KB 193ms
191ms Image
image/jpeg 161.35.113.156
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wicked.tours/wp-content/uploads/sites/459/2022/10/sh3.jpeg
Requested by: Host: wicked.tours
URL: https://wicked.tours/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 161.35.113.156 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 624165.cloudwaysapps.com
Software: nginx /
Resource Hash: b88dd4ec6fc8397ecf32fbb4fdd2c8ba1c2ad30dc6db282706c99506bc3cf53b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 08:06:19 GMT
last-modified: Fri, 21 Oct 2022 16:12:09 GMT
server: nginx
etag: "6352c4d9-2f8c1"
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 194753

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 46ms
18ms Image
image/gif 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-11247999-2&cid=1858828170.1698480379&jid=1712139795&_u=YGBAiEABBAAAAGAAIC~&z=169986370

Requested by

Host: wicked.tours
URL: https://wicked.tours/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 28 Oct 2023 08:06:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 18ms
17ms Image
image/gif 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-11247999-2&cid=1858828170.1698480379&jid=1712139795&_u=YGBAiEABBAAAAGAAIC~&z=169986370

Requested by

Host: wicked.tours
URL: https://wicked.tours/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 28 Oct 2023 08:06:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 4.9fadcc45.min.js Show response
a.omappapi.com/app/js/ 48 KB
14 KB 7ms
6ms Script
application/javascript 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/4.9fadcc45.min.js
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1080 /
Resource Hash: 3ef53fe96a6c2eaa12eecf27c0130e51e0a1de0b1aff6da0a1cd47f89e2e7056

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 08:06:19 GMT
content-encoding: br
cdn-edgestorageid: 1080
perma-cache: HIT
cdn-storageserver: DE-382
cdn-cachedat: 10/27/2023 14:19:25
cdn-pullzone: 293267
last-modified: Wed, 25 Oct 2023 17:45:59 GMT
server: BunnyCDN-DE1-1080
cdn-fileserver: 709
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"65395457-bfa2"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 8cf491332dabc9f8952109f3a868793f
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 20.1d4b97e9.min.js Show response
a.omappapi.com/app/js/ 4 KB
2 KB 7ms
7ms Script
application/javascript 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/20.1d4b97e9.min.js
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1080 /
Resource Hash: e1b149f9dffc3130750034a65c4a1d2cbefe7ffcef67fcb368f292a065aabeef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 08:06:19 GMT
content-encoding: br
cdn-edgestorageid: 1082
perma-cache: HIT
cdn-storageserver: DE-383
cdn-cachedat: 10/27/2023 14:19:24
cdn-pullzone: 293267
last-modified: Mon, 18 Sep 2023 16:47:38 GMT
server: BunnyCDN-DE1-1080
cdn-fileserver: 587
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"65087f2a-1062"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 5ed9868309251b28ff469b28af78f83d
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 19.b93023b7.min.js Show response
a.omappapi.com/app/js/ 4 KB
3 KB 10ms
8ms Script
application/javascript 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/19.b93023b7.min.js
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1080 /
Resource Hash: 263c3a799ea39e2db3c3347bab23a9f98990d9d9633d2d8b833d8766c3dc2b36

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 08:06:19 GMT
content-encoding: br
cdn-edgestorageid: 1080
perma-cache: HIT
cdn-storageserver: DE-679
cdn-cachedat: 10/27/2023 14:19:24
cdn-pullzone: 293267
last-modified: Mon, 18 Sep 2023 16:47:40 GMT
server: BunnyCDN-DE1-1080
cdn-fileserver: 587
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"65087f2c-10b0"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: c91cd1739801e1025dbae01ea0c630c8
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 27.78393e5b.min.js Show response
a.omappapi.com/app/js/ 6 KB
3 KB 8ms
6ms Script
application/javascript 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/27.78393e5b.min.js
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1080 /
Resource Hash: 5405f21fd05a73a76a85b2021b366df4dcd00dd93ad956d671776622ea5e1ffc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 08:06:19 GMT
content-encoding: br
cdn-edgestorageid: 1081
perma-cache: HIT
cdn-storageserver: DE-165
cdn-cachedat: 10/27/2023 14:19:24
cdn-pullzone: 293267
last-modified: Mon, 18 Sep 2023 16:47:43 GMT
server: BunnyCDN-DE1-1080
cdn-fileserver: 587
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"65087f2f-1973"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: ebd829ee8b1ca9d60011f8f285de3d9c
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 32.b9065693.min.js Show response
a.omappapi.com/app/js/ 11 KB
5 KB 8ms
5ms Script
application/javascript 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/32.b9065693.min.js
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1080 /
Resource Hash: 978277c7385002bbd8eca4f51d7bdac7424ef8c6d267066e36b018b25bf88f7a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 08:06:19 GMT
content-encoding: br
cdn-edgestorageid: 1080
perma-cache: HIT
cdn-storageserver: DE-587
cdn-cachedat: 10/27/2023 14:19:24
cdn-pullzone: 293267
last-modified: Mon, 18 Sep 2023 16:47:33 GMT
server: BunnyCDN-DE1-1080
cdn-fileserver: 587
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"65087f25-2c41"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 8ac680062cd92795770b967b85310995
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 10.b79553e4.min.js Show response
a.omappapi.com/app/js/ 33 KB
10 KB 11ms
9ms Script
application/javascript 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/10.b79553e4.min.js
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1080 /
Resource Hash: a1caa428e93b63e721ce55cff36f1c31825b8b4d5562e4b0b29b9a842df7f284

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 08:06:19 GMT
content-encoding: br
cdn-edgestorageid: 1080
perma-cache: HIT
cdn-storageserver: DE-588
cdn-cachedat: 10/27/2023 14:19:24
cdn-pullzone: 293267
last-modified: Wed, 25 Oct 2023 17:45:59 GMT
server: BunnyCDN-DE1-1080
cdn-fileserver: 709
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"65395457-8263"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: e27fe05574d9e7664ad529dcc5687326
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 0.514c5def.min.js Show response
a.omappapi.com/app/js/ 7 KB
3 KB 8ms
6ms Script
application/javascript 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/0.514c5def.min.js
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1080 /
Resource Hash: a0746aee5a2b0032d3d664b8383d97bb3e1f0dce11ececfa1258072a704b1a72

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 08:06:19 GMT
content-encoding: br
cdn-edgestorageid: 1081
perma-cache: HIT
cdn-storageserver: DE-167
cdn-cachedat: 10/27/2023 14:19:24
cdn-pullzone: 293267
last-modified: Mon, 18 Sep 2023 16:47:37 GMT
server: BunnyCDN-DE1-1080
cdn-fileserver: 383
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"65087f29-1d49"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 4ca3214b74989b9f89cc83bed8cf1dd7
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 9.c66ab701.min.js Show response
a.omappapi.com/app/js/ 2 KB
2 KB 9ms
7ms Script
application/javascript 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/9.c66ab701.min.js
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1080 /
Resource Hash: 8ad9a6bcdc20b0bb29576b861332e7b11719bd11af68024d7676724574070f05

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 08:06:19 GMT
content-encoding: br
cdn-edgestorageid: 1080
perma-cache: HIT
cdn-storageserver: DE-677
cdn-cachedat: 10/27/2023 14:19:24
cdn-pullzone: 293267
last-modified: Mon, 18 Sep 2023 18:28:00 GMT
server: BunnyCDN-DE1-1080
cdn-fileserver: 599
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"650896b0-879"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 224138816fbb7929e7391b486b665a6e
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 11.38e902ad.min.js Show response
a.omappapi.com/app/js/ 3 KB
2 KB 10ms
8ms Script
application/javascript 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/11.38e902ad.min.js
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1080 /
Resource Hash: c110d3e795d9bcb956d5c9ef500d23c7e480a259519d383d5c626293ee413815

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 08:06:19 GMT
content-encoding: br
cdn-edgestorageid: 1081
perma-cache: HIT
cdn-storageserver: DE-677
cdn-cachedat: 10/27/2023 14:19:24
cdn-pullzone: 293267
last-modified: Mon, 18 Sep 2023 16:47:37 GMT
server: BunnyCDN-DE1-1080
cdn-fileserver: 383
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"65087f29-a40"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: c48890df292bbedc4a23fbea3dad5679
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 28.377be946.min.js Show response
a.omappapi.com/app/js/ 3 KB
2 KB 10ms
8ms Script
application/javascript 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/28.377be946.min.js
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1080 /
Resource Hash: 8f927cd54d7ef0ffd667f6537f9a9f3ef56fd8f86b32c8dfd534c29da2f2242a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 08:06:19 GMT
content-encoding: br
cdn-edgestorageid: 1082
perma-cache: HIT
cdn-storageserver: DE-680
cdn-cachedat: 10/27/2023 14:19:24
cdn-pullzone: 293267
last-modified: Mon, 18 Sep 2023 16:47:51 GMT
server: BunnyCDN-DE1-1080
cdn-fileserver: 383
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"65087f37-d7b"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: a16fd3564613a0ebf5c9602a29d67200
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 26.1898e425.min.js Show response
a.omappapi.com/app/js/ 2 KB
2 KB 12ms
11ms Script
application/javascript 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/26.1898e425.min.js
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1080 /
Resource Hash: c6fd60d4ecfcac36ecdcb7456ecf170d8eef75c883a1e34a4dd7855d23966cd2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 08:06:19 GMT
content-encoding: br
cdn-edgestorageid: 1081
perma-cache: HIT
cdn-storageserver: DE-168
cdn-cachedat: 10/27/2023 14:19:24
cdn-pullzone: 293267
last-modified: Mon, 18 Sep 2023 16:47:40 GMT
server: BunnyCDN-DE1-1080
cdn-fileserver: 588
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"65087f2c-6b6"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: b44d8121e9d2f1a39921ecefe193f43d
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 16.0e435a6f.min.js Show response
a.omappapi.com/app/js/ 1 KB
1 KB 11ms
10ms Script
application/javascript 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/16.0e435a6f.min.js
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1080 /
Resource Hash: c4fbf61bcc8a017d5d9cd2d95105bf88005bc0a3b6c18be6bfee8fc94d0adf52

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 08:06:19 GMT
content-encoding: br
cdn-edgestorageid: 1080
perma-cache: HIT
cdn-storageserver: DE-588
cdn-cachedat: 10/27/2023 14:19:24
cdn-pullzone: 293267
last-modified: Mon, 18 Sep 2023 16:47:35 GMT
server: BunnyCDN-DE1-1080
cdn-fileserver: 383
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"65087f27-51f"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: bb50cfbaeba84bca60b5c3fcc35c2488
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 1.ea963399.min.js Show response
a.omappapi.com/app/js/ 11 KB
3 KB 11ms
10ms Script
application/javascript 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/1.ea963399.min.js
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1080 /
Resource Hash: 6507a044d207a767ec2971e891b149b58d6d32a6ee1b18068a6d6dd36bc5fa9a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 08:06:19 GMT
content-encoding: br
cdn-edgestorageid: 1080
perma-cache: HIT
cdn-storageserver: DE-676
cdn-cachedat: 10/27/2023 14:19:24
cdn-pullzone: 293267
last-modified: Mon, 18 Sep 2023 16:47:50 GMT
server: BunnyCDN-DE1-1080
cdn-fileserver: 587
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"65087f36-2abc"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: f297b6713ab0e1eb3263d8c93b1ae984
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 21.5aa698b1.min.js Show response
a.omappapi.com/app/js/ 2 KB
2 KB 12ms
11ms Script
application/javascript 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/21.5aa698b1.min.js
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1080 /
Resource Hash: 5c756ba00bc22ff5690e08fc74aa2c70cde9b692a4acb7ca813a9dc7168c27d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 08:06:19 GMT
content-encoding: br
cdn-edgestorageid: 1082
perma-cache: HIT
cdn-storageserver: DE-676
cdn-cachedat: 10/27/2023 14:19:24
cdn-pullzone: 293267
last-modified: Mon, 18 Sep 2023 16:47:35 GMT
server: BunnyCDN-DE1-1080
cdn-fileserver: 599
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"65087f27-81f"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 747244a252764001ac9ef0f70659edd5
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3 200 3457756354483018 Show response
connect.facebook.net/signals/config/ 133 KB
35 KB 151ms
151ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/3457756354483018?v=2.9.136&r=stable&domain=wicked.tours

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

95cd75674a0ab0cf52e7bd2542a671ff6e0eed42b28120c16ef67f2693bb44b2

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 28 Oct 2023 08:06:19 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: BcfLIBdfHQU6N2F96vzkx+NvUEd+QlHPUSlt9kuHHtiXXU37UfsXfMjPDxRiVBwAyj/mr72pIGL+h9levOqN/A==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 21ms
7ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=585564213285457&ev=PageView&dl=https%3A%2F%2Fwicked.tours%2F&rl=&if=false&ts=1698480379796&sw=1600&sh=1200&v=2.9.136&r=stable&a=tmgoogletagmanager&ec=0&o=4126&fbp=fb.1.1698480379794.239538484&cs_est=true&ler=empty&it=1698480379513&coo=false&rqm=GET

Requested by

Host: wicked.tours
URL: https://wicked.tours/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 28 Oct 2023 08:06:19 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 7ms
6ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=3457756354483018&ev=PageView&dl=https%3A%2F%2Fwicked.tours%2F&rl=&if=false&ts=1698480379968&sw=1600&sh=1200&v=2.9.136&r=stable&a=tmgoogletagmanager&ec=0&o=4126&fbp=fb.1.1698480379794.239538484&ler=empty&it=1698480379513&coo=false&rqm=GET

Requested by

Host: wicked.tours
URL: https://wicked.tours/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 28 Oct 2023 08:06:19 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

OPTIONS
H3 204 collect
analytics.gondola.travel/api/ 0
0 136ms
122ms Preflight 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.gondola.travel/api/collect

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; img-src *; script-src 'self' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self' api.umami.is; frame-ancestors 'self';
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://wicked.tours
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 81d1adc6eb7691e3-FRA
content-length: 0
content-security-policy: default-src 'self'; img-src *; script-src 'self' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self' api.umami.is; frame-ancestors 'self';
date: Sat, 28 Oct 2023 08:06:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fcchx6oLagE3oJ6MXSfTGK4mgOVBcKMf%2FHvqcJvk9KOWXY5E82un3X%2F9JgRAfVpSKYKepa5rMmXEf71MSFmQB59tI8FdD37IdAEVsoOKkk4MxLHB0fWn%2BgXT4KOf3DNAJ4AQvroPa6tkCgGcuafxuWBQ0VA2YXE%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Access-Control-Request-Headers
x-dns-prefetch-control: on
x-frame-options: SAMEORIGIN

POST
H3 200 collect Show response
analytics.gondola.travel/api/ 497 B
979 B 163ms
162ms Fetch
text/plain 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.gondola.travel/api/collect

Requested by

Host: analytics.gondola.travel
URL: https://analytics.gondola.travel/umami.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

932b736211357e1994a7bd8f49a78c096304b1782c11e621c88600450dbc0643

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; img-src *; script-src 'self' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self' api.umami.is; frame-ancestors 'self';
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://wicked.tours/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 28 Oct 2023 08:06:20 GMT
content-security-policy: default-src 'self'; img-src *; script-src 'self' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self' api.umami.is; frame-ancestors 'self';
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"tkalroyn6zdt"
vary: Accept-Encoding
x-dns-prefetch-control: on
content-type: text/plain
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bscQ1Ez7qVUXgEYrLGXG0FlY1%2FDXwHol0y6hNA69oTNEKF%2FcyhZINe0UdAN2OtyBSAwVOy2f05gED5xRq5OepLxoEGyt0WrRiLZPg0gbWrZKRKA6cT3F36Fh11Pvll4VgVeHAw9WRwVRB1YGjlLMN0DC%2BqBJCY0%3D"}],"group":"cf-nel","max_age":604800}
x-frame-options: SAMEORIGIN
cf-ray: 81d1adc7bc4a91e3-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 hotjar-3290986.js Show response
static.hotjar.com/c/ 10 KB
4 KB 55ms
36ms Script
application/javascript 18.66.97.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-3290986.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-54TM3L

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-49.fra56.r.cloudfront.net

Software

Resource Hash

013383da3382d55fb2b0f3af9cd8272896915b3442514773d0935fe781d21cdd

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 08:06:22 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 4a502b22092e94faddf9a5b056e273ae.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
etag: W/15a0cfa66da370b71ff6eef88db488f5
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=60
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
x-amz-cf-id: pKRXPdlCMHV9M2_Lm5ixNCmtn0PVoGTJHCtNykUsBoP1NCiPIJ-zIQ==

GET
H2 200 modules.132f983e088e46bc619e.js Show response
script.hotjar.com/ 226 KB
55 KB 26ms
6ms Script
application/javascript 13.32.27.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.132f983e088e46bc619e.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-3290986.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-21.fra56.r.cloudfront.net

Software

Resource Hash

bbeb842bd87163ca006c8603eac9bb9458ea3f05238c9fac398ae75b8c96eea3

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 14:28:07 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 1c12254585d1d316d9380549d59e3c80.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 63495
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 56235
last-modified: Fri, 27 Oct 2023 14:28:06 GMT
etag: "24211094ec33cac8a2dbf78e3d341c4f"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: xAIe8lTahlNZpt_zB0OyFho3cu98o00QBaNfyIRpJYIwMWf_OzJyyg==

POST
H2 200 / Show response
content.hotjar.io/ 56 B
161 B 194ms
68ms XHR
application/json 99.81.165.243
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content.hotjar.io/?gzip=1
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.132f983e088e46bc619e.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 99.81.165.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-81-165-243.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 98749c09435b3a9279da1f2a401f78ee71120859e46ee6dc6850a77e4b71f40f

Request headers

Referer: https://wicked.tours/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sat, 28 Oct 2023 08:06:22 GMT
content-length: 56
vary: Origin
content-type: application/json

GET
H3 200 css2
fonts.googleapis.com/ 2 KB
569 B 19ms
18ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Raleway%3Aital%2Cwght%400%2C400&display=swap

Requested by

Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/4.9fadcc45.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

28893081d019169c217045909cee1dd584e455005767fc2cf62b41c267846055

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 28 Oct 2023 08:06:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 28 Oct 2023 08:06:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 28 Oct 2023 08:06:24 GMT

GET
H2 200 1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvaorCIPrE.woff2
fonts.gstatic.com/s/raleway/v29/ 22 KB
22 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v29/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvaorCIPrE.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Raleway%3Aital%2Cwght%400%2C400&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5ec1e2ebe080ec8fbfbdc7dd9c0c25449e1d98e4e947c11a00fd770d8841698b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://wicked.tours
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 18:36:50 GMT
x-content-type-options: nosniff
age: 134974
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22420
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 00:56:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 25 Oct 2024 18:36:50 GMT

GET
H2 200 a2fee736e6f874bacecd992cc940b2c6-optin.json Show response
a.omappapi.com/app/campaign-views/fb9287ef8ee6/lexokb48ejnsmenzkand/ 42 KB
11 KB 30ms
17ms XHR
application/json 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/campaign-views/fb9287ef8ee6/lexokb48ejnsmenzkand/a2fee736e6f874bacecd992cc940b2c6-optin.json
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1080 /
Resource Hash: 64d8c7fad2f9999129a38873b147eb51a8176c12b82189310bf71122b2f14b4d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 08:06:25 GMT
content-encoding: br
cdn-edgestorageid: 1080
perma-cache: HIT
cdn-storageserver: DE-382
cdn-cachedat: 10/28/2023 08:06:25
cdn-pullzone: 293267
last-modified: Tue, 29 Aug 2023 17:31:40 GMT
server: BunnyCDN-DE1-1080
cdn-fileserver: 383
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"64ee2b7c-a907"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cdn-cache: MISS
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 351e180f933c1366dc83d7be92417dfb
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e5f47aaf7eabcee1ce2772f4fd77c75c252c80f9c48e4424e2f08b022aa0fa84

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 c6bbb988fc541693311658-iStock-451409053.jpg
a.omappapi.com/users/fb9287ef8ee6/images/ 27 KB
28 KB 26ms
26ms Image
image/webp 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.omappapi.com/users/fb9287ef8ee6/images/c6bbb988fc541693311658-iStock-451409053.jpg?width=3840&height=3840
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1080 /
Resource Hash: c004c7bec3adb465dffbb58fae88ec0ab943606ffc2ac1c09ee0c58beeb7e79d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 08:06:25 GMT
cdn-edgestorageid: 1082
perma-cache: HIT
cdn-storageserver: DE-663
cdn-cachedat: 10/28/2023 08:06:25
cdn-pullzone: 293267
content-length: 27960
last-modified: Tue, 29 Aug 2023 20:00:42 GMT
server: BunnyCDN-DE1-1080
cdn-fileserver: 588
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: "64ee4e6a-6d38"
content-type: image/webp
access-control-allow-origin: *
cdn-cache: MISS
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: c82e759c5550373512f973cb3819170c
accept-ranges: bytes
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H/1.1 204
No Content i Show response
z.omappapi.com/v3/ 0
242 B 295ms
106ms XHR
text/plain 178.128.135.232

General

Check archive.org

Show headers Download Go to

Full URL: https://z.omappapi.com/v3/i?aid=282505&cid=lexokb48ejnsmenzkand&sid=64edd868eceba&rt=false&dv=desktop&cty=popup&url=&v=5
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 178.128.135.232 -, , ASN (),
Reverse DNS
Software: kong/3.4.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://wicked.tours
Date: Sat, 28 Oct 2023 08:06:25 GMT
Access-Control-Allow-Credentials: true
X-Kong-Response-Latency: 17
Server: kong/3.4.2
Connection: keep-alive
vary: Origin

Verdicts & Comments Add Verdict or Comment

65 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
wicked.tours/	1970-01-21 01:24:00	Name: _omappvp Value: 0tR1sVGoXb29vj7K6wrqpWg13vcq2NP7Casn7U1hlOXXJOJdqcyoPVC0c3DQxne4zCYwxGdj8AbeuyOg0xDvXa0zCPQK2Mbu
wicked.tours/	1970-01-20 15:48:01	Name: _omappvs Value: 1698480379411
.wicked.tours/	1970-01-21 01:24:00	Name: _ga Value: GA1.2.1858828170.1698480379
.wicked.tours/	1970-01-20 15:49:26	Name: _gid Value: GA1.2.379447954.1698480379
.wicked.tours/	1970-01-20 15:48:00	Name: _dc_gtm_UA-11247999-2 Value: 1
.wicked.tours/	1970-01-21 01:24:00	Name: _ga_G2TMJJ58WS Value: GS1.2.1698480379.1.0.1698480379.60.0.0
.wicked.tours/	1970-01-20 17:57:36	Name: _fbp Value: fb.1.1698480379794.239538484
.wicked.tours/	1970-01-20 15:48:02	Name: _hjFirstSeen Value: 1
.wicked.tours/	1970-01-20 15:48:00	Name: _hjIncludedInSessionSample_3290986 Value: 1
.wicked.tours/	1970-01-20 15:48:02	Name: _hjSession_3290986 Value: eyJpZCI6IjFiODA0NTNlLTY4NjktNDgyMi1iNWUyLTc1MWI2Zjc0Njk4YiIsImNyZWF0ZWQiOjE2OTg0ODAzODIxMDcsImluU2FtcGxlIjp0cnVlLCJzZXNzaW9uaXplckJldGFFbmFibGVkIjp0cnVlfQ==
.wicked.tours/	1970-01-21 00:33:36	Name: _hjSessionUser_3290986 Value: eyJpZCI6IjU1NjRjODAxLTZkY2YtNWIxYy1hMTgwLWVjNzNlZjA1MDlhZiIsImNyZWF0ZWQiOjE2OTg0ODAzODIxMDYsImV4aXN0aW5nIjp0cnVlfQ==
.wicked.tours/	1970-01-20 15:48:02	Name: _hjAbsoluteSessionInProgress Value: 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.omappapi.com
analytics.gondola.travel
api.omappapi.com
connect.facebook.net
content.hotjar.io
fonts.googleapis.com
fonts.gstatic.com
ik.imagekit.io
lh3.googleusercontent.com
media-cdn.tripadvisor.com
region1.analytics.google.com
script.hotjar.com
static.hotjar.com
stats.g.doubleclick.net
wicked.tours
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
z.omappapi.com
13.32.27.21
151.101.194.38
161.35.113.156
178.128.135.232
18.66.112.19
18.66.97.49
2001:4860:4802:34::36
2400:52e0:1e00::1080:1
2600:9000:206f:fa00:15:c281:3500:93a1
2a00:1450:4001:80b::2003
2a00:1450:4001:810::200a
2a00:1450:4001:810::200e
2a00:1450:4001:827::2003
2a00:1450:4001:829::2001
2a00:1450:4001:82f::2004
2a00:1450:4001:831::2008
2a00:1450:400c:c0b::9d
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
2a06:98c1:3121::3
99.81.165.243
013383da3382d55fb2b0f3af9cd8272896915b3442514773d0935fe781d21cdd
047416b8ce2c9e00998e2c12b4de373176e62dc7bd1000a4c6e5e88404622bb7
0867457a9d690f06be44d101ce3cb9ed3b946446dba670d2f77b5bf0c12dda65
0e0d2baa393fe916f38e48a2daf1ef6bbde420d138d2fc56199ae22d87220139
0e9008c12d77bda2b94815770d9cb95a1a1b34463208bc5170cdc9c2d3f01f7c
14297d759d60f36a72f5da973d86ff5d8412a6e2df9bd012dec3a16af617ae21
1771aad88d0164b8f869d097851c94cc83d1a837f12fe8de39d0f309fe45f33c
19dc97be99f367c5d9f9af51571bc1f698d1673f754a39f1b14cf268682cb004
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
202ee5b585222e2c8660b175f70624ec845320e95ec306ede1e9ad6ca12ec453
263c3a799ea39e2db3c3347bab23a9f98990d9d9633d2d8b833d8766c3dc2b36
28893081d019169c217045909cee1dd584e455005767fc2cf62b41c267846055
29b9d26d9f4e94dd7a64a030ce363c1eeb54bc301a4d1598940fe2f020619d54
2cca9425a6cfd78413a633f610ae0c99c2406515ef867b0c65c01393df4c6e3a
3ab54cd9a313a7e330ef31b8e5d39fb1bca7c2b985f37a6c68b5904411d3d0ac
3d873bb40a283af2f4cb7e67dd9c5592920314760032a3aa0516c0e83e0690fd
3ef53fe96a6c2eaa12eecf27c0130e51e0a1de0b1aff6da0a1cd47f89e2e7056
41f5212f4270e9a2aa1c0424680c80b0c49872fa4dc59ee0c39c746c2afbfc1e
4374501061082dcbc96c41d57944d715334327b1288b679ccbc6bd8788f7da4a
487b450594c9ba50688a89a870e4983b7ab69a707dd1826e9595d701710753f3
5108d0adbc43671f8d004a74b15ae5c567291feb89ff81c0fe4cab24ed7a19f9
5405f21fd05a73a76a85b2021b366df4dcd00dd93ad956d671776622ea5e1ffc
563c970e0d2d56fdc6159cff94a28adff5654fbff0d280f1dbabcf8085942d48
5c756ba00bc22ff5690e08fc74aa2c70cde9b692a4acb7ca813a9dc7168c27d5
5c80505133c2b387dbe571c9b908be7e815b86ec57d1cb8de7f1b8212cb0d304
5d2daebf3aef880f90c88253bcd48338de8886ee772559966c2594fae8e14e3a
5ec1e2ebe080ec8fbfbdc7dd9c0c25449e1d98e4e947c11a00fd770d8841698b
614147a2fbc289fa4de70bb92786157cfa72044b31128f46c8f83202a4a0d675
64d8c7fad2f9999129a38873b147eb51a8176c12b82189310bf71122b2f14b4d
6507a044d207a767ec2971e891b149b58d6d32a6ee1b18068a6d6dd36bc5fa9a
6c9801a204c5021a580ceab7cadfeb06694bb584f18c66a67e2c1c65854dfd5c
6e86a52a9858206302e32036d89907e3ac87762055e7f9c6364aec33221b3e41
6efab6d334551dc2f787603f093acf40abb37df4219d78aa53c02c71c917e9fa
6f74cd5afbfe6fab11489dfcc70fb996ccd7b3dc935927d7402aa285d9692207
745b79544835c8ee16198c039bdde0b6ec42333c0f830df5770bd4dcd60a6ac6
79796fbb26ba2657716333085f5f97f70907d487be8186afb6d1b3882c698a1a
7a5055116ad7c18af3f2b20162a07d56c0691fa8037a82aeb6dfa9adbb441e58
81aa619758b89d5cd2ad0a7fb00d875ab6685e69ab853f5e5247a62547e0cdb3
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
875f7447920757fc576e5540f0c8b4798abfeabb22cfe616013c3c77873b2dfc
8ad9a6bcdc20b0bb29576b861332e7b11719bd11af68024d7676724574070f05
8ec9cc6f675126d6056d17b9cf75658eda4c57a6e135f8e992c1f927a4aea41f
8f927cd54d7ef0ffd667f6537f9a9f3ef56fd8f86b32c8dfd534c29da2f2242a
91c88ba09686f1391fe968314a39a50749c546da6bd6cdadd20bcdc2026bef86
932b736211357e1994a7bd8f49a78c096304b1782c11e621c88600450dbc0643
947e611b2cb75cb862f3802ca9d4f81cce21680d57204dfa300396e6c5526479
95223abdb937d7365d19dd9619a22e265450cc09de74c369489763f711d20cfe
95cd75674a0ab0cf52e7bd2542a671ff6e0eed42b28120c16ef67f2693bb44b2
972b80cd953a2bb255edd4f53fdc208a247f01aee61e14971093ac28250eab39
978277c7385002bbd8eca4f51d7bdac7424ef8c6d267066e36b018b25bf88f7a
98749c09435b3a9279da1f2a401f78ee71120859e46ee6dc6850a77e4b71f40f
9c80b2722f72540a8210e5f5a4c46a118422c79608489a796a0af3e204db45f2
9f319c6e2632fe1504913253a8fb6a98e4411039814eb975e7d170a90d721815
a0746aee5a2b0032d3d664b8383d97bb3e1f0dce11ececfa1258072a704b1a72
a1caa428e93b63e721ce55cff36f1c31825b8b4d5562e4b0b29b9a842df7f284
a2558a61b38a7b03525f0b74a510f4483332f14059245769233ede3f66dec7e0
a46da94dfac27524612777c4490056d31db2b35c757b6da2b82537602ea3a022
aac4ba6b7203c941d7d21fecf64d5753c3a291671e8da7de1dbddda459aaf722
abea82a73bd7320dd12a90292e8b0fa900c51056e8017b7604bc3896e88373ed
af3f31a029322f6e117b17fde89adbebdfb3bbfbe2361d36cd385ac615fc6c63
b3f40cc249c507ec26e8bbf192f73afc6cf1f4293b6db3f77ae9b64bdcc1773f
b3ff07a3bed2a2caf71349a34d93f15630b6caee6ca625d8a0a45c1e021b6aac
b88dd4ec6fc8397ecf32fbb4fdd2c8ba1c2ad30dc6db282706c99506bc3cf53b
b8e5412a78d02cc5ed796b66b81974eb87ad2d4c9205c099e1ed01bed5127af0
ba70f702bd93a670e7f34c5195c5ce30dfe71ce72eeefc9a2acaad0eec3dd689
ba8921e0c27b2c3392f74b1b599b684ed193b16d880466c05a2381629187cdd9
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
bb99204bf1f35c6103216e140736ef19be06b3255a6ece419a6ff526ccdf63d1
bbeb842bd87163ca006c8603eac9bb9458ea3f05238c9fac398ae75b8c96eea3
bc3918667ec7b4d9ea186a765913f8fdc285a27d243e5ecaf21e94d0d040b280
bdd6e29b3886816b933e6c994cf33b6f01d7239a484b844c676c473bc53bfc83
c004c7bec3adb465dffbb58fae88ec0ab943606ffc2ac1c09ee0c58beeb7e79d
c110d3e795d9bcb956d5c9ef500d23c7e480a259519d383d5c626293ee413815
c212941bd3343394223cad357d82517cf533e8cd0d0ca8f211bfa0d990f38952
c2c2302b5ee2629a243e633d6b69610fd35586ccd25f9402332ee496b51ceb3e
c4fbf61bcc8a017d5d9cd2d95105bf88005bc0a3b6c18be6bfee8fc94d0adf52
c6fd60d4ecfcac36ecdcb7456ecf170d8eef75c883a1e34a4dd7855d23966cd2
ca83f5237bc6b98ceab569a5709e871834ffb1ac43c6ca3800d099d3b188f2e3
d1f5c9696f46364e47602c9015a3a85b4ce559c54be49b5f6a16874264a30e2f
d4c1270f7869730d1490f7df3d4bf63e21b5baa51ebbc67c31001317d4e50dbb
da79bf82e83c251f1c37d7b60ea9489c7584fa50ae379b9ddbd95d8317aad109
da88b5aaa98c29a87e083a9edc66b83263a994d39634d80696eaf0532485c142
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e0af33d404ac5c5f5e20b992d902ac415e3834484131bf5f2e980d9a0bff9311
e1b149f9dffc3130750034a65c4a1d2cbefe7ffcef67fcb368f292a065aabeef
e307d892526152a8e7af856c927e54c6857499da2ab1f35e40891f5b56374b37
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5e3d6fdd78fb14597e2501ec74b3d5c730d13a2e6718a18a8639e43cdc9d34e
e5f47aaf7eabcee1ce2772f4fd77c75c252c80f9c48e4424e2f08b022aa0fa84
ece88845d2c0a327f6a7957ec596d1014820fbfb62b31a13b8152a28dbd41bb5
ece889d87186517d243ef3c4b1ec7795a1b635fdd6b0a18fe6b3015223f9ec45
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f17dd997533ce70ba71e1a22cefc1129190437da5cfc6484b60d5fd6da6fa98c
f24bfd0f1b0a80c8097bca01b9d7550369b6c5aa6284ca205e64af9db180fa80
f2f7a4714f97e0f2a0f5ccd6c69d169a688465d2cebeed90db670d86fe85b3d5
f4230ced8d4264c7d87c89dd662ed160243569667d5d1fc586b94d65fb771618
fa1af1cbf201b91b7b02cc4531ded17078f035ca5daec87e9767ca7edb4b3328
fd4efe40acd43d619b031d46c98f308eea7ad54931e554b0ea85506bcf0c81bc
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

wicked.tours Open in urlscan Pro 161.35.113.156 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

105 Requests

100 %HTTPS

67 %IPv6

17 Domains

21 Subdomains

22 IPs

4 Countries

4289 kBTransfer

6135 kBSize

12 Cookies

18 Outgoing links

Redirected requests

105 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

wicked.tours Open in urlscan Pro
161.35.113.156 Public Scan

Screenshot
Live screenshot

Full Image

105
Requests

100 %
HTTPS

67 %
IPv6

17
Domains

21
Subdomains

22
IPs

4
Countries

4289 kB
Transfer

6135 kB
Size

12
Cookies

105 HTTP transactions
1 data transactions