digital.cloud.travelport.com Open in urlscan Pro
192.29.201.104 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://digital.cloud.travelport.com/payment-3
Submission: On July 21 via manual (July 21st 2022, 9:15:56 am UTC) from IN — Scanned from NL

Summary HTTP 67 Redirects Links 14 Behaviour Indicators

Summary

This website contacted 32 IPs in 6 countries across 28 domains to perform 67 HTTP transactions. The main IP is 192.29.201.104, located in Amsterdam, Netherlands and belongs to ORACLE-BMC-31898, US. The main domain is digital.cloud.travelport.com.
TLS certificate: Issued by Sectigo RSA Organization Validation S... on November 30th 2021. Valid for: a year.

This is the only time digital.cloud.travelport.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	192.29.201.104 192.29.201.104	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
8	96.16.149.96 96.16.149.96	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:3a	20446 (STACKPATH...) (STACKPATH-CDN)
2 4	192.29.203.179 192.29.203.179	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
1	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
1 1	108.138.7.19 108.138.7.19	16509 (AMAZON-02) (AMAZON-02)
1 1	13.32.121.44 13.32.121.44	16509 (AMAZON-02) (AMAZON-02)
1 5	52.222.236.53 52.222.236.53	16509 (AMAZON-02) (AMAZON-02)
5	23.205.226.129 23.205.226.129	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
1	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:350... 2a02:26f0:3500:16::215:14a0	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	199.232.136.157 199.232.136.157	54113 (FASTLY) (FASTLY)
1	108.138.7.118 108.138.7.118	16509 (AMAZON-02) (AMAZON-02)
1	2a05:d014:275... 2a05:d014:275:cb01:457d:6b8c:73fc:8f8f	16509 (AMAZON-02) (AMAZON-02)
5	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
1	108.138.17.87 108.138.17.87	16509 (AMAZON-02) (AMAZON-02)
1	51.140.49.131 51.140.49.131	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	52.222.236.122 52.222.236.122	16509 (AMAZON-02) (AMAZON-02)
1	104.244.42.197 104.244.42.197	13414 (TWITTER) (TWITTER)
1	104.244.42.195 104.244.42.195	13414 (TWITTER) (TWITTER)
2	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c06::9d	15169 (GOOGLE) (GOOGLE)
1	18.66.139.40 18.66.139.40	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:80b::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
1	18.202.39.101 18.202.39.101	16509 (AMAZON-02) (AMAZON-02)
8	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	18.66.97.57 18.66.97.57	16509 (AMAZON-02) (AMAZON-02)
1	108.138.7.119 108.138.7.119	16509 (AMAZON-02) (AMAZON-02)
1	151.101.2.137 151.101.2.137	54113 (FASTLY) (FASTLY)
1	162.247.241.14 162.247.241.14	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
67	32

1 192.29.201.104 (Amsterdam, Netherlands)

ASN31898 (ORACLE-BMC-31898, US)

digital.cloud.travelport.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 96.16.149.96 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a96-16-149-96.deploy.static.akamaitechnologies.com

img06.en25.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:3a (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 192.29.203.179 (Amsterdam, Netherlands) 2 redirects

ASN31898 (ORACLE-BMC-31898, US)

s1669161669.t.eloqua.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.7.19 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-19.fra56.r.cloudfront.net

www.wufoo.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.121.44 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-44.fra60.r.cloudfront.net

www.wufoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.222.236.53 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-53.fra56.r.cloudfront.net

static.wufoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tiol.wufoo.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.205.226.129 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-226-129.deploy.static.akamaitechnologies.com

www.travelport.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:14a0 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.136.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.7.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-118.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d014:275:cb01:457d:6b8c:73fc:8f8f (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)

www.fullstory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.17.87 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-17-87.fra56.r.cloudfront.net

tag.demandbase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.140.49.131 (United Kingdom)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

secure.leadforensics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.236.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-122.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.197 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.195 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c06::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.139.40 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-139-40.fra60.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.202.39.101 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-202-39-101.eu-west-1.compute.amazonaws.com

in.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.57 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-57.fra56.r.cloudfront.net

api.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.7.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-119.fra56.r.cloudfront.net

cdn.signalfx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.241.14 (Portland, United States)

ASN23467 (NEWRELIC-AS-1, US)

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	facebook.com www.facebook.com — Cisco Umbrella Rank: 101	1 KB
8	en25.com img06.en25.com — Cisco Umbrella Rank: 42036	426 KB
6	travelport.com digital.cloud.travelport.com www.travelport.com — Cisco Umbrella Rank: 959291	6 KB
5	facebook.net connect.facebook.net — Cisco Umbrella Rank: 155	361 KB
4	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 56 stats.g.doubleclick.net — Cisco Umbrella Rank: 117	3 KB
4	linkedin.com 3 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 371 www.linkedin.com — Cisco Umbrella Rank: 472 px4.ads.linkedin.com — Cisco Umbrella Rank: 5526	3 KB
4	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 637 script.hotjar.com — Cisco Umbrella Rank: 795 vars.hotjar.com — Cisco Umbrella Rank: 874 in.hotjar.com — Cisco Umbrella Rank: 1519	68 KB
4	wufoo.com 1 redirects www.wufoo.com — Cisco Umbrella Rank: 72795 static.wufoo.com — Cisco Umbrella Rank: 29126	213 KB
4	eloqua.com 2 redirects s1669161669.t.eloqua.com	2 KB
3	google.nl www.google.nl — Cisco Umbrella Rank: 8803	763 B
3	google.com www.google.com — Cisco Umbrella Rank: 10	763 B
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 52	20 KB
3	wufoo.co.uk 2 redirects www.wufoo.co.uk tiol.wufoo.co.uk	53 KB
2	youtube.com www.youtube.com — Cisco Umbrella Rank: 113	53 KB
1	nr-data.net bam.nr-data.net — Cisco Umbrella Rank: 284	632 B
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 406	14 KB
1	signalfx.com cdn.signalfx.com — Cisco Umbrella Rank: 20131	34 KB
1	company-target.com api.company-target.com — Cisco Umbrella Rank: 2945	520 B
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 487	355 B
1	t.co t.co — Cisco Umbrella Rank: 435	338 B
1	leadforensics.com secure.leadforensics.com — Cisco Umbrella Rank: 20598	448 B
1	demandbase.com tag.demandbase.com — Cisco Umbrella Rank: 4413	19 KB
1	fullstory.com www.fullstory.com — Cisco Umbrella Rank: 18980
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 610	15 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 738	3 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 125	15 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 93	86 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 613	32 KB
67	28

	Domain	Requested by
8	www.facebook.com	digital.cloud.travelport.com
8	img06.en25.com	digital.cloud.travelport.com
5	connect.facebook.net	digital.cloud.travelport.com connect.facebook.net
5	www.travelport.com	img06.en25.com
4	s1669161669.t.eloqua.com	2 redirects digital.cloud.travelport.com
3	www.google.nl	digital.cloud.travelport.com
3	www.google.com	digital.cloud.travelport.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	static.wufoo.com	digital.cloud.travelport.com tiol.wufoo.co.uk
2	tiol.wufoo.co.uk	1 redirects www.wufoo.co.uk
2	stats.g.doubleclick.net	www.google-analytics.com
2	googleads.g.doubleclick.net	www.googleadservices.com
2	px.ads.linkedin.com	2 redirects
2	www.youtube.com	digital.cloud.travelport.com www.youtube.com
1	bam.nr-data.net	js-agent.newrelic.com
1	js-agent.newrelic.com	tiol.wufoo.co.uk
1	cdn.signalfx.com	tiol.wufoo.co.uk
1	api.company-target.com	tag.demandbase.com
1	in.hotjar.com	script.hotjar.com
1	vars.hotjar.com	static.hotjar.com
1	analytics.twitter.com	digital.cloud.travelport.com
1	t.co	digital.cloud.travelport.com
1	script.hotjar.com	static.hotjar.com
1	px4.ads.linkedin.com	digital.cloud.travelport.com
1	www.linkedin.com	1 redirects
1	secure.leadforensics.com	www.googletagmanager.com
1	tag.demandbase.com	digital.cloud.travelport.com
1	www.fullstory.com	digital.cloud.travelport.com
1	static.hotjar.com	www.googletagmanager.com
1	static.ads-twitter.com	www.googletagmanager.com
1	snap.licdn.com	www.googletagmanager.com
1	www.googleadservices.com	www.googletagmanager.com
1	www.wufoo.com	1 redirects
1	www.wufoo.co.uk	1 redirects
1	www.googletagmanager.com	digital.cloud.travelport.com
1	code.jquery.com	digital.cloud.travelport.com
1	digital.cloud.travelport.com
67	37

This site contains links to these domains. Also see Links.

Domain
www.travelport.com
ir.travelport.com
marketing.cloud.travelport.com
twitter.com
www.youtube.com
www.linkedin.com
www.facebook.com
travelport-english.custhelp.com

Subject Issuer	Validity	Valid
*.cloud.travelport.com Sectigo RSA Organization Validation Secure Server CA	`2021-11-30` - `2022-11-30`	a year	crt.sh
*.en25.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-17` - `2023-07-18`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
www.travelport.com DigiCert TLS RSA SHA256 2020 CA1	`2022-06-24` - `2022-10-25`	4 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2022-03-01` - `2023-03-01`	a year	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-21` - `2022-07-26`	a year	crt.sh
*.hotjar.com Amazon	`2021-11-25` - `2022-12-23`	a year	crt.sh
bionic.fullstory.com R3	`2022-07-08` - `2022-10-06`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-04-29` - `2022-07-28`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
tag.demandbase.com Go Daddy Secure Certificate Authority - G2	`2021-10-18` - `2022-10-14`	a year	crt.sh
*.leadforensics.com Sectigo RSA Domain Validation Secure Server CA	`2021-12-08` - `2022-12-08`	a year	crt.sh
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
*.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
*.t.eloqua.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-29` - `2023-04-11`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
*.google.nl GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
api.demandbase.com Go Daddy Secure Certificate Authority - G2	`2021-10-20` - `2022-09-26`	a year	crt.sh
wufoo.co.uk Amazon	`2021-07-12` - `2022-08-10`	a year	crt.sh
*.signalfx.com Go Daddy Secure Certificate Authority - G2	`2021-11-11` - `2022-12-13`	a year	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2022 Q2	`2022-07-10` - `2023-08-11`	a year	crt.sh
*.nr-data.net DigiCert TLS RSA SHA256 2020 CA1	`2022-01-10` - `2023-02-10`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://digital.cloud.travelport.com/payment-3
Frame ID: C61A5E20CC6C6C728222BAC3BACDC8D8
Requests: 60 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-0004cb77850b00d4aa7e1e08ff61e8f0.html
Frame ID: 077663BD74F802CEFA682C8D01967232
Requests: 1 HTTP requests in this frame

Frame: https://tiol.wufoo.co.uk/forms/?formname=wsyuzfx1und8jr&embed=1&embedKey=wsyuzfx1und8jr775071&entsource=&referrer=
Frame ID: 66C465BF8A59F3B454A40A2DEC466876
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Travelport | OTA

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Flat UI (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+flat-ui(?:\.min)?\.css

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

67
Requests

96 %
HTTPS

37 %
IPv6

28
Domains

37
Subdomains

32
IPs

6
Countries

1428 kB
Transfer

3247 kB
Size

34
Cookies

14 Outgoing links

These are links going to different origins than the main page.

URL: https://www.travelport.com/?elqTrackId=f48bbe64e0774945917049326634a5b9&elqaid=2260&elqat=2

Search URL Search Domain Scan URL

URL: https://www.travelport.com/company/events?elqTrackId=8f14af308b9c468dafb4ecc8a5631e5e&elqaid=2260&elqat=2
Title: Events

Search URL Search Domain Scan URL

URL: https://www.travelport.com/careers?elqTrackId=8f13b6296fd24dbdac431828dd7b59fa&elqaid=2260&elqat=2
Title: Careers

Search URL Search Domain Scan URL

URL: http://ir.travelport.com/?elqTrackId=858ebff9763b430bbbaf37da4f390482&elqaid=2260&elqat=2
Title: Investors

Search URL Search Domain Scan URL

URL: https://marketing.cloud.travelport.com/contact?elqTrackId=7e2ac402e7f0415cb083c974e6c816d5&elq=00000000000000000000000000000000&elqaid=2260&elqat=2&elqCampaignId=
Title: Contact

Search URL Search Domain Scan URL

URL: https://www.travelport.com/privacy?elqTrackId=c728a196e26a41bdb08c6cd07cb044cb&elqaid=2260&elqat=2
Title: Privacy policy

Search URL Search Domain Scan URL

URL: https://www.travelport.com/terms-and-conditions?elqTrackId=0125ba1418334282969a75c2d90849c8&elqaid=2260&elqat=2
Title: Terms and conditions

Search URL Search Domain Scan URL

URL: https://www.travelport.com/sites/default/files/footer--code-of-conduct--travelport-business-partner-code-and-ethics-policy-Oct2015.pdf?elqTrackId=f7cb40d8185d40839aa564fce7a09744&elqaid=2260&elqat=2
Title: Code of conduct

Search URL Search Domain Scan URL

URL: https://www.travelport.com/use-cookies?elqTrackId=772e1bca71744bbdbff8c308669dbbe2&elqaid=2260&elqat=2
Title: Cookies

Search URL Search Domain Scan URL

URL: http://twitter.com/travelport?elqTrackId=09ebd5d9f4ea4faa8a69fef54dc0780a&elqaid=2260&elqat=2
Title: Twitter

Search URL Search Domain Scan URL

URL: http://www.youtube.com/travelporttube?elqTrackId=31e259fc2202435ab6d5380037c88436&elqaid=2260&elqat=2
Title: YouTube

Search URL Search Domain Scan URL

URL: http://www.linkedin.com/company/travelport?elqTrackId=11789e93762b48038e1946e99293aed6&elqaid=2260&elqat=2
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://www.facebook.com/TravelportGlobal?elqTrackId=744cc1ef53c241a6b5f31fa28bfa1b38&elqaid=2260&elqat=2
Title: Facebook

Search URL Search Domain Scan URL

URL: https://travelport-english.custhelp.com/app/utils/login_form/target/OKM_live/param/page%3Dhome%26locale%3Den_US%26rn%3DEnglish?elqTrackId=fe7a25ea19c24d25a5ef414288ee6459&elqaid=2260&elqat=2
Title: ASK Travelport

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7

https://s1669161669.t.eloqua.com/visitor/v200/svrGP?pps=60&siteid=1669161669&PURLSiteID=10&optin=disabled&PURLSiteAlternateDNSID=0&LandingPageID=2260&PURLRecordID=0&PURLGUID=D25DB39B32C042ADB7429732E5E54ABC&UseRelativePath=True&elq={00000000-0000-0000-0000-000000000000}&elq_ck=0 HTTP 302
https://s1669161669.t.eloqua.com/visitor/v200/svrGP.aspx?pps=60&siteid=1669161669&PURLSiteID=10&optin=disabled&PURLSiteAlternateDNSID=0&LandingPageID=2260&PURLRecordID=0&PURLGUID=D25DB39B32C042ADB7429732E5E54ABC&UseRelativePath=True&elq={00000000-0000-0000-0000-000000000000}&elq_ck=0&elqCookie=1 HTTP 302
https://s1669161669.t.eloqua.com/eloquaimages/tinydot.gif

Request Chain 9

https://www.wufoo.co.uk/scripts/embed/form.js HTTP 301
https://www.wufoo.com/scripts/embed/form.js HTTP 301
https://static.wufoo.com/scripts/embed/form.js

Request Chain 27

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1717428&time=1658394948511&url=https%3A%2F%2Fdigital.cloud.travelport.com%2Fpayment-3 HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1717428%26time%3D1658394948511%26url%3Dhttps%253A%252F%252Fdigital.cloud.travelport.com%252Fpayment-3%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1717428&time=1658394948511&url=https%3A%2F%2Fdigital.cloud.travelport.com%2Fpayment-3&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1717428&time=1658394948511&url=https%3A%2F%2Fdigital.cloud.travelport.com%2Fpayment-3&liSync=true&e_ipv6=AQIb9XIqsy3XLAAAAYIgCrVUmwUZYyzE6f4ddvQefNn7NEOn2wSya0ObNUDqqF4a-SbaN1jy_wDP3iNpRHY

Request Chain 53

https://tiol.wufoo.co.uk/embed/wsyuzfx1und8jr/def/embedKey=wsyuzfx1und8jr775071&entsource=&referrer= HTTP 301
https://tiol.wufoo.co.uk/forms/?formname=wsyuzfx1und8jr&embed=1&embedKey=wsyuzfx1und8jr775071&entsource=&referrer=

67 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request payment-3 Show response
digital.cloud.travelport.com/ 16 KB
6 KB 199ms
151ms Document
text/html 192.29.201.104
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL

https://digital.cloud.travelport.com/payment-3

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

192.29.201.104 Amsterdam, Netherlands, ASN31898 (ORACLE-BMC-31898, US),

Reverse DNS

Software

Resource Hash

dd3b1c1b97b1a1624c3f92bfe2eed019b8de27573a6d849a9f7463ae5b3a2720

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Cache-Control: no-store
Content-Encoding: gzip
Content-Length: 5106
Content-Type: text/html; charset=utf-8
Date: Thu, 21 Jul 2022 09:15:47 GMT
Expires: -1
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Pragma: no-cache
Strict-Transport-Security: max-age=31536000
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

GET
H/1.1 200
OK %7Ba0b56065-7b5f-43d9-8366-19e0ecb9eb72%7D_bootstrap.css
img06.en25.com/Web/Travelport/ 120 KB
121 KB 117ms
66ms Stylesheet
text/css 96.16.149.96
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://img06.en25.com/Web/Travelport/%7Ba0b56065-7b5f-43d9-8366-19e0ecb9eb72%7D_bootstrap.css

Requested by

Host: digital.cloud.travelport.com
URL: https://digital.cloud.travelport.com/payment-3

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

96.16.149.96 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-149-96.deploy.static.akamaitechnologies.com

Software

Resource Hash

cdd948b7d6c8d783b0565c35672c8d4bb66a63e8118f467dd5a5636ebf0838b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://digital.cloud.travelport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Type: text/css
Last-Modified: Tue, 25 Apr 2017 10:26:36 GMT
ETag: "484186baebdd21:0"
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Cache-Control: no-store
Date: Thu, 21 Jul 2022 09:15:48 GMT
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex
Content-Length: 122998
X-XSS-Protection: 1; mode=block
Expires: Thu, 21 Jul 2022 09:15:48 GMT

GET
H/1.1 200
OK %7B44e9d556-e84e-42f2-b08e-086eef4c0264%7D_flat-ui.css
img06.en25.com/Web/Travelport/ 103 KB
103 KB 77ms
26ms Stylesheet
text/css 96.16.149.96
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://img06.en25.com/Web/Travelport/%7B44e9d556-e84e-42f2-b08e-086eef4c0264%7D_flat-ui.css

Requested by

Host: digital.cloud.travelport.com
URL: https://digital.cloud.travelport.com/payment-3

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

96.16.149.96 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-149-96.deploy.static.akamaitechnologies.com

Software

Resource Hash

1d2958244bb8a85a3a28f2ab787827dc795278b0ea49ece45601ad74335e3ee1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://digital.cloud.travelport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Type: text/css
Last-Modified: Tue, 25 Apr 2017 10:26:12 GMT
ETag: "c48abe5caebdd21:0"
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Cache-Control: no-store
Date: Thu, 21 Jul 2022 09:15:48 GMT
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex
Content-Length: 105110
X-XSS-Protection: 1; mode=block
Expires: Thu, 21 Jul 2022 09:15:48 GMT

GET
H/1.1 200
OK %7Bb9172104-cc47-423f-a879-b63e87f08860%7D_icon-font.css
img06.en25.com/Web/Travelport/ 7 KB
7 KB 116ms
65ms Stylesheet
text/css 96.16.149.96
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://img06.en25.com/Web/Travelport/%7Bb9172104-cc47-423f-a879-b63e87f08860%7D_icon-font.css

Requested by

Host: digital.cloud.travelport.com
URL: https://digital.cloud.travelport.com/payment-3

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

96.16.149.96 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-149-96.deploy.static.akamaitechnologies.com

Software

Resource Hash

12e292a7e28818b146ecd0dcb24d8b5bc59866c1e1ab9d856630045404acb80f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://digital.cloud.travelport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Type: text/css
Last-Modified: Tue, 25 Apr 2017 10:12:08 GMT
ETag: "d0c49465acbdd21:0"
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Cache-Control: no-store
Date: Thu, 21 Jul 2022 09:15:48 GMT
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex
Content-Length: 7110
X-XSS-Protection: 1; mode=block
Expires: Thu, 21 Jul 2022 09:15:48 GMT

GET
H/1.1 200
OK %7Ba0779dc4-2561-479b-bd39-1530962883d6%7D_style.css
img06.en25.com/Web/Travelport/ 42 KB
43 KB 83ms
32ms Stylesheet
text/css 96.16.149.96
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://img06.en25.com/Web/Travelport/%7Ba0779dc4-2561-479b-bd39-1530962883d6%7D_style.css

Requested by

Host: digital.cloud.travelport.com
URL: https://digital.cloud.travelport.com/payment-3

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

96.16.149.96 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-149-96.deploy.static.akamaitechnologies.com

Software

Resource Hash

f5db97f8a661c519e1b77aa531b4e47bfcf962b02385a91af912c36da7cbc291

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://digital.cloud.travelport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Type: text/css
Last-Modified: Wed, 26 Apr 2017 09:31:07 GMT
ETag: "f44a30d56fbed21:0"
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Cache-Control: no-store
Date: Thu, 21 Jul 2022 09:15:48 GMT
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex
Content-Length: 43141
X-XSS-Protection: 1; mode=block
Expires: Thu, 21 Jul 2022 09:15:48 GMT

GET
H/1.1 200
OK %7B83f2261c-94a7-4a71-9c7a-0a53d7752af4%7D_2105-styles.css
img06.en25.com/Web/Travelport/ 41 KB
41 KB 128ms
77ms Stylesheet
text/css 96.16.149.96
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://img06.en25.com/Web/Travelport/%7B83f2261c-94a7-4a71-9c7a-0a53d7752af4%7D_2105-styles.css

Requested by

Host: digital.cloud.travelport.com
URL: https://digital.cloud.travelport.com/payment-3

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

96.16.149.96 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-149-96.deploy.static.akamaitechnologies.com

Software

Resource Hash

495b1823fd07778b1b5dbc93fdf36bad194af997dda94198bd7a0b36ad105237

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://digital.cloud.travelport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Type: text/css
Last-Modified: Mon, 27 Mar 2017 17:53:11 GMT
ETag: "da5e45023a7d21:0"
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Cache-Control: no-store
Date: Thu, 21 Jul 2022 09:15:48 GMT
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex
Content-Length: 41917
X-XSS-Protection: 1; mode=block
Expires: Thu, 21 Jul 2022 09:15:48 GMT

GET
H2 200 jquery-1.10.2.min.js Show response
code.jquery.com/ 91 KB
32 KB 57ms
22ms Script
application/javascript 2001:4de0:ac18::1:a:3a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-1.10.2.min.js
Requested by: Host: digital.cloud.travelport.com
URL: https://digital.cloud.travelport.com/payment-3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:3a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://digital.cloud.travelport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 09:15:48 GMT
content-encoding: gzip
last-modified: Wed, 16 Feb 2022 10:50:39 GMT
server: nginx
etag: W/"620cd6ff-16bb3"
vary: Accept-Encoding
x-hw: 1658394948.dop119.am5.t,1658394948.cds121.am5.hn,1658394948.cds298.am5.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 32788

GET
H/1.1 200
OK %7B5eeb9eb2-8bf3-4e78-afcb-d0723f7cd39a%7D_logo.png
img06.en25.com/Web/Travelport/ 10 KB
11 KB 73ms
73ms Image
image/png 96.16.149.96
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img06.en25.com/Web/Travelport/%7B5eeb9eb2-8bf3-4e78-afcb-d0723f7cd39a%7D_logo.png

Requested by

Host: digital.cloud.travelport.com
URL: https://digital.cloud.travelport.com/payment-3

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

96.16.149.96 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-149-96.deploy.static.akamaitechnologies.com

Software

Resource Hash

8b649b0c4d35175e913549f3623085159ca5fe9e2513c9eba410a11a28b45590

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://digital.cloud.travelport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Type: image/png
Last-Modified: Fri, 26 Jan 2018 12:24:54 GMT
ETag: "84dfc1aba096d31:0"
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Cache-Control: no-store
Date: Thu, 21 Jul 2022 09:15:48 GMT
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex
Content-Length: 10749
X-XSS-Protection: 1; mode=block
Expires: Thu, 21 Jul 2022 09:15:48 GMT

GET
H/1.1

200
OK

tinydot.gif
s1669161669.t.eloqua.com/eloquaimages/
Redirect Chain

https://s1669161669.t.eloqua.com/visitor/v200/svrGP?pps=60&siteid=1669161669&PURLSiteID=10&optin=disabled&PURLSiteAlternateDNSID=0&LandingPageID=2260&PURLRecordID=0&PURLGUID=D25DB39B32C042ADB742973...
https://s1669161669.t.eloqua.com/visitor/v200/svrGP.aspx?pps=60&siteid=1669161669&PURLSiteID=10&optin=disabled&PURLSiteAlternateDNSID=0&LandingPageID=2260&PURLRecordID=0&PURLGUID=D25DB39B32C042ADB7...
https://s1669161669.t.eloqua.com/eloquaimages/tinydot.gif

49 B
543 B

16ms
16ms

Image
image/gif

192.29.203.179
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1669161669.t.eloqua.com/eloquaimages/tinydot.gif

Requested by

Host: digital.cloud.travelport.com
URL: https://digital.cloud.travelport.com/payment-3

Protocol

HTTP/1.1

Server

192.29.203.179 Amsterdam, Netherlands, ASN31898 (ORACLE-BMC-31898, US),

Reverse DNS

Software

Resource Hash

f1ccea6b7204d9f7913ab45e1afa51d79f83bd4f0319de937b0132e6e02b1aab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://digital.cloud.travelport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Type: image/gif
Last-Modified: Wed, 22 Jun 2022 13:18:53 GMT
ETag: "3e207c9e3a86d81:0"
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Cache-Control: no-store
Date: Thu, 21 Jul 2022 09:15:48 GMT
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 49
X-XSS-Protection: 1; mode=block
Expires: -1

Redirect headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Date: Thu, 21 Jul 2022 09:15:48 GMT
X-Robots-Tag: noindex, nofollow
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Location: /eloquaimages/tinydot.gif
Cache-Control: no-store
Content-Type: text/html; charset=utf-8
Content-Length: 142
X-Xss-Protection: 1; mode=block
Expires: -1

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 373 KB
86 KB 136ms
87ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KVPSHT7

Requested by

Host: digital.cloud.travelport.com
URL: https://digital.cloud.travelport.com/payment-3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cd79f05a464bce2c6023ea5c5366a2ad8f1688803b9043dd22eefc0e83f7c5d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://digital.cloud.travelport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 09:15:48 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87534
x-xss-protection: 0
last-modified: Thu, 21 Jul 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 21 Jul 2022 09:15:48 GMT

GET
H2

200

form.js Show response
static.wufoo.com/scripts/embed/
Redirect Chain

https://www.wufoo.co.uk/scripts/embed/form.js
https://www.wufoo.com/scripts/embed/form.js
https://static.wufoo.com/scripts/embed/form.js

6 KB
6 KB

764ms
662ms

Script
text/javascript

52.222.236.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.wufoo.com/scripts/embed/form.js

Requested by

Host: digital.cloud.travelport.com
URL: https://digital.cloud.travelport.com/payment-3

Protocol

Server

52.222.236.53 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-53.fra56.r.cloudfront.net

Software

nginx/1.20.1 /

Resource Hash

1ecc8cf255bf668cc74ac2ebad5c9f705ad1e980175ed79d16cad579a1b56149

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://digital.cloud.travelport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 09:15:49 GMT
via: 1.1 ce765e91525a836efb6bc0a409334a5e.cloudfront.net (CloudFront)
server: nginx/1.20.1
x-amz-cf-pop: FRA56-P4
etag: 05ce12d9a4e926fc98ef1696aa31ce3e
x-frame-options: SAMEORIGIN
access-control-allow-methods: PUT, GET, POST, DELETE, OPTIONS
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=600; must-revalidate
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, x-requested-with, content-type, authorization
x-amz-cf-id: GFleIocLpCClIf8ldcMZKUnhpDoFwqcwvldquhyPBqqS9ZGlDK3dhw==

Redirect headers

date: Thu, 21 Jul 2022 09:15:48 GMT
via: 1.1 9336c14434e205e440418213079c6074.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA60-P1
x-cache: LambdaGeneratedResponse from cloudfront
location: https://static.wufoo.com/scripts/embed/form.js
content-length: 0
x-amz-cf-id: EW1CfMxaEM3HPwlayjWJxggFfuXmEnk56tM-tRhee8QwblGjD_XqXw==

GET
H/1.1 200
OK %7Bc9504e21-3a0f-4787-be52-798bdb0be432%7D_TP_Global_OTA-2018-sprint-1-landing-page-header_OTA_All_A__All_EN_Feb_18.jpg
img06.en25.com/EloquaImages/clients/Travelport/ 93 KB
93 KB 107ms
107ms Image
image/jpeg 96.16.149.96
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img06.en25.com/EloquaImages/clients/Travelport/%7Bc9504e21-3a0f-4787-be52-798bdb0be432%7D_TP_Global_OTA-2018-sprint-1-landing-page-header_OTA_All_A__All_EN_Feb_18.jpg

Requested by

Host: digital.cloud.travelport.com
URL: https://digital.cloud.travelport.com/payment-3

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

96.16.149.96 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-149-96.deploy.static.akamaitechnologies.com

Software

Resource Hash

d4a0a3fdca6f6711a9ecaf8e0ae15b44069a5fbb655865e5cabd471199413e13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://digital.cloud.travelport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Type: image/jpeg
Last-Modified: Tue, 06 Feb 2018 12:37:15 GMT
ETag: "455f338479fd31:0"
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Cache-Control: no-store
Date: Thu, 21 Jul 2022 09:15:48 GMT
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex
Content-Length: 94818
X-XSS-Protection: 1; mode=block
Expires: Thu, 21 Jul 2022 09:15:48 GMT

GET
H2 404 2105-sprite.svg
www.travelport.com/sites/default/files/assets/img/ 0
0 2304ms
2072ms Image
text/html 23.205.226.129
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.travelport.com/sites/default/files/assets/img/2105-sprite.svg
Requested by: Host: img06.en25.com
URL: https://img06.en25.com/Web/Travelport/%7B83f2261c-94a7-4a71-9c7a-0a53d7752af4%7D_2105-styles.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.226.129 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-226-129.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://img06.en25.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

GET
H2 404 StagSansWeb-Book.woff
www.travelport.com/sites/default/files/assets/webfonts/ 0
0 1983ms
1754ms Font
text/html 23.205.226.129
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.travelport.com/sites/default/files/assets/webfonts/StagSansWeb-Book.woff

Requested by

Host: img06.en25.com
URL: https://img06.en25.com/Web/Travelport/%7B83f2261c-94a7-4a71-9c7a-0a53d7752af4%7D_2105-styles.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.205.226.129 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-205-226-129.deploy.static.akamaitechnologies.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://img06.en25.com/
Origin: https://digital.cloud.travelport.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: on
x-litespeed-cache-control: public,max-age=3600
server-timing: cdn-cache; desc=MISS, edge; dur=36, origin; dur=1691
content-length: 19907
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-lsadc-cache: miss
server: LiteSpeed
x-frame-options: SAMEORIGIN
date: Thu, 21 Jul 2022 09:15:50 GMT
expect-ct: max-age=7776000, enforce
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
feature-policy: accelerometer 'none'; ambient-light-sensor 'self'; autoplay 'self'; camera 'none'; cookie 'self'; docwrite 'self'; domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'self'; picture-in-picture 'self'; speaker 'self'; sync-script 'self'; sync-xhr 'self'; unsized-media 'self'; usb 'none'; vertical-scroll 'self'; vibrate 'none'; vr 'none'
permissions-policy: accelerometer=Origin(), autoplay=(), camera=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), publickey-credentials-get=(), usb=()
x-litespeed-tag: c1VxcrL7upjRWoptN6WN__HTTP.404,c1VxcrL7upjRWoptN6WN__404,c1VxcrL7upjRWoptN6WN__URL.95df95d8d126f9bf88c07b74020d9d16,c1VxcrL7upjRWoptN6WN__
link: <https://www.travelport.com/wp-json/>; rel="https://api.w.org/"
expires: Thu, 21 Jul 2022 09:15:50 GMT

GET
H2 404 StagSansWeb-Semibold.woff
www.travelport.com/sites/default/files/assets/webfonts/ 0
0 2117ms
1888ms Font
text/html 23.205.226.129
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.travelport.com/sites/default/files/assets/webfonts/StagSansWeb-Semibold.woff

Requested by

Host: img06.en25.com
URL: https://img06.en25.com/Web/Travelport/%7B83f2261c-94a7-4a71-9c7a-0a53d7752af4%7D_2105-styles.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.205.226.129 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-205-226-129.deploy.static.akamaitechnologies.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://img06.en25.com/
Origin: https://digital.cloud.travelport.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: on
x-litespeed-cache-control: public,max-age=3600
server-timing: cdn-cache; desc=MISS, edge; dur=120, origin; dur=1736
content-length: 19907
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-lsadc-cache: miss
server: LiteSpeed
x-frame-options: SAMEORIGIN
date: Thu, 21 Jul 2022 09:15:50 GMT
expect-ct: max-age=7776000, enforce
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
feature-policy: accelerometer 'none'; ambient-light-sensor 'self'; autoplay 'self'; camera 'none'; cookie 'self'; docwrite 'self'; domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'self'; picture-in-picture 'self'; speaker 'self'; sync-script 'self'; sync-xhr 'self'; unsized-media 'self'; usb 'none'; vertical-scroll 'self'; vibrate 'none'; vr 'none'
permissions-policy: accelerometer=Origin(), autoplay=(), camera=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), publickey-credentials-get=(), usb=()
x-litespeed-tag: c1VxcrL7upjRWoptN6WN__HTTP.404,c1VxcrL7upjRWoptN6WN__404,c1VxcrL7upjRWoptN6WN__URL.eca7c3e004ce82430efd36a6fd2c39c7,c1VxcrL7upjRWoptN6WN__
link: <https://www.travelport.com/wp-json/>; rel="https://api.w.org/"
expires: Thu, 21 Jul 2022 09:15:50 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 71ms
22ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KVPSHT7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://digital.cloud.travelport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 828
date: Thu, 21 Jul 2022 09:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 21 Jul 2022 11:02:00 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 40 KB
15 KB 86ms
34ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KVPSHT7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

b3b810fd46e7aad5b789896519011ab5366b39dbb19a5663c53525f756e89bfb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://digital.cloud.travelport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 09:15:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15160
x-xss-protection: 0
server: cafe
etag: 9823212955285023900
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 21 Jul 2022 09:15:48 GMT

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 8 KB
3 KB 77ms
21ms Script
application/x-javascript 2a02:26f0:3500:16::215:14a0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KVPSHT7
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 14f2ec002b176e0dee403cb7dd4ef2274a1353080e1e3e4084678770f4c15b9c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://digital.cloud.travelport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Thu, 21 Jul 2022 09:15:48 GMT
Content-Encoding: gzip
Last-Modified: Wed, 13 Apr 2022 23:25:22 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=17205
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3085

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 77ms
20ms Script
application/javascript 199.232.136.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KVPSHT7
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.136.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: ae57d5e97bf1a0db8777b7531cd32cb09ee6f07bed183bb880469cc20f355086

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://digital.cloud.travelport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 09:15:48 GMT
content-encoding: gzip
last-modified: Tue, 19 Jul 2022 17:28:46 GMT
etag: "ca88912498e17137955859948f14e272+gzip+gzip"
vary: Accept-Encoding,Host
x-tw-cdn: FT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache
x-cache: HIT, HIT
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 15196
x-served-by: cache-iad-kcgs7200037-IAD, cache-hhn11541-HHN

GET
H2 200 hotjar-1812262.js Show response
static.hotjar.com/c/ 5 KB
3 KB 80ms
23ms Script
application/javascript 108.138.7.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1812262.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KVPSHT7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.7.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-118.fra56.r.cloudfront.net

Software

Resource Hash

e6a57ad5c7cf6353d83f3a92afb26e313af2a76e135d641fc3023a91f08a435b

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://digital.cloud.travelport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 09:14:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains
access-control-allow-origin: *
x-cache-hit: 1
etag: W/8c865bec6b117e5992700149dccc8611
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
via: 1.1 bfb5bffe90e3b0e760933a7a07d850ba.cloudfront.net (CloudFront)
cache-control: max-age=60
x-amz-cf-pop: FRA56-P6
x-amz-cf-id: _PrNiKuuxDqqKgY7vC6K8weG38fz_n1csQKwxgoP5scsaDiSuZqyhg==

GET
H2 404 fs.js
www.fullstory.com/s/ 0
0 84ms
20ms Script
text/html 2a05:d014:275:cb01:457d:6b8c:73fc:8f8f
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fullstory.com/s/fs.js
Requested by: Host: digital.cloud.travelport.com
URL: https://digital.cloud.travelport.com/payment-3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a05:d014:275:cb01:457d:6b8c:73fc:8f8f Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://digital.cloud.travelport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 79ms
26ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: digital.cloud.travelport.com
URL: https://digital.cloud.travelport.com/payment-3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6e164ad4aa1f1905c44c2e4e57088f313738d18320a99a7e6a984b862523d96d

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://digital.cloud.travelport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26001
x-xss-protection: 0
pragma: public
x-fb-debug: YNLUEjDBfnk7C3iKFlS6tN660sEiQAT8jpa5AGiTTi6j4j+RqRVber1tOwEKaEynYzHQnp6GIJpWBlcFlyilRg==
x-fb-trip-id: 917726464
x-frame-options: DENY
date: Thu, 21 Jul 2022 09:15:48 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 iframe_api Show response
www.youtube.com/ 980 B
2 KB 98ms
38ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: digital.cloud.travelport.com
URL: https://digital.cloud.travelport.com/payment-3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e83914341e364e4af5d0063977369f55164317cbc0846613cbb01ead8dc244f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://digital.cloud.travelport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 09:15:48 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=nl for more info."
critical-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: ESF
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type: text/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Thu, 21 Jul 2022 09:15:48 GMT

GET
H2 200 d89ddeb6.min.js Show response
tag.demandbase.com/ 67 KB
19 KB 553ms
447ms Script
application/javascript 108.138.17.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.demandbase.com/d89ddeb6.min.js

Requested by

Host: digital.cloud.travelport.com
URL: https://digital.cloud.travelport.com/payment-3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.17.87 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-17-87.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

c6c8e4f73932e6c9c5dfe197f1d1f1ebdda6c5824e0ad8c8db360b998e68d6dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://digital.cloud.travelport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 09:15:49 GMT
content-encoding: gzip
last-modified: Thu, 09 Jun 2022 15:55:23 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
etag: W/"a6909ac576149a6a283d4d396593e685"
vary: Accept-Encoding
x-cache: Miss from cloudfront
x-amz-version-id: sFEB0.e0nnFc8VURPNQqd6toSza28D98
via: 1.1 f1a22cc8d842b0950e4bd5bda60806f2.cloudfront.net (CloudFront)
cache-control: public, max-age=3600
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=(), interest-cohort=()
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-amz-cf-id: YtTTnXJ1C-Sq30xfFPgpjMv-a7OJLPvl_TJYSaGThAf1bXkXBCZPzw==

GET
H/1.1 200
OK 151355.js Show response
secure.leadforensics.com/js/ 16 B
448 B 131ms
25ms Script
text/javascript 51.140.49.131
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.leadforensics.com/js/151355.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KVPSHT7
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.140.49.131 , United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Kestrel /
Resource Hash: 4d1f77bd069888192a8d1b4f8a74afe578ac6de7e5a5e7ff1c3b114be5d66533

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://digital.cloud.travelport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 21 Jul 2022 09:15:48 GMT
Content-Encoding: gzip
Server: Kestrel
Vary: Accept-Encoding
Content-Type: text/javascript
Expires: 0
Cache-Control: no-store, must-revalidate
Content-Length: 136
Request-Context: appId=cid-v1:abe8a76f-f1a2-4b2e-9017-0ea36ffb5c20

GET
H/1.1 200
OK elqCfg.min.js Show response
img06.en25.com/i/ 6 KB
6 KB 32ms
32ms Script
application/x-javascript 96.16.149.96
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://img06.en25.com/i/elqCfg.min.js

Requested by

Host: digital.cloud.travelport.com
URL: https://digital.cloud.travelport.com/payment-3

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

96.16.149.96 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-149-96.deploy.static.akamaitechnologies.com

Software

Resource Hash

3346de8e2ae1bfde250c7ac5c06f79a0a60c7faef8e5e08a2c9e8fbf5ec2c9e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://digital.cloud.travelport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Type: application/x-javascript
Last-Modified: Wed, 22 Jun 2022 13:18:58 GMT
ETag: "7795cda13a86d81:0"
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Cache-Control: no-store
Date: Thu, 21 Jul 2022 09:15:48 GMT
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 6080
X-XSS-Protection: 1; mode=block
Expires: Thu, 21 Jul 2022 09:15:48 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
216 B 28ms
27ms XHR
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=355697289&t=pageview&_s=1&dl=https%3A%2F%2Fdigital.cloud.travelport.com%2Fpayment-3&ul=en-us&de=UTF-8&dt=Travelport%20%7C%20OTA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABAAAAAC~&jid=161195980&gjid=1572883330&cid=743993692.1658394948&tid=UA-65776044-3&_gid=2109335511.1658394948&_r=1&gtm=2wg7i0KVPSHT7&z=1816267489

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://digital.cloud.travelport.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 09:15:48 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://digital.cloud.travelport.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
67 B 27ms
27ms XHR
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=355697289&t=pageview&_s=1&dl=https%3A%2F%2Fdigital.cloud.travelport.com%2Fpayment-3&ul=en-us&de=UTF-8&dt=Travelport%20%7C%20OTA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAEABAAAAAC~&jid=1039173072&gjid=1511729726&cid=743993692.1658394948&tid=UA-65776044-1&_gid=2109335511.1658394948&_r=1&gtm=2wg7i0KVPSHT7&z=679809498

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://digital.cloud.travelport.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 09:15:48 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://digital.cloud.travelport.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1717428&time=1658394948511&url=https%3A%2F%2Fdigital.cloud.travelport.com%2Fpayment-3
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1717428%26time%3D1658394948511%26url%3Dhttps%253A%252F%252Fdigital.cloud.travelpo...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1717428&time=1658394948511&url=https%3A%2F%2Fdigital.cloud.travelport.com%2Fpayment-3&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1717428&time=1658394948511&url=https%3A%2F%2Fdigital.cloud.travelport.com%2Fpayment-3&liSync=true&e_ipv6=AQIb9XIqsy3XLAAAAYIgCrVUmwUZYyzE6f4ddvQe...

0
267 B

205ms
164ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1717428&time=1658394948511&url=https%3A%2F%2Fdigital.cloud.travelport.com%2Fpayment-3&liSync=true&e_ipv6=AQIb9XIqsy3XLAAAAYIgCrVUmwUZYyzE6f4ddvQefNn7NEOn2wSya0ObNUDqqF4a-SbaN1jy_wDP3iNpRHY
Requested by: Host: digital.cloud.travelport.com
URL: https://digital.cloud.travelport.com/payment-3
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://digital.cloud.travelport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 09:15:48 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: E478CD9435174EB3B765B1A5B765FEFB Ref B: AMBEDGE0819 Ref C: 2022-07-21T09:15:49Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXkTSnXJHRRgly4KHNqMg==
x-li-fabric: prod-ltx1

Redirect headers

date: Thu, 21 Jul 2022 09:15:48 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 29375B583C0D4CBF83633E7084B143D0 Ref B: AMBEDGE0808 Ref C: 2022-07-21T09:15:48Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1717428&time=1658394948511&url=https%3A%2F%2Fdigital.cloud.travelport.com%2Fpayment-3&liSync=true&e_ipv6=AQIb9XIqsy3XLAAAAYIgCrVUmwUZYyzE6f4ddvQefNn7NEOn2wSya0ObNUDqqF4a-SbaN1jy_wDP3iNpRHY
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXkTSnUDzkX2jvx+1iQww==

GET
H2 200 modules.223545ebe764d5c7aceb.js Show response
script.hotjar.com/ 246 KB
64 KB 74ms
23ms Script
application/javascript 52.222.236.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.223545ebe764d5c7aceb.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1812262.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-122.fra56.r.cloudfront.net

Software

Resource Hash

162cc8cf35933243ad6d64942fbe1278f253f27e92f22f3f7bc5a0f81bb7059f

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://digital.cloud.travelport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 12:19:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 161802
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains
content-length: 64656
access-control-allow-origin: *
last-modified: Tue, 19 Jul 2022 12:18:52 GMT
etag: "691af20fa44683dc4b6249ce8ad8fb7f"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 2ffde5fadc46cbcc3a678e8713ed76b0.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: Xe_IhjPTCrVkGYFnPGoihQWBihKW_p_PWnfJyf7L0nBKp808qkkL5g==

GET
H2 200 adsct
t.co/i/ 43 B
338 B 173ms
126ms Image
image/gif 104.244.42.197
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=8b400139-0778-43e8-90b3-f65782263017&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&p_id=Twitter&p_user_id=0&pl_id=fbc52189-1bdf-4484-b76a-47cd65c2c3a3&tw_document_href=https%3A%2F%2Fdigital.cloud.travelport.com%2Fpayment-3&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nzbi2&type=javascript&version=2.4.15

Requested by

Host: digital.cloud.travelport.com
URL: https://digital.cloud.travelport.com/payment-3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.197 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://digital.cloud.travelport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-response-time: 105
date: Thu, 21 Jul 2022 09:15:48 GMT
server: tsa_o
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
x-connection-hash: 6637d29d2396031f87b0f25c85e5660759a719b23454da77acea85ca9aa338ea
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
355 B 185ms
129ms Image
image/gif 104.244.42.195
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=8b400139-0778-43e8-90b3-f65782263017&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&p_id=Twitter&p_user_id=0&pl_id=fbc52189-1bdf-4484-b76a-47cd65c2c3a3&tw_document_href=https%3A%2F%2Fdigital.cloud.travelport.com%2Fpayment-3&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nzbi2&type=javascript&version=2.4.15

Requested by

Host: digital.cloud.travelport.com
URL: https://digital.cloud.travelport.com/payment-3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.195 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://digital.cloud.travelport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-response-time: 109
date: Thu, 21 Jul 2022 09:15:47 GMT
server: tsa_o
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
x-connection-hash: 899f285778d49048c1dc3a393aac2f299da9880a0a1089fda0069edef7518eda
content-length: 43

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/877648399/ 2 KB
1 KB 87ms
36ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/877648399/?random=1658394948523&cv=9&fst=1658394948523&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg7i0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fdigital.cloud.travelport.com%2Fpayment-3&tiba=Travelport%20%7C%20OTA&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38c24ddcfa2b27e0eb0cc233258cafe21f465d0d82df48938f0080b8a8cb3c68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://digital.cloud.travelport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 09:15:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1020
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/855947173/ 2 KB
2 KB 85ms
34ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/855947173/?random=1658394948526&cv=9&fst=1658394948526&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg7i0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fdigital.cloud.travelport.com%2Fpayment-3&tiba=Travelport%20%7C%20OTA&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1ce532bedc4d3875d3734a96f4685808f11c23547dfea80a45a4dbcccec59f28

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://digital.cloud.travelport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 09:15:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1023
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 533308390190095 Show response
connect.facebook.net/signals/config/ 292 KB
84 KB 163ms
162ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/533308390190095?v=2.9.65&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d6feeb1800573d86ec0373e4df2119b10bae1b96f211c159fba0abf1c674a517

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://digital.cloud.travelport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coop_report","include_subdomains":true}
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: gqxEyrGvCpAvAP2cLBpa7ScHQPwv92YqlgVVv3b8SVlRHsY2rvtSIUsN/hfqgoRmAoR/34WxnseIo9QhVTxZCw==
x-fb-trip-id: 917726464
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 21 Jul 2022 09:15:48 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1658394948682
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
448 B 67ms
22ms XHR
text/plain 2a00:1450:400c:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-65776044-3&cid=743993692.1658394948&jid=161195980&gjid=1572883330&_gid=2109335511.1658394948&_u=YEBAAAAAAAAAAC~&z=761798386

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://digital.cloud.travelport.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 21 Jul 2022 09:15:48 GMT
content-type: text/plain
access-control-allow-origin: https://digital.cloud.travelport.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
72 B 67ms
23ms XHR
text/plain 2a00:1450:400c:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-65776044-1&cid=743993692.1658394948&jid=1039173072&gjid=1511729726&_gid=2109335511.1658394948&_u=YEDAAEABAAAAAC~&z=1071359664

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

122fac0ffbb44fb8bba0388baa11afc67faec3b223a06871a40dbcab4c6cc787

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://digital.cloud.travelport.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 21 Jul 2022 09:15:48 GMT
content-type: text/plain
access-control-allow-origin: https://digital.cloud.travelport.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/011af516/www-widgetapi.vflset/ 159 KB
52 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/011af516/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

913a414d89a4e99a4804e3eb208479ba090542422d952eecd4f692d2803e9183

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://digital.cloud.travelport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 06:17:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10701
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52518
x-xss-protection: 0
last-modified: Wed, 20 Jul 2022 00:25:47 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 21 Jul 2023 06:17:27 GMT

GET
H/1.1 200
OK svrGP
s1669161669.t.eloqua.com/visitor/v200/ 49 B
448 B 43ms
42ms Image
image/gif 192.29.203.179
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1669161669.t.eloqua.com/visitor/v200/svrGP?pps=3&siteid=1669161669&ref2=elqNone&tzo=0&ms=536&optin=disabled

Requested by

Host: digital.cloud.travelport.com
URL: https://digital.cloud.travelport.com/payment-3

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

192.29.203.179 Amsterdam, Netherlands, ASN31898 (ORACLE-BMC-31898, US),

Reverse DNS

Software

Resource Hash

f1ccea6b7204d9f7913ab45e1afa51d79f83bd4f0319de937b0132e6e02b1aab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://digital.cloud.travelport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Type: image/gif
Date: Thu, 21 Jul 2022 09:15:48 GMT
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Cache-Control: no-store
X-Robots-Tag: noindex, nofollow
Content-Length: 49
X-Xss-Protection: 1; mode=block
Expires: -1

GET
H2 200 box-0004cb77850b00d4aa7e1e08ff61e8f0.html Show response
vars.hotjar.com/ Frame 0776 2 KB
1 KB 68ms
19ms Document
text/html 18.66.139.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://vars.hotjar.com/box-0004cb77850b00d4aa7e1e08ff61e8f0.html

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1812262.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.139.40 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-139-40.fra60.r.cloudfront.net

Software

Resource Hash

cbbfda74ce57788b9a3877e57fb6ccd91c2e8db043acc08b0091a4ee7509f489

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://digital.cloud.travelport.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 500621
cache-control: max-age=31536000
content-encoding: br
content-length: 1044
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 15 Jul 2022 14:12:07 GMT
etag: "d2caf2e569940c65a88268a169f3facf"
last-modified: Fri, 15 Jul 2022 14:11:55 GMT
strict-transport-security: max-age=86400; includeSubDomains
vary: Accept-Encoding
via: 1.1 5b21c56dde1a436b4b6766d2406627d2.cloudfront.net (CloudFront)
x-amz-cf-id: XJi4x6JsfFuAi5pG5iFwCvXCebbxrk9OBSXI6s3g2sxTXBIsoYQEdg==
x-amz-cf-pop: FRA60-P4
x-cache: Hit from cloudfront
x-robots-tag: none

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 105ms
45ms Image
image/gif 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-65776044-1&cid=743993692.1658394948&jid=1039173072&_u=YEDAAEABAAAAAC~&z=1739905028

Requested by

Host: digital.cloud.travelport.com
URL: https://digital.cloud.travelport.com/payment-3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://digital.cloud.travelport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 09:15:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.nl/ads/ 42 B
107 B 115ms
45ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-65776044-1&cid=743993692.1658394948&jid=1039173072&_u=YEDAAEABAAAAAC~&z=1739905028

Requested by

Host: digital.cloud.travelport.com
URL: https://digital.cloud.travelport.com/payment-3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://digital.cloud.travelport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 09:15:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/855947173/ 42 B
108 B 42ms
35ms Image
image/gif 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/855947173/?random=1658394948526&cv=9&fst=1658394000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg7i0&sendb=1&frm=0&url=https%3A%2F%2Fdigital.cloud.travelport.com%2Fpayment-3&tiba=Travelport%20%7C%20OTA&async=1&fmt=3&is_vtc=1&random=3670531080&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: digital.cloud.travelport.com
URL: https://digital.cloud.travelport.com/payment-3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://digital.cloud.travelport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 09:15:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.nl/pagead/1p-user-list/855947173/ 42 B
548 B 57ms
33ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/pagead/1p-user-list/855947173/?random=1658394948526&cv=9&fst=1658394000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg7i0&sendb=1&frm=0&url=https%3A%2F%2Fdigital.cloud.travelport.com%2Fpayment-3&tiba=Travelport%20%7C%20OTA&async=1&fmt=3&is_vtc=1&random=3670531080&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: digital.cloud.travelport.com
URL: https://digital.cloud.travelport.com/payment-3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://digital.cloud.travelport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 09:15:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/877648399/ 42 B
548 B 39ms
33ms Image
image/gif 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/877648399/?random=1658394948523&cv=9&fst=1658394000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg7i0&sendb=1&frm=0&url=https%3A%2F%2Fdigital.cloud.travelport.com%2Fpayment-3&tiba=Travelport%20%7C%20OTA&async=1&fmt=3&is_vtc=1&random=1761348626&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: digital.cloud.travelport.com
URL: https://digital.cloud.travelport.com/payment-3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://digital.cloud.travelport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 09:15:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.nl/pagead/1p-user-list/877648399/ 42 B
108 B 33ms
33ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/pagead/1p-user-list/877648399/?random=1658394948523&cv=9&fst=1658394000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg7i0&sendb=1&frm=0&url=https%3A%2F%2Fdigital.cloud.travelport.com%2Fpayment-3&tiba=Travelport%20%7C%20OTA&async=1&fmt=3&is_vtc=1&random=1761348626&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: digital.cloud.travelport.com
URL: https://digital.cloud.travelport.com/payment-3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://digital.cloud.travelport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 09:15:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 visit-data Show response
in.hotjar.com/api/v2/client/sites/1812262/ 148 B
323 B 106ms
36ms XHR
application/json 18.202.39.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.hotjar.com/api/v2/client/sites/1812262/visit-data?sv=7
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.223545ebe764d5c7aceb.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.202.39.101 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-202-39-101.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: c9d4bf2b35d1dd9ac94b5f8b06e69b5b8acdc0e41d372770ecfd37eca82d61ca

Request headers

Referer: https://digital.cloud.travelport.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Thu, 21 Jul 2022 09:15:48 GMT
content-encoding: br
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store
access-control-allow-credentials: true

GET
H3 200 2603454823223180 Show response
connect.facebook.net/signals/config/ 292 KB
84 KB 79ms
79ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2603454823223180?v=2.9.65&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3c3fae03037c8fb3a0601a046714b46f6bf552683ae391afd16ae8f34c59163c

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://digital.cloud.travelport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coop_report","include_subdomains":true}
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: XXW7whHmTWS6nVE3WUlFwnXuXPmgBVOF0P1rfvk7aRY61B9ig3zL83r7L96w2iBmq0GpGtOZtg1Mw8fc+I84tA==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 21 Jul 2022 09:15:48 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1658394948809
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
410 B 80ms
27ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=533308390190095&ev=PageView&dl=https%3A%2F%2Fdigital.cloud.travelport.com%2Fpayment-3&rl=&if=false&ts=1658394948746&sw=1600&sh=1200&v=2.9.65&r=stable&ec=0&o=30&fbp=fb.1.1658394948745.891911699&it=1658394948533&coo=false&exp=u0&rqm=GET

Requested by

Host: digital.cloud.travelport.com
URL: https://digital.cloud.travelport.com/payment-3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://digital.cloud.travelport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 09:15:48 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Thu, 21 Jul 2022 09:15:48 GMT

GET
H3 200 1475845895912030 Show response
connect.facebook.net/signals/config/ 292 KB
84 KB 182ms
181ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1475845895912030?v=2.9.65&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d1751eb0253140092234f949660d2d519a1494745b03bafe5ce8aecc5dcd2484

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://digital.cloud.travelport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coop_report","include_subdomains":true}
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: iygaLqw/31TmUBtJBq0BVpBdqEZfvHN4hwJCgtQ110cSAQR7JIsbbRkHVKIa02i0b25UvOU6RkAVD4ZbthazHA==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 21 Jul 2022 09:15:49 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1658394949070
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 56ms
27ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2603454823223180&ev=PageView&dl=https%3A%2F%2Fdigital.cloud.travelport.com%2Fpayment-3&rl=&if=false&ts=1658394948903&sw=1600&sh=1200&v=2.9.65&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1658394948745.891911699&it=1658394948533&coo=false&exp=u0&rqm=GET

Requested by

Host: digital.cloud.travelport.com
URL: https://digital.cloud.travelport.com/payment-3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://digital.cloud.travelport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 09:15:48 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Thu, 21 Jul 2022 09:15:48 GMT

GET
H3 200 1013071352168321 Show response
connect.facebook.net/signals/config/ 292 KB
84 KB 152ms
151ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1013071352168321?v=2.9.65&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1a52153a3cc99805990cf6307483d4893363f793b2e2e7fbd58eabe3feb1ccd9

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://digital.cloud.travelport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coop_report","include_subdomains":true}
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: +KoRIXFMkamqykVofqjfRroSqMfeyN7ZJNACxA+m0WLrmoSZT+pls8oyH3TO3blLB5xpMEpyg7+GFif4eS6oIw==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 21 Jul 2022 09:15:49 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1658394949271
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 34ms
33ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1475845895912030&ev=PageView&dl=https%3A%2F%2Fdigital.cloud.travelport.com%2Fpayment-3&rl=&if=false&ts=1658394949133&sw=1600&sh=1200&v=2.9.65&r=stable&ec=0&o=30&fbp=fb.1.1658394948745.891911699&it=1658394948533&coo=false&exp=u0&rqm=GET

Requested by

Host: digital.cloud.travelport.com
URL: https://digital.cloud.travelport.com/payment-3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://digital.cloud.travelport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 09:15:49 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Thu, 21 Jul 2022 09:15:49 GMT

GET
H2 401 ip.json Show response
api.company-target.com/api/v2/ 12 B
520 B 105ms
51ms XHR
text/plain 18.66.97.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.company-target.com/api/v2/ip.json?referrer=&page=https%3A%2F%2Fdigital.cloud.travelport.com%2Fpayment-3&page_title=Travelport%20%7C%20OTA&src=tag&auth=l0I1UfRmc5aDs558yRtqwcViTJd5WCfMTPSf0mKw

Requested by

Host: tag.demandbase.com
URL: https://tag.demandbase.com/d89ddeb6.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.57 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-57.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

d089c8a9fc28e4e50223eb38c9409e362521be9380a37341304fbac7a4cd9e5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://digital.cloud.travelport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 09:15:49 GMT
via: 1.1 0baa339c02d06988c65d8623d1b3c6ec.cloudfront.net (CloudFront)
www-authenticate: DemandBase API v2
x-amz-cf-pop: FRA56-P2
x-cache: Error from cloudfront
access-control-max-age: 7200
request-id: f0dfb9ac-fa05-4ea0-8638-6b8508111e64
content-length: 12
server: nginx
vary: Origin
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain;charset=utf-8
access-control-allow-origin: https://digital.cloud.travelport.com
access-control-expose-headers
access-control-allow-credentials: true
x-amz-cf-id: JIE3uVPbD_QkQT48XhT6E76POolipixJFdNo9_yghhpsBXYYIxIP6g==
x-content-type-options: nosniff

GET
H2

200

/ Show response
tiol.wufoo.co.uk/forms/ Frame 66C4
Redirect Chain

https://tiol.wufoo.co.uk/embed/wsyuzfx1und8jr/def/embedKey=wsyuzfx1und8jr775071&entsource=&referrer=
https://tiol.wufoo.co.uk/forms/?formname=wsyuzfx1und8jr&embed=1&embedKey=wsyuzfx1und8jr775071&entsource=&referrer=

51 KB
52 KB

921ms
920ms

Document
text/html

52.222.236.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tiol.wufoo.co.uk/forms/?formname=wsyuzfx1und8jr&embed=1&embedKey=wsyuzfx1und8jr775071&entsource=&referrer=

Requested by

Host: www.wufoo.co.uk
URL: https://www.wufoo.co.uk/scripts/embed/form.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.53 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-53.fra56.r.cloudfront.net

Software

nginx/1.20.1 /

Resource Hash

57abdf431bb02d10f3a479cc46251e456721cd56a3114736b1dc0219606935a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://digital.cloud.travelport.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

access-control-allow-headers: origin, x-requested-with, content-type, authorization
access-control-allow-methods: PUT, GET, POST, DELETE, OPTIONS
access-control-allow-origin: *
content-type: text/html;charset=UTF-8
date: Thu, 21 Jul 2022 09:15:50 GMT
server: nginx/1.20.1
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 ce765e91525a836efb6bc0a409334a5e.cloudfront.net (CloudFront)
x-amz-cf-id: qgM5wwDGU68uQbpZy8FnKRhSMZPF4nuTAWehM94j2F-QKIDK_4wSFA==
x-amz-cf-pop: FRA56-P4
x-cache: Miss from cloudfront

Redirect headers

access-control-allow-headers: origin, x-requested-with, content-type, authorization
access-control-allow-methods: PUT, GET, POST, DELETE, OPTIONS
access-control-allow-origin: *
content-length: 169
content-type: text/html
date: Thu, 21 Jul 2022 09:15:49 GMT
location: https://tiol.wufoo.co.uk/forms/?formname=wsyuzfx1und8jr&embed=1&embedKey=wsyuzfx1und8jr775071&entsource=&referrer=
server: nginx/1.20.1
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 ce765e91525a836efb6bc0a409334a5e.cloudfront.net (CloudFront)
x-amz-cf-id: KCZ9obj98VaJUle15qPiPFWYI3o_5kPbELMoGCq32huX4kXrAewLAA==
x-amz-cf-pop: FRA56-P4
x-cache: Miss from cloudfront

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 27ms
26ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1013071352168321&ev=PageView&dl=https%3A%2F%2Fdigital.cloud.travelport.com%2Fpayment-3&rl=&if=false&ts=1658394949301&sw=1600&sh=1200&v=2.9.65&r=stable&ec=0&o=30&fbp=fb.1.1658394948745.891911699&it=1658394948533&coo=false&exp=u0&rqm=GET

Requested by

Host: digital.cloud.travelport.com
URL: https://digital.cloud.travelport.com/payment-3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://digital.cloud.travelport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 09:15:49 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Thu, 21 Jul 2022 09:15:49 GMT

GET
H2 404 StagSansWeb-Book.ttf
www.travelport.com/sites/default/files/assets/webfonts/ 0
0 3480ms
3480ms Font
text/html 23.205.226.129
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.travelport.com/sites/default/files/assets/webfonts/StagSansWeb-Book.ttf

Requested by

Host: img06.en25.com
URL: https://img06.en25.com/Web/Travelport/%7B83f2261c-94a7-4a71-9c7a-0a53d7752af4%7D_2105-styles.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.205.226.129 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-205-226-129.deploy.static.akamaitechnologies.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://img06.en25.com/
Origin: https://digital.cloud.travelport.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: on
x-litespeed-cache-control: public,max-age=3600
server-timing: cdn-cache; desc=MISS, edge; dur=152, origin; dur=1938
content-length: 12624
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-lsadc-cache: miss
server: LiteSpeed
x-frame-options: SAMEORIGIN
date: Thu, 21 Jul 2022 09:15:52 GMT
expect-ct: max-age=7776000, enforce
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
feature-policy: accelerometer 'none'; ambient-light-sensor 'self'; autoplay 'self'; camera 'none'; cookie 'self'; docwrite 'self'; domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'self'; picture-in-picture 'self'; speaker 'self'; sync-script 'self'; sync-xhr 'self'; unsized-media 'self'; usb 'none'; vertical-scroll 'self'; vibrate 'none'; vr 'none'
permissions-policy: accelerometer=Origin(), autoplay=(), camera=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), publickey-credentials-get=(), usb=()
x-litespeed-tag: c1VxcrL7upjRWoptN6WN__HTTP.404,c1VxcrL7upjRWoptN6WN__404,c1VxcrL7upjRWoptN6WN__URL.6d16badcbfb8cac30a100ae59efa4ccb,c1VxcrL7upjRWoptN6WN__,c1VxcrL7upjRWoptN6WN__MIN.5db4bd3695f16e89d8f8516374dcdc02.css
link: <https://www.travelport.com/wp-json/>; rel="https://api.w.org/"
expires: Thu, 21 Jul 2022 09:15:52 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 26ms
26ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=533308390190095&ev=Microdata&dl=https%3A%2F%2Fdigital.cloud.travelport.com%2Fpayment-3&rl=&if=false&ts=1658394950249&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Travelport%20%7C%20OTA%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.65&r=stable&ec=1&o=30&fbp=fb.1.1658394948745.891911699&it=1658394948533&coo=false&es=automatic&tm=3&exp=u0&rqm=GET

Requested by

Host: digital.cloud.travelport.com
URL: https://digital.cloud.travelport.com/payment-3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://digital.cloud.travelport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 09:15:50 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Thu, 21 Jul 2022 09:15:50 GMT

GET
H2 404 StagSansWeb-Semibold.ttf
www.travelport.com/sites/default/files/assets/webfonts/ 0
0 3344ms
3344ms Font
text/html 23.205.226.129
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.travelport.com/sites/default/files/assets/webfonts/StagSansWeb-Semibold.ttf

Requested by

Host: img06.en25.com
URL: https://img06.en25.com/Web/Travelport/%7B83f2261c-94a7-4a71-9c7a-0a53d7752af4%7D_2105-styles.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.205.226.129 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-205-226-129.deploy.static.akamaitechnologies.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://img06.en25.com/
Origin: https://digital.cloud.travelport.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: on
x-litespeed-cache-control: public,max-age=3600
server-timing: cdn-cache; desc=MISS, edge; dur=84, origin; dur=1728
content-length: 19907
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-lsadc-cache: miss
server: LiteSpeed
x-frame-options: SAMEORIGIN
date: Thu, 21 Jul 2022 09:15:52 GMT
expect-ct: max-age=7776000, enforce
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
feature-policy: accelerometer 'none'; ambient-light-sensor 'self'; autoplay 'self'; camera 'none'; cookie 'self'; docwrite 'self'; domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'self'; picture-in-picture 'self'; speaker 'self'; sync-script 'self'; sync-xhr 'self'; unsized-media 'self'; usb 'none'; vertical-scroll 'self'; vibrate 'none'; vr 'none'
permissions-policy: accelerometer=Origin(), autoplay=(), camera=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), publickey-credentials-get=(), usb=()
x-litespeed-tag: c1VxcrL7upjRWoptN6WN__HTTP.404,c1VxcrL7upjRWoptN6WN__404,c1VxcrL7upjRWoptN6WN__URL.b724ce8fba00f7575f36ddfe0c608566,c1VxcrL7upjRWoptN6WN__
link: <https://www.travelport.com/wp-json/>; rel="https://api.w.org/"
expires: Thu, 21 Jul 2022 09:15:52 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 31ms
31ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2603454823223180&ev=Microdata&dl=https%3A%2F%2Fdigital.cloud.travelport.com%2Fpayment-3&rl=&if=false&ts=1658394950405&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Travelport%20%7C%20OTA%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.65&r=stable&a=tmgoogletagmanager&ec=1&o=30&fbp=fb.1.1658394948745.891911699&it=1658394948533&coo=false&es=automatic&tm=3&exp=u0&rqm=GET

Requested by

Host: digital.cloud.travelport.com
URL: https://digital.cloud.travelport.com/payment-3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://digital.cloud.travelport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 09:15:50 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Thu, 21 Jul 2022 09:15:50 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 26ms
26ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1475845895912030&ev=Microdata&dl=https%3A%2F%2Fdigital.cloud.travelport.com%2Fpayment-3&rl=&if=false&ts=1658394950634&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Travelport%20%7C%20OTA%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.65&r=stable&ec=1&o=30&fbp=fb.1.1658394948745.891911699&it=1658394948533&coo=false&es=automatic&tm=3&exp=u0&rqm=GET

Requested by

Host: digital.cloud.travelport.com
URL: https://digital.cloud.travelport.com/payment-3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://digital.cloud.travelport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 09:15:50 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Thu, 21 Jul 2022 09:15:50 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 26ms
26ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1013071352168321&ev=Microdata&dl=https%3A%2F%2Fdigital.cloud.travelport.com%2Fpayment-3&rl=&if=false&ts=1658394950803&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Travelport%20%7C%20OTA%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.65&r=stable&ec=1&o=30&fbp=fb.1.1658394948745.891911699&it=1658394948533&coo=false&es=automatic&tm=3&exp=u0&rqm=GET

Requested by

Host: digital.cloud.travelport.com
URL: https://digital.cloud.travelport.com/payment-3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://digital.cloud.travelport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 09:15:50 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Thu, 21 Jul 2022 09:15:50 GMT

GET
H2 200 splunk-otel-web.js Show response
cdn.signalfx.com/o11y-gdi-rum/latest/ Frame 66C4 142 KB
34 KB 2789ms
2735ms Script
application/javascript 108.138.7.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.signalfx.com/o11y-gdi-rum/latest/splunk-otel-web.js
Requested by: Host: tiol.wufoo.co.uk
URL: https://tiol.wufoo.co.uk/forms/?formname=wsyuzfx1und8jr&embed=1&embedKey=wsyuzfx1und8jr775071&entsource=&referrer=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-119.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9f74c8a9e2931a3af3b3f221f32d360a4ca1e660c09df6b275db214ced4a5dd8

Request headers

Referer: https://tiol.wufoo.co.uk/
Origin: https://tiol.wufoo.co.uk
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 09:15:52 GMT
content-encoding: br
x-amz-cf-pop: FRA56-P6
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Tue, 21 Jun 2022 12:07:02 GMT
server: AmazonS3
etag: W/"76e7d874c4da09d1b1ab0458924bd9a3"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 22ec86e3f4ec676e17ef8eea76eefba2.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-id: ErsAFi39pgXXggGOb3Z5IXFsXrgd4SdavH22gkXCLslwE7Jv-OSByQ==

GET
H2 200 index.0656.css
static.wufoo.com/stylesheets/public/forms/css/ Frame 66C4 35 KB
35 KB 2783ms
2783ms Stylesheet
text/css 52.222.236.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.wufoo.com/stylesheets/public/forms/css/index.0656.css

Requested by

Host: tiol.wufoo.co.uk
URL: https://tiol.wufoo.co.uk/forms/?formname=wsyuzfx1und8jr&embed=1&embedKey=wsyuzfx1und8jr775071&entsource=&referrer=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.53 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-53.fra56.r.cloudfront.net

Software

nginx/1.20.1 /

Resource Hash

02ba007a52f99c4781627d0140a02052ad8578e7c47124493511c06c7c1e53b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tiol.wufoo.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 09:15:50 GMT
via: 1.1 ce765e91525a836efb6bc0a409334a5e.cloudfront.net (CloudFront)
server: nginx/1.20.1
x-amz-cf-pop: FRA56-P4
etag: edf8920fcbf4f55815bf8b24788b9abc
x-frame-options: SAMEORIGIN
access-control-allow-methods: PUT, GET, POST, DELETE, OPTIONS
content-type: text/css;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=600; must-revalidate
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, x-requested-with, content-type, authorization
x-amz-cf-id: UL7z2J1i9_hNtnNuEF8T10mpt4mmjDV82Nbs3XwCxtWfYgqdiNImZg==

GET
H2 200 dynamic.0656.js Show response
static.wufoo.com/scripts/public/ Frame 66C4 171 KB
172 KB 2663ms
2663ms Script
text/javascript 52.222.236.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.wufoo.com/scripts/public/dynamic.0656.js?language=english

Requested by

Host: tiol.wufoo.co.uk
URL: https://tiol.wufoo.co.uk/forms/?formname=wsyuzfx1und8jr&embed=1&embedKey=wsyuzfx1und8jr775071&entsource=&referrer=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.53 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-53.fra56.r.cloudfront.net

Software

nginx/1.20.1 /

Resource Hash

f8feea41477cf6c615d64e34192ca16596d8d1d4a19016c292aec5c894af2bb8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tiol.wufoo.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 09:15:51 GMT
via: 1.1 ce765e91525a836efb6bc0a409334a5e.cloudfront.net (CloudFront)
last-modified: Tue, 19 Jul 2022 01:03:15GMT
server: nginx/1.20.1
x-amz-cf-pop: FRA56-P4
etag: c398b38bf460d2870becd4e2f5802552
x-frame-options: SAMEORIGIN
access-control-allow-methods: PUT, GET, POST, DELETE, OPTIONS
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=600; must-revalidate
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, x-requested-with, content-type, authorization
x-amz-cf-id: _SQoWyf-QxUgoVdfAzW8dxJsQBg2iIOdu3ELtBu9s4sXbeXH2sdG9g==

GET
H2 200 nr-1216.min.js Show response
js-agent.newrelic.com/ Frame 66C4 38 KB
14 KB 45ms
14ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-1216.min.js
Requested by: Host: tiol.wufoo.co.uk
URL: https://tiol.wufoo.co.uk/forms/?formname=wsyuzfx1und8jr&embed=1&embedKey=wsyuzfx1und8jr775071&entsource=&referrer=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6f973e7d75a7e6f6e59708f19631c8890034db5debb4d04f189deb53c114e708

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tiol.wufoo.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-version-id: mHHzJIqOizHibcYt0xqAszRr0gQRiNYy
content-encoding: gzip
etag: "9f533d8cd24b2c5e3b4dc886ecbd43e8"
x-amz-request-id: AHSVE1FCW2E90VPE
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 14391
x-amz-id-2: xBl8SViPPxLxY0U4jYS2RY2c+Za5zT1zytHjAprsnIB+DUKQuJ8nFTfT2x619VIzNYojfaJWP1A=
x-served-by: cache-ams21033-AMS
last-modified: Thu, 14 Apr 2022 16:45:57 GMT
server: AmazonS3
x-timer: S1658394954.792052,VS0,VE0
date: Thu, 21 Jul 2022 09:15:53 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 11294

GET
H/1.1 200
OK 1e390569c3 Show response
bam.nr-data.net/1/ Frame 66C4 49 B
632 B 202ms
156ms Script
text/javascript 162.247.241.14
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/1e390569c3?a=536297313&v=1216.487a282&to=YQdTbENQXUFVAUxbDFhNZEpYHlVdRg9LHQpYBlRAH1lHX1g%3D&rst=4565&ck=0&ref=https://tiol.wufoo.co.uk/forms/&ap=118&be=1612&fe=4511&dc=4509&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1658394949242,%22n%22:0,%22r%22:0,%22re%22:680,%22f%22:680,%22dn%22:680,%22dne%22:680,%22c%22:680,%22ce%22:680,%22rq%22:681,%22rp%22:1601,%22rpe%22:1735,%22dl%22:1604,%22di%22:4509,%22ds%22:4509,%22de%22:4511,%22dc%22:4511,%22l%22:4511,%22le%22:4522%7D,%22navigation%22:%7B%22rc%22:1%7D%7D&fp=4485&fcp=4485&at=TUBQGgtKTk8%3D&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1216.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.241.14 Portland, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tiol.wufoo.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Thu, 21 Jul 2022 09:15:53 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
access-control-allow-credentials: true
CF-Ray: 72e2d5adac289079-FRA

Verdicts & Comments Add Verdict or Comment

79 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

34 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.digital.cloud.travelport.com/	1970-01-20 14:10:09	Name: ELOQUA Value: GUID=D25DB39B32C042ADB7429732E5E54ABC
.eloqua.com/	1970-01-20 14:10:09	Name: ELOQUA Value: GUID=241CFE4D907740BD9660C5AF9B6E1ED4
.eloqua.com/	1970-01-20 14:10:09	Name: ELQSTATUS Value: OK
.digital.cloud.travelport.com/	1970-01-20 22:11:06	Name: _ga Value: GA1.4.743993692.1658394948
.digital.cloud.travelport.com/	1970-01-20 04:41:21	Name: _gid Value: GA1.4.2109335511.1658394948
.digital.cloud.travelport.com/	1970-01-20 04:39:55	Name: _gat_UA-65776044-3 Value: 1
.travelport.com/	1970-01-20 22:11:06	Name: _ga Value: GA1.2.743993692.1658394948
.travelport.com/	1970-01-20 04:41:21	Name: _gid Value: GA1.2.2109335511.1658394948
.travelport.com/	1970-01-20 04:39:55	Name: _gat_UA-65776044-1 Value: 1
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: S-3UpoYbfgE
.youtube.com/	1970-01-20 08:59:06	Name: VISITOR_INFO1_LIVE Value: NRwyG4Ukh2o
.doubleclick.net/	1970-01-20 04:39:55	Name: test_cookie Value: CheckForPermission
.travelport.com/	1970-01-20 13:25:30	Name: _hjSessionUser_1812262 Value: eyJpZCI6IjEwMTUzNWIyLTBkMjMtNWQxYi05MzZmLTRhOWRiNjYyMDM4NyIsImNyZWF0ZWQiOjE2NTgzOTQ5NDg2MzksImV4aXN0aW5nIjpmYWxzZX0=
.travelport.com/	1970-01-20 04:39:56	Name: _hjFirstSeen Value: 1
digital.cloud.travelport.com/	1970-01-20 04:39:55	Name: _hjIncludedInSessionSample Value: 0
.travelport.com/	1970-01-20 04:39:56	Name: _hjSession_1812262 Value: eyJpZCI6Ijg3ODg0YjRjLWI5YmEtNDQ1OS1hZTNhLTllZjg0YzE0YjE1ZiIsImNyZWF0ZWQiOjE2NTgzOTQ5NDg2NjMsImluU2FtcGxlIjpmYWxzZX0=
digital.cloud.travelport.com/	1970-01-20 04:39:55	Name: _hjIncludedInPageviewSample Value: 1
.travelport.com/	1970-01-20 04:39:56	Name: _hjAbsoluteSessionInProgress Value: 0
.linkedin.com/	1970-01-20 05:23:06	Name: UserMatchHistory Value: AQJFX6VQUWPsigAAAYIgCrQRdVGP_BvjXpeO5pXrJ3vTrxwfN3IcftIo4b2Hc6DRK3UcP4jPzPfcVQ
.linkedin.com/	1970-01-20 05:23:06	Name: AnalyticsSyncHistory Value: AQJCzgU_om6VogAAAYIgCrQRlABBgUUcUncUc0KnfPgTbTwr5OctCvoRfMIDM7AkcWr68oxW8X0SF_YNR4FZ5g
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 22:11:48	Name: bcookie Value: "v=2&75ad8ad3-852f-46f8-8101-f33745149c14"
.linkedin.com/	1970-01-20 04:41:21	Name: lidc Value: "b=TGST05:s=T:r=T:a=T:p=T:g=2589:u=1:x=1:i=1658394948:t=1658481348:v=2:sig=AQHmctTC-mrbmnZgFNi4erbYHxNIelR2"
.t.co/	1970-01-20 22:11:06	Name: muc_ads Value: 04dcd114-39f4-4363-a628-1e97c8839447
.twitter.com/	1970-01-20 22:11:06	Name: personalization_id Value: "v1_+H2+uvZJGdDfClVik4wAtg=="
.travelport.com/	1970-01-20 06:49:30	Name: _fbp Value: fb.1.1658394948745.891911699
.facebook.com/	1970-01-20 06:49:30	Name: fr Value: 0nmP8AI8tRLnUjKuZ..Bi2RlE...1.0.Bi2RlE.
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=nl-nl
.www.linkedin.com/	1970-01-20 22:11:48	Name: bscookie Value: "v=1&20220721091548b5177ed2-2a56-4afc-81d6-36d5736bc4b1AQFSWf6FeooLKAFCkuSinb7vS5cJ89ig"
.linkedin.com/	1970-01-20 22:03:59	Name: li_gc Value: MTswOzE2NTgzOTQ5NDg7MjswMjF4LRd2+T7NPIakPyvqWWQPrD5OD9y3glN5mWUyaQzfng==
.wufoo.com/	1970-01-20 04:39:56	Name: ep201 Value: PpNvRMYGZuoaXnsdnezF22dVzb4=
.wufoo.co.uk/	1970-01-20 04:39:56	Name: ep201 Value: r9MGtn5yVoBUxv0m2N71K0ymt0o=
www.travelport.com/	1970-01-20 04:39:56	Name: ppwp_wp_session Value: c3f73c13d7baa63cbf0411e0dfffa4d8%7C%7C1658396749%7C%7C1658396389
tiol.wufoo.co.uk/	1970-01-20 04:39:55	Name: _splunk_rum_sid Value: %7B%22id%22%3A%2244e024d3d0890df9de490372ab6fed42%22%2C%22startTime%22%3A1658394953699%7D

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.fullstory.com/s/fs.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://api.company-target.com/api/v2/ip.json?referrer=&page=https%3A%2F%2Fdigital.cloud.travelport.com%2Fpayment-3&page_title=Travelport%20%7C%20OTA&src=tag&auth=l0I1UfRmc5aDs558yRtqwcViTJd5WCfMTPSf0mKw Message: Failed to load resource: the server responded with a status of 401 ()
network	error	URL: https://www.travelport.com/sites/default/files/assets/webfonts/StagSansWeb-Book.woff Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.travelport.com/sites/default/files/assets/webfonts/StagSansWeb-Semibold.woff Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.travelport.com/sites/default/files/assets/img/2105-sprite.svg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.travelport.com/sites/default/files/assets/webfonts/StagSansWeb-Semibold.ttf Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.travelport.com/sites/default/files/assets/webfonts/StagSansWeb-Book.ttf Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.twitter.com
api.company-target.com
bam.nr-data.net
cdn.signalfx.com
code.jquery.com
connect.facebook.net
digital.cloud.travelport.com
googleads.g.doubleclick.net
img06.en25.com
in.hotjar.com
js-agent.newrelic.com
px.ads.linkedin.com
px4.ads.linkedin.com
s1669161669.t.eloqua.com
script.hotjar.com
secure.leadforensics.com
snap.licdn.com
static.ads-twitter.com
static.hotjar.com
static.wufoo.com
stats.g.doubleclick.net
t.co
tag.demandbase.com
tiol.wufoo.co.uk
vars.hotjar.com
www.facebook.com
www.fullstory.com
www.google-analytics.com
www.google.com
www.google.nl
www.googleadservices.com
www.googletagmanager.com
www.linkedin.com
www.travelport.com
www.wufoo.co.uk
www.wufoo.com
www.youtube.com
104.244.42.195
104.244.42.197
108.138.17.87
108.138.7.118
108.138.7.119
108.138.7.19
13.107.42.14
13.32.121.44
142.250.186.98
151.101.2.137
162.247.241.14
18.202.39.101
18.66.139.40
18.66.97.57
192.29.201.104
192.29.203.179
199.232.136.157
2001:4de0:ac18::1:a:3a
23.205.226.129
2620:1ec:21::14
2a00:1450:4001:800::200e
2a00:1450:4001:802::2002
2a00:1450:4001:80b::2004
2a00:1450:4001:80e::200e
2a00:1450:4001:828::2003
2a00:1450:4001:82a::2008
2a00:1450:400c:c06::9d
2a02:26f0:3500:16::215:14a0
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a05:d014:275:cb01:457d:6b8c:73fc:8f8f
51.140.49.131
52.222.236.122
52.222.236.53
96.16.149.96
02ba007a52f99c4781627d0140a02052ad8578e7c47124493511c06c7c1e53b0
0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
122fac0ffbb44fb8bba0388baa11afc67faec3b223a06871a40dbcab4c6cc787
12e292a7e28818b146ecd0dcb24d8b5bc59866c1e1ab9d856630045404acb80f
14f2ec002b176e0dee403cb7dd4ef2274a1353080e1e3e4084678770f4c15b9c
162cc8cf35933243ad6d64942fbe1278f253f27e92f22f3f7bc5a0f81bb7059f
1a52153a3cc99805990cf6307483d4893363f793b2e2e7fbd58eabe3feb1ccd9
1ce532bedc4d3875d3734a96f4685808f11c23547dfea80a45a4dbcccec59f28
1d2958244bb8a85a3a28f2ab787827dc795278b0ea49ece45601ad74335e3ee1
1ecc8cf255bf668cc74ac2ebad5c9f705ad1e980175ed79d16cad579a1b56149
3346de8e2ae1bfde250c7ac5c06f79a0a60c7faef8e5e08a2c9e8fbf5ec2c9e8
38c24ddcfa2b27e0eb0cc233258cafe21f465d0d82df48938f0080b8a8cb3c68
3c3fae03037c8fb3a0601a046714b46f6bf552683ae391afd16ae8f34c59163c
495b1823fd07778b1b5dbc93fdf36bad194af997dda94198bd7a0b36ad105237
4d1f77bd069888192a8d1b4f8a74afe578ac6de7e5a5e7ff1c3b114be5d66533
57abdf431bb02d10f3a479cc46251e456721cd56a3114736b1dc0219606935a2
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e164ad4aa1f1905c44c2e4e57088f313738d18320a99a7e6a984b862523d96d
6f973e7d75a7e6f6e59708f19631c8890034db5debb4d04f189deb53c114e708
8b649b0c4d35175e913549f3623085159ca5fe9e2513c9eba410a11a28b45590
913a414d89a4e99a4804e3eb208479ba090542422d952eecd4f692d2803e9183
9f74c8a9e2931a3af3b3f221f32d360a4ca1e660c09df6b275db214ced4a5dd8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ae57d5e97bf1a0db8777b7531cd32cb09ee6f07bed183bb880469cc20f355086
b3b810fd46e7aad5b789896519011ab5366b39dbb19a5663c53525f756e89bfb
c6c8e4f73932e6c9c5dfe197f1d1f1ebdda6c5824e0ad8c8db360b998e68d6dd
c9d4bf2b35d1dd9ac94b5f8b06e69b5b8acdc0e41d372770ecfd37eca82d61ca
cbbfda74ce57788b9a3877e57fb6ccd91c2e8db043acc08b0091a4ee7509f489
cd79f05a464bce2c6023ea5c5366a2ad8f1688803b9043dd22eefc0e83f7c5d8
cdd948b7d6c8d783b0565c35672c8d4bb66a63e8118f467dd5a5636ebf0838b5
d089c8a9fc28e4e50223eb38c9409e362521be9380a37341304fbac7a4cd9e5f
d1751eb0253140092234f949660d2d519a1494745b03bafe5ce8aecc5dcd2484
d4a0a3fdca6f6711a9ecaf8e0ae15b44069a5fbb655865e5cabd471199413e13
d6feeb1800573d86ec0373e4df2119b10bae1b96f211c159fba0abf1c674a517
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82
dd3b1c1b97b1a1624c3f92bfe2eed019b8de27573a6d849a9f7463ae5b3a2720
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6a57ad5c7cf6353d83f3a92afb26e313af2a76e135d641fc3023a91f08a435b
e83914341e364e4af5d0063977369f55164317cbc0846613cbb01ead8dc244f8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1ccea6b7204d9f7913ab45e1afa51d79f83bd4f0319de937b0132e6e02b1aab
f5db97f8a661c519e1b77aa531b4e47bfcf962b02385a91af912c36da7cbc291
f8feea41477cf6c615d64e34192ca16596d8d1d4a19016c292aec5c894af2bb8

digital.cloud.travelport.com Open in urlscan Pro 192.29.201.104 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

67 Requests

96 %HTTPS

37 %IPv6

28 Domains

37 Subdomains

32 IPs

6 Countries

1428 kBTransfer

3247 kBSize

34 Cookies

14 Outgoing links

Redirected requests

67 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

digital.cloud.travelport.com Open in urlscan Pro
192.29.201.104 Public Scan

Screenshot
Live screenshot

Full Image

67
Requests

96 %
HTTPS

37 %
IPv6

28
Domains

37
Subdomains

32
IPs

6
Countries

1428 kB
Transfer

3247 kB
Size

34
Cookies

67 HTTP transactions
0 data transactions