wicked.tours Open in urlscan Pro
161.35.113.156 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://wicked.tours/
Submission Tags: phishingrod
Submission: On December 16 via api (December 16th 2023, 9:16:01 am UTC) from DE — Scanned from DE

Summary HTTP 116 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 28 IPs in 4 countries across 21 domains to perform 116 HTTP transactions. The main IP is 161.35.113.156, located in North Bergen, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is wicked.tours.
TLS certificate: Issued by R3 on December 15th 2023. Valid for: 3 months.

This is the only time wicked.tours was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
44	161.35.113.156 161.35.113.156	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
3	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3030::6815:4c5e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	151.101.2.38 151.101.2.38	54113 (FASTLY) (FASTLY)
7	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE)
2	18.66.97.10 18.66.97.10	16509 (AMAZON-02) (AMAZON-02)
18	2400:52e0:1e0... 2400:52e0:1e00::1082:1	200325 (BUNNYCDN) (BUNNYCDN)
2	13.32.27.107 13.32.27.107	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	65.9.95.92 65.9.95.92	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:400c:c0c::9a	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:401... 2a00:1450:4016:808::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
2	54.210.251.174 54.210.251.174	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1	18.203.9.136 18.203.9.136	16509 (AMAZON-02) (AMAZON-02)
5	2600:9000:212... 2600:9000:2127:2400:15:c281:3500:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	65.9.95.9 65.9.95.9	16509 (AMAZON-02) (AMAZON-02)
1	52.92.33.120 52.92.33.120	16509 (AMAZON-02) (AMAZON-02)
3	2606:4700::68... 2606:4700::6810:5714	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:8e:... 2a04:4e42:8e::720	() ()
1	178.128.135.232 178.128.135.232	() ()
116	28

44 161.35.113.156 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: 624165.cloudwaysapps.com

wicked.tours	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

analytics.gondola.travel	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3030::6815:4c5e (United States)

ASN13335 (CLOUDFLARENET, US)

app.happychat.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.2.38 (United States)

ASN54113 (FASTLY, US)

media-cdn.tripadvisor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.97.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-10.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2400:52e0:1e00::1082:1 (Germany)

ASN200325 (BUNNYCDN, SI)

a.omappapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.27.107 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-107.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.95.92 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-92.prg50.r.cloudfront.net

api.omappapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c0c::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4016:808::2003 (Ireland)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.210.251.174 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-210-251-174.compute-1.amazonaws.com

api.happychat.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.203.9.136 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-203-9-136.eu-west-1.compute.amazonaws.com

content.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:2127:2400:15:c281:3500:93a1 (United States)

ASN16509 (AMAZON-02, US)

ik.imagekit.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.95.9 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-9.prg50.r.cloudfront.net

surveystats.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.92.33.120 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: s3-eu-west-1.amazonaws.com

s3-eu-west-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:8e::720 (None, )

ASN- ()

images.unsplash.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.128.135.232 (None, )

ASN- ()

z.omappapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
44	wicked.tours wicked.tours	2 MB
20	omappapi.com a.omappapi.com — Cisco Umbrella Rank: 5231 api.omappapi.com — Cisco Umbrella Rank: 5432 z.omappapi.com	95 KB
7	googleusercontent.com lh3.googleusercontent.com — Cisco Umbrella Rank: 48	289 KB
5	imagekit.io ik.imagekit.io — Cisco Umbrella Rank: 21768	200 KB
4	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 700 script.hotjar.com — Cisco Umbrella Rank: 933	128 KB
3	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 313	87 KB
3	google.com region1.analytics.google.com — Cisco Umbrella Rank: 2693 www.google.com — Cisco Umbrella Rank: 2	705 B
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 168	125 KB
3	happychat.ai app.happychat.ai api.happychat.ai	9 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	3 KB
3	gondola.travel analytics.gondola.travel	3 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 98	216 B
2	hotjar.io content.hotjar.io — Cisco Umbrella Rank: 6459 surveystats.hotjar.io — Cisco Umbrella Rank: 27564	642 B
2	gstatic.com fonts.gstatic.com	55 KB
2	google.de www.google.de — Cisco Umbrella Rank: 6765	515 B
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 75	394 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	170 KB
2	tripadvisor.com media-cdn.tripadvisor.com — Cisco Umbrella Rank: 13211	273 KB
1	unsplash.com images.unsplash.com	1 MB
1	amazonaws.com s3-eu-west-1.amazonaws.com	9 KB
116	21

	Domain	Requested by
44	wicked.tours	wicked.tours
18	a.omappapi.com	wicked.tours a.omappapi.com
7	lh3.googleusercontent.com	wicked.tours
5	ik.imagekit.io	wicked.tours
3	cdn.jsdelivr.net	app.happychat.ai
3	connect.facebook.net	wicked.tours connect.facebook.net
3	fonts.googleapis.com	wicked.tours a.omappapi.com
3	analytics.gondola.travel	wicked.tours analytics.gondola.travel
2	www.facebook.com	wicked.tours
2	fonts.gstatic.com	fonts.googleapis.com
2	api.happychat.ai	app.happychat.ai
2	www.google.de	wicked.tours
2	region1.analytics.google.com	www.googletagmanager.com
2	stats.g.doubleclick.net	www.google-analytics.com www.googletagmanager.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	script.hotjar.com	static.hotjar.com script.hotjar.com
2	static.hotjar.com	wicked.tours www.googletagmanager.com
2	www.googletagmanager.com	wicked.tours www.googletagmanager.com
2	media-cdn.tripadvisor.com	wicked.tours
1	z.omappapi.com	a.omappapi.com
1	images.unsplash.com
1	s3-eu-west-1.amazonaws.com	wicked.tours
1	surveystats.hotjar.io	script.hotjar.com
1	content.hotjar.io	script.hotjar.com
1	www.google.com	wicked.tours
1	api.omappapi.com	a.omappapi.com
1	app.happychat.ai	wicked.tours
116	27

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.instagram.com
www.twitter.com
www.linkedin.com
www.youtube.com
gondola.travel

Subject Issuer	Validity	Valid
icystraitpointexcursions.com R3	`2023-12-15` - `2024-03-14`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-02-21` - `2024-02-20`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
happychat.ai GTS CA 1P5	`2023-10-31` - `2024-01-29`	3 months	crt.sh
media.tacdn.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-04-06` - `2024-04-22`	a year	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.hotjar.com Amazon ECDSA 256 M01	`2023-03-09` - `2024-04-06`	a year	crt.sh
a.omappapi.com R3	`2023-11-18` - `2024-02-16`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-09-24` - `2023-12-23`	3 months	crt.sh
api.opmnstr.com Amazon RSA 2048 M03	`2023-12-11` - `2025-01-07`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
api.happychat.ai R3	`2023-09-19` - `2023-12-18`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.hotjar.io Amazon ECDSA 256 M02	`2023-03-02` - `2024-03-30`	a year	crt.sh
*.imagekit.io Amazon RSA 2048 M01	`2023-02-22` - `2024-03-22`	a year	crt.sh
*.s3-eu-west-1.amazonaws.com Amazon RSA 2048 M01	`2023-10-10` - `2024-09-12`	a year	crt.sh
images.unsplash.com GlobalSign Atlas R3 DV TLS CA 2023 Q4	`2023-12-07` - `2025-01-07`	a year	crt.sh
z.omappapi.com R3	`2023-11-02` - `2024-01-31`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://wicked.tours/
Frame ID: B5AD09807A7EC80B4BC0D87D11F968DD
Requests: 116 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Kelowna Wine Tours | Okanagan Wine Tours | Wicked Wine Tours

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Flickity (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/flickity(?:\.pkgd)?(?:\.min)?\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

116
Requests

100 %
HTTPS

63 %
IPv6

21
Domains

27
Subdomains

28
IPs

4
Countries

5134 kB
Transfer

7327 kB
Size

14
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/wickedwinetours

Search URL Search Domain Scan URL

URL: https://www.instagram.com/wickedwinetours

Search URL Search Domain Scan URL

URL: https://www.twitter.com/wickedwinetours

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/wickedtours/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/c/Wickedwinetours

Search URL Search Domain Scan URL

URL: https://gondola.travel/?utm_source=client&utm_medium=referral&utm_campaign=footer-refer&utm_term=wicked.tours
Title: .footer-text-color-svg{fill:#ffffff;}

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

116 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
wicked.tours/ 282 KB
35 KB 534ms
322ms Document
text/html 161.35.113.156
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://wicked.tours/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 161.35.113.156 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 624165.cloudwaysapps.com
Software: nginx /
Resource Hash: 27c32714183e80852098f94866ff9ab808e155e286b2c53d9570952740cc5e30

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-length: 35758
content-type: text/html; charset=UTF-8
date: Sat, 16 Dec 2023 09:15:54 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
link: <https://wicked.tours/wp-json/>; rel="https://api.w.org/", <https://wicked.tours/wp-json/wp/v2/pages/30>; rel="alternate"; type="application/json", <https://wicked.tours/>; rel=shortlink
pragma: no-cache
server: nginx
vary: Accept-Encoding

GET
H2 200 flickity.min.css
wicked.tours/wp-content/themes/gondola-wp/lib/flickity/ 2 KB
815 B 96ms
94ms Stylesheet
text/css 161.35.113.156
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://wicked.tours/wp-content/themes/gondola-wp/lib/flickity/flickity.min.css?ver=5.8.8
Requested by: Host: wicked.tours
URL: https://wicked.tours/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 161.35.113.156 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 624165.cloudwaysapps.com
Software: nginx /
Resource Hash: 0e9008c12d77bda2b94815770d9cb95a1a1b34463208bc5170cdc9c2d3f01f7c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 09:15:54 GMT
content-encoding: gzip
last-modified: Sat, 16 Dec 2023 06:05:20 GMT
server: nginx
etag: W/"657d3e20-706"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000

GET
H2 200 fullscreen.css
wicked.tours/wp-content/themes/gondola-wp/lib/flickity-fullscreen/ 1 KB
572 B 96ms
95ms Stylesheet
text/css 161.35.113.156
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://wicked.tours/wp-content/themes/gondola-wp/lib/flickity-fullscreen/fullscreen.css?ver=5.8.8
Requested by: Host: wicked.tours
URL: https://wicked.tours/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 161.35.113.156 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 624165.cloudwaysapps.com
Software: nginx /
Resource Hash: d4c1270f7869730d1490f7df3d4bf63e21b5baa51ebbc67c31001317d4e50dbb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 09:15:54 GMT
content-encoding: gzip
last-modified: Sat, 16 Dec 2023 06:05:20 GMT
server: nginx
etag: W/"657d3e20-46f"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000

GET
H2 200 style.basic.css
wicked.tours/wp-content/plugins/ajax-search-lite/css/ 21 KB
4 KB 97ms
96ms Stylesheet
text/css 161.35.113.156
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://wicked.tours/wp-content/plugins/ajax-search-lite/css/style.basic.css?ver=4.10
Requested by: Host: wicked.tours
URL: https://wicked.tours/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 161.35.113.156 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 624165.cloudwaysapps.com
Software: nginx /
Resource Hash: 947e611b2cb75cb862f3802ca9d4f81cce21680d57204dfa300396e6c5526479

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 09:15:54 GMT
content-encoding: gzip
last-modified: Thu, 04 Aug 2022 13:37:29 GMT
server: nginx
etag: W/"62ebcb99-541c"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000

GET
H2 200 style-curvy-black.css
wicked.tours/wp-content/plugins/ajax-search-lite/css/ 6 KB
1 KB 97ms
96ms Stylesheet
text/css 161.35.113.156
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://wicked.tours/wp-content/plugins/ajax-search-lite/css/style-curvy-black.css?ver=4.10
Requested by: Host: wicked.tours
URL: https://wicked.tours/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 161.35.113.156 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 624165.cloudwaysapps.com
Software: nginx /
Resource Hash: 5c80505133c2b387dbe571c9b908be7e815b86ec57d1cb8de7f1b8212cb0d304

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 09:15:54 GMT
content-encoding: gzip
last-modified: Thu, 04 Aug 2022 13:37:29 GMT
server: nginx
etag: W/"62ebcb99-1927"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000

GET
H2 200 home_177ccc35.css
wicked.tours/wp-content/themes/gondola-wp/dist/styles/ 182 KB
30 KB 182ms
181ms Stylesheet
text/css 161.35.113.156
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://wicked.tours/wp-content/themes/gondola-wp/dist/styles/home_177ccc35.css?ver=5.8.8
Requested by: Host: wicked.tours
URL: https://wicked.tours/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 161.35.113.156 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 624165.cloudwaysapps.com
Software: nginx /
Resource Hash: 56a887623fe8160e223a897c5ced463522416c928b1dc1c8235f6cd79cf74889

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 09:15:54 GMT
content-encoding: gzip
last-modified: Tue, 21 Nov 2023 21:30:54 GMT
server: nginx
etag: W/"655d218e-2d7e2"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000

GET
H2 200 gondola-custom-css.css
wicked.tours/wp-content/uploads/sites/459/gondola-custom-css/ 7 KB
1 KB 184ms
183ms Stylesheet
text/css 161.35.113.156
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://wicked.tours/wp-content/uploads/sites/459/gondola-custom-css/gondola-custom-css.css
Requested by: Host: wicked.tours
URL: https://wicked.tours/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 161.35.113.156 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 624165.cloudwaysapps.com
Software: nginx /
Resource Hash: a1b2f0f8bae2442fcfd706d14c56351c979e23da9ed2fa1e9c9dd3dcda261d52

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 09:15:54 GMT
content-encoding: gzip
last-modified: Sat, 16 Dec 2023 06:08:52 GMT
server: nginx
etag: W/"657d3ef4-1b04"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000

GET
H2 200 umami.js Show response
analytics.gondola.travel/ 3 KB
2 KB 206ms
130ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.gondola.travel/umami.js

Requested by

Host: wicked.tours
URL: https://wicked.tours/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

614147a2fbc289fa4de70bb92786157cfa72044b31128f46c8f83202a4a0d675

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; img-src *; script-src 'self' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self' api.umami.is; frame-ancestors 'self';
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 09:15:55 GMT
content-security-policy: default-src 'self'; img-src *; script-src 'self' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self' api.umami.is; frame-ancestors 'self';
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=2670
x-dns-prefetch-control: on
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 10 Jan 2023 11:03:04 GMT
server: cloudflare
etag: W/"a6e-1859b59147a"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WlH3uZIlJ1%2BguTYqhlFUBIDWk2D0u62Z%2B5LeMZlLORpeaEOFVNxv5boJ1dARUWWTYAdI0FHWjK99QSiJ9b84uhuK8ukBBYHHilkNZyr09SvfYpGYlYdHhrvBE2%2FM8O6JxnSiAMYDCHaFiEphd76FiCngghv4JEU%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=14400
cf-ray: 8365d3148e79f140-CDG

GET
H2 200 css
fonts.googleapis.com/ 6 KB
2 KB 71ms
36ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans&display=swap

Requested by

Host: wicked.tours
URL: https://wicked.tours/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

98f6f0be59cf33c961bbde1efce215467edbe4a02e110c3c28f1cf1d8adce530

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 16 Dec 2023 09:15:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 16 Dec 2023 07:42:42 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 16 Dec 2023 09:15:54 GMT

GET
H2 200 chat.script.js Show response
app.happychat.ai/ 29 KB
7 KB 520ms
291ms Script
application/javascript 2606:4700:3030::6815:4c5e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.happychat.ai/chat.script.js
Requested by: Host: wicked.tours
URL: https://wicked.tours/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:4c5e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: a73c3066c94be4f1b0f1122508848931d7ee351d452f2d3a81006dd432d0e7db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 09:15:55 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 07 Nov 2023 09:20:28 GMT
server: cloudflare
etag: W/"73a6-18ba9154f99"
vary: Accept-Encoding
access-control-allow-methods: *
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mUycn9FS5%2Bkq4rTPETiEHP08l7YhXakDSbfZy9fpJ0SEKWcMDOytkPWpOnVLaoC52Sez%2Fbdia6RK5vfL7T%2Fx0PT4w%2FDuRdfZqD%2F2Mi%2BXuq01%2BwWZd778mL99n7dmTRVCIAuAOJ0Ay45BsTDAuYOh"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=86400
cf-ray: 8365d31429c892ab-FRA
access-control-allow-headers: *

GET
H2 200 WickedWineTours_Logo_RGB_Colour_DarkOnLight_TransparentBG.png.webp
wicked.tours/wp-content/uploads/sites/459/2023/12/ 17 KB
18 KB 189ms
188ms Image
image/webp 161.35.113.156
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wicked.tours/wp-content/uploads/sites/459/2023/12/WickedWineTours_Logo_RGB_Colour_DarkOnLight_TransparentBG.png.webp
Requested by: Host: wicked.tours
URL: https://wicked.tours/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 161.35.113.156 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 624165.cloudwaysapps.com
Software: nginx /
Resource Hash: e6d72a6a80c063be7be0dfaf83fe28c7540cb92a1867b1e28383ced64723bf67

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 09:15:54 GMT
last-modified: Tue, 05 Dec 2023 16:00:59 GMT
server: nginx
etag: "656f493b-457f"
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 17791

GET
H2 200 verify.png
wicked.tours/wp-content/themes/gondola-wp/resources/assets/images/ 4 KB
4 KB 189ms
189ms Image
image/png 161.35.113.156
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wicked.tours/wp-content/themes/gondola-wp/resources/assets/images/verify.png
Requested by: Host: wicked.tours
URL: https://wicked.tours/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 161.35.113.156 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 624165.cloudwaysapps.com
Software: nginx /
Resource Hash: b3ff07a3bed2a2caf71349a34d93f15630b6caee6ca625d8a0a45c1e021b6aac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 09:15:54 GMT
last-modified: Sat, 16 Dec 2023 06:05:20 GMT
server: nginx
etag: "657d3e20-e20"
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 3616

GET
H2 200 default-avatar-2020-36.jpg
media-cdn.tripadvisor.com/media/photo-o/1a/f6/de/5a/ 258 KB
258 KB 53ms
9ms Image
image/jpeg 151.101.2.38
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media-cdn.tripadvisor.com/media/photo-o/1a/f6/de/5a/default-avatar-2020-36.jpg
Requested by: Host: wicked.tours
URL: https://wicked.tours/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.38 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 487b450594c9ba50688a89a870e4983b7ab69a707dd1826e9595d701710753f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 09:15:54 GMT
via: 1.1 varnish, 1.1 varnish
x-media-cdn: 1040253013
age: 964902
x-cache: HIT, HIT
content-length: 263689
x-served-by: cache-iad-kiad7000157-IAD, cache-fra-etou8220101-FRA
last-modified: Fri, 21 Feb 2020 20:40:03 GMT
x-timer: S1702718155.909016,VS0,VE2
etag: "1ad4c285bd1d1d9b6bb5a954431f7fa5"
x-media-cdn-cache-hits: 0
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
x-media-cdn-cache: PASS
timing-allow-origin: https://www.tripadvisor.com
x-cache-hits: 3491, 1

GET
H2 200 tripadvisor-reviews.png
wicked.tours/wp-content/themes/gondola-wp/resources/assets/images/ 46 KB
46 KB 173ms
168ms Image
image/png 161.35.113.156
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wicked.tours/wp-content/themes/gondola-wp/resources/assets/images/tripadvisor-reviews.png
Requested by: Host: wicked.tours
URL: https://wicked.tours/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 161.35.113.156 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 624165.cloudwaysapps.com
Software: nginx /
Resource Hash: f2f7a4714f97e0f2a0f5ccd6c69d169a688465d2cebeed90db670d86fe85b3d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 09:15:54 GMT
last-modified: Sat, 16 Dec 2023 06:05:20 GMT
server: nginx
etag: "657d3e20-b773"
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 46963

GET
H2 200 ALV-UjVDTlDeHoJLXNn49ZLSTz-4RCST8olXvVWWG4AMlsIulA=s240-c-rp-mo-ba2-br100
lh3.googleusercontent.com/a-/ 86 KB
86 KB 111ms
75ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/a-/ALV-UjVDTlDeHoJLXNn49ZLSTz-4RCST8olXvVWWG4AMlsIulA=s240-c-rp-mo-ba2-br100

Requested by

Host: wicked.tours
URL: https://wicked.tours/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

875f7447920757fc576e5540f0c8b4798abfeabb22cfe616013c3c77873b2dfc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 09:15:54 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 87982
x-xss-protection: 0
server: fife
etag: "v3c"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sun, 17 Dec 2023 09:15:54 GMT

GET
H2 200 google-reviews.png
wicked.tours/wp-content/themes/gondola-wp/resources/assets/images/ 62 KB
62 KB 173ms
168ms Image
image/png 161.35.113.156
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wicked.tours/wp-content/themes/gondola-wp/resources/assets/images/google-reviews.png
Requested by: Host: wicked.tours
URL: https://wicked.tours/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 161.35.113.156 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 624165.cloudwaysapps.com
Software: nginx /
Resource Hash: 2cca9425a6cfd78413a633f610ae0c99c2406515ef867b0c65c01393df4c6e3a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 09:15:54 GMT
last-modified: Sat, 16 Dec 2023 06:05:20 GMT
server: nginx
etag: "657d3e20-f7ba"
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 63418

GET
H2 200 ALV-UjVX-OTrn6KYKBmlR1Q-7WDPNqnGoVYLukcjqkzSukp0dDU=s240-c-rp-mo-br100
lh3.googleusercontent.com/a-/ 90 KB
90 KB 121ms
86ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/a-/ALV-UjVX-OTrn6KYKBmlR1Q-7WDPNqnGoVYLukcjqkzSukp0dDU=s240-c-rp-mo-br100

Requested by

Host: wicked.tours
URL: https://wicked.tours/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

0e0d2baa393fe916f38e48a2daf1ef6bbde420d138d2fc56199ae22d87220139

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 09:15:54 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 92179
x-xss-protection: 0
server: fife
etag: "v3509"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sun, 17 Dec 2023 09:15:54 GMT

GET
H2 200 ACg8ocIxIqMydM3uJTHyYaVcTvPXbbTwM5qyHnULl5Wtj12a=s240-c-rp-mo-br100
lh3.googleusercontent.com/a/ 7 KB
7 KB 208ms
173ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/a/ACg8ocIxIqMydM3uJTHyYaVcTvPXbbTwM5qyHnULl5Wtj12a=s240-c-rp-mo-br100

Requested by

Host: wicked.tours
URL: https://wicked.tours/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

7a5055116ad7c18af3f2b20162a07d56c0691fa8037a82aeb6dfa9adbb441e58

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 09:15:55 GMT
x-content-type-options: nosniff
server: fife
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7367
x-xss-protection: 0
expires: Sun, 17 Dec 2023 09:15:55 GMT

GET
H2 200 marion-y.jpg
media-cdn.tripadvisor.com/media/photo-s/07/57/ba/4b/ 15 KB
15 KB 28ms
8ms Image
image/jpeg 151.101.2.38
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media-cdn.tripadvisor.com/media/photo-s/07/57/ba/4b/marion-y.jpg
Requested by: Host: wicked.tours
URL: https://wicked.tours/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.38 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: ba8921e0c27b2c3392f74b1b599b684ed193b16d880466c05a2381629187cdd9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 09:15:54 GMT
via: 1.1 varnish, 1.1 varnish
x-media-cdn: 126682688
age: 844943
x-cache: HIT, HIT
content-length: 14908
x-served-by: cache-iad-kcgs7200063-IAD, cache-fra-etou8220101-FRA
last-modified: Sat, 14 Feb 2015 16:53:34 GMT
x-timer: S1702718155.909157,VS0,VE1
etag: "e90b0645173100bbde73a4904340571b"
x-media-cdn-cache-hits: 0
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
x-media-cdn-cache: PASS
timing-allow-origin: https://www.tripadvisor.com
x-cache-hits: 145, 1

GET
H2 200 ACg8ocIOszmodhlQDXXr1uhNHK8yxVj6BP1CZt_v5x42rIBt=s240-c-rp-mo-br100
lh3.googleusercontent.com/a/ 6 KB
6 KB 109ms
74ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/a/ACg8ocIOszmodhlQDXXr1uhNHK8yxVj6BP1CZt_v5x42rIBt=s240-c-rp-mo-br100

Requested by

Host: wicked.tours
URL: https://wicked.tours/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9f319c6e2632fe1504913253a8fb6a98e4411039814eb975e7d170a90d721815

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 09:15:54 GMT
x-content-type-options: nosniff
server: fife
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5743
x-xss-protection: 0
expires: Sun, 17 Dec 2023 09:15:54 GMT

GET
H2 200 ALV-UjUBPXmRVYsYsTiXzv_fgJWediX7qjZI1B876ZIuaa8k8A=s240-c-rp-mo-br100
lh3.googleusercontent.com/a-/ 87 KB
87 KB 81ms
46ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/a-/ALV-UjUBPXmRVYsYsTiXzv_fgJWediX7qjZI1B876ZIuaa8k8A=s240-c-rp-mo-br100

Requested by

Host: wicked.tours
URL: https://wicked.tours/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

3ab54cd9a313a7e330ef31b8e5d39fb1bca7c2b985f37a6c68b5904411d3d0ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 09:15:54 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 88675
x-xss-protection: 0
server: fife
etag: "v42"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sun, 17 Dec 2023 09:15:54 GMT

GET
H2 200 ACg8ocJqLGcEHJBATKJw3QnTnduuWqhn0q4bStyna5t6u2SA4Q=s240-c-rp-mo-br100
lh3.googleusercontent.com/a/ 6 KB
7 KB 76ms
42ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/a/ACg8ocJqLGcEHJBATKJw3QnTnduuWqhn0q4bStyna5t6u2SA4Q=s240-c-rp-mo-br100

Requested by

Host: wicked.tours
URL: https://wicked.tours/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

ba70f702bd93a670e7f34c5195c5ce30dfe71ce72eeefc9a2acaad0eec3dd689

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 09:15:54 GMT
x-content-type-options: nosniff
server: fife
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: private, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6510
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ACg8ocLANZ5qSOnp7lXwOV0dqtYDTykDsnCCrQmRebjzQyzu=s240-c-rp-mo-br100
lh3.googleusercontent.com/a/ 6 KB
6 KB 162ms
162ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/a/ACg8ocLANZ5qSOnp7lXwOV0dqtYDTykDsnCCrQmRebjzQyzu=s240-c-rp-mo-br100

Requested by

Host: wicked.tours
URL: https://wicked.tours/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

0867457a9d690f06be44d101ce3cb9ed3b946446dba670d2f77b5bf0c12dda65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 09:15:55 GMT
x-content-type-options: nosniff
server: fife
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6584
x-xss-protection: 0
expires: Sun, 17 Dec 2023 09:15:55 GMT

GET
H2 200 west-kelowna-wine-wicked-wine-tours2-scaled-e1701873185179.jpg
wicked.tours/wp-content/uploads/sites/459/2023/12/ 565 KB
566 KB 171ms
169ms Image
image/jpeg 161.35.113.156
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wicked.tours/wp-content/uploads/sites/459/2023/12/west-kelowna-wine-wicked-wine-tours2-scaled-e1701873185179.jpg
Requested by: Host: wicked.tours
URL: https://wicked.tours/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 161.35.113.156 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 624165.cloudwaysapps.com
Software: nginx /
Resource Hash: 4d2b30faf8734e6b3389f1c6af1aededf2a2b1739524663fd877ab96cbf124c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 09:15:54 GMT
last-modified: Wed, 06 Dec 2023 14:33:05 GMT
server: nginx
etag: "65708621-8d540"
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 578880

GET
H2 200 shutterstock_1120638302-540x359.jpg.webp
wicked.tours/wp-content/uploads/sites/459/2023/02/ 39 KB
39 KB 171ms
169ms Image
image/webp 161.35.113.156
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wicked.tours/wp-content/uploads/sites/459/2023/02/shutterstock_1120638302-540x359.jpg.webp
Requested by: Host: wicked.tours
URL: https://wicked.tours/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 161.35.113.156 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 624165.cloudwaysapps.com
Software: nginx /
Resource Hash: 41f5212f4270e9a2aa1c0424680c80b0c49872fa4dc59ee0c39c746c2afbfc1e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 09:15:54 GMT
last-modified: Wed, 08 Feb 2023 15:57:38 GMT
server: nginx
etag: "63e3c672-9d34"
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 40244

GET
H2 200 WickedWineTours_Logo_RGB_White_TransparentBG-1.png.webp
wicked.tours/wp-content/uploads/sites/459/2023/12/ 20 KB
20 KB 171ms
169ms Image
image/webp 161.35.113.156
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wicked.tours/wp-content/uploads/sites/459/2023/12/WickedWineTours_Logo_RGB_White_TransparentBG-1.png.webp
Requested by: Host: wicked.tours
URL: https://wicked.tours/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 161.35.113.156 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 624165.cloudwaysapps.com
Software: nginx /
Resource Hash: f48e599eddf7a8ed411ba1601ad3623a0c72fb54a3418587b2a32a69d99fbb28

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 09:15:54 GMT
last-modified: Fri, 15 Dec 2023 21:10:26 GMT
server: nginx
etag: "657cc0c2-4ec4"
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 20164

GET
H2 200 jquery.min.js Show response
wicked.tours/wp-content/themes/gondola-wp/lib/jquery/ 87 KB
30 KB 101ms
100ms Script
application/javascript 161.35.113.156
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://wicked.tours/wp-content/themes/gondola-wp/lib/jquery/jquery.min.js?ver=5.8.8
Requested by: Host: wicked.tours
URL: https://wicked.tours/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 161.35.113.156 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 624165.cloudwaysapps.com
Software: nginx /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 09:15:54 GMT
content-encoding: gzip
last-modified: Sat, 16 Dec 2023 06:05:20 GMT
server: nginx
etag: W/"657d3e20-15d9d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000

GET
H2 200 jquery-migrate.min.js Show response
wicked.tours/wp-content/themes/gondola-wp/lib/jquery-migrate/ 13 KB
5 KB 171ms
170ms Script
application/javascript 161.35.113.156
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://wicked.tours/wp-content/themes/gondola-wp/lib/jquery-migrate/jquery-migrate.min.js?ver=5.8.8
Requested by: Host: wicked.tours
URL: https://wicked.tours/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 161.35.113.156 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 624165.cloudwaysapps.com
Software: nginx /
Resource Hash: 81aa619758b89d5cd2ad0a7fb00d875ab6685e69ab853f5e5247a62547e0cdb3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 09:15:54 GMT
content-encoding: gzip
last-modified: Sat, 16 Dec 2023 06:05:20 GMT
server: nginx
etag: W/"657d3e20-349c"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000

GET
H2 200 flickity.min.js Show response
wicked.tours/wp-content/themes/gondola-wp/lib/flickity/ 56 KB
14 KB 102ms
96ms Script
application/javascript 161.35.113.156
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://wicked.tours/wp-content/themes/gondola-wp/lib/flickity/flickity.min.js?ver=5.8.8
Requested by: Host: wicked.tours
URL: https://wicked.tours/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 161.35.113.156 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 624165.cloudwaysapps.com
Software: nginx /
Resource Hash: d1f5c9696f46364e47602c9015a3a85b4ce559c54be49b5f6a16874264a30e2f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 09:15:54 GMT
content-encoding: gzip
last-modified: Sat, 16 Dec 2023 06:05:20 GMT
server: nginx
etag: W/"657d3e20-e137"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000

GET
H2 200 fullscreen.js Show response
wicked.tours/wp-content/themes/gondola-wp/lib/flickity-fullscreen/ 5 KB
2 KB 103ms
97ms Script
application/javascript 161.35.113.156
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://wicked.tours/wp-content/themes/gondola-wp/lib/flickity-fullscreen/fullscreen.js?ver=5.8.8
Requested by: Host: wicked.tours
URL: https://wicked.tours/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 161.35.113.156 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 624165.cloudwaysapps.com
Software: nginx /
Resource Hash: f24bfd0f1b0a80c8097bca01b9d7550369b6c5aa6284ca205e64af9db180fa80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 09:15:54 GMT
content-encoding: gzip
last-modified: Sat, 16 Dec 2023 06:05:20 GMT
server: nginx
etag: W/"657d3e20-12f2"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000

GET
H2 200 simplebar.js Show response
wicked.tours/wp-content/plugins/ajax-search-lite/js/min/external/ 36 KB
10 KB 104ms
98ms Script
application/javascript 161.35.113.156
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://wicked.tours/wp-content/plugins/ajax-search-lite/js/min/external/simplebar.js?ver=4751
Requested by: Host: wicked.tours
URL: https://wicked.tours/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 161.35.113.156 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 624165.cloudwaysapps.com
Software: nginx /
Resource Hash: 6f74cd5afbfe6fab11489dfcc70fb996ccd7b3dc935927d7402aa285d9692207

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 09:15:54 GMT
content-encoding: gzip
last-modified: Thu, 04 Aug 2022 13:37:29 GMT
server: nginx
etag: W/"62ebcb99-8e7c"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000

GET
H2 200 asl-prereq.js Show response
wicked.tours/wp-content/plugins/ajax-search-lite/js/min/plugin/optimized/ 19 KB
6 KB 105ms
99ms Script
application/javascript 161.35.113.156
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://wicked.tours/wp-content/plugins/ajax-search-lite/js/min/plugin/optimized/asl-prereq.js?ver=4751
Requested by: Host: wicked.tours
URL: https://wicked.tours/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 161.35.113.156 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 624165.cloudwaysapps.com
Software: nginx /
Resource Hash: 202ee5b585222e2c8660b175f70624ec845320e95ec306ede1e9ad6ca12ec453

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 09:15:54 GMT
content-encoding: gzip
last-modified: Thu, 04 Aug 2022 13:37:29 GMT
server: nginx
etag: W/"62ebcb99-4c8e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000

GET
H2 200 asl-core.js Show response
wicked.tours/wp-content/plugins/ajax-search-lite/js/min/plugin/optimized/ 37 KB
10 KB 106ms
100ms Script
application/javascript 161.35.113.156
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://wicked.tours/wp-content/plugins/ajax-search-lite/js/min/plugin/optimized/asl-core.js?ver=4751
Requested by: Host: wicked.tours
URL: https://wicked.tours/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 161.35.113.156 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 624165.cloudwaysapps.com
Software: nginx /
Resource Hash: 5d2daebf3aef880f90c88253bcd48338de8886ee772559966c2594fae8e14e3a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 09:15:54 GMT
content-encoding: gzip
last-modified: Thu, 04 Aug 2022 13:37:29 GMT
server: nginx
etag: W/"62ebcb99-93c5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000

GET
H2 200 asl-results-vertical.js Show response
wicked.tours/wp-content/plugins/ajax-search-lite/js/min/plugin/optimized/ 1 KB
841 B 107ms
101ms Script
application/javascript 161.35.113.156
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://wicked.tours/wp-content/plugins/ajax-search-lite/js/min/plugin/optimized/asl-results-vertical.js?ver=4751
Requested by: Host: wicked.tours
URL: https://wicked.tours/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 161.35.113.156 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 624165.cloudwaysapps.com
Software: nginx /
Resource Hash: ece88845d2c0a327f6a7957ec596d1014820fbfb62b31a13b8152a28dbd41bb5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 09:15:54 GMT
content-encoding: gzip
last-modified: Thu, 04 Aug 2022 13:37:29 GMT
server: nginx
etag: W/"62ebcb99-594"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000

GET
H2 200 asl-load.js Show response
wicked.tours/wp-content/plugins/ajax-search-lite/js/min/plugin/optimized/ 71 B
242 B 107ms
102ms Script
application/javascript 161.35.113.156
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://wicked.tours/wp-content/plugins/ajax-search-lite/js/min/plugin/optimized/asl-load.js?ver=4751
Requested by: Host: wicked.tours
URL: https://wicked.tours/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 161.35.113.156 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 624165.cloudwaysapps.com
Software: nginx /
Resource Hash: 1771aad88d0164b8f869d097851c94cc83d1a837f12fe8de39d0f309fe45f33c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 09:15:54 GMT
content-encoding: gzip
last-modified: Thu, 04 Aug 2022 13:37:29 GMT
server: nginx
etag: W/"62ebcb99-47"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000

GET
H2 200 asl-wrapper.js Show response
wicked.tours/wp-content/plugins/ajax-search-lite/js/min/plugin/optimized/ 5 KB
2 KB 108ms
103ms Script
application/javascript 161.35.113.156
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://wicked.tours/wp-content/plugins/ajax-search-lite/js/min/plugin/optimized/asl-wrapper.js?ver=4751
Requested by: Host: wicked.tours
URL: https://wicked.tours/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 161.35.113.156 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 624165.cloudwaysapps.com
Software: nginx /
Resource Hash: c2c2302b5ee2629a243e633d6b69610fd35586ccd25f9402332ee496b51ceb3e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 09:15:54 GMT
content-encoding: gzip
last-modified: Thu, 04 Aug 2022 13:37:29 GMT
server: nginx
etag: W/"62ebcb99-129d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000

GET
H2 200 home_177ccc35.js Show response
wicked.tours/wp-content/themes/gondola-wp/dist/scripts/ 172 KB
53 KB 112ms
107ms Script
application/javascript 161.35.113.156
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://wicked.tours/wp-content/themes/gondola-wp/dist/scripts/home_177ccc35.js?ver=5.8.8
Requested by: Host: wicked.tours
URL: https://wicked.tours/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 161.35.113.156 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 624165.cloudwaysapps.com
Software: nginx /
Resource Hash: ece889d87186517d243ef3c4b1ec7795a1b635fdd6b0a18fe6b3015223f9ec45

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 09:15:54 GMT
content-encoding: gzip
last-modified: Tue, 21 Nov 2023 21:30:54 GMT
server: nginx
etag: W/"655d218e-2aeca"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000

GET
H2 200 lazyload.min.js Show response
wicked.tours/wp-content/plugins/rocket-lazy-load/assets/js/16.1/ 8 KB
3 KB 171ms
170ms Script
application/javascript 161.35.113.156
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://wicked.tours/wp-content/plugins/rocket-lazy-load/assets/js/16.1/lazyload.min.js
Requested by: Host: wicked.tours
URL: https://wicked.tours/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 161.35.113.156 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 624165.cloudwaysapps.com
Software: nginx /
Resource Hash: 6e86a52a9858206302e32036d89907e3ac87762055e7f9c6364aec33221b3e41

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 09:15:54 GMT
content-encoding: gzip
last-modified: Tue, 10 May 2022 11:27:06 GMT
server: nginx
etag: W/"627a4c0a-1ed2"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000

GET
H2 200 css2
fonts.googleapis.com/ 5 KB
694 B 22ms
22ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat:wght@200;400;700&display=swap

Requested by

Host: wicked.tours
URL: https://wicked.tours/wp-content/themes/gondola-wp/dist/styles/home_177ccc35.css?ver=5.8.8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bb99204bf1f35c6103216e140736ef19be06b3255a6ece419a6ff526ccdf63d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 16 Dec 2023 09:15:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 16 Dec 2023 09:04:15 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 16 Dec 2023 09:15:54 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 221 KB
78 KB 84ms
34ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-54TM3L

Requested by

Host: wicked.tours
URL: https://wicked.tours/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

abb8180e4068c4d515f0491660de54dd31cf404185f1e1a98f542f87d7c93265

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 09:15:54 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79406
x-xss-protection: 0
last-modified: Sat, 16 Dec 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 16 Dec 2023 09:15:54 GMT

GET
H2 200 hotjar-3756738.js Show response
static.hotjar.com/c/ 10 KB
5 KB 78ms
42ms Script
application/javascript 18.66.97.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-3756738.js?sv=6

Requested by

Host: wicked.tours
URL: https://wicked.tours/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.10 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-10.fra56.r.cloudfront.net

Software

Resource Hash

ef5840fbbb67ce37beccaa6864b33d1c2aac83c53ffdd724bc1f163fdac7a82c

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Sat, 16 Dec 2023 09:15:54 GMT
via: 1.1 03ffca0f67e3596b9a0c92342fe91598.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
etag: W/754c11bff6f018e8a2eed1c62ada4dbe
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
cross-origin-resource-policy: cross-origin
x-amz-cf-id: bzW2dAAIaQGw64Cz7sUClUjnyFOarStlH3J19VvW6QYpMMekFEoz3Q==

GET
H2 200 api.min.js Show response
a.omappapi.com/app/js/ 51 KB
18 KB 57ms
12ms Script
application/javascript 2400:52e0:1e00::1082:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/api.min.js
Requested by: Host: wicked.tours
URL: https://wicked.tours/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1082 /
Resource Hash: 83c03c13ae512aeaf45b9a54c62dad09b5d833edae4f2459d3f71f2a3f2744aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 09:15:55 GMT
content-encoding: br
cdn-edgestorageid: 1080
perma-cache: HIT
cdn-storageserver: DE-168
cdn-cachedat: 12/14/2023 15:15:25
cdn-pullzone: 293267
last-modified: Tue, 12 Dec 2023 19:57:29 GMT
server: BunnyCDN-DE1-1082
cdn-fileserver: 383
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"6578bb29-cb9a"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: d50e8b4652983d54519bbe90f7df9fba
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 modules.f8398e1fcf749800c3fc.js Show response
script.hotjar.com/ 220 KB
55 KB 26ms
8ms Script
application/javascript 13.32.27.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.f8398e1fcf749800c3fc.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-3756738.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-107.fra56.r.cloudfront.net

Software

Resource Hash

fc1f36d89ddb377187edd50e7e1cbb9511baa256f6c57711f02601edab716361

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 12:03:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 dca6db3c8f31f3cd48bb06d78a8be624.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 162769
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 55732
last-modified: Thu, 14 Dec 2023 12:02:27 GMT
etag: "ce5f5f2327c7562166cfcaad455b7a17"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: osbl86XPqqqEfVoN2sAbZryV16woloyt1lJ0yH2rwEx8Jqmk-kiw5w==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 280 KB
92 KB 34ms
34ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-G2TMJJ58WS&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-54TM3L

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b791f7293f77867948a46c3d211854f2f1130817da758dc2333403a19a61a225

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 09:15:55 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 94576
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 16 Dec 2023 09:15:55 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 50ms
14ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-54TM3L

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 16 Dec 2023 07:48:14 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 5261
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sat, 16 Dec 2023 09:48:14 GMT

GET
H2 200 hotjar-3756738.js Show response
static.hotjar.com/c/ 10 KB
5 KB 10ms
10ms Script
application/javascript 18.66.97.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-3756738.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-54TM3L

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.10 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-10.fra56.r.cloudfront.net

Software

Resource Hash

ef5840fbbb67ce37beccaa6864b33d1c2aac83c53ffdd724bc1f163fdac7a82c

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Sat, 16 Dec 2023 09:15:54 GMT
via: 1.1 03ffca0f67e3596b9a0c92342fe91598.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 1
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
etag: W/754c11bff6f018e8a2eed1c62ada4dbe
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
x-amz-cf-id: aqEm1B4dY8LR8hDzmnAlx4zBLoxWmJPpexgkwCYolCrmLyx_8ORGHQ==

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 202 KB
54 KB 45ms
15ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: wicked.tours
URL: https://wicked.tours/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 16 Dec 2023 09:15:55 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54273
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: haagXH+xrOTARxtIhbkNIMWUzuhprlIfAJysiw6wG0XCEwDQDCnBF6QTl7cvRmm5FfB+nYBnDn8Q+hyPg5k9rA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 api.min.css
a.omappapi.com/app/js/ 10 KB
3 KB 14ms
13ms Stylesheet
text/css 2400:52e0:1e00::1082:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/api.min.css
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1082 /
Resource Hash: 428f350bd53281aeb92b949ccc048356f66823858401537ef57c712bf179fe3e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 09:15:55 GMT
content-encoding: br
cdn-edgestorageid: 1082
perma-cache: HIT
cdn-storageserver: DE-680
cdn-cachedat: 12/14/2023 15:15:25
cdn-pullzone: 293267
last-modified: Tue, 12 Dec 2023 20:02:02 GMT
server: BunnyCDN-DE1-1082
cdn-fileserver: 383
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"6578bc3a-2644"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: e05c576604e4dcb18817e61cc70437e4
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 282505 Show response
api.omappapi.com/v2/embed/ 4 KB
2 KB 494ms
413ms XHR
application/json 65.9.95.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.omappapi.com/v2/embed/282505?d=wicked.tours
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-92.prg50.r.cloudfront.net
Software: Pagely Gateway/1.5.1 /
Resource Hash: 3cd517186576612866047e18074bf383c7a8fecd97ab5c5e09562b9bd55ea115

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 09:15:55 GMT
content-encoding: gzip
via: 1.1 32f35b6a71829a460d6fdae31f270164.cloudfront.net (CloudFront)
x-cache-config: 0 0
x-amz-cf-pop: PRG50-C1
x-cache-status: EXPIRED
x-cache: Miss from cloudfront
x-optinmonster-account: 300415
x-user-agent: standard--
last-modified: Thu, 07 Dec 2023 20:43:34 GMT
server: Pagely Gateway/1.5.1
etag: W/"a9a2cfe5342110d54584c6e723029e4b"
vary: Accept-Encoding, User-Agent
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: X-OptinMonster-Account, X-User-Agent
cache-control: public, max-age=30, stale-while-revalidate=1800
access-control-allow-headers: X-CSRF-Token
x-amz-cf-id: w2X2iEyMZqjsCwHq4kn3Ppeds5XzOAdaO3NFkePv-Nrze_cAIgQh6g==
expires: Sat, 16 Dec 2023 09:16:25 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
206 B 22ms
20ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=56598525&t=pageview&_s=1&dl=https%3A%2F%2Fwicked.tours%2F&ul=en-us&de=UTF-8&dt=Kelowna%20Wine%20Tours%20%7C%20Okanagan%20Wine%20Tours%20%7C%20Wicked%20Wine%20Tours&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAiEABBAAAACAAIC~&jid=1999899743&gjid=1765388181&cid=1433210277.1702718155&tid=UA-11247999-2&_gid=677037672.1702718155&_slc=1&gtm=45He3bt0n7154TM3Lv6845581&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=730404994

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://wicked.tours/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 16 Dec 2023 09:15:55 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://wicked.tours
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 66ms
24ms XHR
text/plain 2a00:1450:400c:c0c::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-11247999-2&cid=1433210277.1702718155&jid=1999899743&gjid=1765388181&_gid=677037672.1702718155&_u=YGBAiEABBAAAAGAAIC~&z=2051806920

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://wicked.tours/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 16 Dec 2023 09:15:55 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://wicked.tours
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
252 B 49ms
18ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-G2TMJJ58WS&gtm=45je3bt0v898572988z86845581&_p=1702718154881&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1433210277.1702718155&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=1&sid=1702718155&sct=1&seg=0&dl=https%3A%2F%2Fwicked.tours%2F&dt=Kelowna%20Wine%20Tours%20%7C%20Okanagan%20Wine%20Tours%20%7C%20Wicked%20Wine%20Tours&en=page_view&_fv=1&_ss=1&tfd=980
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-G2TMJJ58WS&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Dec 2023 09:15:55 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://wicked.tours
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
243 B 45ms
24ms Ping
text/plain 2a00:1450:400c:c0c::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-G2TMJJ58WS&cid=1433210277.1702718155&gtm=45je3bt0v898572988z86845581&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-G2TMJJ58WS&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Dec 2023 09:15:55 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://wicked.tours
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 108ms
54ms Image
image/gif 2a00:1450:4016:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-G2TMJJ58WS&cid=1433210277.1702718155&gtm=45je3bt0v898572988z86845581&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=1930101522

Requested by

Host: wicked.tours
URL: https://wicked.tours/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4016:808::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Dec 2023 09:15:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 585564213285457 Show response
connect.facebook.net/signals/config/ 141 KB
36 KB 140ms
140ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/585564213285457?v=2.9.138&r=stable&domain=wicked.tours

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5f4ae462a630d6e6a3923c83e6e29aef3421dea6d4f13490589aa66078b18263

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 16 Dec 2023 09:15:55 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: hksf4ac/cdfbUqo4aKEi/vFY2C/rKPTFBwHbDtS8vDvofOQkvZzS8r441bBQhL0DZTzft1ggIcRJTdjq2Y9kYQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 103ms
37ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-11247999-2&cid=1433210277.1702718155&jid=1999899743&_u=YGBAiEABBAAAAGAAIC~&z=1968902603

Requested by

Host: wicked.tours
URL: https://wicked.tours/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Dec 2023 09:15:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 45ms
38ms Image
image/gif 2a00:1450:4016:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-11247999-2&cid=1433210277.1702718155&jid=1999899743&_u=YGBAiEABBAAAAGAAIC~&z=1968902603

Requested by

Host: wicked.tours
URL: https://wicked.tours/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4016:808::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Dec 2023 09:15:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK widget Show response
api.happychat.ai/happychat/ 825 B
764 B 472ms
221ms Fetch
text/html 54.210.251.174
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.happychat.ai/happychat/widget?bot_id=9d53d090-9986-494e-8078-ff05dc9f3dcd
Requested by: Host: app.happychat.ai
URL: https://app.happychat.ai/chat.script.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 54.210.251.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-210-251-174.compute-1.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 15b6e342bf10420c281d3bd90ad31cf40a9bfd91b5b7b4e9604b435344d95408

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sat, 16 Dec 2023 09:15:55 GMT
Content-Encoding: gzip
Server: nginx/1.18.0 (Ubuntu)
Transfer-Encoding: chunked
Vary: Origin
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://wicked.tours
Connection: keep-alive

GET
H2 200 Wicked-WIne-Tours-Kelowna-150-1280x778.jpeg.webp
wicked.tours/wp-content/uploads/sites/459/2022/12/ 195 KB
195 KB 96ms
95ms Image
image/webp 161.35.113.156
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wicked.tours/wp-content/uploads/sites/459/2022/12/Wicked-WIne-Tours-Kelowna-150-1280x778.jpeg.webp
Requested by: Host: wicked.tours
URL: https://wicked.tours/wp-content/uploads/sites/459/gondola-custom-css/gondola-custom-css.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 161.35.113.156 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 624165.cloudwaysapps.com
Software: nginx /
Resource Hash: e5e3d6fdd78fb14597e2501ec74b3d5c730d13a2e6718a18a8639e43cdc9d34e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/wp-content/uploads/sites/459/gondola-custom-css/gondola-custom-css.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 09:15:55 GMT
last-modified: Sat, 16 Dec 2023 06:08:50 GMT
server: nginx
etag: "657d3ef2-30a16"
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 199190

GET
H2 200 sh4.jpeg.webp
wicked.tours/wp-content/uploads/sites/459/2022/10/ 349 KB
349 KB 101ms
101ms Image
image/webp 161.35.113.156
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wicked.tours/wp-content/uploads/sites/459/2022/10/sh4.jpeg.webp
Requested by: Host: wicked.tours
URL: https://wicked.tours/wp-content/uploads/sites/459/gondola-custom-css/gondola-custom-css.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 161.35.113.156 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 624165.cloudwaysapps.com
Software: nginx /
Resource Hash: bdd6e29b3886816b933e6c994cf33b6f01d7239a484b844c676c473bc53bfc83

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/wp-content/uploads/sites/459/gondola-custom-css/gondola-custom-css.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 09:15:55 GMT
last-modified: Sat, 16 Dec 2023 06:08:52 GMT
server: nginx
etag: "657d3ef4-57298"
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 357016

GET
H2 200 Wicked-WIne-Tours-Kelowna-149-scaled-e1687731432851-2000x411.jpg.webp
wicked.tours/wp-content/uploads/sites/459/2023/06/ 93 KB
93 KB 230ms
230ms Image
image/webp 161.35.113.156
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wicked.tours/wp-content/uploads/sites/459/2023/06/Wicked-WIne-Tours-Kelowna-149-scaled-e1687731432851-2000x411.jpg.webp
Requested by: Host: wicked.tours
URL: https://wicked.tours/wp-content/uploads/sites/459/gondola-custom-css/gondola-custom-css.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 161.35.113.156 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 624165.cloudwaysapps.com
Software: nginx /
Resource Hash: a46da94dfac27524612777c4490056d31db2b35c757b6da2b82537602ea3a022

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/wp-content/uploads/sites/459/gondola-custom-css/gondola-custom-css.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 09:15:55 GMT
last-modified: Sat, 16 Dec 2023 06:08:52 GMT
server: nginx
etag: "657d3ef4-173d8"
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 95192

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 32 KB
33 KB 51ms
16ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@200;400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://wicked.tours
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 16:03:03 GMT
x-content-type-options: nosniff
age: 407572
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33092
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 10 Dec 2024 16:03:03 GMT

GET
H2 200 survey-v2.c4fe4e8846ba9e871205.js Show response
script.hotjar.com/ 275 KB
64 KB 8ms
7ms Script
application/javascript 13.32.27.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/survey-v2.c4fe4e8846ba9e871205.js

Requested by

Host: script.hotjar.com
URL: https://script.hotjar.com/modules.f8398e1fcf749800c3fc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-107.fra56.r.cloudfront.net

Software

Resource Hash

40bf4b466568f32151e831c1e1e9b10b32ff0612404f3cbc9baa20a1fde0f14a

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 15:35:08 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 dca6db3c8f31f3cd48bb06d78a8be624.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 150047
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 64632
last-modified: Thu, 14 Dec 2023 15:34:25 GMT
etag: "92a067a58cdfec5997140f49bdeaa73e"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: SwaZPUSexBe697aJzJJM0QL9E8vMa-elVctO_lgV_vNlKFtEBb0tjQ==

POST
H2 200 / Show response
content.hotjar.io/ 56 B
161 B 168ms
98ms XHR
application/json 18.203.9.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content.hotjar.io/?gzip=1
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.f8398e1fcf749800c3fc.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.9.136 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-9-136.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 7f38648531e3ced98f8140251c44221cf476dfeaf6b4ffca44c9821f9f9a7ead

Request headers

Referer: https://wicked.tours/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sat, 16 Dec 2023 09:15:55 GMT
content-length: 56
vary: Origin
content-type: application/json

GET
H2 200 OWFS-128x40.png.webp
wicked.tours/wp-content/uploads/sites/459/2023/02/ 3 KB
4 KB 180ms
178ms Image
image/webp 161.35.113.156
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wicked.tours/wp-content/uploads/sites/459/2023/02/OWFS-128x40.png.webp
Requested by: Host: wicked.tours
URL: https://wicked.tours/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 161.35.113.156 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 624165.cloudwaysapps.com
Software: nginx /
Resource Hash: 91c88ba09686f1391fe968314a39a50749c546da6bd6cdadd20bcdc2026bef86

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 09:15:55 GMT
last-modified: Wed, 08 Feb 2023 19:00:21 GMT
server: nginx
etag: "63e3f145-de8"
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 3560

GET
H2 200 rsw_363h_200cg_true-128x71.webp
wicked.tours/wp-content/uploads/sites/459/2022/10/ 3 KB
3 KB 181ms
179ms Image
image/webp 161.35.113.156
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wicked.tours/wp-content/uploads/sites/459/2022/10/rsw_363h_200cg_true-128x71.webp
Requested by: Host: wicked.tours
URL: https://wicked.tours/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 161.35.113.156 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 624165.cloudwaysapps.com
Software: nginx /
Resource Hash: 6efab6d334551dc2f787603f093acf40abb37df4219d78aa53c02c71c917e9fa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 09:15:55 GMT
last-modified: Fri, 21 Oct 2022 14:25:19 GMT
server: nginx
etag: "6352abcf-a4a"
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 2634

GET
H2 200 rsw_297h_200cg_true-128x86.webp
wicked.tours/wp-content/uploads/sites/459/2022/10/ 3 KB
3 KB 182ms
180ms Image
image/webp 161.35.113.156
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wicked.tours/wp-content/uploads/sites/459/2022/10/rsw_297h_200cg_true-128x86.webp
Requested by: Host: wicked.tours
URL: https://wicked.tours/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 161.35.113.156 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 624165.cloudwaysapps.com
Software: nginx /
Resource Hash: c212941bd3343394223cad357d82517cf533e8cd0d0ca8f211bfa0d990f38952

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 09:15:55 GMT
last-modified: Fri, 21 Oct 2022 14:25:44 GMT
server: nginx
etag: "6352abe8-ab8"
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 2744

GET
H2 200 TIABC-removebg-preview-e1669838183572-128x31.png.webp
wicked.tours/wp-content/uploads/sites/459/2022/11/ 3 KB
3 KB 183ms
181ms Image
image/webp 161.35.113.156
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wicked.tours/wp-content/uploads/sites/459/2022/11/TIABC-removebg-preview-e1669838183572-128x31.png.webp
Requested by: Host: wicked.tours
URL: https://wicked.tours/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 161.35.113.156 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 624165.cloudwaysapps.com
Software: nginx /
Resource Hash: 5108d0adbc43671f8d004a74b15ae5c567291feb89ff81c0fe4cab24ed7a19f9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 09:15:55 GMT
last-modified: Wed, 30 Nov 2022 21:31:17 GMT
server: nginx
etag: "6387cba5-c34"
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 3124

GET
H2 200 gsst-certif-badges-gold-bus-23-25-full-color-rgb-1200px-w-72ppi-128x73.png.webp
wicked.tours/wp-content/uploads/sites/459/2023/11/ 4 KB
5 KB 183ms
182ms Image
image/webp 161.35.113.156
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wicked.tours/wp-content/uploads/sites/459/2023/11/gsst-certif-badges-gold-bus-23-25-full-color-rgb-1200px-w-72ppi-128x73.png.webp
Requested by: Host: wicked.tours
URL: https://wicked.tours/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 161.35.113.156 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 624165.cloudwaysapps.com
Software: nginx /
Resource Hash: de0d5e66db5ee404c65df68f352e5fe98bf772962d2b7a9b593586a241632bf2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 09:15:55 GMT
last-modified: Wed, 22 Nov 2023 14:45:43 GMT
server: nginx
etag: "655e1417-1198"
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 4504

GET
H2 200 rsw_575h_178cg_true-128x40.webp
wicked.tours/wp-content/uploads/sites/459/2022/10/ 3 KB
3 KB 184ms
183ms Image
image/webp 161.35.113.156
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wicked.tours/wp-content/uploads/sites/459/2022/10/rsw_575h_178cg_true-128x40.webp
Requested by: Host: wicked.tours
URL: https://wicked.tours/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 161.35.113.156 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 624165.cloudwaysapps.com
Software: nginx /
Resource Hash: f4230ced8d4264c7d87c89dd662ed160243569667d5d1fc586b94d65fb771618

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 09:15:55 GMT
last-modified: Fri, 21 Oct 2022 14:26:38 GMT
server: nginx
etag: "6352ac1e-c28"
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 3112

GET
H2 200 5-Star-Reviews-on-Facebook-128x71.png.webp
wicked.tours/wp-content/uploads/sites/459/2023/02/ 4 KB
4 KB 185ms
183ms Image
image/webp 161.35.113.156
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wicked.tours/wp-content/uploads/sites/459/2023/02/5-Star-Reviews-on-Facebook-128x71.png.webp
Requested by: Host: wicked.tours
URL: https://wicked.tours/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 161.35.113.156 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 624165.cloudwaysapps.com
Software: nginx /
Resource Hash: aac4ba6b7203c941d7d21fecf64d5753c3a291671e8da7de1dbddda459aaf722

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 09:15:55 GMT
last-modified: Wed, 08 Feb 2023 19:01:48 GMT
server: nginx
etag: "63e3f19c-10e6"
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 4326

GET
H2 200 west-kelowna-wine-wicked-wine-tours2-scaled-e1701873185179-768x474.jpg
wicked.tours/wp-content/uploads/sites/459/2023/12/ 82 KB
82 KB 185ms
184ms Image
image/jpeg 161.35.113.156
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wicked.tours/wp-content/uploads/sites/459/2023/12/west-kelowna-wine-wicked-wine-tours2-scaled-e1701873185179-768x474.jpg
Requested by: Host: wicked.tours
URL: https://wicked.tours/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 161.35.113.156 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 624165.cloudwaysapps.com
Software: nginx /
Resource Hash: 0e63cac03c213593ddc5d883e5e87e89adc6e905fd5dfc32cee7e8c364926cc5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 09:15:55 GMT
last-modified: Wed, 06 Dec 2023 14:33:06 GMT
server: nginx
etag: "65708622-148ba"
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 84154

GET
H2 200 Wicked_Wine_Tours_Kelowna_42_70687ea0b3-1.jpeg.webp
wicked.tours/wp-content/uploads/sites/459/2023/12/ 50 KB
50 KB 187ms
186ms Image
image/webp 161.35.113.156
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wicked.tours/wp-content/uploads/sites/459/2023/12/Wicked_Wine_Tours_Kelowna_42_70687ea0b3-1.jpeg.webp
Requested by: Host: wicked.tours
URL: https://wicked.tours/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 161.35.113.156 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 624165.cloudwaysapps.com
Software: nginx /
Resource Hash: 454c8ede38b99b291b5496bff4962c0b86c31f7a787b3ef09d2323cf2c19c0fe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 09:15:55 GMT
last-modified: Sat, 09 Dec 2023 13:17:40 GMT
server: nginx
etag: "657468f4-c7f0"
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 51184

GET
H2 200 wicked-wine-tours-kelowna-1-768x431.jpg.webp
wicked.tours/wp-content/uploads/sites/459/2023/11/ 69 KB
69 KB 268ms
267ms Image
image/webp 161.35.113.156
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wicked.tours/wp-content/uploads/sites/459/2023/11/wicked-wine-tours-kelowna-1-768x431.jpg.webp
Requested by: Host: wicked.tours
URL: https://wicked.tours/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 161.35.113.156 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 624165.cloudwaysapps.com
Software: nginx /
Resource Hash: 34d074a1f60a0bf21b95bd5726013e8e516545f77f1b3ee3d6a3c99f60b11eba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 09:15:55 GMT
last-modified: Wed, 15 Nov 2023 15:41:51 GMT
server: nginx
etag: "6554e6bf-11430"
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 70704

GET
H2 200 wicked-wine-tours-kelowna-4-768x512.jpg.webp
wicked.tours/wp-content/uploads/sites/459/2023/11/ 41 KB
41 KB 282ms
281ms Image
image/webp 161.35.113.156
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wicked.tours/wp-content/uploads/sites/459/2023/11/wicked-wine-tours-kelowna-4-768x512.jpg.webp
Requested by: Host: wicked.tours
URL: https://wicked.tours/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 161.35.113.156 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 624165.cloudwaysapps.com
Software: nginx /
Resource Hash: ee1d09d7d8ee6175d6cb6b2486009382ddef3871dd6e5bf9de9ca221487d9844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 09:15:55 GMT
last-modified: Wed, 15 Nov 2023 15:44:56 GMT
server: nginx
etag: "6554e778-a47e"
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 42110

GET
H2 200 mission_hill_wine_wicked_wine_tours_1_e0567d343f.jpg
ik.imagekit.io/gondolatravel/uploads/ 43 KB
44 KB 110ms
46ms Image
image/webp 2600:9000:2127:2400:15:c281:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ik.imagekit.io/gondolatravel/uploads/mission_hill_wine_wicked_wine_tours_1_e0567d343f.jpg?tr=w-708,h-386,c-maintain_ratio,f-auto
Requested by: Host: wicked.tours
URL: https://wicked.tours/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:2400:15:c281:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 2dda0431a1b1662044e86e94ace262a4924d21fdb6de24e757a2b82c9efd6ac2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 15:25:05 GMT
via: 1.1 490f651effcacfa7d80143d3047d794e.cloudfront.net (CloudFront), 1.1 f18b0bd4a5b62e5fb49428cc4789689e.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 409850
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 44244
x-request-id: af26e044-cc12-4039-a9a7-abfc5762b021
etag: W/"acd4-lUnuFyAtNgAAtAmCIx94kZHc9zU"
vary: Accept
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=31536000, must-revalidate
x-server: ImageKit.io
timing-allow-origin: *
access-control-allow-headers: *
x-amz-cf-id: 7AF5bbwqqV2-rm8mf-RA5RUnS1zmvgbanhiu3nOdTX2Vy5GCP_vxmg==

GET
H2 200 Wicked_Wine_Santa_and_Grinch_IG_Post_No_Text_77953e1f50.jpg
ik.imagekit.io/gondolatravel/uploads/ 18 KB
19 KB 108ms
44ms Image
image/webp 2600:9000:2127:2400:15:c281:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ik.imagekit.io/gondolatravel/uploads/Wicked_Wine_Santa_and_Grinch_IG_Post_No_Text_77953e1f50.jpg?tr=w-708,h-386,c-maintain_ratio,f-auto
Requested by: Host: wicked.tours
URL: https://wicked.tours/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:2400:15:c281:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8be4ccb3696c52ef144c145aced34da594fb9ce3e3dd2010ec5d218c01c43b9d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 15:25:05 GMT
via: 1.1 490f651effcacfa7d80143d3047d794e.cloudfront.net (CloudFront), 1.1 f18b0bd4a5b62e5fb49428cc4789689e.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 409850
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 18846
x-request-id: 1e4928fa-0e6f-4f18-8b6a-d02b3bc917b7
last-modified: Tue, 03 Oct 2023 14:56:38 GMT
etag: "13f7263669d8d4c1a90c75cd071a128d"
vary: Accept
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=31536000, must-revalidate
x-server: ImageKit.io
timing-allow-origin: *
access-control-allow-headers: *
x-amz-cf-id: rQja3svsIa4w_nb_gBmnDpK4KmsnFOsLlPulnhYl1e-RbYAnLVay-Q==

GET
H2 200 big_white_resort_wicked_wine_tours_7_786371ffcd.jpg
ik.imagekit.io/gondolatravel/uploads/ 46 KB
46 KB 134ms
70ms Image
image/webp 2600:9000:2127:2400:15:c281:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ik.imagekit.io/gondolatravel/uploads/big_white_resort_wicked_wine_tours_7_786371ffcd.jpg?tr=w-708,h-386,c-maintain_ratio,f-auto
Requested by: Host: wicked.tours
URL: https://wicked.tours/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:2400:15:c281:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 0c362bb8667d4e053118116e1b7cf374ad8e44f5d6c4c2d80df85c9226ee1e1b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 15:25:05 GMT
via: 1.1 c60125e7f3465aceafb0abd071a41a36.cloudfront.net (CloudFront), 1.1 f18b0bd4a5b62e5fb49428cc4789689e.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 409850
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 46838
x-request-id: 37f44b97-f63e-470b-89b4-2ccfda23c639
last-modified: Wed, 06 Dec 2023 03:52:09 GMT
etag: "ba6789a89e6a77e9bfe582402d04a059"
vary: Accept
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=31536000, must-revalidate
x-server: ImageKit.io
timing-allow-origin: *
access-control-allow-headers: *
x-amz-cf-id: YMmavi2CwsmVP3MIJBKccZh8GyVoNmIFBXFPdilGmxLbZ4viQ0nu5Q==

GET
H2 200 silver_star_resort_wicked_wine_tours_8_f1d09483a7.jpg
ik.imagekit.io/gondolatravel/uploads/ 42 KB
42 KB 148ms
84ms Image
image/webp 2600:9000:2127:2400:15:c281:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ik.imagekit.io/gondolatravel/uploads/silver_star_resort_wicked_wine_tours_8_f1d09483a7.jpg?tr=w-708,h-386,c-maintain_ratio,f-auto
Requested by: Host: wicked.tours
URL: https://wicked.tours/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:2400:15:c281:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 79f5c2a9b97b1e0f7b11ab248290035f06504868d183672beb0614597fd62db7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 10:16:19 GMT
via: 1.1 3141f89cca62ae5784a211a8d1176d1c.cloudfront.net (CloudFront), 1.1 f18b0bd4a5b62e5fb49428cc4789689e.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 169176
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 42920
x-request-id: 268985bb-77a3-4162-a199-35c9230df021
etag: W/"a7a8-Wv3LAQHSkUdU2SxcPqfipVQbQh8"
vary: Accept
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=31536000, must-revalidate
x-server: ImageKit.io
timing-allow-origin: *
access-control-allow-headers: *
x-amz-cf-id: VOm2-L6Kdnh2O3WfhJc_DS0gMeQR4VQBoldhJfU8I9xo6WLTsVwc7Q==

GET
H2 200 kelowna_shuttle_wicked_wine_tours_2_b9d511884d.jpg
ik.imagekit.io/gondolatravel/uploads/ 47 KB
48 KB 155ms
92ms Image
image/webp 2600:9000:2127:2400:15:c281:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ik.imagekit.io/gondolatravel/uploads/kelowna_shuttle_wicked_wine_tours_2_b9d511884d.jpg?tr=w-708,h-386,c-maintain_ratio,f-auto
Requested by: Host: wicked.tours
URL: https://wicked.tours/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:2400:15:c281:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: d22393b88f17fdc85cd44930e63d3ed0a909edbe41413b5bd8a1997955fb2b03

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 15 Dec 2023 18:31:38 GMT
via: 1.1 490f651effcacfa7d80143d3047d794e.cloudfront.net (CloudFront), 1.1 f18b0bd4a5b62e5fb49428cc4789689e.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 53057
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 48514
x-request-id: 7eb23fd9-b864-4740-a53c-9e4044cb7cc3
etag: W/"bd82-SNOd/5nnDpYx4ynDZfF+tycJOng"
vary: Accept
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=31536000, must-revalidate
x-server: ImageKit.io
timing-allow-origin: *
access-control-allow-headers: *
x-amz-cf-id: aa4mQolkQDNO9oubmTi25EDkLu51SAcF6fXzxl0ip6T7KNEZvPCpXg==

GET
H2 200 categories Show response
wicked.tours/wp-json/wp/v2/ 5 KB
2 KB 581ms
581ms XHR
application/json 161.35.113.156
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://wicked.tours/wp-json/wp/v2/categories

Requested by

Host: wicked.tours
URL: https://wicked.tours/wp-content/themes/gondola-wp/lib/jquery/jquery.min.js?ver=5.8.8

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

161.35.113.156 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

624165.cloudwaysapps.com

Software

nginx /

Resource Hash

b7b49287e2e1f8b1faec885ccef21f5e8c188272d11affe4d8e1eb98dbc3ee85

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://wicked.tours/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 09:15:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-length: 1116
x-wp-doingitwrong: register_rest_route (since 5.5.0; The REST API route definition for <code>wp/v2/sites/delete/?(?P<blog_id>\d+)?</code> is missing the required <code>permission_callback</code> argument. For REST API routes that are intended to be public, use <code>__return_true</code> as the permission callback.)
pragma: no-cache
server: nginx
x-wp-totalpages: 1
allow: GET
vary: Origin,Accept-Encoding
content-type: application/json; charset=UTF-8
access-control-expose-headers: X-WP-Total, X-WP-TotalPages, Link
cache-control: no-store, no-cache, must-revalidate
x-wp-total: 4
x-robots-tag: noindex
link: <https://wicked.tours/wp-json/>; rel="https://api.w.org/"
access-control-allow-headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 3457756354483018 Show response
connect.facebook.net/signals/config/ 135 KB
35 KB 146ms
146ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/3457756354483018?v=2.9.138&r=stable&domain=wicked.tours

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5dd253bae5d132bf4c9902dd0e62796d51b830c503d3e23ae32cfa2c9e55f9d8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 16 Dec 2023 09:15:55 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: AWWgNWUhiFcAvNqsrNh5AFycueRyyoYklKQGTugFvKVQCSyJKgZBi8Mlec3qjEpTYf0IDV2nXq1otLA7eFX+IA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 25ms
9ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=585564213285457&ev=PageView&dl=https%3A%2F%2Fwicked.tours%2F&rl=&if=false&ts=1702718155366&sw=1600&sh=1200&v=2.9.138&r=stable&a=tmgoogletagmanager&ec=0&o=4126&fbp=fb.1.1702718155365.1174921189&cs_est=true&ler=empty&it=1702718155130&coo=false&rqm=GET

Requested by

Host: wicked.tours
URL: https://wicked.tours/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 16 Dec 2023 09:15:55 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 Wicked_Wine_Tours_Kelowna_42_70687ea0b3-1.jpeg
wicked.tours/wp-content/uploads/sites/459/2023/12/ 61 KB
61 KB 261ms
261ms Image
image/jpeg 161.35.113.156
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wicked.tours/wp-content/uploads/sites/459/2023/12/Wicked_Wine_Tours_Kelowna_42_70687ea0b3-1.jpeg
Requested by: Host: wicked.tours
URL: https://wicked.tours/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 161.35.113.156 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 624165.cloudwaysapps.com
Software: nginx /
Resource Hash: 9079019c5791bca95301a1552153b106eb93686a0810b3d25b534fbb50dc281c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 09:15:55 GMT
last-modified: Sat, 09 Dec 2023 13:17:10 GMT
server: nginx
etag: "657468d6-f4f1"
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 62705

GET
H2 200 wicked-wine-tours-kelowna-1.jpg
wicked.tours/wp-content/uploads/sites/459/2023/11/ 247 KB
247 KB 263ms
262ms Image
image/jpeg 161.35.113.156
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wicked.tours/wp-content/uploads/sites/459/2023/11/wicked-wine-tours-kelowna-1.jpg
Requested by: Host: wicked.tours
URL: https://wicked.tours/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 161.35.113.156 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 624165.cloudwaysapps.com
Software: nginx /
Resource Hash: 9cb9184e3045bb9f7d503e664206044974d084afacdf14c80757ba88ba960ed9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 09:15:55 GMT
last-modified: Wed, 15 Nov 2023 15:41:16 GMT
server: nginx
etag: "6554e69c-3da38"
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 252472

GET
H2 200 wicked-wine-tours-kelowna-4.jpg
wicked.tours/wp-content/uploads/sites/459/2023/11/ 121 KB
122 KB 265ms
265ms Image
image/jpeg 161.35.113.156
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wicked.tours/wp-content/uploads/sites/459/2023/11/wicked-wine-tours-kelowna-4.jpg
Requested by: Host: wicked.tours
URL: https://wicked.tours/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 161.35.113.156 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 624165.cloudwaysapps.com
Software: nginx /
Resource Hash: 57642a7928748d1e0092b3a30161736c827baae4ceef02299ef363a1e00b5bf0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 09:15:55 GMT
last-modified: Wed, 15 Nov 2023 15:44:22 GMT
server: nginx
etag: "6554e756-1e4e7"
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 124135

GET
H2 200 hit Show response
surveystats.hotjar.io/ 0
481 B 100ms
45ms XHR
binary/octet-stream 65.9.95.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://surveystats.hotjar.io/hit?id=964466&device=desktop
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.f8398e1fcf749800c3fc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-9.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 15 Dec 2023 09:47:54 GMT
x-amz-version-id: null
via: 1.1 6fc3cae9692b6db972e4990be9921fae.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 84482
x-cache: Hit from cloudfront
content-length: 0
last-modified: Wed, 27 Jan 2021 15:23:17 GMT
server: AmazonS3
etag: "d41d8cd98f00b204e9800998ecf8427e"
access-control-max-age: 0
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: public,max-age=0
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
x-amz-cf-id: wevneCDbzKI7Z-5lfsA0L4gW04QcOeE87TdfQkj2I-R1G_Dmgi9DFg==

GET
H/1.1 200
OK 2d44337058374a20b1bd52315f813f99
s3-eu-west-1.amazonaws.com/hj-insights/surveys/logo/ 9 KB
9 KB 130ms
57ms Image
image/png 52.92.33.120
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-eu-west-1.amazonaws.com/hj-insights/surveys/logo/2d44337058374a20b1bd52315f813f99
Requested by: Host: wicked.tours
URL: https://wicked.tours/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.92.33.120 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 2e459bfd938277646b5384d931c9db3a7dafed48efa7ce9c76a0bded2ee41cb0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sat, 16 Dec 2023 09:15:56 GMT
x-amz-version-id: Yx_eIBWWuW5yBeinNIAMbGpGJ7OovFbr
Last-Modified: Sun, 26 Nov 2023 17:15:28 GMT
Server: AmazonS3
x-amz-request-id: 4X19S13K7GGG05H0
ETag: "d07c7af7ea660897f8613c72991b6218"
x-amz-server-side-encryption: AES256
Content-Type: image/png
Cache-Control: max-age=0, must-revalidate
Accept-Ranges: bytes
Content-Length: 8704
x-amz-id-2: 11H8ufkhLuVlHGaW6RRG5EXbtOhlfafiZ/rJfCxu99dCCn4Ta/u5+GgGAn7h6f3TFI6netBgAKg=

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 14ms
14ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=3457756354483018&ev=PageView&dl=https%3A%2F%2Fwicked.tours%2F&rl=&if=false&ts=1702718155519&sw=1600&sh=1200&v=2.9.138&r=stable&a=tmgoogletagmanager&ec=0&o=4126&fbp=fb.1.1702718155365.1174921189&ler=empty&it=1702718155130&coo=false&rqm=GET

Requested by

Host: wicked.tours
URL: https://wicked.tours/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 16 Dec 2023 09:15:55 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 5.c3191d3c.min.js Show response
a.omappapi.com/app/js/ 16 KB
6 KB 13ms
12ms Script
application/javascript 2400:52e0:1e00::1082:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/5.c3191d3c.min.js
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1082 /
Resource Hash: 745b79544835c8ee16198c039bdde0b6ec42333c0f830df5770bd4dcd60a6ac6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 09:15:55 GMT
content-encoding: br
cdn-edgestorageid: 1081
perma-cache: HIT
cdn-storageserver: DE-383
cdn-cachedat: 12/14/2023 15:15:25
cdn-pullzone: 293267
last-modified: Wed, 25 Oct 2023 17:45:58 GMT
server: BunnyCDN-DE1-1082
cdn-fileserver: 709
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"65395456-4146"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 7eae4cda3b171e882ff065ab1724364c
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 4.1dae6b4d.min.js Show response
a.omappapi.com/app/js/ 48 KB
14 KB 12ms
12ms Script
application/javascript 2400:52e0:1e00::1082:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/4.1dae6b4d.min.js
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1082 /
Resource Hash: 8d7293476de0d15a9417a6f896f642845e90a174c74455e095f5f9a69768b51c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 09:15:55 GMT
content-encoding: br
cdn-edgestorageid: 1081
perma-cache: HIT
cdn-storageserver: DE-51
cdn-cachedat: 12/14/2023 15:15:25
cdn-pullzone: 293267
last-modified: Wed, 01 Nov 2023 17:12:10 GMT
server: BunnyCDN-DE1-1082
cdn-fileserver: 599
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"654286ea-c029"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 22e0036e687f8124fcf98144e3306408
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 20.1d4b97e9.min.js Show response
a.omappapi.com/app/js/ 4 KB
2 KB 13ms
12ms Script
application/javascript 2400:52e0:1e00::1082:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/20.1d4b97e9.min.js
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1082 /
Resource Hash: e1b149f9dffc3130750034a65c4a1d2cbefe7ffcef67fcb368f292a065aabeef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 09:15:55 GMT
content-encoding: br
cdn-edgestorageid: 1082
perma-cache: HIT
cdn-storageserver: DE-679
cdn-cachedat: 12/14/2023 15:15:25
cdn-pullzone: 293267
last-modified: Mon, 18 Sep 2023 16:47:38 GMT
server: BunnyCDN-DE1-1082
cdn-fileserver: 587
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"65087f2a-1062"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: aee04a3c97600280868409c95cceda67
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 19.b93023b7.min.js Show response
a.omappapi.com/app/js/ 4 KB
3 KB 13ms
12ms Script
application/javascript 2400:52e0:1e00::1082:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/19.b93023b7.min.js
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1082 /
Resource Hash: 263c3a799ea39e2db3c3347bab23a9f98990d9d9633d2d8b833d8766c3dc2b36

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 09:15:55 GMT
content-encoding: br
cdn-edgestorageid: 1080
perma-cache: HIT
cdn-storageserver: DE-164
cdn-cachedat: 12/14/2023 15:15:25
cdn-pullzone: 293267
last-modified: Mon, 18 Sep 2023 16:47:40 GMT
server: BunnyCDN-DE1-1082
cdn-fileserver: 587
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"65087f2c-10b0"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 61aacde1601d0ca46ffe9aa04e35f3d6
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 27.78393e5b.min.js Show response
a.omappapi.com/app/js/ 6 KB
3 KB 13ms
13ms Script
application/javascript 2400:52e0:1e00::1082:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/27.78393e5b.min.js
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1082 /
Resource Hash: 5405f21fd05a73a76a85b2021b366df4dcd00dd93ad956d671776622ea5e1ffc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 09:15:55 GMT
content-encoding: br
cdn-edgestorageid: 1081
perma-cache: HIT
cdn-storageserver: DE-677
cdn-cachedat: 12/14/2023 15:15:25
cdn-pullzone: 293267
last-modified: Mon, 18 Sep 2023 16:47:43 GMT
server: BunnyCDN-DE1-1082
cdn-fileserver: 587
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"65087f2f-1973"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 678f2b934a9209b83d1b36eb21fc3c52
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 32.b9065693.min.js Show response
a.omappapi.com/app/js/ 11 KB
5 KB 19ms
18ms Script
application/javascript 2400:52e0:1e00::1082:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/32.b9065693.min.js
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1082 /
Resource Hash: 978277c7385002bbd8eca4f51d7bdac7424ef8c6d267066e36b018b25bf88f7a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 09:15:55 GMT
content-encoding: br
cdn-edgestorageid: 1080
perma-cache: HIT
cdn-storageserver: DE-663
cdn-cachedat: 12/14/2023 15:15:25
cdn-pullzone: 293267
last-modified: Mon, 18 Sep 2023 16:47:33 GMT
server: BunnyCDN-DE1-1082
cdn-fileserver: 587
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"65087f25-2c41"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: d51e22b753dbedfa3e9d198a823322a7
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 10.acdc9ced.min.js Show response
a.omappapi.com/app/js/ 33 KB
10 KB 14ms
14ms Script
application/javascript 2400:52e0:1e00::1082:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/10.acdc9ced.min.js
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1082 /
Resource Hash: 21111013521ce045115ade20ed1b0ac09b102688f010ecf84bb7f3f53574456c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 09:15:55 GMT
content-encoding: br
cdn-edgestorageid: 1082
perma-cache: HIT
cdn-storageserver: DE-383
cdn-cachedat: 12/14/2023 15:15:25
cdn-pullzone: 293267
last-modified: Tue, 12 Dec 2023 19:57:31 GMT
server: BunnyCDN-DE1-1082
cdn-fileserver: 383
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"6578bb2b-8515"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 51f6d2297e09c1c268e6fec9601e58ac
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 0.514c5def.min.js Show response
a.omappapi.com/app/js/ 7 KB
3 KB 16ms
15ms Script
application/javascript 2400:52e0:1e00::1082:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/0.514c5def.min.js
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1082 /
Resource Hash: a0746aee5a2b0032d3d664b8383d97bb3e1f0dce11ececfa1258072a704b1a72

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 09:15:55 GMT
content-encoding: br
cdn-edgestorageid: 1081
perma-cache: HIT
cdn-storageserver: DE-676
cdn-cachedat: 12/14/2023 15:15:25
cdn-pullzone: 293267
last-modified: Mon, 18 Sep 2023 16:47:37 GMT
server: BunnyCDN-DE1-1082
cdn-fileserver: 383
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"65087f29-1d49"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 8e1aeb584a7382651540d4fb66b25235
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 9.c66ab701.min.js Show response
a.omappapi.com/app/js/ 2 KB
2 KB 17ms
17ms Script
application/javascript 2400:52e0:1e00::1082:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/9.c66ab701.min.js
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1082 /
Resource Hash: 8ad9a6bcdc20b0bb29576b861332e7b11719bd11af68024d7676724574070f05

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 09:15:55 GMT
content-encoding: br
cdn-edgestorageid: 1080
perma-cache: HIT
cdn-storageserver: DE-676
cdn-cachedat: 12/14/2023 15:15:25
cdn-pullzone: 293267
last-modified: Mon, 18 Sep 2023 18:28:00 GMT
server: BunnyCDN-DE1-1082
cdn-fileserver: 599
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"650896b0-879"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 55f0424f3466ddbe145a375b2f5960f5
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 11.38e902ad.min.js Show response
a.omappapi.com/app/js/ 3 KB
2 KB 16ms
16ms Script
application/javascript 2400:52e0:1e00::1082:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/11.38e902ad.min.js
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1082 /
Resource Hash: c110d3e795d9bcb956d5c9ef500d23c7e480a259519d383d5c626293ee413815

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 09:15:55 GMT
content-encoding: br
cdn-edgestorageid: 1081
perma-cache: HIT
cdn-storageserver: DE-164
cdn-cachedat: 12/14/2023 15:15:25
cdn-pullzone: 293267
last-modified: Mon, 18 Sep 2023 16:47:37 GMT
server: BunnyCDN-DE1-1082
cdn-fileserver: 383
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"65087f29-a40"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: f2da15940996f65d20ef17e3f2884cff
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 28.377be946.min.js Show response
a.omappapi.com/app/js/ 3 KB
2 KB 29ms
28ms Script
application/javascript 2400:52e0:1e00::1082:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/28.377be946.min.js
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1082 /
Resource Hash: 8f927cd54d7ef0ffd667f6537f9a9f3ef56fd8f86b32c8dfd534c29da2f2242a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 09:15:55 GMT
content-encoding: br
cdn-edgestorageid: 1082
perma-cache: HIT
cdn-storageserver: DE-165
cdn-cachedat: 12/14/2023 15:15:25
cdn-pullzone: 293267
last-modified: Mon, 18 Sep 2023 16:47:51 GMT
server: BunnyCDN-DE1-1082
cdn-fileserver: 383
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"65087f37-d7b"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: c8588891f25faf3ff5d065d0090ea076
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 26.1898e425.min.js Show response
a.omappapi.com/app/js/ 2 KB
1 KB 30ms
29ms Script
application/javascript 2400:52e0:1e00::1082:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/26.1898e425.min.js
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1082 /
Resource Hash: c6fd60d4ecfcac36ecdcb7456ecf170d8eef75c883a1e34a4dd7855d23966cd2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 09:15:55 GMT
content-encoding: br
cdn-edgestorageid: 1081
perma-cache: HIT
cdn-storageserver: DE-587
cdn-cachedat: 12/14/2023 15:15:25
cdn-pullzone: 293267
last-modified: Mon, 18 Sep 2023 16:47:40 GMT
server: BunnyCDN-DE1-1082
cdn-fileserver: 588
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"65087f2c-6b6"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: c115630407b546d21378092a724013dd
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 16.0e435a6f.min.js Show response
a.omappapi.com/app/js/ 1 KB
1 KB 33ms
32ms Script
application/javascript 2400:52e0:1e00::1082:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/16.0e435a6f.min.js
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1082 /
Resource Hash: c4fbf61bcc8a017d5d9cd2d95105bf88005bc0a3b6c18be6bfee8fc94d0adf52

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 09:15:55 GMT
content-encoding: br
cdn-edgestorageid: 1080
perma-cache: HIT
cdn-storageserver: DE-663
cdn-cachedat: 12/14/2023 15:15:25
cdn-pullzone: 293267
last-modified: Mon, 18 Sep 2023 16:47:35 GMT
server: BunnyCDN-DE1-1082
cdn-fileserver: 383
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"65087f27-51f"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: abac3cfd189d9f5704a08514fc836d68
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 1.ea963399.min.js Show response
a.omappapi.com/app/js/ 11 KB
3 KB 31ms
31ms Script
application/javascript 2400:52e0:1e00::1082:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/1.ea963399.min.js
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1082 /
Resource Hash: 6507a044d207a767ec2971e891b149b58d6d32a6ee1b18068a6d6dd36bc5fa9a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 09:15:55 GMT
content-encoding: br
cdn-edgestorageid: 1080
perma-cache: HIT
cdn-storageserver: DE-661
cdn-cachedat: 12/14/2023 15:15:25
cdn-pullzone: 293267
last-modified: Mon, 18 Sep 2023 16:47:50 GMT
server: BunnyCDN-DE1-1082
cdn-fileserver: 587
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"65087f36-2abc"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 35cbdb1b7e86bf4261469fe8abffe0c1
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 21.5aa698b1.min.js Show response
a.omappapi.com/app/js/ 2 KB
2 KB 33ms
33ms Script
application/javascript 2400:52e0:1e00::1082:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/21.5aa698b1.min.js
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1082 /
Resource Hash: 5c756ba00bc22ff5690e08fc74aa2c70cde9b692a4acb7ca813a9dc7168c27d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 09:15:55 GMT
content-encoding: br
cdn-edgestorageid: 1082
perma-cache: HIT
cdn-storageserver: DE-165
cdn-cachedat: 12/14/2023 15:15:25
cdn-pullzone: 293267
last-modified: Mon, 18 Sep 2023 16:47:35 GMT
server: BunnyCDN-DE1-1082
cdn-fileserver: 599
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"65087f27-81f"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 6280adc32aa3359282f1c9f6292a1369
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H/1.1 200
OK questions Show response
api.happychat.ai/happychat/chatbot/ 757 B
649 B 220ms
219ms Fetch
text/html 54.210.251.174
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.happychat.ai/happychat/chatbot/questions?bot_id=9d53d090-9986-494e-8078-ff05dc9f3dcd
Requested by: Host: app.happychat.ai
URL: https://app.happychat.ai/chat.script.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 54.210.251.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-210-251-174.compute-1.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 2c72e6b130787ecb00a394075e92b899af14ff9f2af580fdc5a93ac1f576a14c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sat, 16 Dec 2023 09:15:55 GMT
Content-Encoding: gzip
Server: nginx/1.18.0 (Ubuntu)
Transfer-Encoding: chunked
Vary: Origin
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://wicked.tours
Connection: keep-alive

GET
H2 200 react.production.min.js Show response
cdn.jsdelivr.net/npm/react/umd/ 10 KB
5 KB 33ms
17ms Script
application/javascript 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/react/umd/react.production.min.js

Requested by

Host: app.happychat.ai
URL: https://app.happychat.ai/chat.script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4b4969fa4ef3594324da2c6d78ce8766fbbc2fd121fff395aedf997db0a99a06

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 09:15:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 34929
x-jsd-version: 18.2.0
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230066-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"29f1-mAiaM9DPL6Sz4bqbfuubi6Csgqc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cv7ucTlwFEOAwWJr2GvPsNjEewcpi72Dl9SEmI5tvU5ta63kdZ7lgWbcoDPfpqC4TmOz98oqEw8B6Y4JsrrgpperW4%2BF1yI%2Bdb8SqcsytAanAGreiCktajZLPRPHFKXZgLAx2bhH7K4U7DconJ4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 8365d3191cf39153-FRA

GET
H2 200 react-dom.production.min.js Show response
cdn.jsdelivr.net/npm/react-dom/umd/ 129 KB
43 KB 36ms
20ms Script
application/javascript 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/react-dom/umd/react-dom.production.min.js

Requested by

Host: app.happychat.ai
URL: https://app.happychat.ai/chat.script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

21758ed084cd0e37e735722ee4f3957ea960628a29dfa6c3ce1a1d47a2d6e4f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 09:15:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 8909
x-jsd-version: 18.2.0
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230068-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"2032a-UG2RAMqgcABaiQvUlt5kxDfW0Ag"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c9iHZrD6MSPscz9mUuA3arUuCB6Ts4tj91AIS4%2Bniw7bhI4WUYaib6q6uoYGxEjOMLsGOFwr82U5GwYzKdRInv8kGKOn%2ByXN3aNt6DYxptddIDM4Iht2e58hGexSHEGIbiGjvRFvrmal0DZqrQw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 8365d3191cef9153-FRA

GET
H2 200 react-bootstrap.min.js Show response
cdn.jsdelivr.net/npm/react-bootstrap@next/dist/ 116 KB
39 KB 38ms
22ms Script
application/javascript 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/react-bootstrap@next/dist/react-bootstrap.min.js

Requested by

Host: app.happychat.ai
URL: https://app.happychat.ai/chat.script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

150523e0558852a799aae470ee18fdb61f89cf260ee6da8efd8687621156ae33

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 09:15:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3841
x-jsd-version: 2.9.0-beta.1
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230118-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"1d187-o2+OYezMEsMzpEcT3E+ubsFUj8Q"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fLyW8rhmwfbG2cyakh1pmHlTLYj%2FgwBR%2FlPBUVi6uGbvYNMdz8%2FqmOi%2Brp%2BONnkWFhysf2QCYI7UEYELQUIJUiPdOJAAaUaoMaxl86ty3okrLHQ8%2FQ3P2pV6ftE%2F9w7Sk%2FU9WWtYzbjVWCBQgqw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 8365d3191cf69153-FRA

OPTIONS
H3 204 collect
analytics.gondola.travel/api/ 0
0 141ms
130ms Preflight 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.gondola.travel/api/collect

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; img-src *; script-src 'self' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self' api.umami.is; frame-ancestors 'self';
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://wicked.tours
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8365d31aab15038e-FRA
content-length: 0
content-security-policy: default-src 'self'; img-src *; script-src 'self' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self' api.umami.is; frame-ancestors 'self';
date: Sat, 16 Dec 2023 09:15:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8s%2BWtPWxPDaZI24EGXLvJF0CBgxzt%2BdNgQpGWRxT63Yzz4XB0t24LynHei8VeilfQagtvYSFDxbB11H0horKNESCFg%2BIkd4PFByxNr4UgvMvqUJtAiCdkRdRpxRYhDdJHAOesfiHmwfOOGYt61GI5X1fC8p5NxI%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Access-Control-Request-Headers
x-dns-prefetch-control: on
x-frame-options: SAMEORIGIN

POST
H3 200 collect Show response
analytics.gondola.travel/api/ 497 B
975 B 193ms
193ms Fetch
text/plain 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.gondola.travel/api/collect

Requested by

Host: analytics.gondola.travel
URL: https://analytics.gondola.travel/umami.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e02501905d98b3ea9b6a7b80085bb3cc2ca27f67b4ed1557cc7cb77787766baa

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; img-src *; script-src 'self' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self' api.umami.is; frame-ancestors 'self';
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://wicked.tours/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 16 Dec 2023 09:15:56 GMT
content-security-policy: default-src 'self'; img-src *; script-src 'self' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self' api.umami.is; frame-ancestors 'self';
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"363pr3ehr1dt"
vary: Accept-Encoding
x-dns-prefetch-control: on
content-type: text/plain
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=008umYNW2uzPTL0dXotdlT4s7a3eBvDQhza9FWt4MZVHGiKmrmfX4q1NAm2xX8ZUHDeQLwwQ5W7zU8GiZ%2Bc02Sx6vBUzTBnEqPxfPPDOHporMdSa2uZ3q7iuvWb5DbNz6Y2ium%2BcCvVtt2yulv65uaCqYEp%2BsH8%3D"}],"group":"cf-nel","max_age":604800}
x-frame-options: SAMEORIGIN
cf-ray: 8365d31b7bda038e-FRA
alt-svc: h3=":443"; ma=86400

POST
H2 204 collect
region1.analytics.google.com/g/ 0
45 B 18ms
18ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-G2TMJJ58WS&gtm=45je3bt0v898572988&_p=1702718154881&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1433210277.1702718155&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EEA&_s=2&sid=1702718155&sct=1&seg=0&dl=https%3A%2F%2Fwicked.tours%2F&dt=Kelowna%20Wine%20Tours%20%7C%20Okanagan%20Wine%20Tours%20%7C%20Wicked%20Wine%20Tours&en=scroll&epn.percent_scrolled=90&_et=8&tfd=5990
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-G2TMJJ58WS&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Dec 2023 09:16:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://wicked.tours
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 css2
fonts.googleapis.com/ 2 KB
569 B 22ms
22ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Raleway%3Aital%2Cwght%400%2C400&display=swap

Requested by

Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/4.1dae6b4d.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

28893081d019169c217045909cee1dd584e455005767fc2cf62b41c267846055

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 16 Dec 2023 09:16:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 16 Dec 2023 09:16:00 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 16 Dec 2023 09:16:00 GMT

GET
H2 200 1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvaorCIPrE.woff2
fonts.gstatic.com/s/raleway/v29/ 22 KB
22 KB 15ms
14ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v29/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvaorCIPrE.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Raleway%3Aital%2Cwght%400%2C400&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5ec1e2ebe080ec8fbfbdc7dd9c0c25449e1d98e4e947c11a00fd770d8841698b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://wicked.tours
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 09:03:03 GMT
x-content-type-options: nosniff
age: 346377
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22420
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 00:56:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 Dec 2024 09:03:03 GMT

GET
H2 200 deff26abdd07351a8c53ea8145d2be3f-optin.json Show response
a.omappapi.com/app/campaign-views/fb9287ef8ee6/lexokb48ejnsmenzkand/ 44 KB
12 KB 46ms
17ms XHR
application/json 2400:52e0:1e00::1082:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/campaign-views/fb9287ef8ee6/lexokb48ejnsmenzkand/deff26abdd07351a8c53ea8145d2be3f-optin.json
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1082 /
Resource Hash: 15442924ba7a47487fe97e4c98dad8e9a6d2441eaa5a63623d6dd318779f53fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 09:16:00 GMT
content-encoding: br
cdn-edgestorageid: 1080
perma-cache: HIT
cdn-storageserver: DE-168
cdn-cachedat: 12/15/2023 16:46:12
cdn-pullzone: 293267
last-modified: Thu, 07 Dec 2023 20:52:00 GMT
server: BunnyCDN-DE1-1082
cdn-fileserver: 728
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"65723070-b0d9"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: cc1d6dd6a351dbb40e15dfd1ced967e6
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e5f47aaf7eabcee1ce2772f4fd77c75c252c80f9c48e4424e2f08b022aa0fa84

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 photo-1611575189074-9dfbbceb258a
images.unsplash.com/ 1 MB
1 MB 34ms
12ms Image
image/jpeg 2a04:4e42:8e::720

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.unsplash.com/photo-1611575189074-9dfbbceb258a?ixid=M3wyOTQyNDV8MHwxfHNlYXJjaHwxNDB8fHdpbmV8ZW58MHx8fHwxNzAxOTgxNzE5fDA&ixlib=rb-4.0.3&w=3840&h=3840&crop=left%2Ctop&fit=crop

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:8e::720 -, , ASN (),

Reverse DNS

Software

imgix /

Resource Hash

36b9bfc58e0f45159c6bc90b4aa97c522117c597787aa99166a520ddc2c381d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 09:16:00 GMT
x-content-type-options: nosniff
age: 386977
x-cache: HIT, HIT
x-imgix-id: f5f3cafc2ed827016ba3f94af2f89d4575b55592
cross-origin-resource-policy: cross-origin
content-length: 1396893
x-served-by: cache-sjc10083-SJC, cache-fra-etou8220091-FRA
x-imgix-render-farm: 01.140328
last-modified: Mon, 11 Dec 2023 21:46:23 GMT
server: imgix
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 204
No Content i Show response
z.omappapi.com/v3/ 0
242 B 311ms
106ms XHR
text/plain 178.128.135.232

General

Check archive.org

Show headers Download Go to

Full URL: https://z.omappapi.com/v3/i?aid=282505&cid=lexokb48ejnsmenzkand&sid=64edd868eceba&rt=false&dv=desktop&cty=popup&url=&v=5
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 178.128.135.232 -, , ASN (),
Reverse DNS
Software: kong/3.4.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wicked.tours/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://wicked.tours
Date: Sat, 16 Dec 2023 09:16:01 GMT
Access-Control-Allow-Credentials: true
X-Kong-Response-Latency: 16
Server: kong/3.4.2
Connection: keep-alive
vary: Origin

Verdicts & Comments Add Verdict or Comment

71 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
wicked.tours/	1969-12-31 23:59:59	Name: PHPSESSID Value: q1uk0r35jacbhth7ckuehc1d4b
wicked.tours/	1970-01-21 02:34:38	Name: _omappvp Value: xlKqAaM54A81sYreuYQrWfeGNEhYELAGbvJqNpY7dvRRtySgB16ZNUz2J0s2e83Rxs12EeQCsgx4yVGdHVADylalrq4Ifd9w
wicked.tours/	1970-01-20 16:58:39	Name: _omappvs Value: 1702718155043
.wicked.tours/	1970-01-21 02:34:38	Name: _ga Value: GA1.2.1433210277.1702718155
.wicked.tours/	1970-01-20 17:00:04	Name: _gid Value: GA1.2.677037672.1702718155
.wicked.tours/	1970-01-20 16:58:38	Name: _dc_gtm_UA-11247999-2 Value: 1
.wicked.tours/	1970-01-21 02:34:38	Name: _ga_G2TMJJ58WS Value: GS1.2.1702718155.1.0.1702718155.60.0.0
.wicked.tours/	1970-01-20 16:58:39	Name: _hjFirstSeen Value: 1
.wicked.tours/	1970-01-20 16:58:39	Name: _hjIncludedInSessionSample_3756738 Value: 1
.wicked.tours/	1970-01-21 01:44:14	Name: _hjSessionUser_3756738 Value: eyJpZCI6ImY4NjM5NTI3LTg1YjQtNWRmMi1iYmE5LTU0NWNkYjZhMTc2YyIsImNyZWF0ZWQiOjE3MDI3MTgxNTUyMzcsImV4aXN0aW5nIjp0cnVlfQ==
.wicked.tours/	1970-01-20 16:58:39	Name: _hjAbsoluteSessionInProgress Value: 0
.wicked.tours/	1970-01-20 16:58:39	Name: _hjSession_3756738 Value: eyJpZCI6IjMxYjhiMjQwLTU4NDItNDY0ZS05YTcyLTlmOTZiMGNiYzQ3YyIsImMiOjE3MDI3MTgxNTUyMzcsInMiOjEsInIiOjEsInNiIjoxfQ==
.wicked.tours/	1970-01-20 19:08:14	Name: _fbp Value: fb.1.1702718155365.1174921189
.wicked.tours/	1970-01-21 01:44:14	Name: _hjDonePolls Value: 964466

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://connect.facebook.net/signals/config/585564213285457?v=2.9.138&r=stable&domain=wicked.tours(Line 137) Message: Unrecognized feature: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.omappapi.com
analytics.gondola.travel
api.happychat.ai
api.omappapi.com
app.happychat.ai
cdn.jsdelivr.net
connect.facebook.net
content.hotjar.io
fonts.googleapis.com
fonts.gstatic.com
ik.imagekit.io
images.unsplash.com
lh3.googleusercontent.com
media-cdn.tripadvisor.com
region1.analytics.google.com
s3-eu-west-1.amazonaws.com
script.hotjar.com
static.hotjar.com
stats.g.doubleclick.net
surveystats.hotjar.io
wicked.tours
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
z.omappapi.com
13.32.27.107
151.101.2.38
161.35.113.156
178.128.135.232
18.203.9.136
18.66.97.10
2001:4860:4802:34::36
2400:52e0:1e00::1082:1
2600:9000:2127:2400:15:c281:3500:93a1
2606:4700:3030::6815:4c5e
2606:4700::6810:5714
2a00:1450:4001:80b::2008
2a00:1450:4001:813::2004
2a00:1450:4001:829::2003
2a00:1450:4001:830::2001
2a00:1450:4001:831::200a
2a00:1450:4001:831::200e
2a00:1450:400c:c0c::9a
2a00:1450:4016:808::2003
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
2a04:4e42:8e::720
2a06:98c1:3120::3
52.92.33.120
54.210.251.174
65.9.95.9
65.9.95.92
0867457a9d690f06be44d101ce3cb9ed3b946446dba670d2f77b5bf0c12dda65
0c362bb8667d4e053118116e1b7cf374ad8e44f5d6c4c2d80df85c9226ee1e1b
0e0d2baa393fe916f38e48a2daf1ef6bbde420d138d2fc56199ae22d87220139
0e63cac03c213593ddc5d883e5e87e89adc6e905fd5dfc32cee7e8c364926cc5
0e9008c12d77bda2b94815770d9cb95a1a1b34463208bc5170cdc9c2d3f01f7c
150523e0558852a799aae470ee18fdb61f89cf260ee6da8efd8687621156ae33
15442924ba7a47487fe97e4c98dad8e9a6d2441eaa5a63623d6dd318779f53fd
15b6e342bf10420c281d3bd90ad31cf40a9bfd91b5b7b4e9604b435344d95408
1771aad88d0164b8f869d097851c94cc83d1a837f12fe8de39d0f309fe45f33c
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
202ee5b585222e2c8660b175f70624ec845320e95ec306ede1e9ad6ca12ec453
21111013521ce045115ade20ed1b0ac09b102688f010ecf84bb7f3f53574456c
21758ed084cd0e37e735722ee4f3957ea960628a29dfa6c3ce1a1d47a2d6e4f7
263c3a799ea39e2db3c3347bab23a9f98990d9d9633d2d8b833d8766c3dc2b36
27c32714183e80852098f94866ff9ab808e155e286b2c53d9570952740cc5e30
28893081d019169c217045909cee1dd584e455005767fc2cf62b41c267846055
2c72e6b130787ecb00a394075e92b899af14ff9f2af580fdc5a93ac1f576a14c
2cca9425a6cfd78413a633f610ae0c99c2406515ef867b0c65c01393df4c6e3a
2dda0431a1b1662044e86e94ace262a4924d21fdb6de24e757a2b82c9efd6ac2
2e459bfd938277646b5384d931c9db3a7dafed48efa7ce9c76a0bded2ee41cb0
34d074a1f60a0bf21b95bd5726013e8e516545f77f1b3ee3d6a3c99f60b11eba
36b9bfc58e0f45159c6bc90b4aa97c522117c597787aa99166a520ddc2c381d0
3ab54cd9a313a7e330ef31b8e5d39fb1bca7c2b985f37a6c68b5904411d3d0ac
3cd517186576612866047e18074bf383c7a8fecd97ab5c5e09562b9bd55ea115
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
40bf4b466568f32151e831c1e1e9b10b32ff0612404f3cbc9baa20a1fde0f14a
41f5212f4270e9a2aa1c0424680c80b0c49872fa4dc59ee0c39c746c2afbfc1e
428f350bd53281aeb92b949ccc048356f66823858401537ef57c712bf179fe3e
454c8ede38b99b291b5496bff4962c0b86c31f7a787b3ef09d2323cf2c19c0fe
487b450594c9ba50688a89a870e4983b7ab69a707dd1826e9595d701710753f3
4b4969fa4ef3594324da2c6d78ce8766fbbc2fd121fff395aedf997db0a99a06
4d2b30faf8734e6b3389f1c6af1aededf2a2b1739524663fd877ab96cbf124c0
5108d0adbc43671f8d004a74b15ae5c567291feb89ff81c0fe4cab24ed7a19f9
5405f21fd05a73a76a85b2021b366df4dcd00dd93ad956d671776622ea5e1ffc
56a887623fe8160e223a897c5ced463522416c928b1dc1c8235f6cd79cf74889
57642a7928748d1e0092b3a30161736c827baae4ceef02299ef363a1e00b5bf0
5c756ba00bc22ff5690e08fc74aa2c70cde9b692a4acb7ca813a9dc7168c27d5
5c80505133c2b387dbe571c9b908be7e815b86ec57d1cb8de7f1b8212cb0d304
5d2daebf3aef880f90c88253bcd48338de8886ee772559966c2594fae8e14e3a
5dd253bae5d132bf4c9902dd0e62796d51b830c503d3e23ae32cfa2c9e55f9d8
5ec1e2ebe080ec8fbfbdc7dd9c0c25449e1d98e4e947c11a00fd770d8841698b
5f4ae462a630d6e6a3923c83e6e29aef3421dea6d4f13490589aa66078b18263
614147a2fbc289fa4de70bb92786157cfa72044b31128f46c8f83202a4a0d675
6507a044d207a767ec2971e891b149b58d6d32a6ee1b18068a6d6dd36bc5fa9a
6e86a52a9858206302e32036d89907e3ac87762055e7f9c6364aec33221b3e41
6efab6d334551dc2f787603f093acf40abb37df4219d78aa53c02c71c917e9fa
6f74cd5afbfe6fab11489dfcc70fb996ccd7b3dc935927d7402aa285d9692207
745b79544835c8ee16198c039bdde0b6ec42333c0f830df5770bd4dcd60a6ac6
79f5c2a9b97b1e0f7b11ab248290035f06504868d183672beb0614597fd62db7
7a5055116ad7c18af3f2b20162a07d56c0691fa8037a82aeb6dfa9adbb441e58
7f38648531e3ced98f8140251c44221cf476dfeaf6b4ffca44c9821f9f9a7ead
81aa619758b89d5cd2ad0a7fb00d875ab6685e69ab853f5e5247a62547e0cdb3
83c03c13ae512aeaf45b9a54c62dad09b5d833edae4f2459d3f71f2a3f2744aa
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
875f7447920757fc576e5540f0c8b4798abfeabb22cfe616013c3c77873b2dfc
8ad9a6bcdc20b0bb29576b861332e7b11719bd11af68024d7676724574070f05
8be4ccb3696c52ef144c145aced34da594fb9ce3e3dd2010ec5d218c01c43b9d
8d7293476de0d15a9417a6f896f642845e90a174c74455e095f5f9a69768b51c
8f927cd54d7ef0ffd667f6537f9a9f3ef56fd8f86b32c8dfd534c29da2f2242a
9079019c5791bca95301a1552153b106eb93686a0810b3d25b534fbb50dc281c
91c88ba09686f1391fe968314a39a50749c546da6bd6cdadd20bcdc2026bef86
947e611b2cb75cb862f3802ca9d4f81cce21680d57204dfa300396e6c5526479
978277c7385002bbd8eca4f51d7bdac7424ef8c6d267066e36b018b25bf88f7a
98f6f0be59cf33c961bbde1efce215467edbe4a02e110c3c28f1cf1d8adce530
9cb9184e3045bb9f7d503e664206044974d084afacdf14c80757ba88ba960ed9
9f319c6e2632fe1504913253a8fb6a98e4411039814eb975e7d170a90d721815
a0746aee5a2b0032d3d664b8383d97bb3e1f0dce11ececfa1258072a704b1a72
a1b2f0f8bae2442fcfd706d14c56351c979e23da9ed2fa1e9c9dd3dcda261d52
a46da94dfac27524612777c4490056d31db2b35c757b6da2b82537602ea3a022
a73c3066c94be4f1b0f1122508848931d7ee351d452f2d3a81006dd432d0e7db
aac4ba6b7203c941d7d21fecf64d5753c3a291671e8da7de1dbddda459aaf722
abb8180e4068c4d515f0491660de54dd31cf404185f1e1a98f542f87d7c93265
b3ff07a3bed2a2caf71349a34d93f15630b6caee6ca625d8a0a45c1e021b6aac
b791f7293f77867948a46c3d211854f2f1130817da758dc2333403a19a61a225
b7b49287e2e1f8b1faec885ccef21f5e8c188272d11affe4d8e1eb98dbc3ee85
ba70f702bd93a670e7f34c5195c5ce30dfe71ce72eeefc9a2acaad0eec3dd689
ba8921e0c27b2c3392f74b1b599b684ed193b16d880466c05a2381629187cdd9
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
bb99204bf1f35c6103216e140736ef19be06b3255a6ece419a6ff526ccdf63d1
bdd6e29b3886816b933e6c994cf33b6f01d7239a484b844c676c473bc53bfc83
c110d3e795d9bcb956d5c9ef500d23c7e480a259519d383d5c626293ee413815
c212941bd3343394223cad357d82517cf533e8cd0d0ca8f211bfa0d990f38952
c2c2302b5ee2629a243e633d6b69610fd35586ccd25f9402332ee496b51ceb3e
c4fbf61bcc8a017d5d9cd2d95105bf88005bc0a3b6c18be6bfee8fc94d0adf52
c6fd60d4ecfcac36ecdcb7456ecf170d8eef75c883a1e34a4dd7855d23966cd2
d1f5c9696f46364e47602c9015a3a85b4ce559c54be49b5f6a16874264a30e2f
d22393b88f17fdc85cd44930e63d3ed0a909edbe41413b5bd8a1997955fb2b03
d4c1270f7869730d1490f7df3d4bf63e21b5baa51ebbc67c31001317d4e50dbb
de0d5e66db5ee404c65df68f352e5fe98bf772962d2b7a9b593586a241632bf2
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e02501905d98b3ea9b6a7b80085bb3cc2ca27f67b4ed1557cc7cb77787766baa
e1b149f9dffc3130750034a65c4a1d2cbefe7ffcef67fcb368f292a065aabeef
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5e3d6fdd78fb14597e2501ec74b3d5c730d13a2e6718a18a8639e43cdc9d34e
e5f47aaf7eabcee1ce2772f4fd77c75c252c80f9c48e4424e2f08b022aa0fa84
e6d72a6a80c063be7be0dfaf83fe28c7540cb92a1867b1e28383ced64723bf67
ece88845d2c0a327f6a7957ec596d1014820fbfb62b31a13b8152a28dbd41bb5
ece889d87186517d243ef3c4b1ec7795a1b635fdd6b0a18fe6b3015223f9ec45
ee1d09d7d8ee6175d6cb6b2486009382ddef3871dd6e5bf9de9ca221487d9844
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef5840fbbb67ce37beccaa6864b33d1c2aac83c53ffdd724bc1f163fdac7a82c
f24bfd0f1b0a80c8097bca01b9d7550369b6c5aa6284ca205e64af9db180fa80
f2f7a4714f97e0f2a0f5ccd6c69d169a688465d2cebeed90db670d86fe85b3d5
f4230ced8d4264c7d87c89dd662ed160243569667d5d1fc586b94d65fb771618
f48e599eddf7a8ed411ba1601ad3623a0c72fb54a3418587b2a32a69d99fbb28
fc1f36d89ddb377187edd50e7e1cbb9511baa256f6c57711f02601edab716361
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

wicked.tours Open in urlscan Pro 161.35.113.156 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

116 Requests

100 %HTTPS

63 %IPv6

21 Domains

27 Subdomains

28 IPs

4 Countries

5134 kBTransfer

7327 kBSize

14 Cookies

6 Outgoing links

Redirected requests

116 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

wicked.tours Open in urlscan Pro
161.35.113.156 Public Scan

Screenshot
Live screenshot

Full Image

116
Requests

100 %
HTTPS

63 %
IPv6

21
Domains

27
Subdomains

28
IPs

4
Countries

5134 kB
Transfer

7327 kB
Size

14
Cookies

116 HTTP transactions
1 data transactions