www.perx.com Open in urlscan Pro
64.28.100.202 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://list.perx.com/t/gcH1AAkbbGIMqQCI2cCH3qLD~aCFBsBL1YtaaaaEJsBRPN44raa?j=B_xAxAw~amp;n=Qxdo.moi3bkdn~25uAiki.xe~a...
Effective URL:
https://www.perx.com/cruises/princess-cruises/discovery-princess/itineraries/127724/sailings/2023-01-21/?cabin_type=c...
Submission: On August 17 via manual (August 17th 2022, 3:48:03 am UTC) from SE — Scanned from SE

Summary HTTP 52 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 20 IPs in 4 countries across 15 domains to perform 52 HTTP transactions. The main IP is 64.28.100.202, located in United States and belongs to LIGHTEDGE-AS-02, US. The main domain is www.perx.com.
TLS certificate: Issued by RapidSSL Global TLS RSA4096 SHA256 20... on June 17th 2022. Valid for: a year.

This is the only time www.perx.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	64.28.100.219 64.28.100.219	11320 (LIGHTEDGE...) (LIGHTEDGE-AS-02)
9	64.28.100.202 64.28.100.202	11320 (LIGHTEDGE...) (LIGHTEDGE-AS-02)
1	142.250.186.138 142.250.186.138	15169 (GOOGLE) (GOOGLE)
5	104.17.24.14 104.17.24.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	64.28.100.236 64.28.100.236	11320 (LIGHTEDGE...) (LIGHTEDGE-AS-02)
9	142.250.74.200 142.250.74.200	15169 (GOOGLE) (GOOGLE)
2	216.58.212.131 216.58.212.131	15169 (GOOGLE) (GOOGLE)
2	172.217.16.206 172.217.16.206	15169 (GOOGLE) (GOOGLE)
1	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
1 4	204.79.197.200 204.79.197.200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	157.240.236.1 157.240.236.1	32934 (FACEBOOK) (FACEBOOK)
3	104.212.67.157 104.212.67.157	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	216.239.32.36 216.239.32.36	15169 (GOOGLE) (GOOGLE)
1	74.125.133.157 74.125.133.157	15169 (GOOGLE) (GOOGLE)
1	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
2	172.217.23.100 172.217.23.100	15169 (GOOGLE) (GOOGLE)
2	142.250.184.227 142.250.184.227	15169 (GOOGLE) (GOOGLE)
2	157.240.236.35 157.240.236.35	32934 (FACEBOOK) (FACEBOOK)
1	20.84.22.197 20.84.22.197	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	20.234.93.27 20.234.93.27	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
52	20

1 64.28.100.219 (United States)

ASN11320 (LIGHTEDGE-AS-02, US)
PTR: list.perx.com

list.perx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 64.28.100.202 (United States)

ASN11320 (LIGHTEDGE-AS-02, US)
PTR: www.perx.com

www.perx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.138 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.28.100.236 (United States)

ASN11320 (LIGHTEDGE-AS-02, US)

media.pixelager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.250.74.200 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.212.131 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f131.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.16.206 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 204.79.197.200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
PTR: a-0001.a-msedge.net

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 157.240.236.1 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-frx5.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.212.67.157 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
PTR: muc30r3.msedge.net

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.239.32.36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.133.157 (United States)

ASN15169 (GOOGLE, US)
PTR: wo-in-f157.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.23.100 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f3.1e100.net

www.google.se	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.236.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-frx5.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.84.22.197 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

f.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.234.93.27 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	perx.com list.perx.com www.perx.com	232 KB
9	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 94	146 KB
6	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 547 f.clarity.ms — Cisco Umbrella Rank: 5359 c.clarity.ms — Cisco Umbrella Rank: 996	28 KB
5	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 231	27 KB
4	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 351 c.bing.com — Cisco Umbrella Rank: 195	13 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 155	131 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 52 region1.google-analytics.com — Cisco Umbrella Rank: 2742	20 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 100	315 B
2	google.se www.google.se — Cisco Umbrella Rank: 20459	655 B
2	google.com www.google.com — Cisco Umbrella Rank: 10	655 B
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 118 googleads.g.doubleclick.net — Cisco Umbrella Rank: 55	2 KB
2	gstatic.com fonts.gstatic.com	65 KB
2	pixelager.com media.pixelager.com — Cisco Umbrella Rank: 781152	73 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 125	16 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 67	1 KB
52	15

	Domain	Requested by
9	www.googletagmanager.com	www.perx.com www.googletagmanager.com
9	www.perx.com	list.perx.com www.perx.com
5	cdnjs.cloudflare.com	www.perx.com
3	www.clarity.ms	list.perx.com www.clarity.ms bat.bing.com
3	connect.facebook.net	www.googletagmanager.com connect.facebook.net
3	bat.bing.com	www.googletagmanager.com bat.bing.com www.perx.com
2	c.clarity.ms	1 redirects
2	www.facebook.com	www.perx.com connect.facebook.net
2	www.google.se	www.perx.com
2	www.google.com	www.perx.com
2	www.google-analytics.com	www.googletagmanager.com www.perx.com
2	fonts.gstatic.com	fonts.googleapis.com
2	media.pixelager.com	www.perx.com
1	c.bing.com	1 redirects
1	f.clarity.ms	www.clarity.ms
1	googleads.g.doubleclick.net	www.googleadservices.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	region1.google-analytics.com	www.googletagmanager.com
1	www.googleadservices.com	www.googletagmanager.com
1	fonts.googleapis.com	www.perx.com
1	list.perx.com
52	21

This site contains links to these domains. Also see Links.

Domain
www.google.com
www.mozilla.org
www.opera.com
www.apple.com
www.microsoft.com
www.facebook.com
twitter.com
www.instagram.com

Subject Issuer	Validity	Valid
*.perx.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2022-06-17` - `2023-07-11`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
media.pixelager.com Starfield Secure Certificate Authority - G2	`2021-09-23` - `2022-10-25`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2022-06-10` - `2022-12-10`	6 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-05-26` - `2022-08-24`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2022-02-27` - `2023-02-27`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.google.se GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 02	`2022-06-07` - `2023-06-02`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www.perx.com/cruises/princess-cruises/discovery-princess/itineraries/127724/sailings/2023-01-21/?cabin_type=cabin_b&utm_source=Weekend081222-cold&utm_medium=email&utm_campaign=Perx+Weekend+Update&utm_customerid=3813471
Frame ID: 424B27FD566E5B66440F09ECC12C800C
Requests: 52 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Best interline rates on Discovery Princess | PERX.com

Page URL History Show full URLs

http://list.perx.com/t/gcH1AAkbbGIMqQCI2cCH3qLD~aCFBsBL1YtaaaaEJsBRPN44raa?j=B_xAxAw~amp;n=Qxdo.m... Page URL
https://www.perx.com/cruises/princess-cruises/discovery-princess/itineraries/127724/sailings/2023... Page URL

Detected technologies

Django (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

(?:powered by <a[^>]+>Django ?([\d.]+)?<\/a>|<input[^>]*name=["']csrfmiddlewaretoken["'][^>]*>)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

52
Requests

96 %
HTTPS

0 %
IPv6

15
Domains

21
Subdomains

20
IPs

4
Countries

754 kB
Transfer

1929 kB
Size

19
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://www.google.com/chrome/
Title: Google Chrome

Search URL Search Domain Scan URL

URL: https://www.mozilla.org/en-US/firefox/
Title: Mozilla Firefox

Search URL Search Domain Scan URL

URL: http://www.opera.com/download
Title: Opera

Search URL Search Domain Scan URL

URL: https://www.apple.com/safari/
Title: Safari

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/edge/features
Title: Microsoft Edge

Search URL Search Domain Scan URL

URL: https://www.facebook.com/perxvacations

Search URL Search Domain Scan URL

URL: https://twitter.com/perxvacations

Search URL Search Domain Scan URL

URL: https://www.instagram.com/perxvacations/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://list.perx.com/t/gcH1AAkbbGIMqQCI2cCH3qLD~aCFBsBL1YtaaaaEJsBRPN44raa?j=B_xAxAw~amp;n=Qxdo.moi3bkdn~25uAiki.xe~amp;v=~7E~amp;n=~amp;1=X3jzi~25D0~25C5~25C56m6.foh7.Syc~25C5mh4Y2U2~25sPf1YxSoi2-S1ksioi~25C5nY2Syloh8-f1YxSoi2~25sPY3YxU1Q1Yoi~25C5BsHxCu~25C52Qsbsdqi~25C5CqCt-Ar-Cr~25C5~25D5mQlYx_j8fo~25tNSkRsd_l~25sGk3c_2e4hmU~25D3gUoaodnqIrCsC-Sybn~25sGk3c_wUnY4c~25D3ockYv~25sGk3c_mQwfkYqd~25D3ZU1n~25C1gUoaodn~25sLKzTkjo~25sGk3c_mk2jycohsT~25D3DyBtExB Page URL
https://www.perx.com/cruises/princess-cruises/discovery-princess/itineraries/127724/sailings/2023-01-21/?cabin_type=cabin_b&utm_source=Weekend081222-cold&utm_medium=email&utm_campaign=Perx+Weekend+Update&utm_customerid=3813471 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 48

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?CtsSyncId=B7F0ADABA12A4127BAD316ECA7283EF3&RedC=c.clarity.ms&MXFR=1B1365CFAE0C6BE014AB77CCAA0C65B5 HTTP 302
https://c.clarity.ms/c.gif?CtsSyncId=B7F0ADABA12A4127BAD316ECA7283EF3&MUID=3D7AD905409565FE2ECFCB06411A64C5

52 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK gcH1AAkbbGIMqQCI2cCH3qLD~aCFBsBL1YtaaaaEJsBRPN44raa Show response
list.perx.com/t/ 2 KB
2 KB 347ms
175ms Document
text/html 64.28.100.219
LIGHTEDGE-AS-02

General

Check archive.org

Show headers Download Go to

Full URL: http://list.perx.com/t/gcH1AAkbbGIMqQCI2cCH3qLD~aCFBsBL1YtaaaaEJsBRPN44raa?j=B_xAxAw~amp;n=Qxdo.moi3bkdn~25uAiki.xe~amp;v=~7E~amp;n=~amp;1=X3jzi~25D0~25C5~25C56m6.foh7.Syc~25C5mh4Y2U2~25sPf1YxSoi2-S1ksioi~25C5nY2Syloh8-f1YxSoi2~25sPY3YxU1Q1Yoi~25C5BsHxCu~25C52Qsbsdqi~25C5CqCt-Ar-Cr~25C5~25D5mQlYx_j8fo~25tNSkRsd_l~25sGk3c_2e4hmU~25D3gUoaodnqIrCsC-Sybn~25sGk3c_wUnY4c~25D3ockYv~25sGk3c_mQwfkYqd~25D3ZU1n~25C1gUoaodn~25sLKzTkjo~25sGk3c_mk2jycohsT~25D3DyBtExB
Protocol: HTTP/1.1
Server: 64.28.100.219 , United States, ASN11320 (LIGHTEDGE-AS-02, US),
Reverse DNS: list.perx.com
Software: /
Resource Hash: fe8aaba0b00dbb34f260c931d6bb1c417e2278de6d2b98dfd30047e7adb580a0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: se-SE,se;q=0.9

Response headers

Cache-Control: no-cache, must-revalidate, max-age=0, no-store
Connection: close
Content-Length: 1858
Content-Type: text/html;charset=ascii
Date: Wed, 17 Aug 2022 03:47:58 GMT
Expires: -1
Pragma: no-cache
Server

GET
H/1.1 200
OK Primary Request / Show response
www.perx.com/cruises/princess-cruises/discovery-princess/itineraries/127724/sailings/2023-01-21/ 32 KB
10 KB 681ms
329ms Document
text/html 64.28.100.202
LIGHTEDGE-AS-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.perx.com/cruises/princess-cruises/discovery-princess/itineraries/127724/sailings/2023-01-21/?cabin_type=cabin_b&utm_source=Weekend081222-cold&utm_medium=email&utm_campaign=Perx+Weekend+Update&utm_customerid=3813471

Requested by

Host: list.perx.com
URL: http://list.perx.com/t/gcH1AAkbbGIMqQCI2cCH3qLD~aCFBsBL1YtaaaaEJsBRPN44raa?j=B_xAxAw~amp;n=Qxdo.moi3bkdn~25uAiki.xe~amp;v=~7E~amp;n=~amp;1=X3jzi~25D0~25C5~25C56m6.foh7.Syc~25C5mh4Y2U2~25sPf1YxSoi2-S1ksioi~25C5nY2Syloh8-f1YxSoi2~25sPY3YxU1Q1Yoi~25C5BsHxCu~25C52Qsbsdqi~25C5CqCt-Ar-Cr~25C5~25D5mQlYx_j8fo~25tNSkRsd_l~25sGk3c_2e4hmU~25D3gUoaodnqIrCsC-Sybn~25sGk3c_wUnY4c~25D3ockYv~25sGk3c_mQwfkYqd~25D3ZU1n~25C1gUoaodn~25sLKzTkjo~25sGk3c_mk2jycohsT~25D3DyBtExB

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

64.28.100.202 , United States, ASN11320 (LIGHTEDGE-AS-02, US),

Reverse DNS

www.perx.com

Software

nginx/1.20.1 /

Resource Hash

653aa46099068883de10713531b7723346a427b7ac3449fa580273625e89afb0

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://list.perx.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: se-SE,se;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Wed, 17 Aug 2022 03:48:00 GMT
Server: nginx/1.20.1
Transfer-Encoding: chunked
Vary: Accept-Encoding Cookie
X-Frame-Options: SAMEORIGIN

GET
H2 200 css
fonts.googleapis.com/ 14 KB
1 KB 194ms
65ms Stylesheet
text/css 142.250.186.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:800,700,600,400,300|Varela+Round

Requested by

Host: www.perx.com
URL: https://www.perx.com/cruises/princess-cruises/discovery-princess/itineraries/127724/sailings/2023-01-21/?cabin_type=cabin_b&utm_source=Weekend081222-cold&utm_medium=email&utm_campaign=Perx+Weekend+Update&utm_customerid=3813471

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f10.1e100.net

Software

ESF /

Resource Hash

ff403d9174538ecdba4c5b14d95d4506928b2f20e0597567dd492906279878a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.perx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 17 Aug 2022 03:47:59 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 17 Aug 2022 03:47:59 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 17 Aug 2022 03:47:59 GMT

GET
H/1.1 200
OK 6b8dfbedeef4.css
www.perx.com/static/CACHE/css/ 265 KB
44 KB 180ms
179ms Stylesheet
text/css 64.28.100.202
LIGHTEDGE-AS-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.perx.com/static/CACHE/css/6b8dfbedeef4.css
Requested by: Host: www.perx.com
URL: https://www.perx.com/cruises/princess-cruises/discovery-princess/itineraries/127724/sailings/2023-01-21/?cabin_type=cabin_b&utm_source=Weekend081222-cold&utm_medium=email&utm_campaign=Perx+Weekend+Update&utm_customerid=3813471
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 64.28.100.202 , United States, ASN11320 (LIGHTEDGE-AS-02, US),
Reverse DNS: www.perx.com
Software: nginx/1.20.1 /
Resource Hash: afe791589778d33365d6ffaa6051ad87484925910d7f001ab9b430e1b8fdd4da

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.perx.com/cruises/princess-cruises/discovery-princess/itineraries/127724/sailings/2023-01-21/?cabin_type=cabin_b&utm_source=Weekend081222-cold&utm_medium=email&utm_campaign=Perx+Weekend+Update&utm_customerid=3813471
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Wed, 17 Aug 2022 03:48:01 GMT
Content-Encoding: gzip
Last-Modified: Tue, 05 Jul 2022 16:52:57 GMT
Server: nginx/1.20.1
ETag: W/"62c46c69-42281"
Vary: Accept-Encoding
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive

GET
H2 200 chrome_64x64.png
cdnjs.cloudflare.com/ajax/libs/browser-logos/70.1.0/chrome/ 5 KB
6 KB 105ms
36ms Image
image/png 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnjs.cloudflare.com/ajax/libs/browser-logos/70.1.0/chrome/chrome_64x64.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

26a84e206a7f6d446233d9b2b6b497b32980183bea20c0221a341e84ee4b9928

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.perx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 03:47:59 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 557175
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5200
timing-allow-origin: *
last-modified: Thu, 10 Jun 2021 23:21:55 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "60c29e93-1450"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jd9ymEgGAW3s5D4kc8HdP69%2FiR%2FLpiOm3uyZg7HfGPEyaHJKot7bRrRoTk7%2BHsCazrl48q4%2BxHG2YUbloHmPCQVfm5N2wkcrp0PAbm0GTEXFAGw2ZyD3i0phTxNEoKtWtZBe9p2E"}],"group":"cf-nel","max_age":604800}
content-type: image/png; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 73bf6e7b397095f6-ARN
expires: Mon, 07 Aug 2023 03:47:59 GMT

GET
H2 200 firefox_64x64.png
cdnjs.cloudflare.com/ajax/libs/browser-logos/70.1.0/firefox/ 6 KB
6 KB 110ms
41ms Image
image/png 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnjs.cloudflare.com/ajax/libs/browser-logos/70.1.0/firefox/firefox_64x64.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e51a3aebe91f5cf2c0ea993b43b7649e307c14142f61a70ebe5702990c371e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.perx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 03:47:59 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3019670
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5901
timing-allow-origin: *
last-modified: Thu, 10 Jun 2021 23:21:55 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "60c29e93-170d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i8iXd7WvtKqvZXyF1TBOZ75lHeYP3S9dqM0eGGXJbEVdoHlJVK36fDd3Jterum5g4svw%2BqFx0f15PJaB5QIhPtq5H%2FJ37Im0Z%2FeK8RDqnifAOwLdb6v8Iko8g%2BjIq8j%2BcYlxEfhz"}],"group":"cf-nel","max_age":604800}
content-type: image/png; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 73bf6e7b397195f6-ARN
expires: Mon, 07 Aug 2023 03:47:59 GMT

GET
H2 200 opera_64x64.png
cdnjs.cloudflare.com/ajax/libs/browser-logos/70.1.0/opera/ 3 KB
3 KB 114ms
46ms Image
image/png 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnjs.cloudflare.com/ajax/libs/browser-logos/70.1.0/opera/opera_64x64.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb3b31329e73afd4ae9e25f76a2421f0d85b9be627179272d4a3c4e64289607f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.perx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 03:47:59 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 541781
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2956
timing-allow-origin: *
last-modified: Thu, 10 Jun 2021 23:21:55 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "60c29e93-b8c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f95EF5vQm9jjedw7V6jU84WVSKkeL803U%2B8535bbnvDtl0aCrXQycKrghJjbEnptdYFu8hoGCKCTgbntAKZc5Bgocx0EhrgY5HN2Q3pMp382EvohdZZglD%2BxauKmmRvK3AJwD6ya"}],"group":"cf-nel","max_age":604800}
content-type: image/png; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 73bf6e7b397395f6-ARN
expires: Mon, 07 Aug 2023 03:47:59 GMT

GET
H2 200 safari_64x64.png
cdnjs.cloudflare.com/ajax/libs/browser-logos/70.1.0/safari/ 6 KB
7 KB 107ms
39ms Image
image/png 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnjs.cloudflare.com/ajax/libs/browser-logos/70.1.0/safari/safari_64x64.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

957bfb82e1d86ca833385128370487149bd002c2e76e9532d5e1516754382d22

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.perx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 03:47:59 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 805044
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6488
timing-allow-origin: *
last-modified: Thu, 10 Jun 2021 23:21:55 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "60c29e93-1958"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VY5IIbSq5Gs%2Bj4%2F1MQhAeGafq3yFxW9psxX4bJ3x71KHykpOwpsa914Q7TZFqk9CTJ0fO4U0sp8SLhxpG1JPsgzrhxoKSMbQ4kNW6BMkVIxRChUP%2FTo8Vl2imiRfJgkMKHKev3Rm"}],"group":"cf-nel","max_age":604800}
content-type: image/png; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 73bf6e7b397495f6-ARN
expires: Mon, 07 Aug 2023 03:47:59 GMT

GET
H2 200 edge_64x64.png
cdnjs.cloudflare.com/ajax/libs/browser-logos/70.1.0/edge/ 5 KB
5 KB 111ms
43ms Image
image/png 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnjs.cloudflare.com/ajax/libs/browser-logos/70.1.0/edge/edge_64x64.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

95658bca8d15b3fa74fc6432aaf58c5358cc1ff1bcb1a875dfac55b8cd466531

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.perx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 03:47:59 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 5287323
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4986
timing-allow-origin: *
last-modified: Thu, 10 Jun 2021 23:21:55 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "60c29e93-137a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g4XLQSd%2Bj3WhqE2TLfi9FBbJjwuhVRlW05MEFSr%2BmCcWMsq3vrDqt%2BG8IoLM9o3oRn9M%2FShkBlvTLVhlAQ0n6VUhkXAgMDIv7igMqITlLtk2LhwK49IuWymZdXBvVApTxS9yNEt%2F"}],"group":"cf-nel","max_age":604800}
content-type: image/png; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 73bf6e7b397595f6-ARN
expires: Mon, 07 Aug 2023 03:47:59 GMT

GET
H/1.1 200
OK logo.png
www.perx.com/static/core/images/ 5 KB
6 KB 450ms
173ms Image
image/png 64.28.100.202
LIGHTEDGE-AS-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.perx.com/static/core/images/logo.png
Requested by: Host: www.perx.com
URL: https://www.perx.com/cruises/princess-cruises/discovery-princess/itineraries/127724/sailings/2023-01-21/?cabin_type=cabin_b&utm_source=Weekend081222-cold&utm_medium=email&utm_campaign=Perx+Weekend+Update&utm_customerid=3813471
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 64.28.100.202 , United States, ASN11320 (LIGHTEDGE-AS-02, US),
Reverse DNS: www.perx.com
Software: nginx/1.20.1 /
Resource Hash: a0d4a1fcbaffa380535018f07aacd4772ef84477997fbca087d0c6a526ce21f4

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.perx.com/cruises/princess-cruises/discovery-princess/itineraries/127724/sailings/2023-01-21/?cabin_type=cabin_b&utm_source=Weekend081222-cold&utm_medium=email&utm_campaign=Perx+Weekend+Update&utm_customerid=3813471
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Wed, 17 Aug 2022 03:48:01 GMT
Last-Modified: Sat, 08 Oct 2016 04:05:25 GMT
Server: nginx/1.20.1
ETag: "57f87085-157c"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5500

GET
H/1.1 200
OK large.jpg
media.pixelager.com/vendor/cruise/princess-cruises/discovery-princess/ 63 KB
64 KB 712ms
346ms Image
image/jpeg 64.28.100.236
LIGHTEDGE-AS-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.pixelager.com/vendor/cruise/princess-cruises/discovery-princess/large.jpg
Requested by: Host: www.perx.com
URL: https://www.perx.com/cruises/princess-cruises/discovery-princess/itineraries/127724/sailings/2023-01-21/?cabin_type=cabin_b&utm_source=Weekend081222-cold&utm_medium=email&utm_campaign=Perx+Weekend+Update&utm_customerid=3813471
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 64.28.100.236 , United States, ASN11320 (LIGHTEDGE-AS-02, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 6f75cdeca6238858326ecaded2dab99696c44f9e2fbe0bd53e18e5ce76575fdc

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.perx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Wed, 17 Aug 2022 03:48:00 GMT
Last-Modified: Fri, 18 Oct 2019 16:31:40 GMT
Server: nginx/1.20.1
ETag: "5da9e8ec-fdeb"
Content-Type: image/jpeg
Cache-Control: public, max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 65003

GET
H/1.1 200
OK logo_medium.png
media.pixelager.com/vendor/cruise/princess-cruises/ 9 KB
9 KB 536ms
170ms Image
image/png 64.28.100.236
LIGHTEDGE-AS-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.pixelager.com/vendor/cruise/princess-cruises/logo_medium.png
Requested by: Host: www.perx.com
URL: https://www.perx.com/cruises/princess-cruises/discovery-princess/itineraries/127724/sailings/2023-01-21/?cabin_type=cabin_b&utm_source=Weekend081222-cold&utm_medium=email&utm_campaign=Perx+Weekend+Update&utm_customerid=3813471
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 64.28.100.236 , United States, ASN11320 (LIGHTEDGE-AS-02, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: ffdb54a79d31df0e6c653a39cde68fe9d2f5d419f8010e2249e100a97493c964

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.perx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Wed, 17 Aug 2022 03:48:00 GMT
Last-Modified: Thu, 16 Jan 2020 23:10:08 GMT
Server: nginx/1.20.1
ETag: "5e20ed50-2414"
Content-Type: image/png
Cache-Control: public, max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9236

GET
H/1.1 200
OK 9a85947b4fa7.js Show response
www.perx.com/static/CACHE/js/ 306 KB
88 KB 337ms
178ms Script
application/javascript 64.28.100.202
LIGHTEDGE-AS-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.perx.com/static/CACHE/js/9a85947b4fa7.js
Requested by: Host: www.perx.com
URL: https://www.perx.com/cruises/princess-cruises/discovery-princess/itineraries/127724/sailings/2023-01-21/?cabin_type=cabin_b&utm_source=Weekend081222-cold&utm_medium=email&utm_campaign=Perx+Weekend+Update&utm_customerid=3813471
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 64.28.100.202 , United States, ASN11320 (LIGHTEDGE-AS-02, US),
Reverse DNS: www.perx.com
Software: nginx/1.20.1 /
Resource Hash: a9518902c6779eb22ca31d49a6e4dfbf8f6ae6c67ae172c4ede439851acd5e09

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.perx.com/cruises/princess-cruises/discovery-princess/itineraries/127724/sailings/2023-01-21/?cabin_type=cabin_b&utm_source=Weekend081222-cold&utm_medium=email&utm_campaign=Perx+Weekend+Update&utm_customerid=3813471
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Wed, 17 Aug 2022 03:48:01 GMT
Content-Encoding: gzip
Last-Modified: Tue, 05 Jul 2022 16:52:57 GMT
Server: nginx/1.20.1
ETag: W/"62c46c69-4c6dc"
Vary: Accept-Encoding
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK slideshow.js Show response
www.perx.com/static/core/js/slideshow/ 7 KB
2 KB 527ms
173ms Script
application/javascript 64.28.100.202
LIGHTEDGE-AS-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.perx.com/static/core/js/slideshow/slideshow.js?vs=4054
Requested by: Host: www.perx.com
URL: https://www.perx.com/cruises/princess-cruises/discovery-princess/itineraries/127724/sailings/2023-01-21/?cabin_type=cabin_b&utm_source=Weekend081222-cold&utm_medium=email&utm_campaign=Perx+Weekend+Update&utm_customerid=3813471
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 64.28.100.202 , United States, ASN11320 (LIGHTEDGE-AS-02, US),
Reverse DNS: www.perx.com
Software: nginx/1.20.1 /
Resource Hash: 7a3f3c9897cd298106ffe6eb8e813cd15de1b7f8970c8b02de9b779f32abe1bd

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.perx.com/cruises/princess-cruises/discovery-princess/itineraries/127724/sailings/2023-01-21/?cabin_type=cabin_b&utm_source=Weekend081222-cold&utm_medium=email&utm_campaign=Perx+Weekend+Update&utm_customerid=3813471
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Wed, 17 Aug 2022 03:48:01 GMT
Content-Encoding: gzip
Last-Modified: Tue, 17 Oct 2017 01:20:42 GMT
Server: nginx/1.20.1
ETag: W/"59e55aea-1a2e"
Vary: Accept-Encoding
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK core.js Show response
www.perx.com/static/core/js/ 4 KB
2 KB 520ms
172ms Script
application/javascript 64.28.100.202
LIGHTEDGE-AS-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.perx.com/static/core/js/core.js?vs=4054
Requested by: Host: www.perx.com
URL: https://www.perx.com/cruises/princess-cruises/discovery-princess/itineraries/127724/sailings/2023-01-21/?cabin_type=cabin_b&utm_source=Weekend081222-cold&utm_medium=email&utm_campaign=Perx+Weekend+Update&utm_customerid=3813471
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 64.28.100.202 , United States, ASN11320 (LIGHTEDGE-AS-02, US),
Reverse DNS: www.perx.com
Software: nginx/1.20.1 /
Resource Hash: 9973a2b14b24d15dac0e168f65fcd22ead896df9f0a0f97c34f7ae01a0b4a769

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.perx.com/cruises/princess-cruises/discovery-princess/itineraries/127724/sailings/2023-01-21/?cabin_type=cabin_b&utm_source=Weekend081222-cold&utm_medium=email&utm_campaign=Perx+Weekend+Update&utm_customerid=3813471
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Wed, 17 Aug 2022 03:48:01 GMT
Content-Encoding: gzip
Last-Modified: Thu, 12 Aug 2021 00:00:21 GMT
Server: nginx/1.20.1
ETag: W/"61146495-1148"
Vary: Accept-Encoding
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK forms.js Show response
www.perx.com/static/core/js/ 3 KB
1 KB 519ms
172ms Script
application/javascript 64.28.100.202
LIGHTEDGE-AS-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.perx.com/static/core/js/forms.js?vs=4054
Requested by: Host: www.perx.com
URL: https://www.perx.com/cruises/princess-cruises/discovery-princess/itineraries/127724/sailings/2023-01-21/?cabin_type=cabin_b&utm_source=Weekend081222-cold&utm_medium=email&utm_campaign=Perx+Weekend+Update&utm_customerid=3813471
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 64.28.100.202 , United States, ASN11320 (LIGHTEDGE-AS-02, US),
Reverse DNS: www.perx.com
Software: nginx/1.20.1 /
Resource Hash: e5f868895a732bcb81c619b195b33d358176aa1c5e9a41a7b8aea892eac30fb3

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.perx.com/cruises/princess-cruises/discovery-princess/itineraries/127724/sailings/2023-01-21/?cabin_type=cabin_b&utm_source=Weekend081222-cold&utm_medium=email&utm_campaign=Perx+Weekend+Update&utm_customerid=3813471
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Wed, 17 Aug 2022 03:48:01 GMT
Content-Encoding: gzip
Last-Modified: Wed, 06 Apr 2022 00:27:18 GMT
Server: nginx/1.20.1
ETag: W/"624cde66-de4"
Vary: Accept-Encoding
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK login-submit.js Show response
www.perx.com/static/core/js/ 2 KB
891 B 520ms
173ms Script
application/javascript 64.28.100.202
LIGHTEDGE-AS-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.perx.com/static/core/js/login-submit.js?vs=4054
Requested by: Host: www.perx.com
URL: https://www.perx.com/cruises/princess-cruises/discovery-princess/itineraries/127724/sailings/2023-01-21/?cabin_type=cabin_b&utm_source=Weekend081222-cold&utm_medium=email&utm_campaign=Perx+Weekend+Update&utm_customerid=3813471
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 64.28.100.202 , United States, ASN11320 (LIGHTEDGE-AS-02, US),
Reverse DNS: www.perx.com
Software: nginx/1.20.1 /
Resource Hash: 75dc7dcbaa2e564b66e850a12d08133d3cbfcff2dc37a6c13c2ab5bd1d9215b0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.perx.com/cruises/princess-cruises/discovery-princess/itineraries/127724/sailings/2023-01-21/?cabin_type=cabin_b&utm_source=Weekend081222-cold&utm_medium=email&utm_campaign=Perx+Weekend+Update&utm_customerid=3813471
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Wed, 17 Aug 2022 03:48:01 GMT
Content-Encoding: gzip
Last-Modified: Tue, 08 Mar 2022 02:41:37 GMT
Server: nginx/1.20.1
ETag: W/"6226c261-673"
Vary: Accept-Encoding
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 207 KB
75 KB 225ms
94ms Script
application/javascript 142.250.74.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5LMSQ6C

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

c59e03a3768ec270e500243b2771d24f980a950cc732449f95298cdaf6d99735

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.perx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 03:48:00 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 75997
x-xss-protection: 0
last-modified: Wed, 17 Aug 2022 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 17 Aug 2022 03:48:00 GMT

GET
H2 200 w8gdH283Tvk__Lua32TysjIfp8uP.woff2
fonts.gstatic.com/s/varelaround/v19/ 20 KB
20 KB 271ms
145ms Font
font/woff2 216.58.212.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/varelaround/v19/w8gdH283Tvk__Lua32TysjIfp8uP.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:800,700,600,400,300|Varela+Round

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f131.1e100.net

Software

sffe /

Resource Hash

bcf86d95e543e9748b28362562cdbce0c7be01b48dd54191912e15f820daf4aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.perx.com
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 19:50:36 GMT
x-content-type-options: nosniff
age: 547043
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20636
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 15:30:15 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 10 Aug 2023 19:50:36 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 44 KB
44 KB 181ms
55ms Font
font/woff2 216.58.212.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:800,700,600,400,300|Varela+Round

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f131.1e100.net

Software

sffe /

Resource Hash

8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.perx.com
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 18:50:34 GMT
x-content-type-options: nosniff
age: 118645
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44856
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 15 Aug 2023 18:50:34 GMT

GET
H/1.1 200
OK fontawesome-webfont.woff2
www.perx.com/static/core/bower_components/components-font-awesome/fonts/ 75 KB
76 KB 429ms
339ms Font
font/woff2 64.28.100.202
LIGHTEDGE-AS-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.perx.com/static/core/bower_components/components-font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0&d598d587ccca
Requested by: Host: www.perx.com
URL: https://www.perx.com/static/CACHE/css/6b8dfbedeef4.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 64.28.100.202 , United States, ASN11320 (LIGHTEDGE-AS-02, US),
Reverse DNS: www.perx.com
Software: nginx/1.20.1 /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://www.perx.com/static/CACHE/css/6b8dfbedeef4.css
Origin: https://www.perx.com
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Wed, 17 Aug 2022 03:48:01 GMT
Last-Modified: Thu, 16 Nov 2017 04:51:32 GMT
Server: nginx/1.20.1
ETag: "5a0d1954-12d68"
Content-Type: font/woff2
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 77160

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 201 KB
71 KB 67ms
66ms Script
application/javascript 142.250.74.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-5XH96G2NWV&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5LMSQ6C

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

d9c50b9888ac0abc4d4841b400045adb4e9082225a070d5f5289a23bd6700d62

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.perx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 03:48:00 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 73012
x-xss-protection: 0
expires: Wed, 17 Aug 2022 03:48:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 186ms
59ms Script
text/javascript 172.217.16.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5LMSQ6C

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.perx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 2760
date: Wed, 17 Aug 2022 03:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 17 Aug 2022 05:02:00 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 40 KB
16 KB 196ms
69ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5LMSQ6C

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

ffb169c682184887e61fbb92375424273436b8638ffb1b98779b24842a72cdbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.perx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 03:48:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15380
x-xss-protection: 0
server: cafe
etag: 14955335288317425560
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 17 Aug 2022 03:48:00 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 141ms
69ms Script
application/javascript 204.79.197.200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5LMSQ6C

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.79.197.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

a-0001.a-msedge.net

Software

Resource Hash

30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.perx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Thu, 28 Jul 2022 17:32:37 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F02EE56D68CB4FD0B8E393AB70E85649 Ref B: STOEDGE1213 Ref C: 2022-08-17T03:48:00Z
etag: "80a8697a8a2d81:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
date: Wed, 17 Aug 2022 03:48:00 GMT
accept-ranges: bytes
content-length: 11367

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 100 KB
27 KB 175ms
54ms Script
application/x-javascript 157.240.236.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5LMSQ6C

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.236.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-frx5.fbcdn.net

Software

Resource Hash

4ff1b9b91db584b19d20b4d02af9ff7673add161ce3f9ceae9391b3a84fddab1

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.perx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26515
x-xss-protection: 0
pragma: public
x-fb-debug: EZ3SixmdrO6sZ7xR9cwG/xv7YkG57wnm1xHEZZdjn7u+5TkR2uwtpXO8Y8/GSzuLxqRIpngCP3pokP3xAeLYXQ==
x-fb-trip-id: 917726464
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 17 Aug 2022 03:48:00 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 bs06b8ui9g Show response
www.clarity.ms/tag/ 2 KB
2 KB 282ms
154ms Script
application/x-javascript 104.212.67.157
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/bs06b8ui9g
Requested by: Host: list.perx.com
URL: http://list.perx.com/t/gcH1AAkbbGIMqQCI2cCH3qLD~aCFBsBL1YtaaaaEJsBRPN44raa?j=B_xAxAw~amp;n=Qxdo.moi3bkdn~25uAiki.xe~amp;v=~7E~amp;n=~amp;1=X3jzi~25D0~25C5~25C56m6.foh7.Syc~25C5mh4Y2U2~25sPf1YxSoi2-S1ksioi~25C5nY2Syloh8-f1YxSoi2~25sPY3YxU1Q1Yoi~25C5BsHxCu~25C52Qsbsdqi~25C5CqCt-Ar-Cr~25C5~25D5mQlYx_j8fo~25tNSkRsd_l~25sGk3c_2e4hmU~25D3gUoaodnqIrCsC-Sybn~25sGk3c_wUnY4c~25D3ockYv~25sGk3c_mQwfkYqd~25D3ZU1n~25C1gUoaodn~25sLKzTkjo~25sGk3c_mk2jycohsT~25D3DyBtExB
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.212.67.157 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS: muc30r3.msedge.net
Software: / ASP.NET
Resource Hash: 6a97cc44f9bb3c78dd1b8e6d92ae52595e42fe9f610d34f5816405f0fa06ffb4

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.perx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 03:47:59 GMT
x-powered-by: ASP.NET
x-azure-ref: 08GT8YgAAAAANfIHt7doRRbxmS18eM+nyTVVDMzBFREdFMDMxMwA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
expires: -1
cache-control: no-cache, no-store
request-context: appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2

POST
H2 204 collect
region1.google-analytics.com/g/ 0
345 B 112ms
39ms Ping
text/plain 216.239.32.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-5XH96G2NWV&gtm=2oe8f0&_p=757100419&cid=1425178449.1660708080&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=1&sid=1660708080&sct=1&seg=0&dl=https%3A%2F%2Fwww.perx.com%2Fcruises%2Fprincess-cruises%2Fdiscovery-princess%2Fitineraries%2F127724%2Fsailings%2F2023-01-21%2F%3Fcabin_type%3Dcabin_b%26utm_source%3DWeekend081222-cold%26utm_medium%3Demail%26utm_campaign%3DPerx%2BWeekend%2BUpdate%26utm_customerid%3D3813471&dr=http%3A%2F%2Flist.perx.com%2F&dt=Best%20interline%20rates%20on%20Discovery%20Princess%20%7C%20PERX.com&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5XH96G2NWV&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.perx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Aug 2022 03:48:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.perx.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 a
www.googletagmanager.com/ 0
17 B 73ms
72ms Image
image/gif 142.250.74.200
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=G-5XH96G2NWV&cv=1&v=3&t=t&pid=1147064480&rv=8f0&es=1&e=gtm.init_consent&eid=-1&tc=12&dl=www.perx.com%2Fcruises%2Fprincess-cruises%2Fdiscovery-princess%2Fitineraries%2F127724%2Fsailings%2F2023-01-21%2F&tdp=G-5XH96G2NWV&z=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.perx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Aug 2022 03:48:00 GMT
server: Google Tag Manager
vary: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 td
www.googletagmanager.com/ 0
15 B 66ms
64ms Image
image/gif 142.250.74.200
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.googletagmanager.com/td?id=G-5XH96G2NWV&cv=1&v=3&t=t&pid=1147064480&rv=8f0&es=1&e=gtm.init_consent&eid=-1&tc=12&dl=www.perx.com%2Fcruises%2Fprincess-cruises%2Fdiscovery-princess%2Fitineraries%2F127724%2Fsailings%2F2023-01-21%2F&tdp=G-5XH96G2NWV&z=0
Requested by: Host: www.perx.com
URL: https://www.perx.com/cruises/princess-cruises/discovery-princess/itineraries/127724/sailings/2023-01-21/?cabin_type=cabin_b&utm_source=Weekend081222-cold&utm_medium=email&utm_campaign=Perx+Weekend+Update&utm_customerid=3813471
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.74.200 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s02-in-f8.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.perx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Aug 2022 03:48:00 GMT
server: Golfe2
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 a
www.googletagmanager.com/ 0
17 B 82ms
81ms Image
image/gif 142.250.74.200
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=G-5XH96G2NWV&cv=1&v=3&t=t&pid=1147064480&rv=8f0&es=1&e=gtm.init&eid=0&tc=12&tr=1ogteventcreate.1ccdconversionmarking.1ccdemdownload.1ccdemoutboundclick.1ccdempageview.1ccdemscroll.1ccdemsitesearch.1ccdemvideo.1ccdgaregscope.1setproductsettings.1ogtgooglesignals&ti=2ogteventcreate.2ccdconversionmarking.2ccdemdownload.2ccdemoutboundclick.2ccdempageview.2ccdemscroll.2ccdemsitesearch.2ccdemvideo.2ccdgaregscope.2setproductsettings.2ogtgooglesignals&z=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.perx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Aug 2022 03:48:00 GMT
server: Google Tag Manager
vary: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 a
www.googletagmanager.com/ 0
17 B 87ms
87ms Image
image/gif 142.250.74.200
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=G-5XH96G2NWV&cv=1&v=3&t=t&pid=1147064480&rv=8f0&es=1&e=gtm.js&eid=1&u=AAAAAAAC&tc=12&tr=1gct&epr=1G.2G&ti=1gct&z=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.perx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Aug 2022 03:48:00 GMT
server: Google Tag Manager
vary: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 a
www.googletagmanager.com/ 0
17 B 88ms
87ms Image
image/gif 142.250.74.200
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=G-5XH96G2NWV&cv=1&v=3&t=t&pid=1147064480&rv=8f0&e=gtm.init&eid=0&u=AAAAAAAC&tc=12&tr=5ogteventcreate.5ccdconversionmarking.5ccdemdownload.5ccdemoutboundclick.5ccdempageview.5ccdemscroll.5ccdemsitesearch.5ccdemvideo.5ccdgaregscope.5setproductsettings.5ogtgooglesignals&ti=2ogteventcreate.2ccdconversionmarking.2ccdemdownload.2ccdemoutboundclick.2ccdempageview.2ccdemscroll.2ccdemsitesearch.2ccdemvideo.2ccdgaregscope.2setproductsettings.2ogtgooglesignals&z=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.perx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Aug 2022 03:48:00 GMT
server: Google Tag Manager
vary: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 a
www.googletagmanager.com/ 0
17 B 81ms
81ms Image
image/gif 142.250.74.200
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=G-5XH96G2NWV&cv=1&v=3&t=t&pid=1147064480&rv=8f0&e=gtm.js&eid=1&u=AAAAAAAC&tc=12&tr=5gct&ti=1gct&z=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.perx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Aug 2022 03:48:00 GMT
server: Google Tag Manager
vary: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 5140418.js Show response
bat.bing.com/p/action/ 1 KB
860 B 195ms
195ms Script
application/javascript 204.79.197.200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/5140418.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.79.197.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

a-0001.a-msedge.net

Software

/ ARR/3.0

Resource Hash

289d9745ce21ca108897724517ee94f62efd51335b1ff5c58fba758835f8a56e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.perx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D87CDE0AA2B84FD4AA82C20AED725AC4 Ref B: STOEDGE1213 Ref C: 2022-08-17T03:48:00Z
x-powered-by: ARR/3.0
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private,max-age=60
date: Wed, 17 Aug 2022 03:48:00 GMT
content-length: 666

GET
H2 204 0
bat.bing.com/action/ 0
176 B 68ms
68ms Image
text/plain 204.79.197.200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=5140418&tm=gtm002&Ver=2&mid=0e9e44bc-129f-483b-b596-53bb45c24691&sid=638ec1a01ddf11edb047e9656c3b8921&vid=638eb3701ddf11eda39cc5b8d24e9c73&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Best%20interline%20rates%20on%20Discovery%20Princess%20%7C%20PERX.com&kw=discount%20cruises,%20last%20minute%20cruises,%20cruise,%20interline%20cruise,%20airline%20employee%20cruise,%20airline%20employee%20travel,%20cruise%20travel,%20cruise%20vacation,%20cruise%20packages,%20cruise%20tours,%20luxury%20cruise%20deals,%20princess%20airline%20employee%20discount,%20princess%20interline%20rate,%20princess%20cruise%20discount,%20princess,%20princess%20cruises,%20princess%20cruise%20line,%20princess%20cruise%20line%20deals,%20princess%20cruise%20deals,%20princess%20cruise%20discount,%20princess%20cruise%20line%20discounts,%20come%20back%20new,%20discovery%20princess,%20discovery%20princess%20discounts,%20discovery%20princess%20sailings&p=https%3A%2F%2Fwww.perx.com%2Fcruises%2Fprincess-cruises%2Fdiscovery-princess%2Fitineraries%2F127724%2Fsailings%2F2023-01-21%2F%3Fcabin_type%3Dcabin_b%26utm_source%3DWeekend081222-cold%26utm_medium%3Demail%26utm_campaign%3DPerx%2BWeekend%2BUpdate%26utm_customerid%3D3813471&r=http%3A%2F%2Flist.perx.com%2F&lt=1641&evt=pageLoad&sv=1&rn=479692

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.79.197.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

a-0001.a-msedge.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.perx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 72EDEC7D697A425D88CF4714EFBFD46C Ref B: STOEDGE1213 Ref C: 2022-08-17T03:48:00Z
date: Wed, 17 Aug 2022 03:48:00 GMT
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
440 B 180ms
61ms XHR
text/plain 74.125.133.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-7937017-2&cid=1425178449.1660708080&jid=1035768130&gjid=2143432647&_gid=733420728.1660708080&_u=YCDAgEABAAAAAE~&z=1015877117

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.133.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wo-in-f157.1e100.net

Software

Golfe2 /

Resource Hash

08f3d7de7aea50ee4f77098ffd4ecce4d803a35b21285f45e6b72e3a497d7122

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.perx.com/
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 17 Aug 2022 03:48:00 GMT
content-type: text/plain
access-control-allow-origin: https://www.perx.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 190ms
68ms Image
image/gif 172.217.16.206
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=757100419&t=pageview&_s=1&dl=https%3A%2F%2Fwww.perx.com%2Fcruises%2Fprincess-cruises%2Fdiscovery-princess%2Fitineraries%2F127724%2Fsailings%2F2023-01-21%2F%3Fcabin_type%3Dcabin_b%26utm_source%3DWeekend081222-cold%26utm_medium%3Demail%26utm_campaign%3DPerx%2BWeekend%2BUpdate%26utm_customerid%3D3813471&dr=http%3A%2F%2Flist.perx.com%2F&ul=en-us&de=UTF-8&dt=Best%20interline%20rates%20on%20Discovery%20Princess%20%7C%20PERX.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAgEAB~&jid=1035768130&gjid=2143432647&cid=1425178449.1660708080&tid=UA-7937017-2&_gid=733420728.1660708080&gtm=2wg8f05LMSQ6C&z=158894490

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.perx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Aug 2022 22:58:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 17363
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/982780023/ 3 KB
2 KB 200ms
75ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/982780023/?random=1660708080431&cv=9&fst=1660708080431&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg8f0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.perx.com%2Fcruises%2Fprincess-cruises%2Fdiscovery-princess%2Fitineraries%2F127724%2Fsailings%2F2023-01-21%2F%3Fcabin_type%3Dcabin_b%26utm_source%3DWeekend081222-cold%26utm_medium%3Demail%26utm_campaign%3DPerx%2BWeekend%2BUpdate%26utm_customerid%3D3813471&ref=http%3A%2F%2Flist.perx.com%2F&tiba=Best%20interline%20rates%20on%20Discovery%20Princess%20%7C%20PERX.com&auid=322734865.1660708080&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

01abf071c8047ec759e57919080671c4d66b75200d1d3fbe535adaae07c62003

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.perx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Aug 2022 03:48:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1186
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 identity.js Show response
connect.facebook.net/signals/plugins/ 64 KB
20 KB 114ms
58ms Script
application/x-javascript 157.240.236.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/identity.js?v=2.9.75

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.236.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-frx5.fbcdn.net

Software

Resource Hash

d4edbbe1037c50c8ffa90860286c8166860ad9da450ed5e16a28e2fc9bce3c23

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.perx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 20715
x-xss-protection: 0
pragma: public
x-fb-debug: eB+lfiWl7MES+gHyFH8owrChitt+C2EhcoTLNXlKoS4KjvC3aEfT85av0p1vHm/i/V9NDVr6NqtjsfzYFXuXlg==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 17 Aug 2022 03:48:00 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 579575558862738 Show response
connect.facebook.net/signals/config/ 292 KB
84 KB 173ms
118ms Script
application/x-javascript 157.240.236.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/579575558862738?v=2.9.75&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.236.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-frx5.fbcdn.net

Software

Resource Hash

a9a4122822c7d615e1b89882ae2bced86a3cc17f4348626e842836c7b00bc221

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.perx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 85831
x-xss-protection: 0
pragma: public
x-fb-debug: 6o05Z+ay/tBL7NlJWGaW0IoJNRg8787i3iAD7hwcaTUcF/GtIUyel8nkAxK7DlOW0noJlyTizfPTYs5sYEQa4w==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 17 Aug 2022 03:48:00 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 clarity.js Show response
www.clarity.ms/eus-b/s/0.6.39/ 53 KB
23 KB 152ms
151ms Script
application/javascript 104.212.67.157
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/eus-b/s/0.6.39/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/bs06b8ui9g
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.212.67.157 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS: muc30r3.msedge.net
Software: / ASP.NET
Resource Hash: f083096f236cb98c87af2abc70707aef6a74bb105074919b0bdc3aeec6964c1d

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.perx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 03:48:00 GMT
content-encoding: br
etag: "1d8b099e3740ca1"
last-modified: Wed, 01 Jun 2022 12:22:22 GMT
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript;charset=utf-8
cache-control: public,max-age=86400
x-azure-ref: 08GT8YgAAAAB5NVt/CQLqR6+cvzBpF/uoTVVDMzBFREdFMDMxMwA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
accept-ranges: bytes
request-context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8

GET
H2 200 5140418 Show response
www.clarity.ms/tag/uet/ 2 KB
2 KB 161ms
161ms Script
application/x-javascript 104.212.67.157
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/uet/5140418
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/action/5140418.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.212.67.157 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS: muc30r3.msedge.net
Software: / ASP.NET
Resource Hash: 3de0f6023e1fec51a98b0a40c6cbf4d846dbbb6e5d569240b5a83d880f8a4f6c

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.perx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 03:48:00 GMT
x-powered-by: ASP.NET
x-azure-ref: 08GT8YgAAAABzL+/WbaBiQ50vRAGkRV9FTVVDMzBFREdFMDMxMwA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
expires: -1
cache-control: no-cache, no-store
request-context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 208ms
72ms Image
image/gif 172.217.23.100
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-7937017-2&cid=1425178449.1660708080&jid=1035768130&_u=YCDAgEABAAAAAE~&z=1981492330

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.perx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Aug 2022 03:48:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.se/ads/ 42 B
501 B 209ms
73ms Image
image/gif 142.250.184.227
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.se/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-7937017-2&cid=1425178449.1660708080&jid=1035768130&_u=YCDAgEABAAAAAE~&z=1981492330

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.perx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Aug 2022 03:48:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/982780023/ 42 B
154 B 178ms
72ms Image
image/gif 172.217.23.100
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/982780023/?random=1660708080431&cv=9&fst=1660705200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg8f0&sendb=1&frm=0&url=https%3A%2F%2Fwww.perx.com%2Fcruises%2Fprincess-cruises%2Fdiscovery-princess%2Fitineraries%2F127724%2Fsailings%2F2023-01-21%2F%3Fcabin_type%3Dcabin_b%26utm_source%3DWeekend081222-cold%26utm_medium%3Demail%26utm_campaign%3DPerx%2BWeekend%2BUpdate%26utm_customerid%3D3813471&ref=http%3A%2F%2Flist.perx.com%2F&tiba=Best%20interline%20rates%20on%20Discovery%20Princess%20%7C%20PERX.com&async=1&fmt=3&is_vtc=1&random=1720330400&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.perx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Aug 2022 03:48:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.se/pagead/1p-user-list/982780023/ 42 B
154 B 184ms
79ms Image
image/gif 142.250.184.227
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.se/pagead/1p-user-list/982780023/?random=1660708080431&cv=9&fst=1660705200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg8f0&sendb=1&frm=0&url=https%3A%2F%2Fwww.perx.com%2Fcruises%2Fprincess-cruises%2Fdiscovery-princess%2Fitineraries%2F127724%2Fsailings%2F2023-01-21%2F%3Fcabin_type%3Dcabin_b%26utm_source%3DWeekend081222-cold%26utm_medium%3Demail%26utm_campaign%3DPerx%2BWeekend%2BUpdate%26utm_customerid%3D3813471&ref=http%3A%2F%2Flist.perx.com%2F&tiba=Best%20interline%20rates%20on%20Discovery%20Princess%20%7C%20PERX.com&async=1&fmt=3&is_vtc=1&random=1720330400&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.perx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Aug 2022 03:48:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 171ms
54ms Image
image/gif 157.240.236.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=579575558862738&ev=PageView&dl=https%3A%2F%2Fwww.perx.com%2Fcruises%2Fprincess-cruises%2Fdiscovery-princess%2Fitineraries%2F127724%2Fsailings%2F2023-01-21%2F%3Fcabin_type%3Dcabin_b%26utm_source%3DWeekend081222-cold%26utm_medium%3Demail%26utm_campaign%3DPerx%2BWeekend%2BUpdate%26utm_customerid%3D3813471&rl=http%3A%2F%2Flist.perx.com%2F&if=false&ts=1660708080694&sw=1600&sh=1200&v=2.9.75&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&fbp=fb.1.1660708080693.957530837&it=1660708080441&coo=false&tm=1&exp=b1&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.236.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-frx5.facebook.com

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.perx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 03:48:00 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Wed, 17 Aug 2022 03:48:00 GMT

POST
H2 204 collect Show response
f.clarity.ms/ 0
174 B 524ms
256ms XHR
text/plain 20.84.22.197
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://f.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus-b/s/0.6.39/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.84.22.197 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.perx.com/
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-origin: https://www.perx.com
date: Wed, 17 Aug 2022 03:48:00 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?CtsSyncId=B7F0ADABA12A4127BAD316ECA7283EF3&RedC=c.clarity.ms&MXFR=1B1365CFAE0C6BE014AB77CCAA0C65B5
https://c.clarity.ms/c.gif?CtsSyncId=B7F0ADABA12A4127BAD316ECA7283EF3&MUID=3D7AD905409565FE2ECFCB06411A64C5

42 B
369 B

63ms
63ms

Image
image/gif

20.234.93.27
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?CtsSyncId=B7F0ADABA12A4127BAD316ECA7283EF3&MUID=3D7AD905409565FE2ECFCB06411A64C5
Protocol: H2
Server: 20.234.93.27 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.perx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Aug 2022 03:48:00 GMT
last-modified: Thu, 28 Jul 2022 20:41:52 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "82531c78c2a2d81:0"
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

Redirect headers

pragma: no-cache
date: Wed, 17 Aug 2022 03:48:00 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: E5C830870CEC498D990324CD52200D3E Ref B: STOEDGE1213 Ref C: 2022-08-17T03:48:01Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?CtsSyncId=B7F0ADABA12A4127BAD316ECA7283EF3&MUID=3D7AD905409565FE2ECFCB06411A64C5
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

POST
H3 200 / Show response
www.facebook.com/tr/ 0
18 B 108ms
52ms XHR
text/plain 157.240.236.35
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.236.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-frx5.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.perx.com/
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryKv5C1m7btyGYS1OS

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Wed, 17 Aug 2022 03:48:01 GMT
content-type: text/plain
access-control-allow-origin: https://www.perx.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-length: 0
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=1

GET
H3 204 a
www.googletagmanager.com/ 0
17 B 74ms
74ms Image
image/gif 142.250.74.200
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=G-5XH96G2NWV&cv=1&v=3&t=t&pid=1147064480&rv=8f0&es=1&e=gtm.load&eid=11&u=CAAAAAAC&tc=12&z=0

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.perx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Aug 2022 03:48:01 GMT
server: Google Tag Manager
vary: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

40 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

19 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.perx.com/	1970-01-20 14:02:37	Name: csrftoken Value: lt9FZNOf1FKKoes5SJtAFlhe765swXzQlE0Q3uLUq9pivXPFnUu6hqvw4HaL641n
www.perx.com/	1970-01-20 05:38:37	Name: sessionid Value: 59j7n6ofo5vq84yw0nofmhq9mk0ye4tp
.perx.com/	1970-01-20 07:28:04	Name: _gcl_au Value: 1.1.322734865.1660708080
.perx.com/	1970-01-20 14:54:28	Name: _ga_5XH96G2NWV Value: GS1.1.1660708080.1.0.1660708080.0.0.0
.bing.com/	1970-01-20 14:40:04	Name: MUID Value: 3D7AD905409565FE2ECFCB06411A64C5
.perx.com/	1970-01-20 05:19:54	Name: _uetsid Value: 638ec1a01ddf11edb047e9656c3b8921
.perx.com/	1970-01-20 14:40:04	Name: _uetvid Value: 638eb3701ddf11eda39cc5b8d24e9c73
.perx.com/	1970-01-20 14:54:28	Name: _ga Value: GA1.2.1425178449.1660708080
.perx.com/	1970-01-20 05:19:54	Name: _gid Value: GA1.2.733420728.1660708080
.perx.com/	1970-01-20 05:18:28	Name: _dc_gtm_UA-7937017-2 Value: 1
www.clarity.ms/	1970-01-20 14:04:04	Name: CLID Value: 54dbcde66c0c40ee815028967ec51f24.20220817.20230817
.doubleclick.net/	1970-01-20 05:18:28	Name: test_cookie Value: CheckForPermission
.perx.com/	1970-01-20 14:04:04	Name: _clck Value: 1crt4mi\|1\|f43\|0
.perx.com/	1970-01-20 07:28:04	Name: _fbp Value: fb.1.1660708080693.957530837
.c.bing.com/	1970-01-20 14:40:04	Name: SRM_B Value: 3D7AD905409565FE2ECFCB06411A64C5
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 14:40:04	Name: MUID Value: 3D7AD905409565FE2ECFCB06411A64C5
.c.clarity.ms/	1970-01-20 05:18:28	Name: ANONCHK Value: 0
.perx.com/	1970-01-20 05:19:54	Name: _clsk Value: 16io713\|1660708081290\|1\|1\|f.clarity.ms/collect

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bat.bing.com
c.bing.com
c.clarity.ms
cdnjs.cloudflare.com
connect.facebook.net
f.clarity.ms
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
list.perx.com
media.pixelager.com
region1.google-analytics.com
stats.g.doubleclick.net
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.google.se
www.googleadservices.com
www.googletagmanager.com
www.perx.com
104.17.24.14
104.212.67.157
142.250.184.194
142.250.184.227
142.250.185.130
142.250.186.138
142.250.74.200
157.240.236.1
157.240.236.35
172.217.16.206
172.217.23.100
20.234.93.27
20.84.22.197
204.79.197.200
216.239.32.36
216.58.212.131
64.28.100.202
64.28.100.219
64.28.100.236
74.125.133.157
01abf071c8047ec759e57919080671c4d66b75200d1d3fbe535adaae07c62003
08f3d7de7aea50ee4f77098ffd4ecce4d803a35b21285f45e6b72e3a497d7122
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
26a84e206a7f6d446233d9b2b6b497b32980183bea20c0221a341e84ee4b9928
289d9745ce21ca108897724517ee94f62efd51335b1ff5c58fba758835f8a56e
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7
3de0f6023e1fec51a98b0a40c6cbf4d846dbbb6e5d569240b5a83d880f8a4f6c
4e51a3aebe91f5cf2c0ea993b43b7649e307c14142f61a70ebe5702990c371e4
4ff1b9b91db584b19d20b4d02af9ff7673add161ce3f9ceae9391b3a84fddab1
653aa46099068883de10713531b7723346a427b7ac3449fa580273625e89afb0
6a97cc44f9bb3c78dd1b8e6d92ae52595e42fe9f610d34f5816405f0fa06ffb4
6f75cdeca6238858326ecaded2dab99696c44f9e2fbe0bd53e18e5ce76575fdc
75dc7dcbaa2e564b66e850a12d08133d3cbfcff2dc37a6c13c2ab5bd1d9215b0
7a3f3c9897cd298106ffe6eb8e813cd15de1b7f8970c8b02de9b779f32abe1bd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
95658bca8d15b3fa74fc6432aaf58c5358cc1ff1bcb1a875dfac55b8cd466531
957bfb82e1d86ca833385128370487149bd002c2e76e9532d5e1516754382d22
9973a2b14b24d15dac0e168f65fcd22ead896df9f0a0f97c34f7ae01a0b4a769
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a0d4a1fcbaffa380535018f07aacd4772ef84477997fbca087d0c6a526ce21f4
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a9518902c6779eb22ca31d49a6e4dfbf8f6ae6c67ae172c4ede439851acd5e09
a9a4122822c7d615e1b89882ae2bced86a3cc17f4348626e842836c7b00bc221
afe791589778d33365d6ffaa6051ad87484925910d7f001ab9b430e1b8fdd4da
bcf86d95e543e9748b28362562cdbce0c7be01b48dd54191912e15f820daf4aa
c59e03a3768ec270e500243b2771d24f980a950cc732449f95298cdaf6d99735
d4edbbe1037c50c8ffa90860286c8166860ad9da450ed5e16a28e2fc9bce3c23
d9c50b9888ac0abc4d4841b400045adb4e9082225a070d5f5289a23bd6700d62
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5f868895a732bcb81c619b195b33d358176aa1c5e9a41a7b8aea892eac30fb3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f083096f236cb98c87af2abc70707aef6a74bb105074919b0bdc3aeec6964c1d
fb3b31329e73afd4ae9e25f76a2421f0d85b9be627179272d4a3c4e64289607f
fe8aaba0b00dbb34f260c931d6bb1c417e2278de6d2b98dfd30047e7adb580a0
ff403d9174538ecdba4c5b14d95d4506928b2f20e0597567dd492906279878a8
ffb169c682184887e61fbb92375424273436b8638ffb1b98779b24842a72cdbf
ffdb54a79d31df0e6c653a39cde68fe9d2f5d419f8010e2249e100a97493c964

www.perx.com Open in urlscan Pro 64.28.100.202 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

52 Requests

96 %HTTPS

0 %IPv6

15 Domains

21 Subdomains

20 IPs

4 Countries

754 kBTransfer

1929 kBSize

19 Cookies

8 Outgoing links

Page URL History

Redirected requests

52 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.perx.com Open in urlscan Pro
64.28.100.202 Public Scan

Screenshot
Live screenshot

Full Image

52
Requests

96 %
HTTPS

0 %
IPv6

15
Domains

21
Subdomains

20
IPs

4
Countries

754 kB
Transfer

1929 kB
Size

19
Cookies

52 HTTP transactions
0 data transactions