urlscan.io logo urlscan.io
SecurityTrails logo

travelconnecxions.com Open in urlscan Pro
92.205.11.133  Public Scan

Go To Rescan Add Verdict Report
URL: https://travelconnecxions.com/
Submission: On June 29 via api from US — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 3 countries across 10 domains to perform 30 HTTP transactions. The main IP is 92.205.11.133, located in Strasbourg, France and belongs to GODADDY-SXB, DE. The main domain is travelconnecxions.com.
TLS certificate: Issued by travelconnecxions.kargur.com on June 25th 2023. Valid for: a year.
This is the only time travelconnecxions.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

6    92.205.11.133 (Strasbourg, France)

ASN21499 (GODADDY-SXB, DE)
PTR: 133.11.205.92.host.secureserver.net
travelconnecxions.com
1    2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2606:4700::6812:1634 (United States)

ASN13335 (CLOUDFLARENET, US)
kit.fontawesome.com
1    2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
6    2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    23.53.42.160 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-53-42-160.deploy.static.akamaitechnologies.com
img1.wsimg.com
img6.wsimg.com
3    2606:4700:e6::ac40:ca1c (United States)

ASN13335 (CLOUDFLARENET, US)
ka-f.fontawesome.com
1    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
partner.googleadservices.com
1    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
2    2a02:26f0:3500:18::1724:a292 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
events.api.secureserver.net
3    2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:812::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
Apex Domain
Subdomains		 Transfer
9 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 135
tpc.googlesyndication.com — Cisco Umbrella Rank: 160
204 KB
6 travelconnecxions.com
travelconnecxions.com
862 KB
4 fontawesome.com
kit.fontawesome.com — Cisco Umbrella Rank: 2060
ka-f.fontawesome.com — Cisco Umbrella Rank: 4529
108 KB
2 secureserver.net
events.api.secureserver.net — Cisco Umbrella Rank: 13682
572 B
2 google.com
adservice.google.com — Cisco Umbrella Rank: 113
www.google.com — Cisco Umbrella Rank: 10
2 KB
2 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 57
5 KB
2 wsimg.com
img1.wsimg.com — Cisco Umbrella Rank: 9721
img6.wsimg.com — Cisco Umbrella Rank: 11920
12 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 88
ajax.googleapis.com — Cisco Umbrella Rank: 433
31 KB
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1129
611 B
1 gstatic.com
fonts.gstatic.com
8 KB
30 10
Domain Requested by
6 pagead2.googlesyndication.com travelconnecxions.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
6 travelconnecxions.com travelconnecxions.com
3 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
3 ka-f.fontawesome.com kit.fontawesome.com
travelconnecxions.com
2 events.api.secureserver.net img1.wsimg.com
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
1 www.google.com tpc.googlesyndication.com
1 adservice.google.com pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 fonts.gstatic.com fonts.googleapis.com
1 img6.wsimg.com travelconnecxions.com
1 img1.wsimg.com 1 redirects
1 ajax.googleapis.com travelconnecxions.com
1 kit.fontawesome.com travelconnecxions.com
1 fonts.googleapis.com travelconnecxions.com
30 15

This site contains no links.

Subject Issuer Validity Valid
travelconnecxions.kargur.com
travelconnecxions.kargur.com		 2023-06-25 -
2024-06-24		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-05-29 -
2023-08-21		 3 months crt.sh
*.fontawesome.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-22 -
2023-12-23		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-05-29 -
2023-08-21		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-08-12 -
2023-08-12		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-05-29 -
2023-08-21		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2023-05-29 -
2023-08-21		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-05-29 -
2023-08-21		 3 months crt.sh
*.api.secureserver.net
Starfield Secure Certificate Authority - G2		 2022-08-05 -
2023-09-06		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-05-29 -
2023-08-21		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-05-29 -
2023-08-21		 3 months crt.sh

This page contains 5 frames:

Primary Page: https://travelconnecxions.com/
Frame ID: FB6875A24DD42779559AE875FF1652C5
Requests: 23 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230626/r20190131/zrt_lookup.html
Frame ID: 9C1950539CE210BF41D1D66F3EBE6BDB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2730245035427212&output=html&adk=1812271804&adf=3025194257&lmt=1688040391&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Ftravelconnecxions.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688040390812&bpp=15&bdt=552&idt=504&shv=r20230626&mjsv=m202306200101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8460424442835&frm=20&pv=2&ga_vid=840281816.1688040391&ga_sid=1688040391&ga_hid=1880623982&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44759842%2C44772268%2C44788442%2C44789815&oid=2&pvsid=2817513703789600&tmod=776173577&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=589
Frame ID: C6405379084ABEC35F211FE6705023A2
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 455F79B652774F5B64A5200C2967EA19
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 160B272F4BD7377ABC6FD1FD0C45D8A8
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Travel Connecxions Member Area

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • kit\.fontawesome\.com/([0-9a-z]+).js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

30
Requests

77 %
HTTPS

86 %
IPv6

10
Domains

15
Subdomains

14
IPs

3
Countries

1233 kB
Transfer

1759 kB
Size

6
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9
  • https://img1.wsimg.com/traffic-assets/js/tccl.min.js HTTP 302
  • https://img6.wsimg.com/wrhs/5c3e20ad749ddb088afc84b1b7ff009e/tccl.min.js

30 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
travelconnecxions.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://travelconnecxions.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.205.11.133 Strasbourg, France, ASN21499 (GODADDY-SXB, DE),
Reverse DNS
133.11.205.92.host.secureserver.net
Software
Apache / PHP/7.4.33
Resource Hash
fcacbb4bc926af1837e8e092f80804316da1c11e4033ce0a343f91e1740739b5

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate
content-encoding
br
content-length
828
content-type
text/html; charset=UTF-8
date
Thu, 29 Jun 2023 12:06:29 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
Apache
vary
Accept-Encoding
x-powered-by
PHP/7.4.33
style.css
travelconnecxions.com/css/ 		3 KB
994 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://travelconnecxions.com/css/style.css
Requested by
Host: travelconnecxions.com
URL: https://travelconnecxions.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.205.11.133 Strasbourg, France, ASN21499 (GODADDY-SXB, DE),
Reverse DNS
133.11.205.92.host.secureserver.net
Software
Apache /
Resource Hash
b712568982371f6d43234cc7aacbbb50cedb74ff7ca5936baef3f997b54367f6

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://travelconnecxions.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 12:06:30 GMT
content-encoding
br
last-modified
Sat, 14 Mar 2020 04:03:58 GMT
server
Apache
etag
"3e805cc-b9f-5a0c8ace2c780-br"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
879
css
fonts.googleapis.com/ 		1 KB
858 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Poppins:600&display=swap
Requested by
Host: travelconnecxions.com
URL: https://travelconnecxions.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e7a86a9621a308806cc57f007b64b986abe9855118fd651766c2ca66d35e2e2b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://travelconnecxions.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 29 Jun 2023 12:06:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 29 Jun 2023 11:38:42 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 29 Jun 2023 12:06:30 GMT
a81368914c.js
kit.fontawesome.com/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kit.fontawesome.com/a81368914c.js
Requested by
Host: travelconnecxions.com
URL: https://travelconnecxions.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2def9dae6b949d0bfada16cd902f63db7fa9d5741cccdcde4da47b392197bef3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://travelconnecxions.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 12:06:30 GMT
strict-transport-security
max-age=31536000; preload
content-encoding
gzip
cf-cache-status
HIT
server
cloudflare
age
1
access-control-max-age
3000
access-control-allow-methods
GET, OPTIONS
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=60, public, must-revalidate
vary
origin, accept-encoding, access-control-request-headers, access-control-request-method
cf-ray
7dee0b37af85021e-CDG
access-control-allow-headers
accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id
F2gRZEMKBM88xqgAAYHC
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
Requested by
Host: travelconnecxions.com
URL: https://travelconnecxions.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://travelconnecxions.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 27 Jun 2023 14:38:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
163695
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30399
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 26 Jun 2024 14:38:15 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		139 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: travelconnecxions.com
URL: https://travelconnecxions.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bc5dac39ffdc3dbed1b27d2c4a35b636cef407d9424a88d34fefa5380369bc26
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://travelconnecxions.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 12:06:30 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48851
x-xss-protection
0
server
cafe
etag
8708714966623792056
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 29 Jun 2023 12:06:30 GMT
wave.png
travelconnecxions.com/img/ 		850 KB
851 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://travelconnecxions.com/img/wave.png
Requested by
Host: travelconnecxions.com
URL: https://travelconnecxions.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.205.11.133 Strasbourg, France, ASN21499 (GODADDY-SXB, DE),
Reverse DNS
133.11.205.92.host.secureserver.net
Software
Apache /
Resource Hash
890e0461ee020e4d3bc2ccb8da7784a7fd98af19d37042cb0097977dca3877b3

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://travelconnecxions.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 12:06:30 GMT
last-modified
Sat, 14 Mar 2020 04:04:00 GMT
server
Apache
accept-ranges
bytes
etag
"3e41059-d4929-5a0c8ad014c00"
content-length
870697
content-type
image/png
bg.svg
travelconnecxions.com/img/ 		25 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://travelconnecxions.com/img/bg.svg
Requested by
Host: travelconnecxions.com
URL: https://travelconnecxions.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.205.11.133 Strasbourg, France, ASN21499 (GODADDY-SXB, DE),
Reverse DNS
133.11.205.92.host.secureserver.net
Software
Apache /
Resource Hash
cef48de218329b74232c0c4b65683cf574c6125f0b18d968b3f8c40195078b82

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://travelconnecxions.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 12:06:30 GMT
content-encoding
br
last-modified
Sat, 14 Mar 2020 04:03:58 GMT
server
Apache
etag
"3e41058-636b-5a0c8ace2c780-br"
vary
Accept-Encoding
content-type
image/svg+xml
accept-ranges
bytes
content-length
8234
avatar.svg
travelconnecxions.com/img/ 		2 KB
929 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://travelconnecxions.com/img/avatar.svg
Requested by
Host: travelconnecxions.com
URL: https://travelconnecxions.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.205.11.133 Strasbourg, France, ASN21499 (GODADDY-SXB, DE),
Reverse DNS
133.11.205.92.host.secureserver.net
Software
Apache /
Resource Hash
9209ab94089020107af2d74c1dd865d69a81bfe85785946f396491f8eec20efa

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://travelconnecxions.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 12:06:30 GMT
content-encoding
br
last-modified
Sat, 14 Mar 2020 04:03:58 GMT
server
Apache
etag
"3e4105a-873-5a0c8ace2c780-br"
vary
Accept-Encoding
content-type
image/svg+xml
accept-ranges
bytes
content-length
860
main.js
travelconnecxions.com/js/ 		846 B
432 B 		Script
General
Check archive.org
Download Go to
Full URL
https://travelconnecxions.com/js/main.js
Requested by
Host: travelconnecxions.com
URL: https://travelconnecxions.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.205.11.133 Strasbourg, France, ASN21499 (GODADDY-SXB, DE),
Reverse DNS
133.11.205.92.host.secureserver.net
Software
Apache /
Resource Hash
daae58fde730c5b85cfcab390cf93e0da3862a204f0fba29915f27c8b0227ca0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://travelconnecxions.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 12:06:30 GMT
content-encoding
br
last-modified
Sat, 14 Mar 2020 05:25:42 GMT
server
Apache
etag
"3ee1788-34e-5a0c9d12fe180-br"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
335
tccl.min.js
img6.wsimg.com/wrhs/5c3e20ad749ddb088afc84b1b7ff009e/
Redirect Chain
  • https://img1.wsimg.com/traffic-assets/js/tccl.min.js
  • https://img6.wsimg.com/wrhs/5c3e20ad749ddb088afc84b1b7ff009e/tccl.min.js
45 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img6.wsimg.com/wrhs/5c3e20ad749ddb088afc84b1b7ff009e/tccl.min.js
Requested by
Host: travelconnecxions.com
URL: https://travelconnecxions.com/
Protocol
H2
Server
23.53.42.160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-53-42-160.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d10c120206d25caa3deafc45a0ed90f2a6ce5290402c4502a68d95bcaeaa898b

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://travelconnecxions.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id
sTnOEJpl_Bn63xNm3Yru0HbQaHbS55CR
content-encoding
br
date
Thu, 29 Jun 2023 12:06:30 GMT
x-amz-request-id
1K08MGCFGNYAVXZF
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="468900_389360284_758310602_45_1140_30_0_-";dur=1
content-length
11347
x-amz-id-2
CZXoeAWpc5+jb36BYR8uyZbNJRBFREbz0Nre0fU34nQWMlUclaRIk+VX09Y65a5zNWYS93IKD+k=
last-modified
Mon, 17 Apr 2023 05:04:44 GMT
etag
"5c3e20ad749ddb088afc84b1b7ff009e"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*

Redirect headers

location
https://img6.wsimg.com/wrhs/5c3e20ad749ddb088afc84b1b7ff009e/tccl.min.js
access-control-allow-origin
*
date
Thu, 29 Jun 2023 12:06:30 GMT
cache-control
max-age=1800
timing-allow-origin
*
content-length
0
expires
Thu, 29 Jun 2023 12:36:30 GMT
free.min.css
ka-f.fontawesome.com/releases/v5.15.4/css/ 		59 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v5.15.4/css/free.min.css?token=a81368914c
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/a81368914c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:ca1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://travelconnecxions.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 12:06:30 GMT
via
1.1 1713affce12abff65dc8b74f1260c722.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
CDG52-P2
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 04 Aug 2021 18:53:09 GMT
server
cloudflare
etag
W/"a12ec7ebe75a4d59a5dd6b79e2ba2e16"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BYrkM22EgmaSeHxmB6zROlpT3b%2F3xVz%2F2icP3tfRp8WM3OJNOjA5IqMVXK7efMFoxPdICWYIRSC8VJnyznPbjirfgsPgMddmG83HmRy%2B%2BMDX36ovM%2FZcl13trlj453AvJUe1PIdXoWrCHHKJdWhHdLB3JQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
cf-ray
7dee0b389e403cf8-CDG
access-control-allow-headers
fa-kit-token
x-amz-cf-id
HlQRtg2eCGFasKhrX5EchL7pLjlSB5zi_dtCvhggv-X00r9TxDIhgw==
pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:600&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://travelconnecxions.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 24 Jun 2023 17:29:29 GMT
x-content-type-options
nosniff
age
412621
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8000
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:59:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 23 Jun 2024 17:29:29 GMT
free-fa-regular-400.woff2
ka-f.fontawesome.com/releases/v5.15.4/webfonts/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v5.15.4/webfonts/free-fa-regular-400.woff2
Requested by
Host: travelconnecxions.com
URL: https://travelconnecxions.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:ca1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48fb6f0d8ac464d95cbc2df3ffa7bf5066950898c5581f5133d0565abb7f706b

Request headers

Referer
https://travelconnecxions.com/
Origin
https://travelconnecxions.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 12:06:30 GMT
via
1.1 db3ff52243ec9e51c6891c82cf157770.cloudfront.net (CloudFront)
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
CDG52-P2
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
13216
last-modified
Wed, 04 Aug 2021 18:58:24 GMT
server
cloudflare
etag
"b8f1c6a3a94d42b082c29f0b1db8ba95"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pvlw3jJeHWEMTa7sroQjjY1kb7D8dZc5AiTEbsW1t6987fddMcxskE4T%2Fvd4Vkc415JlF38akKsiFF60ujbpi0BtcTdfxIQB3UHRKy6UXTdSlTtVAZEB5hJ36VSHPFw94TxUwZX3UawJaa7sEnv86g%2FwiA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
7dee0b38ee873cf8-CDG
access-control-allow-headers
fa-kit-token
x-amz-cf-id
Th8d5IdOe0fDi0Wd-bcBiRFi62IQg_PjyFe2FlsYwJGcb-gP7Nisvg==
free-fa-solid-900.woff2
ka-f.fontawesome.com/releases/v5.15.4/webfonts/ 		76 KB
77 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v5.15.4/webfonts/free-fa-solid-900.woff2
Requested by
Host: travelconnecxions.com
URL: https://travelconnecxions.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e6::ac40:ca1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5dd43f53f3af822cbf17b1fb75f46192cdbd51724f277acf6cf0dacb3fd57e7

Request headers

Referer
https://travelconnecxions.com/
Origin
https://travelconnecxions.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 12:06:30 GMT
via
1.1 16a28c0e67da18fa2960e2e414084d76.cloudfront.net (CloudFront)
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
CDG52-P2
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
78168
last-modified
Wed, 04 Aug 2021 18:58:24 GMT
server
cloudflare
etag
"a9fd1225fb2cd32320e2b931dca01089"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wOBC7XhQ7%2FKS7Zg04qnLNB6Sxrv9XHvu8LURgy5M1a4Jce%2BO1JYfMu0TC0H%2B3TAphsQBWtOEh4grcSsbgQn3qSBu9u%2FZnWan8CvYiVPVYK51br2BXukrj86eN8GII0i1DH54WQZ7qjcDK%2FCWvLUUQcu0nQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
7dee0b393f1599c8-CDG
access-control-allow-headers
fa-kit-token
x-amz-cf-id
79ekn9YDkLg7_7vCLRuOx88ryDPceHB1tT2unWbZZqtprhb2QO4sLw==
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306200101/ 		345 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306200101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2730245035427212&plah=travelconnecxions.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
02ad98dd304b0c434293f3cef7e306092e711e1c0e371a3a88b8e9082286e35f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://travelconnecxions.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 12:06:30 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
121301
x-xss-protection
0
server
cafe
etag
10011808154221059727
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 29 Jun 2023 12:06:30 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230626/r20190131/ Frame 9C19 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230626/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://travelconnecxions.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

age
45242
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4540
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 28 Jun 2023 23:32:29 GMT
etag
15057649708203361565
expires
Wed, 12 Jul 2023 23:32:29 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cookie.js
partner.googleadservices.com/gampad/ 		409 B
611 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=travelconnecxions.com&callback=_gfp_s_&client=ca-pub-2730245035427212
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306200101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2730245035427212&plah=travelconnecxions.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
75e855c0ee95328d9c5d7aeae3b2da2a73ce40092de2b9f44ed356228893a1c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://travelconnecxions.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 12:06:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
260
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
456 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=travelconnecxions.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306200101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2730245035427212&plah=travelconnecxions.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://travelconnecxions.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 12:06:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame C640 		603 B
218 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2730245035427212&output=html&adk=1812271804&adf=3025194257&lmt=1688040391&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Ftravelconnecxions.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688040390812&bpp=15&bdt=552&idt=504&shv=r20230626&mjsv=m202306200101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8460424442835&frm=20&pv=2&ga_vid=840281816.1688040391&ga_sid=1688040391&ga_hid=1880623982&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44759842%2C44772268%2C44788442%2C44789815&oid=2&pvsid=2817513703789600&tmod=776173577&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=589
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306200101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2730245035427212&plah=travelconnecxions.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://travelconnecxions.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 29 Jun 2023 12:06:31 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
event
events.api.secureserver.net/t/1/tl/ 		43 B
286 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.api.secureserver.net/t/1/tl/event?cts=1688040390729&dh=travelconnecxions.com&dr=&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F114.0.5735.198%20Safari%2F537.36&vci=1481811999&cv=2.0.1&z=653220915&vg=f5af06e4-4678-524d-b972-60f0c7a3cd94&vtg=f5af06e4-4678-524d-b972-60f0c7a3cd94&dp=%2F&ap=cpsh-oh&trfd=%7B%22ap%22%3A%22cpsh-oh%22%2C%22server%22%3A%22sxb1plzcpnl490645%22%2C%22dcenter%22%3A%22sxb1%22%2C%22cp_id%22%3A%229428610%22%2C%22cp_cache%22%3A%22%22%2C%22cp_cl%22%3A%226%22%7D&hit_id=fc6835c0-f1f4-5583-96f8-4b344cc63dc6&ht=pageview
Requested by
Host: img1.wsimg.com
URL: https://img1.wsimg.com/traffic-assets/js/tccl.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:3500:18::1724:a292 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://travelconnecxions.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000 ; includeSubDomains
date
Thu, 29 Jun 2023 12:06:31 GMT
x-content-type-options
nosniff
x-frame-options
DENY
content-type
image/gif
access-control-allow-origin
https://travelconnecxions.com
cache-control
private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
content-length
43
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230626&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306200101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2730245035427212&plah=travelconnecxions.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
506662da654e1c4dcecad143e8271aa63ff1eb2578edc36cf625cfdca782954e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://travelconnecxions.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 12:06:31 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11111
x-xss-protection
0
event
events.api.secureserver.net/t/1/tl/ 		43 B
286 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.api.secureserver.net/t/1/tl/event?cts=1688040391680&dh=travelconnecxions.com&dr=&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F114.0.5735.198%20Safari%2F537.36&vci=1481811999&cv=2.0.1&z=1374568900&vg=f5af06e4-4678-524d-b972-60f0c7a3cd94&vtg=f5af06e4-4678-524d-b972-60f0c7a3cd94&dp=%2F&ap=cpsh-oh&trfd=%7B%22ap%22%3A%22cpsh-oh%22%2C%22server%22%3A%22sxb1plzcpnl490645%22%2C%22dcenter%22%3A%22sxb1%22%2C%22cp_id%22%3A%229428610%22%2C%22cp_cache%22%3A%22%22%2C%22cp_cl%22%3A%226%22%7D&hit_id=22653bab-9b02-5cd1-89d3-1dfabe8d9591&ht=perf&tce=1688040389659&tcs=1688040389585&tdc=1688040391649&tdclee=1688040390880&tdcles=1688040390880&tdi=1688040390880&tdl=1688040390260&tdle=1688040389585&tdls=1688040389557&tfs=1688040389555&tns=1688040389555&trqs=1688040389663&tre=1688040390259&trps=1688040390257&tles=1688040391649&tlee=0&nt=navigate&lcp=1265&nav_type=hard
Requested by
Host: img1.wsimg.com
URL: https://img1.wsimg.com/traffic-assets/js/tccl.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:3500:18::1724:a292 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://travelconnecxions.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000 ; includeSubDomains
date
Thu, 29 Jun 2023 12:06:31 GMT
x-content-type-options
nosniff
x-frame-options
DENY
content-type
image/gif
access-control-allow-origin
https://travelconnecxions.com
cache-control
private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
content-length
43
x-xss-protection
1; mode=block
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306200101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2730245035427212&plah=travelconnecxions.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://travelconnecxions.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 12:06:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 29 Jun 2023 12:06:32 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 455F 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://travelconnecxions.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

accept-ranges
bytes
age
68470
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 28 Jun 2023 17:05:22 GMT
expires
Thu, 27 Jun 2024 17:05:22 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 160B 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
6a0ffd710a3d61c79458af60b0b9b8bb9fa96bc09de2f65b7e86d061b6c7cfda
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-NaoZsBsmbLZh4MK71kXhGw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://travelconnecxions.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-NaoZsBsmbLZh4MK71kXhGw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 29 Jun 2023 12:06:32 GMT
expires
Thu, 29 Jun 2023 12:06:32 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
IQSFUkhUGxVfAIopecFKbiTYCckszFTcFsmN0yEW6wM.js
pagead2.googlesyndication.com/bg/ Frame 455F 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/IQSFUkhUGxVfAIopecFKbiTYCckszFTcFsmN0yEW6wM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2104855248541b155f008a2979c14a6e24d809c92ccc54dc16c98dd32116eb03
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 10:15:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
93084
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14804
x-xss-protection
0
last-modified
Mon, 19 Jun 2023 09:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 27 Jun 2024 10:15:08 GMT
generate_204
tpc.googlesyndication.com/ Frame 455F 		0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?XRHHIg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 12:06:32 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 160B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230626&jk=2817513703789600&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230626&jk=2817513703789600&bg=!dnWldSHNAAYQ3eRoMN07ADkAdvg8WkeouXsdkHZN72Xh1d0cxdQkDxwRh3wrT_9_uXrgB6ipZrLbMZiShH59ffLkI1PcCx7gzLQCAAAC8VIAAAAEaAEHCgBvJmwIapLJjVNGxLiNCw9HHM8dUzaHJ2ZM9AiKSdnRxEX-YPjbYQTQ1Cqksyp62hU_IhLYkKWSUAi36zRjguQFuCG6VnaZJZtIv0IknCGvjbw-ntmTIFNlfty-NJrmwwp6PYw5fE9OwWy4qkz8nS01mQKuqnxOERrWn_A4fvA8373T91Ov4I70GNY2ljDU7-613NMqW46p-ots4IjavFHFWqawbJGgN_A-z__sLHyVpkuji1hev0Ol-Y9mIcUpF2cOl0uS4chG36_pc5xpvMupBx9Uzcir-BT4BVTws-aOLDfmXQp4cXmChaVWNCSxNgFY-r4B3NiRq3idLQirO2tfwaZRlPP8ixjb0gB0B6UN9hzUF9Weo1EAZrfvsY6RqVfgSLZdyy0_VlstvIiq2blobQ-lMgPrkvCGkwbRhq9I68FY_aPCjs7jkMM6Mwam3E7VgEcfNK0OlVnL7BfB9R3agDD0CPoClrU5nVue-I_tmkhffLVdfD6laZGD0JdWSoAa0gXIv4Asn5ZSnZJRhysDK7lQlcy-OkV6Z1J_m6B0sdv64tSknkqwxZo19soXUqMn9GD_2AzrinKJZCGNu5OCGKmA35U9l1blU8QJit-mKD238xizxLR5gphdVdcGISW-WyFngqRAyRB9wm4TKVbWU-U1lAq-zv91b_WKkMWN8KHtUbHOJ5-PwGDHQiH37HyrLYt5ottIo3VJ2lv-sanggvCRXMENEljxfIM9XlTCEuWE3R2WZO4Z4ID1ct_0el0WOlyxlVAJXjOwqiQt9TMdZCYVBdblnrKoDh-B3BBmmmpJMvLj7I0xdgi3OXBKFacou7SLQqfGv4DHvObKAEujrOzoQe69O0gnPQqL6Xfv22aFISbIs2y3hZchS6EyfLn3RIIVcEZeyAFdNzyQ6kMt2kjO68vlLbqvcFe8aCJW9pKuKmtx3u49ZQ7OKrtjeWsbEAUmwTrrGGcqynm_L9tVdZInDp7fPx5nsiWSj7eTI3jv75nhrKT4RnD2YYhNL5xzCw_YCf4UawLAKueFLNtNfB8Q2VeKt7Xwtxm79h-71jY
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://travelconnecxions.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

50 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 boolean| credentialless object| onbeforetoggle object| onscrollend object| FontAwesomeKitConfig function| $ function| jQuery function| addcl function| remcl object| _trfd boolean| _tcclPageReqFired object| _tcclInternal object| _expDataLayer object| _signalsDataLayer object| _trfq object| tccl object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| google_sa_impl boolean| _gfp_p_ function| processGoogleToken object| googleToken object| googleIMState number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages string| yes string| yes2 object| GoogleGcLKhOms object| google_image_requests

6 Cookies

Domain/Path Name / Value
travelconnecxions.com/ Name: PHPSESSID
Value: f5bae6687e3f89073f5511f4141bf85b
.travelconnecxions.com/ Name: _tccl_visitor
Value: f5af06e4-4678-524d-b972-60f0c7a3cd94
.travelconnecxions.com/ Name: _tccl_visit
Value: f5af06e4-4678-524d-b972-60f0c7a3cd94
.travelconnecxions.com/ Name: __gads
Value: ID=7711291aee4450c7-2231caf336e20094:T=1688040391:RT=1688040391:S=ALNI_MbvpyjPTm8tA52YzRdgFKu1CsxeOw
.travelconnecxions.com/ Name: __gpi
Value: UID=00000c7ac88a3b90:T=1688040391:RT=1688040391:S=ALNI_MbNZwxrU_i9NX1tOf7bHztEeJkyBQ
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission

1 Console Messages

Source Level URL
Text
network error URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2730245035427212&output=html&adk=1812271804&adf=3025194257&lmt=1688040391&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Ftravelconnecxions.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688040390812&bpp=15&bdt=552&idt=504&shv=r20230626&mjsv=m202306200101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8460424442835&frm=20&pv=2&ga_vid=840281816.1688040391&ga_sid=1688040391&ga_hid=1880623982&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44759842%2C44772268%2C44788442%2C44789815&oid=2&pvsid=2817513703789600&tmod=776173577&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=589
Message:
Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
ajax.googleapis.com
events.api.secureserver.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
img1.wsimg.com
img6.wsimg.com
ka-f.fontawesome.com
kit.fontawesome.com
pagead2.googlesyndication.com
partner.googleadservices.com
tpc.googlesyndication.com
travelconnecxions.com
www.google.com
23.53.42.160
2606:4700::6812:1634
2606:4700:e6::ac40:ca1c
2a00:1450:4001:802::2002
2a00:1450:4001:809::200a
2a00:1450:4001:80b::200a
2a00:1450:4001:812::2004
2a00:1450:4001:827::2002
2a00:1450:4001:828::2002
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2003
2a00:1450:4001:82f::2001
2a02:26f0:3500:18::1724:a292
92.205.11.133
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
02ad98dd304b0c434293f3cef7e306092e711e1c0e371a3a88b8e9082286e35f
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
2104855248541b155f008a2979c14a6e24d809c92ccc54dc16c98dd32116eb03
2def9dae6b949d0bfada16cd902f63db7fa9d5741cccdcde4da47b392197bef3
48fb6f0d8ac464d95cbc2df3ffa7bf5066950898c5581f5133d0565abb7f706b
506662da654e1c4dcecad143e8271aa63ff1eb2578edc36cf625cfdca782954e
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6a0ffd710a3d61c79458af60b0b9b8bb9fa96bc09de2f65b7e86d061b6c7cfda
75e855c0ee95328d9c5d7aeae3b2da2a73ce40092de2b9f44ed356228893a1c0
890e0461ee020e4d3bc2ccb8da7784a7fd98af19d37042cb0097977dca3877b3
9209ab94089020107af2d74c1dd865d69a81bfe85785946f396491f8eec20efa
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b712568982371f6d43234cc7aacbbb50cedb74ff7ca5936baef3f997b54367f6
bc5dac39ffdc3dbed1b27d2c4a35b636cef407d9424a88d34fefa5380369bc26
c5dd43f53f3af822cbf17b1fb75f46192cdbd51724f277acf6cf0dacb3fd57e7
cef48de218329b74232c0c4b65683cf574c6125f0b18d968b3f8c40195078b82
d10c120206d25caa3deafc45a0ed90f2a6ce5290402c4502a68d95bcaeaa898b
daae58fde730c5b85cfcab390cf93e0da3862a204f0fba29915f27c8b0227ca0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7a86a9621a308806cc57f007b64b986abe9855118fd651766c2ca66d35e2e2b
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda
fcacbb4bc926af1837e8e092f80804316da1c11e4033ce0a343f91e1740739b5