www.fleetforwardthetour.com Open in urlscan Pro
2606:4700:3033::ac43:bddf Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://e.mail.worktruckonline.com/c2/1695:63becf5cee0c6cddbf026a75:ot:636c2709369118030b0e1a7d:1/68bebbb0?jwtH=eyJ0eXAiOiJKV1QiLCJ...
Effective URL:
https://www.fleetforwardthetour.com/register/stop-1?utm_medium=banner&utm_source=WTenl
Submission: On January 12 via api (January 12th 2023, 6:19:16 pm UTC) from US — Scanned from DE

Summary HTTP 61 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 23 IPs in 5 countries across 15 domains to perform 61 HTTP transactions. The main IP is 2606:4700:3033::ac43:bddf, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.fleetforwardthetour.com.
TLS certificate: Issued by E1 on December 21st 2022. Valid for: 3 months.

This is the only time www.fleetforwardthetour.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700::68... 2606:4700::6812:4a7f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 5	2606:4700:20:... 2606:4700:20::681a:fcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2a00:1450:400... 2a00:1450:400d:80c::2002	15169 (GOOGLE) (GOOGLE)
10	2606:4700:303... 2606:4700:3033::ac43:bddf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2606:4700::68... 2606:4700::6812:1734	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:400d:805::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	65.9.66.27 65.9.66.27	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:803::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:808::200a	15169 (GOOGLE) (GOOGLE)
4	2a02:26f0:11a... 2a02:26f0:11a::217:9a58	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a02:26f0:11a... 2a02:26f0:11a::6867:4832	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	18.204.49.189 18.204.49.189	14618 (AMAZON-AES) (AMAZON-AES)
2	2606:4700::68... 2606:4700::6812:487f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c03::9a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:808::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:80a::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:807::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:806::2004	15169 (GOOGLE) (GOOGLE)
61	23

1 2606:4700::6812:4a7f (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

e.mail.worktruckonline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:20::681a:fcf (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

click.bobitstudios.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eventsimages.bobitstudios.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80c::2002 (Ireland) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700:3033::ac43:bddf (United States)

ASN13335 (CLOUDFLARENET, US)

www.fleetforwardthetour.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6812:1734 (United States)

ASN13335 (CLOUDFLARENET, US)

kit.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ka-p.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:805::2002 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 65.9.66.27 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-27.fra56.r.cloudfront.net

bccdp.fleetforwardthetour.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:803::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:808::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:11a::217:9a58 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:11a::6867:4832 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.204.49.189 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-204-49-189.compute-1.amazonaws.com

bobit.blueconic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:487f (United States)

ASN13335 (CLOUDFLARENET, US)

d.mail.fleetforwardthetour.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c03::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:808::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80a::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:807::2001 (Ireland)

ASN15169 (GOOGLE, US)

1e1e11b347a8b9c5e584eb24f0a7c1f0.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:806::2004 (Ireland)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	fleetforwardthetour.com www.fleetforwardthetour.com bccdp.fleetforwardthetour.com d.mail.fleetforwardthetour.com	294 KB
7	googlesyndication.com 1e1e11b347a8b9c5e584eb24f0a7c1f0.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 107 tpc.googlesyndication.com — Cisco Umbrella Rank: 153	42 KB
5	typekit.net use.typekit.net — Cisco Umbrella Rank: 440 p.typekit.net — Cisco Umbrella Rank: 587	81 KB
5	fontawesome.com kit.fontawesome.com — Cisco Umbrella Rank: 1470 ka-p.fontawesome.com — Cisco Umbrella Rank: 3443	86 KB
5	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 34 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 197 stats.g.doubleclick.net — Cisco Umbrella Rank: 75	133 KB
5	bobitstudios.com 1 redirects click.bobitstudios.com — Cisco Umbrella Rank: 342856 eventsimages.bobitstudios.com	65 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 43	204 KB
3	google.com region1.analytics.google.com — Cisco Umbrella Rank: 4430 adservice.google.com — Cisco Umbrella Rank: 74 www.google.com — Cisco Umbrella Rank: 2	2 KB
2	google.de www.google.de — Cisco Umbrella Rank: 5880 adservice.google.de — Cisco Umbrella Rank: 8253	1 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	20 KB
2	blueconic.net bobit.blueconic.net — Cisco Umbrella Rank: 308007	2 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 36	1 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 200	6 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 194	27 KB
1	worktruckonline.com 1 redirects e.mail.worktruckonline.com — Cisco Umbrella Rank: 341219	2 KB
61	15

	Domain	Requested by
10	www.fleetforwardthetour.com	www.fleetforwardthetour.com
8	bccdp.fleetforwardthetour.com	www.fleetforwardthetour.com bccdp.fleetforwardthetour.com
4	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
4	use.typekit.net	www.fleetforwardthetour.com use.typekit.net
4	ka-p.fontawesome.com	kit.fontawesome.com www.fleetforwardthetour.com
4	eventsimages.bobitstudios.com	www.fleetforwardthetour.com
4	www.googletagmanager.com	www.fleetforwardthetour.com www.googletagmanager.com
3	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net
2	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	d.mail.fleetforwardthetour.com	www.fleetforwardthetour.com d.mail.fleetforwardthetour.com
2	bobit.blueconic.net	bccdp.fleetforwardthetour.com
1	www.google.com	tpc.googlesyndication.com
1	1e1e11b347a8b9c5e584eb24f0a7c1f0.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	www.google.de	www.fleetforwardthetour.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	p.typekit.net	use.typekit.net
1	fonts.googleapis.com	www.fleetforwardthetour.com
1	cdnjs.cloudflare.com	www.fleetforwardthetour.com
1	www.googletagservices.com	www.fleetforwardthetour.com
1	kit.fontawesome.com	www.fleetforwardthetour.com
1	googleads.g.doubleclick.net	1 redirects
1	click.bobitstudios.com	1 redirects
1	e.mail.worktruckonline.com	1 redirects
61	27

This site contains links to these domains. Also see Links.

Domain
www.fleetforward.com
cvent.me
www.bobitbusinessmedia.com

Subject Issuer	Validity	Valid
*.fleetforwardthetour.com E1	`2022-12-21` - `2023-03-21`	3 months	crt.sh
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-22` - `2023-12-23`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
bccdp.deliverycon.com Amazon RSA 2048 M02	`2022-12-15` - `2024-01-13`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-12-12` - `2023-03-06`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
use.typekit.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-14` - `2023-10-15`	a year	crt.sh
*.blueconic.net Amazon	`2022-07-08` - `2023-08-06`	a year	crt.sh
d.mail.fleetforwardthetour.com Cloudflare Inc ECC CA-3	`2022-09-16` - `2023-09-15`	a year	crt.sh
www.google.de GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-12-12` - `2023-03-06`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-12-12` - `2023-03-06`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://www.fleetforwardthetour.com/register/stop-1?utm_medium=banner&utm_source=WTenl
Frame ID: B083480517182BD756403F19327C440C
Requests: 55 HTTP requests in this frame

Frame: https://d.mail.fleetforwardthetour.com/connect.html?connectUrl=https%3A%2F%2Fd.mail.fleetforwardthetour.com&cookieDomain=mail.fleetforwardthetour.com&cookieLife=365&sameSiteDisable=false&trackKey=fleet_forward_the_tour
Frame ID: 7EFE95CCAA7F4BF0F3A562BA14A4D941
Requests: 1 HTTP requests in this frame

Frame: https://1e1e11b347a8b9c5e584eb24f0a7c1f0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: D6D24310F00722BE75F74588756857C2
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 0EB1E2699B1DBFED25094272F68DD258
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: ACFF07175FF44B305D75C9A9BA6285F5
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Phoenix Tour Stop Registration | Where Leaders In Fleet Mobility Connect

Page URL History Show full URLs

https://e.mail.worktruckonline.com/c2/1695:63becf5cee0c6cddbf026a75:ot:636c2709369118030b0e1a7d:1/68bebbb0?jwtH... HTTP 302
https://click.bobitstudios.com/dfpjump?iu=/86855500/inline01&sz=468x60|468x120&t=enewsletter=wt_weeklythurs... HTTP 302
https://googleads.g.doubleclick.net/pcs/click?xai=AKAOjsusZwETSU4sp3Ylj5YgU1a9xLEeCgsdYKFdSKo8qO75rNt-AbDaGeXOer... HTTP 302
https://www.fleetforwardthetour.com/register/stop-1?utm_medium=banner&utm_source=WTenl Page URL

Detected technologies

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
kit\.fontawesome\.com/([0-9a-z]+).js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

61
Requests

100 %
HTTPS

92 %
IPv6

15
Domains

27
Subdomains

23
IPs

5
Countries

962 kB
Transfer

2811 kB
Size

24
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://www.fleetforward.com/

Search URL Search Domain Scan URL

URL: https://cvent.me/0R7PBq?RefId=att
Title: Register

Search URL Search Domain Scan URL

URL: https://cvent.me/QD19v1?RefId=att
Title: Register

Search URL Search Domain Scan URL

URL: https://cvent.me/2wdkrE?RefId=att
Title: Register Now!

Search URL Search Domain Scan URL

URL: https://www.bobitbusinessmedia.com/bobit-business-media-terms-of-use/
Title: Terms Of Use

Search URL Search Domain Scan URL

URL: https://www.bobitbusinessmedia.com/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://e.mail.worktruckonline.com/c2/1695:63becf5cee0c6cddbf026a75:ot:636c2709369118030b0e1a7d:1/68bebbb0?jwtH=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9&jwtP=eyJpYXQiOjE2NzM1NDY0NTcsImNkIjoiLm1haWwud29ya3RydWNrb25saW5lLmNvbSIsImNlIjo4NjQwMCwidGsiOiJ3b3JrLXRydWNrIiwibXRsSUQiOiI2M2JlY2Y5M2FjYmMwM2Q2YTYwMGJjNWYiLCJsaW5rVXJsIjoiaHR0cHM6XC9cL2NsaWNrLmJvYml0c3R1ZGlvcy5jb21cL2RmcGp1bXA_aXU9XC84Njg1NTUwMFwvaW5saW5lMDEmc3o9NDY4eDYwfDQ2OHgxMjAmdD1lbmV3c2xldHRlcj13dF93ZWVrbHl0aHVyc2RheSZjPVtUSU1FU1RBTVBdJnV0bV9zb3VyY2U9bmV3c2xldHRlciZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9jYW1wYWlnbj0yMDIzMDExMl8xNjk1OjYzYmVjZjVjZWUwYzZjZGRiZjAyNmE3NTpvdF9OTC1XVC1UaHVyc2RheS0yMDIzMDExMiZvbWlkPTExMDIzNzQ3NzAmY2lkPTYzNmMyNzA5MzY5MTE4MDMwYjBlMWE3ZCJ9&jwtS=0B0rpILNHwr7piy5KxbOLNJrUYuKBWVEYawy8Uh4XPc HTTP 302
https://click.bobitstudios.com/dfpjump?iu=/86855500/inline01&sz=468x60|468x120&t=enewsletter=wt_weeklythursday&c=[TIMESTAMP]&utm_source=newsletter&utm_medium=email&utm_campaign=20230112_1695:63becf5cee0c6cddbf026a75:ot_NL-WT-Thursday-20230112&omid=1102374770&cid=636c2709369118030b0e1a7d HTTP 302
https://googleads.g.doubleclick.net/pcs/click?xai=AKAOjsusZwETSU4sp3Ylj5YgU1a9xLEeCgsdYKFdSKo8qO75rNt-AbDaGeXOerDlgulhuCUj4l17KAVcId2R-82D6OMX9gNuTPL98uTtysxjfycG4ybPLYqioyWdpxqueGqUjQPacK9VGnpLbCcmHmrGNrEJghx72c2DPzNy5riGMpVLZUIWAOpLpQ-WPIPavhI71ZOlXt9eNNToVNLS6ybuHPunCPNSA3EwXbnSxwKAj3vCSm1h6TjjN5SffYc1wxgGZ7P_L66NbKb3tjCe_NvHZIgm-Qc3IA&sai=AMfl-YTuA7uvjqF9wNW4_7L49G9-Dka2M3ktza5B1VyC86XqNRA8AIKan-IZgu_36--m0vb7-4VvzjaPGpEO7Zm3aA&sig=Cg0ArKJSzAOdjbu6hDSl&fbs_aeid=[gw_fbsaeid]&adurl=https://www.fleetforwardthetour.com/register/stop-1%3Futm_medium%3Dbanner%26utm_source%3DWTenl HTTP 302
https://www.fleetforwardthetour.com/register/stop-1?utm_medium=banner&utm_source=WTenl Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

61 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request stop-1 Show response
www.fleetforwardthetour.com/register/
Redirect Chain

https://e.mail.worktruckonline.com/c2/1695:63becf5cee0c6cddbf026a75:ot:636c2709369118030b0e1a7d:1/68bebbb0?jwtH=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9&jwtP=eyJpYXQiOjE2NzM1NDY0NTcsImNkIjoiLm1haWw...
https://click.bobitstudios.com/dfpjump?iu=/86855500/inline01&sz=468x60|468x120&t=enewsletter=wt_weeklythursday&c=[TIMESTAMP]&utm_source=newsletter&utm_medium=email&utm_campaign=20230112_1695:63becf...
https://googleads.g.doubleclick.net/pcs/click?xai=AKAOjsusZwETSU4sp3Ylj5YgU1a9xLEeCgsdYKFdSKo8qO75rNt-AbDaGeXOerDlgulhuCUj4l17KAVcId2R-82D6OMX9gNuTPL98uTtysxjfycG4ybPLYqioyWdpxqueGqUjQPacK9VGnpLbCc...
https://www.fleetforwardthetour.com/register/stop-1?utm_medium=banner&utm_source=WTenl

34 KB
9 KB

438ms
335ms

Document
text/html

2606:4700:3033::ac43:bddf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fleetforwardthetour.com/register/stop-1?utm_medium=banner&utm_source=WTenl
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:bddf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 6a1b67080492bc4ad4fad077be835542b651c01616cb11d68f3cb052eaa44d42

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 7887e6154c04917c-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Thu, 12 Jan 2023 18:19:09 GMT
expires: -1
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dZEaBMyQgnTkA96mAEj2fz85sGF9zOjgrcBd8LZfybrKB3vBGl57KfUE7CKaNxK%2BAonvB5kYJBMF9JM2n9sD5axE60Vkhj4jqNxVUzJaP2Za1VUTLUQ1HuJ0dD8rIlUhxd7cYBP5L1lh3GLYZ6MU0G5ZVK1Lyt4jHFM%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-aspnetmvc-version: 5.2
x-powered-by: ASP.NET

Redirect headers

accept-ch: Sec-CH-UA-Arch Sec-CH-UA-Bitness Sec-CH-UA-Full-Version Sec-CH-UA-Full-Version-List Sec-CH-UA-Model Sec-CH-UA-Platform Sec-CH-UA-Platform-Version Sec-CH-UA-WoW64
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 12 Jan 2023 18:19:08 GMT
location: https://www.fleetforwardthetour.com/register/stop-1?utm_medium=banner&utm_source=WTenl
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 786a666894.js Show response
kit.fontawesome.com/ 11 KB
4 KB 160ms
68ms Script
text/javascript 2606:4700::6812:1734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://kit.fontawesome.com/786a666894.js

Requested by

Host: www.fleetforwardthetour.com
URL: https://www.fleetforwardthetour.com/register/stop-1?utm_medium=banner&utm_source=WTenl

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cbf727286baa5304c9b3eef7a84496f16b469b84df3febacae636c833925e942

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fleetforwardthetour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 18:19:09 GMT
strict-transport-security: max-age=31536000; preload
content-encoding: gzip
cf-cache-status: REVALIDATED
server: cloudflare
access-control-max-age: 3000
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=60, public, must-revalidate
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
cf-ray: 7887e61878b968ef-FRA
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id: Fyl9CsL9c7u3sbNwHQoB

GET
H2 200 source-sans-pro.css
www.fleetforwardthetour.com/content/css/ 7 KB
861 B 167ms
166ms Stylesheet
text/css 2606:4700:3033::ac43:bddf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fleetforwardthetour.com/content/css/source-sans-pro.css
Requested by: Host: www.fleetforwardthetour.com
URL: https://www.fleetforwardthetour.com/register/stop-1?utm_medium=banner&utm_source=WTenl
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:bddf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 4cba099e44393284e6e12d54e8a16584c3f20e8119f821dfcd804d52dab8eb17

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fleetforwardthetour.com/register/stop-1?utm_medium=banner&utm_source=WTenl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 18:19:09 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 10 Jan 2023 18:06:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"0b4dd311e25d91:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xM1JU9A67pr2CbcKKSahJAuqpNa1fJKwUoA0GLLxC0gKkpWYJ%2F6gL6pB%2BQwT11wWgqCHsFMlGIV4vbdXmd1dElQ7MQ9DJ1O7pfrRbzPIkcVxOBhvts%2Feqq7bRpXKCCSCrGR0XKsKQEFHUeoqvCZne1t7F7zQyeDpif0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 7887e617ea4a917c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 lity.css
www.fleetforwardthetour.com/Content/CSS/ 5 KB
1 KB 467ms
466ms Stylesheet
text/css 2606:4700:3033::ac43:bddf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fleetforwardthetour.com/Content/CSS/lity.css
Requested by: Host: www.fleetforwardthetour.com
URL: https://www.fleetforwardthetour.com/register/stop-1?utm_medium=banner&utm_source=WTenl
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:bddf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 6cba92b3b4fcf7622f984225046cdb076bef228488b633d5b2a03ddece0eb201

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fleetforwardthetour.com/register/stop-1?utm_medium=banner&utm_source=WTenl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 18:19:09 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 10 Jan 2023 18:06:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"0b4dd311e25d91:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f9rDO9z0rayfNzLCAn8BO8GUFw7iCp1pt%2Ft986czy6WFAr2YzzrBctwrBcZ%2BWpWvPdluWplon5xE%2F632w8VbH470XR%2FWpetgBHTa8PvyXGXMNbAKw%2FBFJp%2FKyZ8RU%2FWvS%2FtqrJJ%2BqOdI4Ai2QgkN5JRu%2FFWXogrvRFM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 7887e617ea50917c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 css
www.fleetforwardthetour.com/ 22 KB
5 KB 265ms
264ms Stylesheet
text/css 2606:4700:3033::ac43:bddf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fleetforwardthetour.com/css?v=ldGY5dIrv2vnY8op_eBvFNTbGjN5OZu3wA2dsJtSO0A1
Requested by: Host: www.fleetforwardthetour.com
URL: https://www.fleetforwardthetour.com/register/stop-1?utm_medium=banner&utm_source=WTenl
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:bddf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 5a9ca1505a532038691ce3eeb02e13812e7ddec4650122482ed9bab8aae1b1d6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fleetforwardthetour.com/register/stop-1?utm_medium=banner&utm_source=WTenl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 18:19:09 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Thu, 12 Jan 2023 18:19:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: ASP.NET
vary: User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9ru9gJWKAiYJWbqz7RmzQXMlfmF2Ozs1ECUNMthmh1pPdTuf6AykmqHRO45AJu5sKsyE5PQ4d5XTCCM9o7CMkp%2Fa6YQWZLQTo4Md9dzsZnbtZvUsj2FVguupka4GQ%2FthwpDRRwtbxAi%2FC6xCk5m1oHkfbgrfkxHiI38%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
cache-control: public
cf-ray: 7887e617ea53917c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 12 Jan 2024 18:19:09 GMT

GET
H2 200 style.css
www.fleetforwardthetour.com/content/css/sites/fftt/ 182 KB
27 KB 205ms
205ms Stylesheet
text/css 2606:4700:3033::ac43:bddf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fleetforwardthetour.com/content/css/sites/fftt/style.css?v=2023011210
Requested by: Host: www.fleetforwardthetour.com
URL: https://www.fleetforwardthetour.com/register/stop-1?utm_medium=banner&utm_source=WTenl
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:bddf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: b85edc76449e83ad292fe8a9623c711b0e77a7ae3afba2f07b8f74dcab425c38

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fleetforwardthetour.com/register/stop-1?utm_medium=banner&utm_source=WTenl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 18:19:09 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 10 Jan 2023 18:06:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"0b4dd311e25d91:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=45tpWPZwsMONOMkbVyq5obEl8QXhDfcSzfcM7gzOUlk8zoJzf%2BwJwDnWZvSVK3zwrjnDBGGu9JN9zAMPcIiQRdq8L3ACSwSV2q68Gkg9%2BEydHHpJ9eBQi3P1BL8x33zg9jcSZObuzYBxwjAmnt2grfn5p17PPAmBobI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 7887e617ea55917c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 79 KB
27 KB 229ms
84ms Script
text/javascript 2a00:1450:400d:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.fleetforwardthetour.com
URL: https://www.fleetforwardthetour.com/register/stop-1?utm_medium=banner&utm_source=WTenl

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a5d81252411137b0b202bb5acb0f3bdfaaecc897bddf84287da38cca1fb047

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fleetforwardthetour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 18:19:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27544
x-xss-protection: 0
server: sffe
etag: "1449 / 824 of 1000 / last-modified: 1673525422"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 12 Jan 2023 18:19:10 GMT

GET
H2 200 js Show response
www.fleetforwardthetour.com/ 146 KB
48 KB 262ms
261ms Script
text/javascript 2606:4700:3033::ac43:bddf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fleetforwardthetour.com/js?v=kII0mx5xD5nYt2R0-bl1cdngPoRzaTBmCqs3aGIRMCY1
Requested by: Host: www.fleetforwardthetour.com
URL: https://www.fleetforwardthetour.com/register/stop-1?utm_medium=banner&utm_source=WTenl
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:bddf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: e7b638543eda8dc1451acd226842ba0f928f9ced0a57e15e6184e2a3deba6e54

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fleetforwardthetour.com/register/stop-1?utm_medium=banner&utm_source=WTenl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 18:19:09 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Thu, 12 Jan 2023 18:19:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: ASP.NET
vary: User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mytQURBBine8j9CwyMibS5W65eLMPSQ8Af65wMTKUHDoSOtu2z76teNBrMId3ACLUHN88dmwLw1rDNjHNGGr4tPk8c7Bo4CBLKFZ0KbPn67G750MFNLNwVx8hvFC%2B9kuwzFa1xaO%2FjnuF834WbyxCteDKMJBDvG6%2Fo4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
cache-control: public
cf-ray: 7887e6180a8e917c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 12 Jan 2024 18:19:09 GMT

GET
H2 200 postscribe.min.js Show response
cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.8/ 17 KB
6 KB 126ms
47ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.8/postscribe.min.js

Requested by

Host: www.fleetforwardthetour.com
URL: https://www.fleetforwardthetour.com/register/stop-1?utm_medium=banner&utm_source=WTenl

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c4e20f53f5ef0ed44b783437aa3f4638a9a56cc4aa29ae83ed9212eb2807052a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fleetforwardthetour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 18:19:09 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 4753
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5117
last-modified: Mon, 04 May 2020 16:15:38 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03faa-45f4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FexPm42j4eeTT4iHTnnfAEhmT6sE%2B7YRMM0PXhv3cujLTKZQ%2B7UvPuc8XZ0GAvHNLmVcTbB9Mz5IO4SgSVwNqCvZ7ewkxkQWOrEniLMB8UL8AA9pK43sfeD31TzTj1xvv59ikHgatP0cu5kqVM9IKS1%2B"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7887e6187ab38ffe-FRA
expires: Tue, 02 Jan 2024 18:19:09 GMT

GET
H2 200 registration-table.css
www.fleetforwardthetour.com/content/css/ 6 KB
1 KB 159ms
158ms Stylesheet
text/css 2606:4700:3033::ac43:bddf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fleetforwardthetour.com/content/css/registration-table.css?v=2023011210
Requested by: Host: www.fleetforwardthetour.com
URL: https://www.fleetforwardthetour.com/register/stop-1?utm_medium=banner&utm_source=WTenl
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:bddf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: a7e36d1716a06471094f086a13507322aa49b2e3b4ddc2b6760ba7f8e7c63e85

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fleetforwardthetour.com/register/stop-1?utm_medium=banner&utm_source=WTenl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 18:19:09 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 10 Jan 2023 18:06:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"0b4dd311e25d91:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9QDfcl7LnT3tBxe3ud4ysjR191UP4lMo9K7sxOmvCvdrCAIWnib0tp8Qcf%2B1DAxD1QvsBJPhNGhdJeZxLglM7afANx831vwKXMVCBQDjSXKf8Ikf9C1vhvU1URyw2FEuMGl8kh2QYoVyCBFZqLrU96SjPN5d43%2FCq2U%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 7887e6180a93917c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 script.js Show response
bccdp.fleetforwardthetour.com/ 141 KB
43 KB 147ms
44ms Script
text/javascript 65.9.66.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bccdp.fleetforwardthetour.com/script.js

Requested by

Host: www.fleetforwardthetour.com
URL: https://www.fleetforwardthetour.com/register/stop-1?utm_medium=banner&utm_source=WTenl

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.27 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-66-27.fra56.r.cloudfront.net

Software

- /

Resource Hash

abcb0446381dd18567e85ebe484a302708df071544a8d59fccbc46af0fab0470

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fleetforwardthetour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 18:12:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 fdd677a35b242f0199586a71e2f6859e.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA56-C1
age: 420
x-cache: Hit from cloudfront
p3p: policyref="", CP="DSP"
content-length: 43133
x-xss-protection: 1; mode=block
last-modified: Thu, 12 Jan 2023 18:12:07 GMT
server: -
etag: b46286ac40b3790b7011f0c23ca4cb0d
content-type: text/javascript; charset=utf-8
cache-control: public, no-cache="Set-Cookie", max-age=600
x-robots-tag: noindex, nofollow
x-amz-cf-id: w8qc0LReqm3M7k8gZIJps4gchXvQa69XbuvDwvfxl42cN0DF7qr5bw==
expires: Thu, 12 Jan 2023 18:22:09 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 113 KB
44 KB 173ms
89ms Script
application/javascript 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-823248-63

Requested by

Host: www.fleetforwardthetour.com
URL: https://www.fleetforwardthetour.com/register/stop-1?utm_medium=banner&utm_source=WTenl

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

996e799930d5a4379f8c65c97ea5fd000b168b2990ba786c68fb6e876c887f77

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fleetforwardthetour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 18:19:10 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 45224
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 12 Jan 2023 18:19:10 GMT

GET
H2 200 volvo_spread_word_mark__black300px.png
eventsimages.bobitstudios.com/upload/logos/ffc/sponsor-logos/2021/ 7 KB
7 KB 204ms
187ms Image
image/png 2606:4700:20::681a:fcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eventsimages.bobitstudios.com/upload/logos/ffc/sponsor-logos/2021/volvo_spread_word_mark__black300px.png
Requested by: Host: www.fleetforwardthetour.com
URL: https://www.fleetforwardthetour.com/register/stop-1?utm_medium=banner&utm_source=WTenl
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:fcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 92c8274efeb69f701eaafbb95250927d02432190657ec4bafc4fda26e648be57

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fleetforwardthetour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 18:19:10 GMT
content-encoding
x-amz-version-id: KTXhL_B.PHfrFfCZC1bZuZx5ryOW.5f0
cf-cache-status: HIT
x-amz-meta-expires: Tue, 24 Jun 2031 13:53:46 GMT
x-amz-request-id: QBG4Y84PT7HJFBNQ
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6942
x-amz-id-2: ByLSkvsemEyZQwB252ktr/A3u6VjkCXQXDNJtD2mjfGzw5LgwTNEmee3z81lR8wk//MbOw+TBq0=
last-modified: Thu, 24 Jun 2021 20:53:47 GMT
server: cloudflare
etag: "9f76a468ba75b067b800789afc6e0389"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KZeFpZCwO5uhxvmP4m8T1gLW3d7P%2F7hDfkX9fGzzngl%2F4pN5wgW6x%2Fa2OIGepMMMBhtmjKIC8MErbFEIgc1Emu8WlS38roStDV2ob0pgWxqirDZEc0eqeuf3d3Kz2tul07b2W2nWZRcGb9VopnWa0orGOdCt59pPBEo4"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7887e61d2fff5c4a-FRA

GET
H3 200 email-decode.min.js Show response
www.fleetforwardthetour.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 43ms
43ms Script
application/javascript 2606:4700:3033::ac43:bddf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fleetforwardthetour.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: www.fleetforwardthetour.com
URL: https://www.fleetforwardthetour.com/register/stop-1?utm_medium=banner&utm_source=WTenl

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:bddf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fleetforwardthetour.com/register/stop-1?utm_medium=banner&utm_source=WTenl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 18:19:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 10 Jan 2023 10:27:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"63bd3d79-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OAeLDZowPtjU1NW%2Bd6kpHgrNFTLA26J%2F1blg3A8DYzC00CBzz6OJicxY2X5gi0hc3boP1rwvj%2FIys%2BPTvtcoDdN6hb7N17ns%2Bh%2BpS1jgwMahzc7Lxx7X0u5pQvub2B8DpYxpmfNbNOnN3GPUE3H9wdJ4l7q073WOOKQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 7887e61b7fd09b4f-FRA
expires: Sat, 14 Jan 2023 18:19:09 GMT

GET
H3 200 scrollToHash.js Show response
www.fleetforwardthetour.com/Content/JS/ 935 B
963 B 48ms
47ms Script
application/javascript 2606:4700:3033::ac43:bddf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fleetforwardthetour.com/Content/JS/scrollToHash.js
Requested by: Host: www.fleetforwardthetour.com
URL: https://www.fleetforwardthetour.com/register/stop-1?utm_medium=banner&utm_source=WTenl
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:bddf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: c8640d32905b2e54a3b396baaeaed888adaef9cefe6c4295c7285a3ec0639f81

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fleetforwardthetour.com/register/stop-1?utm_medium=banner&utm_source=WTenl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 18:19:10 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 10 Jan 2023 18:06:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1089
etag: W/"0b4dd311e25d91:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=upOtRK4l%2BRKYL58NcN7eyHEDNDnCSctPZuWpDocAJO7KLqxSSg9%2FGet3S1Scuy7qoDr%2FP9G7KTveqGqvIFEKtqN5Ler5CbCctzPL2N8vEc7j1qacga8NJU3AXgEs5JCblWgUz%2BpFQ6N8sFumisHm8sZbJOdKOjCxokU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=86400
cf-ray: 7887e61cba7c9b4f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 ffc12-21-17708-thetour-logowht.png
eventsimages.bobitstudios.com/upload/logos/ffrs/show-logos/ 15 KB
16 KB 232ms
215ms Image
image/webp 2606:4700:20::681a:fcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eventsimages.bobitstudios.com/upload/logos/ffrs/show-logos/ffc12-21-17708-thetour-logowht.png
Requested by: Host: www.fleetforwardthetour.com
URL: https://www.fleetforwardthetour.com/register/stop-1?utm_medium=banner&utm_source=WTenl
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:fcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2a172791f43fddfb2f65343877ae02d667742cde6b7975b7ede31caad68793cf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fleetforwardthetour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 18:19:10 GMT
x-amz-version-id: I05crYS6U.uh_atETIwMJCzubk4NI.Hv
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-meta-expires: Sun, 07 Mar 2032 13:21:03 GMT
x-amz-request-id: Y5709JYCTGFFSVE6
cf-polished: origFmt=png, origSize=38776
content-disposition: inline; filename="ffc12-21-17708-thetour-logowht.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15610
x-amz-id-2: IxODXPupUEwIf7/N884mNbH/bvg6I1FHdpQwby9YkGXYUDOthFIZELv90A56Nts/FvWHNwUgMck=
cf-bgj: imgq:85,h2pri
last-modified: Mon, 07 Mar 2022 21:21:04 GMT
server: cloudflare
etag: "32eb897358e71ae613a69e01dc1d7820"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4uwnjTVakwCAZWK6X%2FjLFwJ60ZQ1CCQheuvrYXvYRuYldpVGOusEF2G38fz1KyhaQ6pvGDnGZreUXvU4MNx1k0XE1JgYzulh%2Fe46pzJdHwJdGtwzfVnBITLnT354wEhrIouzGmUlb318NU6VfExvEhqF%2BomOsAiD1KvB"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7887e61d28175c4a-FRA

GET
H2 200 pro.min.css Show response
ka-p.fontawesome.com/releases/v5.15.4/css/ 315 KB
53 KB 231ms
135ms Fetch
text/css 2606:4700::6812:1734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v5.15.4/css/pro.min.css?token=786a666894
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/786a666894.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 37c65071f378cc9582aabdda3b52979ef901f2925e3f3c3dc597f41eac0f1b6d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fleetforwardthetour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 18:19:09 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: "610ae215-d3b2"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 7887e619b9328ff8-FRA
content-length: 54194

GET
H2 200 pro-v4-shims.min.css Show response
ka-p.fontawesome.com/releases/v5.15.4/css/ 26 KB
4 KB 209ms
113ms Fetch
text/css 2606:4700::6812:1734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v5.15.4/css/pro-v4-shims.min.css?token=786a666894
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/786a666894.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4245ecca2a4b50d7fd9adc9a965ed1f9b4ec24e9935e34c80efafc0f856d54c6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fleetforwardthetour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 18:19:09 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: "610ae215-1062"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 7887e619b9348ff8-FRA
content-length: 4194

GET
H3 200 print.css
www.fleetforwardthetour.com/content/css/ 6 KB
2 KB 157ms
156ms Stylesheet
text/css 2606:4700:3033::ac43:bddf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fleetforwardthetour.com/content/css/print.css?v=2023011210
Requested by: Host: www.fleetforwardthetour.com
URL: https://www.fleetforwardthetour.com/register/stop-1?utm_medium=banner&utm_source=WTenl
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:bddf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 20182789ba5a18f1ae0ced91aeebae0bfc64de9890b777fcf0be494c46cde9c3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fleetforwardthetour.com/register/stop-1?utm_medium=banner&utm_source=WTenl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 18:19:10 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 10 Jan 2023 18:06:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"0b4dd311e25d91:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b0rzMwToAVQVvDfaDDIN5p3lrzjWCF6hcu1X5nK3YMhMQ6sm7AZHPc2Qgliv6hcIsVPAvFIr5lANXuX6m479aDh2OELVoyL%2Bjpb1S3Ww1Uy%2B4CvtZMpBf56dCSHQSmP6r3CKhbzCQ9XygDMSljZx7h5M1x543z61PGY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 7887e61d1b299b4f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 css
fonts.googleapis.com/ 6 KB
1 KB 196ms
73ms Stylesheet
text/css 2a00:1450:400d:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:400,400i,700,700i

Requested by

Host: www.fleetforwardthetour.com
URL: https://www.fleetforwardthetour.com/content/css/sites/fftt/style.css?v=2023011210

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

56392a97bf35956d4a099fbf3c764a01ee1f2cf2e070a0d8aacf458dbecca0a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fleetforwardthetour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 12 Jan 2023 18:19:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 12 Jan 2023 18:13:56 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 12 Jan 2023 18:19:09 GMT

GET
H2 200 tqw5euv.css
use.typekit.net/ 3 KB
957 B 350ms
188ms Stylesheet
text/css 2a02:26f0:11a::217:9a58
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/tqw5euv.css

Requested by

Host: www.fleetforwardthetour.com
URL: https://www.fleetforwardthetour.com/content/css/sites/fftt/style.css?v=2023011210

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:11a::217:9a58 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

08424b7deb94b02ed9ab160711a150e0217aaa8cf5963dd6dfc7f8f29127a717

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fleetforwardthetour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
date: Thu, 12 Jan 2023 18:19:09 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 725

GET
H2 200 p.css
p.typekit.net/ 5 B
181 B 205ms
45ms Stylesheet
text/css 2a02:26f0:11a::6867:4832
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=tqw5euv&ht=tk&f=26053.26054.26056.26062&a=83411387&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/tqw5euv.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:11a::6867:4832 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://use.typekit.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 18:19:10 GMT
last-modified: Sun, 01 May 2022 15:58:42 GMT
server: nginx
etag: "626eae32-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H2 200 cs Show response
bobit.blueconic.net/DG/DEFAULT/ 16 B
703 B 371ms
120ms Script
text/javascript 18.204.49.189
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://bobit.blueconic.net/DG/DEFAULT/cs?&callback=bc_json298

Requested by

Host: bccdp.fleetforwardthetour.com
URL: https://bccdp.fleetforwardthetour.com/script.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.204.49.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-204-49-189.compute-1.amazonaws.com

Software

- /

Resource Hash

9b7dc8c3594749490640dc8334809247d3d2abb640116a10f0a6aa447e9220f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fleetforwardthetour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 12 Jan 2023 18:19:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: -
x-permitted-cross-domain-policies: master-only
content-type: text/javascript; charset=utf-8
p3p: policyref="", CP="DSP"
cache-control: no-cache, no-store, no-transform, must-revalidate, private
x-robots-tag: noindex, nofollow
content-length: 36
x-xss-protection: 1; mode=block
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 97 KB
39 KB 132ms
49ms Script
application/javascript 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WHTH23S

Requested by

Host: www.fleetforwardthetour.com
URL: https://www.fleetforwardthetour.com/register/stop-1?utm_medium=banner&utm_source=WTenl

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6d970e78937769ffac33e4145a3c41f003bcfc38c888b497887cbf76c6b94c15

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fleetforwardthetour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 18:19:10 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39168
x-xss-protection: 0
last-modified: Thu, 12 Jan 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 12 Jan 2023 18:19:10 GMT

GET
H2 200 ffc12-21-17708-thetour-logo-__-0x200-r.png
eventsimages.bobitstudios.com/upload/logos/ffrs/show-logos/ 14 KB
14 KB 279ms
275ms Image
image/webp 2606:4700:20::681a:fcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eventsimages.bobitstudios.com/upload/logos/ffrs/show-logos/ffc12-21-17708-thetour-logo-__-0x200-r.png
Requested by: Host: www.fleetforwardthetour.com
URL: https://www.fleetforwardthetour.com/register/stop-1?utm_medium=banner&utm_source=WTenl
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:fcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: edabdc9e71d18b2d444cd12e39eec3ca72c0052a12e47e02ee55567fb0cb0162

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fleetforwardthetour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 18:19:10 GMT
x-amz-version-id: n6vlzkOlepp7TyEEaMmFEYiikWvGxiw5
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: D96FM4QG41WTHQ5T
cf-polished: origFmt=png, origSize=24200
content-disposition: inline; filename="ffc12-21-17708-thetour-logo-__-0x200-r.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13970
x-amz-id-2: 4++cgfKHUCZCctzGi02o0w7PL/j2ELWx5Zc+PFRypEvoCH8LxAmuLovpvbMhID0dne98YGAmJzo=
cf-bgj: imgq:85,h2pri
last-modified: Mon, 07 Mar 2022 21:24:02 GMT
server: cloudflare
etag: "901de609157821f504dd675e87e1c1cd"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ePo5nQN5QiTWfXZ6p%2FeW7bKg9WIzBg4uKBZlJBfUyH2C1CWeN7NQlTqerTfp2AeEL0ZXDNdlKJ1CtH3XV10bZOojZB%2B81xu%2Bzqsoym3yihpZdb1PT%2FPTkh9Pt7mtWhRYNejTrpX%2FGBdv16X94%2BbTlXaLxsv0lhP%2BGTK3"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7887e61d28155c4a-FRA

GET
H2 200 fleetforward_logo_hr-__-0x200-r.png
eventsimages.bobitstudios.com/upload/logos/ffc/show-logos/ 26 KB
26 KB 209ms
206ms Image
image/webp 2606:4700:20::681a:fcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eventsimages.bobitstudios.com/upload/logos/ffc/show-logos/fleetforward_logo_hr-__-0x200-r.png
Requested by: Host: www.fleetforwardthetour.com
URL: https://www.fleetforwardthetour.com/register/stop-1?utm_medium=banner&utm_source=WTenl
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:fcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e7a555c279a422594b3819c7ddf5e4b0fa20cd713f4cb08a96e2f9e6654aba29

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fleetforwardthetour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 18:19:10 GMT
x-amz-version-id: lVpu1lbKmNNeNC_qnsxt.0HD0eM7qc9u
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: CA3P13T99W336GAT
cf-polished: origFmt=png, origSize=48554
content-disposition: inline; filename="fleetforward_logo_hr-__-0x200-r.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 26532
x-amz-id-2: 749FDHKq00qcOhvvCgOLA3jpxzZMuq+5i77pihdQwt3aHMCII73NgXq8TfHrLXHlYSrDm/L9pYk=
cf-bgj: imgq:85,h2pri
last-modified: Wed, 23 Jun 2021 06:07:53 GMT
server: cloudflare
etag: "84281569dcc215f1c0a82bbd644669b8"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QPytkZeh%2FVio8U3ROc1EALCjmYOI2qH2%2Fk1Yz6VKT%2BG9t1EcDtLU2vl5OeoNE1EttjiPZw4%2Bry1OxZ31rRwTflyq62R543VEg0sLz9ruf7ARmxqGL2CPlRmb1JTw6KGpXzaw6U0hb1qdSloHItqG%2FFrRUWSc8XlXxbba"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7887e61d28215c4a-FRA

GET
H2 200 l
use.typekit.net/af/6d4bb2/00000000000000003b9acafc/27/ 26 KB
26 KB 182ms
48ms Font
application/font-woff2 2a02:26f0:11a::217:9a58
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/6d4bb2/00000000000000003b9acafc/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/tqw5euv.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:11a::217:9a58 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: da03f140d305f2abdf496bdd3fad9cfed87a237cf09f6a2edcec58bc5a1f044d

Request headers

Referer: https://use.typekit.net/tqw5euv.css
Origin: https://www.fleetforwardthetour.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 18:19:10 GMT
server: nginx
etag: "7d4a321fb4284bed9856c33aee6c065aba0855a7"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 26392

GET
H2 200 l
use.typekit.net/af/46da36/00000000000000003b9acaf6/27/ 26 KB
26 KB 179ms
46ms Font
application/font-woff2 2a02:26f0:11a::217:9a58
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/46da36/00000000000000003b9acaf6/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/tqw5euv.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:11a::217:9a58 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 464b561ee00c86db1cddb80f2c9d6febbc2c1aa95f422fa73a4fb8ef7d5d5028

Request headers

Referer: https://use.typekit.net/tqw5euv.css
Origin: https://www.fleetforwardthetour.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 18:19:10 GMT
server: nginx
etag: "de29fb2e3e401b15877c6b3a0953702fe7fa1105"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 26812

GET
H2 200 pro-fa-regular-400-5.0.0.woff2
ka-p.fontawesome.com/releases/v5.15.4/webfonts/ 23 KB
23 KB 61ms
61ms Font
font/woff2 2606:4700::6812:1734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v5.15.4/webfonts/pro-fa-regular-400-5.0.0.woff2
Requested by: Host: www.fleetforwardthetour.com
URL: https://www.fleetforwardthetour.com/register/stop-1?utm_medium=banner&utm_source=WTenl
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 78f2234a60cbe6920db07df9663c0b035d9a602d8f7b82e174fc9e0f5bf89ad0

Request headers

Referer: https://www.fleetforwardthetour.com/
Origin: https://www.fleetforwardthetour.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 18:19:10 GMT
cf-cache-status: MISS
last-modified: Wed, 04 Aug 2021 18:58:36 GMT
server: cloudflare
etag: "610ae35c-5b14"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 7887e61d2e138ff8-FRA
content-length: 23316

GET
H2 200 l
use.typekit.net/af/aa5b59/00000000000000003b9acaf7/27/ 27 KB
28 KB 171ms
48ms Font
application/font-woff2 2a02:26f0:11a::217:9a58
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/aa5b59/00000000000000003b9acaf7/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/tqw5euv.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:11a::217:9a58 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: eaabac1568a0ddd3d522fa4c0e4844724b6b75176f42880d6f29cfe5adabeaed

Request headers

Referer: https://use.typekit.net/tqw5euv.css
Origin: https://www.fleetforwardthetour.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 18:19:10 GMT
server: nginx
etag: "0ac7effaca5a70e9779bf9fe86cd38f3c6730e8b"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 28032

GET
H2 200 track.v2.js Show response
d.mail.fleetforwardthetour.com/ 61 KB
19 KB 339ms
227ms Script
application/javascript 2606:4700::6812:487f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://d.mail.fleetforwardthetour.com/track.v2.js

Requested by

Host: www.fleetforwardthetour.com
URL: https://www.fleetforwardthetour.com/register/stop-1?utm_medium=banner&utm_source=WTenl

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:487f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f30e0ab8c9b0141e902c7a24cbfa6ceab90b5e60527bbadc0cbe39b5d194719f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fleetforwardthetour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 18:19:10 GMT
strict-transport-security: max-age=15768000; includeSubDomains; preload;
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Wed, 11 Jan 2023 13:37:48 GMT
x-permitted-cross-domain-policies: none
server: cloudflare
content-encoding: br
etag: W/"63bebbac-f423"
x-download-options: noopen
vary: Accept-Encoding
content-type: application/javascript
x-robots-tag: none
cf-ray: 7887e61df856bb59-FRA
x-xss-protection: 1; mode=block

GET
H2 200 pro-fa-solid-900-5.12.1.woff2
ka-p.fontawesome.com/releases/v5.15.4/webfonts/ 1 KB
1 KB 80ms
80ms Font
font/woff2 2606:4700::6812:1734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v5.15.4/webfonts/pro-fa-solid-900-5.12.1.woff2
Requested by: Host: www.fleetforwardthetour.com
URL: https://www.fleetforwardthetour.com/register/stop-1?utm_medium=banner&utm_source=WTenl
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 38ad3c9c9362784f9ee0309d90babf47f5bff15d6a2269dfbb4d958540e5058c

Request headers

Referer: https://www.fleetforwardthetour.com/
Origin: https://www.fleetforwardthetour.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 18:19:10 GMT
cf-cache-status: MISS
last-modified: Wed, 04 Aug 2021 18:58:42 GMT
server: cloudflare
etag: "610ae362-49c"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 7887e61d4e488ff8-FRA
content-length: 1180

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 223 KB
78 KB 60ms
60ms Script
application/javascript 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-VTPV1K1C2D&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WHTH23S

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3691290cef8e72f85cba17f28184d4adf5314f4e1ddcd91b925670c701e90a71

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fleetforwardthetour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 18:19:10 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 79369
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 12 Jan 2023 18:19:10 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 110 KB
43 KB 49ms
49ms Script
application/javascript 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-823248-63&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WHTH23S

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

40074dda4da74a34a2175009631227c6c5b6573a70e120ccd96769586a3bff4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fleetforwardthetour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 18:19:10 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 44163
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 12 Jan 2023 18:19:10 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 121ms
37ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-823248-63

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fleetforwardthetour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 12 Jan 2023 17:50:29 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 1721
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Thu, 12 Jan 2023 19:50:29 GMT

GET
H2 200 pubads_impl_2023010501.js Show response
securepubads.g.doubleclick.net/gpt/ 384 KB
130 KB 136ms
36ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023010501.js?cb=31071517

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4274543e094ff39715b0b2f65cbfa69121de40baa152c9cf11b77454a05f8284

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fleetforwardthetour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 13:10:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18515
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132895
x-xss-protection: 0
last-modified: Thu, 05 Jan 2023 09:36:55 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 12 Jan 2024 13:10:35 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 49 B
681 B 169ms
71ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.fleetforwardthetour.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

818b50426461fd707e51bbd2a5f0fbfe036a8048b289008b8e4b4b0138a2aff2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fleetforwardthetour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 18:19:10 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46
x-xss-protection: 0
expires: Thu, 12 Jan 2023 18:19:10 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
356 B 141ms
44ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-VTPV1K1C2D&gtm=2oe1a1&_p=931613234&_gaz=1&cid=1017516496.1673547551&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1673547550&sct=1&seg=0&dl=https%3A%2F%2Fwww.fleetforwardthetour.com%2Fregister%2Fstop-1%3Futm_medium%3Dbanner%26utm_source%3DWTenl&dt=Phoenix%20Tour%20Stop%20Registration%20%7C%20Where%20Leaders%20In%20Fleet%C2%A0Mobility%20Connect&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VTPV1K1C2D&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fleetforwardthetour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 12 Jan 2023 18:19:10 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.fleetforwardthetour.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
356 B 142ms
47ms Ping
text/plain 2a00:1450:400c:c03::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-VTPV1K1C2D&cid=1017516496.1673547551&gtm=2oe1a1&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VTPV1K1C2D&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c03::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fleetforwardthetour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 12 Jan 2023 18:19:10 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.fleetforwardthetour.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 145ms
61ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-VTPV1K1C2D&cid=1017516496.1673547551&gtm=2oe1a1&aip=1&z=1276833934

Requested by

Host: www.fleetforwardthetour.com
URL: https://www.fleetforwardthetour.com/register/stop-1?utm_medium=banner&utm_source=WTenl

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fleetforwardthetour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 12 Jan 2023 18:19:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
215 B 45ms
44ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=931613234&t=pageview&_s=1&dl=https%3A%2F%2Fwww.fleetforwardthetour.com%2Fregister%2Fstop-1%3Futm_medium%3Dbanner%26utm_source%3DWTenl&ul=en-us&de=UTF-8&dt=Phoenix%20Tour%20Stop%20Registration%20%7C%20Where%20Leaders%20In%20Fleet%C2%A0Mobility%20Connect&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1891622590&gjid=1778692338&cid=1017516496.1673547551&tid=UA-823248-63&_gid=1828737035.1673547551&_r=1&gtm=2ou1a1&z=1158939530

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.fleetforwardthetour.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 12 Jan 2023 18:19:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.fleetforwardthetour.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 297 Show response
bccdp.fleetforwardthetour.com/DG/DEFAULT/rest/rpc/ 112 KB
14 KB 417ms
416ms XHR
application/json 65.9.66.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bccdp.fleetforwardthetour.com/DG/DEFAULT/rest/rpc/297?referer=https%3A%2F%2Fwww.fleetforwardthetour.com%2Fregister%2Fstop-1%3Futm_medium%3Dbanner%26utm_source%3DWTenl&bcsessionid=&bctempid=&overruleReferrer=&time=2023-01-12T18%3A19%3A10%2B00%3A00&ts=1673547550609

Requested by

Host: bccdp.fleetforwardthetour.com
URL: https://bccdp.fleetforwardthetour.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.27 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-66-27.fra56.r.cloudfront.net

Software

- /

Resource Hash

65b392a51a54c15bdf99c243e199634ffb8c42d9e1c01e67f7020b635cf5a768

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.fleetforwardthetour.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 12 Jan 2023 18:19:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 fdd677a35b242f0199586a71e2f6859e.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA56-C1
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 13453
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
accept-ch: sec-ch-ua-platform-version
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.fleetforwardthetour.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: uRClm0E-Er35Oc9DdH45i65t0AStr3-zjxe6VyPvgW6IuA6wE9070g==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 connect.html Show response
d.mail.fleetforwardthetour.com/ Frame 7EFE 17 KB
7 KB 216ms
216ms Document
text/html 2606:4700::6812:487f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://d.mail.fleetforwardthetour.com/connect.html?connectUrl=https%3A%2F%2Fd.mail.fleetforwardthetour.com&cookieDomain=mail.fleetforwardthetour.com&cookieLife=365&sameSiteDisable=false&trackKey=fleet_forward_the_tour

Requested by

Host: d.mail.fleetforwardthetour.com
URL: https://d.mail.fleetforwardthetour.com/track.v2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:487f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a2f13efac3707ee15c7c242012e71ff6122fd74084bc0422eb13e018cced816b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.fleetforwardthetour.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 7887e61f8b9abb59-FRA
content-encoding: br
content-type: text/html
date: Thu, 12 Jan 2023 18:19:10 GMT
last-modified: Wed, 11 Jan 2023 13:37:45 GMT
server: cloudflare
strict-transport-security: max-age=15768000; includeSubDomains; preload;
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-robots-tag: none
x-xss-protection: 1; mode=block

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 485ms
72ms Script
application/javascript 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.fleetforwardthetour.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023010501.js?cb=31071517

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fleetforwardthetour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 18:19:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 486ms
74ms Script
application/javascript 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.fleetforwardthetour.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023010501.js?cb=31071517

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fleetforwardthetour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 18:19:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 4 KB
974 B 299ms
299ms XHR
text/plain 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1005607751995184&correlator=2742618859837799&eid=31071517%2C31071521%2C31071524%2C31070233%2C31070908&output=ldjh&gdfp_req=1&vrg=2023010501&ptt=17&impl=fifs&iu_parts=86855500%2Cright01%2Cright02%2Cright03%2Cright04%2Cprestitial%2Csiteskin%2Cbottom02%2Cpagepeel&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7%2C%2F0%2F8&prev_iu_szs=300x250%2C300x250%2C300x250%2C300x250%2C1x1%2C1x1%2C1x1%2C1x1&ifi=1&adks=1006191090%2C2991453782%2C914605433%2C2779414486%2C3841619507%2C232312603%2C3136420150%2C1457211711&sfv=1-0-40&ists=15&cust_params=domain%3Dfleetforwardthetour.com%26section%3Dregister%26url_start%3D%252Fregister%252Fstop-1%26url_end%3D%252Fregister%252Fstop-1%26post_id%3D37616&sc=1&cookie_enabled=1&abxe=1&dt=1673547550777&lmt=1673547550&dlt=1673547549402&idt=1343&adxs=-9%2C-9%2C-9%2C-9%2C0%2C-9%2C0%2C-9&adys=-9%2C-9%2C-9%2C-9%2C0%2C-9%2C2375%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C-1%7C-1%7C-1%7C0%7C-1%7C1%7C-1&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.fleetforwardthetour.com%2Fregister%2Fstop-1%3Futm_medium%3Dbanner%26utm_source%3DWTenl&frm=20&vis=1&psz=0x-1%7C0x-1%7C0x-1%7C0x-1%7C1600x-1%7C0x-1%7C1600x-1%7C0x-1&msz=0x-1%7C0x-1%7C0x-1%7C0x-1%7C1600x-1%7C0x-1%7C1600x-1%7C0x-1&fws=2%2C2%2C2%2C2%2C4%2C2%2C4%2C2&ohw=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C0&ga_vid=1017516496.1673547551&ga_sid=1673547551&ga_hid=931613234&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023010501.js?cb=31071517

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dab199d4482236cd3b8ed0787a3c22238f78a5c2be96ff097bcd359cb9c92efc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fleetforwardthetour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 18:19:11 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 510
x-xss-protection: 0
google-lineitem-id: -2,-2,-2,-2,-2,-2,-2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,-2,-2,-2,-2,-2,-2,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.fleetforwardthetour.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
1e1e11b347a8b9c5e584eb24f0a7c1f0.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D6D2 6 KB
3 KB 246ms
83ms Document
text/html 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://1e1e11b347a8b9c5e584eb24f0a7c1f0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023010501.js?cb=31071517

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.fleetforwardthetour.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 12 Jan 2023 18:19:11 GMT
expires: Fri, 12 Jan 2024 18:19:11 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 94ca4974bc52416faf83946833859c7d Show response
bccdp.fleetforwardthetour.com/plugin/plugin/ 127 KB
31 KB 43ms
42ms Script
text/javascript 65.9.66.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bccdp.fleetforwardthetour.com/plugin/plugin/94ca4974bc52416faf83946833859c7d

Requested by

Host: bccdp.fleetforwardthetour.com
URL: https://bccdp.fleetforwardthetour.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.27 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-66-27.fra56.r.cloudfront.net

Software

- /

Resource Hash

53e7167443dc6e1846dbbcf9af264f8630d01022298bce9a964f7a3b0d54339a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fleetforwardthetour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 15:12:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 fdd677a35b242f0199586a71e2f6859e.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA56-C1
age: 2084814
x-cache: Hit from cloudfront
p3p: policyref="", CP="DSP"
content-length: 31034
x-xss-protection: 1; mode=block
last-modified: Sun, 18 Dec 2022 15:12:17 GMT
server: -
etag: 94ca4974bc52416faf83946833859c7d
content-type: text/javascript; charset=utf-8
cache-control: public, no-cache="Set-Cookie", max-age=31536000
x-robots-tag: noindex, nofollow
x-amz-cf-id: wRwEpl-nOqFtqnq7I1cs5lgU8KhsaozSghUogiJNRcoxbCV7tFN29Q==
expires: Tue, 19 Dec 2023 15:12:17 GMT

GET
H2 200 361ae8ea7b94ce55e0f6ef72795433e4 Show response
bccdp.fleetforwardthetour.com/plugin/library/ 248 KB
79 KB 42ms
42ms Script
text/javascript 65.9.66.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bccdp.fleetforwardthetour.com/plugin/library/361ae8ea7b94ce55e0f6ef72795433e4

Requested by

Host: bccdp.fleetforwardthetour.com
URL: https://bccdp.fleetforwardthetour.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.27 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-66-27.fra56.r.cloudfront.net

Software

- /

Resource Hash

a8bc482de5bad5c6ece8dfe730f520c190feb4e4b751bb46c0c72582b4256b1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fleetforwardthetour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 08:18:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 fdd677a35b242f0199586a71e2f6859e.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA56-C1
age: 2109670
x-cache: Hit from cloudfront
p3p: policyref="", CP="DSP"
content-length: 80664
x-xss-protection: 1; mode=block
last-modified: Sun, 18 Dec 2022 08:18:01 GMT
server: -
etag: 361ae8ea7b94ce55e0f6ef72795433e4
content-type: text/javascript; charset=utf-8
cache-control: public, no-cache="Set-Cookie", max-age=31536000
x-robots-tag: noindex, nofollow
x-amz-cf-id: QWR9hlM0TUtwki-rbGhhT2BjyDZ8sT8ImXKUlFtz-K--x96zpwximA==
expires: Tue, 19 Dec 2023 08:18:01 GMT

POST
H2 200 LB-Zone-1 Show response
bccdp.fleetforwardthetour.com/DG/DEFAULT/rest/rpc/297/ 2 KB
1 KB 444ms
444ms XHR
application/json 65.9.66.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bccdp.fleetforwardthetour.com/DG/DEFAULT/rest/rpc/297/LB-Zone-1?referer=https%3A%2F%2Fwww.fleetforwardthetour.com%2Fregister%2Fstop-1%3Futm_medium%3Dbanner%26utm_source%3DWTenl&bcsessionid=&bctempid=74e031e5-8dd0-4403-8059-b57f8d3494d7&overruleReferrer=&time=2023-01-12T18%3A19%3A11%2B00%3A00&ts=1673547551219

Requested by

Host: bccdp.fleetforwardthetour.com
URL: https://bccdp.fleetforwardthetour.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.27 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-66-27.fra56.r.cloudfront.net

Software

- /

Resource Hash

a58164dda6ac198358d28dfedde3813b29d985c6adab6787abcafbe3f72d03e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.fleetforwardthetour.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 12 Jan 2023 18:19:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 fdd677a35b242f0199586a71e2f6859e.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA56-C1
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 661
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
accept-ch: sec-ch-ua-platform-version
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.fleetforwardthetour.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: qtVyDBeUfqi9_OCqjfB2RFwpMW1A8eLn3F9i42OeyXJYGMX6ZVEbVw==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 304ms
84ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023010501&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023010501.js?cb=31071517

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5d7a2e80479e7287cca157b3b864084ee780efdd8a2d58b96db06541a63681e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fleetforwardthetour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 18:19:11 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11096
x-xss-protection: 0

POST
H2 200 297 Show response
bccdp.fleetforwardthetour.com/DG/DEFAULT/rest/rpc/ 393 B
1 KB 409ms
408ms XHR
application/json 65.9.66.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bccdp.fleetforwardthetour.com/DG/DEFAULT/rest/rpc/297?referer=https%3A%2F%2Fwww.fleetforwardthetour.com%2Fregister%2Fstop-1%3Futm_medium%3Dbanner%26utm_source%3DWTenl&bcsessionid=74e031e5-8dd0-4403-8059-b57f8d3494d7&bctempid=&overruleReferrer=&time=2023-01-12T18%3A19%3A11%2B00%3A00&ts=1673547551706

Requested by

Host: bccdp.fleetforwardthetour.com
URL: https://bccdp.fleetforwardthetour.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.27 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-66-27.fra56.r.cloudfront.net

Software

- /

Resource Hash

27aef330be7b68a9da91b8e8c7bcbe3026e6e23e8d1af67d451fe3ac25a08326

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.fleetforwardthetour.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 12 Jan 2023 18:19:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 fdd677a35b242f0199586a71e2f6859e.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA56-C1
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 184
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
accept-ch: sec-ch-ua-platform-version
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.fleetforwardthetour.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: 0MjIG2Hd0YVDcBrVTiDU2U6sFXa2aV5xmB_a4_z0JT8_7GOwovFtdg==
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 297 Show response
bccdp.fleetforwardthetour.com/DG/DEFAULT/rest/rpc/ 197 B
1 KB 410ms
410ms XHR
application/json 65.9.66.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bccdp.fleetforwardthetour.com/DG/DEFAULT/rest/rpc/297?referer=https%3A%2F%2Fwww.fleetforwardthetour.com%2Fregister%2Fstop-1%3Futm_medium%3Dbanner%26utm_source%3DWTenl&bcsessionid=74e031e5-8dd0-4403-8059-b57f8d3494d7&bctempid=&overruleReferrer=&time=2023-01-12T18%3A19%3A11%2B00%3A00&ts=1673547551707

Requested by

Host: bccdp.fleetforwardthetour.com
URL: https://bccdp.fleetforwardthetour.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.27 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-66-27.fra56.r.cloudfront.net

Software

- /

Resource Hash

b43594355c25c711c16053d34a9d3511f1bf2784b499645b3aa4b85621d0bbe5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.fleetforwardthetour.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 12 Jan 2023 18:19:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 fdd677a35b242f0199586a71e2f6859e.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA56-C1
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 174
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
accept-ch: sec-ch-ua-platform-version
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.fleetforwardthetour.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: va_2niKiTfUgUt7BfFMp_ca_otoShXEaB0meSp5MVH1qwoRIJC7lGA==
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 297 Show response
bccdp.fleetforwardthetour.com/DG/DEFAULT/rest/rpc/ 197 B
1 KB 411ms
410ms XHR
application/json 65.9.66.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bccdp.fleetforwardthetour.com/DG/DEFAULT/rest/rpc/297?referer=https%3A%2F%2Fwww.fleetforwardthetour.com%2Fregister%2Fstop-1%3Futm_medium%3Dbanner%26utm_source%3DWTenl&bcsessionid=74e031e5-8dd0-4403-8059-b57f8d3494d7&bctempid=&overruleReferrer=&time=2023-01-12T18%3A19%3A11%2B00%3A00&ts=1673547551708

Requested by

Host: bccdp.fleetforwardthetour.com
URL: https://bccdp.fleetforwardthetour.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.27 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-66-27.fra56.r.cloudfront.net

Software

- /

Resource Hash

75a6c4b5783bd4db1b4e48d09a8d4e1ec39978a4db691bebab2fd6374746cf98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.fleetforwardthetour.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 12 Jan 2023 18:19:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 fdd677a35b242f0199586a71e2f6859e.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA56-C1
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 174
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
accept-ch: sec-ch-ua-platform-version
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.fleetforwardthetour.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: F0Pa8_prFuXUwxa-pl7fj24Fiepoho7SL7rzEVo-ErEMWRdC2RHrig==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 cs Show response
bobit.blueconic.net/DG/DEFAULT/ 66 B
854 B 121ms
120ms Script
text/javascript 18.204.49.189
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://bobit.blueconic.net/DG/DEFAULT/cs?bcsessionid=74e031e5-8dd0-4403-8059-b57f8d3494d7&&callback=bc_json299

Requested by

Host: bccdp.fleetforwardthetour.com
URL: https://bccdp.fleetforwardthetour.com/script.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.204.49.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-204-49-189.compute-1.amazonaws.com

Software

- /

Resource Hash

6044477717a29d6244800ec278bd9ec6da28e958442ab3a66a31cb230515e06c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fleetforwardthetour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 12 Jan 2023 18:19:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: -
x-permitted-cross-domain-policies: master-only
content-type: text/javascript; charset=utf-8
p3p: policyref="", CP="DSP"
cache-control: no-cache, no-store, no-transform, must-revalidate, private
x-robots-tag: noindex, nofollow
content-length: 86
x-xss-protection: 1; mode=block
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 282ms
47ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023010501.js?cb=31071517

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fleetforwardthetour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 18:19:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 12 Jan 2023 18:19:12 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0EB1 13 KB
5 KB 38ms
37ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.fleetforwardthetour.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1166
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 12 Jan 2023 17:59:46 GMT
expires: Fri, 12 Jan 2024 17:59:46 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame ACFF 783 B
1 KB 205ms
81ms Document
text/html 2a00:1450:400d:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3fd9a92671d4d09cadfcf61a52b6034702bf1655e9fbdbf9b40ef8226b567581

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-xeGzDXvn4OH2_JjoeRsO-A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.fleetforwardthetour.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-xeGzDXvn4OH2_JjoeRsO-A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 12 Jan 2023 18:19:12 GMT
expires: Thu, 12 Jan 2023 18:19:12 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 OU_aD-3-G2pcaJqwlUagl315JVS_daCE4k47Wxj7Xso.js Show response
pagead2.googlesyndication.com/bg/ Frame 0EB1 36 KB
16 KB 114ms
37ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/OU_aD-3-G2pcaJqwlUagl315JVS_daCE4k47Wxj7Xso.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

394fda0fedfe1b6a5c689ab09546a0977d792554bf75a084e24e3b5b18fb5eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 01:24:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 60870
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16095
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 14:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 12 Jan 2024 01:24:42 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame ACFF 0
0 139ms
138ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2023010501&jk=1005607751995184&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 144ms
144ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2023010501&jk=1005607751995184&bg=!2Nul25_NAAYDMoyoIzI7ACkAdvg8WuEEvylfjKACfaTJXFDfymIjL6oTGMBc_Xvy0WwkurR9GrWEOwIAAABvUgAAAARoAQcKAEkk4Rg1mBrSlRhvNHHqbH7c8bK-P7hsIGrf9_f-UKY74_CUwNA1EQUxUJSxJJWkAWK56cw3k_39ULFZ4Drg1kFSPto1eFdpa45ImQKz5T22G9rst0GvcZ4PcGiCigJoA5gZyQKccwH9ggUHOILrR3j7YlEciknpSG7dDYpLrT9jD1MV4DnSn5hCdFL-mMv7B39zCBzLAz8R_p48aWeIw-YFtxCWQsJzSEu5ckwjCtIHPCp6hwpjIwhZJcP3mbn3JM2girTIErPvJNBhkzsVV_A31HYUC_3KOa_7gvqW9Hln2aTIU-GyQq-qYyIdJc2HaYwPqNm-grpx1uiQbVX-jnXs0pyuluQfJOGT2HihAPET4Lk-_ij9zoX1ZH4joSZKdZ_Uhde-mkFFWHlK-Shpi-vLtcv27knjMvm6_YcG4qBhT16jYLSL721Xmloo3qMC4I_waDakDelzKPjf0Saio1_HcoE0CoZ6Ya_zZmPaIPP4w1jlqmOi_Ld-fg5i6n-t9OGOJDpw_iUV7CNfcqzaxtB6z2q6OaiMTtokllSHgx2tT2FfAVygRo-2B-v9bAePc6Ves3QFZbiE41Q67vPeBOWSIzClOATcCNmK1AWwxFmuuMxMetOPyNgYCgRx7Kr4MaNKylkztrfoxbvzUvv8ymJp9x2gxQiofM6-Q8CxYq60ZvYipjrqjLlvvql-aTU0U_9M0usBou6EO8Ui_9x2exjIlbr8y6EsxAzMLQWtgOrwTFnOOITQocpqiKw0lIQG8xQXROBtKBFYSrLjKk9kjAGtfgg9XcAjIGGAQ38c8aVgC7Ssr7NVnEWu0i5jMCy0wLlg6RVILEBv4EAaipLbt_2xsY_HI_kwxenV22m-mTMcEoW8GuK-OYlx7DIKB9lVoZDPnsJQvBVCv7oPWzFgt5_WWPSXW7De3wZxd4zCoN_uGiLgsAjF97OhzGYO5FC-30IHhnmYWgxIQCFNiMyz5MHg8Ynt8kGk6ElYaWfPQNjrK_xweVBE8FSheZUMLIoh_w
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fleetforwardthetour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

51 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

24 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
bccdp.fleetforwardthetour.com/DG/DEFAULT	1970-01-20 18:28:27	Name: BCSessionID Value: 74e031e5-8dd0-4403-8059-b57f8d3494d7
bobit.blueconic.net/DG/DEFAULT	1970-01-20 17:38:03	Name: BCSessionID Value: 74e031e5-8dd0-4403-8059-b57f8d3494d7
.mail.worktruckonline.com/	1970-01-20 08:53:53	Name: 1695_contactID Value: 636c2709369118030b0e1a7d
.mail.worktruckonline.com/	1970-01-20 08:53:53	Name: 1695_msID Value: 1695%3A63becf5cee0c6cddbf026a75%3Aot
.mail.worktruckonline.com/	1970-01-20 08:53:53	Name: 1695_mcID Value: 1695%3A63becf5cee0c6cddbf026a75%3Aot%3A636c2709369118030b0e1a7d%3A1
.mail.worktruckonline.com/	1970-01-20 08:53:53	Name: 1695_linkID Value: 63becf93acbc03d6a600bc5f
.mail.worktruckonline.com/	1970-01-20 08:53:53	Name: v2_work-truck Value: %7B%22linkID%22%3A%2263becf93acbc03d6a600bc5f%22%2C%22mcID%22%3A%221695%3A63becf5cee0c6cddbf026a75%3Aot%3A636c2709369118030b0e1a7d%3A1%22%2C%22accountID%22%3A%221695%22%2C%22msID%22%3A%221695%3A63becf5cee0c6cddbf026a75%3Aot%22%2C%22cID%22%3A%22636c2709369118030b0e1a7d%22%7D
.e.mail.worktruckonline.com/	1970-01-20 08:52:29	Name: __cf_bm Value: oAI4KgPRoSjJRGdEmtPSshVqncu7a23e9yCfdcuKUT0-1673547548-0-AVsqhgAYGlW0sJHUkHmPwhKJq05MtRrevjCf8ZxRiDmCrr0wjYj1wVFAkPgSIOcswMIR4IU0vYtc15LLoAGLW8U=
click.bobitstudios.com/	1969-12-31 23:59:59	Name: ServerID Value: 1025
.doubleclick.net/	1970-01-20 18:14:03	Name: IDE Value: AHWqTUm6Jb23F_sVvWtlRKvk9fasno97g3whYm_NyRO3XSYWW6rld_x2rT6Ky1NGw4E
www.fleetforwardthetour.com/	1969-12-31 23:59:59	Name: ServerID Value: 1025
www.fleetforwardthetour.com/	1969-12-31 23:59:59	Name: fileDownloadName Value: Phoenix Tour Stop Registration
.fleetforwardthetour.com/	1970-01-20 18:28:27	Name: _ga_VTPV1K1C2D Value: GS1.1.1673547550.1.0.1673547550.60.0.0
.fleetforwardthetour.com/	1970-01-20 18:28:27	Name: _ga Value: GA1.2.1017516496.1673547551
.fleetforwardthetour.com/	1970-01-20 08:53:53	Name: _gid Value: GA1.2.1828737035.1673547551
.fleetforwardthetour.com/	1970-01-20 08:52:27	Name: _gat_gtag_UA_823248_63 Value: 1
.d.mail.fleetforwardthetour.com/	1970-01-20 08:52:29	Name: __cf_bm Value: 0rDpVQAY5oVCDtEo9MoeDgtW0DEuy7KUyqJGHAH9XeM-1673547550-0-Adl6w3hPNmXBCBHK5cZjMbqhy0zr3dQrizrJNWQoHs4jtV05xYH1gTIVhZtABHCIPPSQGaPqVDTQcj81N65FAPM=
.mail.fleetforwardthetour.com/	1970-01-20 17:38:03	Name: v2_fleet_forward_the_tour Value: {%22bid%22:%227dcc19d7-be99-4141-bf13-3d739f883081%22}
.fleetforwardthetour.com/	1970-01-20 18:14:03	Name: __gads Value: ID=e178633f605b5eeb:T=1673547550:S=ALNI_MZeGwmnZg4nwHpYqriGwZVKoSjRVQ
.fleetforwardthetour.com/	1970-01-20 18:14:03	Name: __gpi Value: UID=00000ba1cbb7b310:T=1673547550:RT=1673547550:S=ALNI_MYWVXwPfZ8qzchf1GbmA3T4l96UQg
www.fleetforwardthetour.com/	1969-12-31 23:59:59	Name: BCSessionID Value: 74e031e5-8dd0-4403-8059-b57f8d3494d7
bobit.blueconic.net/	1970-01-20 09:02:32	Name: AWSALBCORS Value: 3nUde1YFvF/HyNS8kPGGJe3pMV+wmqyrJun9f2nev0VAeGAuO8reABn40e0oQjkx1uPt0M0uFo2pFBOpUxIo95uoqfD2Ce23sVN9d5jmelcp0uRUZu/Y1+HNbfCK
bccdp.fleetforwardthetour.com/	1970-01-20 09:02:32	Name: AWSALB Value: aFWVt/QQ+4D9DXMX3iGhReqTaTbQwvUuDZXH6/fnQWmmKILguv3HPLSbH+qi0l8bt/dillF8h8gwQV9yakqPYhDPa6FLEImCJowynPUXcV18ycc6FhgGRTqpem4Z
bccdp.fleetforwardthetour.com/	1970-01-20 09:02:32	Name: AWSALBCORS Value: aFWVt/QQ+4D9DXMX3iGhReqTaTbQwvUuDZXH6/fnQWmmKILguv3HPLSbH+qi0l8bt/dillF8h8gwQV9yakqPYhDPa6FLEImCJowynPUXcV18ycc6FhgGRTqpem4Z

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1e1e11b347a8b9c5e584eb24f0a7c1f0.safeframe.googlesyndication.com
adservice.google.com
adservice.google.de
bccdp.fleetforwardthetour.com
bobit.blueconic.net
cdnjs.cloudflare.com
click.bobitstudios.com
d.mail.fleetforwardthetour.com
e.mail.worktruckonline.com
eventsimages.bobitstudios.com
fonts.googleapis.com
googleads.g.doubleclick.net
ka-p.fontawesome.com
kit.fontawesome.com
p.typekit.net
pagead2.googlesyndication.com
region1.analytics.google.com
securepubads.g.doubleclick.net
stats.g.doubleclick.net
tpc.googlesyndication.com
use.typekit.net
www.fleetforwardthetour.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
18.204.49.189
2001:4860:4802:32::36
2606:4700:20::681a:fcf
2606:4700:3033::ac43:bddf
2606:4700::6811:180e
2606:4700::6812:1734
2606:4700::6812:487f
2606:4700::6812:4a7f
2a00:1450:4001:803::2008
2a00:1450:4001:812::2002
2a00:1450:4001:828::200e
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::2003
2a00:1450:400c:c03::9a
2a00:1450:400d:805::2002
2a00:1450:400d:806::2004
2a00:1450:400d:807::2001
2a00:1450:400d:808::2002
2a00:1450:400d:808::200a
2a00:1450:400d:80a::2002
2a00:1450:400d:80c::2002
2a02:26f0:11a::217:9a58
2a02:26f0:11a::6867:4832
65.9.66.27
08424b7deb94b02ed9ab160711a150e0217aaa8cf5963dd6dfc7f8f29127a717
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
20182789ba5a18f1ae0ced91aeebae0bfc64de9890b777fcf0be494c46cde9c3
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
27aef330be7b68a9da91b8e8c7bcbe3026e6e23e8d1af67d451fe3ac25a08326
2a172791f43fddfb2f65343877ae02d667742cde6b7975b7ede31caad68793cf
3691290cef8e72f85cba17f28184d4adf5314f4e1ddcd91b925670c701e90a71
37c65071f378cc9582aabdda3b52979ef901f2925e3f3c3dc597f41eac0f1b6d
38ad3c9c9362784f9ee0309d90babf47f5bff15d6a2269dfbb4d958540e5058c
394fda0fedfe1b6a5c689ab09546a0977d792554bf75a084e24e3b5b18fb5eca
3fd9a92671d4d09cadfcf61a52b6034702bf1655e9fbdbf9b40ef8226b567581
40074dda4da74a34a2175009631227c6c5b6573a70e120ccd96769586a3bff4f
4245ecca2a4b50d7fd9adc9a965ed1f9b4ec24e9935e34c80efafc0f856d54c6
4274543e094ff39715b0b2f65cbfa69121de40baa152c9cf11b77454a05f8284
464b561ee00c86db1cddb80f2c9d6febbc2c1aa95f422fa73a4fb8ef7d5d5028
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4cba099e44393284e6e12d54e8a16584c3f20e8119f821dfcd804d52dab8eb17
53e7167443dc6e1846dbbcf9af264f8630d01022298bce9a964f7a3b0d54339a
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55a5d81252411137b0b202bb5acb0f3bdfaaecc897bddf84287da38cca1fb047
56392a97bf35956d4a099fbf3c764a01ee1f2cf2e070a0d8aacf458dbecca0a9
5a9ca1505a532038691ce3eeb02e13812e7ddec4650122482ed9bab8aae1b1d6
5d7a2e80479e7287cca157b3b864084ee780efdd8a2d58b96db06541a63681e3
6044477717a29d6244800ec278bd9ec6da28e958442ab3a66a31cb230515e06c
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65b392a51a54c15bdf99c243e199634ffb8c42d9e1c01e67f7020b635cf5a768
6a1b67080492bc4ad4fad077be835542b651c01616cb11d68f3cb052eaa44d42
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6cba92b3b4fcf7622f984225046cdb076bef228488b633d5b2a03ddece0eb201
6d970e78937769ffac33e4145a3c41f003bcfc38c888b497887cbf76c6b94c15
75a6c4b5783bd4db1b4e48d09a8d4e1ec39978a4db691bebab2fd6374746cf98
78f2234a60cbe6920db07df9663c0b035d9a602d8f7b82e174fc9e0f5bf89ad0
818b50426461fd707e51bbd2a5f0fbfe036a8048b289008b8e4b4b0138a2aff2
92c8274efeb69f701eaafbb95250927d02432190657ec4bafc4fda26e648be57
996e799930d5a4379f8c65c97ea5fd000b168b2990ba786c68fb6e876c887f77
9b7dc8c3594749490640dc8334809247d3d2abb640116a10f0a6aa447e9220f9
a2f13efac3707ee15c7c242012e71ff6122fd74084bc0422eb13e018cced816b
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a58164dda6ac198358d28dfedde3813b29d985c6adab6787abcafbe3f72d03e9
a7e36d1716a06471094f086a13507322aa49b2e3b4ddc2b6760ba7f8e7c63e85
a8bc482de5bad5c6ece8dfe730f520c190feb4e4b751bb46c0c72582b4256b1c
abcb0446381dd18567e85ebe484a302708df071544a8d59fccbc46af0fab0470
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b43594355c25c711c16053d34a9d3511f1bf2784b499645b3aa4b85621d0bbe5
b85edc76449e83ad292fe8a9623c711b0e77a7ae3afba2f07b8f74dcab425c38
c4e20f53f5ef0ed44b783437aa3f4638a9a56cc4aa29ae83ed9212eb2807052a
c8640d32905b2e54a3b396baaeaed888adaef9cefe6c4295c7285a3ec0639f81
cbf727286baa5304c9b3eef7a84496f16b469b84df3febacae636c833925e942
da03f140d305f2abdf496bdd3fad9cfed87a237cf09f6a2edcec58bc5a1f044d
dab199d4482236cd3b8ed0787a3c22238f78a5c2be96ff097bcd359cb9c92efc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7a555c279a422594b3819c7ddf5e4b0fa20cd713f4cb08a96e2f9e6654aba29
e7b638543eda8dc1451acd226842ba0f928f9ced0a57e15e6184e2a3deba6e54
eaabac1568a0ddd3d522fa4c0e4844724b6b75176f42880d6f29cfe5adabeaed
edabdc9e71d18b2d444cd12e39eec3ca72c0052a12e47e02ee55567fb0cb0162
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f30e0ab8c9b0141e902c7a24cbfa6ceab90b5e60527bbadc0cbe39b5d194719f

www.fleetforwardthetour.com Open in urlscan Pro 2606:4700:3033::ac43:bddf Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

61 Requests

100 %HTTPS

92 %IPv6

15 Domains

27 Subdomains

23 IPs

5 Countries

962 kBTransfer

2811 kBSize

24 Cookies

6 Outgoing links

Page URL History

Redirected requests

61 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.fleetforwardthetour.com Open in urlscan Pro
2606:4700:3033::ac43:bddf Public Scan

Screenshot
Live screenshot

Full Image

61
Requests

100 %
HTTPS

92 %
IPv6

15
Domains

27
Subdomains

23
IPs

5
Countries

962 kB
Transfer

2811 kB
Size

24
Cookies

61 HTTP transactions
0 data transactions