urlscan.io logo urlscan.io
SecurityTrails logo

www.onetwotrip.com Open in urlscan Pro
23.83.114.232  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://one-two-trip.de/
Effective URL: https://www.onetwotrip.com/de/
Submission: On November 27 via api from FI — Scanned from NZ
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 17 IPs in 6 countries across 16 domains to perform 65 HTTP transactions. The main IP is 23.83.114.232, located in Netherlands and belongs to SERVERS-COM, US. The main domain is www.onetwotrip.com. The Cisco Umbrella rank of the primary domain is 905376.
TLS certificate: Issued by GlobalSign GCC R3 DV TLS CA 2020 on March 10th 2023. Valid for: a year.
This is the only time www.onetwotrip.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    151.236.222.5 (London, United Kingdom)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li593-5.members.linode.com
one-two-trip.de
28    23.83.114.232 (Netherlands)

ASN7979 (SERVERS-COM, US)
www.onetwotrip.com
static.onetwotrip.com
3    2404:6800:4006:80a::200a (Sydney, Australia)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2404:6800:4006:809::2003 (Sydney, Australia)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    18.67.101.103 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-101-103.syd62.r.cloudfront.net
dalusewymm5m7.cloudfront.net
4    2404:6800:4006:80b::200e (Sydney, Australia)

ASN15169 (GOOGLE, US)
www.google-analytics.com
4    2404:6800:4006:809::2008 (Sydney, Australia)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2404:6800:4003:c01::9c (Singapore, Singapore)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2404:6800:4006:812::2004 (Sydney, Australia)

ASN15169 (GOOGLE, US)
www.google.com
4    95.163.52.67 (Russian Federation)

ASN47764 (VK-AS, RU)
PTR: top-fwz1.mail.ru
top-fwz1.mail.ru
3    87.240.129.133 (Russian Federation)

ASN47541 (VKONTAKTE-SPB-AS vk.com, RU)
PTR: srv133-129-240-87.vk.com
vk.com
1    2404:6800:4006:809::2002 (Sydney, Australia)

ASN15169 (GOOGLE, US)
www.googletagservices.com
2    2404:6800:4006:811::2002 (Sydney, Australia)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
1    2404:6800:4006:812::2001 (Sydney, Australia)

ASN15169 (GOOGLE, US)
039da27185bae8b9fd78373390e0a57c.safeframe.googlesyndication.com
2    2404:6800:4006:814::2002 (Sydney, Australia)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    167.114.119.127 (None, )

ASN- ()
usage.trackjs.com
2    2404:6800:4006:814::2001 (None, )

ASN- ()
tpc.googlesyndication.com
Apex Domain
Subdomains		 Transfer
28 onetwotrip.com
www.onetwotrip.com — Cisco Umbrella Rank: 905376
static.onetwotrip.com
2 MB
5 googlesyndication.com
039da27185bae8b9fd78373390e0a57c.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 97
tpc.googlesyndication.com
42 KB
4 mail.ru
top-fwz1.mail.ru — Cisco Umbrella Rank: 10387
22 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 35
245 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
22 KB
3 vk.com
vk.com — Cisco Umbrella Rank: 6956
22 KB
3 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 78
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196
136 KB
3 gstatic.com
fonts.gstatic.com
33 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31
3 KB
2 google.com
www.google.com — Cisco Umbrella Rank: 2
1 KB
1 trackjs.com
usage.trackjs.com
229 B
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 212
31 KB
1 cloudfront.net
dalusewymm5m7.cloudfront.net
24 KB
1 one-two-trip.de
one-two-trip.de
255 B
0 google.co.nz Failed
www.google.co.nz Failed
0 splitmetrics.com Failed
app.splitmetrics.com Failed
65 16
Domain Requested by
18 www.onetwotrip.com www.onetwotrip.com
10 static.onetwotrip.com www.onetwotrip.com
4 top-fwz1.mail.ru www.onetwotrip.com
top-fwz1.mail.ru
4 www.googletagmanager.com www.onetwotrip.com
www.googletagmanager.com
4 www.google-analytics.com www.onetwotrip.com
www.google-analytics.com
www.googletagmanager.com
3 vk.com 1 redirects www.onetwotrip.com
3 fonts.gstatic.com fonts.googleapis.com
3 fonts.googleapis.com www.onetwotrip.com
2 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
2 pagead2.googlesyndication.com www.onetwotrip.com
tpc.googlesyndication.com
2 securepubads.g.doubleclick.net www.googletagservices.com
www.onetwotrip.com
2 www.google.com www.onetwotrip.com
tpc.googlesyndication.com
1 usage.trackjs.com
1 039da27185bae8b9fd78373390e0a57c.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 www.googletagservices.com www.onetwotrip.com
1 stats.g.doubleclick.net www.onetwotrip.com
1 dalusewymm5m7.cloudfront.net www.onetwotrip.com
1 one-two-trip.de 1 redirects
0 www.google.co.nz Failed www.onetwotrip.com
0 app.splitmetrics.com Failed www.onetwotrip.com
65 20

This site contains links to these domains. Also see Links.

Domain
support.onetwotrip.com
Subject Issuer Validity Valid
*.onetwotrip.com
GlobalSign GCC R3 DV TLS CA 2020		 2023-03-10 -
2024-02-26		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.mail.ru
GlobalSign ECC OV SSL CA 2018		 2023-10-06 -
2024-11-06		 a year crt.sh
*.vk.com
GlobalSign Organization Validation CA - SHA256 - G2		 2023-03-16 -
2024-02-20		 a year crt.sh
*.trackjs.com
RapidSSL TLS RSA CA G1		 2023-07-31 -
2024-08-11		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh

This page contains 5 frames:

Primary Page: https://www.onetwotrip.com/de/
Frame ID: F90E2CF500B49D517510534543B4837E
Requests: 58 HTTP requests in this frame

Frame: https://www.googletagmanager.com/ns.html?id=GTM-52MPB4S
Frame ID: 723E18343F2C7F95AEDC2758C3ADFD62
Requests: 1 HTTP requests in this frame

Frame: https://039da27185bae8b9fd78373390e0a57c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: D1779225C1B7D9CE1442AA1DDFC6E236
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 7C18C156DF1E093AB27D7F9878305894
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7CB42800B9A68D848939658D16CE5E37
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Günstige Flugtickets online auf OneTwoTrip kaufen. Günstige Flugtickets kaufen.

Page URL History Show full URLs

  1. http://one-two-trip.de/ HTTP 302
    https://www.onetwotrip.com/de/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Page Statistics

65
Requests

92 %
HTTPS

65 %
IPv6

16
Domains

20
Subdomains

17
IPs

6
Countries

2788 kB
Transfer

8918 kB
Size

20
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://one-two-trip.de/ HTTP 302
    https://www.onetwotrip.com/de/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 45
  • https://vk.com/js/api/openapi.js?169 HTTP 302
  • https://vk.com/dist/public/api/openapi.917ca96d9331f956d945e39706791fde.js?169

65 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.onetwotrip.com/de/
Redirect Chain
  • http://one-two-trip.de/
  • https://www.onetwotrip.com/de/
85 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.onetwotrip.com/de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.83.114.232 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
b19a06cfc576f76480e07494b9ab521fb487da664750fef52b9927e4dfd36ee5
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://*.safeframe.googlesyndication.com 'self'; img-src data: https://pagead2.googlesyndication.com https://click.topturizm.ru https://d2ttnongggltje.cloudfront.net https://top-fwz1.mail.ru https://onesignal.com https://*.onesignal.com https://matchid.adfox.yandex.ru https://*.adfox.ru http://banners.adfox.ru https://hexagon-analytics.com https://*.g.doubleclick.net https://s.youtube.com https://www.kayak.com https://*.facebook.com https://*.clicktripz.com https://*.amazonaws.com https://*.gstatic.com https://*.googleapis.com https://img.twiket.cfafom.ua https://media.expedia.com https://www.google-analytics.com https://servedbyadbutler.com https://b.siftscience.com https://usage.trackjs.com https://*.amadeus.com https://*.onetwotrip.com https://*.google.com https://www.google.ru https://ads.otthyper.com https://*.rackcdn.com https://*.mapbox.com https://*.bstatic.com https://img.twiket.com.ua https://cdn.cartrawler.com https://www.tcsbank.ru https://level.travel https://*.4sqi.net https://d2f9dw3b0opbul.cloudfront.net https://www.sixt.de https://*.olt.su https://s3.level.travel https://static.europcar.com https://*.vk.com https://vk.com https://an.yandex.ru https://tpc.googlesyndication.com https://www.google.com.ua https://ad.mail.ru https://mc.yandex.ru https://*.googleusercontent.com 'self'; script-src https://*.googletagmanager.com https://cdn.polyfill.io https://partner.tophotels.ru https://banners.adfox.ru https://top-fwz1.mail.ru https://onesignal.com https://*.onesignal.com https://*.doubleclick.net https://*.clicktripz.com https://matchid.adfox.yandex.ru https://ads.adfox.ru https://npmcdn.com https://connect.mail.ru https://static.olark.com https://*.gstatic.com https://www.odnoklassniki.ru https://connect.ok.ru https://*.facebook.net https://*.facebook.com https://*.amazonaws.com https://*.googleapis.com https://*.addthis.com https://yastatic.net https://*.criteo.com https://static.criteo.net https://*.google.com https://*.google.com.ua https://www.googleadservices.com https://*.otthyper.com https://www.google-analytics.com https://www.googletagservices.com https://adservice.google.ru https://cdn.ampproject.org https://*.googlesyndication.com https://*.onetwotrip.com https://vk.com https://www.tns.counter.ru https://bs.serving-sys.com https://adriver.ru https://gemius.pl https://weborama.com https://*.splitmetrics.com https://dalusewymm5m7.cloudfront.net https://*.googletagmanager.com.ua https://*.googletagmanager.de https://adservice.google.com https://js.crypto.com https://*.bridgerpay.com https://*.googleusercontent.com https://mc.yandex.ru 'self' 'unsafe-inline' 'unsafe-eval'; frame-src https: ; connect-src https://pagead2.googlesyndication.com https://*.g.doubleclick.net https://csi.gstatic.com https://ads.adfox.ru https://translate.yandex.net https://servedbyadbutler.com https://*.onetwotrip.com https://ads.otthyper.com https://capture.trackjs.com https://*.youtube.com https://www.google-analytics.com https://www.tcsbank.ru https://connect.mail.ru https://onesignal.com https://*.onesignal.com https://*.blablacar.com https://*.clicktripz.com https://top-fwz1.mail.ru https://*.splitmetrics.com wss://*.onetwotrip.com https://tpc.googlesyndication.com https://*.googleapis.com https://*.google.com https://*.gstatic.com https://mc.yandex.ru 'self'; style-src https://tagmanager.google.com https://partner.tophotels.ru https://npmcdn.com https://*.amazonaws.com https://*.googleapis.com https://onesignal.com https://*.onesignal.com https://*.facebook.com https://partner.onetwotrip.com https://*.googletagmanager.com.ua https://*.googletagmanager.de https://www.google-analytics.com https://fonts.googleapis.com 'self' 'unsafe-inline'; font-src https://static.onetwotrip.com https://fonts.gstatic.com https://partner.onetwotrip.com https://fonts.googleapis.com 'self' data: ; form-action *; report-uri https://www.onetwotrip.com/_api/statistics/addCSPR; object-src https://ott-static.s3.eu-central-1.amazonaws.com; frame-ancestors https://*.onetwotrip.com https://vk.com https://*.vk.com https://trvl.spasibosberbank.travel 'self';

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
accept-language
en-NZ,en;q=0.9

Response headers

content-encoding
gzip
content-security-policy
default-src https://tpc.googlesyndication.com https://*.safeframe.googlesyndication.com 'self'; img-src data: https://pagead2.googlesyndication.com https://click.topturizm.ru https://d2ttnongggltje.cloudfront.net https://top-fwz1.mail.ru https://onesignal.com https://*.onesignal.com https://matchid.adfox.yandex.ru https://*.adfox.ru http://banners.adfox.ru https://hexagon-analytics.com https://*.g.doubleclick.net https://s.youtube.com https://www.kayak.com https://*.facebook.com https://*.clicktripz.com https://*.amazonaws.com https://*.gstatic.com https://*.googleapis.com https://img.twiket.cfafom.ua https://media.expedia.com https://www.google-analytics.com https://servedbyadbutler.com https://b.siftscience.com https://usage.trackjs.com https://*.amadeus.com https://*.onetwotrip.com https://*.google.com https://www.google.ru https://ads.otthyper.com https://*.rackcdn.com https://*.mapbox.com https://*.bstatic.com https://img.twiket.com.ua https://cdn.cartrawler.com https://www.tcsbank.ru https://level.travel https://*.4sqi.net https://d2f9dw3b0opbul.cloudfront.net https://www.sixt.de https://*.olt.su https://s3.level.travel https://static.europcar.com https://*.vk.com https://vk.com https://an.yandex.ru https://tpc.googlesyndication.com https://www.google.com.ua https://ad.mail.ru https://mc.yandex.ru https://*.googleusercontent.com 'self'; script-src https://*.googletagmanager.com https://cdn.polyfill.io https://partner.tophotels.ru https://banners.adfox.ru https://top-fwz1.mail.ru https://onesignal.com https://*.onesignal.com https://*.doubleclick.net https://*.clicktripz.com https://matchid.adfox.yandex.ru https://ads.adfox.ru https://npmcdn.com https://connect.mail.ru https://static.olark.com https://*.gstatic.com https://www.odnoklassniki.ru https://connect.ok.ru https://*.facebook.net https://*.facebook.com https://*.amazonaws.com https://*.googleapis.com https://*.addthis.com https://yastatic.net https://*.criteo.com https://static.criteo.net https://*.google.com https://*.google.com.ua https://www.googleadservices.com https://*.otthyper.com https://www.google-analytics.com https://www.googletagservices.com https://adservice.google.ru https://cdn.ampproject.org https://*.googlesyndication.com https://*.onetwotrip.com https://vk.com https://www.tns.counter.ru https://bs.serving-sys.com https://adriver.ru https://gemius.pl https://weborama.com https://*.splitmetrics.com https://dalusewymm5m7.cloudfront.net https://*.googletagmanager.com.ua https://*.googletagmanager.de https://adservice.google.com https://js.crypto.com https://*.bridgerpay.com https://*.googleusercontent.com https://mc.yandex.ru 'self' 'unsafe-inline' 'unsafe-eval'; frame-src https: ; connect-src https://pagead2.googlesyndication.com https://*.g.doubleclick.net https://csi.gstatic.com https://ads.adfox.ru https://translate.yandex.net https://servedbyadbutler.com https://*.onetwotrip.com https://ads.otthyper.com https://capture.trackjs.com https://*.youtube.com https://www.google-analytics.com https://www.tcsbank.ru https://connect.mail.ru https://onesignal.com https://*.onesignal.com https://*.blablacar.com https://*.clicktripz.com https://top-fwz1.mail.ru https://*.splitmetrics.com wss://*.onetwotrip.com https://tpc.googlesyndication.com https://*.googleapis.com https://*.google.com https://*.gstatic.com https://mc.yandex.ru 'self'; style-src https://tagmanager.google.com https://partner.tophotels.ru https://npmcdn.com https://*.amazonaws.com https://*.googleapis.com https://onesignal.com https://*.onesignal.com https://*.facebook.com https://partner.onetwotrip.com https://*.googletagmanager.com.ua https://*.googletagmanager.de https://www.google-analytics.com https://fonts.googleapis.com 'self' 'unsafe-inline'; font-src https://static.onetwotrip.com https://fonts.gstatic.com https://partner.onetwotrip.com https://fonts.googleapis.com 'self' data: ; form-action *; report-uri https://www.onetwotrip.com/_api/statistics/addCSPR; object-src https://ott-static.s3.eu-central-1.amazonaws.com; frame-ancestors https://*.onetwotrip.com https://vk.com https://*.vk.com https://trvl.spasibosberbank.travel 'self';
content-type
text/html
date
Mon, 27 Nov 2023 14:24:09 GMT
server
nginx
vary
Accept-Encoding

Redirect headers

Connection
keep-alive
Content-Length
104
Content-Type
text/html; charset=utf-8
Date
Mon, 27 Nov 2023 14:24:08 GMT
Location
https://www.onetwotrip.com/de/
Server
nginx
Vary
Accept, Accept-Encoding
X-Powered-By
Express
css
fonts.googleapis.com/ 		9 KB
890 B 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto+Mono|Roboto:400,500,700&subset=latin-ext,cyrillic&display=swap
Requested by
Host: www.onetwotrip.com
URL: https://www.onetwotrip.com/de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:80a::200a Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
607c4a8dbf8dcfc28dbab421e841bdd904a3faccc3bc60f7c50e2611b527af90
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.onetwotrip.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security
max-age=31536000
date
Mon, 27 Nov 2023 14:24:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
expires
Mon, 27 Nov 2023 14:24:10 GMT
css
fonts.googleapis.com/ 		9 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto+Mono|Roboto:400,500,700&subset=latin-ext,cyrillic&display=swap
Requested by
Host: www.onetwotrip.com
URL: https://www.onetwotrip.com/de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:80a::200a Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
607c4a8dbf8dcfc28dbab421e841bdd904a3faccc3bc60f7c50e2611b527af90
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.onetwotrip.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security
max-age=31536000
date
Mon, 27 Nov 2023 14:24:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
expires
Mon, 27 Nov 2023 14:24:10 GMT
runtime-66b505a7df96f97aff52.js
www.onetwotrip.com/_spa/index/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.onetwotrip.com/_spa/index/runtime-66b505a7df96f97aff52.js
Requested by
Host: www.onetwotrip.com
URL: https://www.onetwotrip.com/de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.83.114.232 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
eda5f68e05082da9996dbc1d0682d718d8cf0e464783918d6b84d5823850f8d6

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.onetwotrip.com/de/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

pragma
public
date
Mon, 27 Nov 2023 14:24:11 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800, public
expires
Mon, 04 Dec 2023 14:24:11 GMT
styles-355120cef79c2f62d5c3.js
www.onetwotrip.com/_spa/index/ 		137 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.onetwotrip.com/_spa/index/styles-355120cef79c2f62d5c3.js
Requested by
Host: www.onetwotrip.com
URL: https://www.onetwotrip.com/de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.83.114.232 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
8c41fb81e5a269549cb58a685c6986dd79a1a446c92ca0293c0d885edf04c9f7

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.onetwotrip.com/de/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

pragma
public
date
Mon, 27 Nov 2023 14:24:11 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800, public
expires
Mon, 04 Dec 2023 14:24:11 GMT
vendor-58ba11488cea3b20cd2e.js
www.onetwotrip.com/_spa/index/ 		1 MB
384 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.onetwotrip.com/_spa/index/vendor-58ba11488cea3b20cd2e.js
Requested by
Host: www.onetwotrip.com
URL: https://www.onetwotrip.com/de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.83.114.232 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
0ce611a5d2eb9164162f5fa1575bf0633771ebca1ffcd3e32b9e5868941886bb

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.onetwotrip.com/de/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

pragma
public
date
Mon, 27 Nov 2023 14:24:12 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800, public
expires
Mon, 04 Dec 2023 14:24:12 GMT
ottComponents-427f07c83dcba9c13a24.js
www.onetwotrip.com/_spa/index/ 		3 MB
769 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.onetwotrip.com/_spa/index/ottComponents-427f07c83dcba9c13a24.js
Requested by
Host: www.onetwotrip.com
URL: https://www.onetwotrip.com/de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.83.114.232 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
07edeb4ce7dd47cbfe83cce11ca5c6a041f8666b3bb803a0b0ef220dea1b9032

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.onetwotrip.com/de/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

pragma
public
date
Mon, 27 Nov 2023 14:24:12 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800, public
expires
Mon, 04 Dec 2023 14:24:12 GMT
index-bc4651f9c4569cf9dd53.js
www.onetwotrip.com/_spa/index/ 		253 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.onetwotrip.com/_spa/index/index-bc4651f9c4569cf9dd53.js
Requested by
Host: www.onetwotrip.com
URL: https://www.onetwotrip.com/de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.83.114.232 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
d258bf4633fd25bf7e19649187f4436b014606e63a65d14dd33867a64bd76442

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.onetwotrip.com/de/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

pragma
public
date
Mon, 27 Nov 2023 14:24:12 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800, public
expires
Mon, 04 Dec 2023 14:24:12 GMT
unsupportedBrowsers-6a378c1c6f3bcbffc8aa.js
www.onetwotrip.com/_spa/index/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.onetwotrip.com/_spa/index/unsupportedBrowsers-6a378c1c6f3bcbffc8aa.js
Requested by
Host: www.onetwotrip.com
URL: https://www.onetwotrip.com/de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.83.114.232 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
e0032d0088e4a5202e98801ca231ed7085b7d01b25ea9d712e93ae57332bbfcb

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.onetwotrip.com/de/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

pragma
public
date
Mon, 27 Nov 2023 14:24:12 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800, public
expires
Mon, 04 Dec 2023 14:24:12 GMT
styles-355120cef79c2f62d5c3.css
www.onetwotrip.com/_spa/index/ 		924 KB
130 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.onetwotrip.com/_spa/index/styles-355120cef79c2f62d5c3.css
Requested by
Host: www.onetwotrip.com
URL: https://www.onetwotrip.com/de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.83.114.232 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
3b71e0e58bd791f28c76ffe839b21bdec2be3821d88c5bfa2e5bcc9b6961977d

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.onetwotrip.com/de/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

pragma
public
date
Mon, 27 Nov 2023 14:24:10 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=604800, public
expires
Mon, 04 Dec 2023 14:24:10 GMT
index-bc4651f9c4569cf9dd53.css
www.onetwotrip.com/_spa/index/ 		2 KB
913 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.onetwotrip.com/_spa/index/index-bc4651f9c4569cf9dd53.css
Requested by
Host: www.onetwotrip.com
URL: https://www.onetwotrip.com/de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.83.114.232 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
b496183e3e0c2cf9758f69dbd47b9e5101b6ce7965e1f5404373a712c4e1960c

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.onetwotrip.com/de/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

pragma
public
date
Mon, 27 Nov 2023 14:24:10 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=604800, public
expires
Mon, 04 Dec 2023 14:24:10 GMT
de-61d1dcf87396dbf88408c135301b07c0.js
www.onetwotrip.com/_spa/index/l10n/ 		102 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.onetwotrip.com/_spa/index/l10n/de-61d1dcf87396dbf88408c135301b07c0.js
Requested by
Host: www.onetwotrip.com
URL: https://www.onetwotrip.com/de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.83.114.232 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
ffa44ae8dd161650f21b19594c607bb93ae88eebc049b325016c408ae60a3895

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.onetwotrip.com/de/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

pragma
public
date
Mon, 27 Nov 2023 14:24:10 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800, public
expires
Mon, 04 Dec 2023 14:24:10 GMT
main_cover_avia.jpg
static.onetwotrip.com/images/index/cover/ 		363 KB
364 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.onetwotrip.com/images/index/cover/main_cover_avia.jpg?v2
Requested by
Host: www.onetwotrip.com
URL: https://www.onetwotrip.com/de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.83.114.232 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
e0b0558210450f65ad9916c83ef54e8b23877bc38b0c486dfecd3fbd92005ae3

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.onetwotrip.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 27 Nov 2023 14:24:10 GMT
x-amz-version-id
Xa0FNvG21wE9XrcPns_kd4ty8SlQcO82
last-modified
Fri, 09 Apr 2021 14:52:52 GMT
server
nginx
etag
"5116e102afab87b29759d4a1f69f3d41"
access-control-allow-methods
GET,POST,PUT,PATCH,OPTIONS,DELETE,HEAD
content-type
image/jpeg
cache-control
max-age=31536000
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
371728
bulletedList_bonuses.svg
static.onetwotrip.com/images/index/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.onetwotrip.com/images/index/bulletedList_bonuses.svg
Requested by
Host: www.onetwotrip.com
URL: https://www.onetwotrip.com/de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.83.114.232 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
3a08311da5c972ffb7bc14b6a1b6f0f1e706ae09c2356b1538b07b73b0d753a5

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.onetwotrip.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 27 Nov 2023 14:24:10 GMT
x-amz-version-id
jqaBhE86NO2lCTaLUKDfAq.C0sGoGtjZ
last-modified
Tue, 15 Jan 2019 14:08:34 GMT
server
nginx
etag
"87d6187c8239a03013f583ec50d5f808"
access-control-allow-methods
GET,POST,PUT,PATCH,OPTIONS,DELETE,HEAD
content-type
image/svg+xml
cache-control
max-age=31536000
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
2004
bulletedList_mobileApp.svg
static.onetwotrip.com/images/index/ 		973 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.onetwotrip.com/images/index/bulletedList_mobileApp.svg
Requested by
Host: www.onetwotrip.com
URL: https://www.onetwotrip.com/de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.83.114.232 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
13a3b4d384ecb158c609ad6430a7e759bdb56013943472a2d2b31cff45119a09

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.onetwotrip.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 27 Nov 2023 14:24:10 GMT
x-amz-version-id
dY61UH8rJ0JayhedJsB9shFDH_ZfKqfc
last-modified
Tue, 15 Jan 2019 14:08:34 GMT
server
nginx
etag
"1750845177ce2710820fef9fcf47a978"
access-control-allow-methods
GET,POST,PUT,PATCH,OPTIONS,DELETE,HEAD
content-type
image/svg+xml
cache-control
max-age=31536000
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
973
bulletedList_support.svg
static.onetwotrip.com/images/index/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.onetwotrip.com/images/index/bulletedList_support.svg
Requested by
Host: www.onetwotrip.com
URL: https://www.onetwotrip.com/de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.83.114.232 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
488f8d2d5598bb466a28c71a5e38d80837f71f2f79d88ad5fc64dd253570f048

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.onetwotrip.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 27 Nov 2023 14:24:10 GMT
x-amz-version-id
gx6KRNO3Ai1jQ1W5ZEyVFRNm4WRJBdNl
last-modified
Tue, 15 Jan 2019 14:08:34 GMT
server
nginx
etag
"434a6b9da2e73d8af233f1c5d9085836"
access-control-allow-methods
GET,POST,PUT,PATCH,OPTIONS,DELETE,HEAD
content-type
image/svg+xml
cache-control
max-age=31536000
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
3120
KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v30/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Mono|Roboto:400,500,700&subset=latin-ext,cyrillic&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:809::2003 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bce2f309470952b7affa62ff4d91b454334c68cefa541429b502904d20696875
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.onetwotrip.com
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 20 Nov 2023 23:37:55 GMT
x-content-type-options
nosniff
age
571576
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11072
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 19 Nov 2024 23:37:55 GMT
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v30/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Mono|Roboto:400,500,700&subset=latin-ext,cyrillic&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:809::2003 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
796de064b8d80eba7ccacb8ba67d77fdbcdf4b385c844645d452c24537b3108f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.onetwotrip.com
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Thu, 23 Nov 2023 23:21:22 GMT
x-content-type-options
nosniff
age
313369
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11028
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:50 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Nov 2024 23:21:22 GMT
KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v30/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Mono|Roboto:400,500,700&subset=latin-ext,cyrillic&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:809::2003 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0f53e8b0a717ca4ce313eec62b90d41db62c2f4946259a65c93bf8e84c5b0c44
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.onetwotrip.com
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Fri, 24 Nov 2023 03:36:17 GMT
x-content-type-options
nosniff
age
298074
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11040
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 23 Nov 2024 03:36:17 GMT
css
fonts.googleapis.com/ 		3 KB
744 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400i&subset=cyrillic
Requested by
Host: www.onetwotrip.com
URL: https://www.onetwotrip.com/_spa/index/styles-355120cef79c2f62d5c3.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:80a::200a Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6a927e779a3a334646fe055ac863a4c6aee438fc1dcfe8e6493b937459bcc3a8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.onetwotrip.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security
max-age=31536000
date
Mon, 27 Nov 2023 14:24:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
expires
Mon, 27 Nov 2023 14:24:11 GMT
191-142401c354d9d287b0c2.js
www.onetwotrip.com/_spa/index/ 		26 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.onetwotrip.com/_spa/index/191-142401c354d9d287b0c2.js
Requested by
Host: www.onetwotrip.com
URL: https://www.onetwotrip.com/_spa/index/runtime-66b505a7df96f97aff52.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.83.114.232 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
b7419bf4c1e8bc93819cb1e863def8719a03f28e421aa6f2acf2ec9bbc14d3e5

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.onetwotrip.com/de/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

pragma
public
date
Mon, 27 Nov 2023 14:24:12 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800, public
expires
Mon, 04 Dec 2023 14:24:12 GMT
smart-banner--locale-en.latest.js
dalusewymm5m7.cloudfront.net/ 		66 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dalusewymm5m7.cloudfront.net/smart-banner--locale-en.latest.js
Requested by
Host: www.onetwotrip.com
URL: https://www.onetwotrip.com/_spa/index/index-bc4651f9c4569cf9dd53.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.67.101.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-101-103.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
896731375347e341b7bb4dad90c28ada18e5bf39a3e076063d410306a59daab4

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.onetwotrip.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

Date
Sun, 26 Nov 2023 12:11:49 GMT
Content-Encoding
gzip
Via
1.1 4bfeb1eae9544366893e37b97eee8e6e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
SYD62-P1
Age
94344
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
24327
Last-Modified
Wed, 01 Nov 2023 09:24:03 GMT
Server
AmazonS3
ETag
"8cecb9dd8ee14eb48c4ec50c00ddd6b3"
Content-Type
application/javascript
Cache-Control
max-age=864000, s-maxage=864000, public
Accept-Ranges
bytes
X-Amz-Cf-Id
VYXjbaTZNjS3Jr4GiCPUUgslaR8QNHRc7Sshr0nzIPhcXFgLpIOkAA==
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.onetwotrip.com
URL: https://www.onetwotrip.com/_spa/index/ottComponents-427f07c83dcba9c13a24.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:80b::200e Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.onetwotrip.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 27 Nov 2023 13:16:38 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
4055
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Mon, 27 Nov 2023 15:16:38 GMT
info2
www.onetwotrip.com/_api/system/ 		85 B
363 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.onetwotrip.com/_api/system/info2
Requested by
Host: www.onetwotrip.com
URL: https://www.onetwotrip.com/_spa/index/vendor-58ba11488cea3b20cd2e.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.83.114.232 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
c2ae31c70e4df8f8e56465239edb087cd4d0a780201403a3a65039ae5582fc2c

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.onetwotrip.com/de/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-origin
https://www.onetwotrip.com
date
Mon, 27 Nov 2023 14:24:13 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx
access-control-allow-headers
content-type
content-type
application/json
getBasicUserInfo
www.onetwotrip.com/_auth/profile/ 		135 B
683 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.onetwotrip.com/_auth/profile/getBasicUserInfo
Requested by
Host: www.onetwotrip.com
URL: https://www.onetwotrip.com/_spa/index/vendor-58ba11488cea3b20cd2e.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.83.114.232 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx / Express
Resource Hash
485e6a2c590031b4dcac8d336fb373fdfc352c657d65e4c2d96f6e7168d049c1

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.onetwotrip.com/de/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 27 Nov 2023 14:24:13 GMT
server
nginx
x-powered-by
Express
etag
W/"87-vppVq8L2Tx1Gsa7pNC1q5j9zxTs"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.onetwotrip.com
access-control-allow-credentials
true
access-control-allow-headers
content-type
content-length
135
/
www.onetwotrip.com/_mark/texts/ 		45 B
386 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.onetwotrip.com/_mark/texts/?product=virtual_card&project=vc_web&label=refill_message
Requested by
Host: www.onetwotrip.com
URL: https://www.onetwotrip.com/_spa/index/vendor-58ba11488cea3b20cd2e.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.83.114.232 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx / Express
Resource Hash
270092d4efd43b6a39ac21693cf95c0284acab6d95d53882d44a7c7e42753075

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.onetwotrip.com/de/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 27 Nov 2023 14:24:13 GMT
server
nginx
x-powered-by
Express
etag
W/"2d-8sJt24Gm7aFRFRUTw5dsIg"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.onetwotrip.com
access-control-allow-credentials
true
access-control-allow-headers
content-type
content-length
45
directApiTop
www.onetwotrip.com/_avia/deals_v4/ 		41 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.onetwotrip.com/_avia/deals_v4/directApiTop?locale=de&deals_limit=50&origin=BER&source=12trip.de&noPricing=true&add_locale_top=true
Requested by
Host: www.onetwotrip.com
URL: https://www.onetwotrip.com/_spa/index/vendor-58ba11488cea3b20cd2e.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.83.114.232 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
b79529103ca4ab01b7cb0d6414facfd41423ca10a9e9eb0b49de15f9e8df2a0c

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.onetwotrip.com/de/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-origin
https://www.onetwotrip.com
date
Mon, 27 Nov 2023 14:24:13 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx
access-control-allow-headers
content-type
content-type
application/json; charset=UTF-8
data
app.splitmetrics.com/smart-banners/4QRdDPv9A3Axj4rmB8VeNo/ 		0
0
e
www.onetwotrip.com/_api_misc/kismx/ 		0
167 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.onetwotrip.com/_api_misc/kismx/e?referrer=12trip.de&page=index_avia&accept_language=de&ENVID=production-a&isMobile=false&locale=ru&domain=www.onetwotrip.com&_n=page_show&_t=1701095053
Requested by
Host: www.onetwotrip.com
URL: https://www.onetwotrip.com/de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.83.114.232 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.onetwotrip.com/de/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-origin
https://www.onetwotrip.com
date
Mon, 27 Nov 2023 14:24:13 GMT
access-control-allow-credentials
true
server
nginx
access-control-allow-headers
content-type
flight1.jpg
static.onetwotrip.com/deals/cities/default/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.onetwotrip.com/deals/cities/default/flight1.jpg
Requested by
Host: www.onetwotrip.com
URL: https://www.onetwotrip.com/de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.83.114.232 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
a72128cf1e396fc89f15580c4057e72ebab6debaa732848c964f9a4f7d36c623

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.onetwotrip.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 27 Nov 2023 14:24:13 GMT
x-amz-version-id
.b0zA8RxOwfpjNl2j4d2wHzeRpuyNqVF
last-modified
Thu, 21 Mar 2019 11:20:33 GMT
server
nginx
etag
"27e90aeac3016d243ff2a7b8c02b4cb0"
access-control-allow-methods
GET,POST,PUT,PATCH,OPTIONS,DELETE,HEAD
content-type
image/jpeg
cache-control
max-age=31536000
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
18640
PFO.jpg
static.onetwotrip.com/deals/cities/ 		232 KB
233 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.onetwotrip.com/deals/cities/PFO.jpg
Requested by
Host: www.onetwotrip.com
URL: https://www.onetwotrip.com/de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.83.114.232 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
f96776916ec085687fada7b97c1068e221aed33346c5311ea0203f5f9cf75fdb

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.onetwotrip.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 27 Nov 2023 14:24:13 GMT
x-amz-version-id
bULXJrAIheMlR7W7UQxwRfi.K5Y96MlV
last-modified
Wed, 16 Jan 2019 11:32:30 GMT
server
nginx
etag
"4bc25954d01a8de8cb26efcabf75149e"
access-control-allow-methods
GET,POST,PUT,PATCH,OPTIONS,DELETE,HEAD
content-type
image/jpeg
cache-control
max-age=31536000
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
237685
flight2.jpg
static.onetwotrip.com/deals/cities/default/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.onetwotrip.com/deals/cities/default/flight2.jpg
Requested by
Host: www.onetwotrip.com
URL: https://www.onetwotrip.com/de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.83.114.232 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
e78bff42aad67830b36ca6f1e27a77b2fadb094ac3e22c5fc248ab95bf0c25b2

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.onetwotrip.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 27 Nov 2023 14:24:13 GMT
x-amz-version-id
Yait6.RybJmW78zEIceUdveDruN5jf83
last-modified
Thu, 21 Mar 2019 11:20:33 GMT
server
nginx
etag
"c9dd29fa4be04c2f7f1a5ca690ff2a14"
access-control-allow-methods
GET,POST,PUT,PATCH,OPTIONS,DELETE,HEAD
content-type
image/jpeg
cache-control
max-age=31536000
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
19174
PMI.jpg
static.onetwotrip.com/deals/cities/ 		41 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.onetwotrip.com/deals/cities/PMI.jpg
Requested by
Host: www.onetwotrip.com
URL: https://www.onetwotrip.com/de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.83.114.232 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
fd4e43680838bc3f40f7dcd0faca493a0272519d668132cfb29be6396da65906

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.onetwotrip.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 27 Nov 2023 14:24:13 GMT
x-amz-version-id
Df8OU7Sh1lB5rx6aPkozQyGYx_qjE6sY
last-modified
Wed, 16 Jan 2019 11:32:30 GMT
server
nginx
etag
"8f4e3ee181c018f9555d3521b2b8e54b"
access-control-allow-methods
GET,POST,PUT,PATCH,OPTIONS,DELETE,HEAD
content-type
image/jpeg
cache-control
max-age=31536000
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
42398
flight3.jpg
static.onetwotrip.com/deals/cities/default/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.onetwotrip.com/deals/cities/default/flight3.jpg
Requested by
Host: www.onetwotrip.com
URL: https://www.onetwotrip.com/de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.83.114.232 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
8e6d997a093b4e55c7cfdf41f2d6d0c0f3747a32d294aa3940fbea1ac41d5450

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.onetwotrip.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 27 Nov 2023 14:24:13 GMT
x-amz-version-id
m9wMNLiDp27XmFZYwq.XfIqXys1Z4hmI
last-modified
Thu, 21 Mar 2019 11:20:33 GMT
server
nginx
etag
"e794e7054fda5cfb59f49b4541401765"
access-control-allow-methods
GET,POST,PUT,PATCH,OPTIONS,DELETE,HEAD
content-type
image/jpeg
cache-control
max-age=31536000
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
24824
BEG.jpg
static.onetwotrip.com/deals/cities/ 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.onetwotrip.com/deals/cities/BEG.jpg
Requested by
Host: www.onetwotrip.com
URL: https://www.onetwotrip.com/de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.83.114.232 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
b70019ce46e8156658b6778f3509b9258d000a1e12444da923ebf960f42c36cb

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.onetwotrip.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 27 Nov 2023 14:24:13 GMT
x-amz-version-id
KAXt.51HGvS91147h58y1UoXtM_wnxEg
last-modified
Wed, 16 Jan 2019 11:32:28 GMT
server
nginx
etag
"0cc3aaefd5923ecc8cd97dd6a857bc28"
access-control-allow-methods
GET,POST,PUT,PATCH,OPTIONS,DELETE,HEAD
content-type
image/jpeg
cache-control
max-age=31536000
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
50781
ecommerce.js
www.google-analytics.com/plugins/ua/ 		1 KB
962 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/ecommerce.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:80b::200e Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.onetwotrip.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 27 Nov 2023 13:55:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
1726
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
630
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Mon, 27 Nov 2023 14:55:28 GMT
gtm.js
www.googletagmanager.com/ 		306 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-52MPB4S
Requested by
Host: www.onetwotrip.com
URL: https://www.onetwotrip.com/_spa/index/ottComponents-427f07c83dcba9c13a24.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:809::2008 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4611bdab6ea5df23d5e84ae349c35dc4394773708e820298369aa6b798ccd6a1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.onetwotrip.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 27 Nov 2023 14:24:14 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
89465
x-xss-protection
0
last-modified
Mon, 27 Nov 2023 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 27 Nov 2023 14:24:14 GMT
ns.html
www.googletagmanager.com/ Frame 723E 		270 B
411 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/ns.html?id=GTM-52MPB4S
Requested by
Host: www.onetwotrip.com
URL: https://www.onetwotrip.com/_spa/index/ottComponents-427f07c83dcba9c13a24.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:809::2008 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
746321081f72a20cbaf241e8956b2a6ff1d5e11e0ba11fb572dab1db6c7e5499
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.onetwotrip.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
content-encoding
br
content-length
92
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 27 Nov 2023 14:24:14 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
vary
*
x-xss-protection
0
collect
www.google-analytics.com/j/ 		4 B
211 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1244574864&t=pageview&_s=1&dl=https%3A%2F%2Fwww.onetwotrip.com%2Fde%2F&ul=en-us&de=UTF-8&dt=G%C3%BCnstige%20Flugtickets%20online%20auf%20OneTwoTrip%20kaufen.%20G%C3%BCnstige%20Flugtickets%20kaufen.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAAEIREAAAACAAI~&jid=1099017556&gjid=2104841965&cid=666917903.1701095054&tid=UA-21448683-1&_gid=627702660.1701095054&_r=1&_slc=1&z=162063101
Requested by
Host: www.onetwotrip.com
URL: https://www.onetwotrip.com/_spa/index/191-142401c354d9d287b0c2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:80b::200e Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.onetwotrip.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 27 Nov 2023 14:24:14 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.onetwotrip.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		7 B
354 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-21448683-1&cid=666917903.1701095054&jid=1099017556&gjid=2104841965&_gid=627702660.1701095054&_u=aGBAAEIQEAAAACAAI~&z=86949748
Requested by
Host: www.onetwotrip.com
URL: https://www.onetwotrip.com/_spa/index/191-142401c354d9d287b0c2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c01::9c Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
350a787a722a405da6e1c1c8de24d50a63726bef3d25e8fb020352e60ef35ee2
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.onetwotrip.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Mon, 27 Nov 2023 14:24:15 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.onetwotrip.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-21448683-1&cid=666917903.1701095054&jid=1099017556&_u=aGBAAEIQEAAAACAAI~&z=573005493
Requested by
Host: www.onetwotrip.com
URL: https://www.onetwotrip.com/de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:812::2004 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.onetwotrip.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

pragma
no-cache
date
Mon, 27 Nov 2023 14:24:15 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
addCSPR
www.onetwotrip.com/_api/statistics/ 		2 B
178 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.onetwotrip.com/_api/statistics/addCSPR
Requested by
Host: www.onetwotrip.com
URL: https://www.onetwotrip.com/de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.83.114.232 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.onetwotrip.com/de/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
Content-Type
application/csp-report

Response headers

access-control-allow-origin
https://www.onetwotrip.com
date
Mon, 27 Nov 2023 14:24:15 GMT
access-control-allow-credentials
true
server
nginx
access-control-allow-headers
content-type
ga-audiences
www.google.co.nz/ads/ 		0
0
js
www.googletagmanager.com/gtag/ 		276 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-MLGF1XQGF9&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-52MPB4S
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:809::2008 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6ec843123dcfab05d71b69099039be443ed5b6aa3bc9f1864da83dc821eea725
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.onetwotrip.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 27 Nov 2023 14:24:15 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
92864
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 27 Nov 2023 14:24:15 GMT
js
www.googletagmanager.com/gtag/ 		180 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=DC-11492020
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-52MPB4S
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:809::2008 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
20fa9eca9216c5beabedadbb1259dd14888110272953985662e9a6b40c0be18a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.onetwotrip.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 27 Nov 2023 14:24:15 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
67312
x-xss-protection
0
last-modified
Mon, 27 Nov 2023 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 27 Nov 2023 14:24:15 GMT
code.js
top-fwz1.mail.ru/js/ 		43 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://top-fwz1.mail.ru/js/code.js
Requested by
Host: www.onetwotrip.com
URL: https://www.onetwotrip.com/de/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
top-fwz1.mail.ru
Software
nginx /
Resource Hash
f993515bd3c1005475c548ec02949dd81491e313b0f4127fcf8c138e40f9ee13
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.onetwotrip.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 27 Nov 2023 14:24:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="NOI DSP COR NID CUR PSA OUR NOR"
amp-access-control-allow-source-origin
*
last-modified
Fri, 24 Nov 2023 10:30:37 GMT
server
nginx
accept-ch
DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
etag
W/"65607b4d-ad96"
access-control-allow-methods
GET, POST, HEAD, PUT, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
accept-ch-lifetime
86400
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
max-age=3600, private
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
*
expires
Mon, 27 Nov 2023 15:24:16 GMT
openapi.917ca96d9331f956d945e39706791fde.js
vk.com/dist/public/api/
Redirect Chain
  • https://vk.com/js/api/openapi.js?169
  • https://vk.com/dist/public/api/openapi.917ca96d9331f956d945e39706791fde.js?169
56 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vk.com/dist/public/api/openapi.917ca96d9331f956d945e39706791fde.js?169
Requested by
Host: www.onetwotrip.com
URL: https://www.onetwotrip.com/de/
Protocol
H2
Server
87.240.129.133 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS
srv133-129-240-87.vk.com
Software
kittenx /
Resource Hash
8f5aeba25fd371707e9489cff88d4a714c2e0febc2531e29009f7ecbd2b97f0e

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.onetwotrip.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

x-trace-id
Ydzt27VVgS8AW4zI0SXvLpUw2fbYsA
date
Mon, 27 Nov 2023 14:24:16 GMT
content-encoding
gzip
x-frontend
front609306
last-modified
Mon, 23 Oct 2023 22:26:41 GMT
server
kittenx
etag
W/"6536f321-e147"
content-type
application/x-javascript
access-control-expose-headers
X-Frontend
cache-control
max-age=345600
expires
Fri, 01 Dec 2023 14:24:16 GMT

Redirect headers

x-trace-id
BzfV4Zc1icjqqkMTxsGrwBvoJrepLg
date
Mon, 27 Nov 2023 14:24:16 GMT
content-encoding
gzip
x-frontend
front609306
strict-transport-security
max-age=15768000
server
kittenx
x-powered-by
KPHP/7.4.115104
content-type
text/html; charset=windows-1251
location
/dist/public/api/openapi.917ca96d9331f956d945e39706791fde.js?169
access-control-expose-headers
X-Frontend
cache-control
no-store
content-length
20
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-MLGF1XQGF9&gtm=45je3b81v9100854269z878221194&_p=1701095053974&gcd=11l1l1l1l1&dma=0&cid=666917903.1701095054&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1701095055&sct=1&seg=0&dl=https%3A%2F%2Fwww.onetwotrip.com%2Fde%2F&dt=G%C3%BCnstige%20Flugtickets%20online%20auf%20OneTwoTrip%20kaufen.%20G%C3%BCnstige%20Flugtickets%20kaufen.&en=page_view&_fv=1&_ss=1&ep.reseller=12trip.de&tfd=8586
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MLGF1XQGF9&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4006:80b::200e Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.onetwotrip.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

pragma
no-cache
date
Mon, 27 Nov 2023 14:24:15 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.onetwotrip.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
counter
top-fwz1.mail.ru/ 		43 B
1015 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://top-fwz1.mail.ru/counter?js=13;id=3018730;u=https%3A//www.onetwotrip.com/de/;st=1701095051392;title=G%C3%BCnstige%20Flugtickets%20online%20auf%20OneTwoTrip%20kaufen.%20G%C3%BCnstige%20Flugtickets%20kaufen.;s=1600*1200;vp=1600*1200;touch=0;hds=1;frame=0;sid=ef44f955e9034861;ver=60.3.0;tz=-780%2FPacific%2FAuckland;gl=u;ni=9.4//4g/0/0/;lvid=1701095056616%3A1701095056618%3A1%3A21292f9ffbe3d4f5d4195f6c4ae2830a;opts=dl%2Cjst-gtag-ga%2Cgl%3Du;visible=true;_=0.7352739775686126
Requested by
Host: top-fwz1.mail.ru
URL: https://top-fwz1.mail.ru/js/code.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
top-fwz1.mail.ru
Software
nginx /
Resource Hash
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.onetwotrip.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 27 Nov 2023 14:24:16 GMT
x-content-type-options
nosniff
p3p
CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length
43
pragma
no-cache
amp-access-control-allow-source-origin
https://www.onetwotrip.com
server
nginx
accept-ch
DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods
GET, POST, HEAD, PUT, OPTIONS
content-type
image/gif
access-control-allow-origin
https://www.onetwotrip.com
accept-ch-lifetime
86400
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
private, no-cache, no-store, max-age=0
access-control-allow-credentials
true
timing-allow-origin
https://www.onetwotrip.com
access-control-allow-headers
*
dyn-goal-config.js
top-fwz1.mail.ru/js/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://top-fwz1.mail.ru/js/dyn-goal-config.js?ids=3018730
Requested by
Host: top-fwz1.mail.ru
URL: https://top-fwz1.mail.ru/js/code.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
top-fwz1.mail.ru
Software
nginx /
Resource Hash
489b36c66d89d768b386541c192b3e8e00f5f562236f2e89834fe8269a6e2797
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.onetwotrip.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 27 Nov 2023 14:24:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="NOI DSP COR NID CUR PSA OUR NOR"
amp-access-control-allow-source-origin
*
server
nginx
accept-ch
DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods
GET, POST, HEAD, PUT, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
accept-ch-lifetime
86400
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
max-age=3600, private
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
*
expires
Mon, 27 Nov 2023 15:24:16 GMT
CookiePolicy-83b982b301cf73958342.js
www.onetwotrip.com/_spa/index/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.onetwotrip.com/_spa/index/CookiePolicy-83b982b301cf73958342.js
Requested by
Host: www.onetwotrip.com
URL: https://www.onetwotrip.com/_spa/index/runtime-66b505a7df96f97aff52.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.83.114.232 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
1479e3a6ec88999e1c276239ef28cd43abfc63a9a8f0715b5713c42d43538a2f

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.onetwotrip.com/de/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

pragma
public
date
Mon, 27 Nov 2023 14:24:17 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800, public
expires
Mon, 04 Dec 2023 14:24:17 GMT
gpt.js
www.googletagservices.com/tag/js/ 		100 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.onetwotrip.com
URL: https://www.onetwotrip.com/_spa/index/ottComponents-427f07c83dcba9c13a24.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:809::2002 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f20f233fd44006809f53d183c800fdfc22ec8eff5798334dc739fc53e68f447f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.onetwotrip.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 27 Nov 2023 14:24:17 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31375
x-xss-protection
0
server
cafe
etag
89 / 19688 / m202311090101 / config-hash: 16204867678510254442
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 27 Nov 2023 14:24:17 GMT
rtrg
vk.com/ 		49 B
572 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vk.com/rtrg?p=VK-RTRG-236912-46QvE&metatag_url=https%3A%2F%2Fwww.onetwotrip.com%2Fde%2F&metatag_title=G%C3%BCnstige%20Flugtickets%20online%20auf%20OneTwoTrip%20kaufen.%20G%C3%BCnstige%20Flugtickets%20kaufen.
Requested by
Host: www.onetwotrip.com
URL: https://www.onetwotrip.com/de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.240.129.133 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS
srv133-129-240-87.vk.com
Software
kittenx / KPHP/7.4.115104
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.onetwotrip.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

x-trace-id
kzkLvOtFLFIUe8_r6rmUWwZsi3k5Wg
date
Mon, 27 Nov 2023 14:24:17 GMT
content-encoding
gzip
x-frontend
front609306
strict-transport-security
max-age=15768000
server
kittenx
x-powered-by
KPHP/7.4.115104
content-type
image/gif
access-control-expose-headers
X-Frontend
cache-control
no-store
content-length
65
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/ 		429 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:811::2002 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b04dfae5d49297b8b6a514bd8bf1c7bea7ebe622232401a5abed5a92809a2b66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.onetwotrip.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 26 Nov 2023 18:14:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
72559
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137535
x-xss-protection
0
server
cafe
etag
18342593356503948095
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Mon, 25 Nov 2024 18:14:59 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		695 B
722 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2581855090204423&correlator=552520981745265&eid=31079527&output=ldjh&gdfp_req=1&vrg=202311090101&ptt=17&impl=fifs&iu_parts=21734590017%2CApp_Download&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50&fluid=height&ifi=1&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1701095059254&lmt=1701095059&adxs=0&adys=0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=780&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.onetwotrip.com%2Fde%2F&vis=1&psz=1600x0&msz=1600x0&fws=0&ohw=0&ga_vid=666917903.1701095054&ga_sid=1701095059&ga_hid=1244574864&ga_fc=true&dlt=1701095050051&idt=9180&cust_params=lang%3Dlang_de%26userstatus%3Duserstatus_guest%26source%3Dsource_12trip.de&adks=123472527&frm=20
Requested by
Host: www.onetwotrip.com
URL: https://www.onetwotrip.com/_spa/index/191-142401c354d9d287b0c2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:811::2002 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
91c2011d730763cff21d6ec4814e6053e9f4bc33312a11b9628860858db2ac56
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.onetwotrip.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 27 Nov 2023 14:24:19 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
348
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.onetwotrip.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
039da27185bae8b9fd78373390e0a57c.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D177 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://039da27185bae8b9fd78373390e0a57c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:812::2001 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.onetwotrip.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 27 Nov 2023 14:24:19 GMT
expires
Tue, 26 Nov 2024 14:24:19 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202311090101&st=env
Requested by
Host: www.onetwotrip.com
URL: https://www.onetwotrip.com/_spa/index/191-142401c354d9d287b0c2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:814::2002 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ae5f1109b379e4e64756088570f4890e89f10c072422c28985faba3ad8309f3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.onetwotrip.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 27 Nov 2023 14:24:20 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12212
x-xss-protection
0
tracker
top-fwz1.mail.ru/ 		43 B
929 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://top-fwz1.mail.ru/tracker?js=13;id=3018730;u=https%3A//www.onetwotrip.com/de/;st=1701095051392;title=G%C3%BCnstige%20Flugtickets%20online%20auf%20OneTwoTrip%20kaufen.%20G%C3%BCnstige%20Flugtickets%20kaufen.;s=1600*1200;vp=1600*1200;touch=0;hds=1;frame=0;sid=ef44f955e9034861;ver=60.3.0;tz=-780%2FPacific%2FAuckland;nt=0/0/1701095047133/////1300/1933/1933/1933/2558/2244/2559/2913/3225/2918/4259/5916/5916/12905/12905/12906;gl=u;ni=9.4//4g/0/0/;detect=0;lvid=1701095056616%3A1701095060041%3A2%3A21292f9ffbe3d4f5d4195f6c4ae2830a;opts=dl%2Cjst-gtag-ga-vk%2Cgl%3Dp;visible=true;_=0.7031978894156805;e=RT/load;et=1701095060040
Requested by
Host: top-fwz1.mail.ru
URL: https://top-fwz1.mail.ru/js/code.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
top-fwz1.mail.ru
Software
nginx /
Resource Hash
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.onetwotrip.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 27 Nov 2023 14:24:21 GMT
x-content-type-options
nosniff
p3p
CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length
43
pragma
no-cache
amp-access-control-allow-source-origin
https://www.onetwotrip.com
server
nginx
accept-ch
DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods
GET, POST, HEAD, PUT, OPTIONS
content-type
image/gif
access-control-allow-origin
https://www.onetwotrip.com
accept-ch-lifetime
86400
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
private, no-cache, no-store, max-age=0
access-control-allow-credentials
true
timing-allow-origin
https://www.onetwotrip.com
access-control-allow-headers
*
usage.gif
usage.trackjs.com/ 		43 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usage.trackjs.com/usage.gif?token=9434784669a9411185e8a512654b173a&correlationId=3da5d7f5-0292-4a00-9f47-6cc93cbfab43&application=index&x=799b8700-9638-451e-b6f0-f81609fbf66a&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
167.114.119.127 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.onetwotrip.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

Date
Mon, 27 Nov 2023 14:24:21 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:814::2001 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.onetwotrip.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 27 Nov 2023 14:24:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 27 Nov 2023 14:24:21 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7C18 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:814::2001 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.onetwotrip.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
91687
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 26 Nov 2023 12:56:14 GMT
expires
Mon, 25 Nov 2024 12:56:14 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 7CB4 		829 B
987 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:812::2004 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
497accef6b90d458f445557fd40dff15f1be045dd06f168f57fd440313671fe4
Security Headers
Name Value
Content-Security-Policy script-src 'nonce-GBWZ1We7sj9NLPW552Xhxg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'self';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.onetwotrip.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'nonce-GBWZ1We7sj9NLPW552Xhxg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'self';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 27 Nov 2023 14:24:22 GMT
expires
Mon, 27 Nov 2023 14:24:22 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame 7C18 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4006:814::2002 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 26 Nov 2023 07:42:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
110537
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15296
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 25 Nov 2024 07:42:05 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 7CB4 		0
0
generate_204
tpc.googlesyndication.com/ Frame 7C18 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
app.splitmetrics.com
URL
https://app.splitmetrics.com/smart-banners/4QRdDPv9A3Axj4rmB8VeNo/data
Domain
www.google.co.nz
URL
https://www.google.co.nz/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-21448683-1&cid=666917903.1701095054&jid=1099017556&_u=aGBAAEIQEAAAACAAI~&z=573005493
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202311090101&jk=2581855090204423&rc=
Domain
tpc.googlesyndication.com
URL
https://tpc.googlesyndication.com/generate_204?IHVFDg

Verdicts & Comments Add Verdict or Comment

50 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| documentPictureInPicture function| loadCSS object| __l10n object| preloadedState object| webpackChunkfront_index object| regeneratorRuntime object| _trackJs function| _ object| Base64 object| fastdom object| store object| _ottFormsReady string| GoogleAnalyticsObject function| ga object| trackJs object| SPM_I18N object| SENTRY_RELEASE function| __ boolean| SM_SMART_BANNER string| __LANDING__ string| 0d081d0c object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| dataLayer object| google_tag_manager object| _tmr function| gtag function| onYouTubeIframeAPIReady boolean| IS_CLIENT_SIDE boolean| IS_ANDROID_WEBVIEW boolean| IS_IOS_WEBVIEW boolean| IS_WEB undefined| androidBridge undefined| iosBridge function| _bridgeSend function| _bridgeSupports boolean| IS_BRIDGE_AVAILABLE function| obj2qs object| fastXDM object| VK object| googletag object| ggeac object| google_js_reporting_queue undefined| google_measure_js_timing number| google_unique_id object| GoogleGcLKhOms

20 Cookies

Domain/Path Name / Value
www.onetwotrip.com/ Name: referrer_first
Value: 12trip.de
www.onetwotrip.com/ Name: referrer_hist
Value: 12trip.de
www.onetwotrip.com/ Name: referrer
Value: 12trip.de
www.onetwotrip.com/ Name: accept_language
Value: de
www.onetwotrip.com/ Name: abst
Value: test_b,b03_b
www.onetwotrip.com/ Name: vid
Value: 3af48533-02c9-469a-973c-516753e7ed1e
.onetwotrip.com/ Name: _gid
Value: GA1.2.627702660.1701095054
static.onetwotrip.com/ Name: ENVID
Value: production-a|ZWSmk
.onetwotrip.com/ Name: _gat
Value: 1
.onetwotrip.com/ Name: _gcl_au
Value: 1.1.1518054967.1701095055
.onetwotrip.com/ Name: _ga_MLGF1XQGF9
Value: GS1.1.1701095055.1.0.1701095055.0.0.0
.onetwotrip.com/ Name: _ga
Value: GA1.1.666917903.1701095054
.onetwotrip.com/ Name: tmr_lvid
Value: 21292f9ffbe3d4f5d4195f6c4ae2830a
.onetwotrip.com/ Name: tmr_lvidTS
Value: 1701095056616
.mail.ru/ Name: VID
Value: 0AjdCg1JFm2L00001428XCYL:::0-0-0-a7eff50-0:CAASEHR-PC05ug8RdZQDqw10GVEaYKWxqTL5jnD0dXdTu8OhGvUZ6IzJJM7I9j_0O6s4d-5UpezdtEN2ZC-9m1i004tsEeknr_viBTjTzuOLVAHa3No3p4OMruweR_ck31EHv1ZjgfvQPctPC_tSXr3uEkuEFw
www.onetwotrip.com/ Name: ENVID
Value: production-a|ZWSml
www.onetwotrip.com/ Name: tmr_detect
Value: 0%7C1701095058883
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.onetwotrip.com/ Name: __gads
Value: ID=7038be3500e9d9f4:T=1701095059:RT=1701095059:S=ALNI_MbD6be3gZzHseJkE4XMbIE_OwcLdQ
.onetwotrip.com/ Name: __gpi
Value: UID=00000c9ae4b4dde3:T=1701095059:RT=1701095059:S=ALNI_MbUeHj3Yo2yCfTGU0kwwkKbEl-9HA

3 Console Messages

Source Level URL
Text
javascript error URL: https://www.onetwotrip.com/de/
Message:
Access to XMLHttpRequest at 'https://app.splitmetrics.com/smart-banners/4QRdDPv9A3Axj4rmB8VeNo/data' from origin 'https://www.onetwotrip.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://app.splitmetrics.com/smart-banners/4QRdDPv9A3Axj4rmB8VeNo/data
Message:
Failed to load resource: net::ERR_FAILED
security error URL: https://www.onetwotrip.com/de/
Message:
Refused to load the image 'https://www.google.co.nz/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-21448683-1&cid=666917903.1701095054&jid=1099017556&_u=aGBAAEIQEAAAACAAI~&z=573005493' because it violates the following Content Security Policy directive: "img-src data: https://pagead2.googlesyndication.com https://click.topturizm.ru https://d2ttnongggltje.cloudfront.net https://top-fwz1.mail.ru https://onesignal.com https://*.onesignal.com https://matchid.adfox.yandex.ru https://*.adfox.ru http://banners.adfox.ru https://hexagon-analytics.com https://*.g.doubleclick.net https://s.youtube.com https://www.kayak.com https://*.facebook.com https://*.clicktripz.com https://*.amazonaws.com https://*.gstatic.com https://*.googleapis.com https://img.twiket.cfafom.ua https://media.expedia.com https://www.google-analytics.com https://servedbyadbutler.com https://b.siftscience.com https://usage.trackjs.com https://*.amadeus.com https://*.onetwotrip.com https://*.google.com https://www.google.ru https://ads.otthyper.com https://*.rackcdn.com https://*.mapbox.com https://*.bstatic.com https://img.twiket.com.ua https://cdn.cartrawler.com https://www.tcsbank.ru https://level.travel https://*.4sqi.net https://d2f9dw3b0opbul.cloudfront.net https://www.sixt.de https://*.olt.su https://s3.level.travel https://static.europcar.com https://*.vk.com https://vk.com https://an.yandex.ru https://tpc.googlesyndication.com https://www.google.com.ua https://ad.mail.ru https://mc.yandex.ru https://*.googleusercontent.com 'self'".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://*.safeframe.googlesyndication.com 'self'; img-src data: https://pagead2.googlesyndication.com https://click.topturizm.ru https://d2ttnongggltje.cloudfront.net https://top-fwz1.mail.ru https://onesignal.com https://*.onesignal.com https://matchid.adfox.yandex.ru https://*.adfox.ru http://banners.adfox.ru https://hexagon-analytics.com https://*.g.doubleclick.net https://s.youtube.com https://www.kayak.com https://*.facebook.com https://*.clicktripz.com https://*.amazonaws.com https://*.gstatic.com https://*.googleapis.com https://img.twiket.cfafom.ua https://media.expedia.com https://www.google-analytics.com https://servedbyadbutler.com https://b.siftscience.com https://usage.trackjs.com https://*.amadeus.com https://*.onetwotrip.com https://*.google.com https://www.google.ru https://ads.otthyper.com https://*.rackcdn.com https://*.mapbox.com https://*.bstatic.com https://img.twiket.com.ua https://cdn.cartrawler.com https://www.tcsbank.ru https://level.travel https://*.4sqi.net https://d2f9dw3b0opbul.cloudfront.net https://www.sixt.de https://*.olt.su https://s3.level.travel https://static.europcar.com https://*.vk.com https://vk.com https://an.yandex.ru https://tpc.googlesyndication.com https://www.google.com.ua https://ad.mail.ru https://mc.yandex.ru https://*.googleusercontent.com 'self'; script-src https://*.googletagmanager.com https://cdn.polyfill.io https://partner.tophotels.ru https://banners.adfox.ru https://top-fwz1.mail.ru https://onesignal.com https://*.onesignal.com https://*.doubleclick.net https://*.clicktripz.com https://matchid.adfox.yandex.ru https://ads.adfox.ru https://npmcdn.com https://connect.mail.ru https://static.olark.com https://*.gstatic.com https://www.odnoklassniki.ru https://connect.ok.ru https://*.facebook.net https://*.facebook.com https://*.amazonaws.com https://*.googleapis.com https://*.addthis.com https://yastatic.net https://*.criteo.com https://static.criteo.net https://*.google.com https://*.google.com.ua https://www.googleadservices.com https://*.otthyper.com https://www.google-analytics.com https://www.googletagservices.com https://adservice.google.ru https://cdn.ampproject.org https://*.googlesyndication.com https://*.onetwotrip.com https://vk.com https://www.tns.counter.ru https://bs.serving-sys.com https://adriver.ru https://gemius.pl https://weborama.com https://*.splitmetrics.com https://dalusewymm5m7.cloudfront.net https://*.googletagmanager.com.ua https://*.googletagmanager.de https://adservice.google.com https://js.crypto.com https://*.bridgerpay.com https://*.googleusercontent.com https://mc.yandex.ru 'self' 'unsafe-inline' 'unsafe-eval'; frame-src https: ; connect-src https://pagead2.googlesyndication.com https://*.g.doubleclick.net https://csi.gstatic.com https://ads.adfox.ru https://translate.yandex.net https://servedbyadbutler.com https://*.onetwotrip.com https://ads.otthyper.com https://capture.trackjs.com https://*.youtube.com https://www.google-analytics.com https://www.tcsbank.ru https://connect.mail.ru https://onesignal.com https://*.onesignal.com https://*.blablacar.com https://*.clicktripz.com https://top-fwz1.mail.ru https://*.splitmetrics.com wss://*.onetwotrip.com https://tpc.googlesyndication.com https://*.googleapis.com https://*.google.com https://*.gstatic.com https://mc.yandex.ru 'self'; style-src https://tagmanager.google.com https://partner.tophotels.ru https://npmcdn.com https://*.amazonaws.com https://*.googleapis.com https://onesignal.com https://*.onesignal.com https://*.facebook.com https://partner.onetwotrip.com https://*.googletagmanager.com.ua https://*.googletagmanager.de https://www.google-analytics.com https://fonts.googleapis.com 'self' 'unsafe-inline'; font-src https://static.onetwotrip.com https://fonts.gstatic.com https://partner.onetwotrip.com https://fonts.googleapis.com 'self' data: ; form-action *; report-uri https://www.onetwotrip.com/_api/statistics/addCSPR; object-src https://ott-static.s3.eu-central-1.amazonaws.com; frame-ancestors https://*.onetwotrip.com https://vk.com https://*.vk.com https://trvl.spasibosberbank.travel 'self';

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

039da27185bae8b9fd78373390e0a57c.safeframe.googlesyndication.com
app.splitmetrics.com
dalusewymm5m7.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
one-two-trip.de
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
static.onetwotrip.com
stats.g.doubleclick.net
top-fwz1.mail.ru
tpc.googlesyndication.com
usage.trackjs.com
vk.com
www.google-analytics.com
www.google.co.nz
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.onetwotrip.com
app.splitmetrics.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
www.google.co.nz
151.236.222.5
167.114.119.127
18.67.101.103
23.83.114.232
2404:6800:4003:c01::9c
2404:6800:4006:809::2002
2404:6800:4006:809::2003
2404:6800:4006:809::2008
2404:6800:4006:80a::200a
2404:6800:4006:80b::200e
2404:6800:4006:811::2002
2404:6800:4006:812::2001
2404:6800:4006:812::2004
2404:6800:4006:814::2001
2404:6800:4006:814::2002
87.240.129.133
95.163.52.67
07edeb4ce7dd47cbfe83cce11ca5c6a041f8666b3bb803a0b0ef220dea1b9032
0ce611a5d2eb9164162f5fa1575bf0633771ebca1ffcd3e32b9e5868941886bb
0f53e8b0a717ca4ce313eec62b90d41db62c2f4946259a65c93bf8e84c5b0c44
13a3b4d384ecb158c609ad6430a7e759bdb56013943472a2d2b31cff45119a09
1479e3a6ec88999e1c276239ef28cd43abfc63a9a8f0715b5713c42d43538a2f
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
20fa9eca9216c5beabedadbb1259dd14888110272953985662e9a6b40c0be18a
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
270092d4efd43b6a39ac21693cf95c0284acab6d95d53882d44a7c7e42753075
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
350a787a722a405da6e1c1c8de24d50a63726bef3d25e8fb020352e60ef35ee2
3a08311da5c972ffb7bc14b6a1b6f0f1e706ae09c2356b1538b07b73b0d753a5
3b71e0e58bd791f28c76ffe839b21bdec2be3821d88c5bfa2e5bcc9b6961977d
4611bdab6ea5df23d5e84ae349c35dc4394773708e820298369aa6b798ccd6a1
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
485e6a2c590031b4dcac8d336fb373fdfc352c657d65e4c2d96f6e7168d049c1
488f8d2d5598bb466a28c71a5e38d80837f71f2f79d88ad5fc64dd253570f048
489b36c66d89d768b386541c192b3e8e00f5f562236f2e89834fe8269a6e2797
497accef6b90d458f445557fd40dff15f1be045dd06f168f57fd440313671fe4
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
607c4a8dbf8dcfc28dbab421e841bdd904a3faccc3bc60f7c50e2611b527af90
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6a927e779a3a334646fe055ac863a4c6aee438fc1dcfe8e6493b937459bcc3a8
6ec843123dcfab05d71b69099039be443ed5b6aa3bc9f1864da83dc821eea725
746321081f72a20cbaf241e8956b2a6ff1d5e11e0ba11fb572dab1db6c7e5499
796de064b8d80eba7ccacb8ba67d77fdbcdf4b385c844645d452c24537b3108f
896731375347e341b7bb4dad90c28ada18e5bf39a3e076063d410306a59daab4
8c41fb81e5a269549cb58a685c6986dd79a1a446c92ca0293c0d885edf04c9f7
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
8e6d997a093b4e55c7cfdf41f2d6d0c0f3747a32d294aa3940fbea1ac41d5450
8f5aeba25fd371707e9489cff88d4a714c2e0febc2531e29009f7ecbd2b97f0e
91c2011d730763cff21d6ec4814e6053e9f4bc33312a11b9628860858db2ac56
a72128cf1e396fc89f15580c4057e72ebab6debaa732848c964f9a4f7d36c623
ae5f1109b379e4e64756088570f4890e89f10c072422c28985faba3ad8309f3d
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b04dfae5d49297b8b6a514bd8bf1c7bea7ebe622232401a5abed5a92809a2b66
b19a06cfc576f76480e07494b9ab521fb487da664750fef52b9927e4dfd36ee5
b496183e3e0c2cf9758f69dbd47b9e5101b6ce7965e1f5404373a712c4e1960c
b70019ce46e8156658b6778f3509b9258d000a1e12444da923ebf960f42c36cb
b7419bf4c1e8bc93819cb1e863def8719a03f28e421aa6f2acf2ec9bbc14d3e5
b79529103ca4ab01b7cb0d6414facfd41423ca10a9e9eb0b49de15f9e8df2a0c
bce2f309470952b7affa62ff4d91b454334c68cefa541429b502904d20696875
c2ae31c70e4df8f8e56465239edb087cd4d0a780201403a3a65039ae5582fc2c
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d258bf4633fd25bf7e19649187f4436b014606e63a65d14dd33867a64bd76442
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e0032d0088e4a5202e98801ca231ed7085b7d01b25ea9d712e93ae57332bbfcb
e0b0558210450f65ad9916c83ef54e8b23877bc38b0c486dfecd3fbd92005ae3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e78bff42aad67830b36ca6f1e27a77b2fadb094ac3e22c5fc248ab95bf0c25b2
eda5f68e05082da9996dbc1d0682d718d8cf0e464783918d6b84d5823850f8d6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f20f233fd44006809f53d183c800fdfc22ec8eff5798334dc739fc53e68f447f
f96776916ec085687fada7b97c1068e221aed33346c5311ea0203f5f9cf75fdb
f993515bd3c1005475c548ec02949dd81491e313b0f4127fcf8c138e40f9ee13
fd4e43680838bc3f40f7dcd0faca493a0272519d668132cfb29be6396da65906
ffa44ae8dd161650f21b19594c607bb93ae88eebc049b325016c408ae60a3895