urlscan.io logo urlscan.io
SecurityTrails logo

account-production-legacy.travelnest.com Open in urlscan Pro
13.32.121.30  Public Scan

Go To Rescan Add Verdict Report
URL: https://account-production-legacy.travelnest.com/
Submission: On July 02 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 24 IPs in 4 countries across 18 domains to perform 60 HTTP transactions. The main IP is 13.32.121.30, located in United States and belongs to AMAZON-02, US. The main domain is account-production-legacy.travelnest.com.
TLS certificate: Issued by Amazon RSA 2048 M02 on June 27th 2024. Valid for: a year.
This is the only time account-production-legacy.travelnest.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
8 13.32.121.30 16509 (AMAZON-02)
3 172.67.69.47 13335 (CLOUDFLAR...)
2 3.75.18.74 16509 (AMAZON-02)
2 104.17.24.14 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
2 18.158.184.10 16509 (AMAZON-02)
2 35.201.112.186 396982 (GOOGLE-CL...)
8 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2a02:26f0:480... 20940 (AKAMAI-ASN1)
2 2a03:2880:f08... 32934 (FACEBOOK)
2 20.75.106.146 8075 (MICROSOFT...)
5 23.36.162.223 20940 (AKAMAI-ASN1)
2 2a00:1450:400... 15169 (GOOGLE)
1 3 2620:1ec:21::14 8068 (MICROSOFT...)
2 99.81.164.152 16509 (AMAZON-02)
1 13.107.42.14 8068 (MICROSOFT...)
4 35.186.194.58 15169 (GOOGLE)
2 2a03:2880:f17... 32934 (FACEBOOK)
1 2602:816:5001... 54113 (FASTLY)
1 185.221.87.23 54113 (FASTLY)
1 18.244.155.83 16509 (AMAZON-02)
1 142.250.184.194 15169 (GOOGLE)
2 2001:4860:480... 15169 (GOOGLE)
60 24
8    13.32.121.30 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-30.fra60.r.cloudfront.net
account-production-legacy.travelnest.com
3    172.67.69.47 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.popt.in
display.popt.in
2    3.75.18.74 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-18-74.eu-central-1.compute.amazonaws.com
travelnest.freshchat.com
2    104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
3    2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    18.158.184.10 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-184-10.eu-central-1.compute.amazonaws.com
travelnest.freshchat.com
2    35.201.112.186 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.112.201.35.bc.googleusercontent.com
edge.fullstory.com
8    2606:4700:10::6816:3a5b (United States)

ASN13335 (CLOUDFLARENET, US)
cdn-cookieyes.com
1    2a02:26f0:480:15::213:7e63 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
snap.licdn.com
2    2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    20.75.106.146 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
travelnest.referralrock.com
5    23.36.162.223 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-36-162-223.deploy.static.akamaitechnologies.com
analytics.tiktok.com
2    2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
2    99.81.164.152 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-81-164-152.eu-west-1.compute.amazonaws.com
log.cookieyes.com
1    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px4.ads.linkedin.com
4    35.186.194.58 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 58.194.186.35.bc.googleusercontent.com
rs.fullstory.com
2    2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2602:816:5001::39 (United States)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
1    185.221.87.23 (Ireland)

ASN54113 (FASTLY, US)
bam.eu01.nr-data.net
1    18.244.155.83 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-244-155-83.lhr50.r.cloudfront.net
wwwtravelnestcom.eu.webpush.freshchat.com
1    142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net
pagead2.googlesyndication.com
2    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
Apex Domain
Subdomains		 Transfer
8 cdn-cookieyes.com
cdn-cookieyes.com — Cisco Umbrella Rank: 8844
80 KB
8 travelnest.com
account-production-legacy.travelnest.com
3 MB
6 fullstory.com
edge.fullstory.com — Cisco Umbrella Rank: 2394
rs.fullstory.com — Cisco Umbrella Rank: 2203
80 KB
5 tiktok.com
analytics.tiktok.com — Cisco Umbrella Rank: 787
142 KB
5 freshchat.com
travelnest.freshchat.com
wwwtravelnestcom.eu.webpush.freshchat.com
24 KB
4 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 360
px4.ads.linkedin.com — Cisco Umbrella Rank: 6416
3 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 71
region1.google-analytics.com — Cisco Umbrella Rank: 2355
21 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 81
305 KB
3 popt.in
cdn.popt.in — Cisco Umbrella Rank: 32511
display.popt.in — Cisco Umbrella Rank: 32346
58 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 114
4 KB
2 cookieyes.com
log.cookieyes.com — Cisco Umbrella Rank: 9784
305 B
2 referralrock.com
travelnest.referralrock.com
8 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 204
73 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 268
28 KB
1 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 137
64 B
1 nr-data.net
bam.eu01.nr-data.net — Cisco Umbrella Rank: 10833
1 newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 900
15 KB
1 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 902
14 KB
60 18
Domain Requested by
8 cdn-cookieyes.com account-production-legacy.travelnest.com
8 account-production-legacy.travelnest.com account-production-legacy.travelnest.com
5 analytics.tiktok.com account-production-legacy.travelnest.com
analytics.tiktok.com
4 rs.fullstory.com account-production-legacy.travelnest.com
4 travelnest.freshchat.com account-production-legacy.travelnest.com
travelnest.freshchat.com
3 px.ads.linkedin.com 1 redirects account-production-legacy.travelnest.com
3 www.googletagmanager.com account-production-legacy.travelnest.com
2 region1.google-analytics.com account-production-legacy.travelnest.com
2 www.facebook.com account-production-legacy.travelnest.com
2 log.cookieyes.com cdn-cookieyes.com
2 www.google-analytics.com account-production-legacy.travelnest.com
2 travelnest.referralrock.com account-production-legacy.travelnest.com
2 connect.facebook.net account-production-legacy.travelnest.com
2 edge.fullstory.com account-production-legacy.travelnest.com
2 display.popt.in account-production-legacy.travelnest.com
2 cdnjs.cloudflare.com account-production-legacy.travelnest.com
1 pagead2.googlesyndication.com www.googletagmanager.com
1 wwwtravelnestcom.eu.webpush.freshchat.com account-production-legacy.travelnest.com
1 bam.eu01.nr-data.net account-production-legacy.travelnest.com
1 js-agent.newrelic.com account-production-legacy.travelnest.com
1 px4.ads.linkedin.com account-production-legacy.travelnest.com
1 snap.licdn.com account-production-legacy.travelnest.com
1 cdn.popt.in account-production-legacy.travelnest.com
60 23

This site contains links to these domains. Also see Links.

Domain
www.cookieyes.com
travelnest.freshdesk.com
Subject Issuer Validity Valid
account-production-legacy.travelnest.com
Amazon RSA 2048 M02		 2024-06-27 -
2025-07-27		 a year crt.sh
popt.in
E1		 2024-05-05 -
2024-08-03		 3 months crt.sh
*.freshchat.com
Amazon RSA 2048 M02		 2023-12-17 -
2025-01-14		 a year crt.sh
cdnjs.cloudflare.com
E1		 2024-06-02 -
2024-08-31		 3 months crt.sh
*.google-analytics.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
edge.fullstory.com
WR3		 2024-06-28 -
2024-09-27		 3 months crt.sh
cdn-cookieyes.com
GTS CA 1P5		 2024-05-27 -
2024-08-25		 3 months crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA		 2023-12-13 -
2024-12-12		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-04-10 -
2024-07-09		 3 months crt.sh
*.referralrock.com
R3		 2024-04-29 -
2024-07-28		 3 months crt.sh
*.tiktok.com
RapidSSL ECC CA 2018		 2023-07-14 -
2024-08-13		 a year crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA		 2024-07-01 -
2025-01-01		 6 months crt.sh
log.cookieyes.com
Amazon RSA 2048 M02		 2024-03-26 -
2025-04-25		 a year crt.sh
rs.fullstory.com
WR3		 2024-06-29 -
2024-09-27		 3 months crt.sh
js-agent.newrelic.com
GlobalSign Atlas R3 DV TLS CA 2024 Q1		 2024-03-21 -
2025-04-22		 a year crt.sh
*.eu01.nr-data.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-11-03 -
2024-10-01		 a year crt.sh
*.eu.freshchat.com
Amazon RSA 2048 M03		 2024-06-12 -
2025-07-11		 a year crt.sh
*.g.doubleclick.net
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh

This page contains 5 frames:

Primary Page: https://account-production-legacy.travelnest.com/
Frame ID: 66BDE5FCD985B633EA1D5FE8B088F401
Requests: 58 HTTP requests in this frame

Frame: https://travelnest.freshchat.com/widget/config_iframe.html?host=https://travelnest.freshchat.com&token=c1ddea69-6846-4c71-8793-c1a9280a69e5&origin=https://account-production-legacy.travelnest.com&widgetUuid=a065873e-020f-44e8-8f65-7d3aba9e422d
Frame ID: 2417FAB0C67DFAC37A3FC4D97EC515DC
Requests: 1 HTTP requests in this frame

Frame: https://travelnest.freshchat.com/widget/?token=c1ddea69-6846-4c71-8793-c1a9280a69e5&referrer=aHR0cHM6Ly9hY2NvdW50LXByb2R1Y3Rpb24tbGVnYWN5LnRyYXZlbG5lc3QuY29t&widgetUuid=a065873e-020f-44e8-8f65-7d3aba9e422d&eagerLoad=true
Frame ID: C3ACF36F74B2D9CBF63054F9E0A80DD4
Requests: 1 HTTP requests in this frame

Frame: https://travelnest.referralrock.com/externaltrack/?pageTitle=Travelnest&scriptv=https%3A%2F%2Ftravelnest.referralrock.com%2Fsdk%2Freferral.js%3F05-10-21&transactionKey=b947e362-1da9-4022-8243-ff31bf5e3b47&sourceURL=https%3A%2F%2Faccount-production-legacy.travelnest.com%2Flogin%2Femail
Frame ID: DD4E970D750D5CBA30CB165EA7A26ACE
Requests: 1 HTTP requests in this frame

Frame: https://wwwtravelnestcom.eu.webpush.freshchat.com/index.html?ref=aHR0cHM6Ly9hY2NvdW50LXByb2R1Y3Rpb24tbGVnYWN5LnRyYXZlbG5lc3QuY29t
Frame ID: 3FE44625ECA2970288E51A0A23AF5168
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Travelnest

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

60
Requests

97 %
HTTPS

39 %
IPv6

18
Domains

23
Subdomains

24
IPs

4
Countries

4082 kB
Transfer

12863 kB
Size

6
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 30
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1440897&time=1719923108800&conversionId=16927169&url=https%3A%2F%2Faccount-production-legacy.travelnest.com%2Flogin%2Femail&tm=gtmv2 HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1440897&time=1719923108800&conversionId=16927169&url=https%3A%2F%2Faccount-production-legacy.travelnest.com%2Flogin%2Femail&tm=gtmv2&e_ipv6=AQKaFAQQaNbGmQAAAZBzZ-xlvKziotfO152y45LqOBPfvij4MzQr5QWO56Mzca2aF2SN_431

60 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
account-production-legacy.travelnest.com/ 		35 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://account-production-legacy.travelnest.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-30.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a652363c37efe5b0d60b9d1ee1c584e194e4c8e78450727cb1fea93d0e74eb2a
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

age
8116
content-encoding
gzip
content-type
text/html
date
Tue, 02 Jul 2024 10:13:28 GMT
etag
W/"f4e6b5045b13e2043767400800bc1073"
last-modified
Wed, 19 Jun 2024 11:06:26 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 00746b020527dcdbeca0dab6f6de299a.cloudfront.net (CloudFront)
x-amz-cf-id
u34VlxBPdGGAC-zQAN1qXn85619tk-dEkxm9EGynOXurRKUOqY6Qbw==
x-amz-cf-pop
FRA60-P1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-frame-options
SAMEORIGIN
pixel.js
cdn.popt.in/ 		228 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.popt.in/pixel.js?id=3ee6992f7f9a6
Requested by
Host: account-production-legacy.travelnest.com
URL: https://account-production-legacy.travelnest.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.69.47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b1334c8028eb18cd43edaedb5c612f6997c679730cdcf39fff077d3d8565c42

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://account-production-legacy.travelnest.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 12:25:07 GMT
x-amz-version-id
kSPe4XR0UYf0WO8_zQywW.GbVrpduudG
content-encoding
gzip
cf-cache-status
HIT
via
1.1 f89ae7540cfd7be6febf2f3e1ef03e18.cloudfront.net (CloudFront)
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
AMS1-P1
age
606
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 02 Jul 2024 12:14:57 GMT
server
cloudflare
etag
W/"cc539dfe3d3d4e03c7d3fe1e39eca91b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y5wzjuhlQbFUSz159CsIKVbA2PRFrCp8wvuxses4KJqwlgLg6uY7UX6zUtgAmiwpx9gMq0NJ5CkAE%2FO7OGUn%2BZefZOZJzARC45XdQvrGocuEfl%2FIfEkh%2BRkVCmhDOw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=1800
cf-ray
89ce9ddad8a29b86-FRA
x-amz-cf-id
LtmTgmdwcYZl0CG-5FPjcJ04bavjZeo6weZrnGXCWDqYhuZcluFuQw==
widget.js
travelnest.freshchat.com/js/ 		67 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://travelnest.freshchat.com/js/widget.js
Requested by
Host: account-production-legacy.travelnest.com
URL: https://account-production-legacy.travelnest.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.75.18.74 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-18-74.eu-central-1.compute.amazonaws.com
Software
fwe /
Resource Hash
1d192e1c77d4994dd103c54cc4b08915e159bbcf72e78e98533cc772f7768b38
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://account-production-legacy.travelnest.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-trace-id
00-3a0581218da926f0381e8197e1f0adc5-485311dda01de114-00
date
Tue, 02 Jul 2024 12:25:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
last-modified
Thu, 27 Jun 2024 04:09:18 GMT
server
fwe
nel
{ "report_to": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true}
report-to
{ "group": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true, "endpoints": [{"url": "https://edge-admin.eu-central-1.freshedge.net/nelreports/freshchat"}]}
content-type
application/javascript
x-fw-ratelimiting-managed
false
cache-control
max-age=900, must-revalidate
x-server
57fdn
x-envoy-upstream-service-time
1
x-xss-protection
1; mode=block
x-request-id
b4e15610-3a00-4ac7-bf50-af32a6aba5ff
client.js
account-production-legacy.travelnest.com/71eb904/assets/ 		9 MB
3 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://account-production-legacy.travelnest.com/71eb904/assets/client.js
Requested by
Host: account-production-legacy.travelnest.com
URL: https://account-production-legacy.travelnest.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-30.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7dd47df5361f5b4d70a9d93b4e8d548ab68df5e611421b4774070f58fc64b827
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://account-production-legacy.travelnest.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 03:56:48 GMT
content-encoding
gzip
via
1.1 00746b020527dcdbeca0dab6f6de299a.cloudfront.net (CloudFront)
last-modified
Wed, 19 Jun 2024 11:06:16 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
age
30499
x-amz-server-side-encryption
AES256
etag
W/"c37f0e5422caeac0131da02fb3a82d36-2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-frame-options
SAMEORIGIN
x-amz-cf-id
KqagppWnQMdYAEVCQFVRXAMGYtUJYMM3n64UyEmCo0rKeKc-o_YVVw==
main.css
account-production-legacy.travelnest.com/71eb904/assets/ 		164 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://account-production-legacy.travelnest.com/71eb904/assets/main.css
Requested by
Host: account-production-legacy.travelnest.com
URL: https://account-production-legacy.travelnest.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-30.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c666562547de9639410bbe31d0d0809aadd44c030ecc5066a7ddf234d27679b0
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://account-production-legacy.travelnest.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 12:19:16 GMT
content-encoding
gzip
via
1.1 00746b020527dcdbeca0dab6f6de299a.cloudfront.net (CloudFront)
last-modified
Wed, 19 Jun 2024 11:06:23 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
age
624
x-amz-server-side-encryption
AES256
etag
W/"d608e50e701528b73b58ffbfc08621b2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
x-frame-options
SAMEORIGIN
x-amz-cf-id
vkVHxBkW3VGjp4Rh_sWFFw7-L3jMcv7J936GeuczrP8hJmw14vwamA==
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.5.0/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.0/jquery.min.js
Requested by
Host: account-production-legacy.travelnest.com
URL: https://account-production-legacy.travelnest.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4dccdd9ae25b64078e0c73f273de94f8894d5c99e4741645ece29aeefc9c5a4
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://account-production-legacy.travelnest.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 12:25:07 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1023865
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27964
last-modified
Mon, 04 May 2020 16:11:48 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec4-15d95"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=avoRbtXWs316hOqp7nsZil4wC1Gzo7KQ1fcDY1cmjiNTZS70CzUr0%2B4QeD0a24IGzJtnxMrZIiFLlO1tx6yXQ7YJHVGCYtl5mUua7Mmj1GEdTjTFgD%2BoOKbEZfdv7TBmZI4VDQB1"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
89ce9ddc4c7ba03a-FRA
expires
Sun, 22 Jun 2025 12:25:07 GMT
3ee6992f7f9a6
display.popt.in/APIRequest/ 		89 B
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://display.popt.in/APIRequest/3ee6992f7f9a6?domain=https%3A%2F%2Faccount-production-legacy.travelnest.com%2F&referrer=&previous_url=&cookies=poptin_old_user%3Dtrue%20poptin_user_id%3D0.jmakzw536d%20poptin_previous_url%3D%20poptin_new_user%3Dtrue%20poptin_viewed_session%3Dfalse%20&triggers=&cc=false&if_mobile=false&page_title=Travelnest&origin_landing_page=https%3A%2F%2Faccount-production-legacy.travelnest.com%2F&if_page_refreshed=false&poptin_viewed_url=https%3A%2F%2Faccount-production-legacy.travelnest.com%2F&previous_visited_pages=&shopify_customer_id=0&cart_total_items=0&cart_total_price=0&cart_products_ids_list=&cart_products_org_ids_list=
Requested by
Host: account-production-legacy.travelnest.com
URL: https://account-production-legacy.travelnest.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.69.47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0160468e07f3d8e02ac1b79c3fe4d444fbecfdfa80912bb73a14909894299057
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://bc.popt.in https://*.mybigcommerce.com https://*.jumpseller.com https://*.myshopline.com https://*.myshopify.com https://*.grisynava.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://account-production-legacy.travelnest.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 12:25:07 GMT
content-security-policy
frame-ancestors https://bc.popt.in https://*.mybigcommerce.com https://*.jumpseller.com https://*.myshopline.com https://*.myshopify.com https://*.grisynava.com
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
DYNAMIC
alt-svc
h3=":443"; ma=86400
pragma
no-cache
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=deyV57265WjfSrkg05zhRFI5d0OJlm4JVC42g1ZEsJLVS5TzlTq0JAxq5MqgyRa7C3H7rX0pLoiD8jxrV9uyKgMsSU5VTh3p2FVeqvHDSFTsJ2MpH%2FAJKnZoLvCbIncylWc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=0, must-revalidate, no-store, nocache, private
access-control-allow-credentials
true
cf-ray
89ce9ddda8844d86-FRA
access-control-allow-headers
Origin, Content-Type
expires
Fri, 01 Jan 1990 00:00:00 GMT
gtm.js
www.googletagmanager.com/ 		354 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KXWP58D&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Requested by
Host: account-production-legacy.travelnest.com
URL: https://account-production-legacy.travelnest.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
130ae01ae872e6811367730e6ad24e23c775042c080579d178a10af56539253b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://account-production-legacy.travelnest.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 12:25:08 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
116526
x-xss-protection
0
last-modified
Tue, 02 Jul 2024 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 02 Jul 2024 12:25:08 GMT
789.js
account-production-legacy.travelnest.com/71eb904/assets/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://account-production-legacy.travelnest.com/71eb904/assets/789.js
Requested by
Host: account-production-legacy.travelnest.com
URL: https://account-production-legacy.travelnest.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-30.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bc03b37dd3b202d705953ba4c5cdf2b13df4d266b026bf5f7ccb396472dc83de
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://account-production-legacy.travelnest.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 02:48:10 GMT
content-encoding
gzip
via
1.1 00746b020527dcdbeca0dab6f6de299a.cloudfront.net (CloudFront)
last-modified
Wed, 19 Jun 2024 11:06:15 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
age
34619
x-amz-server-side-encryption
AES256
etag
W/"69136d9c40c03a38c1fc8be50bc578dc"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-frame-options
SAMEORIGIN
x-amz-cf-id
WXkfvd02Z_INUn8oSpoDo7APDUKBMBccpWKH9n9ZSDypCwBUwbxzcQ==
truncated
/ 		37 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
39e72c0794c12f2dbb14a0f61ca946b535f795b1478fcf795bd26e5cb52ded34

Request headers

Referer
Origin
https://account-production-legacy.travelnest.com
Accept-Language
de-DE,de;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
font/woff2
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.5.0/ 		87 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.0/jquery.min.js
Requested by
Host: account-production-legacy.travelnest.com
URL: https://account-production-legacy.travelnest.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4dccdd9ae25b64078e0c73f273de94f8894d5c99e4741645ece29aeefc9c5a4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://account-production-legacy.travelnest.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 12:25:07 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1023865
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27964
last-modified
Mon, 04 May 2020 16:11:48 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec4-15d95"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=avoRbtXWs316hOqp7nsZil4wC1Gzo7KQ1fcDY1cmjiNTZS70CzUr0%2B4QeD0a24IGzJtnxMrZIiFLlO1tx6yXQ7YJHVGCYtl5mUua7Mmj1GEdTjTFgD%2BoOKbEZfdv7TBmZI4VDQB1"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
89ce9ddc4c7ba03a-FRA
expires
Sun, 22 Jun 2025 12:25:07 GMT
config_iframe.html
travelnest.freshchat.com/widget/ Frame 2417 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://travelnest.freshchat.com/widget/config_iframe.html?host=https://travelnest.freshchat.com&token=c1ddea69-6846-4c71-8793-c1a9280a69e5&origin=https://account-production-legacy.travelnest.com&widgetUuid=a065873e-020f-44e8-8f65-7d3aba9e422d
Requested by
Host: travelnest.freshchat.com
URL: https://travelnest.freshchat.com/js/widget.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.184.10 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-184-10.eu-central-1.compute.amazonaws.com
Software
fwe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy style-src 'unsafe-inline' *; font-src 'self' * data:; img-src 'self' * data:; connect-src 'self' *; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.freshchat.com https://*.freshworksapi.com; child-src 'self' * blob:; media-src 'self' https://*.freshchat.com; manifest-src 'self' https://*.freshchat.com; default-src 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://account-production-legacy.travelnest.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-encoding
gzip
content-security-policy
style-src 'unsafe-inline' *; font-src 'self' * data:; img-src 'self' * data:; connect-src 'self' *; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.freshchat.com https://*.freshworksapi.com; child-src 'self' * blob:; media-src 'self' https://*.freshchat.com; manifest-src 'self' https://*.freshchat.com; default-src 'none';
content-type
text/html
date
Tue, 02 Jul 2024 12:25:08 GMT
last-modified
Thu, 27 Jun 2024 04:09:18 GMT
nel
{ "report_to": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true}
report-to
{ "group": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true, "endpoints": [{"url": "https://edge-admin.eu-central-1.freshedge.net/nelreports/freshchat"}]}
server
fwe
strict-transport-security
max-age=31536000; includeSubDomains
x-envoy-upstream-service-time
1
x-fw-ratelimiting-managed
false
x-request-id
ed49ca64-3108-4ad3-b24b-473208c92b30
x-server
7z79j
x-trace-id
00-d2c01bc60453a963be2e8a5ab5cb9016-a18191b7b8f0a0d0-00
x-xss-protection
1; mode=block
fs.js
edge.fullstory.com/s/ 		277 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://edge.fullstory.com/s/fs.js
Requested by
Host: account-production-legacy.travelnest.com
URL: https://account-production-legacy.travelnest.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
186.112.201.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
3437f195c3f03e93049d9ef9c9e79b2ebeb8b97339a268cf2d6e4ab38aee09c5

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://account-production-legacy.travelnest.com/
Origin
https://account-production-legacy.travelnest.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 11:42:22 GMT
content-encoding
br
age
2566
x-guploader-uploadid
ACJd0NquVV93SCSIr_T7TC1TgKqgpvAbUdVGr-4pz3FDuCg0opNm4I9arkGEA706AkZ1Qcon7UtEEdZZ6w
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
br
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
76394
last-modified
Thu, 27 Jun 2024 13:38:26 GMT
server
UploadServer
etag
"f79ad65695b94b39d47799af56fbd7e3"
vary
Accept-Encoding
x-goog-generation
1719495506351318
x-goog-hash
crc32c=wtOMAQ==, md5=95rWVpW5SznUd5mvVvvX4w==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=3600,no-transform
x-goog-stored-content-length
76394
accept-ranges
bytes
content-type
application/javascript
expires
Tue, 02 Jul 2024 12:42:22 GMT
FTUX_House.svg
account-production-legacy.travelnest.com/71eb904/assets/images/ 		69 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://account-production-legacy.travelnest.com/71eb904/assets/images/FTUX_House.svg
Requested by
Host: account-production-legacy.travelnest.com
URL: https://account-production-legacy.travelnest.com/login/email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-30.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5d99df2a5b36d51f6ee1d4d9d89450c8a2d33fb43a8b4dcf8035f90aa97fcb70
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://account-production-legacy.travelnest.com/login/email
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 16:09:44 GMT
content-encoding
gzip
via
1.1 00746b020527dcdbeca0dab6f6de299a.cloudfront.net (CloudFront)
last-modified
Wed, 19 Jun 2024 11:06:21 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
age
73169
x-amz-server-side-encryption
AES256
etag
W/"6daefa3330ca6827930d7a586cf0ecd7"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
x-frame-options
SAMEORIGIN
x-amz-cf-id
IQoeySdj5rFF_XZ9BBjSllaL7lY1VB-PlU1rRiIhYnkhwpR-op88VA==
348673fc760e6ec6934f.svg
account-production-legacy.travelnest.com/71eb904/assets/ 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://account-production-legacy.travelnest.com/71eb904/assets/348673fc760e6ec6934f.svg
Requested by
Host: account-production-legacy.travelnest.com
URL: https://account-production-legacy.travelnest.com/login/email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-30.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b6aac84281baba4aeefe7faee34f2c0106447a93acc4a0bda3e593a258be41e3
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://account-production-legacy.travelnest.com/login/email
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 13:05:53 GMT
content-encoding
gzip
via
1.1 00746b020527dcdbeca0dab6f6de299a.cloudfront.net (CloudFront)
last-modified
Wed, 19 Jun 2024 11:06:13 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
age
83956
etag
W/"779b03a9051931a671a88141e0a21871"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
x-frame-options
SAMEORIGIN
x-amz-cf-id
IqkWn8Ezh5zBdQ7yikqmKhka_0iRapaZ8tChBu0N6phHZp49U9BBzA==
script.js
cdn-cookieyes.com/client_data/ceabf2794db27ed89be873d1/ 		98 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-cookieyes.com/client_data/ceabf2794db27ed89be873d1/script.js
Requested by
Host: account-production-legacy.travelnest.com
URL: https://account-production-legacy.travelnest.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3a5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd82fd00256cc6411fd5c7dcef3807773225dfc61915f1299e2de693a08eac88

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://account-production-legacy.travelnest.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 12:25:08 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 25 Jun 2024 09:06:06 GMT
server
cloudflare
age
5052
etag
"1894c-61bb3353fa643-gzip"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=0, must-revalidate, s-maxage=604800, proxy-revalidate
accept-ranges
bytes
cf-ray
89ce9de5584891e3-FRA
content-length
34701
js
www.googletagmanager.com/gtag/ 		338 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-FSVTHR355K&l=dataLayer&cx=c
Requested by
Host: account-production-legacy.travelnest.com
URL: https://account-production-legacy.travelnest.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e228cd6508bd94e13d9b47f925c1efe02dcead6bddf45665b39d62244a3d533d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://account-production-legacy.travelnest.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 12:25:08 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
111301
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 02 Jul 2024 12:25:08 GMT
destination
www.googletagmanager.com/gtag/ 		227 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=AW-799966452&l=dataLayer&cx=c
Requested by
Host: account-production-legacy.travelnest.com
URL: https://account-production-legacy.travelnest.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
601db2fb728e428902d45e0ec52bfaa53ad79a3b670a5ec07019eaeb1ca40d9b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://account-production-legacy.travelnest.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 12:25:08 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
83816
x-xss-protection
0
last-modified
Tue, 02 Jul 2024 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 02 Jul 2024 12:25:08 GMT
insight.min.js
snap.licdn.com/li.lms-analytics/ 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: account-production-legacy.travelnest.com
URL: https://account-production-legacy.travelnest.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:15::213:7e63 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
942a9ba1fe78b402e8b52b83058dbbabde8db6b4d1debf960d6d5afe5192db52
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://account-production-legacy.travelnest.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 12:25:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 18 Jun 2024 16:46:52 GMT
x-cdn
AKAM
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
max-age=72806
accept-ranges
bytes
content-length
14004
fbevents.js
connect.facebook.net/en_US/ 		221 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: account-production-legacy.travelnest.com
URL: https://account-production-legacy.travelnest.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
de1805522e8bde4516893684590f431b5bc8716638f3b9cdbf4e987767e61a65
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://account-production-legacy.travelnest.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 02 Jul 2024 12:25:08 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
58251
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=38, rtx=0, c=12, mss=1297, tbw=2770, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
+vD9U+3dayBQLlsIBYc99b89YFDPKES1U3XpxVvsIcLBAsQlyencpafnWutE8pvDNQYpnJSspwsT/w/0khAYZw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
referral.js
travelnest.referralrock.com/sdk/ 		46 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://travelnest.referralrock.com/sdk/referral.js
Requested by
Host: account-production-legacy.travelnest.com
URL: https://account-production-legacy.travelnest.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.75.106.146 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
2291c03ef69f306c6d9c2903da4a0ac7bc4a67f5a531cf21fac843cc0b77d349
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://account-production-legacy.travelnest.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 12:25:08 GMT
content-encoding
gzip
strict-transport-security
max-age=63072000; includeSubDomains; preload
last-modified
Thu, 27 Jun 2024 12:01:16 GMT
server
Microsoft-IIS/10.0
etag
"0ce92b689c8da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
8057
events.js
analytics.tiktok.com/i18n/pixel/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CIO5PIRC77UDQQEGDND0&lib=ttq
Requested by
Host: account-production-legacy.travelnest.com
URL: https://account-production-legacy.travelnest.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.162.223 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-162-223.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
7506cc31a70b7dfdb2caa232c90682282bb37c9d05e5632c12a029e7dee7d3e4

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://account-production-legacy.travelnest.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-akamai-request-id
3d1a6f4a
date
Tue, 02 Jul 2024 12:25:08 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-240702122508412ACD012A1FA37C95C7-1E7CB573781F7069-00
x-cache
TCP_MISS from a23-206-213-223.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-)
server-timing
inner; dur=4, cdn-cache; desc=MISS, edge; dur=2, origin; dur=118
content-length
1898
pragma
no-cache
server
nginx
x-tt-logid
20240702122508412ACD012A1FA37C95C7
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
120,23.206.213.223
x-tt-trace-host
0105f3b903c5b53d67435cfcdf98b289addaf56fcdd663865c5f6d978b5c7ae9c8310ace5737bf7d07d48aade9b248bddc0d284e68ac3becad98425f89e04aff30b1af1eed6ce18ff9a1341db6385ce8327b996d6452d12271531d91e8407b83ed
expires
Tue, 02 Jul 2024 12:25:08 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: account-production-legacy.travelnest.com
URL: https://account-production-legacy.travelnest.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://account-production-legacy.travelnest.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 02 Jul 2024 10:29:07 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
6961
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Tue, 02 Jul 2024 12:29:07 GMT
3ee6992f7f9a6
display.popt.in/APIRequest/ 		89 B
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://display.popt.in/APIRequest/3ee6992f7f9a6?domain=https%3A%2F%2Faccount-production-legacy.travelnest.com%2Flogin%2Femail&referrer=&previous_url=https%3A%2F%2Faccount-production-legacy.travelnest.com%2Flogin&cookies=poptin_old_user%3Dtrue%20poptin_user_id%3D0.jmakzw536d%20poptin_previous_url_protocol%3Dsecure%20poptin_previous_url%3Daccount-production-legacy.travelnest.com%2Flogin%20poptin_new_user%3Dtrue%20poptin_viewed_session%3Dfalse%20&triggers=&cc=false&if_mobile=false&page_title=Travelnest&origin_landing_page=https%3A%2F%2Faccount-production-legacy.travelnest.com%2F&if_page_refreshed=false&poptin_viewed_url=https%3A%2F%2Faccount-production-legacy.travelnest.com%2Flogin%2Femail&previous_visited_pages=%2Flogin&shopify_customer_id=0&cart_total_items=0&cart_total_price=0&cart_products_ids_list=&cart_products_org_ids_list=
Requested by
Host: account-production-legacy.travelnest.com
URL: https://account-production-legacy.travelnest.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.69.47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0160468e07f3d8e02ac1b79c3fe4d444fbecfdfa80912bb73a14909894299057
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://bc.popt.in https://*.mybigcommerce.com https://*.jumpseller.com https://*.myshopline.com https://*.myshopify.com https://*.grisynava.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://account-production-legacy.travelnest.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 12:25:08 GMT
content-security-policy
frame-ancestors https://bc.popt.in https://*.mybigcommerce.com https://*.jumpseller.com https://*.myshopline.com https://*.myshopify.com https://*.grisynava.com
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
DYNAMIC
alt-svc
h3=":443"; ma=86400
pragma
no-cache
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=COpbrFKqhDzQMj6lIV%2FAVAddhkm6iREz7pDSovdV7lyOIcMGuSNz7hOkfa4nBerHKA2z1nRq63H%2BsWMO29A2fIq7AVtEGOUF5X8JmnBDV2NmoSNJEK45sAZBFuO%2BTylr%2BLU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=0, must-revalidate, no-store, nocache, private
access-control-allow-credentials
true
cf-ray
89ce9de53b194d86-FRA
access-control-allow-headers
Origin, Content-Type
expires
Fri, 01 Jan 1990 00:00:00 GMT
3ee6992f7f9a6
display.popt.in/APIRequest/ 		0
0
/
travelnest.freshchat.com/widget/ Frame C3AC 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://travelnest.freshchat.com/widget/?token=c1ddea69-6846-4c71-8793-c1a9280a69e5&referrer=aHR0cHM6Ly9hY2NvdW50LXByb2R1Y3Rpb24tbGVnYWN5LnRyYXZlbG5lc3QuY29t&widgetUuid=a065873e-020f-44e8-8f65-7d3aba9e422d&eagerLoad=true
Requested by
Host: travelnest.freshchat.com
URL: https://travelnest.freshchat.com/js/widget.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.184.10 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-184-10.eu-central-1.compute.amazonaws.com
Software
fwe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy style-src 'unsafe-inline' *; font-src 'self' * data:; img-src 'self' * data:; connect-src 'self' *; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.freshchat.com https://*.freshworksapi.com; child-src 'self' * blob:; media-src 'self' https://*.freshchat.com; manifest-src 'self' https://*.freshchat.com; default-src 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://account-production-legacy.travelnest.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-encoding
gzip
content-security-policy
style-src 'unsafe-inline' *; font-src 'self' * data:; img-src 'self' * data:; connect-src 'self' *; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.freshchat.com https://*.freshworksapi.com; child-src 'self' * blob:; media-src 'self' https://*.freshchat.com; manifest-src 'self' https://*.freshchat.com; default-src 'none';
content-type
text/html
date
Tue, 02 Jul 2024 12:25:08 GMT
last-modified
Thu, 27 Jun 2024 04:09:18 GMT
nel
{ "report_to": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true}
report-to
{ "group": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true, "endpoints": [{"url": "https://edge-admin.eu-central-1.freshedge.net/nelreports/freshchat"}]}
server
fwe
strict-transport-security
max-age=31536000; includeSubDomains
x-envoy-upstream-service-time
1
x-fw-ratelimiting-managed
false
x-request-id
66cce5fd-5635-4b24-84ce-9009214f1deb
x-server
99qbr
x-trace-id
00-6db0c185fd5ab53569f0d02d822f9865-bd1bc8021fe6f99b-00
x-xss-protection
1; mode=block
widget.css
travelnest.freshchat.com/widget/css/ 		9 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://travelnest.freshchat.com/widget/css/widget.css?t=1719923108695
Requested by
Host: account-production-legacy.travelnest.com
URL: https://account-production-legacy.travelnest.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.75.18.74 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-18-74.eu-central-1.compute.amazonaws.com
Software
fwe /
Resource Hash
58e78ddbe7394cd14a1e3bc3d8a85a8f9a5c319653ce2a50008ed33560df6b1b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://account-production-legacy.travelnest.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 12:25:08 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
nel
{ "report_to": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true}
x-envoy-upstream-service-time
1
x-xss-protection
1; mode=block
x-request-id
d4006bd6-bc41-4508-acec-a1bbe91aacca
x-trace-id
00-cb9ec3cb273fe5d3e96c3bd08ad695c9-5a5c2716592519bf-00
last-modified
Thu, 27 Jun 2024 04:09:18 GMT
server
fwe
report-to
{ "group": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true, "endpoints": [{"url": "https://edge-admin.eu-central-1.freshedge.net/nelreports/freshchat"}]}
content-type
text/css
x-fw-ratelimiting-managed
false
cache-control
max-age=31536000,no-cache, no-store, must-revalidate, pre-check=0, post-check=0,public
x-server
57fdn
expires
Wed, 02 Jul 2025 12:25:08 GMT
/
px.ads.linkedin.com/wa/ 		0
636 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://px.ads.linkedin.com/wa/
Requested by
Host: account-production-legacy.travelnest.com
URL: https://account-production-legacy.travelnest.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Accept
*
Referer
https://account-production-legacy.travelnest.com/
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 12:25:08 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 0795CA59CCAA4C04B60DC9A74855E599 Ref B: DUS30EDGE0317 Ref C: 2024-07-02T12:25:08Z
linkedin-action
1
vary
Origin
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
access-control-allow-origin
https://account-production-legacy.travelnest.com
x-li-proto
http/2
access-control-allow-credentials
true
x-li-uuid
AAYcQs3zbgPf1c+6bmimgQ==
log
log.cookieyes.com/api/v1/ 		2 B
153 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://log.cookieyes.com/api/v1/log
Requested by
Host: cdn-cookieyes.com
URL: https://cdn-cookieyes.com/client_data/ceabf2794db27ed89be873d1/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.81.164.152 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-164-152.eu-west-1.compute.amazonaws.com
Software
/ Express
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://account-production-legacy.travelnest.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryDqW2ZBzabIal8pz7

Response headers

access-control-allow-origin
*
date
Tue, 02 Jul 2024 12:25:08 GMT
x-powered-by
Express
content-length
2
etag
W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
content-type
text/plain; charset=utf-8
banner.js
cdn-cookieyes.com/client_data/ceabf2794db27ed89be873d1/ 		101 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-cookieyes.com/client_data/ceabf2794db27ed89be873d1/banner.js
Requested by
Host: account-production-legacy.travelnest.com
URL: https://account-production-legacy.travelnest.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3a5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
919fc24342acdc1d2e7ba50ba27e32f9fd046c5b1c90ad91d8e9770bab75958f

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://account-production-legacy.travelnest.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 12:25:08 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 25 Jun 2024 09:06:06 GMT
server
cloudflare
age
10416
etag
"19294-61bb3353f96a2-gzip"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=0, must-revalidate, s-maxage=604800, proxy-revalidate
accept-ranges
bytes
cf-ray
89ce9de6192d91e3-FRA
content-length
33664
attribution_trigger
px.ads.linkedin.com/ 		2 B
929 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://px.ads.linkedin.com/attribution_trigger?pid=1440897&time=1719923108800&url=https%3A%2F%2Faccount-production-legacy.travelnest.com%2Flogin%2Femail&conversionId=16927169&tm=gtmv2
Requested by
Host: account-production-legacy.travelnest.com
URL: https://account-production-legacy.travelnest.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept
*
Referer
https://account-production-legacy.travelnest.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"1","priority":"0"}],"filters":[],"debug_key":"16927169"}
content-encoding
gzip
date
Tue, 02 Jul 2024 12:25:08 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: EAEBB896092D4432B92E948AFAE7F41A Ref B: DUS30EDGE0805 Ref C: 2024-07-02T12:25:08Z
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
x-restli-protocol-version
1.0.0
access-control-allow-headers
*
x-li-uuid
AAYcQs3zvBGZvq6NgNninA==
x-fs-uuid
00061c42cdf3bc1199beae8d80d9e29c
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1440897&time=1719923108800&conversionId=16927169&url=https%3A%2F%2Faccount-production-legacy.travelnest.com%2Flogin%2Femail&tm=gtmv2
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1440897&time=1719923108800&conversionId=16927169&url=https%3A%2F%2Faccount-production-legacy.travelnest.com%2Flogin%2Femail&tm=gtmv2&e_ipv6=AQKaF...
0
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1440897&time=1719923108800&conversionId=16927169&url=https%3A%2F%2Faccount-production-legacy.travelnest.com%2Flogin%2Femail&tm=gtmv2&e_ipv6=AQKaFAQQaNbGmQAAAZBzZ-xlvKziotfO152y45LqOBPfvij4MzQr5QWO56Mzca2aF2SN_431
Requested by
Host: account-production-legacy.travelnest.com
URL: https://account-production-legacy.travelnest.com/login/email
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://account-production-legacy.travelnest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 02 Jul 2024 12:25:08 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 3DB5E2C20127455C82F25DC9BB28883E Ref B: DUS30EDGE0915 Ref C: 2024-07-02T12:25:09Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-type
application/javascript
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYcQs33Koekauk9FJGsHA==

Redirect headers

date
Tue, 02 Jul 2024 12:25:08 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: F8FC1DA726304420A7C7CAAB02C033F7 Ref B: DUS30EDGE0317 Ref C: 2024-07-02T12:25:08Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1440897&time=1719923108800&conversionId=16927169&url=https%3A%2F%2Faccount-production-legacy.travelnest.com%2Flogin%2Femail&tm=gtmv2&e_ipv6=AQKaFAQQaNbGmQAAAZBzZ-xlvKziotfO152y45LqOBPfvij4MzQr5QWO56Mzca2aF2SN_431
x-li-proto
http/2
content-length
0
x-li-uuid
AAYcQs3zFMdnQ3F/SHMCKA==
web
edge.fullstory.com/s/settings/K46ED/v1/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://edge.fullstory.com/s/settings/K46ED/v1/web
Requested by
Host: account-production-legacy.travelnest.com
URL: https://account-production-legacy.travelnest.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
186.112.201.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
d235497e83c12233dfc2f0f8d2ddd30977bf7e14ed39feae5865fd7b295a84e1

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://account-production-legacy.travelnest.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 12:20:28 GMT
content-encoding
gzip
age
280
x-guploader-uploadid
ACJd0NqTfpCC6vx-WFkckQaz7apR0mzdD6_2siF1ICaf8nF_tUNUMkZPOZfq81RHi0FfiSpLO7K86Qhpxw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1448
last-modified
Tue, 02 Jul 2024 12:16:49 GMT
server
UploadServer
etag
"c4f860309485cab4295bf79b77f08df5"
x-goog-generation
1719504109725083
x-goog-hash
crc32c=lQK2Bw==, md5=xPhgMJSFyrQpW/ebd/CN9Q==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public,max-age=900,no-transform
x-goog-stored-content-length
1448
accept-ranges
bytes
content-type
application/json
expires
Tue, 02 Jul 2024 12:35:28 GMT
1513105928831998
connect.facebook.net/signals/config/ 		66 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1513105928831998?v=2.9.159&r=stable&domain=account-production-legacy.travelnest.com&hme=446fb981c8c3baeb03730fe3cbd404f7f15f64c693f24c7fe75da498bc2c95d8&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C174%2C170%2C171%2C173%2C28%2C94%2C50%2C73%2C172%2C155%2C158%2C167%2C168%2C175%2C122%2C39%2C33%2C134%2C14%2C48%2C180%2C179%2C124%2C17%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106
Requested by
Host: account-production-legacy.travelnest.com
URL: https://account-production-legacy.travelnest.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d0d7da02336cb285482bafa21d5fe0f88de391dae9c954280d6a12bf6df0485b
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://account-production-legacy.travelnest.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 02 Jul 2024 12:25:08 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=38, rtx=0, c=65, mss=1297, tbw=63753, tp=-1, tpl=-1, uplat=95, ullat=0
pragma
public
x-fb-debug
oki9RdOXnVn2bpAIUWq5ThwTfiE8GvZbhTrtEZ5B1EET+0xXwERqCzl/0wJmIQXVi/E94qOsZguZ/GU537ZYGQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
page
rs.fullstory.com/rec/ 		1 KB
758 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rs.fullstory.com/rec/page
Requested by
Host: account-production-legacy.travelnest.com
URL: https://account-production-legacy.travelnest.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
58.194.186.35.bc.googleusercontent.com
Software
/
Resource Hash
fa64f852eee341e385a63c51899e38abfff04490c24ef90aee5568403fdb9b5a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://account-production-legacy.travelnest.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 02 Jul 2024 12:25:09 GMT
content-encoding
gzip
via
1.1 google
content-type
application/json; charset=utf-8
access-control-allow-origin
https://account-production-legacy.travelnest.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
560
main.MTZkNWZlYWU4MQ.js
analytics.tiktok.com/i18n/pixel/static/ 		344 KB
99 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/main.MTZkNWZlYWU4MQ.js
Requested by
Host: account-production-legacy.travelnest.com
URL: https://account-production-legacy.travelnest.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.162.223 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-162-223.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
6745fb1d61fceb170d42e79732d55e9a9f8259b027ba0ee9ed76b83811136f92

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://account-production-legacy.travelnest.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-akamai-request-id
3d1a6fc3
date
Tue, 02 Jul 2024 12:25:08 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
2024062715345243AD068F0621204E02CE
x-tt-trace-id
00-24062715345243AD068F0621204E02CE-522A02612CA53F4E-00
vary
Accept-Encoding
x-cache
TCP_HIT from a23-206-213-223.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
0131c8ef173a8a2a54e809b3b35c7856aa40ee591036d5d78a537bffbc98495eced4569e4f837075d672ec7a5003e55429982e0e670fb297acceca2866e25adc294588e751706f55767659fa68dd95238ffbf7b3f089b7e4c988c5887b436af157
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=16
content-length
100285
/
travelnest.referralrock.com/externaltrack/ Frame DD4E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://travelnest.referralrock.com/externaltrack/?pageTitle=Travelnest&scriptv=https%3A%2F%2Ftravelnest.referralrock.com%2Fsdk%2Freferral.js%3F05-10-21&transactionKey=b947e362-1da9-4022-8243-ff31bf5e3b47&sourceURL=https%3A%2F%2Faccount-production-legacy.travelnest.com%2Flogin%2Femail
Requested by
Host: account-production-legacy.travelnest.com
URL: https://account-production-legacy.travelnest.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.75.106.146 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://account-production-legacy.travelnest.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
access-control-expose-headers
Request-Context
cache-control
private
content-encoding
gzip
content-length
670
content-type
text/html; charset=utf-8
date
Tue, 02 Jul 2024 12:25:09 GMT
request-context
appId=cid-v1:683234c1-44ae-4c0f-a0cc-363d1e4dad53
server
Microsoft-IIS/10.0
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
/
www.facebook.com/tr/ 		0
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1513105928831998&ev=PageView&dl=https%3A%2F%2Faccount-production-legacy.travelnest.com%2Flogin%2Femail&rl=&if=false&ts=1719923109043&sw=1600&sh=1200&v=2.9.159&r=stable&ec=0&o=4126&fbp=fb.1.1719923109039.370945581779345477&cs_est=true&ler=empty&cdl=API_unavailable&it=1719923108875&coo=false&rqm=GET
Requested by
Host: account-production-legacy.travelnest.com
URL: https://account-production-legacy.travelnest.com/login/email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://account-production-legacy.travelnest.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=39, rtx=0, c=10, mss=1297, tbw=2776, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 02 Jul 2024 12:25:09 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1513105928831998&ev=PageView&dl=https%3A%2F%2Faccount-production-legacy.travelnest.com%2Flogin%2Femail&rl=&if=false&ts=1719923109043&sw=1600&sh=1200&v=2.9.159&r=stable&ec=0&o=4126&fbp=fb.1.1719923109039.370945581779345477&cs_est=true&ler=empty&cdl=API_unavailable&it=1719923108875&coo=false&rqm=FGET
Requested by
Host: account-production-legacy.travelnest.com
URL: https://account-production-legacy.travelnest.com/login/email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://account-production-legacy.travelnest.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x21e2c5e854e88952","source_keys":["1","2"]},{"key_piece":"0x3b61a8db56493ab4","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding
zstd
x-content-type-options
nosniff
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security
max-age=15552000; preload
document-policy
force-load-at-top
date
Tue, 02 Jul 2024 12:25:09 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7387013506867387442", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=38, rtx=0, c=10, mss=1297, tbw=3094, tp=-1, tpl=-1, uplat=126, ullat=0
pragma
no-cache
x-fb-debug
F9hFQtEW1YZ2Mdn9KLfvAXVl6kh6GKUm107EpJlLUyYPiMBun3cjmrN7Tb7altvq2jXILGFuAspPMIJodaMrkQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7387013506867387442"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
identify_ce1d8843.js
analytics.tiktok.com/i18n/pixel/static/ 		146 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/identify_ce1d8843.js
Requested by
Host: account-production-legacy.travelnest.com
URL: https://account-production-legacy.travelnest.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.162.223 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-162-223.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
d891e16dbaf81b89f017b6516afdeffe602f8df1d5e269429e7b6eaf63726a03

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://account-production-legacy.travelnest.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-akamai-request-id
3d1a7058
date
Tue, 02 Jul 2024 12:25:09 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
20240521140000CC8E8367BDDF5D4567F5
x-tt-trace-id
00-240521140000CC8E8367BDDF5D4567F5-74762002771602E1-00
vary
Accept-Encoding
x-cache
TCP_HIT from a23-206-213-223.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
017d5145de57c4c0d6eb87cea89f133c59b7af6097d632d905c0b56b30f9535ee3505147809fc30c9d5a623e53bb24e5260751318c8f812f04f082bdffb7c8662eee9fb10982a6efd7378ad51b55dc9900fa20221bc361c59a798b744f5965652f
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=4
content-length
39809
pixel
analytics.tiktok.com/api/v2/ 		0
702 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTZkNWZlYWU4MQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.162.223 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-162-223.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://account-production-legacy.travelnest.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
3d1a7059
date
Tue, 02 Jul 2024 12:25:09 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-2407021225095DBA2C476627E38B0138-76016E5D1F16EBA9-00
x-cache
TCP_MISS from a23-206-213-223.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-)
server-timing
inner; dur=41, cdn-cache; desc=MISS, edge; dur=8, origin; dur=148
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
202407021225095DBA2C476627E38B0138
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
149,23.206.213.223
x-tt-trace-host
0105f3b903c5b53d67435cfcdf98b289addaf56fcdd663865c5f6d978b5c7ae9c8d46eec2c778ff3158d70468a9361f1ca062f3ce1250938098b320a2b824f45ddeedf9c579926d03c756c249cc1c72aadd5481acec01bea0312957b62682e5fdd
access-control-allow-headers
Authorization,*
expires
Tue, 02 Jul 2024 12:25:09 GMT
integrations
rs.fullstory.com/rec/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rs.fullstory.com/rec/integrations?OrgId=K46ED&isInFrame=false&isNative=false
Requested by
Host: account-production-legacy.travelnest.com
URL: https://account-production-legacy.travelnest.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
58.194.186.35.bc.googleusercontent.com
Software
/
Resource Hash
f2cd8c1f224de496524c3d6362250eae0c0b4d1d90e2f68ae1fb0ea67cf03138

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://account-production-legacy.travelnest.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 12:25:09 GMT
via
1.1 google
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/javascript; charset=utf-8
act
analytics.tiktok.com/api/v2/pixel/ 		0
844 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel/act
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTZkNWZlYWU4MQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.162.223 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-162-223.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://account-production-legacy.travelnest.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
7af0010.3d1a7103
date
Tue, 02 Jul 2024 12:25:09 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-2407021225091F7338A9F1C156401AAE-5EE9E6C67DC02422-00
x-cache
TCP_MISS from a23-206-213-223.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-)
x-parent-response-time
118,23.206.213.223
server-timing
cdn-cache; desc=MISS, edge; dur=95, origin; dur=30, inner; dur=26
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
202407021225091F7338A9F1C156401AAE
x-cache-remote
TCP_MISS from a23-48-249-173.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
30,23.48.249.173
x-tt-trace-host
0105f3b903c5b53d67435cfcdf98b289adfdac59169b5e607d8e5a8e1c92955bce573057d0870dc173422f9bdf354c05456cf87dab389f768d4926fcccb817b8d8bd8c826d4c851465fc441a11e757c9b4a66f9fd376578f6c60e430c32a153e2cf2ff030fee934a719738615097747799
access-control-allow-headers
Authorization,*
expires
Tue, 02 Jul 2024 12:25:09 GMT
nr-spa-1184.min.js
js-agent.newrelic.com/ 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-spa-1184.min.js
Requested by
Host: account-production-legacy.travelnest.com
URL: https://account-production-legacy.travelnest.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2602:816:5001::39 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6ac927bf968f13f78b024de0f986ca3a18d95852aee8423f748d252fca5c5c96
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://account-production-legacy.travelnest.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
PFPUU2Cch1Wq2MHgVKRw2iA3.DpWCoQ9
content-encoding
br
via
1.1 varnish
date
Tue, 02 Jul 2024 12:25:09 GMT
strict-transport-security
max-age=300
x-amz-request-id
ERC5K2JZBVJRVZWK
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
15072
x-amz-id-2
D1v6bN/9aqEv9BRfDgdDTV2cpnpBX0DWgDCfUKtQ3gnlgk/7UZ0pzwUOxz4JEuO91Xx1WWBA9hg=
x-served-by
cache-mxp6925-MXP
last-modified
Wed, 18 Oct 2023 21:30:59 GMT
server
AmazonS3
etag
"6b93dbf34696df852c6d69d1652851de"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges
bytes
x-cache-hits
212804
BR1IRME2.json
cdn-cookieyes.com/client_data/ceabf2794db27ed89be873d1/ 		87 B
337 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn-cookieyes.com/client_data/ceabf2794db27ed89be873d1/BR1IRME2.json
Requested by
Host: account-production-legacy.travelnest.com
URL: https://account-production-legacy.travelnest.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3a5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70e4466265be4a41093c076e79ac361d193dd9f6e7057aedfc374c1c303132b3

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://account-production-legacy.travelnest.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 12:25:09 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Tue, 25 Jun 2024 09:06:06 GMT
server
cloudflare
etag
W/"57-61bb3353f67c2"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=0, must-revalidate, s-maxage=604800, proxy-revalidate
cf-ray
89ce9debef57bbec-FRA
favicon.ico
account-production-legacy.travelnest.com/71eb904/assets/images/ 		1 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://account-production-legacy.travelnest.com/71eb904/assets/images/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-30.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2a87fb6221ac2d91fa0b20337351bac16dfe759cf2f22e5d715829b8f23532fc
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://account-production-legacy.travelnest.com/login/email
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 08:09:51 GMT
via
1.1 00746b020527dcdbeca0dab6f6de299a.cloudfront.net (CloudFront)
last-modified
Wed, 19 Jun 2024 11:06:22 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
age
15319
x-amz-server-side-encryption
AES256
etag
"61792bd37fae3c8030ae9c70b39e59a5"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/vnd.microsoft.icon
x-frame-options
SAMEORIGIN
accept-ranges
bytes
content-length
1150
x-amz-cf-id
Ru8QEj5hChK723byPdsrJp4S3wEhuVUhQ6uqfXMI8w8PKrDq6h1V6w==
favicon-32x32.png
account-production-legacy.travelnest.com/71eb904/assets/favicon/ 		787 B
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://account-production-legacy.travelnest.com/71eb904/assets/favicon/favicon-32x32.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-30.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7c1327091b93d25d38ec5c80b87d787e98f98b9049a19798796e25ded70ade0b
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://account-production-legacy.travelnest.com/login/email
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 13:04:51 GMT
via
1.1 00746b020527dcdbeca0dab6f6de299a.cloudfront.net (CloudFront)
last-modified
Wed, 19 Jun 2024 11:06:18 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
age
84019
etag
"f9619c941006f333893307e54c7bba8e"
x-amz-server-side-encryption
AES256
x-frame-options
SAMEORIGIN
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
787
x-amz-cf-id
j3S_8EGVhcTEzn5b-5nb9vZzWNfaDgU7E0PMMIDM9jlvKwMJCbWC1g==
NRJS-d6d98c99d79cfc8ae96
bam.eu01.nr-data.net/1/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://bam.eu01.nr-data.net/1/NRJS-d6d98c99d79cfc8ae96?a=103299404&sa=1&v=1184.ab39b52&t=Unnamed%20Transaction&rst=3040&ck=1&ref=https://account-production-legacy.travelnest.com/login/email&be=170&fe=2860&dc=471&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1719923106783,%22n%22:0,%22f%22:0,%22dn%22:16,%22dne%22:16,%22c%22:16,%22s%22:57,%22ce%22:100,%22rq%22:100,%22rp%22:143,%22rpe%22:144,%22dl%22:148,%22di%22:470,%22ds%22:470,%22de%22:471,%22dc%22:2860,%22l%22:2860,%22le%22:2864%7D,%22navigation%22:%7B%7D%7D&fp=1719&fcp=1719&jsonp=NREUM.setToken
Requested by
Host: account-production-legacy.travelnest.com
URL: https://account-production-legacy.travelnest.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.221.87.23 , Ireland, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://account-production-legacy.travelnest.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 12:25:10 GMT
server
istio-envoy
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
access-control-allow-credentials
true
x-envoy-upstream-service-time
3
Connection
keep-alive
Content-Length
2
x-served-by
cache-fra-etou8220153-FRA
Ngz3nMqZ.json
cdn-cookieyes.com/client_data/ceabf2794db27ed89be873d1/config/ 		34 KB
6 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn-cookieyes.com/client_data/ceabf2794db27ed89be873d1/config/Ngz3nMqZ.json
Requested by
Host: account-production-legacy.travelnest.com
URL: https://account-production-legacy.travelnest.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3a5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
01492cd05b3e44d805d6093e1aaf018290e8f041a8e346dd07b27950d58b5cc5

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://account-production-legacy.travelnest.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 12:25:09 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Tue, 25 Jun 2024 09:06:06 GMT
server
cloudflare
etag
W/"878f-61bb3353fa643"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=0, must-revalidate, s-maxage=604800, proxy-revalidate
cf-ray
89ce9deca87cbbec-FRA
index.html
wwwtravelnestcom.eu.webpush.freshchat.com/ Frame 3FE4 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://wwwtravelnestcom.eu.webpush.freshchat.com/index.html?ref=aHR0cHM6Ly9hY2NvdW50LXByb2R1Y3Rpb24tbGVnYWN5LnRyYXZlbG5lc3QuY29t
Requested by
Host: account-production-legacy.travelnest.com
URL: https://account-production-legacy.travelnest.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.155.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-155-83.lhr50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://account-production-legacy.travelnest.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-encoding
gzip
content-type
text/html
date
Tue, 02 Jul 2024 12:25:11 GMT
etag
W/"4d98f93ebe4eb8cedbbfdb3004920aeb"
last-modified
Fri, 25 Oct 2019 06:53:38 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 8b50ae2d42852aa6b1f0bbf18cf24e76.cloudfront.net (CloudFront)
x-amz-cf-id
Y2R1a_eEzJDCDTjHNKnOjPSn2eRgUQbI-g6Aekxwr_G8tNynUCzirw==
x-amz-cf-pop
LHR50-P8
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront
WbA2X-c8.json
cdn-cookieyes.com/client_data/ceabf2794db27ed89be873d1/translations/ 		2 KB
840 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn-cookieyes.com/client_data/ceabf2794db27ed89be873d1/translations/WbA2X-c8.json
Requested by
Host: account-production-legacy.travelnest.com
URL: https://account-production-legacy.travelnest.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3a5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dae33eb0749dba5a27dafd97d2c78a95f17a778a89290ed0c8d03a7ff6b90a3c

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://account-production-legacy.travelnest.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 12:25:10 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Tue, 25 Jun 2024 09:06:06 GMT
server
cloudflare
etag
W/"6f5-61bb3353fd523"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=0, must-revalidate, s-maxage=604800, proxy-revalidate
cf-ray
89ce9ded79f1bbec-FRA
j1vSozd2.json
cdn-cookieyes.com/client_data/ceabf2794db27ed89be873d1/audit-table/ 		10 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn-cookieyes.com/client_data/ceabf2794db27ed89be873d1/audit-table/j1vSozd2.json
Requested by
Host: account-production-legacy.travelnest.com
URL: https://account-production-legacy.travelnest.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3a5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab314f4beff0e5ce9d27d34693d7a5c4ab6d25fef4537cf0e06949fbbb670244

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://account-production-legacy.travelnest.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 12:25:10 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Tue, 25 Jun 2024 09:06:06 GMT
server
cloudflare
etag
W/"293f-61bb3353f7762"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=0, must-revalidate, s-maxage=604800, proxy-revalidate
cf-ray
89ce9dee3b4cbbec-FRA
landing
pagead2.googlesyndication.com/pagead/ 		42 B
64 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/landing?gcs=G100&gcd=13q3q3q2q5&tag_exp=0&rnd=1234569033.1719923110&url=https%3A%2F%2Faccount-production-legacy.travelnest.com%2Flogin%2Femail&dma_cps=-&dma=1&npa=1&gtm=45He46q0n81KXWP58Dv811890151za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KXWP58D&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://account-production-legacy.travelnest.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 02 Jul 2024 12:25:10 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
close.svg
cdn-cookieyes.com/assets/images/ 		1 KB
772 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-cookieyes.com/assets/images/close.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3a5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a049e1abe441835a2bcf35258936072189a0a52d0000c4ed2094e59d2afd189b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://account-production-legacy.travelnest.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 12:25:10 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 15 Mar 2022 04:40:50 GMT
server
cloudflare
age
68588
etag
W/"541-5da3a66c769d4"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=0, s-maxage=604800, proxy-revalidate
cf-ray
89ce9def5ca791e3-FRA
poweredbtcky.svg
cdn-cookieyes.com/assets/images/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-cookieyes.com/assets/images/poweredbtcky.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3a5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
911f58b8d14bd6f73a83fd774e44bec97e896317c7093dc83e96921e64f1fbd5

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://account-production-legacy.travelnest.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 12:25:10 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 15 Mar 2022 04:41:24 GMT
server
cloudflare
age
59587
etag
W/"eb2-5da3a68c50d09"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=0, s-maxage=604800, proxy-revalidate
cf-ray
89ce9def5cac91e3-FRA
collect
www.google-analytics.com/ 		35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=2100832329&t=pageview&_s=1&dl=https%3A%2F%2Faccount-production-legacy.travelnest.com%2Flogin%2Femail&ul=de-de&de=UTF-8&dt=Travelnest&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEAAAAABEAAAAAAAIk~&cid=596473818.1719923110&uid=&tid=UA-110578831-1&_gid=2073186363.1719923110&gtm=45He46q0n81KXWP58Dv811890151za200&cd3=&gcs=G100&gcd=13q3q3q2q5&dma_cps=-&dma=1&tag_exp=0&npa=1&z=503546157
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://account-production-legacy.travelnest.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Mon, 01 Jul 2024 23:14:50 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
47420
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
45 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-FSVTHR355K&gtm=45je46q0v9101325606za200zb811890151&_p=1719923108097&gcs=G100&gcd=13q3qPq2q5&npa=1&dma_cps=-&dma=1&tag_exp=0&gdid=dY2Q2ZW&cid=596473818.1719923110&ecid=274794041&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=denied&_eu=AEA&_s=1&sid=1719923108&sct=1&seg=0&dl=https%3A%2F%2Faccount-production-legacy.travelnest.com%2Flogin%2Femail&dt=Travelnest&en=scroll&epn.percent_scrolled=90&_et=1&tfd=3494&_z=fetch
Requested by
Host: account-production-legacy.travelnest.com
URL: https://account-production-legacy.travelnest.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://account-production-legacy.travelnest.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 02 Jul 2024 12:25:10 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://account-production-legacy.travelnest.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
271 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-FSVTHR355K&gtm=45je46q0v9101325606z8811890151za200zb811890151&_p=1719923108097&gcs=G100&gcd=13q3qPq2q5&npa=1&dma_cps=-&dma=1&tag_exp=0&gdid=dY2Q2ZW&cid=596473818.1719923110&ecid=274794041&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=denied&ec_mode=a&_s=2&sid=1719923108&sct=1&seg=0&dl=https%3A%2F%2Faccount-production-legacy.travelnest.com%2Flogin%2Femail&dt=Travelnest&en=page_view&_fv=1&_ss=1&tfd=3495&_z=fetch
Requested by
Host: account-production-legacy.travelnest.com
URL: https://account-production-legacy.travelnest.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://account-production-legacy.travelnest.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 02 Jul 2024 12:25:10 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://account-production-legacy.travelnest.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
log
log.cookieyes.com/api/v1/ 		2 B
152 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://log.cookieyes.com/api/v1/log
Requested by
Host: cdn-cookieyes.com
URL: https://cdn-cookieyes.com/client_data/ceabf2794db27ed89be873d1/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.81.164.152 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-164-152.eu-west-1.compute.amazonaws.com
Software
/ Express
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://account-production-legacy.travelnest.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryFgqOruDfGqiQjLfc

Response headers

access-control-allow-origin
*
date
Tue, 02 Jul 2024 12:25:10 GMT
x-powered-by
Express
content-length
2
etag
W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
content-type
text/plain; charset=utf-8
truncated
/ 		62 KB
62 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5f5f38b0853f6c632de064358a0767e0958cefbe488f84cdaa3f36628df26575

Request headers

Referer
Origin
https://account-production-legacy.travelnest.com
Accept-Language
de-DE,de;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
font/woff2
v2
rs.fullstory.com/rec/bundle/ 		29 B
43 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rs.fullstory.com/rec/bundle/v2?OrgId=K46ED&UserId=73223f02-4293-4a71-a8f4-95ad2d679b68&SessionId=75bb19b2-f3b4-4c43-8eb9-4934474ffc03&PageId=fe6d8d54-7334-4485-9c5f-e7c4238774e1&Seq=1&ClientTime=1719923111728&PageStart=1719923109159&PrevBundleTime=0&LastActivity=2366&IsNewSession=true&ContentEncoding=gzip
Requested by
Host: account-production-legacy.travelnest.com
URL: https://account-production-legacy.travelnest.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
58.194.186.35.bc.googleusercontent.com
Software
/
Resource Hash
5f97d1d39dd169a39aa2bf1029a7c6ef00941f3db8341725d37df703dca27dbb

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://account-production-legacy.travelnest.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://account-production-legacy.travelnest.com
date
Tue, 02 Jul 2024 12:25:12 GMT
via
1.1 google
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29
content-type
application/json; charset=utf-8
v2
rs.fullstory.com/rec/bundle/ 		29 B
43 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rs.fullstory.com/rec/bundle/v2?OrgId=K46ED&UserId=73223f02-4293-4a71-a8f4-95ad2d679b68&SessionId=75bb19b2-f3b4-4c43-8eb9-4934474ffc03&PageId=fe6d8d54-7334-4485-9c5f-e7c4238774e1&Seq=2&ClientTime=1719923114235&PageStart=1719923109159&PrevBundleTime=1719923111817&LastActivity=4884&IsNewSession=true&ContentEncoding=gzip
Requested by
Host: account-production-legacy.travelnest.com
URL: https://account-production-legacy.travelnest.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
58.194.186.35.bc.googleusercontent.com
Software
/
Resource Hash
b49abe9d176b0b8fd970d15476da66f5347e0c04c45fa7a019f6bd56bf1afcb3

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://account-production-legacy.travelnest.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://account-production-legacy.travelnest.com
date
Tue, 02 Jul 2024 12:25:14 GMT
via
1.1 google
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29
content-type
application/json; charset=utf-8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
display.popt.in
URL
https://display.popt.in/APIRequest/3ee6992f7f9a6?domain=https%3A%2F%2Faccount-production-legacy.travelnest.com%2Flogin%2Femail&referrer=&previous_url=https%3A%2F%2Faccount-production-legacy.travelnest.com%2Flogin&cookies=poptin_old_user%3Dtrue%20poptin_user_id%3D0.jmakzw536d%20poptin_previous_url_protocol%3Dsecure%20poptin_previous_url%3Daccount-production-legacy.travelnest.com%2Flogin%20poptin_new_user%3Dtrue%20poptin_viewed_session%3Dfalse%20&triggers=&cc=false&if_mobile=false&page_title=Travelnest&origin_landing_page=https%3A%2F%2Faccount-production-legacy.travelnest.com%2F&if_page_refreshed=false&poptin_viewed_url=https%3A%2F%2Faccount-production-legacy.travelnest.com%2Flogin%2Femail&previous_visited_pages=%2Flogin&shopify_customer_id=0&cart_total_items=0&cart_total_price=0&cart_products_ids_list=&cart_products_org_ids_list=

Verdicts & Comments Add Verdict or Comment

98 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 undefined| event object| fence object| sharedStorage boolean| poptin_single_page_app object| NREUM object| newrelic function| __nr_require object| appConfigChunkLoadingGlobal boolean| pixelAdded boolean| poptin_loadcontrol_fix boolean| poptin_disable_fa boolean| poptin_disable_localstorage boolean| landing_page_teaser_on object| upgrade_popup_setting string| previous_url_spa object| poptinTimeDelayTrigger boolean| poptinExitPopupShown boolean| poptin_display_trigger boolean| poptin_disable_fonts number| updateClockInterval function| jQ224 object| poptinSubmitted function| poptinVisible function| onpoptinClose function| onpoptinSubmit boolean| poptinStarted function| runPoptinNow function| runPoptinNowStart function| pageLoadCheck boolean| isPoptinLandingPage boolean| poptinAfterPageLoad function| closePoptinOnXclick function| closeTabPoptinOnXclick function| poptin_display function| poptin_display_form function| closePoptin function| PoptinQueue function| poptinClientLimitLogStatus function| closeUpgradePopup function| poptinUpgradeDontRemindMe function| poptinUpgradeRemindMe function| poptinUpgradePopupClick object| fcWidget undefined| $ undefined| jQuery string| poptin_viewed_session number| poptin_once string| ap_triggers object| webpackChunkportal function| _ function| setImmediate function| clearImmediate object| dataLayer object| travelnest object| google_tag_manager object| google_tag_data boolean| _fs_debug string| _fs_host string| _fs_script string| _fs_org string| _fs_namespace function| FS object| _linkedin_data_partner_ids boolean| _already_called_lintrk string| event_id function| fbq function| _fbq object| referralJS string| TiktokAnalyticsObject object| ttq string| GoogleAnalyticsObject function| ga function| onYouTubeIframeAPIReady function| lintrk object| ORIBILI object| cookieyes string| _fs_loaded function| _fs_shutdown object| gaplugins object| regeneratorRuntime function| revisitCkyConsent function| performBannerAction function| getCkyConsent boolean| isRRJSScriptLoaded function| executeIfRRScriptNotLoaded object| GenericWidget object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge function| TiktokJelly object| _jelly_sdks string| _fs_rec_settings_host object| gaGlobal object| gaData

6 Cookies

Domain/Path Name / Value
.tiktok.com/ Name: _ttp
Value: 2igrYVxs1H50PnjUUxJmxwk7ItU
.linkedin.com/ Name: bcookie
Value: "v=2&8f662d5f-74eb-4fbc-890d-27a3a20059c1"
.linkedin.com/ Name: li_gc
Value: MTswOzE3MTk5MjMxMDg7MjswMjHizQGegaMnGjfLxxLsDz/B3SEm0X9tHUutQw8IZPr28w==
.linkedin.com/ Name: lidc
Value: "b=TGST03:s=T:r=T:a=T:p=T:g=3280:u=1:x=1:i=1719923108:t=1720009508:v=2:sig=AQESF3tcQ0nrHNfs-97JeKJ5vIBcBHSd"
.travelnest.com/ Name: _ttp
Value: 4VYs4-BbfXwGLcWdMRXpnTOO1k4
.travelnest.com/ Name: cookieyes-consent
Value: consentid:R1NWMDFEZmVNNEZYa29rejFYdEF0Nm0yODJ4WGhiSng,consent:no,action:,necessary:yes,functional:no,analytics:no,performance:no,advertisement:no,other:no

3 Console Messages

Source Level URL
Text
network error URL: https://display.popt.in/APIRequest/3ee6992f7f9a6?domain=https%3A%2F%2Faccount-production-legacy.travelnest.com%2F&referrer=&previous_url=&cookies=poptin_old_user%3Dtrue%20poptin_user_id%3D0.jmakzw536d%20poptin_previous_url%3D%20poptin_new_user%3Dtrue%20poptin_viewed_session%3Dfalse%20&triggers=&cc=false&if_mobile=false&page_title=Travelnest&origin_landing_page=https%3A%2F%2Faccount-production-legacy.travelnest.com%2F&if_page_refreshed=false&poptin_viewed_url=https%3A%2F%2Faccount-production-legacy.travelnest.com%2F&previous_visited_pages=&shopify_customer_id=0&cart_total_items=0&cart_total_price=0&cart_products_ids_list=&cart_products_org_ids_list=
Message:
Failed to load resource: the server responded with a status of 401 ()
network error URL: https://display.popt.in/APIRequest/3ee6992f7f9a6?domain=https%3A%2F%2Faccount-production-legacy.travelnest.com%2Flogin%2Femail&referrer=&previous_url=https%3A%2F%2Faccount-production-legacy.travelnest.com%2Flogin&cookies=poptin_old_user%3Dtrue%20poptin_user_id%3D0.jmakzw536d%20poptin_previous_url_protocol%3Dsecure%20poptin_previous_url%3Daccount-production-legacy.travelnest.com%2Flogin%20poptin_new_user%3Dtrue%20poptin_viewed_session%3Dfalse%20&triggers=&cc=false&if_mobile=false&page_title=Travelnest&origin_landing_page=https%3A%2F%2Faccount-production-legacy.travelnest.com%2F&if_page_refreshed=false&poptin_viewed_url=https%3A%2F%2Faccount-production-legacy.travelnest.com%2Flogin%2Femail&previous_visited_pages=%2Flogin&shopify_customer_id=0&cart_total_items=0&cart_total_price=0&cart_products_ids_list=&cart_products_org_ids_list=
Message:
Failed to load resource: the server responded with a status of 401 ()
network error URL: https://bam.eu01.nr-data.net/1/NRJS-d6d98c99d79cfc8ae96?a=103299404&sa=1&v=1184.ab39b52&t=Unnamed%20Transaction&rst=3040&ck=1&ref=https://account-production-legacy.travelnest.com/login/email&be=170&fe=2860&dc=471&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1719923106783,%22n%22:0,%22f%22:0,%22dn%22:16,%22dne%22:16,%22c%22:16,%22s%22:57,%22ce%22:100,%22rq%22:100,%22rp%22:143,%22rpe%22:144,%22dl%22:148,%22di%22:470,%22ds%22:470,%22de%22:471,%22dc%22:2860,%22l%22:2860,%22le%22:2864%7D,%22navigation%22:%7B%7D%7D&fp=1719&fcp=1719&jsonp=NREUM.setToken
Message:
Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

account-production-legacy.travelnest.com
analytics.tiktok.com
bam.eu01.nr-data.net
cdn-cookieyes.com
cdn.popt.in
cdnjs.cloudflare.com
connect.facebook.net
display.popt.in
edge.fullstory.com
js-agent.newrelic.com
log.cookieyes.com
pagead2.googlesyndication.com
px.ads.linkedin.com
px4.ads.linkedin.com
region1.google-analytics.com
rs.fullstory.com
snap.licdn.com
travelnest.freshchat.com
travelnest.referralrock.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
wwwtravelnestcom.eu.webpush.freshchat.com
display.popt.in
104.17.24.14
13.107.42.14
13.32.121.30
142.250.184.194
172.67.69.47
18.158.184.10
18.244.155.83
185.221.87.23
20.75.106.146
2001:4860:4802:32::36
23.36.162.223
2602:816:5001::39
2606:4700:10::6816:3a5b
2620:1ec:21::14
2a00:1450:4001:828::200e
2a00:1450:4001:829::2008
2a02:26f0:480:15::213:7e63
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
3.75.18.74
35.186.194.58
35.201.112.186
99.81.164.152
01492cd05b3e44d805d6093e1aaf018290e8f041a8e346dd07b27950d58b5cc5
0160468e07f3d8e02ac1b79c3fe4d444fbecfdfa80912bb73a14909894299057
0b1334c8028eb18cd43edaedb5c612f6997c679730cdcf39fff077d3d8565c42
130ae01ae872e6811367730e6ad24e23c775042c080579d178a10af56539253b
1d192e1c77d4994dd103c54cc4b08915e159bbcf72e78e98533cc772f7768b38
2291c03ef69f306c6d9c2903da4a0ac7bc4a67f5a531cf21fac843cc0b77d349
2a87fb6221ac2d91fa0b20337351bac16dfe759cf2f22e5d715829b8f23532fc
3437f195c3f03e93049d9ef9c9e79b2ebeb8b97339a268cf2d6e4ab38aee09c5
39e72c0794c12f2dbb14a0f61ca946b535f795b1478fcf795bd26e5cb52ded34
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
58e78ddbe7394cd14a1e3bc3d8a85a8f9a5c319653ce2a50008ed33560df6b1b
5d99df2a5b36d51f6ee1d4d9d89450c8a2d33fb43a8b4dcf8035f90aa97fcb70
5f5f38b0853f6c632de064358a0767e0958cefbe488f84cdaa3f36628df26575
5f97d1d39dd169a39aa2bf1029a7c6ef00941f3db8341725d37df703dca27dbb
601db2fb728e428902d45e0ec52bfaa53ad79a3b670a5ec07019eaeb1ca40d9b
6745fb1d61fceb170d42e79732d55e9a9f8259b027ba0ee9ed76b83811136f92
6ac927bf968f13f78b024de0f986ca3a18d95852aee8423f748d252fca5c5c96
70e4466265be4a41093c076e79ac361d193dd9f6e7057aedfc374c1c303132b3
7506cc31a70b7dfdb2caa232c90682282bb37c9d05e5632c12a029e7dee7d3e4
7c1327091b93d25d38ec5c80b87d787e98f98b9049a19798796e25ded70ade0b
7dd47df5361f5b4d70a9d93b4e8d548ab68df5e611421b4774070f58fc64b827
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
911f58b8d14bd6f73a83fd774e44bec97e896317c7093dc83e96921e64f1fbd5
919fc24342acdc1d2e7ba50ba27e32f9fd046c5b1c90ad91d8e9770bab75958f
942a9ba1fe78b402e8b52b83058dbbabde8db6b4d1debf960d6d5afe5192db52
a049e1abe441835a2bcf35258936072189a0a52d0000c4ed2094e59d2afd189b
a652363c37efe5b0d60b9d1ee1c584e194e4c8e78450727cb1fea93d0e74eb2a
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ab314f4beff0e5ce9d27d34693d7a5c4ab6d25fef4537cf0e06949fbbb670244
b49abe9d176b0b8fd970d15476da66f5347e0c04c45fa7a019f6bd56bf1afcb3
b6aac84281baba4aeefe7faee34f2c0106447a93acc4a0bda3e593a258be41e3
bc03b37dd3b202d705953ba4c5cdf2b13df4d266b026bf5f7ccb396472dc83de
c4dccdd9ae25b64078e0c73f273de94f8894d5c99e4741645ece29aeefc9c5a4
c666562547de9639410bbe31d0d0809aadd44c030ecc5066a7ddf234d27679b0
cd82fd00256cc6411fd5c7dcef3807773225dfc61915f1299e2de693a08eac88
d0d7da02336cb285482bafa21d5fe0f88de391dae9c954280d6a12bf6df0485b
d235497e83c12233dfc2f0f8d2ddd30977bf7e14ed39feae5865fd7b295a84e1
d891e16dbaf81b89f017b6516afdeffe602f8df1d5e269429e7b6eaf63726a03
dae33eb0749dba5a27dafd97d2c78a95f17a778a89290ed0c8d03a7ff6b90a3c
de1805522e8bde4516893684590f431b5bc8716638f3b9cdbf4e987767e61a65
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e228cd6508bd94e13d9b47f925c1efe02dcead6bddf45665b39d62244a3d533d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2cd8c1f224de496524c3d6362250eae0c0b4d1d90e2f68ae1fb0ea67cf03138
fa64f852eee341e385a63c51899e38abfff04490c24ef90aee5568403fdb9b5a