www.safarinow.com Open in urlscan Pro
2606:4700::6811:ed43 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.safarinow.com/go/gecko-lodge-bela-bela/
Submission: On February 14 via api (February 14th 2023, 1:15:41 pm UTC) from ZA — Scanned from DE

Summary HTTP 110 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 50 IPs in 10 countries across 44 domains to perform 110 HTTP transactions. The main IP is 2606:4700::6811:ed43, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.safarinow.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 2nd 2022. Valid for: a year.

This is the only time www.safarinow.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
22	2606:4700::68... 2606:4700::6811:ed43	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
6	2606:4700::68... 2606:4700::6810:6e45	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:400d:808::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:806::200e	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2 5	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
3	2606:4700::68... 2606:4700::6812:1d93	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:400d:80a::2003	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	67.202.105.22 67.202.105.22	32748 (STEADFAST) (STEADFAST)
1	2600:9000:205... 2600:9000:2057:3800:8:cf94:88c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	151.101.2.137 151.101.2.137	54113 (FASTLY) (FASTLY)
1	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 2	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
2	162.247.241.14 162.247.241.14	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
4 5	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	178.250.2.151 178.250.2.151	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 2	52.59.129.17 52.59.129.17	16509 (AMAZON-02) (AMAZON-02)
2 2	185.83.142.19 185.83.142.19	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	3.65.233.109 3.65.233.109	16509 (AMAZON-02) (AMAZON-02)
1	2.18.235.93 2.18.235.93	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1	3.126.136.128 3.126.136.128	16509 (AMAZON-02) (AMAZON-02)
1	185.86.139.101 185.86.139.101	201081 (SMARTADSE...) (SMARTADSERVER)
1	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	23.35.209.30 23.35.209.30	16625 (AKAMAI-AS) (AKAMAI-AS)
1	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
1 2	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
1	37.157.6.254 37.157.6.254	198622 (ADFORM) (ADFORM)
1	185.255.84.153 185.255.84.153	200271 (IGUANE-) (IGUANE-)
1	185.89.210.153 185.89.210.153	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	104.18.33.19 104.18.33.19	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	54.217.237.24 54.217.237.24	16509 (AMAZON-02) (AMAZON-02)
1	162.19.138.82 162.19.138.82	16276 (OVH) (OVH)
1	34.117.157.22 34.117.157.22	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	3.126.78.222 3.126.78.222	16509 (AMAZON-02) (AMAZON-02)
1	20.13.96.71 20.13.96.71	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	2600:1f18:612... 2600:1f18:612b:4200:a29c:1631:ad5c:ae7b	14618 (AMAZON-AES) (AMAZON-AES)
1	104.96.129.75 104.96.129.75	16625 (AKAMAI-AS) (AKAMAI-AS)
1	54.217.97.242 54.217.97.242	16509 (AMAZON-02) (AMAZON-02)
1	54.72.113.247 54.72.113.247	16509 (AMAZON-02) (AMAZON-02)
3	23.22.89.152 23.22.89.152	14618 (AMAZON-AES) (AMAZON-AES)
1	3.23.149.151 3.23.149.151	16509 (AMAZON-02) (AMAZON-02)
110	50

22 2606:4700::6811:ed43 (United States)

ASN13335 (CLOUDFLARENET, US)

www.safarinow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6810:6e45 (United States)

ASN13335 (CLOUDFLARENET, US)

sncdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400d:808::2003 (Ireland)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:806::200e (Ireland)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.184.8.90 (Amsterdam, Netherlands) 2 redirects

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fledge-eu.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:1d93 (United States)

ASN13335 (CLOUDFLARENET, US)

ssl.widgets.webengage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
wsdk-files.webengage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:400d:80a::2003 (Ireland)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.105.22 (Palos Park, United States)

ASN32748 (STEADFAST, US)
PTR: ip22.67-202-105.static.steadfastdns.net

ssc-cms.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:3800:8:cf94:88c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

11b56488d.webengage.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.226 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.247.241.14 (Apex, United States)

ASN23467 (NEWRELIC-AS-1, US)

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:2638:1::13 (France) 4 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

sslwidget.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.59.129.17 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-129-17.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.83.142.19 (Amsterdam, Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.65.233.109 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-65-233-109.eu-central-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.235.93 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-93.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.126.136.128 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-136-128.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.139.101 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.209.30 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-209-30.deploy.static.akamaitechnologies.com

criteo-sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.156.0.31 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.6.254 (Denmark)

ASN198622 (ADFORM, DK)

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.255.84.153 (France)

ASN200271 (IGUANE-, FR)

visitor.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.89.210.153 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.33.19 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

r.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.217.237.24 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-217-237-24.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.82 (France)

ASN16276 (OVH, FR)
PTR: ns31532337.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.157.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.157.117.34.bc.googleusercontent.com

matching.ivitrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.126.78.222 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-78-222.eu-central-1.compute.amazonaws.com

exchange.mediavine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.13.96.71 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4200:a29c:1631:ad5c:ae7b (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

criteo-partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.96.129.75 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a104-96-129-75.deploy.static.akamaitechnologies.com

ad.yieldlab.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.217.97.242 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-217-97-242.eu-west-1.compute.amazonaws.com

sync-criteo.ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.72.113.247 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-113-247.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.22.89.152 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-22-89-152.compute-1.amazonaws.com

c.webengage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.23.149.151 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-23-149-151.us-east-2.compute.amazonaws.com

s.thebrighttag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	safarinow.com www.safarinow.com	680 KB
9	criteo.com 4 redirects gum.criteo.com — Cisco Umbrella Rank: 443 mug.criteo.com — Cisco Umbrella Rank: 1837 sslwidget.criteo.com — Cisco Umbrella Rank: 2034 dis.criteo.com — Cisco Umbrella Rank: 912	13 KB
8	google.com www.google.com — Cisco Umbrella Rank: 18	28 KB
6	gstatic.com fonts.gstatic.com www.gstatic.com	559 KB
6	webengage.com ssl.widgets.webengage.com — Cisco Umbrella Rank: 39567 wsdk-files.webengage.com — Cisco Umbrella Rank: 19329 c.webengage.com — Cisco Umbrella Rank: 9560	65 KB
6	sncdn.com sncdn.com	432 KB
6	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 67 stats.g.doubleclick.net — Cisco Umbrella Rank: 160 cm.g.doubleclick.net — Cisco Umbrella Rank: 308	5 KB
5	creativecdn.com 2 redirects creativecdn.com — Cisco Umbrella Rank: 680 fledge-eu.creativecdn.com — Cisco Umbrella Rank: 11543 cm.creativecdn.com — Cisco Umbrella Rank: 8744	3 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 189	224 KB
4	google.de www.google.de — Cisco Umbrella Rank: 3701	734 B
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 303 secure.adnxs.com — Cisco Umbrella Rank: 673	3 KB
3	facebook.com www.facebook.com — Cisco Umbrella Rank: 98	267 B
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 93 region1.google-analytics.com — Cisco Umbrella Rank: 1904	20 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 109	239 KB
2	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 274	2 KB
2	casalemedia.com 1 redirects r.casalemedia.com — Cisco Umbrella Rank: 1980	1 KB
2	yahoo.com 1 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 393	507 B
2	360yield.com 1 redirects ad.360yield.com — Cisco Umbrella Rank: 809	854 B
2	bidswitch.net 1 redirects x.bidswitch.net — Cisco Umbrella Rank: 405	879 B
2	nr-data.net bam.nr-data.net — Cisco Umbrella Rank: 406	1 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 343	31 KB
1	thebrighttag.com s.thebrighttag.com — Cisco Umbrella Rank: 2662	268 B
1	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 813	339 B
1	yieldmo.com sync-criteo.ads.yieldmo.com — Cisco Umbrella Rank: 2590	220 B
1	yieldlab.net ad.yieldlab.net — Cisco Umbrella Rank: 4005	525 B
1	tremorhub.com criteo-partners.tremorhub.com — Cisco Umbrella Rank: 2601	183 B
1	pubmatic.com simage2.pubmatic.com — Cisco Umbrella Rank: 962	580 B
1	outbrain.com sync.outbrain.com — Cisco Umbrella Rank: 956	145 B
1	mediavine.com exchange.mediavine.com — Cisco Umbrella Rank: 1721	881 B
1	ivitrack.com matching.ivitrack.com — Cisco Umbrella Rank: 2939	274 B
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 521	1 KB
1	omnitagjs.com visitor.omnitagjs.com — Cisco Umbrella Rank: 1059	235 B
1	adform.net cm.adform.net — Cisco Umbrella Rank: 1822	163 B
1	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 501	140 B
1	teads.tv criteo-sync.teads.tv — Cisco Umbrella Rank: 2336	172 B
1	taboola.com sync-t1.taboola.com — Cisco Umbrella Rank: 1572	99 B
1	smartadserver.com rtb-csync.smartadserver.com — Cisco Umbrella Rank: 767	114 B
1	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 762	35 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 442	239 B
1	media.net contextual.media.net — Cisco Umbrella Rank: 787	980 B
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 742	14 KB
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 730	18 KB
1	webengage.co 11b56488d.webengage.co	2 KB
1	33across.com ssc-cms.33across.com — Cisco Umbrella Rank: 1382	73 B
110	44

	Domain	Requested by
22	www.safarinow.com	www.safarinow.com
8	www.google.com	www.safarinow.com www.google.com
6	sncdn.com	www.safarinow.com
5	gum.criteo.com	4 redirects www.safarinow.com
5	www.gstatic.com	www.safarinow.com www.google.com
4	connect.facebook.net	www.safarinow.com
4	www.google.de	www.safarinow.com
3	c.webengage.com	ssl.widgets.webengage.com
3	www.facebook.com	www.safarinow.com
3	creativecdn.com	2 redirects www.safarinow.com
3	googleads.g.doubleclick.net	www.safarinow.com
3	www.googletagmanager.com	www.safarinow.com
2	dpm.demdex.net	1 redirects
2	r.casalemedia.com	1 redirects
2	ups.analytics.yahoo.com	1 redirects
2	ad.360yield.com	1 redirects
2	ib.adnxs.com	2 redirects
2	dis.criteo.com
2	x.bidswitch.net	1 redirects
2	bam.nr-data.net	www.safarinow.com
2	cm.g.doubleclick.net	2 redirects
2	wsdk-files.webengage.com	11b56488d.webengage.co ssl.widgets.webengage.com
2	www.google-analytics.com	www.safarinow.com
2	cdnjs.cloudflare.com	www.safarinow.com
1	s.thebrighttag.com
1	beacon.krxd.net
1	sync-criteo.ads.yieldmo.com
1	ad.yieldlab.net
1	criteo-partners.tremorhub.com
1	simage2.pubmatic.com
1	sync.outbrain.com
1	exchange.mediavine.com
1	matching.ivitrack.com
1	id5-sync.com
1	secure.adnxs.com
1	visitor.omnitagjs.com
1	cm.adform.net
1	eb2.3lift.com
1	criteo-sync.teads.tv
1	sync-t1.taboola.com
1	rtb-csync.smartadserver.com
1	match.sharethrough.com
1	pixel.rubiconproject.com
1	contextual.media.net
1	sslwidget.criteo.com	www.safarinow.com
1	mug.criteo.com
1	cm.creativecdn.com
1	static.criteo.net	www.safarinow.com
1	js-agent.newrelic.com	www.safarinow.com
1	stats.g.doubleclick.net	www.safarinow.com
1	fledge-eu.creativecdn.com	creativecdn.com
1	11b56488d.webengage.co	www.safarinow.com
1	ssc-cms.33across.com	creativecdn.com
1	region1.google-analytics.com	www.googletagmanager.com
1	fonts.gstatic.com	www.safarinow.com
1	ssl.widgets.webengage.com	www.safarinow.com
110	56

This site contains links to these domains. Also see Links.

Domain
support.safarinow.com
sncdn.com
d1zyr4xmqw3mni.cloudfront.net
feedback.safarinow.com
establishments.safarinow.com
affiliate.safarinow.com
sacoronavirus.co.za

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-02` - `2023-06-01`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-11-23` - `2023-02-21`	3 months	crt.sh
*.creativecdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-17` - `2023-04-12`	a year	crt.sh
webengage.com Cloudflare Inc ECC CA-3	`2022-04-23` - `2023-04-22`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2022-09-06` - `2023-09-30`	a year	crt.sh
webengage.co Amazon	`2022-07-04` - `2023-08-02`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2022 Q2	`2022-07-10` - `2023-08-11`	a year	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-13` - `2023-04-15`	3 months	crt.sh
*.nr-data.net DigiCert TLS RSA SHA256 2020 CA1	`2022-11-18` - `2023-12-19`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-04` - `2023-03-31`	3 months	crt.sh
*.media.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-10` - `2024-02-18`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
*.sharethrough.com Amazon RSA 2048 M02	`2023-02-10` - `2023-08-12`	6 months	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
*.taboola.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-08` - `2023-12-31`	a year	crt.sh
teads.tv R3	`2023-01-20` - `2023-04-20`	3 months	crt.sh
*.3lift.com Amazon RSA 2048 M01	`2023-02-10` - `2023-06-11`	4 months	crt.sh
*.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-05-18` - `2023-06-16`	a year	crt.sh
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA	`2022-06-21` - `2023-07-21`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
*.id5-sync.com R3	`2023-01-25` - `2023-04-25`	3 months	crt.sh
itm.ivitrack.com R3	`2023-02-03` - `2023-05-04`	3 months	crt.sh
exchange.mediavine.com Amazon RSA 2048 M01	`2023-02-11` - `2023-08-04`	6 months	crt.sh
*.outbrain.com Thawte RSA CA 2018	`2022-11-06` - `2023-11-28`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
*.tremorhub.com Amazon	`2022-03-24` - `2023-04-22`	a year	crt.sh
*.yieldlab.net DigiCert TLS RSA SHA256 2020 CA1	`2022-11-16` - `2023-11-15`	a year	crt.sh
*.ads.yieldmo.com Amazon RSA 2048 M02	`2023-02-10` - `2023-07-01`	5 months	crt.sh
*.webengage.com DigiCert TLS RSA SHA256 2020 CA1	`2022-05-05` - `2023-05-11`	a year	crt.sh

This page contains 9 frames:

Primary Page: https://www.safarinow.com/go/gecko-lodge-bela-bela/
Frame ID: ACD73F1870C5A54F7EAB228874BACFC7
Requests: 68 HTTP requests in this frame

Frame: https://creativecdn.com/tags?type=iframe&id=pr_xylUmCJNStcaRCOmCtCT&id=pr_xylUmCJNStcaRCOmCtCT_lid_znj5elKhcYWQWEnfismw&su=https%3A%2F%2Fwww.safarinow.com%2Fgo%2Fgecko-lodge-bela-bela%2F&sr=&ts=1676380534097&tc=1
Frame ID: 4A9AE665F1A699448572B8C154A6013D
Requests: 2 HTTP requests in this frame

Frame: https://11b56488d.webengage.co/storage-frame-1.18.htm?cdn=y&cbf=webengage-engagement-callback-frame&lc=11b56488d
Frame ID: 7260223649FCF1FED9471803F07AE6AA
Requests: 2 HTTP requests in this frame

Frame: https://fledge-eu.creativecdn.com/fledge-igmembership?ntk=2PbYA_tS75vlnwPA01w8kz-gSfQwSyKHAIlCGIY2jiKNru7uY7h8TFU5IqF1i9EgJYxupK3Z0CK3NfRnyysFDA
Frame ID: 3EC83549FA956439646C05601A846DC3
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeuugATAAAAAJFmsgWGTaSNunnXIk68kqKMXyV2&co=aHR0cHM6Ly93d3cuc2FmYXJpbm93LmNvbTo0NDM.&hl=de&v=tNAc29ZZrpcOCErva2nr4BS9&size=normal&cb=o5ypvib2ig8u
Frame ID: 4E0336D9AA25415512B8C4A5B54DFAA5
Requests: 4 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=tNAc29ZZrpcOCErva2nr4BS9&k=6LeuugATAAAAAJFmsgWGTaSNunnXIk68kqKMXyV2
Frame ID: D45EEB264D6E00A700088EDB90FD62E4
Requests: 3 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: CAE2C400050EA82CDEA6C2AB0DAFAABB
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=www.safarinow.com&origin=onetag
Frame ID: 7336268A4E9FC7ECE23CFCDB3778D082
Requests: 2 HTTP requests in this frame

Frame: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-Cv8E7aT1jS1oV-pW9C6-WqLOm6Q952BziYimgQ&expires=30
Frame ID: 6763169E4488607A895E55E46716FABB
Requests: 27 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Gecko Lodge View all photos.View all photos.

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Criteo (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

//static\.criteo\.net/js/ld/ld\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

110
Requests

90 %
HTTPS

37 %
IPv6

44
Domains

56
Subdomains

50
IPs

10
Countries

2342 kB
Transfer

5975 kB
Size

55
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://support.safarinow.com/support/home
Title: Help

Search URL Search Domain Scan URL

URL: https://sncdn.com/imagecache/db/id/2866932/gmt_1995623.jpg

Search URL Search Domain Scan URL

URL: https://sncdn.com/imagecache/db/id/2905807/gmt_2033671.jpg

Search URL Search Domain Scan URL

URL: https://sncdn.com/imagecache/db/id/2937264/gmt_2139500.jpg

Search URL Search Domain Scan URL

URL: https://d1zyr4xmqw3mni.cloudfront.net/image/1600/gallery/31741/property/241452.jpg

Search URL Search Domain Scan URL

URL: https://d1zyr4xmqw3mni.cloudfront.net/image/1600/gallery/31389/property/208039.jpg

Search URL Search Domain Scan URL

URL: https://sncdn.com/imagecache/db/id/3235549/gmt_3187948.jpg

Search URL Search Domain Scan URL

URL: https://feedback.safarinow.com/
Title: Help for Guests

Search URL Search Domain Scan URL

URL: https://establishments.safarinow.com/
Title: Help for Hosts

Search URL Search Domain Scan URL

URL: https://affiliate.safarinow.com/
Title: Help for Affiliates

Search URL Search Domain Scan URL

URL: https://sacoronavirus.co.za/
Title: Visit the SA Dept of Health for Covid-19 updates

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 25

https://creativecdn.com/tags?type=iframe&id=pr_xylUmCJNStcaRCOmCtCT&id=pr_xylUmCJNStcaRCOmCtCT_lid_znj5elKhcYWQWEnfismw&su=https%3A%2F%2Fwww.safarinow.com%2Fgo%2Fgecko-lodge-bela-bela%2F&sr=&ts=1676380534097 HTTP 302
https://creativecdn.com/tags?type=iframe&id=pr_xylUmCJNStcaRCOmCtCT&id=pr_xylUmCJNStcaRCOmCtCT_lid_znj5elKhcYWQWEnfismw&su=https%3A%2F%2Fwww.safarinow.com%2Fgo%2Fgecko-lodge-bela-bela%2F&sr=&ts=1676380534097&tc=1

Request Chain 66

https://creativecdn.com/tags?type=img&id=pr_xylUmCJNStcaRCOmCtCT_offer_3794740&gtmcb=1192027099 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rtb_house&google_cm&google_sc&google_ula=5153224&google_hm=dWk3MmJLM2dvVGtpS2JSeXlka2s%3D&pi=adx&tdc=ams&chain= HTTP 302
https://cm.creativecdn.com/adx/cm?v=2&pi=adx&tdc=ams&chain=&google_gid=CAESEJZ_mSDw90-2-Wz91lTz9QI&google_cver=1&google_ula=5153224,0

Request Chain 75

https://gum.criteo.com/sid/json?origin=onetag&domain=safarinow.com&sn=ChromeSyncframe&so=0&topUrl=www.safarinow.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=d_32_XwrbWh2L3hrNEkvbkVMRllncnFQV1FHTWdkMWdzNW1Fa3VRRWFPb0lDY3FiekdPRWpSVlRoTndhc1NiRm5hZDA3RlhIZmRYM0JlRGFlSERWRmprd0Ywb1BlSnNJeVoyM1VsWDNFQ2Zvd3lWUXBwQmdFYzFQVmZpVXhNOTBQL1c0dzlIVUhqcnVRM1BVaS8rd2JwSHhIY3duMUhpMkliRHFubndWNnFDT1VNU2xNdVUyUU1yYXEvUm0xMjlzRlkvM1liS3hVNmNCR2dnZW4rc3N5Z1hoQUcxUHNqMlc5UnliREZLTVV5dFd5SGo4M1h0aXRIZm1XZHB0S2x2OFEvdjFCb21aQm00Q1F0dXFTem1FSVlzaFhNUT09fA&cppv=2

Request Chain 77

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-Cv8E7aT1jS1oV-pW9C6-WqLOm6Q952BziYimgQ&expires=30 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-Cv8E7aT1jS1oV-pW9C6-WqLOm6Q952BziYimgQ&expires=30

Request Chain 78

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-Ib2Vm6T1jS1oV-pW9C6-WqLOm6Rb-eZ65EAVgQ&google_cm&google_hm=ay1JYjJWbTZUMWpTMW9WLXBXOUM2LVdxTE9tNlJiLWVaNjVFQVZnUQ HTTP 302
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-Ib2Vm6T1jS1oV-pW9C6-WqLOm6Rb-eZ65EAVgQ&google_gid=CAESEA8I7IepCEZAVCMi1jicjxE&google_cver=1&google_ula=913071,0

Request Chain 79

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=1239378064086928710

Request Chain 80

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-ZVQqsaT1jS1oV-pW9C6-WqLOm6SRhIMvu5bBsw HTTP 302
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-ZVQqsaT1jS1oV-pW9C6-WqLOm6SRhIMvu5bBsw

Request Chain 88

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-0wK5BKT1jS1oV-pW9C6-WqLOm6T0qEf52g2_xg HTTP 302
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-0wK5BKT1jS1oV-pW9C6-WqLOm6T0qEf52g2_xg&verify=true

Request Chain 92

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-xCUQv6T1jS1oV-pW9C6-WqLOm6TzeLX0S9yMQg HTTP 302
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-xCUQv6T1jS1oV-pW9C6-WqLOm6TzeLX0S9yMQg&C=1

Request Chain 93

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=7VQL8yDKuSXXLVccWP_5fRZm9vp7F-4D HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=7VQL8yDKuSXXLVccWP_5fRZm9vp7F-4D

Request Chain 103

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP 302
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=_jm7JO1QSUqIYRiHlN4q8juKXWskqRhl

Request Chain 105

https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40 HTTP 302
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=U4AuqQZIe39CDGJs2pkQdA5Fcg7RJBK0

110 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.safarinow.com/go/gecko-lodge-bela-bela/ 162 KB
37 KB 296ms
131ms Document
text/html 2606:4700::6811:ed43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.safarinow.com/go/gecko-lodge-bela-bela/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:ed43 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d1a619b435d5c5c43443342481d84e9448bdb56cb8966d65c797a1ab94f57ed1

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private
cf-cache-status: DYNAMIC
cf-ray: 799612bf0aa09b71-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Tue, 14 Feb 2023 13:15:33 GMT
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
server: cloudflare
strict-transport-security: max-age=2592000
x-frame-options: SAMEORIGIN

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 173 KB
64 KB 71ms
27ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-734328598

Requested by

Host: www.safarinow.com
URL: https://www.safarinow.com/go/gecko-lodge-bela-bela/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2d3cb58a4475cd785b20f9b507b66f5c8ca0daedb79214817e37af22dd2c65d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.safarinow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 13:15:33 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64721
x-xss-protection: 0
last-modified: Tue, 14 Feb 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 14 Feb 2023 13:15:33 GMT

GET
H2 200 critical
www.safarinow.com/bundles/css/ 5 KB
1 KB 24ms
23ms Stylesheet
text/css 2606:4700::6811:ed43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.safarinow.com/bundles/css/critical?v=MvzifqFGMKNmr64pWXuSqDyaqx48YmvnIIrUy2ijswk1

Requested by

Host: www.safarinow.com
URL: https://www.safarinow.com/go/gecko-lodge-bela-bela/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:ed43 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4c2d0feed28a7d9c6efaa8be76ade9b873daff15e82ffe9b474791b8b68f558a

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.safarinow.com/go/gecko-lodge-bela-bela/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 13:15:33 GMT
strict-transport-security: max-age=2592000
content-encoding: br
cf-cache-status: HIT
age: 17421
cf-polished: origSize=4875
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 14 Feb 2023 08:25:12 GMT
server: cloudflare
vary: User-Agent, Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: public, max-age=31518579
cf-ray: 799612c00c7b9b71-FRA
expires: Wed, 14 Feb 2024 08:25:12 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/734328598/ 2 KB
1 KB 125ms
64ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/734328598/?random=1676380533857&cv=11&fst=1676380533857&bg=ffffff&guid=ON&async=1&gtm=45be32d0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.safarinow.com%2Fgo%2Fgecko-lodge-bela-bela%2F&auid=1106443493.1676380534&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.safarinow.com
URL: https://www.safarinow.com/go/gecko-lodge-bela-bela/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

daba0d8b5c7be8f4b2150cd96a2c81ffd738a299cca4650a98ebf2e79268c180

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.safarinow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Feb 2023 13:15:33 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 871
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 fontello.woff2
www.safarinow.com/bundles/font/ 19 KB
19 KB 23ms
22ms Font
application/font-woff2 2606:4700::6811:ed43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.safarinow.com/bundles/font/fontello.woff2?5086710

Requested by

Host: www.safarinow.com
URL: https://www.safarinow.com/go/gecko-lodge-bela-bela/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:ed43 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea9b79716003ab5d8337d845631e112b9781019a498233cf2408f1a7d58a507b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://www.safarinow.com/go/gecko-lodge-bela-bela/
Origin: https://www.safarinow.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 13:15:33 GMT
strict-transport-security: max-age=2592000
cf-cache-status: HIT
age: 14503
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 19468
last-modified: Wed, 07 Apr 2021 09:46:44 GMT
server: cloudflare
etag: "09a15eb922bd71:0"
vary: Accept-Encoding
content-type: application/font-woff2
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 799612c12fe79a21-FRA
expires: Fri, 17 Mar 2023 13:15:33 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 346 KB
100 KB 41ms
40ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-LHFG

Requested by

Host: www.safarinow.com
URL: https://www.safarinow.com/go/gecko-lodge-bela-bela/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ce3dbf89239794aa1ff3c87739f944210855c0be0f61e7e9b59fcb3c3517d90c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.safarinow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 13:15:33 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 101816
x-xss-protection: 0
last-modified: Tue, 14 Feb 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 14 Feb 2023 13:15:33 GMT

GET
H3 200 safarinow.png
www.safarinow.com/res/img/homepage/ 3 KB
4 KB 41ms
34ms Image
image/webp 2606:4700::6811:ed43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.safarinow.com/res/img/homepage/safarinow.png

Requested by

Host: www.safarinow.com
URL: https://www.safarinow.com/go/gecko-lodge-bela-bela/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:ed43 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6d5d492ebfbcb870043022f9dda638b11086698377b702c73cbd64e4a5469b40

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.safarinow.com/go/gecko-lodge-bela-bela/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 13:15:33 GMT
strict-transport-security: max-age=2592000
cf-cache-status: HIT
age: 412429
cf-polished: origFmt=png, origSize=3580
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
content-disposition: inline; filename="safarinow.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3278
cf-bgj: imgq:85,h2pri
last-modified: Wed, 07 Apr 2021 09:46:50 GMT
server: cloudflare
etag: "021a9ee922bd71:0"
vary: Accept
content-type: image/webp
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 799612c148189a21-FRA
expires: Fri, 17 Mar 2023 13:15:33 GMT

GET
H3 200 genericmap.jpg
www.safarinow.com/res/img/gmaps/ 17 KB
17 KB 43ms
34ms Image
image/webp 2606:4700::6811:ed43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.safarinow.com/res/img/gmaps/genericmap.jpg?v=2

Requested by

Host: www.safarinow.com
URL: https://www.safarinow.com/go/gecko-lodge-bela-bela/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:ed43 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b0e7e3bc6519daa1b02fb98bf960dbaae585e0e572c1da0f4d762e663e777c65

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.safarinow.com/go/gecko-lodge-bela-bela/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 13:15:34 GMT
strict-transport-security: max-age=2592000
cf-cache-status: HIT
age: 2344576
cf-polished: qual=85, origFmt=jpeg, origSize=24086
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
content-disposition: inline; filename="genericmap.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 16928
cf-bgj: imgq:85,h2pri
last-modified: Wed, 07 Apr 2021 09:46:50 GMT
server: cloudflare
etag: "021a9ee922bd71:0"
vary: Accept
content-type: image/webp
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 799612c1888a9a21-FRA
expires: Fri, 17 Mar 2023 13:15:34 GMT

GET
H3 200 placeholder.gif
www.safarinow.com/res/img/ 43 B
381 B 39ms
31ms Image
image/gif 2606:4700::6811:ed43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.safarinow.com/res/img/placeholder.gif

Requested by

Host: www.safarinow.com
URL: https://www.safarinow.com/go/gecko-lodge-bela-bela/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:ed43 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.safarinow.com/go/gecko-lodge-bela-bela/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 13:15:34 GMT
strict-transport-security: max-age=2592000
cf-cache-status: HIT
age: 2344576
cf-polished: status=not_needed
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
cf-bgj: imgq:85,h2pri
last-modified: Wed, 07 Apr 2021 09:46:50 GMT
server: cloudflare
etag: "021a9ee922bd71:0"
vary: Accept-Encoding
content-type: image/gif
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 799612c1888d9a21-FRA
expires: Fri, 17 Mar 2023 13:15:34 GMT

GET
H2 200 no-image-logo.png
sncdn.com/res/img/ 656 B
1 KB 79ms
21ms Image
image/webp 2606:4700::6810:6e45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sncdn.com/res/img/no-image-logo.png

Requested by

Host: www.safarinow.com
URL: https://www.safarinow.com/go/gecko-lodge-bela-bela/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:6e45 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

66b7ea69852498b80579b3d495b38602972706695c74cda00e5676db8b7f8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.safarinow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 13:15:34 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
cf-cache-status: HIT
age: 6420
cf-polished: origFmt=png, origSize=751
content-disposition: inline; filename="no-image-logo.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
alternate-protocol: 443:npn-spdy/3
cf-bgj: imgq:100,h2pri
last-modified: Tue, 05 Jan 2016 13:14:59 GMT
server: cloudflare
etag: W/"568bc1d3-2ef"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: public, max-age=2678400
cf-ray: 799612c1cbd33621-FRA
expires: Fri, 17 Mar 2023 13:15:34 GMT

GET
H3 200 thawte.png
www.safarinow.com/res/img/ 5 KB
5 KB 39ms
31ms Image
image/webp 2606:4700::6811:ed43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.safarinow.com/res/img/thawte.png

Requested by

Host: www.safarinow.com
URL: https://www.safarinow.com/go/gecko-lodge-bela-bela/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:ed43 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef97276ccec734f9dd6f9ef7ae68fae254dc0000ec97c6ed1850f195edecaa26

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.safarinow.com/go/gecko-lodge-bela-bela/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 13:15:34 GMT
strict-transport-security: max-age=2592000
cf-cache-status: HIT
age: 891188
cf-polished: origFmt=png, origSize=13928
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
content-disposition: inline; filename="thawte.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5172
cf-bgj: imgq:85,h2pri
last-modified: Wed, 07 Apr 2021 09:46:50 GMT
server: cloudflare
etag: "021a9ee922bd71:0"
vary: Accept
content-type: image/webp
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 799612c1888f9a21-FRA
expires: Fri, 17 Mar 2023 13:15:34 GMT

GET
H3 200 popia-ready.png
www.safarinow.com/res/img/footer/ 8 KB
8 KB 40ms
31ms Image
image/webp 2606:4700::6811:ed43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.safarinow.com/res/img/footer/popia-ready.png

Requested by

Host: www.safarinow.com
URL: https://www.safarinow.com/go/gecko-lodge-bela-bela/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:ed43 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

79ef013e8d64f1f43e40f908b5c4b14762ba2793e69fceb3b7a5d5d97fccb766

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.safarinow.com/go/gecko-lodge-bela-bela/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 13:15:34 GMT
strict-transport-security: max-age=2592000
cf-cache-status: HIT
age: 891188
cf-polished: origFmt=png, origSize=20113
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
content-disposition: inline; filename="popia-ready.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7924
cf-bgj: imgq:85,h2pri
last-modified: Thu, 09 Sep 2021 09:35:02 GMT
server: cloudflare
etag: "027b0f65da5d71:0"
vary: Accept
content-type: image/webp
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 799612c188919a21-FRA
expires: Fri, 17 Mar 2023 13:15:34 GMT

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/2.0.3/ 82 KB
26 KB 70ms
15ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/2.0.3/jquery.min.js

Requested by

Host: www.safarinow.com
URL: https://www.safarinow.com/go/gecko-lodge-bela-bela/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a57b5242b9a9adc4c1ef846c365147b89c472b9cd770face331efcb965346b25

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.safarinow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 13:15:34 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 3577860
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 26454
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-14696"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v%2BagDlWOAWYVnTO30WfU7MPtyHkTlswzxdrg396nc9F%2FMzeJEpUuluUTVleWv0X%2BjFrLrvusG3NUvH9g2E7eW9Rj13uI%2Fo0aFDjzldIEvPoPjwooBrWNACYAcBXF7lvgJvGnB%2BjyZ%2FpBqplFNHGfMX%2Fx"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 799612c1cbc02c33-FRA
expires: Sun, 04 Feb 2024 13:15:34 GMT

GET
H3 200 mvcbase Show response
www.safarinow.com/bundles/js/ 703 KB
188 KB 53ms
45ms Script
text/javascript 2606:4700::6811:ed43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.safarinow.com/bundles/js/mvcbase?v=nKnhsspBknhKwoT-eX4XaDCqdCjJ_pEQlKzHe_JU-KA1

Requested by

Host: www.safarinow.com
URL: https://www.safarinow.com/go/gecko-lodge-bela-bela/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:ed43 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1e9e85aea6ba1d036086abec40b42514c05ff48a3c41e2a8092f3608cdf901e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.safarinow.com/go/gecko-lodge-bela-bela/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 13:15:34 GMT
strict-transport-security: max-age=2592000
content-encoding: br
cf-cache-status: HIT
age: 10422
cf-polished: origSize=959865
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 14 Feb 2023 10:21:52 GMT
server: cloudflare
vary: User-Agent, Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=31525578
cf-ray: 799612c188929a21-FRA
expires: Wed, 14 Feb 2024 10:21:52 GMT

GET
H3 200 b
www.safarinow.com/bundles/css/ 284 KB
54 KB 50ms
42ms Stylesheet
text/css 2606:4700::6811:ed43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.safarinow.com/bundles/css/b?v=eKj24RcCZmjloeWbJTgG_HCz-uhrfZzw86lFBj6H34Y1

Requested by

Host: www.safarinow.com
URL: https://www.safarinow.com/go/gecko-lodge-bela-bela/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:ed43 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

736689ae6aab3fc929356771109886746e998c746b1c4cab4000360a366a3f89

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.safarinow.com/go/gecko-lodge-bela-bela/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 13:15:34 GMT
strict-transport-security: max-age=2592000
content-encoding: br
cf-cache-status: HIT
age: 7816
cf-polished: origSize=291487
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 14 Feb 2023 11:05:18 GMT
server: cloudflare
vary: User-Agent, Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: public, max-age=31528184
cf-ray: 799612c188939a21-FRA
expires: Wed, 14 Feb 2024 11:05:18 GMT

GET
H3 200 app
www.safarinow.com/bundles/css/ 105 KB
16 KB 48ms
40ms Stylesheet
text/css 2606:4700::6811:ed43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.safarinow.com/bundles/css/app?v=I9m4dTVk7eZfVWFQyZ2lfvhkuFl0Rg81VoyYUn6SZWI1

Requested by

Host: www.safarinow.com
URL: https://www.safarinow.com/go/gecko-lodge-bela-bela/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:ed43 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5f539c7a0659c1a4333e93e59583e4b44635bd1af0dbae8069d123d30ee562d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.safarinow.com/go/gecko-lodge-bela-bela/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 13:15:34 GMT
strict-transport-security: max-age=2592000
content-encoding: br
cf-cache-status: HIT
age: 48696
cf-polished: origSize=107957
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 13 Feb 2023 23:43:58 GMT
server: cloudflare
vary: User-Agent,Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: public, max-age=31487304
cf-ray: 799612c188949a21-FRA
expires: Tue, 13 Feb 2024 23:43:58 GMT

GET
H3 200 esthomepage
www.safarinow.com/bundles/css/ 81 KB
18 KB 65ms
57ms Stylesheet
text/css 2606:4700::6811:ed43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.safarinow.com/bundles/css/esthomepage?v=UCpxnpluOR2KyyB1CBmn-IRvMRC29UN74JgyIO2h0cU1

Requested by

Host: www.safarinow.com
URL: https://www.safarinow.com/go/gecko-lodge-bela-bela/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:ed43 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

65fd0758e69662a2d17000625490a1e5fdc554b9023f1fe122a1c106071b5a87

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.safarinow.com/go/gecko-lodge-bela-bela/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 13:15:34 GMT
strict-transport-security: max-age=2592000
content-encoding: br
cf-cache-status: HIT
age: 78230
cf-polished: origSize=83579
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 13 Feb 2023 15:31:44 GMT
server: cloudflare
vary: User-Agent, Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: public, max-age=31457770
cf-ray: 799612c188979a21-FRA
expires: Tue, 13 Feb 2024 15:31:44 GMT

GET
H3 200 esthomepagev3 Show response
www.safarinow.com/bundles/js/ 526 KB
141 KB 71ms
63ms Script
text/javascript 2606:4700::6811:ed43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.safarinow.com/bundles/js/esthomepagev3?v=kD9sBgSkJWwHYhZBKcEVuzUJHXKSOD3tGc8hXf9GTQ81

Requested by

Host: www.safarinow.com
URL: https://www.safarinow.com/go/gecko-lodge-bela-bela/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:ed43 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1ee35098f16a428b5b3ec3093cca2fba9cc5a4fa00eca0611f510361d8313989

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.safarinow.com/go/gecko-lodge-bela-bela/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 13:15:34 GMT
strict-transport-security: max-age=2592000
content-encoding: br
cf-cache-status: HIT
age: 75778
cf-polished: origSize=783398
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 13 Feb 2023 16:12:36 GMT
server: cloudflare
vary: User-Agent,Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=31460222
cf-ray: 799612c188989a21-FRA
expires: Tue, 13 Feb 2024 16:12:36 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 916 B
898 B 105ms
28ms Script
text/javascript 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=recaptchaLoadCallback&render=explicit

Requested by

Host: www.safarinow.com
URL: https://www.safarinow.com/go/gecko-lodge-bela-bela/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c275ffed1f203c10a53e14e5c9bb9450b956be2d1662e8831b01a73195ae6463

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.safarinow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 13:15:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 578
x-xss-protection: 1; mode=block
expires: Tue, 14 Feb 2023 13:15:34 GMT

GET
H2 200 modernizr.min.js Show response
cdnjs.cloudflare.com/ajax/libs/modernizr/2.8.3/ 11 KB
5 KB 67ms
14ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/modernizr/2.8.3/modernizr.min.js

Requested by

Host: www.safarinow.com
URL: https://www.safarinow.com/go/gecko-lodge-bela-bela/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d2b82e612d2a812e8be2a57300dab8923c4f2edbe7a799e7da70791b595646fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.safarinow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 13:15:34 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1607698
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3980
last-modified: Mon, 04 May 2020 16:13:26 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03f26-2b4c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=odkZmDQRwaV6XZdSViCDQyzhHXxZJb04yA5XhtbejfAVofR%2BeTTpyV3CyMimYaNvBgg9KqTFvk6aO4N8y7xScM12JVixBSoXjc%2B3BT%2FkoC84HGSdAXI8my9uSa0H9x%2Fx3M2BQr8VtmgsW3%2BxWTfLSmvX"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 799612c1cbc12c33-FRA
expires: Sun, 04 Feb 2024 13:15:34 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/734328598/ 42 B
327 B 52ms
29ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/734328598/?random=1676380533857&cv=11&fst=1676379600000&bg=ffffff&guid=ON&async=1&gtm=45be32d0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.safarinow.com%2Fgo%2Fgecko-lodge-bela-bela%2F&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2102455434&rmt_tld=0&ipr=y

Requested by

Host: www.safarinow.com
URL: https://www.safarinow.com/go/gecko-lodge-bela-bela/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.safarinow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Feb 2023 13:15:34 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/734328598/ 42 B
455 B 149ms
61ms Image
image/gif 2a00:1450:400d:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/734328598/?random=1676380533857&cv=11&fst=1676379600000&bg=ffffff&guid=ON&async=1&gtm=45be32d0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.safarinow.com%2Fgo%2Fgecko-lodge-bela-bela%2F&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2102455434&rmt_tld=1&ipr=y

Requested by

Host: www.safarinow.com
URL: https://www.safarinow.com/go/gecko-lodge-bela-bela/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.safarinow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Feb 2023 13:15:34 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1019523698/ 2 KB
1 KB 70ms
69ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1019523698/?random=1676380534072&cv=11&fst=1676380534072&bg=ffffff&guid=ON&async=1&gtm=45He32d0&u_w=1600&u_h=1200&label=ltcQCM7XpgMQ8uSS5gM&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.safarinow.com%2Fgo%2Fgecko-lodge-bela-bela%2F&tiba=Gecko%20Lodge&auid=1106443493.1676380534&uamb=0&uaw=0&data=3%3DSouth%20Africa%3B9%3D3794740%3B12%3D%3B13%3D%3B14%3D&rfmt=3&fmt=4

Requested by

Host: www.safarinow.com
URL: https://www.safarinow.com/go/gecko-lodge-bela-bela/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d844ee132ba6ca5362bcaa599bb5128ca172ae2317f5d8fa97b4c1019ace7094

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.safarinow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Feb 2023 13:15:34 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 962
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/956139531/ 2 KB
1 KB 120ms
119ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/956139531/?random=1676380534079&cv=11&fst=1676380534079&bg=ffffff&guid=ON&async=1&gtm=45He32d0&u_w=1600&u_h=1200&label=ldVkCMXmlgMQi5D2xwM&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.safarinow.com%2Fgo%2Fgecko-lodge-bela-bela%2F&tiba=Gecko%20Lodge&auid=1106443493.1676380534&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.safarinow.com
URL: https://www.safarinow.com/go/gecko-lodge-bela-bela/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3ce22942417f3bcc58f8d267416aa9d21f94ddafc9abcd7c0ac9928699035a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.safarinow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Feb 2023 13:15:34 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 977
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 282ms
29ms Script
text/javascript 2a00:1450:400d:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.safarinow.com
URL: https://www.safarinow.com/go/gecko-lodge-bela-bela/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.safarinow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 14 Feb 2023 13:12:06 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 208
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Tue, 14 Feb 2023 15:12:06 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 106 KB
28 KB 53ms
17ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.safarinow.com
URL: https://www.safarinow.com/go/gecko-lodge-bela-bela/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c1e56ad863615fc191d80d7807852db95e57579f6535186d83d04ecdebef5236

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.safarinow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 14 Feb 2023 13:15:34 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27843
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: EmddRmLV3HzI31HTNPtyOuLjofy31PzKkXyuKfDMvc5HlOMa+R7uCLV9/f/lZmFa224yNPbXpdmtrkkHqUU2YQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 917726464
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

tags Show response
creativecdn.com/ Frame 4A9A
Redirect Chain

https://creativecdn.com/tags?type=iframe&id=pr_xylUmCJNStcaRCOmCtCT&id=pr_xylUmCJNStcaRCOmCtCT_lid_znj5elKhcYWQWEnfismw&su=https%3A%2F%2Fwww.safarinow.com%2Fgo%2Fgecko-lodge-bela-bela%2F&sr=&ts=167...
https://creativecdn.com/tags?type=iframe&id=pr_xylUmCJNStcaRCOmCtCT&id=pr_xylUmCJNStcaRCOmCtCT_lid_znj5elKhcYWQWEnfismw&su=https%3A%2F%2Fwww.safarinow.com%2Fgo%2Fgecko-lodge-bela-bela%2F&sr=&ts=167...

364 B
651 B

24ms
22ms

Document
text/html

185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://creativecdn.com/tags?type=iframe&id=pr_xylUmCJNStcaRCOmCtCT&id=pr_xylUmCJNStcaRCOmCtCT_lid_znj5elKhcYWQWEnfismw&su=https%3A%2F%2Fwww.safarinow.com%2Fgo%2Fgecko-lodge-bela-bela%2F&sr=&ts=1676380534097&tc=1
Requested by: Host: www.safarinow.com
URL: https://www.safarinow.com/go/gecko-lodge-bela-bela/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: 315edc16cf7b4fef22f662389d11b9c9edd3940e927f6eef37e09c0dc306c035

Request headers

Referer: https://www.safarinow.com/go/gecko-lodge-bela-bela/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-methods: GET, POST
access-control-allow-origin: *
access-control-max-age: 3600
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-encoding: gzip
content-length: 293
content-type: text/html;charset=utf-8
date: Tue, 14 Feb 2023 13:15:34 GMT Tue, 14 Feb 2023 13:15:34 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
vary: Origin, Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-methods: GET, POST
access-control-allow-origin: *
access-control-max-age: 3600
content-length: 0
date: Tue, 14 Feb 2023 13:15:34 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://creativecdn.com/tags?type=iframe&id=pr_xylUmCJNStcaRCOmCtCT&id=pr_xylUmCJNStcaRCOmCtCT_lid_znj5elKhcYWQWEnfismw&su=https%3A%2F%2Fwww.safarinow.com%2Fgo%2Fgecko-lodge-bela-bela%2F&sr=&ts=1676380534097&tc=1
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
vary: Origin

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 215 KB
76 KB 31ms
31ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-9DQPWY76PZ&l=dataLayer&cx=c

Requested by

Host: www.safarinow.com
URL: https://www.safarinow.com/go/gecko-lodge-bela-bela/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5797c58a4cff798cb3c2c172ad5a8df1201e62f606ab8fadc57fb0e619b6def5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.safarinow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 13:15:34 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 77312
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 14 Feb 2023 13:15:34 GMT

GET
H2 200 webengage-min-v-6.0.js Show response
ssl.widgets.webengage.com/js/ 202 KB
61 KB 79ms
22ms Script
application/javascript 2606:4700::6812:1d93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.widgets.webengage.com/js/webengage-min-v-6.0.js
Requested by: Host: www.safarinow.com
URL: https://www.safarinow.com/go/gecko-lodge-bela-bela/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1d93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bcf116eb404f3eb17238191b2f519f5ce8115ef08e564e7b075ad5dd780e2457

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.safarinow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 13:15:34 GMT
via: 1.1 1dc2ff77d1e8b23aad1d3301c4982860.cloudfront.net (CloudFront)
content-encoding: gzip
cf-cache-status: HIT
x-amz-cf-pop: CDG50-C2
age: 996
x-cache: Hit from cloudfront
last-modified: Wed, 08 Feb 2023 08:43:09 GMT
server: cloudflare
etag: W/"63e3609d-32978"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 799612c29cfd30c9-FRA
x-amz-cf-id: aVhUMAyI89gb3DebU-wnGhBOcDoG3WL7_rynHZTMcWg3h7Zk92A7QA==
expires: Tue, 14 Feb 2023 16:45:23 GMT

GET
H2 200 1YwB1sO8YE1Lyjf12WNiUA.woff2
fonts.gstatic.com/s/lato/v14/ 23 KB
23 KB 192ms
18ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v14/1YwB1sO8YE1Lyjf12WNiUA.woff2

Requested by

Host: www.safarinow.com
URL: https://www.safarinow.com/bundles/css/b?v=eKj24RcCZmjloeWbJTgG_HCz-uhrfZzw86lFBj6H34Y1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1670565574aab8aa0a287a4cd8f49cf0d8b0959ebe344f90ca8af696ede9c23b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.safarinow.com/
Origin: https://www.safarinow.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 23:20:56 GMT
x-content-type-options: nosniff
age: 482078
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23316
x-xss-protection: 0
last-modified: Wed, 11 Oct 2017 18:23:17 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 08 Feb 2024 23:20:56 GMT

GET
H3 200 heart.png
www.safarinow.com/res/img/ 10 KB
11 KB 27ms
26ms Image
image/webp 2606:4700::6811:ed43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.safarinow.com/res/img/heart.png

Requested by

Host: www.safarinow.com
URL: https://www.safarinow.com/bundles/css/b?v=eKj24RcCZmjloeWbJTgG_HCz-uhrfZzw86lFBj6H34Y1

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:ed43 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce54937f95e7291720a74a84ae0167cfa15f2bc1c4efe09e495c85ad3b74ae6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.safarinow.com/bundles/css/b?v=eKj24RcCZmjloeWbJTgG_HCz-uhrfZzw86lFBj6H34Y1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 13:15:34 GMT
strict-transport-security: max-age=2592000
cf-cache-status: HIT
age: 1610707
cf-polished: origFmt=png, origSize=11548
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
content-disposition: inline; filename="heart.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10700
cf-bgj: imgq:85,h2pri
last-modified: Wed, 07 Apr 2021 09:46:50 GMT
server: cloudflare
etag: "021a9ee922bd71:0"
vary: Accept
content-type: image/webp
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 799612c299f79a21-FRA
expires: Fri, 17 Mar 2023 13:15:34 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/tNAc29ZZrpcOCErva2nr4BS9/ 406 KB
163 KB 127ms
30ms Script
text/javascript 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/tNAc29ZZrpcOCErva2nr4BS9/recaptcha__de.js

Requested by

Host: www.safarinow.com
URL: https://www.safarinow.com/go/gecko-lodge-bela-bela/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0924e5af960e9110d8424b1a364b61a5bcd949d53bcca312d0474dcb8c64a478

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.safarinow.com/
Origin: https://www.safarinow.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 08:17:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 104260
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 166252
x-xss-protection: 0
last-modified: Mon, 06 Feb 2023 03:04:07 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 13 Feb 2024 08:17:54 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 18ms
17ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.safarinow.com
URL: https://www.safarinow.com/go/gecko-lodge-bela-bela/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

087e545af3b8acd22ba6f279c0c496e41b447f0534d0c37eca3a86bbc747f4a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.safarinow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 14 Feb 2023 13:15:34 GMT
content-md5: /Zm+094is6oLnjRAmKqmhg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1686
x-fb-rlafr: 0
x-fb-debug: uVLhKbr3WzgbG7nhQytqvYx1bIVlQRCByvXqPGDveBYyKJSgxdk1toJjsEZQv3zSM7eQ6m2rAR/nz9d6jga7Ag==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 917726464
x-fb-content-md5: bad855f9dcbb9b99401df0e60e242029
cross-origin-opener-policy: same-origin-allow-popups
etag: "275164d973a4a7e940c66e27ffeb502b"
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
x-frame-options: DENY
timing-allow-origin: *
priority: u=3,i
expires: Tue, 14 Feb 2023 13:28:36 GMT

GET
H3 200 no-image-logo.png
www.safarinow.com/res/img/ 656 B
1 KB 31ms
31ms Image
image/webp 2606:4700::6811:ed43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.safarinow.com/res/img/no-image-logo.png

Requested by

Host: www.safarinow.com
URL: https://www.safarinow.com/go/gecko-lodge-bela-bela/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:ed43 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

66b7ea69852498b80579b3d495b38602972706695c74cda00e5676db8b7f8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.safarinow.com/go/gecko-lodge-bela-bela/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 13:15:34 GMT
strict-transport-security: max-age=2592000
cf-cache-status: HIT
age: 419179
cf-polished: origFmt=png, origSize=751
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
content-disposition: inline; filename="no-image-logo.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 656
cf-bgj: imgq:85,h2pri
last-modified: Wed, 07 Apr 2021 09:46:50 GMT
server: cloudflare
etag: "021a9ee922bd71:0"
vary: Accept
content-type: image/webp
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 799612c4cc919a21-FRA
expires: Fri, 17 Mar 2023 13:15:34 GMT

GET
H3 200 adventure.png
www.safarinow.com/res/img/ 17 KB
18 KB 27ms
26ms Image
image/webp 2606:4700::6811:ed43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.safarinow.com/res/img/adventure.png

Requested by

Host: www.safarinow.com
URL: https://www.safarinow.com/go/gecko-lodge-bela-bela/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:ed43 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

89abbb41255229b88f79b4e65cedd5f0a7c581a9677165a1e0c3afc622e80d8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.safarinow.com/go/gecko-lodge-bela-bela/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 13:15:34 GMT
strict-transport-security: max-age=2592000
cf-cache-status: HIT
age: 402941
cf-polished: origFmt=png, origSize=19949
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
content-disposition: inline; filename="adventure.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 17756
cf-bgj: imgq:85,h2pri
last-modified: Wed, 07 Apr 2021 09:46:50 GMT
server: cloudflare
etag: "021a9ee922bd71:0"
vary: Accept
content-type: image/webp
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 799612c4cc989a21-FRA
expires: Fri, 17 Mar 2023 13:15:34 GMT

GET
H2 200 6345696a.jpg
sncdn.com/imagecache/db/id/3794740/ 120 KB
120 KB 53ms
48ms Image
image/jpeg 2606:4700::6810:6e45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sncdn.com/imagecache/db/id/3794740/6345696a.jpg

Requested by

Host: www.safarinow.com
URL: https://www.safarinow.com/go/gecko-lodge-bela-bela/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:6e45 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

45b24878134aeeda47419fa58f936495933a8c0407727c504dffd7491488b698

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.safarinow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 13:15:34 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 122650
cf-resized: internal=ok/r q=0 n=37+0 c=14+150 v=2023.2.1 l=122650
last-modified: Fri, 09 Aug 2019 13:28:58 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cf7fyo-O3lLE0-mQ8n2FfY7z4Xbmqvm299EKEXldtDDQ:5d4d751a-487dd"
vary: Accept, Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 799612c4d8333621-FRA

GET
H2 200 6345693a.jpg
sncdn.com/imagecache/db/id/3794740/ 110 KB
110 KB 279ms
275ms Image
image/jpeg 2606:4700::6810:6e45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sncdn.com/imagecache/db/id/3794740/6345693a.jpg

Requested by

Host: www.safarinow.com
URL: https://www.safarinow.com/go/gecko-lodge-bela-bela/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:6e45 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

130c7f35f60e8c9309f214b2b6f34c98fa5d5303fab281c1f207eebec60265b1

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.safarinow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 13:15:34 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 112752
cf-resized: internal=ok/m q=0 n=69+0 c=5+154 v=2023.2.1 l=112752
last-modified: Fri, 09 Aug 2019 13:28:48 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cf3LdT3Rmhh_4TPdYBJhYdiHC4bmqvm299EKEXldtDDQ:5d4d7510-3ef9b"
vary: Accept, Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 799612c4d8343621-FRA

GET
H2 200 7140078a.jpg
sncdn.com/imagecache/db/id/3794740/ 67 KB
67 KB 316ms
312ms Image
image/jpeg 2606:4700::6810:6e45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sncdn.com/imagecache/db/id/3794740/7140078a.jpg

Requested by

Host: www.safarinow.com
URL: https://www.safarinow.com/go/gecko-lodge-bela-bela/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:6e45 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f07b969e81bca1ed6769d4d9f024d6da76cebd925afb3e4db665766e3f6a13b4

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.safarinow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 13:15:34 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 68448
cf-resized: internal=ok/m q=0 n=98+0 c=30+136 v=2023.2.1 l=68448
last-modified: Thu, 03 Jun 2021 17:25:02 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cfPx-ueAcaTjtZxfrSCW4HN28zbmqvm299EKEXldtDDQ:60b9106e-146d2e"
vary: Accept, Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 799612c4d8363621-FRA

GET
H2 200 7140075a.jpg
sncdn.com/imagecache/db/id/3794740/ 70 KB
70 KB 304ms
301ms Image
image/jpeg 2606:4700::6810:6e45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sncdn.com/imagecache/db/id/3794740/7140075a.jpg

Requested by

Host: www.safarinow.com
URL: https://www.safarinow.com/go/gecko-lodge-bela-bela/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:6e45 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5f2f1b11cc426d3b7bb73f47791b5b8621e9f41dae4de6ac6ec9697d4a9ddd4c

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.safarinow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 13:15:34 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 71896
cf-resized: internal=ok/h q=0 n=10+0 c=102+136 v=2023.2.1 l=71896
last-modified: Thu, 03 Jun 2021 17:24:41 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cf-AsylKsOl6AnxjP6hG7S--HDbmqvm299EKEXldtDDQ:60b91059-16ca57"
vary: Accept, Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 799612c4d8373621-FRA

GET
H2 200 7140074a.jpg
sncdn.com/imagecache/db/id/3794740/ 62 KB
62 KB 231ms
228ms Image
image/jpeg 2606:4700::6810:6e45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sncdn.com/imagecache/db/id/3794740/7140074a.jpg

Requested by

Host: www.safarinow.com
URL: https://www.safarinow.com/go/gecko-lodge-bela-bela/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:6e45 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9c1f76cf22d9549250a57745552985040d126d9ff37d607d1fc7717785c3f1ff

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.safarinow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 13:15:34 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 63620
cf-resized: internal=ok/h q=0 n=13+0 c=37+125 v=2023.2.1 l=63620
last-modified: Thu, 03 Jun 2021 17:24:31 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cfdd62iFEULlB9sRwnJ-QD3LSVbmqvm299EKEXldtDDQ:60b9104f-c21f4"
vary: Accept, Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 799612c4d83a3621-FRA

POST
H2 204 collect
region1.google-analytics.com/g/ 0
247 B 157ms
20ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-9DQPWY76PZ&gtm=45je32d0&_p=928618428&cid=2105675737.1676380535&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1676380534&sct=1&seg=0&dl=https%3A%2F%2Fwww.safarinow.com%2Fgo%2Fgecko-lodge-bela-bela%2F&dt=Gecko%20Lodge&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9DQPWY76PZ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.safarinow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Feb 2023 13:15:34 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.safarinow.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 /
ssc-cms.33across.com/ps/ Frame 4A9A 0
73 B 540ms
110ms Image
text/plain 67.202.105.22
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssc-cms.33across.com/ps/?us_privacy=USP&xi=52&xu=ui72bK3goTkiKbRyydkk
Requested by: Host: creativecdn.com
URL: https://creativecdn.com/tags?type=iframe&id=pr_xylUmCJNStcaRCOmCtCT&id=pr_xylUmCJNStcaRCOmCtCT_lid_znj5elKhcYWQWEnfismw&su=https%3A%2F%2Fwww.safarinow.com%2Fgo%2Fgecko-lodge-bela-bela%2F&sr=&ts=1676380534097&tc=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.22 Palos Park, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip22.67-202-105.static.steadfastdns.net
Software: 33XP014 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creativecdn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

x-33x-status: 2000208
date: Tue, 14 Feb 2023 13:15:34 GMT
server: 33XP014

GET
H2 200 /
www.google.com/pagead/1p-user-list/1019523698/ 42 B
108 B 29ms
27ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1019523698/?random=1676380534072&cv=11&fst=1676379600000&bg=ffffff&guid=ON&async=1&gtm=45He32d0&u_w=1600&u_h=1200&label=ltcQCM7XpgMQ8uSS5gM&frm=0&url=https%3A%2F%2Fwww.safarinow.com%2Fgo%2Fgecko-lodge-bela-bela%2F&tiba=Gecko%20Lodge&data=3%3DSouth%20Africa%3B9%3D3794740%3B12%3D%3B13%3D%3B14%3D&fmt=3&is_vtc=1&random=2307665071&rmt_tld=0&ipr=y

Requested by

Host: www.safarinow.com
URL: https://www.safarinow.com/go/gecko-lodge-bela-bela/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.safarinow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Feb 2023 13:15:34 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/1019523698/ 42 B
108 B 58ms
57ms Image
image/gif 2a00:1450:400d:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1019523698/?random=1676380534072&cv=11&fst=1676379600000&bg=ffffff&guid=ON&async=1&gtm=45He32d0&u_w=1600&u_h=1200&label=ltcQCM7XpgMQ8uSS5gM&frm=0&url=https%3A%2F%2Fwww.safarinow.com%2Fgo%2Fgecko-lodge-bela-bela%2F&tiba=Gecko%20Lodge&data=3%3DSouth%20Africa%3B9%3D3794740%3B12%3D%3B13%3D%3B14%3D&fmt=3&is_vtc=1&random=2307665071&rmt_tld=1&ipr=y

Requested by

Host: www.safarinow.com
URL: https://www.safarinow.com/go/gecko-lodge-bela-bela/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.safarinow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Feb 2023 13:15:34 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 1725127114403277 Show response
connect.facebook.net/signals/config/ 377 KB
108 KB 78ms
78ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1725127114403277?v=2.9.95&r=stable

Requested by

Host: www.safarinow.com
URL: https://www.safarinow.com/go/gecko-lodge-bela-bela/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

dfbfacd5a2fe02640a12ee2fa27cdc323779ce2672f6a28b1da9eefdb21ae9f7

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.safarinow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 14 Feb 2023 13:15:34 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: 6iayXAn6X+1/jfA2SIkQr5d99acq2TvvrVuXd4Jm0NX+DJ6aIQfdYldgLi4VTrTewGGySYC7ZxxfFdOmeP6a+A==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/956139531/ 42 B
108 B 32ms
31ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/956139531/?random=1676380534079&cv=11&fst=1676379600000&bg=ffffff&guid=ON&async=1&gtm=45He32d0&u_w=1600&u_h=1200&label=ldVkCMXmlgMQi5D2xwM&frm=0&url=https%3A%2F%2Fwww.safarinow.com%2Fgo%2Fgecko-lodge-bela-bela%2F&tiba=Gecko%20Lodge&fmt=3&is_vtc=1&cid=CAQSKQDUE5ymleXko1zcGJAmhetN6sqdICfD1RWYWXZblCcL4vrUz1Pemlmh&random=1283809613&rmt_tld=0&ipr=y

Requested by

Host: www.safarinow.com
URL: https://www.safarinow.com/go/gecko-lodge-bela-bela/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.safarinow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Feb 2023 13:15:34 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/956139531/ 42 B
108 B 63ms
63ms Image
image/gif 2a00:1450:400d:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/956139531/?random=1676380534079&cv=11&fst=1676379600000&bg=ffffff&guid=ON&async=1&gtm=45He32d0&u_w=1600&u_h=1200&label=ldVkCMXmlgMQi5D2xwM&frm=0&url=https%3A%2F%2Fwww.safarinow.com%2Fgo%2Fgecko-lodge-bela-bela%2F&tiba=Gecko%20Lodge&fmt=3&is_vtc=1&cid=CAQSKQDUE5ymleXko1zcGJAmhetN6sqdICfD1RWYWXZblCcL4vrUz1Pemlmh&random=1283809613&rmt_tld=1&ipr=y

Requested by

Host: www.safarinow.com
URL: https://www.safarinow.com/go/gecko-lodge-bela-bela/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.safarinow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Feb 2023 13:15:34 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 GetSimilarAccommodation Show response
www.safarinow.com/Establishment/ 46 KB
4 KB 188ms
188ms XHR
application/json 2606:4700::6811:ed43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.safarinow.com/Establishment/GetSimilarAccommodation?spid=3794740&displayCurrency=ZAR

Requested by

Host: www.safarinow.com
URL: https://www.safarinow.com/go/gecko-lodge-bela-bela/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:ed43 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c1d8d9fb2489e2de9652683421189cb48b1baaa99df7eb6675edb1c56ff8b148

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

X-NewRelic-ID: VQMEUV9WGwIFVVNUDwQGVl0=
tracestate: 153095@nr=0-1-153095-1588604158-f4351d21f9352ffe----1676380534702
traceparent: 00-1accd823b3530bab9d30270628c46c5b-f4351d21f9352ffe-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjE1MzA5NSIsImFwIjoiMTU4ODYwNDE1OCIsImlkIjoiZjQzNTFkMjFmOTM1MmZmZSIsInRyIjoiMWFjY2Q4MjNiMzUzMGJhYjlkMzAyNzA2MjhjNDZjNWIiLCJ0aSI6MTY3NjM4MDUzNDcwMn19
Accept: */*
Referer: https://www.safarinow.com/go/gecko-lodge-bela-bela/
X-Requested-With: XMLHttpRequest

Response headers

date: Tue, 14 Feb 2023 13:15:34 GMT
strict-transport-security: max-age=2592000
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 14 Feb 2023 13:15:34 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json; charset=utf-8
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
cache-control: public, max-age=2678400
cf-ray: 799612c5edd99a21-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 17 Mar 2023 13:15:34 GMT

GET
H2 200 storage-frame-1.18.htm Show response
11b56488d.webengage.co/ Frame 7260 3 KB
2 KB 89ms
11ms Document
text/html 2600:9000:2057:3800:8:cf94:88c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://11b56488d.webengage.co/storage-frame-1.18.htm?cdn=y&cbf=webengage-engagement-callback-frame&lc=11b56488d
Requested by: Host: www.safarinow.com
URL: https://www.safarinow.com/go/gecko-lodge-bela-bela/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:3800:8:cf94:88c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 16c8ad014e255e48470f6856e3ac20f6050865f72e971417501057d4aeaddd98

Request headers

Referer: https://www.safarinow.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
age: 6218
cache-control: max-age=14400
content-encoding: gzip
content-type: text/html
date: Tue, 14 Feb 2023 11:31:56 GMT
etag: W/"60b76f62-d60"
expires: Tue, 14 Feb 2023 15:31:56 GMT
last-modified: Wed, 02 Jun 2021 11:45:38 GMT
server: nginx
vary: Accept-Encoding
via: 1.1 82e9051d8d41080bd3028731e0e8677e.cloudfront.net (CloudFront)
x-amz-cf-id: jqx6DlXlxaEWmeKPQoKUXFoeeFOgoR5Cu-sSbcHeZgRci_CUl7GX-A==
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront

GET
H2 200 fledge-igmembership Show response
fledge-eu.creativecdn.com/ Frame 3EC8 1 KB
891 B 48ms
29ms Document
text/html 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://fledge-eu.creativecdn.com/fledge-igmembership?ntk=2PbYA_tS75vlnwPA01w8kz-gSfQwSyKHAIlCGIY2jiKNru7uY7h8TFU5IqF1i9EgJYxupK3Z0CK3NfRnyysFDA
Requested by: Host: creativecdn.com
URL: https://creativecdn.com/tags?type=iframe&id=pr_xylUmCJNStcaRCOmCtCT&id=pr_xylUmCJNStcaRCOmCtCT_lid_znj5elKhcYWQWEnfismw&su=https%3A%2F%2Fwww.safarinow.com%2Fgo%2Fgecko-lodge-bela-bela%2F&sr=&ts=1676380534097&tc=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: 4d561a113ded0bf2274494c8dd3cb51bd4ab4b78f20c20504b28f8177ad62886

Request headers

Referer: https://creativecdn.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: public, max-age=86400
content-encoding: gzip
content-length: 443
content-type: text/html;charset=utf-8
date: Tue, 14 Feb 2023 13:15:34 GMT Tue, 14 Feb 2023 13:15:34 GMT
expires: Wed, 15 Feb 2023 13:15:34 GMT
origin-trial: Anlqio5K3Dr7Hn1oMh2faiLECLxb8MnD1hPnDOlNZXdzpbZV9L2LOKjgHGwWMDoiHq67q8SjUmjQZj10YLJwfgIAAABxeyJvcmlnaW4iOiJodHRwczovL2NyZWF0aXZlY2RuLmNvbTo0NDMiLCJmZWF0dXJlIjoiUHJpdmFjeVNhbmRib3hBZHNBUElzIiwiZXhwaXJ5IjoxNjgwNjUyNzk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
vary: Accept-Encoding

POST
H3 200 LogEstStep Show response
www.safarinow.com/establishment/ 2 B
354 B 74ms
70ms XHR
application/json 2606:4700::6811:ed43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.safarinow.com/establishment/LogEstStep

Requested by

Host: www.safarinow.com
URL: https://www.safarinow.com/go/gecko-lodge-bela-bela/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:ed43 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

X-NewRelic-ID: VQMEUV9WGwIFVVNUDwQGVl0=
tracestate: 153095@nr=0-1-153095-1588604158-2aede07ca0ed9876----1676380534810
traceparent: 00-118d5bc51a192f6f5a856f50ed883931-2aede07ca0ed9876-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjE1MzA5NSIsImFwIjoiMTU4ODYwNDE1OCIsImlkIjoiMmFlZGUwN2NhMGVkOTg3NiIsInRyIjoiMTE4ZDViYzUxYTE5MmY2ZjVhODU2ZjUwZWQ4ODM5MzEiLCJ0aSI6MTY3NjM4MDUzNDgxMH19
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Accept: */*
Referer: https://www.safarinow.com/go/gecko-lodge-bela-bela/
X-Requested-With: XMLHttpRequest

Response headers

date: Tue, 14 Feb 2023 13:15:34 GMT
strict-transport-security: max-age=2592000
cf-cache-status: DYNAMIC
server: cloudflare
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
content-type: application/json; charset=utf-8
cache-control: private
cf-ray: 799612c69ea89a21-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
351 B 69ms
22ms XHR
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-135896-2&cid=2105675737.1676380535&jid=921540669&gjid=546319304&_gid=2095625223.1676380535&_u=YCDAgAABAAAAAE~&z=1022509909

Requested by

Host: www.safarinow.com
URL: https://www.safarinow.com/go/gecko-lodge-bela-bela/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.safarinow.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 14 Feb 2023 13:15:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.safarinow.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 30ms
29ms Image
image/gif 2a00:1450:400d:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=928618428&t=pageview&_s=1&dl=https%3A%2F%2Fwww.safarinow.com%2Fgo%2Fgecko-lodge-bela-bela%2F&ul=en-us&de=UTF-8&dt=Gecko%20Lodge&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAgAAB~&jid=921540669&gjid=546319304&cid=2105675737.1676380535&uid=0&tid=UA-135896-2&_gid=2095625223.1676380535&gtm=45He32d0n51LHFG&cd1=South%20Africa&cd2=Country&cd3=South%20Africa&cd4=South%20Africa&cd5=&cd6=&cd7=0&cd8=&cd13=&cd14=&cd17=Buyer&cd37=&cd39=&cd40=&cd44=&cd45=&cd47=&cd48=&cd58=0&cd62=&cd64=&cd79=3&cd80=single&cd81=3%7Csingle&cd82=Productpage&z=1171435410

Requested by

Host: www.safarinow.com
URL: https://www.safarinow.com/go/gecko-lodge-bela-bela/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.safarinow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Feb 2023 02:06:44 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 40130
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 4E03 47 KB
26 KB 65ms
64ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeuugATAAAAAJFmsgWGTaSNunnXIk68kqKMXyV2&co=aHR0cHM6Ly93d3cuc2FmYXJpbm93LmNvbTo0NDM.&hl=de&v=tNAc29ZZrpcOCErva2nr4BS9&size=normal&cb=o5ypvib2ig8u

Requested by

Host: www.safarinow.com
URL: https://www.safarinow.com/go/gecko-lodge-bela-bela/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e00077914e4e98efed489b796cd7a4539506987f5897cd440f88e45f3a6f3ad5

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-s98uxkCzHOKPnjQ5J3eEIA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.safarinow.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 26252
content-security-policy: script-src 'report-sample' 'nonce-s98uxkCzHOKPnjQ5J3eEIA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 14 Feb 2023 13:15:34 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 sn.sprite.vert.png
www.safarinow.com/res/img/ 8 KB
8 KB 19ms
19ms Image
image/webp 2606:4700::6811:ed43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.safarinow.com/res/img/sn.sprite.vert.png?sv=20171102

Requested by

Host: www.safarinow.com
URL: https://www.safarinow.com/bundles/css/b?v=eKj24RcCZmjloeWbJTgG_HCz-uhrfZzw86lFBj6H34Y1

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:ed43 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6fa663546a856e5a9498f05d081e88046a5d317e66693f74982cc77045b1bdcb

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.safarinow.com/bundles/css/b?v=eKj24RcCZmjloeWbJTgG_HCz-uhrfZzw86lFBj6H34Y1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 13:15:34 GMT
strict-transport-security: max-age=2592000
cf-cache-status: HIT
age: 2345139
cf-polished: origFmt=png, origSize=30763
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
content-disposition: inline; filename="sn.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7810
cf-bgj: imgq:85,h2pri
last-modified: Wed, 07 Apr 2021 09:46:50 GMT
server: cloudflare
etag: "021a9ee922bd71:0"
vary: Accept
content-type: image/webp
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 799612c72f3a9a21-FRA
expires: Fri, 17 Mar 2023 13:15:34 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 39ms
39ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-135896-2&cid=2105675737.1676380535&jid=921540669&_u=YCDAgAABAAAAAE~&z=397053463

Requested by

Host: www.safarinow.com
URL: https://www.safarinow.com/go/gecko-lodge-bela-bela/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.safarinow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Feb 2023 13:15:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 65ms
65ms Image
image/gif 2a00:1450:400d:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-135896-2&cid=2105675737.1676380535&jid=921540669&_u=YCDAgAABAAAAAE~&z=397053463

Requested by

Host: www.safarinow.com
URL: https://www.safarinow.com/go/gecko-lodge-bela-bela/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.safarinow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Feb 2023 13:15:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 306 KB
86 KB 35ms
16ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=ba2bfb4326841ca93ea5a0c70b0413fd

Requested by

Host: www.safarinow.com
URL: https://www.safarinow.com/go/gecko-lodge-bela-bela/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

643469534f3c4e61bec4a5e86fda65203c0027f9884bcd0d51fe0fd0494d6071

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.safarinow.com/
Origin: https://www.safarinow.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 14 Feb 2023 13:15:34 GMT
content-md5: r/02VjqH23FF9NA9rNz3Ew==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88485
x-fb-rlafr: 0
x-fb-debug: 8qA/+BQF6l8XDB7ljorziX+Yoh9CRUeOu8N2MFkGODZk/LpwypXknGei0tXWLl4BRh/OLcDWuuL7kALD5hckzw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 7ecd41cc6ef099c269ebc7717088092c
cross-origin-opener-policy: same-origin-allow-popups
etag: "29ec9ac6e8a8b4479a0ec2eb2a9afa36"
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
x-frame-options: DENY
timing-allow-origin: *
priority: u=3,i
expires: Wed, 14 Feb 2024 10:51:27 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 51ms
16ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1725127114403277&ev=PageView&dl=https%3A%2F%2Fwww.safarinow.com%2Fgo%2Fgecko-lodge-bela-bela%2F&rl=&if=false&ts=1676380534963&sw=1600&sh=1200&v=2.9.95&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1676380534962.1875009887&it=1676380534692&coo=false&rqm=GET

Requested by

Host: www.safarinow.com
URL: https://www.safarinow.com/go/gecko-lodge-bela-bela/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.safarinow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 14 Feb 2023 13:15:35 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 52ms
17ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1725127114403277&ev=ViewContent&dl=https%3A%2F%2Fwww.safarinow.com%2Fgo%2Fgecko-lodge-bela-bela%2F&rl=&if=false&ts=1676380534966&cd[content_ids]=3794740&cd[content_type]=hotel&cd[content_name]=Gecko%20Lodge&cd[currency]=ZAR&cd[country]=South%20Africa&cd[location_name]=South%20Africa&cd[num_adults]=2&cd[num_children]=0&sw=1600&sh=1200&v=2.9.95&r=stable&ec=1&o=30&fbp=fb.1.1676380534962.1875009887&it=1676380534692&coo=false&rqm=GET

Requested by

Host: www.safarinow.com
URL: https://www.safarinow.com/go/gecko-lodge-bela-bela/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.safarinow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 14 Feb 2023 13:15:35 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/tNAc29ZZrpcOCErva2nr4BS9/ Frame 4E03 55 KB
24 KB 90ms
29ms Stylesheet
text/css 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/tNAc29ZZrpcOCErva2nr4BS9/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeuugATAAAAAJFmsgWGTaSNunnXIk68kqKMXyV2&co=aHR0cHM6Ly93d3cuc2FmYXJpbm93LmNvbTo0NDM.&hl=de&v=tNAc29ZZrpcOCErva2nr4BS9&size=normal&cb=o5ypvib2ig8u

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 07:40:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 20078
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Mon, 06 Feb 2023 03:04:07 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 14 Feb 2024 07:40:57 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/tNAc29ZZrpcOCErva2nr4BS9/ Frame 4E03 406 KB
162 KB 111ms
52ms Script
text/javascript 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/tNAc29ZZrpcOCErva2nr4BS9/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0924e5af960e9110d8424b1a364b61a5bcd949d53bcca312d0474dcb8c64a478

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 08:17:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 104261
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 166252
x-xss-protection: 0
last-modified: Mon, 06 Feb 2023 03:04:07 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 13 Feb 2024 08:17:54 GMT

GET
H2 200 v4.js Show response
wsdk-files.webengage.com/webengage/11b56488d/ Frame 7260 3 KB
2 KB 1472ms
1458ms Script
application/x-javascript 2606:4700::6812:1d93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wsdk-files.webengage.com/webengage/11b56488d/v4.js
Requested by: Host: 11b56488d.webengage.co
URL: https://11b56488d.webengage.co/storage-frame-1.18.htm?cdn=y&cbf=webengage-engagement-callback-frame&lc=11b56488d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1d93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 669ddf690d3a1cd6f89c4dd0a844b822b5dba097608f054393ea19defed0e380

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://11b56488d.webengage.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 13:15:36 GMT
content-encoding: gzip
via: 1.1 0d4b487d54766de7560aa02de852bbf8.cloudfront.net (CloudFront)
x-amz-version-id: aayAKu6sinzl48PLrzXr4QGR2Qr_7_CN
cf-cache-status: REVALIDATED
x-amz-cf-pop: FRA56-C2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 1239
last-modified: Fri, 25 Nov 2022 21:59:01 GMT
server: cloudflare
etag: "d7a0f7e87637acb9665d28edd08d5d4b"
vary: Accept-Encoding
content-type: application/x-javascript; charset=UTF-8
cache-control: public, max-age=60, must-revalidate
accept-ranges: bytes
cf-ray: 799612c7cc1e30c9-FRA
x-amz-cf-id: RPELxexVsM9Ebko4YcTUajKmj9XF9N3Rc0MpmpuEcIhYq0mmTwAyLg==

POST
H3 200 LogEstStep Show response
www.safarinow.com/establishment/ 2 B
354 B 70ms
70ms XHR
application/json 2606:4700::6811:ed43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.safarinow.com/establishment/LogEstStep

Requested by

Host: www.safarinow.com
URL: https://www.safarinow.com/go/gecko-lodge-bela-bela/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:ed43 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

X-NewRelic-ID: VQMEUV9WGwIFVVNUDwQGVl0=
tracestate: 153095@nr=0-1-153095-1588604158-081ea4828094d9f2----1676380535048
traceparent: 00-57466817cc0a9b300fd25c6a55a0cf20-081ea4828094d9f2-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjE1MzA5NSIsImFwIjoiMTU4ODYwNDE1OCIsImlkIjoiMDgxZWE0ODI4MDk0ZDlmMiIsInRyIjoiNTc0NjY4MTdjYzBhOWIzMDBmZDI1YzZhNTVhMGNmMjAiLCJ0aSI6MTY3NjM4MDUzNTA0OH19
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Accept: */*
Referer: https://www.safarinow.com/go/gecko-lodge-bela-bela/
X-Requested-With: XMLHttpRequest

Response headers

date: Tue, 14 Feb 2023 13:15:35 GMT
strict-transport-security: max-age=2592000
cf-cache-status: DYNAMIC
server: cloudflare
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
content-type: application/json; charset=utf-8
cache-control: private
cf-ray: 799612c808569a21-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 4E03 102 B
133 B 25ms
25ms Other
text/javascript 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=tNAc29ZZrpcOCErva2nr4BS9

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

9345880ada178d9c36ed991525ff3c0671594be63500a61313d2ac1d35f3a51c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeuugATAAAAAJFmsgWGTaSNunnXIk68kqKMXyV2&co=aHR0cHM6Ly93d3cuc2FmYXJpbm93LmNvbTo0NDM.&hl=de&v=tNAc29ZZrpcOCErva2nr4BS9&size=normal&cb=o5ypvib2ig8u
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 13:15:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 111
x-xss-protection: 1; mode=block
expires: Tue, 14 Feb 2023 13:15:35 GMT

GET
H2 200 nr-spa-1216.min.js Show response
js-agent.newrelic.com/ 49 KB
18 KB 44ms
9ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-spa-1216.min.js
Requested by: Host: www.safarinow.com
URL: https://www.safarinow.com/go/gecko-lodge-bela-bela/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 545156adeae44dadc82b98d504f805ebe77fb79c928ef34eed1057bb9d4cb8fe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.safarinow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

x-amz-version-id: UU.F5jvoumAjQChriwTQHbisCFw_OInU
content-encoding: gzip
via: 1.1 varnish
date: Tue, 14 Feb 2023 13:15:35 GMT
x-amz-request-id: T84NPP391PHVFP7T
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 18216
x-amz-id-2: DPKeKK5WI+avmj7v75VayApGOk8wNtkRXs1FZr25hb9Ck8EBWz5iTrjrCJ86UuiCxxWUxU0z6rE=
x-served-by: cache-fra-eddf8230116-FRA
last-modified: Thu, 14 Apr 2022 16:45:57 GMT
server: AmazonS3
x-timer: S1676380535.266821,VS0,VE0
etag: "63e2df852d15ab21d7ff8fc4363222e8"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 1243

GET
H2 200 ld.js Show response
static.criteo.net/js/ld/ 43 KB
14 KB 350ms
28ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/ld.js

Requested by

Host: www.safarinow.com
URL: https://www.safarinow.com/go/gecko-lodge-bela-bela/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

d1ff0de8bc0eef53396c02f1c428f62b25f05306692a9eed14a09e02a77af0ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.safarinow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 13:15:35 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Mon, 02 Jan 2023 16:36:54 GMT
server: nginx
etag: W/"63b30826-aae4"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 15 Feb 2023 13:15:35 GMT

GET
H2

200

cm
cm.creativecdn.com/adx/
Redirect Chain

https://creativecdn.com/tags?type=img&id=pr_xylUmCJNStcaRCOmCtCT_offer_3794740&gtmcb=1192027099
https://cm.g.doubleclick.net/pixel?google_nid=rtb_house&google_cm&google_sc&google_ula=5153224&google_hm=dWk3MmJLM2dvVGtpS2JSeXlka2s%3D&pi=adx&tdc=ams&chain=
https://cm.creativecdn.com/adx/cm?v=2&pi=adx&tdc=ams&chain=&google_gid=CAESEJZ_mSDw90-2-Wz91lTz9QI&google_cver=1&google_ula=5153224,0

42 B
243 B

100ms
15ms

Image
image/gif

185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.creativecdn.com/adx/cm?v=2&pi=adx&tdc=ams&chain=&google_gid=CAESEJZ_mSDw90-2-Wz91lTz9QI&google_cver=1&google_ula=5153224,0
Protocol: H2
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.safarinow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 14 Feb 2023 13:15:35 GMT, Tue, 14 Feb 2023 13:15:35 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 42
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 14 Feb 2023 13:15:35 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://cm.creativecdn.com/adx/cm?v=2&pi=adx&tdc=ams&chain=&google_gid=CAESEJZ_mSDw90-2-Wz91lTz9QI&google_cver=1&google_ula=5153224,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 354
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK 843ec445c1 Show response
bam.nr-data.net/1/ 49 B
625 B 523ms
245ms Script
text/javascript 162.247.241.14
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/843ec445c1?a=1512685109&v=1216.487a282&to=YlNWZ0NTW0MCU0YKWlsZeWVyHXBDF1FQD1xGXllWX0Z2Xw1EQAxZWVNGHHldWFUzUVUG&rst=1896&ck=1&ref=https://www.safarinow.com/go/gecko-lodge-bela-bela/&ap=53&be=322&fe=1792&dc=922&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1676380533439,%22n%22:0,%22f%22:0,%22dn%22:1,%22dne%22:17,%22c%22:17,%22s%22:24,%22ce%22:161,%22rq%22:164,%22rp%22:296,%22rpe%22:523,%22dl%22:301,%22di%22:857,%22ds%22:921,%22de%22:1091,%22dc%22:1792,%22l%22:1792,%22le%22:1802%7D,%22navigation%22:%7B%7D%7D&fp=541&fcp=541&jsonp=NREUM.setToken
Requested by: Host: www.safarinow.com
URL: https://www.safarinow.com/go/gecko-lodge-bela-bela/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.241.14 Apex, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.safarinow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Tue, 14 Feb 2023 13:15:35 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
Transfer-Encoding: chunked
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
access-control-allow-credentials: true
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
CF-Ray: 799612cb9bf83a60-FRA

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame D45E 7 KB
1 KB 47ms
37ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=de&v=tNAc29ZZrpcOCErva2nr4BS9&k=6LeuugATAAAAAJFmsgWGTaSNunnXIk68kqKMXyV2

Requested by

Host: www.safarinow.com
URL: https://www.safarinow.com/go/gecko-lodge-bela-bela/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

8db89f96383f00edad3e622b6cc7c6c04b5cd6af62d8f93d29ff17a181fe5e15

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-7_TwLN337AHJW2svFLB2Ag' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.safarinow.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 1118
content-security-policy: script-src 'report-sample' 'nonce-7_TwLN337AHJW2svFLB2Ag' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 14 Feb 2023 13:15:35 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 GetCalendarView Show response
www.safarinow.com/Establishment/ 12 KB
2 KB 251ms
251ms XHR
text/html 2606:4700::6811:ed43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.safarinow.com/Establishment/GetCalendarView?spId=3794740&showRaq=false

Requested by

Host: www.safarinow.com
URL: https://www.safarinow.com/go/gecko-lodge-bela-bela/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:ed43 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d9e7b3847b83d904207ca078df787b9b25585b39a31a37b3a70c487b14c59763

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

X-NewRelic-ID: VQMEUV9WGwIFVVNUDwQGVl0=
tracestate: 153095@nr=0-1-153095-1588604158-917ed930456d0c91----1676380535462
traceparent: 00-849f8c526322c3fc73870fec31bd82e0-917ed930456d0c91-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjE1MzA5NSIsImFwIjoiMTU4ODYwNDE1OCIsImlkIjoiOTE3ZWQ5MzA0NTZkMGM5MSIsInRyIjoiODQ5ZjhjNTI2MzIyYzNmYzczODcwZmVjMzFiZDgyZTAiLCJ0aSI6MTY3NjM4MDUzNTQ2Mn19
Content-Type: application/html charset=utf-8
Accept: text/html, */*; q=0.01
Referer: https://www.safarinow.com/go/gecko-lodge-bela-bela/
X-Requested-With: XMLHttpRequest

Response headers

date: Tue, 14 Feb 2023 13:15:35 GMT
strict-transport-security: max-age=2592000
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 14 Feb 2023 13:15:35 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/html; charset=utf-8
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
cache-control: public, max-age=2678400
cf-ray: 799612caab939a21-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 17 Mar 2023 13:15:35 GMT

POST
H2 200 / Show response
www.facebook.com/tr/ Frame CAE2 0
51 B 16ms
15ms Document
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://www.safarinow.com
Referer: https://www.safarinow.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://www.safarinow.com
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Tue, 14 Feb 2023 13:15:35 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/tNAc29ZZrpcOCErva2nr4BS9/ Frame D45E 55 KB
24 KB 29ms
29ms Stylesheet
text/css 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/tNAc29ZZrpcOCErva2nr4BS9/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=tNAc29ZZrpcOCErva2nr4BS9&k=6LeuugATAAAAAJFmsgWGTaSNunnXIk68kqKMXyV2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 07:40:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 20078
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Mon, 06 Feb 2023 03:04:07 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 14 Feb 2024 07:40:57 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/tNAc29ZZrpcOCErva2nr4BS9/ Frame D45E 406 KB
162 KB 31ms
30ms Script
text/javascript 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/tNAc29ZZrpcOCErva2nr4BS9/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=tNAc29ZZrpcOCErva2nr4BS9&k=6LeuugATAAAAAJFmsgWGTaSNunnXIk68kqKMXyV2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0924e5af960e9110d8424b1a364b61a5bcd949d53bcca312d0474dcb8c64a478

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 08:17:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 104261
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 166252
x-xss-protection: 0
last-modified: Mon, 06 Feb 2023 03:04:07 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 13 Feb 2024 08:17:54 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 7336 15 KB
6 KB 52ms
15ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=www.safarinow.com&origin=onetag

Requested by

Host: www.safarinow.com
URL: https://www.safarinow.com/go/gecko-lodge-bela-bela/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

d0f07190791630edc058ad6e5a33a3cda6a8f85c470e593ce0bbed46ffec148b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.safarinow.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 14 Feb 2023 13:15:35 GMT
server: Kestrel
server-processing-duration-in-ticks: 666648
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 sn.sprite.png
www.safarinow.com/res/img/ 125 KB
126 KB 25ms
24ms Image
image/webp 2606:4700::6811:ed43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.safarinow.com/res/img/sn.sprite.png?sv=20181121

Requested by

Host: www.safarinow.com
URL: https://www.safarinow.com/bundles/css/b?v=eKj24RcCZmjloeWbJTgG_HCz-uhrfZzw86lFBj6H34Y1

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:ed43 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aab1da8472950b36be28f339369238fd5e0c239683c22137b43a8dfe926aa271

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.safarinow.com/bundles/css/b?v=eKj24RcCZmjloeWbJTgG_HCz-uhrfZzw86lFBj6H34Y1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 13:15:35 GMT
strict-transport-security: max-age=2592000
cf-cache-status: HIT
age: 173220
cf-polished: origFmt=png, origSize=197584
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
content-disposition: inline; filename="sn.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 128190
cf-bgj: imgq:85,h2pri
last-modified: Wed, 07 Apr 2021 09:46:50 GMT
server: cloudflare
etag: "021a9ee922bd71:0"
vary: Accept
content-type: image/webp
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 799612cc4d609a21-FRA
expires: Fri, 17 Mar 2023 13:15:35 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 7336
Redirect Chain

https://gum.criteo.com/sid/json?origin=onetag&domain=safarinow.com&sn=ChromeSyncframe&so=0&topUrl=www.safarinow.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=d_32_XwrbWh2L3hrNEkvbkVMRllncnFQV1FHTWdkMWdzNW1Fa3VRRWFPb0lDY3FiekdPRWpSVlRoTndhc1NiRm5hZDA3RlhIZmRYM0JlRGFlSERWRmprd0Ywb1BlSnNJeVoyM1VsWDNFQ2Zvd3lWUXBwQmdFYzFQVmZpVX...

438 B
651 B

229ms
20ms

Fetch
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=d_32_XwrbWh2L3hrNEkvbkVMRllncnFQV1FHTWdkMWdzNW1Fa3VRRWFPb0lDY3FiekdPRWpSVlRoTndhc1NiRm5hZDA3RlhIZmRYM0JlRGFlSERWRmprd0Ywb1BlSnNJeVoyM1VsWDNFQ2Zvd3lWUXBwQmdFYzFQVmZpVXhNOTBQL1c0dzlIVUhqcnVRM1BVaS8rd2JwSHhIY3duMUhpMkliRHFubndWNnFDT1VNU2xNdVUyUU1yYXEvUm0xMjlzRlkvM1liS3hVNmNCR2dnZW4rc3N5Z1hoQUcxUHNqMlc5UnliREZLTVV5dFd5SGo4M1h0aXRIZm1XZHB0S2x2OFEvdjFCb21aQm00Q1F0dXFTem1FSVlzaFhNUT09fA&cppv=2

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

446f0e7d31fe49a05dc0d9aa169c54b02b7aaf11eb62f8f751f4e0bc1b61dde0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Feb 2023 13:15:35 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 3000296
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 14 Feb 2023 13:15:35 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=d_32_XwrbWh2L3hrNEkvbkVMRllncnFQV1FHTWdkMWdzNW1Fa3VRRWFPb0lDY3FiekdPRWpSVlRoTndhc1NiRm5hZDA3RlhIZmRYM0JlRGFlSERWRmprd0Ywb1BlSnNJeVoyM1VsWDNFQ2Zvd3lWUXBwQmdFYzFQVmZpVXhNOTBQL1c0dzlIVUhqcnVRM1BVaS8rd2JwSHhIY3duMUhpMkliRHFubndWNnFDT1VNU2xNdVUyUU1yYXEvUm0xMjlzRlkvM1liS3hVNmNCR2dnZW4rc3N5Z1hoQUcxUHNqMlc5UnliREZLTVV5dFd5SGo4M1h0aXRIZm1XZHB0S2x2OFEvdjFCb21aQm00Q1F0dXFTem1FSVlzaFhNUT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1006042
content-length: 0
expires: 0

GET
H2 200 event Show response
sslwidget.criteo.com/ 8 KB
4 KB 143ms
29ms Script
application/x-javascript 178.250.2.151
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://sslwidget.criteo.com/event?a=34972&v=5.13.0&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvp%26p%3D3794740&p3=e%3Dvs%26din%3D%26dout%3D&p4=e%3Ddis&adce=1&bundle=mUUnFV95WkxZclRGTWFjJTJGTVB4Um9zeTlDaTR1R000RUVVeUxLbUlEV1RiQmJ1NSUyRlJ2eXRwTTJjWFZERXglMkJHNGUlMkY3WEFzSWl4Ulh4ZUd5aEVvREtvUnJ2Zm5zb3BiZU05RWZZS3l5ZVlhTTRpTFBQUUZGeXBpa2RsWmZ2RENhRDF0MzRaMzk4cDFtJTJGNU1IVUwwd2JVUmJxeiUyRmclM0QlM0Q&tld=safarinow.com&fu=https%253A%252F%252Fwww.safarinow.com%252Fgo%252Fgecko-lodge-bela-bela%252F&dtycbr=10366

Requested by

Host: www.safarinow.com
URL: https://www.safarinow.com/go/gecko-lodge-bela-bela/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

a5f8645c975b1e35722a4cbff604b8dfb3a83265a51adae685169fa04bf7f27b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.safarinow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Feb 2023 13:15:35 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Kestrel
content-type: application/x-javascript
access-control-allow-origin: *
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 14862388
timing-allow-origin: *
expires: 0

GET
H2

200

sync
x.bidswitch.net/ul_cb/ Frame 6763
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-Cv8E7aT1jS1oV-pW9C6-WqLOm6Q952BziYimgQ&expires=30
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-Cv8E7aT1jS1oV-pW9C6-WqLOm6Q952BziYimgQ&expires=30

43 B
345 B

13ms
12ms

Image
image/gif

52.59.129.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-Cv8E7aT1jS1oV-pW9C6-WqLOm6Q952BziYimgQ&expires=30
Protocol: H2
Server: 52.59.129.17 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-59-129-17.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 13:15:36 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

Redirect headers

location: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-Cv8E7aT1jS1oV-pW9C6-WqLOm6Q952BziYimgQ&expires=30
date: Tue, 14 Feb 2023 13:15:36 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame 6763
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-Ib2Vm6T1jS1oV-pW9C6-WqLOm6Rb-eZ65EAVgQ&google_cm&google_hm=ay1JYjJWbTZUMWpTMW9WLXBXOUM2LVdxTE9tNlJiLWVaN...
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-Ib2Vm6T1jS1oV-pW9C6-WqLOm6Rb-eZ65EAVgQ&google_gid=CAESEA8I7IepCEZAVCMi1jicjxE&google_cver=1&google_ula=913071,0

43 B
370 B

25ms
16ms

Image
image/gif

178.250.2.151
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-Ib2Vm6T1jS1oV-pW9C6-WqLOm6Rb-eZ65EAVgQ&google_gid=CAESEA8I7IepCEZAVCMi1jicjxE&google_cver=1&google_ula=913071,0

Protocol

Server

178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Feb 2023 13:15:36 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1218517
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 14 Feb 2023 13:15:36 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-Ib2Vm6T1jS1oV-pW9C6-WqLOm6Rb-eZ65EAVgQ&google_gid=CAESEA8I7IepCEZAVCMi1jicjxE&google_cver=1&google_ula=913071,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 398
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame 6763
Redirect Chain

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=1239378064086928710

43 B
370 B

19ms
19ms

Image
image/gif

178.250.2.151
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=1239378064086928710

Protocol

Server

178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Feb 2023 13:15:35 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2121039
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Tue, 14 Feb 2023 13:15:36 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 37.58.57.1; 37.58.57.1; 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: d80b3bbb-d0c1-44b0-a188-23e6d03782cf
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=1239378064086928710
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

match
ad.360yield.com/ul_cb/ Frame 6763
Redirect Chain

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-ZVQqsaT1jS1oV-pW9C6-WqLOm6SRhIMvu5bBsw
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-ZVQqsaT1jS1oV-pW9C6-WqLOm6SRhIMvu5bBsw

43 B
447 B

11ms
11ms

Image
image/gif

3.65.233.109
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-ZVQqsaT1jS1oV-pW9C6-WqLOm6SRhIMvu5bBsw
Protocol: H2
Server: 3.65.233.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-65-233-109.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 14 Feb 2023 13:15:36 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-ZVQqsaT1jS1oV-pW9C6-WqLOm6SRhIMvu5bBsw
date: Tue, 14 Feb 2023 13:15:36 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 cksync.php
contextual.media.net/ Frame 6763 237 B
980 B 157ms
108ms Image
image/gif 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-NFEhSKT1jS1oV-pW9C6-WqLOm6Rb1BeQo-kZKg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

11cb2c0e70f91c6a0326cf4a4f9fa1b177c14efba6b56bf7535624b9c7bce990

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Tue, 14 Feb 2023 13:15:36 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 237
x-mnet-hl2: E
expires: Tue, 14 Feb 2023 13:15:36 GMT

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame 6763 0
239 B 265ms
221ms Image
image/gif 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-E6VuH6T1jS1oV-pW9C6-WqLOm6RIvVEFzXlHLA&expires=30
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 204 v1
match.sharethrough.com/sync/ Frame 6763 0
35 B 112ms
9ms Image
text/plain 3.126.136.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-AW_ac6T1jS1oV-pW9C6-WqLOm6T8QbzYq7Yl0w
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.126.136.128 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-136-128.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 13:15:36 GMT

GET
H2 200 /
rtb-csync.smartadserver.com/redir/ Frame 6763 43 B
114 B 139ms
18ms Image
image/gif 185.86.139.101
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-n-q6KqT1jS1oV-pW9C6-WqLOm6Q41Mj_SbIfow
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.101 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 13:15:35 GMT
content-type: image/gif

GET
H2 200 /
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 6763 0
99 B 300ms
16ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-TiE2D6T1jS1oV-pW9C6-WqLOm6StO23wZxjNDg
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 13:15:36 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 15681

GET
H2 200 um
criteo-sync.teads.tv/ Frame 6763 23 B
172 B 195ms
60ms Image
image/gif 23.35.209.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-sync.teads.tv/um?eid=80&uid=k-D4vee6T1jS1oV-pW9C6-WqLOm6QPWuWqaTodKA
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.209.30 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-209-30.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.9 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

expires: Tue, 14 Feb 2023 13:15:36 GMT
pragma: no-cache
date: Tue, 14 Feb 2023 13:15:36 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.9
content-length: 23
content-type: image/gif

GET
H2 200 xuid
eb2.3lift.com/ Frame 6763 37 B
140 B 94ms
56ms Image
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2711&xuid=k-LUyWpqT1jS1oV-pW9C6-WqLOm6QiWPKmAleN3g&dongle=013b
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 13:15:36 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2

204

sync
ups.analytics.yahoo.com/ups/58301/ Frame 6763
Redirect Chain

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-0wK5BKT1jS1oV-pW9C6-WqLOm6T0qEf52g2_xg
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-0wK5BKT1jS1oV-pW9C6-WqLOm6T0qEf52g2_xg&verify=true

0
121 B

13ms
12ms

Image
text/plain

18.156.0.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-0wK5BKT1jS1oV-pW9C6-WqLOm6T0qEf52g2_xg&verify=true

Protocol

Server

18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.25 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 13:15:36 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-0wK5BKT1jS1oV-pW9C6-WqLOm6T0qEf52g2_xg&verify=true
date: Tue, 14 Feb 2023 13:15:36 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 pixel
cm.adform.net/ Frame 6763 43 B
163 B 177ms
28ms Image
image/gif 37.157.6.254
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/pixel?adform_pid=15&adform_pc=k-0VonG6T1jS1oV-pW9C6-WqLOm6T9KAFILSRkPQ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.254 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 13:15:36 GMT
last-modified: Fri, 18 Nov 2022 14:39:11 GMT
server: nginx
accept-ranges: bytes
etag: "6377990f-2b"
content-length: 43
content-type: image/gif

GET
H2 200 sync
visitor.omnitagjs.com/visitor/ Frame 6763 49 B
235 B 63ms
18ms Image
image/gif 185.255.84.153
IGUANE-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-GgM30aT1jS1oV-pW9C6-WqLOm6S4n_qfXOwkLQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.153 , France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Feb 2023 13:15:36 GMT
x-content-type-options: nosniff
server: ayl-lb-fra02
vary: Accept-Encoding
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 1
content-length: 49
expires: 0

GET
H/1.1 200
OK setuid
secure.adnxs.com/ Frame 6763 43 B
1 KB 50ms
16ms Image
image/gif 185.89.210.153
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/setuid?entity=52&code=k-9vSaNKT1jS1oV-pW9C6-WqLOm6Sz5pmQ7a0yzw&seg=130915

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 14 Feb 2023 13:15:36 GMT
AN-X-Request-Uuid: 9e99b3a9-df3d-4247-9dc7-1b74744bcc3d
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 37.58.57.1; 37.58.57.1; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

rum
r.casalemedia.com/ Frame 6763
Redirect Chain

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-xCUQv6T1jS1oV-pW9C6-WqLOm6TzeLX0S9yMQg
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-xCUQv6T1jS1oV-pW9C6-WqLOm6TzeLX0S9yMQg&C=1

43 B
326 B

33ms
32ms

Image
image/gif

104.18.33.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-xCUQv6T1jS1oV-pW9C6-WqLOm6TzeLX0S9yMQg&C=1
Protocol: H2
Server: 104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Feb 2023 13:15:36 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C4hxkvHGNdi7yjkZtaHgLj39fm%2B0U1Bq9w1rVGOWX0jEmus0SZGOvUc9HH5P9aDsvb3mSboX3t900KZNFc5%2FmDlYpyhNMFyV8OhWmGry1FqwL5iQ%2Bj2NHuJ%2B%2B5zgibN1Hvt0"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 799612d0ba0e3637-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 14 Feb 2023 13:15:36 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y1C0ck1x62d91SgmVuORwnE19%2B0jt7yXnH2Tj3ZfI9N%2F%2FRji6mqozaEiI1jl33FX81CIrOLHR8V3eaWWb9A1t5KIxtIGPIbH50v1BdNWaOjyAXdP5%2FYUWCas7aPd9TQjfiKW"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=20&external_user_id=k-xCUQv6T1jS1oV-pW9C6-WqLOm6TzeLX0S9yMQg&C=1
cache-control: no-cache
cf-ray: 799612d089cc3637-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/ Frame 6763
Redirect Chain

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=7VQL8yDKuSXXLVccWP_5fRZm9vp7F-4D
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=7VQL8yDKuSXXLVccWP_5fRZm9vp7F-4D

42 B
942 B

36ms
35ms

Image
image/gif

54.217.237.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=7VQL8yDKuSXXLVccWP_5fRZm9vp7F-4D

Protocol

HTTP/1.1

Server

54.217.237.24 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-217-237-24.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v046-03a127b6a.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: MiD8vfMmRkg=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-1-v046-095a32b2e.edge-irl1.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: dcdyWGp7ReM=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=7VQL8yDKuSXXLVccWP_5fRZm9vp7F-4D
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1 200 9.gif
id5-sync.com/s/966/ Frame 6763 43 B
1 KB 80ms
20ms Image
image/gif 162.19.138.82
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/s/966/9.gif?puid=k-vQ_OS6T1jS1oV-pW9C6-WqLOm6RKlh-dD5Mdaw

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.82 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31532337.ip-162-19-138.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
date: Tue, 14 Feb 2023 13:15:35 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding: chunked
p3p: CP="CAO PSA OUR"

GET
H2 200 sync
matching.ivitrack.com/ Frame 6763 42 B
274 B 60ms
21ms Image
image/gif 34.117.157.22
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://matching.ivitrack.com/sync?realm=criteo&uid=k-eAs0ZaT1jS1oV-pW9C6-WqLOm6TU4DFQ4lhwDA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.157.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 22.157.117.34.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 13:15:36 GMT
x-envoy-decorator-operation: tag-manager.programmatic.svc.cluster.local:3000/*
via: 1.1 google
server: istio-envoy
content-type: image/gif
cache-control: public, max-age=86400
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H2 200 push
exchange.mediavine.com/usersync/ Frame 6763 0
881 B 49ms
12ms Image
text/html 3.126.78.222
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-ahLBPqT1jS1oV-pW9C6-WqLOm6SqBXu68bQdXw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.126.78.222 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-78-222.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 13:15:36 GMT
cache-control: private, no-cache
access-control-allow-credentials: true
content-encoding: gzip
vary: Origin, Accept-Encoding
content-type: text/html; charset=utf-8

GET
H/1.1 200
OK cookie-sync
sync.outbrain.com/ Frame 6763 0
145 B 224ms
17ms Image
text/plain 20.13.96.71
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-eEJXvKT1jS1oV-pW9C6-WqLOm6TxJFs8jco5SQ&initiator=partner
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.13.96.71 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Tue, 14 Feb 2023 13:15:36 GMT
Cache-Control: no-cache
X-TraceId: 496bb70ff14e988cafa002998561c3a7
Content-Length: 0

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame 6763 42 B
580 B 113ms
14ms Image
image/gif 185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-tB0DhaT1jS1oV-pW9C6-WqLOm6TQMQ8cX1r_Ew
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Tue, 14 Feb 2023 13:15:35 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 sync
criteo-partners.tremorhub.com/ Frame 6763 43 B
183 B 359ms
129ms Image
image/gif 2600:1f18:612b:4200:a29c:1631:ad5c:ae7b
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-partners.tremorhub.com/sync?UICR=k-_LvuUKT1jS1oV-pW9C6-WqLOm6TDBm2Ly0mKiA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4200:a29c:1631:ad5c:ae7b Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Tue, 14 Feb 2023 13:15:36 GMT
server: Apache-Coyote/1.1
content-type: image/gif

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame 6763 0
525 B 122ms
39ms Image
text/plain 104.96.129.75
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.yieldlab.net/m?dt_id=8664&ext_id=k-qv0sAqT1jS1oV-pW9C6-WqLOm6SK9jB42kCi8w

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.96.129.75 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-96-129-75.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 14 Feb 2023 13:15:36 GMT
x-content-type-options: nosniff
x-frame-options: DENY
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
x-xss-protection: 1; mode=block
x-application-context: application
Expires: Mon, 13 Feb 2023 13:15:36 GMT

GET
H2 200 sync
sync-criteo.ads.yieldmo.com/ Frame 6763 43 B
220 B 202ms
30ms Image
image/gif 54.217.97.242
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-criteo.ads.yieldmo.com/sync?id=k-uBVvK6T1jS1oV-pW9C6-WqLOm6RtGoeQbyvV_A&pn_id=criteo&ext=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.217.97.242 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-217-97-242.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Tue, 14 Feb 2023 13:15:36 GMT
content-type: image/gif
content-length: 43
access-control-allow-methods: GET, OPTIONS
access-control-request-headers: Cache-Control, Pragma

POST
H/1.1 200
OK 843ec445c1 Show response
bam.nr-data.net/events/1/ 24 B
405 B 250ms
250ms XHR
image/gif 162.247.241.14
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/events/1/843ec445c1?a=1512685109&v=1216.487a282&to=YlNWZ0NTW0MCU0YKWlsZeWVyHXBDF1FQD1xGXllWX0Z2Xw1EQAxZWVNGHHldWFUzUVUG&rst=2917&ck=1&ref=https://www.safarinow.com/go/gecko-lodge-bela-bela/
Requested by: Host: www.safarinow.com
URL: https://www.safarinow.com/go/gecko-lodge-bela-bela/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.241.14 Apex, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer: https://www.safarinow.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
content-type: text/plain

Response headers

Date: Tue, 14 Feb 2023 13:15:36 GMT
CF-Cache-Status: DYNAMIC
Server: cloudflare
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://www.safarinow.com
access-control-allow-credentials: true
Connection: keep-alive
CF-Ray: 799612d039df3a60-FRA
Content-Length: 24

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 6763
Redirect Chain

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=_jm7JO1QSUqIYRiHlN4q8juKXWskqRhl

0
339 B

174ms
33ms

Image
text/plain

54.72.113.247
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=_jm7JO1QSUqIYRiHlN4q8juKXWskqRhl
Protocol: H2
Server: 54.72.113.247 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-113-247.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

x-served-by: beacon-n022-dub-prod.krxd.net
date: Tue, 14 Feb 2023 13:15:36 GMT
cache-control: private, no-cache, no-store
x-request-time: D=33 t=1676380536
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=_jm7JO1QSUqIYRiHlN4q8juKXWskqRhl
date: Tue, 14 Feb 2023 13:15:36 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 1392825
content-length: 0

GET
H2 200 upf.js Show response
c.webengage.com/ 627 B
1 KB 373ms
125ms Script
application/javascript 23.22.89.152
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://c.webengage.com/upf.js?lp=https%3A%2F%2Fwww.safarinow.com%2Fgo%2Fgecko-lodge-bela-bela%2F&rf=&geo=y&jsonp=_we_jsonp_global_cb_1676380536483

Requested by

Host: ssl.widgets.webengage.com
URL: https://ssl.widgets.webengage.com/js/webengage-min-v-6.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.22.89.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-23-22-89-152.compute-1.amazonaws.com

Software

Resource Hash

372514e80d5b3eb7f7dcb5e41377bc811f8a8f9ea81de01612397fbfc2cf73c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.safarinow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 13:15:36 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-length: 627
x-xss-protection: 1; mode=block
pragma: no-cache
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Accept-Encoding
access-control-allow-headers: X-Requested-With,content-type
expires: 0

GET
H2

200

cs
s.thebrighttag.com/ Frame 6763
Redirect Chain

https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=U4AuqQZIe39CDGJs2pkQdA5Fcg7RJBK0

35 B
268 B

452ms
123ms

Image
image/gif

3.23.149.151
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=U4AuqQZIe39CDGJs2pkQdA5Fcg7RJBK0
Protocol: H2
Server: 3.23.149.151 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-23-149-151.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Feb 2023 13:15:37 GMT
x-bt-requestid: abad5380-ac69-11ed-b05f-0000ac17034f
server: nginx
content-type: image/gif
access-control-allow-origin
p3p: CP=NOI DSP COR NID
cache-control: private, must-revalidate
content-length: 35
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=U4AuqQZIe39CDGJs2pkQdA5Fcg7RJBK0
date: Tue, 14 Feb 2023 13:15:36 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 1214826
content-length: 0

GET
H2 200 ~a61h782.js Show response
wsdk-files.webengage.com/webengage/11b56488d/ 1 KB
811 B 15ms
14ms Script
application/x-javascript 2606:4700::6812:1d93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wsdk-files.webengage.com/webengage/11b56488d/~a61h782.js?r=1595522256000
Requested by: Host: ssl.widgets.webengage.com
URL: https://ssl.widgets.webengage.com/js/webengage-min-v-6.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1d93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8353be0b96da2687d2b2d7ebb956735aca92b75ab808fc94423d63a1087091f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.safarinow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 13:15:36 GMT
content-encoding: gzip
via: 1.1 2e87071abfb43f80383677f0ef761e82.cloudfront.net (CloudFront)
x-amz-version-id: JGP7FufK3Wo92Ef3WWk4.gOcY5XWXGco
cf-cache-status: HIT
x-amz-cf-pop: JFK51-C1
age: 439996
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 526
last-modified: Thu, 23 Jul 2020 22:04:16 GMT
server: cloudflare
etag: "e9600965e49a01decfd8993cd79194c8"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 799612d38ec930c9-FRA
x-amz-cf-id: T67GOiKIOVVrvh8cKzpX4_-kZORYqSK-PFD0K7U2TmQVK6Eic7uFlw==

POST
H2 200 l4.jpg
c.webengage.com/ 43 B
398 B 112ms
111ms Ping
image/gif 23.22.89.152
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://c.webengage.com/l4.jpg

Requested by

Host: ssl.widgets.webengage.com
URL: https://ssl.widgets.webengage.com/js/webengage-min-v-6.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.22.89.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-23-22-89-152.compute-1.amazonaws.com

Software

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.safarinow.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 14 Feb 2023 13:15:36 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
x-download-options: noopen
x-dns-prefetch-control: off
x-frame-options: SAMEORIGIN
content-type: image/gif
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,content-type
x-xss-protection: 1; mode=block

POST
H2 200 l4.jpg
c.webengage.com/ 43 B
398 B 112ms
112ms Ping
image/gif 23.22.89.152
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://c.webengage.com/l4.jpg

Requested by

Host: ssl.widgets.webengage.com
URL: https://ssl.widgets.webengage.com/js/webengage-min-v-6.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.22.89.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-23-22-89-152.compute-1.amazonaws.com

Software

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.safarinow.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 14 Feb 2023 13:15:36 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
x-download-options: noopen
x-dns-prefetch-control: off
x-frame-options: SAMEORIGIN
content-type: image/gif
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,content-type
x-xss-protection: 1; mode=block

Verdicts & Comments Add Verdict or Comment

281 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

55 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.safarinow.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: hjukq3isz1s0xdzkhovvhzfi
www.safarinow.com/	1970-01-20 19:15:40	Name: user_id Value: 1479a2a0-7b1a-4c0a-884e-3bfded8745a3
www.safarinow.com/	1970-01-20 19:15:40	Name: sl Value:
www.safarinow.com/	1970-01-20 11:06:04	Name: HomePageVersion Value: 3
www.safarinow.com/	1970-01-20 11:06:04	Name: HomePageRoomType Value: single
www.safarinow.com/	1969-12-31 23:59:59	Name: __RequestVerificationToken Value: 9zobTGIhY3p2ALLOBNXB5eEHeweLERU6niuyCK_DQltTElWhwhSFvOu-B6qjoNUPVbZB53Fk-chbsCkwSvrkwsfMmtYa2YidDH0dVR2aKBI1
www.safarinow.com/	1969-12-31 23:59:59	Name: SERVERID Value: web4
.safarinow.com/	1970-01-20 11:49:16	Name: _gcl_au Value: 1.1.1106443493.1676380534
.safarinow.com/	1970-01-20 09:41:06	Name: initialTrafficSource Value: utmcsr=(direct)\|utmcmd=(none)\|utmccn=(not set)\|pathname=/go/gecko-lodge-bela-bela/
.safarinow.com/	1970-01-20 09:41:06	Name: lastTrafficSource Value: utmcsr=(direct)\|utmcmd=(none)\|utmccn=(not set)\|pathname=/go/gecko-lodge-bela-bela/
.safarinow.com/	1969-12-31 23:59:59	Name: __utmzzses Value: 1
.creativecdn.com/	1970-01-20 18:25:16	Name: u Value: ui72bK3goTkiKbRyydkk
.creativecdn.com/	1970-01-20 18:25:16	Name: ts Value: 1676380534
.doubleclick.net/	1970-01-20 19:01:16	Name: IDE Value: AHWqTUmBRZH7JVfszIcWOcqQr0C-p33UL-1y-mSWZ_N6dkYVuFUDgIQzlAfyYTHA
.safarinow.com/	1970-01-20 19:15:40	Name: _ga_9DQPWY76PZ Value: GS1.1.1676380534.1.0.1676380534.0.0.0
.safarinow.com/	1970-01-20 19:15:40	Name: _ga Value: GA1.2.2105675737.1676380535
.safarinow.com/	1970-01-20 09:41:06	Name: _gid Value: GA1.2.2095625223.1676380535
.safarinow.com/	1970-01-20 09:39:40	Name: _dc_gtm_UA-135896-2 Value: 1
.safarinow.com/	1970-01-20 11:49:16	Name: _fbp Value: fb.1.1676380534962.1875009887
.criteo.com/	1970-01-20 19:01:16	Name: uid Value: 678c9193-c1d0-42f6-aa32-4e375c5ac979
.nr-data.net/	1969-12-31 23:59:59	Name: JSESSIONID Value: 1825c90604699ee2
.safarinow.com/	1970-01-20 19:09:04	Name: cto_bundle Value: mUUnFV95WkxZclRGTWFjJTJGTVB4Um9zeTlDaTR1R000RUVVeUxLbUlEV1RiQmJ1NSUyRlJ2eXRwTTJjWFZERXglMkJHNGUlMkY3WEFzSWl4Ulh4ZUd5aEVvREtvUnJ2Zm5zb3BiZU05RWZZS3l5ZVlhTTRpTFBQUUZGeXBpa2RsWmZ2RENhRDF0MzRaMzk4cDFtJTJGNU1IVUwwd2JVUmJxeiUyRmclM0QlM0Q
.adnxs.com/	1970-01-20 11:49:16	Name: uuid2 Value: 1239378064086928710
.360yield.com/	1970-01-20 11:49:16	Name: tuuid Value: b83571dc-9a1b-4d4a-8bb0-f9077fafb441
.360yield.com/	1970-01-20 11:49:16	Name: tuuid_lu Value: 1676380536
.360yield.com/	1970-01-20 11:49:16	Name: um Value: !38,fWZk3wMAbHpSeOMEYvAomtbNu6-CV79IRrnBaNBKkWvtqfEEBo3clMzdeFa-l10ct5ap-qrt,1684156536
.360yield.com/	1970-01-20 11:49:16	Name: umeh Value: !38,0,1738588536,-1
.media.net/	1970-01-20 18:25:16	Name: visitor-id Value: 3193821367267346000V10
.media.net/	1970-01-20 10:22:52	Name: data-c-ts Value: 1676380536
.media.net/	1970-01-20 10:22:52	Name: data-c Value: k-NFEhSKT1jS1oV-pW9C6-WqLOm6Rb1BeQo-kZKg~~3
.adnxs.com/	1970-01-20 11:49:16	Name: anj Value: dTM7k!M4/rCxrEQF']wIg2Il^q-8g!]tbPl@/D!9hy6]/Cwi-26+()75el)kN$Re`noNWkmAC?i+WF(2Deo3.C1^3iDijJBn@^zJsA=6bpRzqF1`bbc*+XZr^
.demdex.net/	1970-01-20 13:58:52	Name: demdex Value: 85769419798646145282759323998223861927
.yahoo.com/	1970-01-20 18:25:38	Name: A3 Value: d=AQABBHiJ62MCEEL6JhcfhkSvgIC8y3qv0eYFEgEBAQHa7GP1YwAAAAAA_eMAAA&S=AQAAAj2TxmHImx-yGAXEiihhpts
.analytics.yahoo.com/	1970-01-20 18:25:16	Name: IDSYNC Value: 18zh~29zp
.dpm.demdex.net/	1970-01-20 13:58:52	Name: dpm Value: 85769419798646145282759323998223861927
exchange.mediavine.com/	1970-01-20 09:59:50	Name: mv_tokens Value: %7B%22mv_uuid%22%3A%22ab50b490-ac69-11ed-a95e-55ca0a9b8a1e%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 09:59:50	Name: mv_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%22ab50b490-ac69-11ed-a95e-55ca0a9b8a1e%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 09:59:50	Name: am_tokens Value: %7B%22mv_uuid%22%3A%22ab50b490-ac69-11ed-a95e-55ca0a9b8a1e%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 09:59:50	Name: am_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%22ab50b490-ac69-11ed-a95e-55ca0a9b8a1e%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 09:59:50	Name: criteo Value: %7B%22id%22%3A%22k-ahLBPqT1jS1oV-pW9C6-WqLOm6SqBXu68bQdXw%22%2C%22version%22%3A%22criteo%22%7D
.casalemedia.com/	1970-01-20 18:25:16	Name: CMID Value: Y.uJeBXQV4gePZXakyLrywAA
.casalemedia.com/	1970-01-20 11:49:16	Name: CMPS Value: 1183
.casalemedia.com/	1970-01-20 11:49:16	Name: CMPRO Value: 1183
.id5-sync.com/	1970-01-20 09:39:40	Name: cf Value:
.id5-sync.com/	1970-01-20 09:39:40	Name: cip Value:
.id5-sync.com/	1970-01-20 09:39:40	Name: cnac Value:
.id5-sync.com/	1970-01-20 09:39:40	Name: car Value:
.id5-sync.com/	1970-01-20 09:39:40	Name: gdpr Value:
.id5-sync.com/	1970-01-20 09:39:40	Name: callback Value:
.bidswitch.net/	1970-01-20 18:25:16	Name: tuuid Value: 836aec91-d664-4a5b-97e2-bf4fe66c37b3
.bidswitch.net/	1970-01-20 18:25:16	Name: c Value: 1676380536
.bidswitch.net/	1970-01-20 18:25:16	Name: tuuid_lu Value: 1676380536
.pubmatic.com/	1970-01-20 10:22:52	Name: KRTBCOOKIE_97 Value: 3385-uid:k-tB0DhaT1jS1oV-pW9C6-WqLOm6TQMQ8cX1r_Ew&KRTB&23144-uid:k-tB0DhaT1jS1oV-pW9C6-WqLOm6TQMQ8cX1r_Ew&KRTB&23286-uid:k-tB0DhaT1jS1oV-pW9C6-WqLOm6TQMQ8cX1r_Ew&KRTB&23287-uid:k-tB0DhaT1jS1oV-pW9C6-WqLOm6TQMQ8cX1r_Ew
.pubmatic.com/	1970-01-20 10:22:52	Name: PugT Value: 1676380535
.krxd.net/	1970-01-20 13:58:52	Name: _kuid_ Value: PYQ2KVwU

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=2592000
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

11b56488d.webengage.co
ad.360yield.com
ad.yieldlab.net
bam.nr-data.net
beacon.krxd.net
c.webengage.com
cdnjs.cloudflare.com
cm.adform.net
cm.creativecdn.com
cm.g.doubleclick.net
connect.facebook.net
contextual.media.net
creativecdn.com
criteo-partners.tremorhub.com
criteo-sync.teads.tv
dis.criteo.com
dpm.demdex.net
eb2.3lift.com
exchange.mediavine.com
fledge-eu.creativecdn.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
id5-sync.com
js-agent.newrelic.com
match.sharethrough.com
matching.ivitrack.com
mug.criteo.com
pixel.rubiconproject.com
r.casalemedia.com
region1.google-analytics.com
rtb-csync.smartadserver.com
s.thebrighttag.com
secure.adnxs.com
simage2.pubmatic.com
sncdn.com
ssc-cms.33across.com
ssl.widgets.webengage.com
sslwidget.criteo.com
static.criteo.net
stats.g.doubleclick.net
sync-criteo.ads.yieldmo.com
sync-t1.taboola.com
sync.outbrain.com
ups.analytics.yahoo.com
visitor.omnitagjs.com
wsdk-files.webengage.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.safarinow.com
x.bidswitch.net
104.18.33.19
104.96.129.75
141.226.228.48
142.250.185.226
151.101.2.137
162.19.138.82
162.247.241.14
178.250.0.157
178.250.2.151
18.156.0.31
185.184.8.90
185.255.84.153
185.64.189.110
185.83.142.19
185.86.139.101
185.89.210.153
2.18.235.93
20.13.96.71
2001:4860:4802:34::36
23.22.89.152
23.35.209.30
2600:1f18:612b:4200:a29c:1631:ad5c:ae7b
2600:9000:2057:3800:8:cf94:88c0:93a1
2606:4700::6810:6e45
2606:4700::6811:190e
2606:4700::6811:ed43
2606:4700::6812:1d93
2a00:1450:4001:80f::2003
2a00:1450:4001:828::2008
2a00:1450:4001:829::2002
2a00:1450:4001:831::2004
2a00:1450:400c:c00::9c
2a00:1450:400d:806::200e
2a00:1450:400d:808::2003
2a00:1450:400d:80a::2003
2a02:2638:1::13
2a02:2638::3
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.126.136.128
3.126.78.222
3.23.149.151
3.65.233.109
34.117.157.22
37.157.6.254
52.59.129.17
54.217.237.24
54.217.97.242
54.72.113.247
67.202.105.22
69.173.144.138
76.223.111.18
087e545af3b8acd22ba6f279c0c496e41b447f0534d0c37eca3a86bbc747f4a2
0924e5af960e9110d8424b1a364b61a5bcd949d53bcca312d0474dcb8c64a478
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
11cb2c0e70f91c6a0326cf4a4f9fa1b177c14efba6b56bf7535624b9c7bce990
130c7f35f60e8c9309f214b2b6f34c98fa5d5303fab281c1f207eebec60265b1
1670565574aab8aa0a287a4cd8f49cf0d8b0959ebe344f90ca8af696ede9c23b
16c8ad014e255e48470f6856e3ac20f6050865f72e971417501057d4aeaddd98
1e9e85aea6ba1d036086abec40b42514c05ff48a3c41e2a8092f3608cdf901e6
1ee35098f16a428b5b3ec3093cca2fba9cc5a4fa00eca0611f510361d8313989
2d3cb58a4475cd785b20f9b507b66f5c8ca0daedb79214817e37af22dd2c65d5
315edc16cf7b4fef22f662389d11b9c9edd3940e927f6eef37e09c0dc306c035
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
372514e80d5b3eb7f7dcb5e41377bc811f8a8f9ea81de01612397fbfc2cf73c6
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
446f0e7d31fe49a05dc0d9aa169c54b02b7aaf11eb62f8f751f4e0bc1b61dde0
45b24878134aeeda47419fa58f936495933a8c0407727c504dffd7491488b698
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c2d0feed28a7d9c6efaa8be76ade9b873daff15e82ffe9b474791b8b68f558a
4d561a113ded0bf2274494c8dd3cb51bd4ab4b78f20c20504b28f8177ad62886
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
545156adeae44dadc82b98d504f805ebe77fb79c928ef34eed1057bb9d4cb8fe
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5797c58a4cff798cb3c2c172ad5a8df1201e62f606ab8fadc57fb0e619b6def5
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5f2f1b11cc426d3b7bb73f47791b5b8621e9f41dae4de6ac6ec9697d4a9ddd4c
5f539c7a0659c1a4333e93e59583e4b44635bd1af0dbae8069d123d30ee562d0
643469534f3c4e61bec4a5e86fda65203c0027f9884bcd0d51fe0fd0494d6071
65fd0758e69662a2d17000625490a1e5fdc554b9023f1fe122a1c106071b5a87
669ddf690d3a1cd6f89c4dd0a844b822b5dba097608f054393ea19defed0e380
66b7ea69852498b80579b3d495b38602972706695c74cda00e5676db8b7f8c62
6d5d492ebfbcb870043022f9dda638b11086698377b702c73cbd64e4a5469b40
6fa663546a856e5a9498f05d081e88046a5d317e66693f74982cc77045b1bdcb
736689ae6aab3fc929356771109886746e998c746b1c4cab4000360a366a3f89
79ef013e8d64f1f43e40f908b5c4b14762ba2793e69fceb3b7a5d5d97fccb766
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8353be0b96da2687d2b2d7ebb956735aca92b75ab808fc94423d63a1087091f0
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
89abbb41255229b88f79b4e65cedd5f0a7c581a9677165a1e0c3afc622e80d8f
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8db89f96383f00edad3e622b6cc7c6c04b5cd6af62d8f93d29ff17a181fe5e15
9345880ada178d9c36ed991525ff3c0671594be63500a61313d2ac1d35f3a51c
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
9c1f76cf22d9549250a57745552985040d126d9ff37d607d1fc7717785c3f1ff
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a57b5242b9a9adc4c1ef846c365147b89c472b9cd770face331efcb965346b25
a5f8645c975b1e35722a4cbff604b8dfb3a83265a51adae685169fa04bf7f27b
aab1da8472950b36be28f339369238fd5e0c239683c22137b43a8dfe926aa271
b0e7e3bc6519daa1b02fb98bf960dbaae585e0e572c1da0f4d762e663e777c65
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bcf116eb404f3eb17238191b2f519f5ce8115ef08e564e7b075ad5dd780e2457
c1d8d9fb2489e2de9652683421189cb48b1baaa99df7eb6675edb1c56ff8b148
c1e56ad863615fc191d80d7807852db95e57579f6535186d83d04ecdebef5236
c275ffed1f203c10a53e14e5c9bb9450b956be2d1662e8831b01a73195ae6463
ce3dbf89239794aa1ff3c87739f944210855c0be0f61e7e9b59fcb3c3517d90c
ce54937f95e7291720a74a84ae0167cfa15f2bc1c4efe09e495c85ad3b74ae6a
d0f07190791630edc058ad6e5a33a3cda6a8f85c470e593ce0bbed46ffec148b
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d1a619b435d5c5c43443342481d84e9448bdb56cb8966d65c797a1ab94f57ed1
d1ff0de8bc0eef53396c02f1c428f62b25f05306692a9eed14a09e02a77af0ea
d2b82e612d2a812e8be2a57300dab8923c4f2edbe7a799e7da70791b595646fe
d844ee132ba6ca5362bcaa599bb5128ca172ae2317f5d8fa97b4c1019ace7094
d9e7b3847b83d904207ca078df787b9b25585b39a31a37b3a70c487b14c59763
daba0d8b5c7be8f4b2150cd96a2c81ffd738a299cca4650a98ebf2e79268c180
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82
dfbfacd5a2fe02640a12ee2fa27cdc323779ce2672f6a28b1da9eefdb21ae9f7
e00077914e4e98efed489b796cd7a4539506987f5897cd440f88e45f3a6f3ad5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3ce22942417f3bcc58f8d267416aa9d21f94ddafc9abcd7c0ac9928699035a2
ea9b79716003ab5d8337d845631e112b9781019a498233cf2408f1a7d58a507b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef97276ccec734f9dd6f9ef7ae68fae254dc0000ec97c6ed1850f195edecaa26
f07b969e81bca1ed6769d4d9f024d6da76cebd925afb3e4db665766e3f6a13b4

www.safarinow.com Open in urlscan Pro 2606:4700::6811:ed43 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

110 Requests

90 %HTTPS

37 %IPv6

44 Domains

56 Subdomains

50 IPs

10 Countries

2342 kBTransfer

5975 kBSize

55 Cookies

11 Outgoing links

Redirected requests

110 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

www.safarinow.com Open in urlscan Pro
2606:4700::6811:ed43 Public Scan

Screenshot
Live screenshot

Full Image

110
Requests

90 %
HTTPS

37 %
IPv6

44
Domains

56
Subdomains

50
IPs

10
Countries

2342 kB
Transfer

5975 kB
Size

55
Cookies

110 HTTP transactions
0 data transactions