urlscan.io logo urlscan.io
SecurityTrails logo

www.handsometours.com Open in urlscan Pro
141.193.213.10  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://4ufol.r.ag.d.sendibm3.com/mk/cl/f/sh/7nVU1aA2nfy8RmLd3WJ3EYozwSIpNmk/WeVyIPYg7_ls
Effective URL: https://www.handsometours.com/tours/alvvays-2023/
Submission: On August 24 via manual from AU — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 23 IPs in 5 countries across 21 domains to perform 77 HTTP transactions. The main IP is 141.193.213.10, located in United States and belongs to CLOUDFLARESPECTRUM Cloudflare, Inc., US. The main domain is www.handsometours.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 6th 2023. Valid for: a year.
This is the only time www.handsometours.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1.179.112.196 396982 (GOOGLE-CL...)
1 2606:4700:440... 13335 (CLOUDFLAR...)
5 2606:4700:440... 13335 (CLOUDFLAR...)
1 1 67.199.248.10 396982 (GOOGLE-CL...)
21 141.193.213.10 209242 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
8 2a02:26f0:310... 20940 (AKAMAI-ASN1)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
5 2a03:2880:f08... 32934 (FACEBOOK)
3 2a00:1450:400... 15169 (GOOGLE)
5 2606:4700::68... 13335 (CLOUDFLAR...)
2 54.156.217.215 14618 (AMAZON-AES)
1 1 141.193.213.11 209242 (CLOUDFLAR...)
1 146.75.116.157 54113 (FASTLY)
2 6 2600:9000:210... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a02:26f0:310... 20940 (AKAMAI-ASN1)
2 2001:4860:480... 15169 (GOOGLE)
1 104.244.42.197 13414 (TWITTER)
1 104.244.42.131 13414 (TWITTER)
5 2a03:2880:f17... 32934 (FACEBOOK)
1 2a05:d018:cc3... 16509 (AMAZON-02)
2 63.33.254.192 16509 (AMAZON-02)
77 23
1    1.179.112.196 (France)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: m1179112196.mailinblue.me
4ufol.r.ag.d.sendibm3.com
1    2606:4700:4400::ac40:96ba (United States)

ASN13335 (CLOUDFLARENET, US)
sibautomation.com
5    2606:4700:4400::6812:26d8 (United States)

ASN13335 (CLOUDFLARENET, US)
in-automate.brevo.com
assets.brevo.com
static.brevo.com
1    67.199.248.10 (United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: bit.ly
bit.ly
21    141.193.213.10 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
www.handsometours.com
1    2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
8    2a02:26f0:3100::1735:2a43 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
use.typekit.com
4    2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
img.youtube.com
www.google-analytics.com
2    2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ssl.google-analytics.com
5    2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
3    2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
5    2606:4700::6813:f0c9 (United States)

ASN13335 (CLOUDFLARENET, US)
4a1fe988.sibforms.com
sibforms.com
2    54.156.217.215 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-156-217-215.compute-1.amazonaws.com
secure.gaug.es
1    141.193.213.11 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
handsometours.com
1    146.75.116.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
static.ads-twitter.com
6    2600:9000:2104:d000:6:9280:1080:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.adroll.com
1    2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a02:26f0:3100::1735:2a28 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
p.typekit.net
2    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    104.244.42.197 (United States)

ASN13414 (TWITTER, US)
t.co
1    104.244.42.131 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
5    2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2a05:d018:cc3:fe05:9f63:e63d:b5d3:4662 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
d.adroll.com
2    63.33.254.192 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-33-254-192.eu-west-1.compute.amazonaws.com
596808a16dec4fc39413bf34b0a70240.apm.eu-west-1.aws.cloud.es.io
Apex Domain
Subdomains		 Transfer
22 handsometours.com
www.handsometours.com
handsometours.com
2 MB
8 typekit.com
use.typekit.com — Cisco Umbrella Rank: 18328
167 KB
7 adroll.com
s.adroll.com — Cisco Umbrella Rank: 2765
d.adroll.com — Cisco Umbrella Rank: 1300
28 KB
7 google-analytics.com
ssl.google-analytics.com — Cisco Umbrella Rank: 483
www.google-analytics.com — Cisco Umbrella Rank: 37
region1.google-analytics.com — Cisco Umbrella Rank: 2412
39 KB
5 facebook.com
www.facebook.com — Cisco Umbrella Rank: 110
374 B
5 sibforms.com
4a1fe988.sibforms.com
sibforms.com — Cisco Umbrella Rank: 44446
175 KB
5 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 165
259 KB
5 brevo.com
in-automate.brevo.com — Cisco Umbrella Rank: 24106
assets.brevo.com — Cisco Umbrella Rank: 97963
static.brevo.com — Cisco Umbrella Rank: 300886
138 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 48
228 KB
2 es.io
596808a16dec4fc39413bf34b0a70240.apm.eu-west-1.aws.cloud.es.io — Cisco Umbrella Rank: 87610
40 B
2 gaug.es
secure.gaug.es — Cisco Umbrella Rank: 28109
4 KB
1 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 720
396 B
1 t.co
t.co — Cisco Umbrella Rank: 556
377 B
1 typekit.net
p.typekit.net — Cisco Umbrella Rank: 610
205 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 93
350 B
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 725
15 KB
1 youtube.com
img.youtube.com — Cisco Umbrella Rank: 3329
36 KB
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 366
90 KB
1 bit.ly
bit.ly — Cisco Umbrella Rank: 6030
298 B
1 sibautomation.com
sibautomation.com — Cisco Umbrella Rank: 23284
1 KB
1 sendibm3.com
4ufol.r.ag.d.sendibm3.com
714 B
77 21
Domain Requested by
21 www.handsometours.com 4ufol.r.ag.d.sendibm3.com
www.handsometours.com
8 use.typekit.com www.handsometours.com
6 s.adroll.com 2 redirects www.googletagmanager.com
www.handsometours.com
s.adroll.com
5 www.facebook.com www.handsometours.com
connect.facebook.net
5 connect.facebook.net www.handsometours.com
connect.facebook.net
3 sibforms.com 4a1fe988.sibforms.com
3 www.googletagmanager.com www.handsometours.com
www.google-analytics.com
3 www.google-analytics.com www.handsometours.com
www.google-analytics.com
2 596808a16dec4fc39413bf34b0a70240.apm.eu-west-1.aws.cloud.es.io sibforms.com
2 static.brevo.com sibforms.com
2 assets.brevo.com 4a1fe988.sibforms.com
2 region1.google-analytics.com www.googletagmanager.com
2 secure.gaug.es www.handsometours.com
2 4a1fe988.sibforms.com www.handsometours.com
4a1fe988.sibforms.com
2 ssl.google-analytics.com www.handsometours.com
1 d.adroll.com s.adroll.com
1 analytics.twitter.com www.handsometours.com
1 t.co www.handsometours.com
1 p.typekit.net www.handsometours.com
1 stats.g.doubleclick.net www.google-analytics.com
1 static.ads-twitter.com www.googletagmanager.com
1 handsometours.com 1 redirects
1 img.youtube.com www.handsometours.com
1 ajax.googleapis.com www.handsometours.com
1 bit.ly 1 redirects
1 in-automate.brevo.com sibautomation.com
1 sibautomation.com 4ufol.r.ag.d.sendibm3.com
1 4ufol.r.ag.d.sendibm3.com
77 28
Subject Issuer Validity Valid
*.r.ag.d.sendibm3.com
R3		 2023-08-18 -
2023-11-16		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-10 -
2024-05-09		 a year crt.sh
brevo.com
GTS CA 1P5		 2023-07-03 -
2023-10-01		 3 months crt.sh
www.handsometours.com
Cloudflare Inc ECC CA-3		 2023-04-06 -
2024-04-04		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
use.typekit.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-09-14 -
2023-10-15		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-06-02 -
2023-08-31		 3 months crt.sh
*.gaug.es
Sectigo RSA Domain Validation Secure Server CA		 2023-03-02 -
2024-04-01		 a year crt.sh
ads-twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-21 -
2024-07-19		 a year crt.sh
s.adroll.com
Amazon RSA 2048 M01		 2023-06-03 -
2024-07-01		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-07-31 -
2023-10-23		 3 months crt.sh
t.co
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-14 -
2023-11-14		 a year crt.sh
*.twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-10-01 -
2023-10-01		 a year crt.sh
d.adroll.com
Amazon RSA 2048 M01		 2022-11-08 -
2023-12-07		 a year crt.sh
*.eu-west-1.aws.elastic-cloud.com
R3		 2023-08-10 -
2023-11-08		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://www.handsometours.com/tours/alvvays-2023/
Frame ID: 731D9BFBC567CD2995847800C0AD45CE
Requests: 63 HTTP requests in this frame

Frame: https://sibautomation.com/cm.html?id=2885919
Frame ID: 64B43DC8ACE4391CCDFA4B8FCB002715
Requests: 2 HTTP requests in this frame

Frame: https://4a1fe988.sibforms.com/serve/MUIFAJQVD_9ay2J16VaE-8l-9b9aEwX6js9MYNcBxlyHkJmAGPW-rDkNdtEtlU0vP_pyH56NnlzmJ_nMetXsO35b4snSx2gpE8cpCt98bJz1rlrOPoh2lDqfsk5Z90pCCsum2A3hhDkcNu890qjHQMgeOUiebLQSHoqgey6HO1cbE0yLo7ZfAXX1tHvcO6wRAuNqqpm_DcpP1vTa
Frame ID: F02072E288D8E683112CFD663A091D7E
Requests: 11 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df246d84314ea6b4%26domain%3Dwww.handsometours.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.handsometours.com%252Ff1ecfbfbffa91e4%26relation%3Dparent.parent&container_width=300&href=http%3A%2F%2Fwww.facebook.com%2FHandsomeTours&locale=en_GB&sdk=joey&send=false&show_faces=true&width=328
Frame ID: ABC68A705C35190F7E264220B103D10E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

ALVVAYS · Handsome Tours

Page URL History Show full URLs

  1. https://4ufol.r.ag.d.sendibm3.com/mk/cl/f/sh/7nVU1aA2nfy8RmLd3WJ3EYozwSIpNmk/WeVyIPYg7_ls Page URL
  2. https://bit.ly/alvv_ht HTTP 301
    https://www.handsometours.com/tours/alvvays-2023/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • (?:a|s)\.adroll\.com
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js
Overall confidence: 100%
Detected patterns
  • swfobject.*\.js
Overall confidence: 100%
Detected patterns
  • use\.typekit\.com
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

77
Requests

96 %
HTTPS

63 %
IPv6

21
Domains

28
Subdomains

23
IPs

5
Countries

3475 kB
Transfer

5383 kB
Size

22
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://4ufol.r.ag.d.sendibm3.com/mk/cl/f/sh/7nVU1aA2nfy8RmLd3WJ3EYozwSIpNmk/WeVyIPYg7_ls Page URL
  2. https://bit.ly/alvv_ht HTTP 301
    https://www.handsometours.com/tours/alvvays-2023/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 28
  • https://handsometours.com/wp-content/uploads/2020/10/handsome_1435x210.png HTTP 301
  • https://www.handsometours.com/wp-content/uploads/2020/10/handsome_1435x210.png
Request Chain 58
  • https://s.adroll.com/j/exp/IATAQV6RFRD3RD6IINUCI7/index.js HTTP 302
  • https://s.adroll.com/j/exp/index.js
Request Chain 59
  • https://s.adroll.com/j/pre/IATAQV6RFRD3RD6IINUCI7/TYRKWCWG3JBE5GJ7Z5OFHQ/fpconsent.js HTTP 302
  • https://s.adroll.com/j/pre/index.js

77 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
WeVyIPYg7_ls
4ufol.r.ag.d.sendibm3.com/mk/cl/f/sh/7nVU1aA2nfy8RmLd3WJ3EYozwSIpNmk/ 		586 B
714 B 		Document
General
Check archive.org
Download Go to
Full URL
https://4ufol.r.ag.d.sendibm3.com/mk/cl/f/sh/7nVU1aA2nfy8RmLd3WJ3EYozwSIpNmk/WeVyIPYg7_ls
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
1.179.112.196 , France, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
m1179112196.mailinblue.me
Software
/
Resource Hash
800b2d4d98db38463019f263de347bdf143732f72abc7325695d4aed7f2e2eb2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

content-length
586
content-type
text/html; charset=utf-8
date
Thu, 24 Aug 2023 02:25:20 GMT
x-content-type-options
nosniff
x-sib-server
server7
x-xss-protection
1
cm.html
sibautomation.com/ Frame 64B4 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sibautomation.com/cm.html?id=2885919
Requested by
Host: 4ufol.r.ag.d.sendibm3.com
URL: https://4ufol.r.ag.d.sendibm3.com/mk/cl/f/sh/7nVU1aA2nfy8RmLd3WJ3EYozwSIpNmk/WeVyIPYg7_ls
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:96ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Sails <sailsjs.com>
Resource Hash
2d38e8228ad09c73d432c4607a9d6451f88f8b7b28b53a7e99963f78f18284ac

Request headers

Referer
https://4ufol.r.ag.d.sendibm3.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

access-control-allow-origin
*
age
7643
cache-control
public, max-age=7200
cf-cache-status
HIT
cf-ray
7fb824e978830220-CDG
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 24 Aug 2023 02:25:20 GMT
expires
Thu, 24 Aug 2023 04:25:20 GMT
server
cloudflare
traceresponse
00-d736ea4bc61426eb61ed8eebd7913eb7-53425bf13331e20b-01
vary
Accept-Encoding
x-dt-tracestate
14ea3eee-a07e0240@dt
x-powered-by
Sails <sailsjs.com>
cm
in-automate.brevo.com/ Frame 64B4 		0
99 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://in-automate.brevo.com/cm?uuid=320de288-7f2d-42d0-a43d-7f7e3c599c11&key=zxryj6hfxnr8yh11pandrs5d&trans=0&user_id=329618
Requested by
Host: sibautomation.com
URL: https://sibautomation.com/cm.html?id=2885919
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:26d8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://sibautomation.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 24 Aug 2023 02:25:20 GMT
cache-control
no-cache
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7fb824e9f8aaf09f-CDG
Primary Request /
www.handsometours.com/tours/alvvays-2023/
Redirect Chain
  • https://bit.ly/alvv_ht
  • https://www.handsometours.com/tours/alvvays-2023/
30 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.handsometours.com/tours/alvvays-2023/
Requested by
Host: 4ufol.r.ag.d.sendibm3.com
URL: https://4ufol.r.ag.d.sendibm3.com/mk/cl/f/sh/7nVU1aA2nfy8RmLd3WJ3EYozwSIpNmk/WeVyIPYg7_ls
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / WP Engine
Resource Hash
06ad340dbe2d27882df412925e40918a64ff5ea84cb96e2c8b4f7def7a90a053

Request headers

Referer
https://4ufol.r.ag.d.sendibm3.com/mk/cl/f/sh/7nVU1aA2nfy8RmLd3WJ3EYozwSIpNmk/WeVyIPYg7_ls
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=600, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
7fb824eb1b130636-CDG
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 24 Aug 2023 02:25:22 GMT
link
<https://www.handsometours.com/wp-json/>; rel="https://api.w.org/" <https://www.handsometours.com/wp-json/wp/v2/posts/20872>; rel="alternate"; type="application/json"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u24vY1bnCWEOB580Ams0hoiZ0MchMLokTAkeML84nYTzKwovMumKWxk%2FN7JPl9RQfkX8mqF0exYEfOt%2Bza7OEndx8nPWyeXTHezfuIFr9tFZjakYoz91RyjGjsL0kzawW3gzh%2Fkw5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
x-cache
HIT: 17
x-cache-group
normal
x-cacheable
SHORT
x-pingback
https://www.handsometours.com/xmlrpc.php
x-powered-by
WP Engine
x-wpe-request-id
08279d8667c25b3e69e12ba12a8c8e89

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=90
content-length
136
content-security-policy
referrer always;
content-type
text/html; charset=utf-8
date
Thu, 24 Aug 2023 02:25:21 GMT
location
https://www.handsometours.com/tours/alvvays-2023/
referrer-policy
unsafe-url
server
nginx
via
1.1 google
handsome.css
www.handsometours.com/wp-content/themes/handsome2011/_css/ 		36 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.handsometours.com/wp-content/themes/handsome2011/_css/handsome.css
Requested by
Host: www.handsometours.com
URL: https://www.handsometours.com/tours/alvvays-2023/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
169bb4ae5f2da57312b7d13e29febd4497cae30b1479d503c19e30491619e6f7

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.handsometours.com/tours/alvvays-2023/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 02:25:22 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
66567
x-wpe-request-id
8a3b903fc5cfad8c381691782ec693d7
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 06 Apr 2023 06:43:06 GMT
server
cloudflare
etag
W/"642e69fa-8e31"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I37fJblukspzqTF3TmM2DXDEsRTTOniPtmuL9%2BV3yJ9h5jl9t3N5TcThk6058%2BEpecfxX0Qz4N02HvQceDyMf4sfmViJCu6Uwfb7NI1QxQuCzDkzyFM1WC5t4f3185H4IR2KTmuZeg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7fb824f22d980636-CDG
style.css
www.handsometours.com/wp-content/themes/handsome2011/ 		28 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.handsometours.com/wp-content/themes/handsome2011/style.css
Requested by
Host: www.handsometours.com
URL: https://www.handsometours.com/tours/alvvays-2023/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8d8643aedd3dec3c0f7ac1fffbe714efc0b65713cbe816cb86cdcf2a370966d

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.handsometours.com/tours/alvvays-2023/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 02:25:22 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
66567
x-wpe-request-id
7a9e0efec8ff977b43c3fd689547084d
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 06 Apr 2023 06:45:46 GMT
server
cloudflare
etag
W/"642e6a9a-6fe7"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qctwc%2BdmX5biypz7HFNjo69u5iytrx7sy1v%2Bk%2BHTpKKTLfZ4XLpsfFDzMfImxWyk7O%2FJcMKsbTS1UzM%2Fo9rT68Wd0bIyKuWFuhB5JZp0cR4%2FmJgtpVxVylk4illkBkrSwLgHt0sVgg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7fb824f22d9a0636-CDG
style-april15.css
www.handsometours.com/wp-content/themes/handsome2011/ 		9 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.handsometours.com/wp-content/themes/handsome2011/style-april15.css
Requested by
Host: www.handsometours.com
URL: https://www.handsometours.com/tours/alvvays-2023/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ce2357e55b3eb9cf7490bb3edca8ca8a4ec9241413c3c8321877bafe67e023f

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.handsometours.com/tours/alvvays-2023/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 02:25:22 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
66567
x-wpe-request-id
b249ecbd806e01365af55350fe642722
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 06 Apr 2023 06:51:55 GMT
server
cloudflare
etag
W/"642e6c0b-250d"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EG8WmSIYqKcerKCWUcn5XiiIgOHV2BQdOpM846NiW5DjbUlZ%2BpkkuMUfL62aqnPXzkCgRHh0BMfaophjeKM6YAbQsFDMqLrlufcINxcxK1zhJRYCbVItN4GaPUx%2F9vD1fRZiQcbLYg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7fb824f22d9b0636-CDG
flexslider.css
www.handsometours.com/wp-content/themes/handsome2011/_js/flexslider/css/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.handsometours.com/wp-content/themes/handsome2011/_js/flexslider/css/flexslider.css
Requested by
Host: www.handsometours.com
URL: https://www.handsometours.com/tours/alvvays-2023/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
09023baefad81ce5066da12f63dbfd860f1321097977c6994d7862905f18da76

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.handsometours.com/tours/alvvays-2023/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 02:25:22 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
66567
x-wpe-request-id
df931aa9b11e93aa44303190f3c2eddd
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 06 Apr 2023 06:50:19 GMT
server
cloudflare
etag
W/"642e6bab-1ab7"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JxyYhIMFAYgAC9drwrSu%2BBEGuIOMeMDZyKNeoow6I0IrWMCUNfuilh3BiKfSQ0Dus3FSW%2FpFDm9R6Ujfq0B%2FNopyEfb17oBc8oUfR%2Foqufb4wkIVZI84GyTyHlPZ1for8KR%2BCr5yRg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7fb824f22d9c0636-CDG
modernizr2.js
www.handsometours.com/wp-content/themes/handsome2011/_js/ 		42 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.handsometours.com/wp-content/themes/handsome2011/_js/modernizr2.js
Requested by
Host: www.handsometours.com
URL: https://www.handsometours.com/tours/alvvays-2023/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
81ede5c5f43fa734894eb48cc8b577f9f868a1ecbefe22ecfedbcae3240bb6be

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.handsometours.com/tours/alvvays-2023/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 02:25:22 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
249879
x-wpe-request-id
2db3189d0177b8ba00b31a442c244584
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 06 Apr 2023 06:49:01 GMT
server
cloudflare
etag
W/"642e6b5d-a986"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wst0jJHHUsRFoeNyxDg4aXZexlF4WAEvshby0QyUX4Q%2FR8fNzbbO%2FL0hJKHQ6j6V8ZeKBRJw5uM%2BGVvdk4E2tFfJINI7edfohHdUMCOFRY62J9bnF9Oen305FXs%2BuJo3X%2B2eSjoB4w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7fb824f22d9d0636-CDG
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.6.3/ 		89 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.6.3/jquery.min.js
Requested by
Host: www.handsometours.com
URL: https://www.handsometours.com/tours/alvvays-2023/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d3f3779f5113da6da957c4d81481146a272c31aefe0d3e4b64414fd686fd9744
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.handsometours.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sat, 19 Aug 2023 06:27:52 GMT
x-content-type-options
nosniff
age
417450
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
91626
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 18 Aug 2024 06:27:52 GMT
swfobject.js
www.handsometours.com/wp-content/themes/handsome2011/_js/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.handsometours.com/wp-content/themes/handsome2011/_js/swfobject.js
Requested by
Host: www.handsometours.com
URL: https://www.handsometours.com/tours/alvvays-2023/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
8677971b119ccdb82af697ff0e08f218490d15116f221d44301f1cc8797e67d4

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.handsometours.com/tours/alvvays-2023/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 02:25:22 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
249879
x-wpe-request-id
fb6650832cb944f2072454484d0bea76
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 06 Apr 2023 06:51:11 GMT
server
cloudflare
etag
W/"642e6bdf-27ec"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pSmQMJVal4tJ88CpN9klJ9l%2BezdZsMQ9e0aIgNkVaLPYQmP4aQu%2BAEMKHEzf44FQBrniKLouJgRY1ITrmHSgweKRn2raN0%2Fp8q0PZ07Aky%2BtvMqYiPdmqoSKwS0iuo5Le%2B%2Bop4otng%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7fb824f22d9e0636-CDG
jquery.cycle.all.js
www.handsometours.com/wp-content/themes/handsome2011/_js/ 		50 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.handsometours.com/wp-content/themes/handsome2011/_js/jquery.cycle.all.js
Requested by
Host: www.handsometours.com
URL: https://www.handsometours.com/tours/alvvays-2023/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd68b8fe7d37bdaa2e380d4afef3cb7acc7990750747577b097d53666c46845b

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.handsometours.com/tours/alvvays-2023/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 02:25:22 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
249879
x-wpe-request-id
3eca6cbdc3ba2706977e60bdaccaf102
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 06 Apr 2023 06:50:25 GMT
server
cloudflare
etag
W/"642e6bb1-c86b"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HUuyj2bJ9HE2UjtQYJF7Cd0xvVAc3Xrk7rqe9lbpnMf4XpIQ7AteRuD4Ujhdhb5K%2BDaQUYFodKEzEYLGTkKUoudx1UDR5oalKPq3jJJCBq5DByYzeeKGXj7RzJ%2BWFmPJG2a43BS39w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7fb824f22d9f0636-CDG
jquery.colorbox.min.js
www.handsometours.com/wp-content/themes/handsome2011/_js/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.handsometours.com/wp-content/themes/handsome2011/_js/jquery.colorbox.min.js
Requested by
Host: www.handsometours.com
URL: https://www.handsometours.com/tours/alvvays-2023/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8e01bf02fc25d398e098265873f3a4c64b00d37309c0d1f3a35e0eff5fe10a4

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.handsometours.com/tours/alvvays-2023/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 02:25:22 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
249879
x-wpe-request-id
24b894cba7076a37520cffed3d7f6f46
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 06 Apr 2023 06:41:54 GMT
server
cloudflare
etag
W/"642e69b2-252a"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JXFBmWvFMqQ9fp6YtRYJQDQQTeGi9pu%2BGIFfHZ6zseNMartznCCcBQyvPfKymINS88bgcnsUz06%2FiHmtmDpBzFmfH7g%2FNUBx5JuqHwqqfumrQsfUAE0DqvjkUeE%2F6E1CEzZM%2Bez1xQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7fb824f22da00636-CDG
jquery.masonry.min.js
www.handsometours.com/wp-content/themes/handsome2011/_js/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.handsometours.com/wp-content/themes/handsome2011/_js/jquery.masonry.min.js
Requested by
Host: www.handsometours.com
URL: https://www.handsometours.com/tours/alvvays-2023/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c910eb1a0ddae795b0896835b89a88e1a276d2f493e1b22d9272acfbd456bbbb

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.handsometours.com/tours/alvvays-2023/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 02:25:22 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
249879
x-wpe-request-id
edbb6bb7205bf0a0dc92741582c0dad2
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 06 Apr 2023 06:46:43 GMT
server
cloudflare
etag
W/"642e6ad3-156b"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4KovyFduptTvd2%2B9bX5BkUkYgiIBLsuLHQcmP25hN%2FbSR63Pz%2BfP6vOIytb8CaMyHY5rpDdAtb0AJqD%2BC%2FHwzwe%2BoLKCYOHy6z4MyKW8sb%2FcTqQuyrD9hMGLkO%2FFAx1ZPv%2Bgnpomow%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7fb824f22da20636-CDG
handsome.min.js
www.handsometours.com/wp-content/themes/handsome2011/_js/ 		569 B
707 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.handsometours.com/wp-content/themes/handsome2011/_js/handsome.min.js
Requested by
Host: www.handsometours.com
URL: https://www.handsometours.com/tours/alvvays-2023/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c2a7c3ecc9e56cdec822e1e8509e4e4c68493bc864800af24754974c67026fd

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.handsometours.com/tours/alvvays-2023/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 02:25:22 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
249879
x-wpe-request-id
ecf79b00829e0e88935285ba7e66b087
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 06 Apr 2023 06:48:03 GMT
server
cloudflare
etag
W/"642e6b23-239"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ML0DJ%2FxF3Zl8BL8qemoGR855aij%2BIBZbI8HwW%2BnLY2vX2d4WJFqNA8vwyDFvpH7GJWXGuIpyXanryF9CkbZn3ND4yOfhkjs93TYthDn29OVrHWcuSirf6QYGFVtmUyzPwYITAGbs8A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7fb824f22da40636-CDG
jquery.flexslider.js
www.handsometours.com/wp-content/themes/handsome2011/_js/flexslider/js/ 		53 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.handsometours.com/wp-content/themes/handsome2011/_js/flexslider/js/jquery.flexslider.js
Requested by
Host: www.handsometours.com
URL: https://www.handsometours.com/tours/alvvays-2023/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c6c8293e02709c803f07fba9cf6667a4daf03a758a403e99cd696a3fcf75209e

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.handsometours.com/tours/alvvays-2023/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 02:25:22 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
249879
x-wpe-request-id
f2f8b90de3bc474da101d5441777eb0d
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 06 Apr 2023 06:41:04 GMT
server
cloudflare
etag
W/"642e6980-d3fd"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BuH0ub%2B7u82hgCI1Vsq%2BhT4puNqkcEJqZtgeRqr2a%2FqTGBAa5SzVeGKnsnHGcH665diBX2lEmNxqFPJfOPP7%2FJF9w2jPTox%2Fof%2B2plsDyRLBSMiCT0aRMtNicp2%2F%2FwanTijfA34O%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7fb824f24db00636-CDG
jquery.easing.js
www.handsometours.com/wp-content/themes/handsome2011/_js/flexslider/js/ 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.handsometours.com/wp-content/themes/handsome2011/_js/flexslider/js/jquery.easing.js
Requested by
Host: www.handsometours.com
URL: https://www.handsometours.com/tours/alvvays-2023/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
cda4b38b39e069aa2813486847385336d428d24a0c67734594116100328774e7

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.handsometours.com/tours/alvvays-2023/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 02:25:22 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
249879
x-wpe-request-id
4f94542e121039099e956c51990b41cf
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 06 Apr 2023 06:53:04 GMT
server
cloudflare
etag
W/"642e6c50-1fa5"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6Xwe%2Bg15n%2F6b8ahHd2QXOTkhBGXlIlOS%2BAVlSHfup5UQ1uis9Gr1lauoXnGX2ToeCkvKJBlKsHw8IgrFui4LM7GsSamA7TDxoUAfFJUmBExWvDeqGAFf5Mvrsr5gS9dEibWA0i6NlQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7fb824f24db10636-CDG
jquery.mousewheel.js
www.handsometours.com/wp-content/themes/handsome2011/_js/flexslider/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.handsometours.com/wp-content/themes/handsome2011/_js/flexslider/js/jquery.mousewheel.js
Requested by
Host: www.handsometours.com
URL: https://www.handsometours.com/tours/alvvays-2023/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
cdbdff46d80b04005fd57facd6a0c73b58da2b0abf21e296be23ece88ac0b278

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.handsometours.com/tours/alvvays-2023/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 02:25:22 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
249879
x-wpe-request-id
2e651cbba41b9fa52dd7c66008f6b074
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 06 Apr 2023 06:44:21 GMT
server
cloudflare
etag
W/"642e6a45-960"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B2kWgIYnn7CD%2BGjq4kMgH53slA1ZhvRmDwGtmp60Mo6ztIvVe4Gtf4to%2Bv66qxldPgpw8hz58BIOK%2F8NiYRwstAfQi8bvkc0WHFJR9XzidDAidFyqjn%2BVhnT%2B0rgP1cyPrc7JrJxlQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7fb824f24db20636-CDG
mof0xck.js
use.typekit.com/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://use.typekit.com/mof0xck.js
Requested by
Host: www.handsometours.com
URL: https://www.handsometours.com/tours/alvvays-2023/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1735:2a43 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
ecbf363c76059629c1a6dc23933ad001316f66a5c371f8a3f961d7c29dc4c7b2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.handsometours.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
date
Thu, 24 Aug 2023 02:25:22 GMT
server
nginx
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
6771
fall2023_instagram_portrait.jpg
www.handsometours.com/wp-content/uploads/2023/08/ 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.handsometours.com/wp-content/uploads/2023/08/fall2023_instagram_portrait.jpg
Requested by
Host: www.handsometours.com
URL: https://www.handsometours.com/tours/alvvays-2023/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
364520f291032e40b53b8ee9f3a487f47bfbacbbbedd5d34740dbc964ff402fb

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.handsometours.com/tours/alvvays-2023/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 02:25:23 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-wpe-request-id
eb36ed661bec44931c7a18157ae3c7a4
alt-svc
h3=":443"; ma=86400
content-length
2054140
last-modified
Wed, 23 Aug 2023 02:14:18 GMT
server
cloudflare
etag
"64e56b7a-1f57fc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XMiwCes1rr8O9fa19gtc8uRS16wCHrCJj9nWLDhsmiwZokewu1lgg7GKTMv0TVTSw%2B9ADWGT3XTngUPno0XIqJV09LXbuzEsFNeipCdYtTt%2Bs4VtWyQ78xUnZm3bHG9IS42aMxNbSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7fb824f30b6401bf-CDG
0.jpg
img.youtube.com/vi/YVJ0ZKYu-GI/ 		35 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.youtube.com/vi/YVJ0ZKYu-GI/0.jpg
Requested by
Host: www.handsometours.com
URL: https://www.handsometours.com/tours/alvvays-2023/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6436d37f4f9948ea5fe6cfa07fa917429755766e7dec87f341243218a2ae9551
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.handsometours.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 02:25:22 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36340
x-xss-protection
0
server
sffe
etag
"1663733550"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 24 Aug 2023 04:25:22 GMT
Brandon_reg.woff
www.handsometours.com/wp-content/themes/handsome2011/webfonts/ 		41 KB
42 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.handsometours.com/wp-content/themes/handsome2011/webfonts/Brandon_reg.woff
Requested by
Host: www.handsometours.com
URL: https://www.handsometours.com/wp-content/themes/handsome2011/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
495212641ae816adee4f48fc28c09f65e9e10c605db631e31eaa257f3f7b92b9

Request headers

Referer
https://www.handsometours.com/wp-content/themes/handsome2011/style.css
Origin
https://www.handsometours.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 02:25:23 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-wpe-request-id
bfe751255a43e119f4f291325371589c
alt-svc
h3=":443"; ma=86400
content-length
42316
last-modified
Thu, 06 Apr 2023 06:52:56 GMT
server
cloudflare
etag
"642e6c48-a54c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n6ck%2BsjJYrtoxwIF%2F6rKe0FhHX7nJ%2BlrJMhljckX3BkPoFGWh1AfSMC8cUgbCgC5plcR0ktFaqwsnijSRVYDP31MLMR5sm2pf3pBwC%2FUQKuJcSN3UrVdiD2J%2FhEeuimF4VjPds2wEg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7fb824f30b6601bf-CDG
ga.js
ssl.google-analytics.com/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: www.handsometours.com
URL: https://www.handsometours.com/tours/alvvays-2023/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.handsometours.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 24 Aug 2023 01:51:38 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
2024
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17168
expires
Thu, 24 Aug 2023 03:51:38 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.handsometours.com
URL: https://www.handsometours.com/tours/alvvays-2023/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.handsometours.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 24 Aug 2023 01:49:43 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
2139
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Thu, 24 Aug 2023 03:49:43 GMT
fbevents.js
connect.facebook.net/en_US/ 		173 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.handsometours.com
URL: https://www.handsometours.com/tours/alvvays-2023/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ec140ae8baa4b61226d96beba9277a0072e45b805004b8ea983c5d43402aeb66
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.handsometours.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 24 Aug 2023 02:25:22 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
47412
x-xss-protection
0
pragma
public
x-fb-debug
C6YBnBZXno2ZUkvvng2nS6gxmZEpaTk+goZu+w9tu0xGl2Xija8n1ZuyF1NFmcCCnGVkoEZskdXbcsuNnLC+Rg==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
gtm.js
www.googletagmanager.com/ 		187 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MKN7LJK
Requested by
Host: www.handsometours.com
URL: https://www.handsometours.com/tours/alvvays-2023/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
eb21dd869563372a1b6bd2bb56056b76ce9dd1dd78c2da11ca81381e0c5a0ef6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.handsometours.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 02:25:22 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
69273
x-xss-protection
0
last-modified
Thu, 24 Aug 2023 00:31:21 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 24 Aug 2023 02:25:22 GMT
MUIFAJQVD_9ay2J16VaE-8l-9b9aEwX6js9MYNcBxlyHkJmAGPW-rDkNdtEtlU0vP_pyH56NnlzmJ_nMetXsO35b4snSx2gpE8cpCt98bJz1rlrOPoh2lDqfsk5Z90pCCsum2A3hhDkcNu890qjHQMgeOUiebLQSHoqgey6HO1cbE0yLo7ZfAXX1tHvcO6wRAuNqq...
4a1fe988.sibforms.com/serve/ Frame F020 		45 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://4a1fe988.sibforms.com/serve/MUIFAJQVD_9ay2J16VaE-8l-9b9aEwX6js9MYNcBxlyHkJmAGPW-rDkNdtEtlU0vP_pyH56NnlzmJ_nMetXsO35b4snSx2gpE8cpCt98bJz1rlrOPoh2lDqfsk5Z90pCCsum2A3hhDkcNu890qjHQMgeOUiebLQSHoqgey6HO1cbE0yLo7ZfAXX1tHvcO6wRAuNqqpm_DcpP1vTa
Requested by
Host: www.handsometours.com
URL: https://www.handsometours.com/tours/alvvays-2023/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:f0c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f332a8f48a5d76d5b2f445740d78e19845565befbb5c6391f2c53f39303cd9ec

Request headers

Referer
https://www.handsometours.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

cache-control
public, s-maxage=300
cf-cache-status
MISS
cf-ray
7fb824f44a9df135-CDG
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 24 Aug 2023 02:25:22 GMT
last-modified
Thu, 24 Aug 2023 02:25:22 GMT
server
cloudflare
traceresponse
00-ef8ee70c1fc2c3a217d6ce81dbbee3bb-96f1f8ec876364c8-01
vary
Origin, Accept-Encoding
x-dt-tracestate
14ea3eee-a07e0240@dt
all.js
connect.facebook.net/en_GB/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_GB/all.js
Requested by
Host: www.handsometours.com
URL: https://www.handsometours.com/tours/alvvays-2023/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c0e0cb3ea7aaf4d964f6922d3b57d6f3495f167b2b115839925c8700fe12663e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.handsometours.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 24 Aug 2023 02:25:22 GMT
content-md5
QJhUESxPHKSLFZpF8MxYEA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1686
x-fb-debug
5O/eC1w563A8Lz0Eucjs5aOEQNiTS401MCCODZ6rUJEwQBL7I1QZpK/O6tf8uYQJrNPUc0tMRs7fwYHfAA4VCw==
x-fb-content-md5
d1a2abced323c1168720996264b4ffe6
cross-origin-opener-policy
same-origin-allow-popups
etag
"785d32fcc73c6eb45b1ab033d950510b"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Thu, 24 Aug 2023 02:33:53 GMT
track.js
secure.gaug.es/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.gaug.es/track.js
Requested by
Host: www.handsometours.com
URL: https://www.handsometours.com/tours/alvvays-2023/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.156.217.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-156-217-215.compute-1.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
df2698e6cf74ed890afa92da10051f880df2ce0b3257b73c5d9ae2f6bea82d3c

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.handsometours.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date
Thu, 24 Aug 2023 02:25:22 GMT
Last-Modified
Tue, 16 Aug 2022 10:33:40 GMT
Server
nginx/1.10.3 (Ubuntu)
ETag
"62fb7284-ef5"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3829
handsome_1435x210.png
www.handsometours.com/wp-content/uploads/2020/10/
Redirect Chain
  • https://handsometours.com/wp-content/uploads/2020/10/handsome_1435x210.png
  • https://www.handsometours.com/wp-content/uploads/2020/10/handsome_1435x210.png
25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.handsometours.com/wp-content/uploads/2020/10/handsome_1435x210.png
Requested by
Host: www.handsometours.com
URL: https://www.handsometours.com/wp-content/themes/handsome2011/style-april15.css
Protocol
H3
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
96f68763e87b81306ca755e51e4a2ea1543bea495bc018ada15c7441fc7584ae

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.handsometours.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 02:25:24 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-wpe-request-id
e3870417f332d44f0340938938237a66
alt-svc
h3=":443"; ma=86400
content-length
25769
last-modified
Thu, 06 Apr 2023 06:52:24 GMT
server
cloudflare
etag
"642e6c28-64a9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zNThBaRJj2oy4%2FrqY%2BuXYBwUi04IRGMwq4yXWWOq94mRTYGg83QmAG%2FrLZwEP%2B3ML4T7WNv2FK0qe4ONb85NqLN7pcxHoOuMNEySFEpeKWo3ADEw%2FaB6usGLcJDHHQFaYgQDpSbykg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7fb824fb9ddc01bf-CDG

Redirect headers

date
Thu, 24 Aug 2023 02:25:23 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BYTPxrslfvSZWyYx%2BPC1xL4tsv5%2BpmCfwHcNtNPMUYpXGrSsNEu1%2Bo1ll5it%2BtpuyQp%2FWl1GzXXoMLx8Np9MlCD1LhDvzKv2H%2FhG4hFzdeA4en1W09x7xNSxeEc%2Be%2F4to1vS"}],"group":"cf-nel","max_age":604800}
x-wpe-request-id
b9713464aed4c01662cf6f81cb8e56f6
location
https://www.handsometours.com/wp-content/uploads/2020/10/handsome_1435x210.png
content-type
text/html
cf-ray
7fb824f45c4803ff-CDG
alt-svc
h3=":443"; ma=86400
content-length
162
Brandon_med.woff
www.handsometours.com/wp-content/themes/handsome2011/webfonts/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.handsometours.com/wp-content/themes/handsome2011/webfonts/Brandon_med.woff
Requested by
Host: www.handsometours.com
URL: https://www.handsometours.com/wp-content/themes/handsome2011/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5663542ff5b0e30d1958762e83a477c02d2184bb45272165c4a64fc83362a55

Request headers

Referer
https://www.handsometours.com/wp-content/themes/handsome2011/style.css
Origin
https://www.handsometours.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 02:25:22 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
279226
x-wpe-request-id
6e808dd483ea5420bdd19bc357e7e689
alt-svc
h3=":443"; ma=86400
content-length
44552
last-modified
Thu, 06 Apr 2023 06:52:15 GMT
server
cloudflare
etag
"642e6c1f-ae08"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=doZV5tdjed12uDIM3EPP3v4EMmUQxYtTrVH%2BsKdd2NK0O6EdrUSrhBf5mbmWm8FW36I7aiZ%2FhwwVL9fkXVhZMr%2BjgpoPZSZLzUKUJ7eDGKc47p3n032DNBzm5R%2Bw0ieThYLz%2FLBCGg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7fb824f40bbc01bf-CDG
Brandon_bld.woff
www.handsometours.com/wp-content/themes/handsome2011/webfonts/ 		43 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.handsometours.com/wp-content/themes/handsome2011/webfonts/Brandon_bld.woff
Requested by
Host: www.handsometours.com
URL: https://www.handsometours.com/wp-content/themes/handsome2011/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
22597172f6d726a750110644b4bb7edb4ba07453fd0c372aedeacc08054b7d30

Request headers

Referer
https://www.handsometours.com/wp-content/themes/handsome2011/style.css
Origin
https://www.handsometours.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 02:25:22 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
279226
x-wpe-request-id
3a862ab7057641bb24a5ae918baed1cf
alt-svc
h3=":443"; ma=86400
content-length
44044
last-modified
Thu, 06 Apr 2023 06:51:32 GMT
server
cloudflare
etag
"642e6bf4-ac0c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8VB7rW9e%2F5i5tnd4J%2F4zdetg4Sj%2BD6%2B40DAopoVPz39prR3HcyymbekMhEZvSBeOz3bNqoiPXx%2F5faYK4t9%2BR23axgJ6AjptqCtRu6QU0EdQ3iDdHo%2F7zHyeq2EWTjTm5vkkUPgyiw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7fb824f40bbd01bf-CDG
Alvvays-By-Eleanor-Petry-1-Square_Under4MB-1000x1000-1-500x500.jpeg
www.handsometours.com/wp-content/uploads/2023/08/ 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.handsometours.com/wp-content/uploads/2023/08/Alvvays-By-Eleanor-Petry-1-Square_Under4MB-1000x1000-1-500x500.jpeg
Requested by
Host: www.handsometours.com
URL: https://www.handsometours.com/tours/alvvays-2023/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c48afde1810c60f153946ac02023c7e08e074d4623af97abb0aa33b23bfb41d

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.handsometours.com/tours/alvvays-2023/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 02:25:23 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-wpe-request-id
8a77e017993dd648470f234207ca197e
alt-svc
h3=":443"; ma=86400
content-length
26923
last-modified
Fri, 11 Aug 2023 00:40:56 GMT
server
cloudflare
etag
"64d58398-692b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b1i6n6r8XWIFpq0cSxN9kGDRj6pOcavn8ombURzpxw55Nvk6DkELgjEXh3ktS93SWHETJU6sQ2ShRhzHkN9XsOP1bjBPXYiqHjErgK5kJEe6IduHfkJig77bSu5RjHPJRddtPOTcog%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7fb824f41bc301bf-CDG
alvv-webres-500x333.jpg
www.handsometours.com/wp-content/uploads/2023/08/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.handsometours.com/wp-content/uploads/2023/08/alvv-webres-500x333.jpg
Requested by
Host: www.handsometours.com
URL: https://www.handsometours.com/tours/alvvays-2023/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
3631457e2f204009f56d48533e6713729e4304cc95b823ada31d171269f483df

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.handsometours.com/tours/alvvays-2023/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 02:25:23 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-wpe-request-id
e2ef71c8d5411763edd2bb9155f05a64
alt-svc
h3=":443"; ma=86400
content-length
24665
last-modified
Fri, 11 Aug 2023 00:42:10 GMT
server
cloudflare
etag
"64d583e2-6059"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R3SBHXJwCpAQGfkcFkR9j8RxZI99dGqCDavnmYG2NR1brnFSu4cIzUphGeDGZqP8n%2FbZvoE%2FYHsI62sADw%2BkauPht7Lamqnqq0Tzi55xKknHFNnqVfwl6bmnZ1Ozci0j3kiR%2Blm7lQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7fb824f41bc401bf-CDG
l
use.typekit.com/af/53f8f6/0000000000000000000132df/27/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.com/af/53f8f6/0000000000000000000132df/27/l?subset_id=2&fvd=n4&v=3
Requested by
Host: www.handsometours.com
URL: https://www.handsometours.com/tours/alvvays-2023/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1735:2a43 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
0f306997a671d3d6e526c1e3f25799df50c350ee04fe992486739a31ff1b625c

Request headers

Referer
https://www.handsometours.com/
Origin
https://www.handsometours.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 02:25:22 GMT
server
nginx
etag
"7ebee0e44143946e9ff896e127a6d874a846395c"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
22380
l
use.typekit.com/af/6dbadf/0000000000000000000132e0/27/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.com/af/6dbadf/0000000000000000000132e0/27/l?subset_id=2&fvd=i4&v=3
Requested by
Host: www.handsometours.com
URL: https://www.handsometours.com/tours/alvvays-2023/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1735:2a43 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
7c4077af61fa4f923f758471be28d79ab1b9da617ec834114386d00362b4f090

Request headers

Referer
https://www.handsometours.com/
Origin
https://www.handsometours.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 02:25:22 GMT
server
nginx
etag
"37979f0bc13bfe5677d2f38cd59026c9f79316b4"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
22424
l
use.typekit.com/af/6286a5/0000000000000000000132e3/27/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.com/af/6286a5/0000000000000000000132e3/27/l?subset_id=2&fvd=n7&v=3
Requested by
Host: www.handsometours.com
URL: https://www.handsometours.com/tours/alvvays-2023/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1735:2a43 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
5507b886b42fdb53545e45ff9b75efa26637ce8472f959d2b27ef6ca8d4154b7

Request headers

Referer
https://www.handsometours.com/
Origin
https://www.handsometours.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 02:25:22 GMT
server
nginx
etag
"fcfb05abd2173276b8ad2ecd69df90a4c1b3852b"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
23156
l
use.typekit.com/af/fd9d02/0000000000000000000132db/27/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.com/af/fd9d02/0000000000000000000132db/27/l?subset_id=2&fvd=n1&v=3
Requested by
Host: www.handsometours.com
URL: https://www.handsometours.com/tours/alvvays-2023/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1735:2a43 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
e1eb5ecbb356d986025b6cd815c134f8228d79dd96fb8e43ab6530c55c36189e

Request headers

Referer
https://www.handsometours.com/
Origin
https://www.handsometours.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 02:25:22 GMT
server
nginx
etag
"c38a4b128d0c014d8acbfdaf0d3a859888cec37d"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
22216
l
use.typekit.com/af/dc987d/0000000000000000000132dd/27/ 		23 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.com/af/dc987d/0000000000000000000132dd/27/l?subset_id=2&fvd=n3&v=3
Requested by
Host: www.handsometours.com
URL: https://www.handsometours.com/tours/alvvays-2023/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1735:2a43 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
8ad2d7e9a374c0e8d5a764200defcbc74b6a47704729afe957602347ac6cdee4

Request headers

Referer
https://www.handsometours.com/
Origin
https://www.handsometours.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 02:25:22 GMT
server
nginx
etag
"a95c65549ea1325743b94b724042b11462cc827b"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
23908
l
use.typekit.com/af/3ce91c/0000000000000000000132e1/27/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.com/af/3ce91c/0000000000000000000132e1/27/l?subset_id=2&fvd=n5&v=3
Requested by
Host: www.handsometours.com
URL: https://www.handsometours.com/tours/alvvays-2023/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1735:2a43 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
57d6f6aef46e0ac469106d23a4e15b5d6472412c17df802bf843d5059b2c400d

Request headers

Referer
https://www.handsometours.com/
Origin
https://www.handsometours.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 02:25:22 GMT
server
nginx
etag
"f223cb489fa19ea4d858d1ddb316c22ccf45b3fe"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
24232
l
use.typekit.com/af/4234e0/0000000000000000000132e5/27/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.com/af/4234e0/0000000000000000000132e5/27/l?subset_id=2&fvd=n9&v=3
Requested by
Host: www.handsometours.com
URL: https://www.handsometours.com/tours/alvvays-2023/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1735:2a43 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
66b68c30af40ed72d912aacea556275b0f67e29a420486abd85966e5822df207

Request headers

Referer
https://www.handsometours.com/
Origin
https://www.handsometours.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 02:25:22 GMT
server
nginx
etag
"feb6e77d34dda3da42fab2d9d9f9bf73db087124"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
24292
all.js
connect.facebook.net/en_GB/ 		309 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_GB/all.js?hash=2155de760cbe7875fa3dce54c6e4273a
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_GB/all.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f940aaeaf2d7bbe58d76a368931e1a4392ffc7d8aa0a2f703d93b59d7ab55691
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.handsometours.com/
Origin
https://www.handsometours.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 24 Aug 2023 02:25:22 GMT
content-md5
IC4jYiyFoZxCwsF5+0CN8A==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
88689
x-fb-debug
iJIOUOG1lwwbz4PWrvbJs1ngyQvdZ0TnxAGs1RNZq7Rw3rE7sUhosPk7R6j4wRnfZX8LhvlyjOj8gHEJfQOOuQ==
x-fb-content-md5
037e5319d38f1df65382981648d12fdb
cross-origin-opener-policy
same-origin-allow-popups
etag
"051af32da6aed465daf82ef725a59ccb"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
priority
u=3,i
expires
Fri, 23 Aug 2024 01:47:10 GMT
__utm.gif
ssl.google-analytics.com/r/ 		35 B
197 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=621209746&utmhn=www.handsometours.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=ALVVAYS%20%C2%B7%20Handsome%20Tours&utmhid=1205119599&utmr=https%3A%2F%2F4ufol.r.ag.d.sendibm3.com%2F&utmp=%2Ftours%2Falvvays-2023%2F&utmht=1692843922656&utmac=UA-40992066-1&utmcc=__utma%3D108133403.581243158.1692843923.1692843923.1692843923.1%3B%2B__utmz%3D108133403.1692843923.1.1.utmcsr%3D4ufol.r.ag.d.sendibm3.com%7Cutmccn%3D(referral)%7Cutmcmd%3Dreferral%7Cutmcct%3D%2F%3B&utmjid=735310991&utmredir=1&utmu=qBAAAAAAAAAAAAAAAAAAAAAE~
Requested by
Host: www.handsometours.com
URL: https://www.handsometours.com/tours/alvvays-2023/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.handsometours.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Aug 2023 02:25:22 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		15 B
225 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1205119599&t=pageview&_s=1&dl=https%3A%2F%2Fwww.handsometours.com%2Ftours%2Falvvays-2023%2F&dr=https%3A%2F%2F4ufol.r.ag.d.sendibm3.com%2F&ul=en-us&de=UTF-8&dt=ALVVAYS%20%C2%B7%20Handsome%20Tours&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_utma=108133403.581243158.1692843923.1692843923.1692843923.1&_utmz=108133403.1692843923.1.1.utmcsr%3D4ufol.r.ag.d.sendibm3.com%7Cutmccn%3D(referral)%7Cutmcmd%3Dreferral%7Cutmcct%3D%2F&_utmht=1692843922673&_u=IQBCAAABAAAAACAAI~&jid=2133873861&gjid=759118038&cid=581243158.1692843923&tid=UA-40992066-3&_gid=846611317.1692843923&_r=1&_slc=1&z=1980023160
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
c1300836e60f471951932534ed16c16bdacc2fa188832e3fa63dacf46b46c1fd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.handsometours.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 24 Aug 2023 02:25:22 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.handsometours.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15
expires
Fri, 01 Jan 1990 00:00:00 GMT
1606538049622299
connect.facebook.net/signals/config/ 		136 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1606538049622299?v=2.9.124&r=stable&domain=www.handsometours.com
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
50ffe7e6da3299a6e46b8fe163bf8b33528ac26309f810d3ad6dc6179a6648b3
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.handsometours.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 24 Aug 2023 02:25:22 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
2PC5TsajqCG80x/7Nz34QsMfhrFb21C+KZecdjNwanOMzmE0ng9X5QaAftcRLV5pCpF+9zGqq+vvhQ+7YugIcQ==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
www.google-analytics.com/j/ 		16 B
36 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1205119599&t=pageview&_s=1&dl=https%3A%2F%2Fwww.handsometours.com%2Ftours%2Falvvays-2023%2F&dr=https%3A%2F%2F4ufol.r.ag.d.sendibm3.com%2F&ul=en-us&de=UTF-8&dt=ALVVAYS%20%C2%B7%20Handsome%20Tours&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_utma=108133403.581243158.1692843923.1692843923.1692843923.1&_utmz=108133403.1692843923.1.1.utmcsr%3D4ufol.r.ag.d.sendibm3.com%7Cutmccn%3D(referral)%7Cutmcmd%3Dreferral%7Cutmcct%3D%2F&_utmht=1692843922727&_u=aSDCCEABBAAAACAAI~&jid=2097633926&gjid=1470324706&cid=581243158.1692843923&tid=UA-102616678-9&_gid=846611317.1692843923&_r=1&_slc=1&gtm=45He38l0n81MKN7LJK&z=2007900627
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2406263603181158bb23ef2ba4c917a1e6f600fbb26f7b980d4e1890f11b673a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.handsometours.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 24 Aug 2023 02:25:22 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.handsometours.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
expires
Fri, 01 Jan 1990 00:00:00 GMT
uwt.js
static.ads-twitter.com/ 		56 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKN7LJK
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.116.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.handsometours.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 02:25:22 GMT
content-encoding
gzip
last-modified
Thu, 27 Oct 2022 16:56:53 GMT
etag
"32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary
Accept-Encoding,Host
x-cache
HIT, HIT
content-type
application/javascript; charset=utf-8
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn
FT
cache-control
no-cache
accept-ranges
bytes
content-length
15375
x-served-by
cache-iad-kjyo7100081-IAD, cache-fra-eddf8230059-FRA
roundtrip.js
s.adroll.com/j/ 		75 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/roundtrip.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKN7LJK
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:d000:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0e7ad47a4bc6ddbb17cb8cbe6167dae4717d0b5962a1d63de2e93e6dc201b9e8

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.handsometours.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

X-Amz-Version-Id
2W0nFhLgp3U9gUvvEzXT9GuNEpd6A6yg
Content-Encoding
gzip
Via
1.1 d91961fd00a0c4f7aae668984dcb62a8.cloudfront.net (CloudFront)
Date
Thu, 24 Aug 2023 01:45:19 GMT
Age
2683
X-Amz-Cf-Pop
AMS1-C1
X-Amz-Server-Side-Encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Thu, 03 Aug 2023 19:17:31 GMT
Server
AmazonS3
Etag
W/"67e54a60303cfbf4c3b977aa390ad408"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600, must-revalidate
Access-Control-Allow-Credentials
false
Access-Control-Max-Age
600
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
1ByBad_Qvg8LWxvxLcTMw42O9OPMRqWV4s0K3mbYLFO9OE1MO6ZXAw==
js
www.googletagmanager.com/gtag/ 		233 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-78PKM1TK3D&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
49db7cfbc17e98d07a437318473759332f9dbeb1806e4649d131a31d62d92fcd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.handsometours.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 02:25:22 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
83281
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 24 Aug 2023 02:25:22 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
350 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-102616678-9&cid=581243158.1692843923&jid=2097633926&gjid=1470324706&_gid=846611317.1692843923&_u=aSDCCEABBAAAACAAI~&z=2052707233
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.handsometours.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Thu, 24 Aug 2023 02:25:22 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.handsometours.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		220 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-3L3K8YMH6S&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
22666b0468f6a0ed2031e7c3d0353c83820da04a03caabe743e19d26ae2b05f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.handsometours.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 02:25:22 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
80521
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 24 Aug 2023 02:25:22 GMT
p.gif
p.typekit.net/ 		35 B
205 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.typekit.net/p.gif?s=1&k=mof0xck&ht=tk&h=www.handsometours.com&f=10294.10295.10296.10298.10300.10302.10304&a=292115&js=1.21.0&app=typekit&e=js&_=1692843922764
Requested by
Host: www.handsometours.com
URL: https://www.handsometours.com/tours/alvvays-2023/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1735:2a28 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.handsometours.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 02:25:22 GMT
last-modified
Sat, 09 Oct 2021 02:10:03 GMT
server
nginx
etag
"6160f9fb-23"
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
35
sib-styles.css
sibforms.com/forms/end-form/build/ Frame F020 		51 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sibforms.com/forms/end-form/build/sib-styles.css
Requested by
Host: 4a1fe988.sibforms.com
URL: https://4a1fe988.sibforms.com/serve/MUIFAJQVD_9ay2J16VaE-8l-9b9aEwX6js9MYNcBxlyHkJmAGPW-rDkNdtEtlU0vP_pyH56NnlzmJ_nMetXsO35b4snSx2gpE8cpCt98bJz1rlrOPoh2lDqfsk5Z90pCCsum2A3hhDkcNu890qjHQMgeOUiebLQSHoqgey6HO1cbE0yLo7ZfAXX1tHvcO6wRAuNqqpm_DcpP1vTa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:f0c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2861c55ac45f35801e12d5e512af7a02da63607e60ba52f0b55ea44e99f0e6f

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://4a1fe988.sibforms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 02:25:22 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 20 Jun 2023 06:29:34 GMT
server
cloudflare
age
7082
etag
W/"6491474e-cc86"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=14400
cf-ray
7fb824f5db3bf135-CDG
expires
Thu, 24 Aug 2023 06:25:22 GMT
email-decode.min.js
4a1fe988.sibforms.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ Frame F020 		1 KB
860 B 		Script
General
Check archive.org
Download Go to
Full URL
https://4a1fe988.sibforms.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: 4a1fe988.sibforms.com
URL: https://4a1fe988.sibforms.com/serve/MUIFAJQVD_9ay2J16VaE-8l-9b9aEwX6js9MYNcBxlyHkJmAGPW-rDkNdtEtlU0vP_pyH56NnlzmJ_nMetXsO35b4snSx2gpE8cpCt98bJz1rlrOPoh2lDqfsk5Z90pCCsum2A3hhDkcNu890qjHQMgeOUiebLQSHoqgey6HO1cbE0yLo7ZfAXX1tHvcO6wRAuNqqpm_DcpP1vTa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:f0c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://4a1fe988.sibforms.com/serve/MUIFAJQVD_9ay2J16VaE-8l-9b9aEwX6js9MYNcBxlyHkJmAGPW-rDkNdtEtlU0vP_pyH56NnlzmJ_nMetXsO35b4snSx2gpE8cpCt98bJz1rlrOPoh2lDqfsk5Z90pCCsum2A3hhDkcNu890qjHQMgeOUiebLQSHoqgey6HO1cbE0yLo7ZfAXX1tHvcO6wRAuNqqpm_DcpP1vTa
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 02:25:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 21 Aug 2023 15:15:55 GMT
server
cloudflare
etag
W/"64e37fab-4d7"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=172800, public
cf-ray
7fb824f5db35f135-CDG
expires
Sat, 26 Aug 2023 02:25:22 GMT
main.js
sibforms.com/forms/end-form/build/ Frame F020 		477 KB
139 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sibforms.com/forms/end-form/build/main.js
Requested by
Host: 4a1fe988.sibforms.com
URL: https://4a1fe988.sibforms.com/serve/MUIFAJQVD_9ay2J16VaE-8l-9b9aEwX6js9MYNcBxlyHkJmAGPW-rDkNdtEtlU0vP_pyH56NnlzmJ_nMetXsO35b4snSx2gpE8cpCt98bJz1rlrOPoh2lDqfsk5Z90pCCsum2A3hhDkcNu890qjHQMgeOUiebLQSHoqgey6HO1cbE0yLo7ZfAXX1tHvcO6wRAuNqqpm_DcpP1vTa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:f0c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
00a2f019ff12d85bdb87f2e49e55a0af401ae8dc76976ea7aa861ca5468dac90

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://4a1fe988.sibforms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 02:25:22 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 20 Jun 2023 06:29:34 GMT
server
cloudflare
age
4452
etag
W/"6491474e-77207"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=14400
cf-ray
7fb824f5eb40f135-CDG
expires
Thu, 24 Aug 2023 06:25:22 GMT
collect
region1.google-analytics.com/g/ 		0
258 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-78PKM1TK3D&gtm=45je38l0&_p=1205119599&ul=en-us&sr=1600x1200&cid=581243158.1692843923&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=ABAI&ngs=1&_s=1&dl=https%3A%2F%2Fwww.handsometours.com%2Ftours%2Falvvays-2023%2F&dr=https%3A%2F%2F4ufol.r.ag.d.sendibm3.com%2F&dt=ALVVAYS%20%C2%B7%20Handsome%20Tours&sid=1692843922&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-78PKM1TK3D&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.handsometours.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Aug 2023 02:25:22 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.handsometours.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-3L3K8YMH6S&gtm=45je38l0&_p=1205119599&ul=en-us&sr=1600x1200&cid=581243158.1692843923&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=ABAI&_s=1&dl=https%3A%2F%2Fwww.handsometours.com%2Ftours%2Falvvays-2023%2F&dr=https%3A%2F%2F4ufol.r.ag.d.sendibm3.com%2F&dt=ALVVAYS%20%C2%B7%20Handsome%20Tours&sid=1692843922&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3L3K8YMH6S&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.handsometours.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Aug 2023 02:25:22 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.handsometours.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adsct
t.co/i/ 		43 B
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?bci=3&eci=2&event_id=a235eeae-cb74-40cb-858a-e4c4b73a687a&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=b1fa2c7f-016f-49d0-b0bc-9cda02c7df97&tw_document_href=https%3A%2F%2Fwww.handsometours.com%2Ftours%2Falvvays-2023%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o2ri2&type=javascript&version=2.3.29
Requested by
Host: www.handsometours.com
URL: https://www.handsometours.com/tours/alvvays-2023/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.197 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_f /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.handsometours.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-response-time
99
date
Thu, 24 Aug 2023 02:25:22 GMT
strict-transport-security
max-age=0
server
tsa_f
content-type
image/gif;charset=utf-8
x-transaction-id
8ddb674cf14e1bc7
cache-control
no-cache, no-store, max-age=0
perf
7626143928
x-connection-hash
f37b53226837c78c164ff89182707021a2bc5422df64a9fa6e84cf8d34b87889
content-length
43
adsct
analytics.twitter.com/i/ 		43 B
396 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=a235eeae-cb74-40cb-858a-e4c4b73a687a&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=b1fa2c7f-016f-49d0-b0bc-9cda02c7df97&tw_document_href=https%3A%2F%2Fwww.handsometours.com%2Ftours%2Falvvays-2023%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o2ri2&type=javascript&version=2.3.29
Requested by
Host: www.handsometours.com
URL: https://www.handsometours.com/tours/alvvays-2023/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.131 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_f /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.handsometours.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-response-time
169
date
Thu, 24 Aug 2023 02:25:23 GMT
strict-transport-security
max-age=631138519
server
tsa_f
content-type
image/gif;charset=utf-8
x-transaction-id
988f183aa4552d09
cache-control
no-cache, no-store, max-age=0
perf
7626143928
x-connection-hash
6266e97fbf7f00d3f3d9e6d301c4a4cb3a1993bef66451677f783317cb8c870e
content-length
43
index.js
s.adroll.com/j/exp/
Redirect Chain
  • https://s.adroll.com/j/exp/IATAQV6RFRD3RD6IINUCI7/index.js
  • https://s.adroll.com/j/exp/index.js
28 B
761 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/exp/index.js
Requested by
Host: www.handsometours.com
URL: https://www.handsometours.com/tours/alvvays-2023/
Protocol
HTTP/1.1
Server
2600:9000:2104:d000:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.handsometours.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date
Wed, 23 Aug 2023 03:02:11 GMT
X-Amz-Version-Id
e6mCeG7.PAM9gYrIJBIXJohubS3UVCEK
Via
1.1 d91961fd00a0c4f7aae668984dcb62a8.cloudfront.net (CloudFront)
Age
84192
X-Amz-Cf-Pop
AMS1-C1
X-Amz-Server-Side-Encryption
AES256
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
28
Last-Modified
Thu, 03 Aug 2023 18:30:18 GMT
Server
AmazonS3
Etag
"5816cced8568d223aa09d889f300692b"
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
i7Gd_dX-9AZFABMBWMwNmhxFEA9YbKpPVm-ShvJXCXtt5ETno5GLkA==

Redirect headers

Date
Wed, 23 Aug 2023 04:00:54 GMT
Via
1.1 d91961fd00a0c4f7aae668984dcb62a8.cloudfront.net (CloudFront)
Age
80667
X-Amz-Cf-Pop
AMS1-C1
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
0
Server
AmazonS3
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
application/xml
Location
https://s.adroll.com/j/exp/index.js
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
8-vOo9r2FnF0P7noDPW2MkRzeBIsXYE6jSz2jU1CxFyDDkpWaEnTuQ==
index.js
s.adroll.com/j/pre/
Redirect Chain
  • https://s.adroll.com/j/pre/IATAQV6RFRD3RD6IINUCI7/TYRKWCWG3JBE5GJ7Z5OFHQ/fpconsent.js
  • https://s.adroll.com/j/pre/index.js
0
732 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/pre/index.js
Requested by
Host: www.handsometours.com
URL: https://www.handsometours.com/tours/alvvays-2023/
Protocol
HTTP/1.1
Server
2600:9000:2104:d000:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.handsometours.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date
Wed, 23 Aug 2023 03:02:30 GMT
X-Amz-Version-Id
nQEe8wQ7h0ROt7P4GJfDfstto6x684Hy
Via
1.1 a31e887359e681523a84a0d401a4fe7c.cloudfront.net (CloudFront)
Age
84173
X-Amz-Cf-Pop
AMS1-C1
X-Amz-Server-Side-Encryption
AES256
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
0
Last-Modified
Wed, 15 Jan 2020 23:54:18 GMT
Server
AmazonS3
Etag
"d41d8cd98f00b204e9800998ecf8427e"
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
Y5r_4-NBD6aBGrNqMwLTteVbygy4KxH-SY8qCiIq7hP-wyse8TF4Mw==

Redirect headers

Date
Wed, 23 Aug 2023 04:00:54 GMT
Via
1.1 d91961fd00a0c4f7aae668984dcb62a8.cloudfront.net (CloudFront)
Age
80667
X-Amz-Cf-Pop
AMS1-C1
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
0
Server
AmazonS3
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
application/xml
Location
https://s.adroll.com/j/pre/index.js
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
z6OhKMasPU0IGPYHk-RNoPTMKgLcYA8EiNAVfH7KEf0JBmiZ3mWX5Q==
index.js
s.adroll.com/j/pre/IATAQV6RFRD3RD6IINUCI7/TYRKWCWG3JBE5GJ7Z5OFHQ/ 		0
804 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/pre/IATAQV6RFRD3RD6IINUCI7/TYRKWCWG3JBE5GJ7Z5OFHQ/index.js
Requested by
Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:d000:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.handsometours.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

X-Amz-Version-Id
ptps5eOlenB.k9JxU4xNT4DFNmJt8CTP
Date
Thu, 24 Aug 2023 02:25:24 GMT
Via
1.1 38785d3727bf0cfa7ca4399bb481ee5a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
AMS1-C1
X-Amz-Server-Side-Encryption
AES256
X-Cache
RefreshHit from cloudfront
Connection
keep-alive
Content-Length
0
Last-Modified
Tue, 22 Aug 2023 11:35:10 GMT
Server
AmazonS3
Etag
"d41d8cd98f00b204e9800998ecf8427e"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600, must-revalidate
Access-Control-Allow-Credentials
false
Access-Control-Max-Age
600
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
5jcWTojgXWHW0qvHDv7j7tPjHMhkEY-Oh664zmZQCjSZieLHCk6tpw==
1641111046128861
connect.facebook.net/signals/config/ 		307 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1641111046128861?v=2.9.124&r=stable&domain=www.handsometours.com
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
6ae0a5fcb3c029180c261ba3ddb6d80a80ab3dc5d040f88037a1ee0573ff8c58
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.handsometours.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 24 Aug 2023 02:25:23 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
NgkO1gtJxnZ9URYtAT2JYTmDMQzQSDHhkyJj6Mw8XeUkbwwZNAxWbcvyKVUsa4/FFnx9/NBy2MNgYmZDiPBuCw==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1606538049622299&ev=PageView&dl=https%3A%2F%2Fwww.handsometours.com%2Ftours%2Falvvays-2023%2F&rl=https%3A%2F%2F4ufol.r.ag.d.sendibm3.com%2F&if=false&ts=1692843922907&sw=1600&sh=1200&v=2.9.124&r=stable&ec=0&o=30&fbp=fb.1.1692843922905.1724681788&cs_est=true&it=1692843922700&coo=false&rqm=GET
Requested by
Host: www.handsometours.com
URL: https://www.handsometours.com/tours/alvvays-2023/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.handsometours.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 24 Aug 2023 02:25:22 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
7529907e9eaf8ebb5220c5f9850e3811.woff2
assets.brevo.com/font/Roboto/Latin/normal/normal/ Frame F020 		14 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.brevo.com/font/Roboto/Latin/normal/normal/7529907e9eaf8ebb5220c5f9850e3811.woff2
Requested by
Host: 4a1fe988.sibforms.com
URL: https://4a1fe988.sibforms.com/serve/MUIFAJQVD_9ay2J16VaE-8l-9b9aEwX6js9MYNcBxlyHkJmAGPW-rDkNdtEtlU0vP_pyH56NnlzmJ_nMetXsO35b4snSx2gpE8cpCt98bJz1rlrOPoh2lDqfsk5Z90pCCsum2A3hhDkcNu890qjHQMgeOUiebLQSHoqgey6HO1cbE0yLo7ZfAXX1tHvcO6wRAuNqqpm_DcpP1vTa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:26d8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e92b5e0133f0825ff255fc25b29669eb647b5ed127154841f37a10a85beccf55

Request headers

Referer
https://4a1fe988.sibforms.com/
Origin
https://4a1fe988.sibforms.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 02:25:23 GMT
via
1.1 google
cf-cache-status
MISS
x-amz-request-id
ETNC4AXT0K3EXE2C
x-amz-server-side-encryption
AES256
content-length
14752
x-amz-id-2
aNdihHemv92TJvidXKG5TxFu4lDuuIJrUerHrZuYQRX0fuon9lfSnTvp+Ev9is0uO5yoNzvMkRc=
last-modified
Wed, 01 Feb 2023 09:28:53 GMT
server
cloudflare
etag
"7529907e9eaf8ebb5220c5f9850e3811"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
7fb824f65d80f09f-CDG
expires
Sun, 21 Aug 2033 02:25:23 GMT
truncated
/ Frame F020 		194 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
66c6eed020aa2b09e3c9f6a1e441235b309a6710929259d56f9703ba946747d1

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
3ef7cf158f310cf752d5ad08cd0e7e60.woff2
assets.brevo.com/font/Roboto/Latin/bold/normal/ Frame F020 		14 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.brevo.com/font/Roboto/Latin/bold/normal/3ef7cf158f310cf752d5ad08cd0e7e60.woff2
Requested by
Host: 4a1fe988.sibforms.com
URL: https://4a1fe988.sibforms.com/serve/MUIFAJQVD_9ay2J16VaE-8l-9b9aEwX6js9MYNcBxlyHkJmAGPW-rDkNdtEtlU0vP_pyH56NnlzmJ_nMetXsO35b4snSx2gpE8cpCt98bJz1rlrOPoh2lDqfsk5Z90pCCsum2A3hhDkcNu890qjHQMgeOUiebLQSHoqgey6HO1cbE0yLo7ZfAXX1tHvcO6wRAuNqqpm_DcpP1vTa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:26d8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8bcd8e98ed1ed963767e9cd500a484a80cee1a99caf7038ff0a8d931ab5d003b

Request headers

Referer
https://4a1fe988.sibforms.com/
Origin
https://4a1fe988.sibforms.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 02:25:23 GMT
via
1.1 google
cf-cache-status
MISS
x-amz-request-id
ETN4H3V12BA0JKY5
x-amz-server-side-encryption
AES256
content-length
14752
x-amz-id-2
whFoke13tg0MZP2NaAvIi1wjIsgPuGYNlRgGwR1vP6oAuFJcLoeXFbuHQUMTBOsTRGsk5xDKA5Y=
last-modified
Wed, 01 Feb 2023 09:28:53 GMT
server
cloudflare
etag
"3ef7cf158f310cf752d5ad08cd0e7e60"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
7fb824f65d81f09f-CDG
expires
Sun, 21 Aug 2033 02:25:23 GMT
elastic-apm-rum.umd.min.js
sibforms.com/forms/end-form/ Frame F020 		58 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sibforms.com/forms/end-form/elastic-apm-rum.umd.min.js
Requested by
Host: 4a1fe988.sibforms.com
URL: https://4a1fe988.sibforms.com/serve/MUIFAJQVD_9ay2J16VaE-8l-9b9aEwX6js9MYNcBxlyHkJmAGPW-rDkNdtEtlU0vP_pyH56NnlzmJ_nMetXsO35b4snSx2gpE8cpCt98bJz1rlrOPoh2lDqfsk5Z90pCCsum2A3hhDkcNu890qjHQMgeOUiebLQSHoqgey6HO1cbE0yLo7ZfAXX1tHvcO6wRAuNqqpm_DcpP1vTa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:f0c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a572de592a0e3abc43227fee637abc8367628fb98eed4a35982a2be6a5ea8c7f

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://4a1fe988.sibforms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 02:25:22 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 05 Jul 2022 10:19:44 GMT
server
cloudflare
age
5897
etag
W/"62c41040-e6c5"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=14400
cf-ray
7fb824f67b8bf135-CDG
expires
Thu, 24 Aug 2023 06:25:22 GMT
countries.json
static.brevo.com/js/ Frame F020 		14 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://static.brevo.com/js/countries.json
Requested by
Host: sibforms.com
URL: https://sibforms.com/forms/end-form/build/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:26d8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a38d62cf17bc6477962fd6f2101c9a3b87bf9cd1ee5206ea95aa76e149a4cc79

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://4a1fe988.sibforms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 02:25:23 GMT
content-encoding
gzip
via
1.1 google
cf-cache-status
MISS
x-amz-request-id
ETN5ZT76NY1S3FYS
x-amz-id-2
iItYTGNAmpUOpkV89TcTkzr124iTN9Hvlbl9yATGErV+9D+DIiwG008jILlDBpPavHTjY9QT9G4=
last-modified
Tue, 29 Nov 2022 09:23:09 GMT
server
cloudflare
etag
W/"ae944dbcadf2db5473b8f4f497e9d5f3"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=28800
cf-apo-via
origin,host
cf-ray
7fb824f6cdb0f09f-CDG
expires
Thu, 24 Aug 2023 10:25:23 GMT
track.gif
secure.gaug.es/ 		35 B
389 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.gaug.es/track.gif?h[site_id]=4eddc881613f5d5139000003&h[resource]=https%3A%2F%2Fwww.handsometours.com%2Ftours%2Falvvays-2023%2F&h[referrer]=https%3A%2F%2F4ufol.r.ag.d.sendibm3.com%2F&h[title]=ALVVAYS%20%C2%B7%20Handsome%20Tours&h[user_agent]=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F116.0.5845.110%20Safari%2F537.36&h[unique]=1&h[unique_hour]=1&h[unique_day]=1&h[unique_month]=1&h[unique_year]=1&h[screenx]=1600&h[browserx]=1600&h[browsery]=1200&timestamp=1692843922993
Requested by
Host: www.handsometours.com
URL: https://www.handsometours.com/tours/alvvays-2023/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.156.217.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-156-217-215.compute-1.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.handsometours.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 24 Aug 2023 02:25:23 GMT
X-Content-Type-Options
nosniff
Last-Modified
Thu, 24 Aug 2023 02:25:23 GMT
Server
nginx/1.10.3 (Ubuntu)
Content-Type
image/gif
Cache-Control
no-store, no-cache, must-revalidate, private
Connection
keep-alive
Content-Length
35
Expires
Sat, 25 Nov 2000 05:00:00 GMT
IATAQV6RFRD3RD6IINUCI7
d.adroll.com/consent/check/ 		501 B
594 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d.adroll.com/consent/check/IATAQV6RFRD3RD6IINUCI7?pv=1624347289.1651177&arrfrr=https%3A%2F%2Fwww.handsometours.com%2Ftours%2Falvvays-2023%2F&_s=c1bb2d73589f17a039bbe8eb13844402&_b=2
Requested by
Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:cc3:fe05:9f63:e63d:b5d3:4662 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.22.1 /
Resource Hash
79302a6726541d15c79491059f383bf5e753bcdea7571c5e9026d53d99229cf0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.handsometours.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 02:25:23 GMT
server
nginx/1.22.1
content-length
501
content-type
application/javascript
/
www.facebook.com/tr/ 		0
54 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1641111046128861&ev=PageView&dl=https%3A%2F%2Fwww.handsometours.com%2Ftours%2Falvvays-2023%2F&rl=https%3A%2F%2F4ufol.r.ag.d.sendibm3.com%2F&if=false&ts=1692843923114&sw=1600&sh=1200&v=2.9.124&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1692843922905.1724681788&it=1692843922700&coo=false&rqm=GET
Requested by
Host: www.handsometours.com
URL: https://www.handsometours.com/tours/alvvays-2023/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.handsometours.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 24 Aug 2023 02:25:23 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
flags.png
static.brevo.com/images/ Frame F020 		104 KB
105 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.brevo.com/images/flags.png
Requested by
Host: sibforms.com
URL: https://sibforms.com/forms/end-form/build/sib-styles.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:26d8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9afd9079d58ceee9fd02b63373b2d17173d6f2372e2c03b83de96b4f60ccd113

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://sibforms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 02:25:23 GMT
via
1.1 google
cf-cache-status
HIT
x-amz-request-id
521CXX3F1YX4KQDR
age
48817
cf-polished
origSize=109573
content-length
106547
x-amz-id-2
h6pRp1nS2rAa3i1fIRchhoCrWiAJ+iVe7poy+ML0cUD/4tZ0YkQL0A7+lsdYGgmpq+ZoiDvYqss=
cf-bgj
imgq:100,h2pri
last-modified
Mon, 24 Feb 2020 12:45:10 GMT
server
cloudflare
etag
"7388ec2dca8595d1031e7809ed795b61"
vary
Accept, Accept-Encoding
content-type
image/png
cache-control
public, max-age=28800
accept-ranges
bytes
cf-ray
7fb824f83e57229d-CDG
expires
Thu, 24 Aug 2023 10:25:23 GMT
events
596808a16dec4fc39413bf34b0a70240.apm.eu-west-1.aws.cloud.es.io/intake/v2/rum/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://596808a16dec4fc39413bf34b0a70240.apm.eu-west-1.aws.cloud.es.io/intake/v2/rum/events
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.33.254.192 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-33-254-192.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-encoding,content-type
Access-Control-Request-Method
POST
Origin
https://4a1fe988.sibforms.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

access-control-allow-headers
Content-Type, Content-Encoding, Accept
access-control-allow-methods
POST, OPTIONS
access-control-allow-origin
https://4a1fe988.sibforms.com
access-control-expose-headers
Etag
access-control-max-age
3600
content-length
0
date
Thu, 24 Aug 2023 02:25:23 GMT
vary
Origin
x-cloud-request-id
Q7YdGDK3R7q-i3qPVEqXOA
x-content-type-options
nosniff
x-found-handling-cluster
596808a16dec4fc39413bf34b0a70240
x-found-handling-instance
instance-0000000016
events
596808a16dec4fc39413bf34b0a70240.apm.eu-west-1.aws.cloud.es.io/intake/v2/rum/ Frame F020 		0
40 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://596808a16dec4fc39413bf34b0a70240.apm.eu-west-1.aws.cloud.es.io/intake/v2/rum/events
Requested by
Host: sibforms.com
URL: https://sibforms.com/forms/end-form/elastic-apm-rum.umd.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.33.254.192 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-33-254-192.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Content-Encoding
gzip
Referer
https://4a1fe988.sibforms.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type
application/x-ndjson

Response headers

access-control-allow-origin
https://4a1fe988.sibforms.com
date
Thu, 24 Aug 2023 02:25:23 GMT
x-cloud-request-id
pCWoAZJBQzmw0KVowb8vbA
x-content-type-options
nosniff
x-found-handling-instance
instance-0000000016
x-found-handling-cluster
596808a16dec4fc39413bf34b0a70240
content-length
0
/
www.facebook.com/tr/ 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1606538049622299&ev=Microdata&dl=https%3A%2F%2Fwww.handsometours.com%2Ftours%2Falvvays-2023%2F&rl=https%3A%2F%2F4ufol.r.ag.d.sendibm3.com%2F&if=false&ts=1692843924413&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22ALVVAYS%20%C2%B7%20Handsome%20Tours%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.124&r=stable&ec=1&o=30&fbp=fb.1.1692843922905.1724681788&it=1692843922700&coo=false&es=automatic&tm=3&rqm=GET
Requested by
Host: www.handsometours.com
URL: https://www.handsometours.com/tours/alvvays-2023/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.handsometours.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 24 Aug 2023 02:25:24 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i
/
www.facebook.com/tr/ 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1641111046128861&ev=Microdata&dl=https%3A%2F%2Fwww.handsometours.com%2Ftours%2Falvvays-2023%2F&rl=https%3A%2F%2F4ufol.r.ag.d.sendibm3.com%2F&if=false&ts=1692843924616&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22ALVVAYS%20%C2%B7%20Handsome%20Tours%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.124&r=stable&a=tmgoogletagmanager&ec=1&o=30&fbp=fb.1.1692843922905.1724681788&it=1692843922700&coo=false&es=automatic&tm=3&rqm=GET
Requested by
Host: www.handsometours.com
URL: https://www.handsometours.com/tours/alvvays-2023/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.handsometours.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 24 Aug 2023 02:25:24 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i
like.php
www.facebook.com/plugins/ Frame ABC6 		0
102 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/like.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df246d84314ea6b4%26domain%3Dwww.handsometours.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.handsometours.com%252Ff1ecfbfbffa91e4%26relation%3Dparent.parent&container_width=300&href=http%3A%2F%2Fwww.facebook.com%2FHandsomeTours&locale=en_GB&sdk=joey&send=false&show_faces=true&width=328
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_GB/all.js?hash=2155de760cbe7875fa3dce54c6e4273a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.handsometours.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-length
0
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html;charset=utf-8
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 24 Aug 2023 02:25:25 GMT
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
priority
u=0,i
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-content-type-options
nosniff
x-fb-debug
Dx2VndIiUvip+nOgMvbbvRxlabSLIySeguVJtUINgXbqDLZv0foX5Mpheet0ZKaMR44ZbtXQGzpwOBjA1bMHVw==
x-xss-protection
0

Verdicts & Comments Add Verdict or Comment

49 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| documentPictureInPicture object| Modernizr function| $ function| jQuery object| swfobject object| jQuery16309405328559629373 object| vvqflashvars object| vvqparams object| vvqattributes string| vvqexpressinstall object| Typekit object| _gaq string| GoogleAnalyticsObject function| ga function| fbq function| _fbq object| dataLayer object| _gauges object| FB object| _gat object| gaGlobal object| google_tag_data object| gaplugins object| gaData object| google_tag_manager function| twq string| adroll_adv_id string| adroll_pix_id boolean| __adroll_loaded object| __buffer object| regeneratorRuntime object| twttr string| adroll_sid object| adroll object| __adroll boolean| adroll_optout object| adroll_loaded object| adroll_ext_network object| adroll_callbacks function| adroll_tpc_callback object| adroll_exp_list object| __adroll_consent_data boolean| __adroll_consent boolean| __adroll_consent_is_gdpr string| __adroll_consent_user_country string| __adroll_consent_adv_country

22 Cookies

Domain/Path Name / Value
sibautomation.com/ Name: uuid
Value: 320de288-7f2d-42d0-a43d-7f7e3c599c11
.bit.ly/ Name: _bit
Value: n7o2pl-0b9c7e3e1d662aebb7-007
.handsometours.com/ Name: __utma
Value: 108133403.581243158.1692843923.1692843923.1692843923.1
.handsometours.com/ Name: __utmc
Value: 108133403
.handsometours.com/ Name: __utmz
Value: 108133403.1692843923.1.1.utmcsr=4ufol.r.ag.d.sendibm3.com|utmccn=(referral)|utmcmd=referral|utmcct=/
.handsometours.com/ Name: __utmt
Value: 1
.handsometours.com/ Name: __utmb
Value: 108133403.1.10.1692843923
.handsometours.com/ Name: _ga
Value: GA1.2.581243158.1692843923
.handsometours.com/ Name: _gid
Value: GA1.2.846611317.1692843923
.handsometours.com/ Name: _gat
Value: 1
.handsometours.com/ Name: _gat_UA-102616678-9
Value: 1
.sibforms.com/ Name: __cfruid
Value: 327571eedfb135d032480227151ec99f1c334fc5-1692843922
.handsometours.com/ Name: _ga_78PKM1TK3D
Value: GS1.2.1692843922.1.0.1692843922.0.0.0
.handsometours.com/ Name: _ga_3L3K8YMH6S
Value: GS1.2.1692843922.1.0.1692843922.0.0.0
.handsometours.com/ Name: _fbp
Value: fb.1.1692843922905.1724681788
www.handsometours.com/ Name: _gauges_unique_hour
Value: 1
www.handsometours.com/ Name: _gauges_unique_day
Value: 1
www.handsometours.com/ Name: _gauges_unique_month
Value: 1
www.handsometours.com/ Name: _gauges_unique_year
Value: 1
www.handsometours.com/ Name: _gauges_unique
Value: 1
.t.co/ Name: muc_ads
Value: f1cc1076-7ffb-4911-b9f8-dc199ed940f5
.twitter.com/ Name: personalization_id
Value: "v1_I/aGaGqQqYWc22Q5HJIfDg=="

3 Console Messages

Source Level URL
Text
security warning URL: https://www.handsometours.com/tours/alvvays-2023/
Message:
Mixed Content: The page at 'https://www.handsometours.com/tours/alvvays-2023/' was loaded over HTTPS, but requested an insecure element 'http://img.youtube.com/vi/YVJ0ZKYu-GI/0.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://www.handsometours.com/tours/alvvays-2023/(Line 357)
Message:
Mixed Content: The page at 'https://www.handsometours.com/tours/alvvays-2023/' was loaded over HTTPS, but requested an insecure element 'http://img.youtube.com/vi/YVJ0ZKYu-GI/0.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://www.handsometours.com/tours/alvvays-2023/(Line 395)
Message:
Mixed Content: The page at 'https://www.handsometours.com/tours/alvvays-2023/' was loaded over HTTPS, but requested an insecure element 'http://handsometours.com/wp-content/uploads/2020/10/handsome_1435x210.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4a1fe988.sibforms.com
4ufol.r.ag.d.sendibm3.com
596808a16dec4fc39413bf34b0a70240.apm.eu-west-1.aws.cloud.es.io
ajax.googleapis.com
analytics.twitter.com
assets.brevo.com
bit.ly
connect.facebook.net
d.adroll.com
handsometours.com
img.youtube.com
in-automate.brevo.com
p.typekit.net
region1.google-analytics.com
s.adroll.com
secure.gaug.es
sibautomation.com
sibforms.com
ssl.google-analytics.com
static.ads-twitter.com
static.brevo.com
stats.g.doubleclick.net
t.co
use.typekit.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.handsometours.com
1.179.112.196
104.244.42.131
104.244.42.197
141.193.213.10
141.193.213.11
146.75.116.157
2001:4860:4802:32::36
2600:9000:2104:d000:6:9280:1080:93a1
2606:4700:4400::6812:26d8
2606:4700:4400::ac40:96ba
2606:4700::6813:f0c9
2a00:1450:4001:80f::2008
2a00:1450:4001:828::200e
2a00:1450:4001:829::200a
2a00:1450:4001:82b::2008
2a00:1450:400c:c00::9c
2a02:26f0:3100::1735:2a28
2a02:26f0:3100::1735:2a43
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
2a05:d018:cc3:fe05:9f63:e63d:b5d3:4662
54.156.217.215
63.33.254.192
67.199.248.10
00a2f019ff12d85bdb87f2e49e55a0af401ae8dc76976ea7aa861ca5468dac90
06ad340dbe2d27882df412925e40918a64ff5ea84cb96e2c8b4f7def7a90a053
09023baefad81ce5066da12f63dbfd860f1321097977c6994d7862905f18da76
0e7ad47a4bc6ddbb17cb8cbe6167dae4717d0b5962a1d63de2e93e6dc201b9e8
0f306997a671d3d6e526c1e3f25799df50c350ee04fe992486739a31ff1b625c
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
169bb4ae5f2da57312b7d13e29febd4497cae30b1479d503c19e30491619e6f7
1c2a7c3ecc9e56cdec822e1e8509e4e4c68493bc864800af24754974c67026fd
22597172f6d726a750110644b4bb7edb4ba07453fd0c372aedeacc08054b7d30
22666b0468f6a0ed2031e7c3d0353c83820da04a03caabe743e19d26ae2b05f0
2406263603181158bb23ef2ba4c917a1e6f600fbb26f7b980d4e1890f11b673a
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2d38e8228ad09c73d432c4607a9d6451f88f8b7b28b53a7e99963f78f18284ac
3631457e2f204009f56d48533e6713729e4304cc95b823ada31d171269f483df
364520f291032e40b53b8ee9f3a487f47bfbacbbbedd5d34740dbc964ff402fb
495212641ae816adee4f48fc28c09f65e9e10c605db631e31eaa257f3f7b92b9
49db7cfbc17e98d07a437318473759332f9dbeb1806e4649d131a31d62d92fcd
4c48afde1810c60f153946ac02023c7e08e074d4623af97abb0aa33b23bfb41d
50ffe7e6da3299a6e46b8fe163bf8b33528ac26309f810d3ad6dc6179a6648b3
5507b886b42fdb53545e45ff9b75efa26637ce8472f959d2b27ef6ca8d4154b7
57d6f6aef46e0ac469106d23a4e15b5d6472412c17df802bf843d5059b2c400d
6436d37f4f9948ea5fe6cfa07fa917429755766e7dec87f341243218a2ae9551
66b68c30af40ed72d912aacea556275b0f67e29a420486abd85966e5822df207
66c6eed020aa2b09e3c9f6a1e441235b309a6710929259d56f9703ba946747d1
6ae0a5fcb3c029180c261ba3ddb6d80a80ab3dc5d040f88037a1ee0573ff8c58
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6ce2357e55b3eb9cf7490bb3edca8ca8a4ec9241413c3c8321877bafe67e023f
79302a6726541d15c79491059f383bf5e753bcdea7571c5e9026d53d99229cf0
7c4077af61fa4f923f758471be28d79ab1b9da617ec834114386d00362b4f090
800b2d4d98db38463019f263de347bdf143732f72abc7325695d4aed7f2e2eb2
81ede5c5f43fa734894eb48cc8b577f9f868a1ecbefe22ecfedbcae3240bb6be
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8677971b119ccdb82af697ff0e08f218490d15116f221d44301f1cc8797e67d4
8ad2d7e9a374c0e8d5a764200defcbc74b6a47704729afe957602347ac6cdee4
8bcd8e98ed1ed963767e9cd500a484a80cee1a99caf7038ff0a8d931ab5d003b
96f68763e87b81306ca755e51e4a2ea1543bea495bc018ada15c7441fc7584ae
9afd9079d58ceee9fd02b63373b2d17173d6f2372e2c03b83de96b4f60ccd113
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39
a38d62cf17bc6477962fd6f2101c9a3b87bf9cd1ee5206ea95aa76e149a4cc79
a572de592a0e3abc43227fee637abc8367628fb98eed4a35982a2be6a5ea8c7f
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
bd68b8fe7d37bdaa2e380d4afef3cb7acc7990750747577b097d53666c46845b
c0e0cb3ea7aaf4d964f6922d3b57d6f3495f167b2b115839925c8700fe12663e
c1300836e60f471951932534ed16c16bdacc2fa188832e3fa63dacf46b46c1fd
c2861c55ac45f35801e12d5e512af7a02da63607e60ba52f0b55ea44e99f0e6f
c6c8293e02709c803f07fba9cf6667a4daf03a758a403e99cd696a3fcf75209e
c910eb1a0ddae795b0896835b89a88e1a276d2f493e1b22d9272acfbd456bbbb
cda4b38b39e069aa2813486847385336d428d24a0c67734594116100328774e7
cdbdff46d80b04005fd57facd6a0c73b58da2b0abf21e296be23ece88ac0b278
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d3f3779f5113da6da957c4d81481146a272c31aefe0d3e4b64414fd686fd9744
d5663542ff5b0e30d1958762e83a477c02d2184bb45272165c4a64fc83362a55
d8d8643aedd3dec3c0f7ac1fffbe714efc0b65713cbe816cb86cdcf2a370966d
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df2698e6cf74ed890afa92da10051f880df2ce0b3257b73c5d9ae2f6bea82d3c
e1eb5ecbb356d986025b6cd815c134f8228d79dd96fb8e43ab6530c55c36189e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8e01bf02fc25d398e098265873f3a4c64b00d37309c0d1f3a35e0eff5fe10a4
e92b5e0133f0825ff255fc25b29669eb647b5ed127154841f37a10a85beccf55
eb21dd869563372a1b6bd2bb56056b76ce9dd1dd78c2da11ca81381e0c5a0ef6
ec140ae8baa4b61226d96beba9277a0072e45b805004b8ea983c5d43402aeb66
ecbf363c76059629c1a6dc23933ad001316f66a5c371f8a3f961d7c29dc4c7b2
f332a8f48a5d76d5b2f445740d78e19845565befbb5c6391f2c53f39303cd9ec
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52
f940aaeaf2d7bbe58d76a368931e1a4392ffc7d8aa0a2f703d93b59d7ab55691