navitour.com Open in urlscan Pro
104.19.241.93 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://navitour.com/
Effective URL:
https://navitour.com/
Submission: On March 23 via api (March 23rd 2023, 5:11:18 am UTC) from US — Scanned from DE

Summary HTTP 60 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 16 IPs in 3 countries across 13 domains to perform 60 HTTP transactions. The main IP is 104.19.241.93, located in and belongs to CLOUDFLARENET, US. The main domain is navitour.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 25th 2022. Valid for: a year.

This is the only time navitour.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	104.19.240.93 104.19.240.93	13335 (CLOUDFLAR...) (CLOUDFLARENET)
19	104.19.241.93 104.19.241.93	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	13.227.219.27 13.227.219.27	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6811:d3cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:803::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6811:b649	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
3	2606:4700::68... 2606:4700::6810:5905	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2600:9000:224... 2600:9000:2240:1400:1c:37e5:3f40:21	16509 (AMAZON-02) (AMAZON-02)
3	54.186.23.98 54.186.23.98	16509 (AMAZON-02) (AMAZON-02)
2	151.101.192.176 151.101.192.176	54113 (FASTLY) (FASTLY)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	44.233.214.12 44.233.214.12	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:5705	13335 (CLOUDFLAR...) (CLOUDFLARENET)
60	16

1 104.19.240.93 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

navitour.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 104.19.241.93 (None, )

ASN13335 (CLOUDFLARENET, US)

navitour.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
navitour2.cdn.bubble.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.227.219.27 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-219-27.ams54.r.cloudfront.net

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:d3cc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:803::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:b649 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:5905 (United States)

ASN13335 (CLOUDFLARENET, US)

forms.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2600:9000:2240:1400:1c:37e5:3f40:21 (United States)

ASN16509 (AMAZON-02, US)

d1muf25xaso8hp.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.186.23.98 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-186-23-98.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.192.176 (United States)

ASN54113 (FASTLY, US)

m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.233.214.12 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-233-214-12.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5705 (United States)

ASN13335 (CLOUDFLARENET, US)

forms-na1.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	navitour.com 1 redirects navitour.com	1 MB
9	cloudfront.net d1muf25xaso8hp.cloudfront.net	161 KB
8	gstatic.com fonts.gstatic.com	173 KB
7	stripe.com js.stripe.com — Cisco Umbrella Rank: 1026 q.stripe.com — Cisco Umbrella Rank: 6139 m.stripe.com — Cisco Umbrella Rank: 1097	113 KB
4	hsforms.com forms.hsforms.com — Cisco Umbrella Rank: 3742 forms-na1.hsforms.com — Cisco Umbrella Rank: 6056	8 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	231 KB
2	stripe.network m.stripe.network — Cisco Umbrella Rank: 1133	17 KB
2	hsforms.net js.hsforms.net — Cisco Umbrella Rank: 5734	318 KB
2	bubble.io navitour2.cdn.bubble.io	15 KB
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2368	252 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31	1 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 194	1 KB
1	hs-scripts.com js.hs-scripts.com — Cisco Umbrella Rank: 2030
60	13

	Domain	Requested by
18	navitour.com	1 redirects navitour.com
9	d1muf25xaso8hp.cloudfront.net	navitour.com
8	fonts.gstatic.com	fonts.googleapis.com
4	www.googletagmanager.com	navitour.com www.googletagmanager.com
3	q.stripe.com	navitour.com
3	forms.hsforms.com	js.hsforms.net navitour.com
3	js.stripe.com	navitour.com js.stripe.com
2	m.stripe.network	js.stripe.com m.stripe.network
2	js.hsforms.net	navitour.com js.hsforms.net
2	navitour2.cdn.bubble.io	navitour.com
1	forms-na1.hsforms.com	navitour.com
1	m.stripe.com	m.stripe.network
1	region1.google-analytics.com	www.googletagmanager.com
1	fonts.googleapis.com	navitour.com
1	cdnjs.cloudflare.com	navitour.com
1	js.hs-scripts.com	navitour.com
60	16

This site contains links to these domains. Also see Links.

Domain
travelcampfire.com
blog.navitour.com

Subject Issuer	Validity	Valid
navitour.com Cloudflare Inc ECC CA-3	`2022-05-25` - `2023-05-24`	a year	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2023-02-06` - `2023-05-13`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-03` - `2023-06-02`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
bubble.io Cloudflare Inc ECC CA-3	`2022-12-17` - `2023-12-16`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-14` - `2023-06-13`	4 months	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-08` - `2023-04-08`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://navitour.com/
Frame ID: F429C2B49118D2CE71B0C2BDA699F654
Requests: 51 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Frame ID: D4E2F957CE0824395907C6EFFF2EE08B
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: AB20DAC3812C5524334A91ACC066D52E
Requests: 4 HTTP requests in this frame

Frame: https://js.hsforms.net/forms/v2.js
Frame ID: 7C6EB571E59A6B3C9B4AEFD51093101A
Requests: 1 HTTP requests in this frame

Frame: https://js.hsforms.net/forms/v2.js
Frame ID: F72E5AB754126BD499A0CAEED677ADD9
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Navitour

Page URL History Show full URLs

http://navitour.com/ HTTP 301
https://navitour.com/ Page URL

Detected technologies

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

60
Requests

98 %
HTTPS

63 %
IPv6

13
Domains

16
Subdomains

16
IPs

3
Countries

2065 kB
Transfer

7347 kB
Size

8
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://travelcampfire.com/join/
Title: Campfire

Search URL Search Domain Scan URL

URL: https://blog.navitour.com/
Title: Blog

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://navitour.com/ HTTP 301
https://navitour.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

60 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
navitour.com/
Redirect Chain

http://navitour.com/
https://navitour.com/

14 KB
6 KB

390ms
372ms

Document
text/html

104.19.241.93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://navitour.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.241.93 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: e4d8e3e14a9bf6a8682e8c2d5ab98022e2ece4463d35f6e14a5e830203a2a1a8

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

CF-Cache-Status: DYNAMIC
CF-RAY: 7ac42c199f6330d2-FRA
Connection: keep-alive
Content-Encoding: br
Content-Type: text/html
Date: Thu, 23 Mar 2023 05:11:11 GMT
Server: cloudflare
Transfer-Encoding: chunked
cache-control: no-store
referrer-policy: origin
vary: Accept-Encoding
x-bubble-capacity-limit: 0 ms slower
x-bubble-capacity-used: 0.134 unit-seconds used
x-bubble-perf: {"total":170.6,"percents":{"top":{"bubble_cpu":33.9,"block":66.1,"capacity_rl":0,"other_pause":0,"pre_fiber":0.3},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":55.3,"appserver_cache_misses_time":0,"redis":67.2,"fiber_queue":4.3,"capacity_wait":0.7}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"derived_cache_attempts":15,"derived_cache_memory_misses":15,"serverjson":71,"appserver_cache_attempts":2,"appserver_mem_cache_hits":0,"appserver_cache_hits":2,"appserver_cache_misses":0,"redis":102,"fiber_queue":107,"blocks":106},"misc":{"userdb_results":1,"userdb_data":692,"spent_time":8683437,"derived_build_time_spent":0}}
x-powered-by: Express

Redirect headers

CF-Cache-Status: DYNAMIC
CF-RAY: 7ac42c184c5f3650-FRA
Connection: keep-alive
Content-Length: 0
Date: Thu, 23 Mar 2023 05:11:11 GMT
Location: https://navitour.com/
Server: cloudflare

GET
H/1.1 200
OK early.js Show response
navitour.com/package/early_js/c5bcb2b703c12cc31e5a643f3beafacd0fd83738d617fb5a9a2b524326bd2d5b/xfalse/ 23 KB
10 KB 244ms
244ms Script
application/javascript 104.19.241.93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://navitour.com/package/early_js/c5bcb2b703c12cc31e5a643f3beafacd0fd83738d617fb5a9a2b524326bd2d5b/xfalse/early.js
Requested by: Host: navitour.com
URL: https://navitour.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.241.93 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 5e99240e0f704678d97c9bfdd715672b2dd5d6c507a1f2197babeec2577039bf

Request headers

Referer: https://navitour.com/
Origin: https://navitour.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Thu, 23 Mar 2023 05:11:12 GMT
Content-Encoding: br
CF-Cache-Status: MISS
x-bubble-perf: {"total":23,"percents":{"top":{"bubble_cpu":23.3,"block":72.1,"capacity_rl":0,"other_pause":0,"pre_fiber":2.2},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":0,"appserver_cache_misses_time":0,"redis":34.9,"fiber_queue":19.5,"capacity_wait":14.4}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":0,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":8,"fiber_queue":11,"blocks":10},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":805879,"derived_build_time_spent":0}}
x-powered-by: Express
Transfer-Encoding: chunked
Connection: keep-alive
x-bubble-capacity-used: 0.012 unit-seconds used
Server: cloudflare
vary: Accept-Encoding
Content-Type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
CF-RAY: 7ac42c1c09ce30d2-FRA
x-bubble-capacity-limit: 0 ms slower

GET
H/1.1 200
OK run.css
navitour.com/package/run_css/3246c67a53dd483ce954b40d9db26147ba37e534ca29532ded23ca0c8a55e736/navitour2/live/index/xfalse/xfalse/ 250 KB
24 KB 298ms
281ms Stylesheet
text/css 104.19.241.93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://navitour.com/package/run_css/3246c67a53dd483ce954b40d9db26147ba37e534ca29532ded23ca0c8a55e736/navitour2/live/index/xfalse/xfalse/run.css
Requested by: Host: navitour.com
URL: https://navitour.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.241.93 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 5c8166f1d8450d6e71b9fe6a046bea917730e90dcbbc7525fb8a0cd9da5b14d7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://navitour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Thu, 23 Mar 2023 05:11:12 GMT
Content-Encoding: br
CF-Cache-Status: MISS
x-bubble-perf: {"total":53.3,"percents":{"top":{"bubble_cpu":35.9,"block":63.6,"capacity_rl":0,"other_pause":0,"pre_fiber":0.8},"sub":{"pp_userdb":5.6,"pp_wait_userdb":0,"http_request":0,"serverjson":19.2,"appserver_cache_misses_time":0,"redis":59.4,"fiber_queue":7.6,"capacity_wait":3.8}},"counts":{"pp_userdb":1,"http_request":0,"derived_build":0,"derived_cache_attempts":3,"derived_cache_memory_misses":3,"serverjson":16,"appserver_cache_attempts":1,"appserver_mem_cache_hits":0,"appserver_cache_hits":1,"appserver_cache_misses":0,"redis":37,"fiber_queue":39,"blocks":38},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":8868739,"derived_build_time_spent":0}}
x-powered-by: Express
Transfer-Encoding: chunked
Connection: keep-alive
x-bubble-capacity-used: 0.136 unit-seconds used
Server: cloudflare
vary: Accept-Encoding
Content-Type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
CF-RAY: 7ac42c1c2a4e39d3-FRA
x-bubble-capacity-limit: 0 ms slower

GET
H/1.1 200
OK run.js Show response
navitour.com/package/run_js/068ead6b4e3c233261e9f7fe627abf6c95878e7e6280ba67e85c66a51d77b768/xfalse/x21/ 2 MB
629 KB 403ms
386ms Script
application/javascript 104.19.241.93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://navitour.com/package/run_js/068ead6b4e3c233261e9f7fe627abf6c95878e7e6280ba67e85c66a51d77b768/xfalse/x21/run.js
Requested by: Host: navitour.com
URL: https://navitour.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.241.93 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: c3aca950c45136f5df0b468589f1cb94c34e8fa8af2d4ca6221d7a425bd5dae1

Request headers

Referer: https://navitour.com/
Origin: https://navitour.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Thu, 23 Mar 2023 05:11:12 GMT
Content-Encoding: br
CF-Cache-Status: MISS
x-bubble-perf: {"total":39,"percents":{"top":{"bubble_cpu":29.3,"block":66.1,"capacity_rl":0,"other_pause":0,"pre_fiber":1.2},"sub":{"pp_userdb":7.7,"pp_wait_userdb":0,"http_request":0,"serverjson":7.2,"appserver_cache_misses_time":0,"redis":44.3,"fiber_queue":9.4,"capacity_wait":5.3}},"counts":{"pp_userdb":1,"http_request":0,"derived_build":0,"derived_cache_attempts":1,"derived_cache_memory_misses":1,"serverjson":3,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":21,"fiber_queue":26,"blocks":25},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":7715290,"derived_build_time_spent":0}}
x-powered-by: Express
Transfer-Encoding: chunked
Connection: keep-alive
x-bubble-capacity-used: 0.119 unit-seconds used
Server: cloudflare
vary: Accept-Encoding
Content-Type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
CF-RAY: 7ac42c1c2fcb996e-FRA
x-bubble-capacity-limit: 0 ms slower

GET
H/1.1 200
OK static.js Show response
navitour.com/package/static_js/8a458e558b08d367812617c07216cc56e990c51685406cd1f48f139ec94e437e/navitour2/live/index/xnull/xfalse/xfalse/xfalse/ 1 MB
205 KB 506ms
489ms Script
application/javascript 104.19.241.93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://navitour.com/package/static_js/8a458e558b08d367812617c07216cc56e990c51685406cd1f48f139ec94e437e/navitour2/live/index/xnull/xfalse/xfalse/xfalse/static.js
Requested by: Host: navitour.com
URL: https://navitour.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.241.93 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 043a8844b1ebc482c59bd265868738ef1c8558358c9b961f7ffefce63a8be5bd

Request headers

Referer: https://navitour.com/
Origin: https://navitour.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Thu, 23 Mar 2023 05:11:12 GMT
Content-Encoding: br
CF-Cache-Status: MISS
x-bubble-perf: {"total":122.2,"percents":{"top":{"bubble_cpu":34,"block":64.7,"capacity_rl":0,"other_pause":0,"pre_fiber":0.4},"sub":{"pp_userdb":1.6,"pp_wait_userdb":0,"http_request":0,"serverjson":47.4,"appserver_cache_misses_time":0,"redis":59.1,"fiber_queue":5.8,"capacity_wait":3.6}},"counts":{"pp_userdb":1,"http_request":0,"derived_build":0,"derived_cache_attempts":9,"derived_cache_memory_misses":9,"serverjson":50,"appserver_cache_attempts":2,"appserver_mem_cache_hits":0,"appserver_cache_hits":2,"appserver_cache_misses":0,"redis":76,"fiber_queue":79,"blocks":78},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":11228820,"derived_build_time_spent":0}}
x-powered-by: Express
Transfer-Encoding: chunked
Connection: keep-alive
x-bubble-capacity-used: 0.173 unit-seconds used
Server: cloudflare
vary: Accept-Encoding
Content-Type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
CF-RAY: 7ac42c1c2ae9922b-FRA
x-bubble-capacity-limit: 0 ms slower

GET
H/1.1 200
OK dynamic.js Show response
navitour.com/package/dynamic_js/7216fbec30c965e0866e9947a0bb09d90ecaa7fc5e0df32e62b2c1bd28ea2d0c/navitour2/live/index/xnull/xfalse/xfalse/en_us/xfalse/xfalse/ 360 KB
60 KB 284ms
265ms Script
application/javascript 104.19.241.93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://navitour.com/package/dynamic_js/7216fbec30c965e0866e9947a0bb09d90ecaa7fc5e0df32e62b2c1bd28ea2d0c/navitour2/live/index/xnull/xfalse/xfalse/en_us/xfalse/xfalse/dynamic.js
Requested by: Host: navitour.com
URL: https://navitour.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.241.93 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: cc222ec9d7c6844c0982e96cdb1c496f5fb0b281b9b9151959ee312ffbc95190

Request headers

Referer: https://navitour.com/
Origin: https://navitour.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Thu, 23 Mar 2023 05:11:12 GMT
Content-Encoding: br
CF-Cache-Status: MISS
x-bubble-perf: {"total":38.6,"percents":{"top":{"bubble_cpu":29.1,"block":69.1,"capacity_rl":0,"other_pause":0,"pre_fiber":1.1},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":10.3,"appserver_cache_misses_time":0,"redis":64,"fiber_queue":9.5,"capacity_wait":13}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"derived_cache_attempts":3,"derived_cache_memory_misses":3,"serverjson":9,"appserver_cache_attempts":1,"appserver_mem_cache_hits":0,"appserver_cache_hits":1,"appserver_cache_misses":0,"redis":23,"fiber_queue":20,"blocks":19},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":1686857,"derived_build_time_spent":0}}
x-powered-by: Express
Transfer-Encoding: chunked
Connection: keep-alive
x-bubble-capacity-used: 0.026 unit-seconds used
Server: cloudflare
vary: Accept-Encoding
Content-Type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
CF-RAY: 7ac42c1c2df33638-FRA
x-bubble-capacity-limit: 0 ms slower

GET
H2 200 / Show response
js.stripe.com/v3/ 450 KB
108 KB 93ms
16ms Script
text/javascript 13.227.219.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: navitour.com
URL: https://navitour.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.27 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-27.ams54.r.cloudfront.net

Software

Cloudfront /

Resource Hash

c2d77b9ca1062b537954a1beeef29e3ddce0b36dbbf5e064586898899b5c258a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://navitour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Thu, 23 Mar 2023 05:10:45 GMT
via: 1.1 f655cacd0d6f7c5dc935ea687af6f3c0.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 46
x-cache: Hit from cloudfront
last-modified: Wed, 22 Mar 2023 20:16:07 GMT
server: Cloudfront
etag: W/"ab10b922b051d6a383d69c10082d0675"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
timing-allow-origin: *
x-amz-cf-id: Jgo8jA1KpX858wKoM0Qwcpolz2hXj65FDUUwmyUBtqOQFUjQKJWnBg==

GET
H2 404 .js
js.hs-scripts.com/ 0
0 152ms
121ms Script
text/html 2606:4700::6811:d3cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-scripts.com/.js
Requested by: Host: navitour.com
URL: https://navitour.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:d3cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://navitour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 96 KB
38 KB 36ms
15ms Script
application/javascript 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=

Requested by

Host: navitour.com
URL: https://navitour.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7e8cffebf657a8666ef465efe726c144818fea84fe227e45caf5cc70766c1d75

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://navitour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 05:11:12 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38538
x-xss-protection: 0
last-modified: Thu, 23 Mar 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 23 Mar 2023 05:11:12 GMT

GET
H2 200 croppie.min.css
cdnjs.cloudflare.com/ajax/libs/croppie/2.4.0/ 2 KB
1 KB 33ms
14ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/croppie/2.4.0/croppie.min.css

Requested by

Host: navitour.com
URL: https://navitour.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7d94621c23e99f7b86f592bb9f39fbbc5d6faf4f512412973bc70fa12cdb092c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://navitour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 05:11:12 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 4313009
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 595
last-modified: Mon, 04 May 2020 16:09:17 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e2d-982"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZWZU1inptEza8G9mKm3I604Ey%2FAapGaS1JgbAO3RYCAa8tlskhh2Um8XtgyCrvOhJARVxDC%2BKsXDn1JocZ5yOQssfNwh3UZPilyczAos3HL%2BTydnoHC9CcS94WoPsVyWV0iIAdcplMpmdqBwcyYH5q5T"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7ac42c1c28c236df-FRA
expires: Tue, 12 Mar 2024 05:11:12 GMT

GET
H2 200 exif_2.3.0.min.js Show response
navitour2.cdn.bubble.io/f1530602571601x711735609918832800/ 14 KB
6 KB 159ms
131ms Script
application/javascript 104.19.241.93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://navitour2.cdn.bubble.io/f1530602571601x711735609918832800/exif_2.3.0.min.js
Requested by: Host: navitour.com
URL: https://navitour.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.241.93 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7619bd478a6018074496dfd9f019ca93d7ec684b6a4b3d75bb4f85c022171f2e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://navitour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 05:11:12 GMT
x-amz-meta-appname: meta
content-encoding: br
x-amz-version-id: e1kLN.DZ8BDiuk6_YLUAkCyyWaaDMr8U
last-modified: Tue, 03 Jul 2018 07:22:52 GMT
server: cloudflare
cf-cache-status: MISS
x-amz-request-id: VCYY57YX0X8HC31K
etag: W/"48814126e2cd29ac30e68e012934c6d8"
x-amz-meta-app-version: live
vary: Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=290304000
cf-ray: 7ac42c1c3fd5915c-FRA
x-amz-id-2: v4whLsvCkkDh6QTP4oS1qPgteE8Lf2XxT225fWRIox4RjZ690DDWX6Vks2FeKiY7kMNfkcetSv0=

GET
H2 200 croppie.2.4.0.whitearea.flip.min.js Show response
navitour2.cdn.bubble.io/f1530613964116x134027369320392600/ 30 KB
9 KB 42ms
14ms Script
application/javascript 104.19.241.93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://navitour2.cdn.bubble.io/f1530613964116x134027369320392600/croppie.2.4.0.whitearea.flip.min.js
Requested by: Host: navitour.com
URL: https://navitour.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.241.93 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 67066dcb9b628d2e57ddb81eb7846598e9fdc4821dd0a8679a17f5d0b28e48c5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://navitour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 05:11:12 GMT
content-encoding: br
x-amz-version-id: rOU7AheaSpNOzUIrAZd5BWVQ46cM9yjS
cf-cache-status: HIT
x-amz-request-id: GX22D767HAZQEKQW
age: 6060
x-amz-meta-app-version: live
x-amz-id-2: nWFM8InE+mFKOwNaiI5mi9xze3BTl6FFxidrCtNsP2oFCUekR+ZNipGsInluM1vETKD4KPfQQwg=
x-amz-meta-appname: meta
last-modified: Tue, 03 Jul 2018 10:32:45 GMT
server: cloudflare
etag: W/"14ddc3016c91f82f91c536a4d514d536"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=290304000
cf-ray: 7ac42c1c3fd6915c-FRA

GET
H2 200 v2.js Show response
js.hsforms.net/forms/ 509 KB
159 KB 51ms
26ms Script
application/javascript 2606:4700::6811:b649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsforms.net/forms/v2.js

Requested by

Host: navitour.com
URL: https://navitour.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b649 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ec5f7597c123181788fd043c205d990937daab3c1565e7df4ba16d47f030c160

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://navitour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 05:11:12 GMT
x-amz-version-id: 2wXcdIzl9WRVTrxeR26mvDAXbt4ZcTF6
via: 1.1 b77313059f3d50280ced20238b151620.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: IAD12-P3
age: 269
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=forms-embed/static-1.2802/bundles/project-v2.js&cfRay=7ac4258e6932361f-IAD
x-cache: Hit from cloudfront
cache-tag: staticjsapp-forms-embed-v2-web-prod,staticjsapp-prod
content-encoding: br
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 08 Mar 2023 01:33:37 UTC
server: cloudflare
etag: W/"ae0386c025bb39c5f937fe3f182d3e80"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yIbUxt%2BFDb6rAGcFoiRn8bzDGm2EOZVnU9TWvEIddO7J6hDjJuzXfb9OthEEQCkWc%2BTDN8xfJxxkwUY%2FrAOcoxED2Diz0tBYaA%2FLB2hwRML4nEYrF5k4%2FRY77FRPRG8%2FlPLS%2F5w8%2BWS7lhEj"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-hs-cache-status: HIT
cache-control: s-maxage=600, max-age=300
cf-ray: 7ac42c1c3c3b35e7-FRA
x-amz-cf-id: eB6P-TzdoM10TStZxYXyEb0UYpcb2COCPXOKrC1dLRaPp3I-4qxmoA==
x-hs-target-asset: forms-embed/static-1.2802/bundles/project-v2.js

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 222 KB
77 KB 24ms
23ms Script
application/javascript 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-4Z4SN42BY5

Requested by

Host: navitour.com
URL: https://navitour.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a545503398e200db1c73616e87979849673d680574cfb89da367e4b34a10a202

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://navitour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 05:11:12 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 79221
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 23 Mar 2023 05:11:12 GMT

GET
H2 200 css
fonts.googleapis.com/ 7 KB
1 KB 40ms
20ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Barlow:regular%7CBarlow:500%7CBarlow:600%7CBarlow:700%7CBarlow:800%7CBarlow:900%7CBarlow:italic%7CBarlow:regular%7CLato:regular%7CLato:regular

Requested by

Host: navitour.com
URL: https://navitour.com/package/early_js/c5bcb2b703c12cc31e5a643f3beafacd0fd83738d617fb5a9a2b524326bd2d5b/xfalse/early.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e248f14e45b99729af09bf2621131c31622ad176ec4eefb2398b3eb4694f5d04

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://navitour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 23 Mar 2023 05:11:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 23 Mar 2023 05:11:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 23 Mar 2023 05:11:12 GMT

GET
H/1.1 200
OK data Show response
navitour.com/api/1.1/init/ 474 B
1 KB 558ms
558ms XHR
text/plain 104.19.241.93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://navitour.com/api/1.1/init/data?location=https%3A%2F%2Fnavitour.com%2F
Requested by: Host: navitour.com
URL: https://navitour.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.241.93 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 14888b428c635116be31ff7b8fa0de59360cb5c2e2eb33a410cbb9f5f1538861

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://navitour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Thu, 23 Mar 2023 05:11:12 GMT
CF-Cache-Status: DYNAMIC
x-bubble-perf: {"total":32.4,"percents":{"top":{"bubble_cpu":33.1,"block":58.5,"capacity_rl":0,"other_pause":0,"pre_fiber":1.8},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":9.5,"appserver_cache_misses_time":0,"redis":44.3,"fiber_queue":11.9,"capacity_wait":9.3}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"derived_cache_attempts":1,"derived_cache_memory_misses":1,"serverjson":3,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":16,"fiber_queue":21,"blocks":20},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":1608573,"derived_build_time_spent":0}}
Server: cloudflare
x-powered-by: Express
Transfer-Encoding: chunked
Connection: keep-alive
x-bubble-capacity-used: 0.025 unit-seconds used
CF-RAY: 7ac42c1d9b2a30d2-FRA
x-bubble-capacity-limit: 0 ms slower

GET
H2 200 7cHpv4kjgoGqM7E_DMs5.woff2
fonts.gstatic.com/s/barlow/v12/ 21 KB
21 KB 41ms
19ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlow/v12/7cHpv4kjgoGqM7E_DMs5.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Barlow:regular%7CBarlow:500%7CBarlow:600%7CBarlow:700%7CBarlow:800%7CBarlow:900%7CBarlow:italic%7CBarlow:regular%7CLato:regular%7CLato:regular

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c9c80a6c32c0619d61c28f28723e68c5f8f75163e77ee5cf64c39e640e0d71e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://navitour.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 08:37:43 GMT
x-content-type-options: nosniff
age: 160409
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21144
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:43:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Mar 2024 08:37:43 GMT

GET
H2 200 7cHqv4kjgoGqM7E3_-gs51os.woff2
fonts.gstatic.com/s/barlow/v12/ 20 KB
21 KB 37ms
16ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlow/v12/7cHqv4kjgoGqM7E3_-gs51os.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c0597b1b0c771139c958982210f05b275993037f0f3ba20d7a9300a0741dc80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://navitour.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 08:37:53 GMT
x-content-type-options: nosniff
age: 160399
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20960
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:18:28 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Mar 2024 08:37:53 GMT

GET
H2 200 7cHqv4kjgoGqM7E30-8s51os.woff2
fonts.gstatic.com/s/barlow/v12/ 21 KB
21 KB 33ms
14ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlow/v12/7cHqv4kjgoGqM7E30-8s51os.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b14e8397d552f351a4396dec25ec5da1348865683100e94c4ab0faea4a9a254

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://navitour.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 08:37:43 GMT
x-content-type-options: nosniff
age: 160409
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21796
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:35:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Mar 2024 08:37:43 GMT

GET
H2 200 7cHqv4kjgoGqM7E3t-4s51os.woff2
fonts.gstatic.com/s/barlow/v12/ 21 KB
21 KB 28ms
10ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlow/v12/7cHqv4kjgoGqM7E3t-4s51os.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65a47caa5183b035bf78d0f93adbe5cea500333410259c54abf2de356740df7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://navitour.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 08:37:44 GMT
x-content-type-options: nosniff
age: 160408
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21724
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:29:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Mar 2024 08:37:44 GMT

GET
H2 200 7cHqv4kjgoGqM7E3q-0s51os.woff2
fonts.gstatic.com/s/barlow/v12/ 22 KB
22 KB 37ms
21ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlow/v12/7cHqv4kjgoGqM7E3q-0s51os.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f132510bc7b665bbe5fb9227b0d2daafa5513296a72f88f88d38179eded9277

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://navitour.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 08:38:15 GMT
x-content-type-options: nosniff
age: 160377
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22052
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:05:17 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Mar 2024 08:38:15 GMT

GET
H2 200 7cHqv4kjgoGqM7E3j-ws51os.woff2
fonts.gstatic.com/s/barlow/v12/ 21 KB
21 KB 37ms
22ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlow/v12/7cHqv4kjgoGqM7E3j-ws51os.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f9bfb04a18c8be687fadacd7f67647b65113ee8d1aabcb0f410eac21681fa7ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://navitour.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 21:45:55 GMT
x-content-type-options: nosniff
age: 113117
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21416
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:56:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Mar 2024 21:45:55 GMT

GET
H2 200 7cHrv4kjgoGqM7E_Cfs7wH8.woff2
fonts.gstatic.com/s/barlow/v12/ 23 KB
23 KB 34ms
20ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlow/v12/7cHrv4kjgoGqM7E_Cfs7wH8.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

51d0115090b2cfd0cb581cbf62ee79bb94fdcb3f9c2432d39d3adacd8888ccef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://navitour.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 08:39:45 GMT
x-content-type-options: nosniff
age: 160287
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23564
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:09:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Mar 2024 08:39:45 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/ 23 KB
24 KB 21ms
8ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://navitour.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 08:37:41 GMT
x-content-type-options: nosniff
age: 160411
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Mar 2024 08:37:41 GMT

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://navitour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 m-outer-93afeeb17bc37e711759584dbfc50d47.html Show response
js.stripe.com/v3/ Frame D4E2 200 B
1 KB 15ms
14ms Document
text/html 13.227.219.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.27 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-27.ams54.r.cloudfront.net

Software

Cloudfront /

Resource Hash

f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://navitour.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 2905
cache-control: max-age=31536000
content-length: 200
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Thu, 23 Mar 2023 04:23:45 GMT
etag: "93afeeb17bc37e711759584dbfc50d47"
last-modified: Fri, 17 Mar 2023 20:02:38 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 f655cacd0d6f7c5dc935ea687af6f3c0.cloudfront.net (CloudFront)
x-amz-cf-id: qzqF68jHEGqpleh_iWSeomVo4yhigx5wJNrcFQuNQTo-Z51nSDk2yg==
x-amz-cf-pop: AMS54-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H/1.1 200
OK json Show response
forms.hsforms.com/embed/v3/form/20853686/dba851bf-a21b-4917-891b-16bc22c8e2ea/ 11 KB
4 KB 184ms
153ms XHR
application/json 2606:4700::6810:5905
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hsforms.com/embed/v3/form/20853686/dba851bf-a21b-4917-891b-16bc22c8e2ea/json?hs_static_app=forms-embed&hs_static_app_version=1.2802&X-HubSpot-Static-App-Info=forms-embed-1.2802

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/v2.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5905 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0e9e1ea183330bc2372132f0e3b1927bd92c205088481454b0032fde8b36514a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: application/json, text/plain, */*
Referer: https://navitour.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

X-Origin-Hublet: na1
Date: Thu, 23 Mar 2023 05:11:13 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: br
CF-Cache-Status: DYNAMIC
X-HubSpot-Correlation-Id: 4abf5c42-3d5e-4767-96ea-8c52d254eee3
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Server: cloudflare
X-Trace: 2B5F84B2EAF399917EC7B6F9FDE4DFBB2FD3B027D6000000000000000000
Vary: origin
Access-Control-Allow-Methods: OPTIONS, GET
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: https://navitour.com
Access-Control-Expose-Headers: X-Origin-Hublet
Access-Control-Max-Age: 180
Access-Control-Allow-Credentials: false
Cache-Control: max-age=0, no-cache, no-store
X-Robots-Tag: none
Access-Control-Allow-Headers: *
CF-RAY: 7ac42c2269469274-FRA

GET
H/1.1 200
OK json Show response
forms.hsforms.com/embed/v3/form/20853686/dba851bf-a21b-4917-891b-16bc22c8e2ea/ 11 KB
4 KB 183ms
154ms XHR
application/json 2606:4700::6810:5905
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hsforms.com/embed/v3/form/20853686/dba851bf-a21b-4917-891b-16bc22c8e2ea/json?hs_static_app=forms-embed&hs_static_app_version=1.2802&X-HubSpot-Static-App-Info=forms-embed-1.2802

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/v2.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5905 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

422b69dff0faf2526d11acf8d1769d5cad82595a256b47b6b73abfa2e5cbe42f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: application/json, text/plain, */*
Referer: https://navitour.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

X-Origin-Hublet: na1
Date: Thu, 23 Mar 2023 05:11:13 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: br
CF-Cache-Status: DYNAMIC
X-HubSpot-Correlation-Id: a3d6be9b-82e4-4c6c-9e04-433ce0cb15d2
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Server: cloudflare
X-Trace: 2B3F0C2168322EFAEEB37CABD2ABC8104E042C7BBD000000000000000000
Vary: origin
Access-Control-Allow-Methods: OPTIONS, GET
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: https://navitour.com
Access-Control-Expose-Headers: X-Origin-Hublet
Access-Control-Max-Age: 180
Access-Control-Allow-Credentials: false
Cache-Control: max-age=0, no-cache, no-store
X-Robots-Tag: none
Access-Control-Allow-Headers: *
CF-RAY: 7ac42c226ad5901e-FRA

POST
H/1.1 200
OK hi Show response
navitour.com/user/ 57 B
1 KB 523ms
523ms XHR
application/json 104.19.241.93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://navitour.com/user/hi
Requested by: Host: navitour.com
URL: https://navitour.com/package/run_js/068ead6b4e3c233261e9f7fe627abf6c95878e7e6280ba67e85c66a51d77b768/xfalse/x21/run.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.241.93 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 8d5c203eb128c487f6e9edd8230fd5e4fdaa49ea9e2cbd307f129f261942ec23

Request headers

X-Bubble-Epoch-Name: Epoch: Runmode page fully loaded
X-Bubble-Epoch-ID: 1679548272788x502201636034560900
X-Bubble-Fiber-ID: 1679548272996x128228349395044690
X-Bubble-PL: 1679548272996x3955
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: application/json
Accept: application/json, text/javascript, */*; q=0.01
X-Bubble-R: https://navitour.com/
cache-control: no-cache
Referer: https://navitour.com/
X-Requested-With: XMLHttpRequest
X-Bubble-Breaking-Revision: 5

Response headers

Date: Thu, 23 Mar 2023 05:11:13 GMT
Content-Encoding: br
CF-Cache-Status: DYNAMIC
x-bubble-perf: {"total":21.3,"percents":{"top":{"bubble_cpu":17.8,"block":77.4,"capacity_rl":0,"other_pause":0,"pre_fiber":3.6},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":31.6,"appserver_cache_misses_time":0,"redis":46.9,"fiber_queue":15.4,"capacity_wait":16}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":2,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":10,"fiber_queue":11,"blocks":10},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":568284,"derived_build_time_spent":0}}
x-bubble-appname: navitour2
x-powered-by: Express
Transfer-Encoding: chunked
Connection: keep-alive
x-bubble-capacity-used: 0.009 unit-seconds used
Server: cloudflare
x-bubble-request-took: 21
vary: Accept-Encoding
Content-Type: application/json
cache-control: no-cache
CF-RAY: 7ac42c223f1030d2-FRA
x-bubble-capacity-limit: 0 ms slower

GET
H/1.1 200
OK fontawesome-webfont.woff2
navitour.com/static/fonts/ 75 KB
77 KB 328ms
328ms Font
application/octet-stream 104.19.241.93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://navitour.com/static/fonts/fontawesome-webfont.woff2

Requested by

Host: navitour.com
URL: https://navitour.com/package/run_css/3246c67a53dd483ce954b40d9db26147ba37e534ca29532ded23ca0c8a55e736/navitour2/live/index/xfalse/xfalse/run.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

104.19.241.93 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://navitour.com/package/run_css/3246c67a53dd483ce954b40d9db26147ba37e534ca29532ded23ca0c8a55e736/navitour2/live/index/xfalse/xfalse/run.css
Origin: https://navitour.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Thu, 23 Mar 2023 05:11:13 GMT
x-content-type-options: nosniff
CF-Cache-Status: MISS
x-bubble-perf: {"total":19.3,"percents":{"top":{"bubble_cpu":18.9,"block":77.8,"capacity_rl":0,"other_pause":0,"pre_fiber":2.5},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":0,"appserver_cache_misses_time":0,"redis":41.1,"fiber_queue":18.2,"capacity_wait":17.9}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":0,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":8,"fiber_queue":10,"blocks":9},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":547896,"derived_build_time_spent":0}}
x-powered-by: Express
Connection: keep-alive
x-bubble-capacity-used: 0.008 unit-seconds used
Content-Length: 77160
Server: cloudflare
etag: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
Content-Type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000
Accept-Ranges: bytes
timing-allow-origin: *
CF-RAY: 7ac42c224f6d922b-FRA
x-bubble-capacity-limit: 0 ms slower

POST
H/1.1 200
OK client_log Show response
navitour.com/bug/ 4 B
1 KB 221ms
221ms XHR
application/json 104.19.241.93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://navitour.com/bug/client_log
Requested by: Host: navitour.com
URL: https://navitour.com/package/run_js/068ead6b4e3c233261e9f7fe627abf6c95878e7e6280ba67e85c66a51d77b768/xfalse/x21/run.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.241.93 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b

Request headers

X-Bubble-Epoch-Name: Epoch: Runmode page fully loaded
X-Bubble-Epoch-ID: 1679548272788x502201636034560900
X-Bubble-Fiber-ID: 1679548273029x891906363285559000
X-Bubble-PL: 1679548272996x3955
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: application/json
Accept: application/json, text/javascript, */*; q=0.01
X-Bubble-R: https://navitour.com/
cache-control: no-cache
Referer: https://navitour.com/
X-Requested-With: XMLHttpRequest
X-Bubble-Breaking-Revision: 5

Response headers

Date: Thu, 23 Mar 2023 05:11:13 GMT
Content-Encoding: br
CF-Cache-Status: DYNAMIC
x-bubble-perf: {"total":22.8,"percents":{"top":{"bubble_cpu":11.8,"block":64.5,"capacity_rl":0,"other_pause":0,"pre_fiber":18.7},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":0,"appserver_cache_misses_time":0,"redis":34.5,"fiber_queue":30,"capacity_wait":16.8}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":0,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":8,"fiber_queue":9,"blocks":8},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":402554,"derived_build_time_spent":0}}
x-bubble-appname: navitour2
x-powered-by: Express
Transfer-Encoding: chunked
Connection: keep-alive
x-bubble-capacity-used: 0.006 unit-seconds used
Server: cloudflare
x-bubble-request-took: 23
vary: Accept-Encoding
Content-Type: application/json
cache-control: no-cache
CF-RAY: 7ac42c227df2996e-FRA
x-bubble-capacity-limit: 0 ms slower

GET
H2 200 https%3A%2F%2Fs3.amazonaws.com%2Fappforest_uf%2Ff1673278513302x492880449854179650%2FAll%2520maine.jpg
d1muf25xaso8hp.cloudfront.net/ 55 KB
56 KB 255ms
205ms Image
image/jpeg 2600:9000:2240:1400:1c:37e5:3f40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1muf25xaso8hp.cloudfront.net/https%3A%2F%2Fs3.amazonaws.com%2Fappforest_uf%2Ff1673278513302x492880449854179650%2FAll%2520maine.jpg?w=1536&h=497&auto=compress&dpr=1&fit=max

Requested by

Host: navitour.com
URL: https://navitour.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2240:1400:1c:37e5:3f40:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

imgix /

Resource Hash

2ccb0349c8c64eb3ab7cefd86f6cf034db7ee0571665d8cbf56df6ba9aaa8c61

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://navitour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 05:11:13 GMT
via: 1.1 91353a8aba9ab05d79e9678e004043bc.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA60-P1
age: 39433
x-cache: Miss from cloudfront
x-imgix-id: 04fd7ba111d554a3a822a1d747c33886876d54d6
cross-origin-resource-policy: cross-origin
content-length: 56456
x-served-by: cache-sjc10038-SJC, cache-fra-eddf8230086-FRA
x-imgix-render-farm: 01.9032
last-modified: Wed, 22 Mar 2023 18:14:00 GMT
server: imgix
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: ENhRfMrGbRv0qyJ6TE22ZmMD7Wh03J_rtoYXyYLtl5fx8-zwfoZW4w==

GET
H2 200 https%3A%2F%2Fs3.amazonaws.com%2Fappforest_uf%2Ff1649778508843x167076696008548130%2FTikTok%2520Icon%2520%25282%2529.png
d1muf25xaso8hp.cloudfront.net/ 2 KB
3 KB 349ms
298ms Image
image/png 2600:9000:2240:1400:1c:37e5:3f40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1muf25xaso8hp.cloudfront.net/https%3A%2F%2Fs3.amazonaws.com%2Fappforest_uf%2Ff1649778508843x167076696008548130%2FTikTok%2520Icon%2520%25282%2529.png?w=96&h=50&auto=compress&dpr=1&fit=max

Requested by

Host: navitour.com
URL: https://navitour.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2240:1400:1c:37e5:3f40:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

imgix /

Resource Hash

347429110f775e5254a03afd2471a95a6ae90a15c0a2ab4aa90a81e0afde5eb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://navitour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 05:11:13 GMT
via: 1.1 91353a8aba9ab05d79e9678e004043bc.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA60-P1
age: 0
x-cache: Miss from cloudfront
x-imgix-id: 717bc5db6652136fab8e923da4dfe67b8335d078
cross-origin-resource-policy: cross-origin
content-length: 2069
x-served-by: cache-sjc10083-SJC, cache-hhn-etou8220077-HHN
x-imgix-render-farm: 01.9544
last-modified: Thu, 23 Mar 2023 05:11:13 GMT
server: imgix
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: MgINl4EVNKLl_dXDAP6NVv6cqqZehJYEOQEwm_OL0Cb2hfdd2F8yUw==

GET
H2 200 https%3A%2F%2Fs3.amazonaws.com%2Fappforest_uf%2Ff1649167445411x992700716679172100%2FLogo.png
d1muf25xaso8hp.cloudfront.net/ 5 KB
6 KB 217ms
167ms Image
image/png 2600:9000:2240:1400:1c:37e5:3f40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1muf25xaso8hp.cloudfront.net/https%3A%2F%2Fs3.amazonaws.com%2Fappforest_uf%2Ff1649167445411x992700716679172100%2FLogo.png?w=192&h=56&auto=compress&dpr=1&fit=max

Requested by

Host: navitour.com
URL: https://navitour.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2240:1400:1c:37e5:3f40:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

imgix /

Resource Hash

9886bbffac41055eba891fab2928c8c9700fafba0f28f0e6914b088ad7163d7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://navitour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 05:11:13 GMT
via: 1.1 91353a8aba9ab05d79e9678e004043bc.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA60-P1
age: 18133
x-cache: Miss from cloudfront
x-imgix-id: 7d675628697e0cae8a8c01987f9b18a61eb5cc63
cross-origin-resource-policy: cross-origin
content-length: 5265
x-served-by: cache-sjc10026-SJC, cache-hhn-etou8220061-HHN
x-imgix-render-farm: 01.9544
last-modified: Thu, 23 Mar 2023 00:09:00 GMT
server: imgix
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: UFYfQem2t3lk44xiKRIuVg5MJ03YlPinU864CH8P7bvhRKb_-gsmRQ==

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 96 KB
38 KB 16ms
15ms Script
application/javascript 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=null

Requested by

Host: navitour.com
URL: https://navitour.com/package/run_js/068ead6b4e3c233261e9f7fe627abf6c95878e7e6280ba67e85c66a51d77b768/xfalse/x21/run.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ca2052124407946aaa17a3fbdcc3150773b1194725182325e5ec0ddbadaf6df8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://navitour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 05:11:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38560
x-xss-protection: 0
last-modified: Thu, 23 Mar 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 23 Mar 2023 05:11:13 GMT

POST
H/1.1 200
OK mget Show response
navitour.com/elasticsearch/ 502 B
1 KB 527ms
527ms XHR
application/json 104.19.241.93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://navitour.com/elasticsearch/mget
Requested by: Host: navitour.com
URL: https://navitour.com/package/run_js/068ead6b4e3c233261e9f7fe627abf6c95878e7e6280ba67e85c66a51d77b768/xfalse/x21/run.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.241.93 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 46dfedcaf83ab503ab6dc5b1b42cf64ef835a55f30a9d346719235f0a6205fbb

Request headers

X-Bubble-Epoch-Name: Epoch: Runmode page fully loaded
X-Bubble-Epoch-ID: 1679548272788x502201636034560900
X-Bubble-Fiber-ID: 1679548273058x193419757477781840
X-Bubble-PL: 1679548272996x3955
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: application/json
Accept: application/json, text/javascript, */*; q=0.01
X-Bubble-R: https://navitour.com/
cache-control: no-cache
Referer: https://navitour.com/
X-Requested-With: XMLHttpRequest
X-Bubble-Breaking-Revision: 5

Response headers

Date: Thu, 23 Mar 2023 05:11:13 GMT
Content-Encoding: br
CF-Cache-Status: DYNAMIC
x-bubble-perf: {"total":33.2,"percents":{"top":{"bubble_cpu":23.5,"block":68.3,"capacity_rl":0,"other_pause":0,"pre_fiber":2.2},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":10.2,"appserver_cache_misses_time":0,"redis":51,"fiber_queue":11.6,"capacity_wait":10}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"derived_cache_attempts":1,"derived_cache_memory_misses":1,"serverjson":3,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":16,"fiber_queue":19,"blocks":18},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":1171147,"derived_build_time_spent":0}}
x-bubble-appname: navitour2
x-powered-by: Express
Transfer-Encoding: chunked
Connection: keep-alive
x-bubble-capacity-used: 0.018 unit-seconds used
Server: cloudflare
x-bubble-request-took: 33
vary: Accept-Encoding
Content-Type: application/json
cache-control: no-cache
CF-RAY: 7ac42c22a88a39d3-FRA
x-bubble-capacity-limit: 0 ms slower

POST
H2 200 csp-report
q.stripe.com/ Frame D4E2 0
640 B 520ms
171ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: navitour.com
URL: https://navitour.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Thu, 23 Mar 2023 05:11:13 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1679548273499764
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame D4E2 0
641 B 517ms
168ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: navitour.com
URL: https://navitour.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Thu, 23 Mar 2023 05:11:13 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1679548273499848
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 m-outer-8cb24ab2d649fd36a488d04d8c457933.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame D4E2 631 B
1 KB 14ms
14ms Script
text/javascript 13.227.219.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.27 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-27.ams54.r.cloudfront.net

Software

Cloudfront /

Resource Hash

250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
date: Thu, 23 Mar 2023 04:32:01 GMT
x-content-type-options: nosniff
via: 1.1 f655cacd0d6f7c5dc935ea687af6f3c0.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 2377
x-cache: Hit from cloudfront
content-length: 631
last-modified: Fri, 17 Mar 2023 00:10:18 GMT
server: Cloudfront
etag: "f8f6a4584135f737b26927596ce6e0a7"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: Nh6znewk1CF18JVp0oGI_9i4QUPxEN5u4k__kiizGoalJ0Qyf1dgcw==

POST
H/1.1 200
OK msearch Show response
navitour.com/elasticsearch/ 10 KB
5 KB 259ms
259ms XHR
application/json 104.19.241.93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://navitour.com/elasticsearch/msearch
Requested by: Host: navitour.com
URL: https://navitour.com/package/run_js/068ead6b4e3c233261e9f7fe627abf6c95878e7e6280ba67e85c66a51d77b768/xfalse/x21/run.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.241.93 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 99a1cfc3996a469f4624e9c4296829d509238a5f2059c946f469a00cfc3e8f92

Request headers

X-Bubble-Epoch-Name: Epoch: Runmode page fully loaded
X-Bubble-Epoch-ID: 1679548272788x502201636034560900
X-Bubble-Fiber-ID: 1679548273121x497921262791012800
X-Bubble-PL: 1679548272996x3955
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: application/json
Accept: application/json, text/javascript, */*; q=0.01
X-Bubble-R: https://navitour.com/
cache-control: no-cache
Referer: https://navitour.com/
X-Requested-With: XMLHttpRequest
X-Bubble-Breaking-Revision: 5

Response headers

Date: Thu, 23 Mar 2023 05:11:13 GMT
Content-Encoding: br
CF-Cache-Status: DYNAMIC
x-bubble-perf: {"total":59.1,"percents":{"top":{"bubble_cpu":16.5,"block":79.6,"capacity_rl":0,"other_pause":0,"pre_fiber":1},"sub":{"pp_userdb":40.6,"pp_wait_userdb":0,"http_request":0,"serverjson":4.4,"appserver_cache_misses_time":0,"redis":25.1,"fiber_queue":5.3,"capacity_wait":9.6}},"counts":{"pp_userdb":1,"http_request":0,"derived_build":0,"derived_cache_attempts":1,"derived_cache_memory_misses":1,"serverjson":4,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":18,"fiber_queue":21,"blocks":20},"misc":{"userdb_results":8,"userdb_data":23949,"spent_time":8458643,"derived_build_time_spent":0}}
x-bubble-appname: navitour2
x-powered-by: Express
Transfer-Encoding: chunked
Connection: keep-alive
x-bubble-capacity-used: 0.13 unit-seconds used
Server: cloudflare
x-bubble-request-took: 59
vary: Accept-Encoding
Content-Type: application/json
cache-control: no-cache
CF-RAY: 7ac42c230dff3638-FRA
x-bubble-capacity-limit: 0 ms slower

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 222 KB
77 KB 25ms
25ms Script
application/javascript 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-4Z4SN42BY5&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c17186d14953c02dc57fb9e13037955303ae8ea2815f45019f158541c6e793a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://navitour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 05:11:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 79202
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 23 Mar 2023 05:11:13 GMT

GET
H2 200 inner.html Show response
m.stripe.network/ Frame AB20 930 B
1 KB 47ms
6ms Document
text/html 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 236
cache-control: max-age=300, public
content-encoding: gzip
content-length: 527
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Thu, 23 Mar 2023 05:11:13 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding, Origin
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 87
x-content-type-options: nosniff
x-request-id: ecd13f98-586a-4f00-901b-b42ef1f5dc42
x-served-by: cache-fra-eddf8230126-FRA
x-timer: S1679548273.178897,VS0,VE0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
252 B 34ms
14ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-4Z4SN42BY5&gtm=45je33k0&_p=1854286580&cid=1716029782.1679548273&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1679548273&sct=1&seg=0&dl=https%3A%2F%2Fnavitour.com%2F&dt=Navitour&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4Z4SN42BY5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://navitour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Mar 2023 05:11:13 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://navitour.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET v2.js
js.hsforms.net/forms/ Frame 7C6E 0
0

GET
H2 200 v2.js Show response
js.hsforms.net/forms/ Frame F72E 509 KB
159 KB 26ms
26ms Script
application/javascript 2606:4700::6811:b649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsforms.net/forms/v2.js

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/v2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b649 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ec5f7597c123181788fd043c205d990937daab3c1565e7df4ba16d47f030c160

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 05:11:13 GMT
x-amz-version-id: 2wXcdIzl9WRVTrxeR26mvDAXbt4ZcTF6
via: 1.1 b77313059f3d50280ced20238b151620.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: IAD12-P3
age: 270
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=forms-embed/static-1.2802/bundles/project-v2.js&cfRay=7ac4258e6932361f-IAD
x-cache: Hit from cloudfront
cache-tag: staticjsapp-forms-embed-v2-web-prod,staticjsapp-prod
content-encoding: br
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 08 Mar 2023 01:33:37 UTC
server: cloudflare
etag: W/"ae0386c025bb39c5f937fe3f182d3e80"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jli5VV8G9k9VrP3YyxCLGMTHBenETtfpOHXPCxFe6XU98E3E1Swwb70nlo3iaHwfDRFB%2FfEl4lhmdk27zM%2FI59sWaVbLsBefFm99UYio5K16Q9dOJ9HNckph5y3Psk%2B2Gy8Zqr3ORId%2BdGVn"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-hs-cache-status: HIT
cache-control: s-maxage=600, max-age=300
cf-ray: 7ac42c238c0835e7-FRA
x-amz-cf-id: eB6P-TzdoM10TStZxYXyEb0UYpcb2COCPXOKrC1dLRaPp3I-4qxmoA==
x-hs-target-asset: forms-embed/static-1.2802/bundles/project-v2.js

POST
H2 200 csp-report
q.stripe.com/ Frame AB20 0
414 B 378ms
170ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: navitour.com
URL: https://navitour.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: application/csp-report

Response headers

x-stripe-bg-intended-route-color: green
pragma: no-cache
date: Thu, 23 Mar 2023 05:11:13 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
server: nginx
cross-origin-opener-policy: same-origin
x-stripe-client-envoy-start-time-us: 1679548273499751
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 1
x-robots-tag: none
content-length: 0
expires: 0

GET
H2 200 out-4.5.42.js Show response
m.stripe.network/ Frame AB20 86 KB
16 KB 7ms
6ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.42.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
date: Thu, 23 Mar 2023 05:11:13 GMT
x-content-type-options: nosniff
content-encoding: gzip
via: 1.1 varnish
age: 113
x-cache: HIT
content-length: 16031
x-request-id: c03776e5-34be-47ba-b9b9-383fa55019e6
x-served-by: cache-fra-eddf8230126-FRA
server: Fastly
x-timer: S1679548273.207039,VS0,VE0
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=utf-8
cache-control: max-age=300, public
accept-ranges: bytes
x-cache-hits: 43

POST
H/1.1 200
OK m Show response
navitour.com/user/ 4 B
1 KB 238ms
223ms XHR
application/json 104.19.241.93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://navitour.com/user/m
Requested by: Host: navitour.com
URL: https://navitour.com/package/run_js/068ead6b4e3c233261e9f7fe627abf6c95878e7e6280ba67e85c66a51d77b768/xfalse/x21/run.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.241.93 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b

Request headers

X-Bubble-Fiber-ID: 1679548273216x953957168658694300
X-Bubble-PL: 1679548272996x3955
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: application/json
Accept: application/json, text/javascript, */*; q=0.01
X-Bubble-R: https://navitour.com/
cache-control: no-cache
Referer: https://navitour.com/
X-Requested-With: XMLHttpRequest
X-Bubble-Breaking-Revision: 5

Response headers

Date: Thu, 23 Mar 2023 05:11:13 GMT
Content-Encoding: br
CF-Cache-Status: DYNAMIC
x-bubble-perf: {"total":15.2,"percents":{"top":{"bubble_cpu":17.1,"block":74.6,"capacity_rl":0,"other_pause":0,"pre_fiber":4.4},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":0,"appserver_cache_misses_time":0,"redis":41.5,"fiber_queue":20.8,"capacity_wait":13.9}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":0,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":8,"fiber_queue":9,"blocks":8},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":390479,"derived_build_time_spent":0}}
x-bubble-appname: navitour2
x-powered-by: Express
Transfer-Encoding: chunked
Connection: keep-alive
x-bubble-capacity-used: 0.006 unit-seconds used
Server: cloudflare
x-bubble-request-took: 15
vary: Accept-Encoding
Content-Type: application/json
cache-control: no-cache
CF-RAY: 7ac42c23bd4239d6-FRA
x-bubble-capacity-limit: 0 ms slower

POST
H2 200 6 Show response
m.stripe.com/ Frame AB20 156 B
631 B 525ms
170ms XHR
application/json 44.233.214.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.42.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.233.214.12 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-233-214-12.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

6a8eab802f82631d9876dc8b70bc49cb86dd8d00e7d4c7a6323475adbae31e86

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: blue
date: Thu, 23 Mar 2023 05:11:13 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1679548273703037
server: nginx
content-type: application/json;charset=utf-8
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1679548273702764
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

GET
H3 200 counters.gif
forms.hsforms.com/embed/v3/ 35 B
393 B 134ms
122ms Image
image/gif 2606:4700::6810:5905
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-DEFINITION_SUCCESS&count=1

Requested by

Host: navitour.com
URL: https://navitour.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5905 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://navitour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 05:11:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
x-hubspot-correlation-id: 364489d6-0b14-434d-982b-65be197d1347
x-trace: 2B563D3D84C91BA0051E21EAD5541D2A487865E234000000000000000000
vary: origin
content-type: image/gif
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-robots-tag: none
cf-ray: 7ac42c242df39bac-FRA
content-length: 35
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK counters.gif
forms-na1.hsforms.com/embed/v3/ 35 B
667 B 152ms
121ms Image
image/gif 2606:4700::6810:5705
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms-na1.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-RENDER_SUCCESS&count=1

Requested by

Host: navitour.com
URL: https://navitour.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5705 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://navitour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Thu, 23 Mar 2023 05:11:13 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
CF-Cache-Status: DYNAMIC
X-HubSpot-Correlation-Id: e7cc36e4-df6a-4e3b-997a-f4add235f687
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 35
Server: cloudflare
X-Trace: 2B15CD60FA9754B2F747C8E8D8C3E91F1F8D31AEFA000000000000000000
Vary: origin
Content-Type: image/gif
Access-Control-Expose-Headers: X-Origin-Hublet
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: false
X-Robots-Tag: none
CF-RAY: 7ac42c248c25698f-FRA

GET
H2 200 https%3A%2F%2Fs3.amazonaws.com%2Fappforest_uf%2Ff1653592355576x714888650445197000%2F220521_Navitour_Seth_0112.jpg
d1muf25xaso8hp.cloudfront.net/ 64 KB
65 KB 180ms
180ms Image
image/jpeg 2600:9000:2240:1400:1c:37e5:3f40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1muf25xaso8hp.cloudfront.net/https%3A%2F%2Fs3.amazonaws.com%2Fappforest_uf%2Ff1653592355576x714888650445197000%2F220521_Navitour_Seth_0112.jpg?w=&h=&auto=compress&dpr=1&fit=max

Requested by

Host: navitour.com
URL: https://navitour.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2240:1400:1c:37e5:3f40:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

imgix /

Resource Hash

0a89308ff758458c75092fad5c4f0651d3289a1114a4debcdaca8848bf028ce5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://navitour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 05:11:13 GMT
via: 1.1 91353a8aba9ab05d79e9678e004043bc.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA60-P1
age: 32797
x-cache: Miss from cloudfront
x-imgix-id: ed90289eeab83b91933d1ffa1da138b65f794ad7
cross-origin-resource-policy: cross-origin
content-length: 65729
x-served-by: cache-sjc10078-SJC, cache-hhn-etou8220030-HHN
x-imgix-render-farm: 01.9544
last-modified: Wed, 22 Mar 2023 20:04:36 GMT
server: imgix
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: pmsDd3inMt7sopEjvA9Q9KBp0QPZ0bmjnJz2-Zjw-rTRxPM-7YzRRQ==

GET
H2 200 https%3A%2F%2Fs3.amazonaws.com%2Fappforest_uf%2Ff1653580718485x213875643625775170%2F7775F53F-E9E4-42C0-B283-2EA73E8C2D1F_1_201_a.jpeg
d1muf25xaso8hp.cloudfront.net/ 8 KB
9 KB 14ms
14ms Image
image/jpeg 2600:9000:2240:1400:1c:37e5:3f40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1muf25xaso8hp.cloudfront.net/https%3A%2F%2Fs3.amazonaws.com%2Fappforest_uf%2Ff1653580718485x213875643625775170%2F7775F53F-E9E4-42C0-B283-2EA73E8C2D1F_1_201_a.jpeg?w=192&h=192&auto=compress&dpr=1&fit=max

Requested by

Host: navitour.com
URL: https://navitour.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2240:1400:1c:37e5:3f40:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

imgix /

Resource Hash

075c61e9ab53ee18454d4a5c97919dd68eb97a816b76ea6817fb4b9e8cfc5935

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://navitour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 05:11:13 GMT
via: 1.1 91353a8aba9ab05d79e9678e004043bc.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA60-P1
age: 59642
x-cache: Miss from cloudfront
x-imgix-id: 69c32e418a29a6d91c07cd1c19f2cee15cd4fc30
cross-origin-resource-policy: cross-origin
content-length: 8387
x-served-by: cache-sjc10035-SJC, cache-hhn-etou8220049-HHN
x-imgix-render-farm: 01.9544
last-modified: Wed, 22 Mar 2023 12:37:11 GMT
server: imgix
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: SxcpNtKFkxn4IPo3MBQEZS8vwG5VWQSSqmBwvUxqldkGMbAMEFjTnQ==

GET
H2 200 https%3A%2F%2Fs3.amazonaws.com%2Fappforest_uf%2Ff1654188331246x181261989774351940%2FAlice%2520headshot%2520by%2520Alba%2520Adventures.jpg
d1muf25xaso8hp.cloudfront.net/ 6 KB
6 KB 178ms
178ms Image
image/jpeg 2600:9000:2240:1400:1c:37e5:3f40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1muf25xaso8hp.cloudfront.net/https%3A%2F%2Fs3.amazonaws.com%2Fappforest_uf%2Ff1654188331246x181261989774351940%2FAlice%2520headshot%2520by%2520Alba%2520Adventures.jpg?w=192&h=192&auto=compress&dpr=1&fit=max

Requested by

Host: navitour.com
URL: https://navitour.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2240:1400:1c:37e5:3f40:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

imgix /

Resource Hash

e0ef64ba89fcf8010b461a95f3b96d1d5cb8c7ddb2b32e81be9bb82c6f3b6d89

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://navitour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 05:11:13 GMT
via: 1.1 91353a8aba9ab05d79e9678e004043bc.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA60-P1
age: 59642
x-cache: Miss from cloudfront
x-imgix-id: eb331553b7c09148f8292f424b5390f971bdb3cc
cross-origin-resource-policy: cross-origin
content-length: 5780
x-served-by: cache-sjc10033-SJC, cache-hhn-etou8220063-HHN
x-imgix-render-farm: 01.9032
last-modified: Wed, 22 Mar 2023 12:37:11 GMT
server: imgix
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: NEyuEeUF3jkdnB9Rmr0z0CuK3mJtVWZiqrYCwOdyK-Wb9ixjK-Rr_Q==

GET
H2 200 https%3A%2F%2Fs3.amazonaws.com%2Fappforest_uf%2Ff1654283998105x425380457005293950%2FPolly%2520Mahoney%2520%2526%2520Kevin%2520Slater.jpg
d1muf25xaso8hp.cloudfront.net/ 8 KB
8 KB 165ms
165ms Image
image/jpeg 2600:9000:2240:1400:1c:37e5:3f40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1muf25xaso8hp.cloudfront.net/https%3A%2F%2Fs3.amazonaws.com%2Fappforest_uf%2Ff1654283998105x425380457005293950%2FPolly%2520Mahoney%2520%2526%2520Kevin%2520Slater.jpg?w=192&h=192&auto=compress&dpr=1&fit=max

Requested by

Host: navitour.com
URL: https://navitour.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2240:1400:1c:37e5:3f40:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

imgix /

Resource Hash

5d24ed5fa72a5d1d99a087f7cc5098a711ef0defd1377b7556125160014e916b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://navitour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 05:11:13 GMT
via: 1.1 91353a8aba9ab05d79e9678e004043bc.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA60-P1
age: 59642
x-cache: Miss from cloudfront
x-imgix-id: e50f5145192ede61131ffe002ccf51117dcaa610
cross-origin-resource-policy: cross-origin
content-length: 7826
x-served-by: cache-sjc10045-SJC, cache-hhn-etou8220063-HHN
x-imgix-render-farm: 01.9544
last-modified: Wed, 22 Mar 2023 12:37:11 GMT
server: imgix
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: osvkR2VSteQFbkpyuYFYXL-jeCYE5zrgp52t4DLajtX_rtPVTxQSLQ==

POST
H/1.1 200
OK bulk_watch Show response
navitour.com/elasticsearch/ 77 B
1 KB 225ms
224ms XHR
application/json 104.19.241.93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://navitour.com/elasticsearch/bulk_watch
Requested by: Host: navitour.com
URL: https://navitour.com/package/run_js/068ead6b4e3c233261e9f7fe627abf6c95878e7e6280ba67e85c66a51d77b768/xfalse/x21/run.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.241.93 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 2a3568d10da2d2dc5dd4852013264c78e542a01ae7507ff4b4d5dbc40818ce59

Request headers

X-Bubble-Fiber-ID: 1679548273593x207802355460185340
X-Bubble-PL: 1679548272996x3955
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: application/json
Accept: application/json, text/javascript, */*; q=0.01
X-Bubble-R: https://navitour.com/
cache-control: no-cache
Referer: https://navitour.com/
X-Requested-With: XMLHttpRequest
X-Bubble-Breaking-Revision: 5

Response headers

Date: Thu, 23 Mar 2023 05:11:13 GMT
Content-Encoding: br
CF-Cache-Status: DYNAMIC
x-bubble-perf: {"total":25.6,"percents":{"top":{"bubble_cpu":22.4,"block":75,"capacity_rl":0,"other_pause":0,"pre_fiber":2.4},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":0,"appserver_cache_misses_time":0,"redis":31.8,"fiber_queue":2.1,"capacity_wait":0}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":0,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":8,"fiber_queue":10,"blocks":9},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":859513,"derived_build_time_spent":0}}
x-bubble-appname: navitour2
x-powered-by: Express
Transfer-Encoding: chunked
Connection: keep-alive
x-bubble-capacity-used: 0.013 unit-seconds used
Server: cloudflare
x-bubble-request-took: 26
vary: Accept-Encoding
Content-Type: application/json
cache-control: no-cache
CF-RAY: 7ac42c25fbb739d3-FRA
x-bubble-capacity-limit: 0 ms slower

GET
H2 200 https%3A%2F%2Fs3.amazonaws.com%2Fappforest_uf%2Ff1653592355576x714888650445197000%2F220521_Navitour_Seth_0112.jpg
d1muf25xaso8hp.cloudfront.net/ 4 KB
5 KB 165ms
164ms Image
image/jpeg 2600:9000:2240:1400:1c:37e5:3f40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1muf25xaso8hp.cloudfront.net/https%3A%2F%2Fs3.amazonaws.com%2Fappforest_uf%2Ff1653592355576x714888650445197000%2F220521_Navitour_Seth_0112.jpg?w=192&h=192&auto=compress&dpr=1&fit=max

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2240:1400:1c:37e5:3f40:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

imgix /

Resource Hash

14c35e55b5c3180816acea9d8154697174d867e382545b42275f41674a6af944

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://navitour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 05:11:13 GMT
via: 1.1 91353a8aba9ab05d79e9678e004043bc.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA60-P1
age: 59642
x-cache: Miss from cloudfront
x-imgix-id: f4fc94742350ad0f42efcd8d58b456b12c494290
cross-origin-resource-policy: cross-origin
content-length: 4140
x-served-by: cache-sjc10072-SJC, cache-hhn-etou8220061-HHN
x-imgix-render-farm: 01.9032
last-modified: Wed, 22 Mar 2023 12:37:12 GMT
server: imgix
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: G-RbmGe6zYkmJIDD9-26W6sEFn84isrme8qLuuxvGzlEFSGryVhDTw==

GET
H2 200 https%3A%2F%2Fs3.amazonaws.com%2Fappforest_uf%2Ff1653592355576x714888650445197000%2F220521_Navitour_Seth_0112.jpg
d1muf25xaso8hp.cloudfront.net/ 4 KB
5 KB 11ms
11ms Image
image/jpeg 2600:9000:2240:1400:1c:37e5:3f40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1muf25xaso8hp.cloudfront.net/https%3A%2F%2Fs3.amazonaws.com%2Fappforest_uf%2Ff1653592355576x714888650445197000%2F220521_Navitour_Seth_0112.jpg?w=192&h=192&auto=compress&dpr=1&fit=max

Requested by

Host: navitour.com
URL: https://navitour.com/package/run_js/068ead6b4e3c233261e9f7fe627abf6c95878e7e6280ba67e85c66a51d77b768/xfalse/x21/run.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2240:1400:1c:37e5:3f40:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

imgix /

Resource Hash

14c35e55b5c3180816acea9d8154697174d867e382545b42275f41674a6af944

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://navitour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 05:11:13 GMT
via: 1.1 91353a8aba9ab05d79e9678e004043bc.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA60-P1
x-cache: Hit from cloudfront
x-imgix-id: f4fc94742350ad0f42efcd8d58b456b12c494290
cross-origin-resource-policy: cross-origin
content-length: 4140
x-served-by: cache-sjc10072-SJC, cache-hhn-etou8220061-HHN
x-imgix-render-farm: 01.9032
last-modified: Wed, 22 Mar 2023 12:37:12 GMT
server: imgix
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: D6Zz7jH2UNCouie-nyC8rKOqtUoE4qflwVV90-rrq-PPZnhvwFWW7g==

POST
H/1.1 200
OK apm Show response
navitour.com/user/ 4 B
1 KB 234ms
233ms XHR
application/json 104.19.241.93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://navitour.com/user/apm
Requested by: Host: navitour.com
URL: https://navitour.com/package/run_js/068ead6b4e3c233261e9f7fe627abf6c95878e7e6280ba67e85c66a51d77b768/xfalse/x21/run.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.241.93 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b

Request headers

X-Bubble-Fiber-ID: 1679548274660x209407001393925980
X-Bubble-PL: 1679548272996x3955
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: application/json
Accept: application/json, text/javascript, */*; q=0.01
X-Bubble-R: https://navitour.com/
cache-control: no-cache
Referer: https://navitour.com/
X-Requested-With: XMLHttpRequest
X-Bubble-Breaking-Revision: 5

Response headers

Date: Thu, 23 Mar 2023 05:11:14 GMT
Content-Encoding: br
CF-Cache-Status: DYNAMIC
x-bubble-perf: {"total":12.1,"percents":{"top":{"bubble_cpu":28.3,"block":65,"capacity_rl":0,"other_pause":0,"pre_fiber":5.5},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":0,"appserver_cache_misses_time":0,"redis":50.8,"fiber_queue":5.1,"capacity_wait":10.7}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":0,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":6,"fiber_queue":7,"blocks":6},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":513196,"derived_build_time_spent":0}}
x-bubble-appname: navitour2
x-powered-by: Express
Transfer-Encoding: chunked
Connection: keep-alive
x-bubble-capacity-used: 0.008 unit-seconds used
Server: cloudflare
x-bubble-request-took: 12
vary: Accept-Encoding
Content-Type: application/json
cache-control: no-cache
CF-RAY: 7ac42c2caa1139d3-FRA
x-bubble-capacity-limit: 0 ms slower

POST
H/1.1 200
OK frg Show response
navitour.com/ 4 B
1 KB 221ms
220ms XHR
application/json 104.19.241.93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://navitour.com/frg
Requested by: Host: navitour.com
URL: https://navitour.com/package/run_js/068ead6b4e3c233261e9f7fe627abf6c95878e7e6280ba67e85c66a51d77b768/xfalse/x21/run.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.241.93 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

X-Bubble-Fiber-ID: 1679548276217x873230318530923100
X-Bubble-PL: 1679548272996x3955
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: application/json
Accept: application/json, text/javascript, */*; q=0.01
X-Bubble-R: https://navitour.com/
cache-control: no-cache
Referer: https://navitour.com/
X-Requested-With: XMLHttpRequest
X-Bubble-Breaking-Revision: 5

Response headers

Date: Thu, 23 Mar 2023 05:11:16 GMT
Content-Encoding: br
CF-Cache-Status: DYNAMIC
x-bubble-perf: {"total":19,"percents":{"top":{"bubble_cpu":17.3,"block":79.2,"capacity_rl":0,"other_pause":0,"pre_fiber":3.8},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":0,"appserver_cache_misses_time":0,"redis":47.3,"fiber_queue":20.8,"capacity_wait":13}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":0,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":9,"fiber_queue":10,"blocks":9},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":492996,"derived_build_time_spent":0}}
x-bubble-appname: navitour2
x-powered-by: Express
Transfer-Encoding: chunked
Connection: keep-alive
x-bubble-capacity-used: 0.008 unit-seconds used
Server: cloudflare
x-bubble-request-took: 19
vary: Accept-Encoding
Content-Type: application/json
cache-control: no-cache
CF-RAY: 7ac42c365b9939d3-FRA
x-bubble-capacity-limit: 0 ms slower

POST
H/1.1 200
OK frg Show response
navitour.com/ 4 B
1 KB 720ms
719ms XHR
application/json 104.19.241.93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://navitour.com/frg
Requested by: Host: navitour.com
URL: https://navitour.com/package/run_js/068ead6b4e3c233261e9f7fe627abf6c95878e7e6280ba67e85c66a51d77b768/xfalse/x21/run.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.241.93 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b

Request headers

X-Bubble-Fiber-ID: 1679548276445x583449661402867100
X-Bubble-PL: 1679548272996x3955
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: application/json
Accept: application/json, text/javascript, */*; q=0.01
X-Bubble-R: https://navitour.com/
cache-control: no-cache
Referer: https://navitour.com/
X-Requested-With: XMLHttpRequest
X-Bubble-Breaking-Revision: 5

Response headers

Date: Thu, 23 Mar 2023 05:11:17 GMT
Content-Encoding: br
CF-Cache-Status: DYNAMIC
x-bubble-perf: {"total":448.7,"percents":{"top":{"bubble_cpu":2.5,"block":96,"capacity_rl":0,"other_pause":0,"pre_fiber":1.5},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":0.8,"appserver_cache_misses_time":0,"redis":3,"fiber_queue":0.2,"capacity_wait":0}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"derived_cache_attempts":1,"derived_cache_memory_misses":1,"serverjson":3,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":12,"fiber_queue":18,"blocks":17},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":1679510,"derived_build_time_spent":0}}
x-bubble-appname: navitour2
x-powered-by: Express
Transfer-Encoding: chunked
Connection: keep-alive
x-bubble-capacity-used: 0.026 unit-seconds used
Server: cloudflare
x-bubble-request-took: 448
vary: Accept-Encoding
Content-Type: application/json
cache-control: no-cache
CF-RAY: 7ac42c37dd3d39d3-FRA
x-bubble-capacity-limit: 0 ms slower

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: js.hsforms.net
URL: https://js.hsforms.net/forms/v2.js

Verdicts & Comments Add Verdict or Comment

75 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.navitour.com/	1970-01-20 10:36:47	Name: navitour2_live_u2main Value: 1679548271772x827068214152816900
.navitour.com/	1970-01-20 10:36:47	Name: navitour2_live_u2main.sig Value: 7PhiBUuIwFIeBUQUfYmvUtWvwlw
.navitour.com/	1969-12-31 23:59:59	Name: navitour2_u1main Value: 1679548271744x442749458595019140
.navitour.com/	1970-01-20 20:08:28	Name: _ga_4Z4SN42BY5 Value: GS1.1.1679548273.1.0.1679548273.0.0.0
.navitour.com/	1970-01-20 20:08:28	Name: _ga Value: GA1.1.1716029782.1679548273
m.stripe.com/	1970-01-20 20:08:28	Name: m Value: 9c5cbc1b-f2f0-415c-80bf-8d455690024c809cfb
.navitour.com/	1970-01-20 19:18:04	Name: __stripe_mid Value: f52827b4-f9d8-4e2b-9f90-373395de266fea4671
.navitour.com/	1970-01-20 10:32:30	Name: __stripe_sid Value: c2c0e1ec-2ef6-4aed-85f1-6b5e93cf483cc8acf1

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://js.hs-scripts.com/.js Message: Failed to load resource: the server responded with a status of 404 ()
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
d1muf25xaso8hp.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
forms-na1.hsforms.com
forms.hsforms.com
js.hs-scripts.com
js.hsforms.net
js.stripe.com
m.stripe.com
m.stripe.network
navitour.com
navitour2.cdn.bubble.io
q.stripe.com
region1.google-analytics.com
www.googletagmanager.com
js.hsforms.net
104.19.240.93
104.19.241.93
13.227.219.27
151.101.192.176
2001:4860:4802:34::36
2600:9000:2240:1400:1c:37e5:3f40:21
2606:4700::6810:5705
2606:4700::6810:5905
2606:4700::6811:180e
2606:4700::6811:b649
2606:4700::6811:d3cc
2a00:1450:4001:803::2008
2a00:1450:4001:810::200a
2a00:1450:4001:813::2003
44.233.214.12
54.186.23.98
043a8844b1ebc482c59bd265868738ef1c8558358c9b961f7ffefce63a8be5bd
075c61e9ab53ee18454d4a5c97919dd68eb97a816b76ea6817fb4b9e8cfc5935
0a89308ff758458c75092fad5c4f0651d3289a1114a4debcdaca8848bf028ce5
0e9e1ea183330bc2372132f0e3b1927bd92c205088481454b0032fde8b36514a
14888b428c635116be31ff7b8fa0de59360cb5c2e2eb33a410cbb9f5f1538861
14c35e55b5c3180816acea9d8154697174d867e382545b42275f41674a6af944
1f132510bc7b665bbe5fb9227b0d2daafa5513296a72f88f88d38179eded9277
250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6
2a3568d10da2d2dc5dd4852013264c78e542a01ae7507ff4b4d5dbc40818ce59
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b14e8397d552f351a4396dec25ec5da1348865683100e94c4ab0faea4a9a254
2ccb0349c8c64eb3ab7cefd86f6cf034db7ee0571665d8cbf56df6ba9aaa8c61
347429110f775e5254a03afd2471a95a6ae90a15c0a2ab4aa90a81e0afde5eb9
422b69dff0faf2526d11acf8d1769d5cad82595a256b47b6b73abfa2e5cbe42f
46dfedcaf83ab503ab6dc5b1b42cf64ef835a55f30a9d346719235f0a6205fbb
51d0115090b2cfd0cb581cbf62ee79bb94fdcb3f9c2432d39d3adacd8888ccef
5c8166f1d8450d6e71b9fe6a046bea917730e90dcbbc7525fb8a0cd9da5b14d7
5d24ed5fa72a5d1d99a087f7cc5098a711ef0defd1377b7556125160014e916b
5e99240e0f704678d97c9bfdd715672b2dd5d6c507a1f2197babeec2577039bf
65a47caa5183b035bf78d0f93adbe5cea500333410259c54abf2de356740df7e
67066dcb9b628d2e57ddb81eb7846598e9fdc4821dd0a8679a17f5d0b28e48c5
6a8eab802f82631d9876dc8b70bc49cb86dd8d00e7d4c7a6323475adbae31e86
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b
7619bd478a6018074496dfd9f019ca93d7ec684b6a4b3d75bb4f85c022171f2e
7c0597b1b0c771139c958982210f05b275993037f0f3ba20d7a9300a0741dc80
7c9c80a6c32c0619d61c28f28723e68c5f8f75163e77ee5cf64c39e640e0d71e
7d94621c23e99f7b86f592bb9f39fbbc5d6faf4f512412973bc70fa12cdb092c
7e8cffebf657a8666ef465efe726c144818fea84fe227e45caf5cc70766c1d75
8d5c203eb128c487f6e9edd8230fd5e4fdaa49ea9e2cbd307f129f261942ec23
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
9886bbffac41055eba891fab2928c8c9700fafba0f28f0e6914b088ad7163d7e
99a1cfc3996a469f4624e9c4296829d509238a5f2059c946f469a00cfc3e8f92
a545503398e200db1c73616e87979849673d680574cfb89da367e4b34a10a202
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
c17186d14953c02dc57fb9e13037955303ae8ea2815f45019f158541c6e793a6
c2d77b9ca1062b537954a1beeef29e3ddce0b36dbbf5e064586898899b5c258a
c3aca950c45136f5df0b468589f1cb94c34e8fa8af2d4ca6221d7a425bd5dae1
ca2052124407946aaa17a3fbdcc3150773b1194725182325e5ec0ddbadaf6df8
cc222ec9d7c6844c0982e96cdb1c496f5fb0b281b9b9151959ee312ffbc95190
e0ef64ba89fcf8010b461a95f3b96d1d5cb8c7ddb2b32e81be9bb82c6f3b6d89
e248f14e45b99729af09bf2621131c31622ad176ec4eefb2398b3eb4694f5d04
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4d8e3e14a9bf6a8682e8c2d5ab98022e2ece4463d35f6e14a5e830203a2a1a8
ec5f7597c123181788fd043c205d990937daab3c1565e7df4ba16d47f030c160
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
f9bfb04a18c8be687fadacd7f67647b65113ee8d1aabcb0f410eac21681fa7ef

navitour.com Open in urlscan Pro 104.19.241.93 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

60 Requests

98 %HTTPS

63 %IPv6

13 Domains

16 Subdomains

16 IPs

3 Countries

2065 kBTransfer

7347 kBSize

8 Cookies

2 Outgoing links

Page URL History

Redirected requests

60 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

navitour.com Open in urlscan Pro
104.19.241.93 Public Scan

Screenshot
Live screenshot

Full Image

60
Requests

98 %
HTTPS

63 %
IPv6

13
Domains

16
Subdomains

16
IPs

3
Countries

2065 kB
Transfer

7347 kB
Size

8
Cookies

60 HTTP transactions
1 data transactions