URL: https://no.yourtripagent.com/
Submission: On December 21 via api from US

Summary

This website contacted 25 IPs in 8 countries across 24 domains to perform 117 HTTP transactions. The main IP is 2606:4700:30::681b:82be, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is no.yourtripagent.com.
TLS certificate: Issued by COMODO ECC Domain Validation Secure S... on November 19th 2019. Valid for: 6 months.
This is the only time no.yourtripagent.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
31 2606:4700:30:... 13335 (CLOUDFLAR...)
8 2a00:1450:400... 15169 (GOOGLE)
3 2600:9000:214... 16509 (AMAZON-02)
4 23.210.248.44 16625 (AKAMAI-AS)
1 167.71.72.151 14061 (DIGITALOC...)
4 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700:30:... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2.18.235.40 16625 (AKAMAI-AS)
1 2 88.212.201.216 39134 (UNITEDNET)
1 5 2a02:6b8::1:119 13238 (YANDEX)
8 216.58.207.66 15169 (GOOGLE)
12 2a00:1450:400... 15169 (GOOGLE)
11 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 4 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2.18.234.21 16625 (AKAMAI-AS)
2 185.33.223.206 29990 (ASN-APPNEXUS)
2 37.157.6.247 198622 (ADFORM)
1 185.86.138.121 201081 (SMARTADSE...)
1 185.184.8.30 204995 (RTB-HOUSE...)
4 144.76.86.4 24940 (HETZNER-AS)
117 25
Domain Requested by
30 www.yourtripagent.com no.yourtripagent.com
s7.addthis.com
12 tpc.googlesyndication.com securepubads.g.doubleclick.net
no.yourtripagent.com
cdn.ampproject.org
11 cdn.ampproject.org securepubads.g.doubleclick.net
8 securepubads.g.doubleclick.net get.optad360.io
securepubads.g.doubleclick.net
no.yourtripagent.com
5 mc.yandex.ru 1 redirects no.yourtripagent.com
4 serving.stat-rock.com get.optad360.io
serving.stat-rock.com
4 www.google.com 2 redirects no.yourtripagent.com
4 googleads.g.doubleclick.net pagead2.googlesyndication.com
no.yourtripagent.com
4 cdn.jsdelivr.net no.yourtripagent.com
get.optad360.io
4 pagead2.googlesyndication.com no.yourtripagent.com
pagead2.googlesyndication.com
3 s7.addthis.com no.yourtripagent.com
s7.addthis.com
3 get.optad360.io no.yourtripagent.com
get.optad360.io
2 adx.adform.net get.optad360.io
2 ib.adnxs.com get.optad360.io
2 fonts.gstatic.com no.yourtripagent.com
2 counter.yadro.ru 1 redirects no.yourtripagent.com
1 prebid-eu.creativecdn.com get.optad360.io
1 prg.smartadserver.com get.optad360.io
1 as-sec.casalemedia.com get.optad360.io
1 fonts.googleapis.com securepubads.g.doubleclick.net
1 v1.addthisedge.com s7.addthis.com
1 z.moatads.com s7.addthis.com
1 www.googletagservices.com pagead2.googlesyndication.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 disgust.top no.yourtripagent.com
1 netspooke3.biz no.yourtripagent.com
1 no.yourtripagent.com
117 28

This site contains links to these domains. Also see Links.

Domain
www.cookiesandyou.com
de.yourtripagent.com
Subject Issuer Validity Valid
sni56613.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2
2019-11-19 -
2020-05-27
6 months crt.sh
*.g.doubleclick.net
GTS CA 1O1
2019-12-03 -
2020-02-25
3 months crt.sh
*.optad360.io
Amazon
2019-02-13 -
2020-03-13
a year crt.sh
odc-prod-01.oracle.com
DigiCert SHA2 Secure Server CA
2019-10-10 -
2020-09-04
a year crt.sh
netspooke3.biz
Let's Encrypt Authority X3
2019-11-27 -
2020-02-25
3 months crt.sh
ssl363648.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2
2019-09-14 -
2020-03-22
6 months crt.sh
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2
2019-11-06 -
2020-10-09
a year crt.sh
*.google.com
GTS CA 1O1
2019-12-03 -
2020-02-25
3 months crt.sh
moatads.com
DigiCert ECC Secure Server CA
2018-11-10 -
2020-02-09
a year crt.sh
counter.yadro.ru
COMODO ECC Domain Validation Secure Server CA
2018-04-09 -
2020-04-08
2 years crt.sh
mc.yandex.ru
Yandex CA
2019-09-23 -
2020-09-22
a year crt.sh
tpc.googlesyndication.com
GTS CA 1O1
2019-12-03 -
2020-02-25
3 months crt.sh
misc-sni.google.com
GTS CA 1O1
2019-12-03 -
2020-02-25
3 months crt.sh
*.storage.googleapis.com
GTS CA 1O1
2019-12-03 -
2020-02-25
3 months crt.sh
www.google.com
GTS CA 1O1
2019-12-03 -
2020-02-25
3 months crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018
2019-07-17 -
2020-03-09
8 months crt.sh
*.adnxs.com
DigiCert ECC Secure Server CA
2019-01-23 -
2021-03-08
2 years crt.sh
track.adform.net
DigiCert SHA2 Secure Server CA
2019-09-16 -
2021-09-20
2 years crt.sh
*.smartadserver.com
Thawte RSA CA 2018
2018-09-07 -
2020-02-17
a year crt.sh
*.creativecdn.com
RapidSSL RSA CA 2018
2019-01-11 -
2021-04-11
2 years crt.sh
serving.stat-rock.com
Let's Encrypt Authority X3
2019-12-01 -
2020-02-29
3 months crt.sh

This page contains 6 frames:

Primary Page: https://no.yourtripagent.com/
Frame ID: 749A258C15897DD17ED3900704223457
Requests: 83 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20191205/r20190131/zrt_lookup.html
Frame ID: 200B73847548EBD9085C06C0E5B4CBB5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6909770216530819&output=html&adk=1812271804&adf=3025194257&lmt=1576889993&plat=1%3A32776%2C2%3A32776%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C30%3A1081344%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fno.yourtripagent.com%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1576889993151&bpp=13&bdt=33&fdt=56&idt=56&shv=r20191205&cbv=r20190131&saldr=aa&abxe=1&nras=1&correlator=6746888851798&frm=20&pv=2&ga_vid=244913437.1576889993&ga_sid=1576889993&ga_hid=1567068621&ga_fc=0&iag=0&icsg=2720&dssz=7&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065126%2C20040011&oid=3&pvsid=48726251179107&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=31&ifi=0&uci=a!0&fsb=1&dtd=73
Frame ID: B0A8DC7F3D4C0E9DEDFAF750C4CCD490
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/011912050130240/amp4ads-v0.js
Frame ID: B6EC5BF14854F14597734A9D61D04C5D
Requests: 18 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/211912120230490/amp4ads-v0.js
Frame ID: DA0C6859EE7D9AE6190B7E064BABE899
Requests: 16 HTTP requests in this frame

Frame: data://truncated
Frame ID: A5554598AFAE54BCDF09E04EA1BF1648
Requests: 7 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i

Page Statistics

117
Requests

92 %
HTTPS

54 %
IPv6

24
Domains

28
Subdomains

25
IPs

8
Countries

2419 kB
Transfer

4955 kB
Size

8
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 48
  • https://counter.yadro.ru/hit?r;s1600*1200*24;uhttps%3A//no.yourtripagent.com/;0.20748918476867284 HTTP 302
  • https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//no.yourtripagent.com/;0.20748918476867284
Request Chain 59
  • https://mc.yandex.ru/watch/54055402?wmode=7&page-url=https%3A%2F%2Fno.yourtripagent.com%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1576889991991%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Az%3A60%3Ai%3A20191221015953%3Aet%3A1576889994%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A889504871%3Ahid%3A188229536%3Ads%3A30%2C53%2C1040%2C0%2C1%2C0%2C0%2C186%2C21%2C%2C%2C%2C1312%3Afp%3A1344%3Agdpr%3A14%3Av%3A1787%3Awv%3A2%3Ast%3A1576889994%3Au%3A1576889994539054576%3At%3AReiser%20Med%20R%C3%A5d%2C%20Tips%2C%20Inspirasjon%20For%20Reisende%20-%202019 HTTP 302
  • https://mc.yandex.ru/watch/54055402/1?wmode=7&page-url=https%3A%2F%2Fno.yourtripagent.com%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1576889991991%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Az%3A60%3Ai%3A20191221015953%3Aet%3A1576889994%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A889504871%3Ahid%3A188229536%3Ads%3A30%2C53%2C1040%2C0%2C1%2C0%2C0%2C186%2C21%2C%2C%2C%2C1312%3Afp%3A1344%3Agdpr%3A14%3Av%3A1787%3Awv%3A2%3Ast%3A1576889994%3Au%3A1576889994539054576%3At%3AReiser%20Med%20R%C3%A5d%2C%20Tips%2C%20Inspirasjon%20For%20Reisende%20-%202019
Request Chain 87
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 101
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si

117 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
no.yourtripagent.com/
23 KB
5 KB
Document
General
Full URL
https://no.yourtripagent.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:82be , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / PHP/7.1.20
Resource Hash
cd64397beed6b723fc13f6936e0ab276f0e8c804d08fa24a18e79e2484336547

Request headers

:method
GET
:authority
no.yourtripagent.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-user
?1
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
none
sec-fetch-mode
navigate
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-User
?1

Response headers

status
200
date
Sat, 21 Dec 2019 00:59:53 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=de4742bc42fc73865a61eb5d9fbb180641576889992; expires=Mon, 20-Jan-20 00:59:52 GMT; path=/; domain=.yourtripagent.com; HttpOnly; SameSite=Lax; Secure
x-powered-by
PHP/7.1.20
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
5485ea728f8bcbbc-VIE
content-encoding
br
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
104 KB
37 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: no.yourtripagent.com
URL: https://no.yourtripagent.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
68bcdec2fdc6ce23468b97a8c39a3f9eb86233e03be5072bf3b438ac1433714d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://no.yourtripagent.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 21 Dec 2019 00:59:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
37933
x-xss-protection
0
server
cafe
etag
2924851815849280674
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 21 Dec 2019 00:59:53 GMT
indexm.css
www.yourtripagent.com/template/template/css/
114 KB
14 KB
Stylesheet
General
Full URL
https://www.yourtripagent.com/template/template/css/indexm.css
Requested by
Host: no.yourtripagent.com
URL: https://no.yourtripagent.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:82be , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
de86051bb696ad85a77ddb6edf16fc6a51794ea3ac3e3599623da3822cd3ff77

Request headers

Referer
https://no.yourtripagent.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 21 Dec 2019 00:59:53 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 02 Oct 2018 14:31:56 GMT
server
cloudflare
etag
W/"5bb3815c-1c9e1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=315360000
cf-ray
5485ea7938b9cbbc-VIE
expires
Thu, 31 Dec 2037 23:55:55 GMT
plugin.min.js
get.optad360.io/sf/3ff9a226-acf3-494c-bc19-38c88c7fb08e/
178 KB
51 KB
Script
General
Full URL
https://get.optad360.io/sf/3ff9a226-acf3-494c-bc19-38c88c7fb08e/plugin.min.js
Requested by
Host: no.yourtripagent.com
URL: https://no.yourtripagent.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:214f:8600:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e078d3b9c943b8ef953ed9597c27bdaf2988ca3821b80269653f0ed8b23992df

Request headers

Referer
https://no.yourtripagent.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 20 Dec 2019 14:49:51 GMT
content-encoding
gzip
last-modified
Fri, 20 Dec 2019 14:03:43 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
status
200
cache-control
public, max-age=3600
x-amz-cf-id
_76TGOwxDOFZPdZkmXdZs4W2I2hqYaWY_3K1PwJU5P5Wsa_Zri_SbQ==
via
1.1 61adf71a363fe0f836dc69dbb43de824.cloudfront.net (CloudFront)
logo.png
www.yourtripagent.com/template/template/img/
5 KB
5 KB
Image
General
Full URL
https://www.yourtripagent.com/template/template/img/logo.png
Requested by
Host: no.yourtripagent.com
URL: https://no.yourtripagent.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:82be , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b40f4ce40ca7f75e59a83ab8b9f5f342c398e5eb7ef531b5ce9dd7c336ffe466

Request headers

Referer
https://no.yourtripagent.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 21 Dec 2019 00:59:53 GMT
cf-cache-status
HIT
last-modified
Wed, 02 May 2018 09:19:14 GMT
server
cloudflare
age
4536914
etag
"5ae98292-1523"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
5485ea798926cbbc-VIE
content-length
5411
expires
Thu, 31 Dec 2037 23:55:55 GMT
top-10-restaurants-in-portsmouth-new-hampshire-4.jpg
www.yourtripagent.com/img/usa-2018/
19 KB
19 KB
Image
General
Full URL
https://www.yourtripagent.com/img/usa-2018/top-10-restaurants-in-portsmouth-new-hampshire-4.jpg
Requested by
Host: no.yourtripagent.com
URL: https://no.yourtripagent.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:82be , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
4cb6e83e8e51f4d6ad9d06d65e164ab14010f67c611f644fa23abbeac7fcab2a

Request headers

Referer
https://no.yourtripagent.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 21 Dec 2019 00:59:53 GMT
cf-cache-status
MISS
last-modified
Sat, 09 Jun 2018 17:36:50 GMT
server
cloudflare
etag
"5b1c1032-4a27"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
5485ea798929cbbc-VIE
content-length
18983
expires
Thu, 31 Dec 2037 23:55:55 GMT
what-is-caganer-defecating-catalan-christmas-figurine-4.jpg
www.yourtripagent.com/img/europe-2018/
39 KB
39 KB
Image
General
Full URL
https://www.yourtripagent.com/img/europe-2018/what-is-caganer-defecating-catalan-christmas-figurine-4.jpg
Requested by
Host: no.yourtripagent.com
URL: https://no.yourtripagent.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:82be , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
afb6556a3c0f34af178a01abc2cabedccf78df1a4985918765dcc8047ac84963

Request headers

Referer
https://no.yourtripagent.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 21 Dec 2019 00:59:53 GMT
cf-cache-status
MISS
last-modified
Sat, 09 Jun 2018 17:30:20 GMT
server
cloudflare
etag
"5b1c0eac-9c1e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
5485ea79892bcbbc-VIE
content-length
39966
expires
Thu, 31 Dec 2037 23:55:55 GMT
5-creepy-haunted-places-in-san-francisco-5.jpg
www.yourtripagent.com/img/usa-2018/
11 KB
11 KB
Image
General
Full URL
https://www.yourtripagent.com/img/usa-2018/5-creepy-haunted-places-in-san-francisco-5.jpg
Requested by
Host: no.yourtripagent.com
URL: https://no.yourtripagent.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:82be , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
20c828228ba8886fc8c55ea15367ccdc5c2e14a10dedf12a2a9f8b13be17bf0d

Request headers

Referer
https://no.yourtripagent.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 21 Dec 2019 00:59:53 GMT
cf-cache-status
MISS
last-modified
Sat, 09 Jun 2018 18:22:28 GMT
server
cloudflare
etag
"5b1c1ae4-2d63"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
5485ea79892dcbbc-VIE
content-length
11619
expires
Thu, 31 Dec 2037 23:55:55 GMT
most-beautiful-beaches-in-taiwan-14.jpg
www.yourtripagent.com/img/asia-2018/
36 KB
36 KB
Image
General
Full URL
https://www.yourtripagent.com/img/asia-2018/most-beautiful-beaches-in-taiwan-14.jpg
Requested by
Host: no.yourtripagent.com
URL: https://no.yourtripagent.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:82be , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e5540d82c7049d035194d3bec436cf46428bec5a8c9a22218aa5958e7b6a9950

Request headers

Referer
https://no.yourtripagent.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 21 Dec 2019 00:59:53 GMT
cf-cache-status
HIT
last-modified
Sat, 09 Jun 2018 17:43:46 GMT
server
cloudflare
age
114089
etag
"5b1c11d2-8f93"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
5485ea79892ecbbc-VIE
content-length
36755
expires
Thu, 31 Dec 2037 23:55:55 GMT
10-most-beautiful-towns-in-california-9.jpg
www.yourtripagent.com/img/usa-2018/
27 KB
27 KB
Image
General
Full URL
https://www.yourtripagent.com/img/usa-2018/10-most-beautiful-towns-in-california-9.jpg
Requested by
Host: no.yourtripagent.com
URL: https://no.yourtripagent.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:82be , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
249f5eb97aa74fbf0915e6c93001b9359268905777debf6cb87c6af7c7104d5a

Request headers

Referer
https://no.yourtripagent.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 21 Dec 2019 00:59:53 GMT
cf-cache-status
MISS
last-modified
Sat, 09 Jun 2018 18:09:40 GMT
server
cloudflare
etag
"5b1c17e4-6ba2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
5485ea799960cbbc-VIE
content-length
27554
expires
Thu, 31 Dec 2037 23:55:55 GMT
escape-to-best-beaches-in-virginia-beach-6.jpg
www.yourtripagent.com/img/usa-2018/
14 KB
15 KB
Image
General
Full URL
https://www.yourtripagent.com/img/usa-2018/escape-to-best-beaches-in-virginia-beach-6.jpg
Requested by
Host: no.yourtripagent.com
URL: https://no.yourtripagent.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:82be , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
5eea15228cf1c875fbe630e70a73c7326ae4daa21e240613ee5c35482194ca85

Request headers

Referer
https://no.yourtripagent.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 21 Dec 2019 00:59:53 GMT
cf-cache-status
MISS
last-modified
Sat, 09 Jun 2018 17:47:28 GMT
server
cloudflare
etag
"5b1c12b0-39f3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
5485ea79a967cbbc-VIE
content-length
14835
expires
Thu, 31 Dec 2037 23:55:55 GMT
most-beautiful-parks-in-amsterdam-9.jpg
www.yourtripagent.com/img/europe-2018/
25 KB
25 KB
Image
General
Full URL
https://www.yourtripagent.com/img/europe-2018/most-beautiful-parks-in-amsterdam-9.jpg
Requested by
Host: no.yourtripagent.com
URL: https://no.yourtripagent.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:82be , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
05e90bf91c45c58f32d35f3f577a3c27d60e90658a07ce07caeeaa26670eefbf

Request headers

Referer
https://no.yourtripagent.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 21 Dec 2019 00:59:53 GMT
cf-cache-status
MISS
last-modified
Sat, 09 Jun 2018 17:43:28 GMT
server
cloudflare
etag
"5b1c11c0-6255"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
5485ea79c996cbbc-VIE
content-length
25173
expires
Thu, 31 Dec 2037 23:55:55 GMT
why-are-so-many-people-playing-with-slime-on-instagram.jpg
www.yourtripagent.com/img/united-kingdom-2018/
16 KB
16 KB
Image
General
Full URL
https://www.yourtripagent.com/img/united-kingdom-2018/why-are-so-many-people-playing-with-slime-on-instagram.jpg
Requested by
Host: no.yourtripagent.com
URL: https://no.yourtripagent.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:82be , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
843ff5913271a173687f36c3c429f04dd2967e492d447ef7623775b50d3661e7

Request headers

Referer
https://no.yourtripagent.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 21 Dec 2019 00:59:53 GMT
cf-cache-status
MISS
last-modified
Sat, 09 Jun 2018 17:29:24 GMT
server
cloudflare
etag
"5b1c0e74-403e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
5485ea79d9cecbbc-VIE
content-length
16446
expires
Thu, 31 Dec 2037 23:55:55 GMT
yiannis-ritsos-5-classic-greek-poems-you-should-read-6.png
www.yourtripagent.com/img/europe-2018/
77 KB
77 KB
Image
General
Full URL
https://www.yourtripagent.com/img/europe-2018/yiannis-ritsos-5-classic-greek-poems-you-should-read-6.png
Requested by
Host: no.yourtripagent.com
URL: https://no.yourtripagent.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:82be , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
15a92a7811588cdce3450b618f9084a5c07d6d1441e45eb03adf7bc765f5b6ca

Request headers

Referer
https://no.yourtripagent.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 21 Dec 2019 00:59:53 GMT
cf-cache-status
MISS
last-modified
Sat, 09 Jun 2018 17:28:58 GMT
server
cloudflare
etag
"5b1c0e5a-1330b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
5485ea79e9eacbbc-VIE
content-length
78603
expires
Thu, 31 Dec 2037 23:55:55 GMT
10-must-see-contemporary-art-galleries-in-dubai-6.jpg
www.yourtripagent.com/img/middle-east-2018/
47 KB
48 KB
Image
General
Full URL
https://www.yourtripagent.com/img/middle-east-2018/10-must-see-contemporary-art-galleries-in-dubai-6.jpg
Requested by
Host: no.yourtripagent.com
URL: https://no.yourtripagent.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:82be , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
00a6116c8f6c8edfd446dd3c33c6ffd7d067e6e30cf5ae066af77d7ced207ba8

Request headers

Referer
https://no.yourtripagent.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 21 Dec 2019 00:59:53 GMT
cf-cache-status
MISS
last-modified
Sat, 09 Jun 2018 18:08:34 GMT
server
cloudflare
etag
"5b1c17a2-bdad"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
5485ea79fa00cbbc-VIE
content-length
48557
expires
Thu, 31 Dec 2037 23:55:55 GMT
top-10-things-to-do-and-see-in-shinsaibashi-7.jpg
www.yourtripagent.com/img/asia-2018/
46 KB
46 KB
Image
General
Full URL
https://www.yourtripagent.com/img/asia-2018/top-10-things-to-do-and-see-in-shinsaibashi-7.jpg
Requested by
Host: no.yourtripagent.com
URL: https://no.yourtripagent.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:82be , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6bba84ac50e19eb94abc6d32a9aaaee4222a40545e3e98234923152cb6ba4c66

Request headers

Referer
https://no.yourtripagent.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 21 Dec 2019 00:59:53 GMT
cf-cache-status
MISS
last-modified
Sat, 09 Jun 2018 17:34:44 GMT
server
cloudflare
etag
"5b1c0fb4-b694"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
5485ea7a3a58cbbc-VIE
content-length
46740
expires
Thu, 31 Dec 2037 23:55:55 GMT
12-best-nude-beaches-in-world-4.png
www.yourtripagent.com/img/europe-2018/
130 KB
130 KB
Image
General
Full URL
https://www.yourtripagent.com/img/europe-2018/12-best-nude-beaches-in-world-4.png
Requested by
Host: no.yourtripagent.com
URL: https://no.yourtripagent.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:82be , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
261c334884d6a6fb5a782adcdecc3b0342868793e259aed983f29ac0a514756c

Request headers

Referer
https://no.yourtripagent.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 21 Dec 2019 00:59:53 GMT
cf-cache-status
MISS
last-modified
Sat, 09 Jun 2018 18:03:48 GMT
server
cloudflare
etag
"5b1c1684-207f8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
5485ea7a3a5acbbc-VIE
content-length
133112
expires
Thu, 31 Dec 2037 23:55:55 GMT
10-must-try-restaurants-and-trattorias-in-capri-italy-11.jpg
www.yourtripagent.com/img/europe-2018/
37 KB
37 KB
Image
General
Full URL
https://www.yourtripagent.com/img/europe-2018/10-must-try-restaurants-and-trattorias-in-capri-italy-11.jpg
Requested by
Host: no.yourtripagent.com
URL: https://no.yourtripagent.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:82be , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ecb3ab53f3487b35db40ba2be8f4ec4ca9c3d49eb768c17797e1aa09261a4011

Request headers

Referer
https://no.yourtripagent.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 21 Dec 2019 00:59:53 GMT
cf-cache-status
MISS
last-modified
Sat, 09 Jun 2018 18:08:32 GMT
server
cloudflare
etag
"5b1c17a0-9493"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
5485ea7a3a5bcbbc-VIE
content-length
38035
expires
Thu, 31 Dec 2037 23:55:55 GMT
10-best-french-chefs-you-need-to-know-about.jpg
www.yourtripagent.com/img/europe-2018/
28 KB
28 KB
Image
General
Full URL
https://www.yourtripagent.com/img/europe-2018/10-best-french-chefs-you-need-to-know-about.jpg
Requested by
Host: no.yourtripagent.com
URL: https://no.yourtripagent.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:82be , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e467353fac9972db09ec14359bddd1ab72b96f40db1d0a5ed0e2c5ec34d02a9

Request headers

Referer
https://no.yourtripagent.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 21 Dec 2019 00:59:53 GMT
cf-cache-status
MISS
last-modified
Sat, 09 Jun 2018 18:16:54 GMT
server
cloudflare
etag
"5b1c1996-6e66"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
5485ea7a3a5ccbbc-VIE
content-length
28262
expires
Thu, 31 Dec 2037 23:55:55 GMT
10-best-restaurants-in-culver-city-california-6.jpg
www.yourtripagent.com/img/usa-2018/
29 KB
29 KB
Image
General
Full URL
https://www.yourtripagent.com/img/usa-2018/10-best-restaurants-in-culver-city-california-6.jpg
Requested by
Host: no.yourtripagent.com
URL: https://no.yourtripagent.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:82be , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f2b91f8c18c75402eec9c7e8643a08e86ad88c15de853f13e70ca422a8c4a182

Request headers

Referer
https://no.yourtripagent.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 21 Dec 2019 00:59:53 GMT
cf-cache-status
MISS
last-modified
Sat, 09 Jun 2018 18:15:08 GMT
server
cloudflare
etag
"5b1c192c-720e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
5485ea7a3a5ecbbc-VIE
content-length
29198
expires
Thu, 31 Dec 2037 23:55:55 GMT
ati-atihan-guide-to-philippines-biggest-festival-4.jpg
www.yourtripagent.com/img/asia-2018/
37 KB
37 KB
Image
General
Full URL
https://www.yourtripagent.com/img/asia-2018/ati-atihan-guide-to-philippines-biggest-festival-4.jpg
Requested by
Host: no.yourtripagent.com
URL: https://no.yourtripagent.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:82be , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
01fabd1c1d3c624fb4a61fdb5fce8648db3e3c542a818ac3a846e0e19b38f153

Request headers

Referer
https://no.yourtripagent.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 21 Dec 2019 00:59:53 GMT
cf-cache-status
MISS
last-modified
Sat, 09 Jun 2018 17:56:12 GMT
server
cloudflare
etag
"5b1c14bc-9334"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
5485ea7a3a5fcbbc-VIE
content-length
37684
expires
Thu, 31 Dec 2037 23:55:55 GMT
10-best-restaurants-in-tyler-texas-5.jpg
www.yourtripagent.com/img/usa-2018/
15 KB
15 KB
Image
General
Full URL
https://www.yourtripagent.com/img/usa-2018/10-best-restaurants-in-tyler-texas-5.jpg
Requested by
Host: no.yourtripagent.com
URL: https://no.yourtripagent.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:82be , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
cacba9cf70e0944034d2524391974519bd75651e7264fc53809ba0f25584ef83

Request headers

Referer
https://no.yourtripagent.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 21 Dec 2019 00:59:53 GMT
cf-cache-status
MISS
last-modified
Sat, 09 Jun 2018 18:13:06 GMT
server
cloudflare
etag
"5b1c18b2-3d33"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
5485ea7a3a61cbbc-VIE
content-length
15667
expires
Thu, 31 Dec 2037 23:55:55 GMT
top-10-things-to-see-and-do-in-lyon-7.jpg
www.yourtripagent.com/img/europe-2018/
21 KB
21 KB
Image
General
Full URL
https://www.yourtripagent.com/img/europe-2018/top-10-things-to-see-and-do-in-lyon-7.jpg
Requested by
Host: no.yourtripagent.com
URL: https://no.yourtripagent.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:82be , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
909e203d92f64451854045777c8f35b878c0de34bc778c84be2eb6f0f0b5e4db

Request headers

Referer
https://no.yourtripagent.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 21 Dec 2019 00:59:53 GMT
cf-cache-status
MISS
last-modified
Sat, 09 Jun 2018 17:33:10 GMT
server
cloudflare
etag
"5b1c0f56-5393"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
5485ea7a3a63cbbc-VIE
content-length
21395
expires
Thu, 31 Dec 2037 23:55:55 GMT
most-astonishing-coastlines-in-world-13.jpg
www.yourtripagent.com/img/europe-2018/
34 KB
34 KB
Image
General
Full URL
https://www.yourtripagent.com/img/europe-2018/most-astonishing-coastlines-in-world-13.jpg
Requested by
Host: no.yourtripagent.com
URL: https://no.yourtripagent.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:82be , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a096fb37a7a06bcbdef32a1f2a0c0c216850f00e2235d6f284c82766d1d1650

Request headers

Referer
https://no.yourtripagent.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 21 Dec 2019 00:59:53 GMT
cf-cache-status
MISS
last-modified
Sat, 09 Jun 2018 17:43:58 GMT
server
cloudflare
etag
"5b1c11de-88c4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
5485ea7a3a65cbbc-VIE
content-length
35012
expires
Thu, 31 Dec 2037 23:55:55 GMT
an-introduction-to-impressionist-art-in-12-works-13.jpg
www.yourtripagent.com/img/europe-2018/
60 KB
61 KB
Image
General
Full URL
https://www.yourtripagent.com/img/europe-2018/an-introduction-to-impressionist-art-in-12-works-13.jpg
Requested by
Host: no.yourtripagent.com
URL: https://no.yourtripagent.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:82be , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
29f606244aba28b2ef12601f3a007b334aa83bc3fbb7cc957717c5f8526a2f5e

Request headers

Referer
https://no.yourtripagent.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 21 Dec 2019 00:59:53 GMT
cf-cache-status
MISS
last-modified
Sat, 09 Jun 2018 17:56:24 GMT
server
cloudflare
etag
"5b1c14c8-f183"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
5485ea7a3a66cbbc-VIE
content-length
61827
expires
Thu, 31 Dec 2037 23:55:55 GMT
10-best-scottish-restaurants-in-glasgow-4.jpg
www.yourtripagent.com/img/united-kingdom-2018/
20 KB
20 KB
Image
General
Full URL
https://www.yourtripagent.com/img/united-kingdom-2018/10-best-scottish-restaurants-in-glasgow-4.jpg
Requested by
Host: no.yourtripagent.com
URL: https://no.yourtripagent.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:82be , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
77be30971fd020eb16acf9670a832683a4b35be128a3f8e3ba02d10d2bde2beb

Request headers

Referer
https://no.yourtripagent.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 21 Dec 2019 00:59:53 GMT
cf-cache-status
MISS
last-modified
Sat, 09 Jun 2018 18:12:42 GMT
server
cloudflare
etag
"5b1c189a-4f8a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
5485ea7a3a67cbbc-VIE
content-length
20362
expires
Thu, 31 Dec 2037 23:55:55 GMT
coolest-airbnbs-in-bangkok-17.png
www.yourtripagent.com/img/asia-2018/
241 KB
241 KB
Image
General
Full URL
https://www.yourtripagent.com/img/asia-2018/coolest-airbnbs-in-bangkok-17.png
Requested by
Host: no.yourtripagent.com
URL: https://no.yourtripagent.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:82be , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
898758f907573229d597fbb0a3f0454cb97f83e236c3809b1dd427d24083be80

Request headers

Referer
https://no.yourtripagent.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 21 Dec 2019 00:59:53 GMT
cf-cache-status
MISS
last-modified
Sat, 09 Jun 2018 17:48:14 GMT
server
cloudflare
etag
"5b1c12de-3c440"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
5485ea7a3a69cbbc-VIE
content-length
246848
expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery.js
www.yourtripagent.com/img/template/js/
36 KB
37 KB
Script
General
Full URL
https://www.yourtripagent.com/img/template/js/jquery.js
Requested by
Host: no.yourtripagent.com
URL: https://no.yourtripagent.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:82be , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f1094746331736d7a34b6d1e651184750e3600fd9b035947b33977fc7e363d7

Request headers

Referer
https://no.yourtripagent.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 21 Dec 2019 00:59:53 GMT
cf-cache-status
HIT
last-modified
Sat, 09 Jun 2018 18:22:42 GMT
server
cloudflare
age
5064
etag
"91ab-56e399a272080"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
5485ea7938bdcbbc-VIE
content-length
37291
jquery-ui.js
www.yourtripagent.com/img/template/js/
36 KB
37 KB
Script
General
Full URL
https://www.yourtripagent.com/img/template/js/jquery-ui.js
Requested by
Host: no.yourtripagent.com
URL: https://no.yourtripagent.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:82be , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f1094746331736d7a34b6d1e651184750e3600fd9b035947b33977fc7e363d7

Request headers

Referer
https://no.yourtripagent.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 21 Dec 2019 00:59:53 GMT
cf-cache-status
HIT
last-modified
Sat, 09 Jun 2018 18:22:42 GMT
server
cloudflare
age
5064
etag
"91ab-56e399a272080"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
5485ea7938c3cbbc-VIE
content-length
37291
jquery-touch.js
www.yourtripagent.com/img/template/js/
36 KB
37 KB
Script
General
Full URL
https://www.yourtripagent.com/img/template/js/jquery-touch.js
Requested by
Host: no.yourtripagent.com
URL: https://no.yourtripagent.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:82be , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f1094746331736d7a34b6d1e651184750e3600fd9b035947b33977fc7e363d7

Request headers

Referer
https://no.yourtripagent.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 21 Dec 2019 00:59:53 GMT
cf-cache-status
HIT
last-modified
Sat, 09 Jun 2018 18:22:42 GMT
server
cloudflare
age
5064
etag
"91ab-56e399a272080"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
5485ea7938bfcbbc-VIE
content-length
37291
jquery-popup.js
www.yourtripagent.com/img/template/js/
36 KB
37 KB
Script
General
Full URL
https://www.yourtripagent.com/img/template/js/jquery-popup.js
Requested by
Host: no.yourtripagent.com
URL: https://no.yourtripagent.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:82be , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f1094746331736d7a34b6d1e651184750e3600fd9b035947b33977fc7e363d7

Request headers

Referer
https://no.yourtripagent.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 21 Dec 2019 00:59:53 GMT
cf-cache-status
HIT
last-modified
Sat, 09 Jun 2018 18:22:42 GMT
server
cloudflare
age
5063
etag
"91ab-56e399a272080"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
5485ea7938c1cbbc-VIE
content-length
37291
jquery-swiper.js
www.yourtripagent.com/img/template/js/
36 KB
37 KB
Script
General
Full URL
https://www.yourtripagent.com/img/template/js/jquery-swiper.js
Requested by
Host: no.yourtripagent.com
URL: https://no.yourtripagent.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:82be , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f1094746331736d7a34b6d1e651184750e3600fd9b035947b33977fc7e363d7

Request headers

Referer
https://no.yourtripagent.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 21 Dec 2019 00:59:53 GMT
cf-cache-status
HIT
last-modified
Sat, 09 Jun 2018 18:22:42 GMT
server
cloudflare
age
5063
etag
"91ab-56e399a272080"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
5485ea7938c0cbbc-VIE
content-length
37291
jquery-init.js
www.yourtripagent.com/img/template/js/
36 KB
37 KB
Script
General
Full URL
https://www.yourtripagent.com/img/template/js/jquery-init.js
Requested by
Host: no.yourtripagent.com
URL: https://no.yourtripagent.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:82be , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f1094746331736d7a34b6d1e651184750e3600fd9b035947b33977fc7e363d7

Request headers

Referer
https://no.yourtripagent.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 21 Dec 2019 00:59:53 GMT
cf-cache-status
HIT
last-modified
Sat, 09 Jun 2018 18:22:42 GMT
server
cloudflare
age
5063
etag
"91ab-56e399a272080"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
5485ea7958eecbbc-VIE
content-length
37291
addthis_widget.js
s7.addthis.com/js/300/
349 KB
113 KB
Script
General
Full URL
https://s7.addthis.com/js/300/addthis_widget.js
Requested by
Host: no.yourtripagent.com
URL: https://no.yourtripagent.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a23-210-248-44.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
7c20e3e201e3d7c6821e907def1257deb544eb08578c7129b96d53bbf62d34e4
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://no.yourtripagent.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
last-modified
Wed, 30 Oct 2019 19:35:04 GMT
server
nginx/1.15.8
etag
"5db9e5e8-57446"
vary
Accept-Encoding
x-distribution
99
content-type
application/javascript
status
200
cache-control
public, max-age=600
date
Sat, 21 Dec 2019 00:59:53 GMT
x-host
s7.addthis.com
content-length
114924
/
netspooke3.biz/
12 KB
12 KB
Script
General
Full URL
https://netspooke3.biz/?pu=gy4giyldme5ha3ddf4ytinrw
Requested by
Host: no.yourtripagent.com
URL: https://no.yourtripagent.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
167.71.72.151 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
01812210361be843e8f1e25b6715274836f1ab025f3069b16b3322afdc472428
Security Headers
Name Value
Content-Security-Policy img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://no.yourtripagent.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Sat, 21 Dec 2019 00:59:53 GMT
server
nginx
access-control-allow-origin
*
content-security-policy
img-src https: data:; upgrade-insecure-requests
strict-transport-security
max-age=31536000
content-type
application/javascript; charset=UTF-8
cookieconsent.min.css
cdn.jsdelivr.net/npm/cookieconsent@3/build/
5 KB
2 KB
Stylesheet
General
Full URL
https://cdn.jsdelivr.net/npm/cookieconsent@3/build/cookieconsent.min.css
Requested by
Host: no.yourtripagent.com
URL: https://no.yourtripagent.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd0d0b6e50ff01ff2f3a9a70d7cfb66a7c6cb9acf7a566325568be6d3bd31fc4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://no.yourtripagent.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 21 Dec 2019 00:59:53 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
1293
cf-ray
5485ea793bec59a0-VIE
x-cache
HIT, HIT
status
200
vary
Accept-Encoding
x-served-by
cache-ams21050-AMS, cache-fra19174-FRA
server
cloudflare
etag
W/"135e-3nthfC1sCV/yhiNebPZMMo2hpL8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cookieconsent.min.js
cdn.jsdelivr.net/npm/cookieconsent@3/build/
20 KB
6 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/cookieconsent@3/build/cookieconsent.min.js
Requested by
Host: no.yourtripagent.com
URL: https://no.yourtripagent.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e55842a856a6d829feca3c3ad736c136b6c7549e9247274f78aa296259e06e24
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://no.yourtripagent.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 21 Dec 2019 00:59:53 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
17882
cf-ray
5485ea793bed59a0-VIE
x-cache
HIT, HIT
status
200
vary
Accept-Encoding
x-served-by
cache-ams21031-AMS, cache-hhn1550-HHN
server
cloudflare
etag
W/"50d5-nLraS9YXyGxjjPLr3exyStWWkHs"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
embed
disgust.top/
9 KB
3 KB
Script
General
Full URL
https://disgust.top/embed?key=clz2vteznvfpzddowdronvqwk3zvdz09
Requested by
Host: no.yourtripagent.com
URL: https://no.yourtripagent.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:41bf , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
94e5bbd81e1bf29064c2deb5f9eb4613a9b4e85241b10cad0d824b3257d446b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://no.yourtripagent.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 21 Dec 2019 00:59:53 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-permitted-cross-domain-policies
none
cross-origin-window-policy
deny
status
200
x-xss-protection
1; mode=block
x-request-id
FeI9GBiuGTiy89QAI-0B
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
x-download-options
noopen
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
cf-ray
5485ea798adfcbc8-VIE
integrator.js
adservice.google.de/adsid/
109 B
174 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=no.yourtripagent.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://no.yourtripagent.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 21 Dec 2019 00:59:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
109 B
323 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=no.yourtripagent.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://no.yourtripagent.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 21 Dec 2019 00:59:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
104
x-xss-protection
0
show_ads_impl_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20191205/r20190131/
225 KB
85 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20191205/r20190131/show_ads_impl_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
20cdda5f0e51f5dac5693ffe15fb394528dd838e9887a785de1d02e3bb2a418f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://no.yourtripagent.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 21 Dec 2019 00:59:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
86385
x-xss-protection
0
server
cafe
etag
4513681422076315165
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sat, 21 Dec 2019 00:59:53 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20191205/r20190131/ Frame 200B
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20191205/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20191205/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://no.yourtripagent.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://no.yourtripagent.com/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
vary
Accept-Encoding
date
Thu, 19 Dec 2019 17:43:23 GMT
expires
Thu, 02 Jan 2020 17:43:23 GMT
content-type
text/html; charset=UTF-8
etag
13309989325511048345
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
6574
x-xss-protection
0
cache-control
public, max-age=1209600
age
112590
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
ads
googleads.g.doubleclick.net/pagead/ Frame B0A8
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6909770216530819&output=html&adk=1812271804&adf=3025194257&lmt=1576889993&plat=1%3A32776%2C2%3A32776%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C30%3A1081344%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fno.yourtripagent.com%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1576889993151&bpp=13&bdt=33&fdt=56&idt=56&shv=r20191205&cbv=r20190131&saldr=aa&abxe=1&nras=1&correlator=6746888851798&frm=20&pv=2&ga_vid=244913437.1576889993&ga_sid=1576889993&ga_hid=1567068621&ga_fc=0&iag=0&icsg=2720&dssz=7&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065126%2C20040011&oid=3&pvsid=48726251179107&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=31&ifi=0&uci=a!0&fsb=1&dtd=73
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20191205/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-6909770216530819&output=html&adk=1812271804&adf=3025194257&lmt=1576889993&plat=1%3A32776%2C2%3A32776%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C30%3A1081344%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fno.yourtripagent.com%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1576889993151&bpp=13&bdt=33&fdt=56&idt=56&shv=r20191205&cbv=r20190131&saldr=aa&abxe=1&nras=1&correlator=6746888851798&frm=20&pv=2&ga_vid=244913437.1576889993&ga_sid=1576889993&ga_hid=1567068621&ga_fc=0&iag=0&icsg=2720&dssz=7&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065126%2C20040011&oid=3&pvsid=48726251179107&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=31&ifi=0&uci=a!0&fsb=1&dtd=73
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://no.yourtripagent.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://no.yourtripagent.com/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sat, 21 Dec 2019 00:59:53 GMT
server
cafe
content-length
44
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Sat, 21-Dec-2019 01:14:53 GMT; path=/; domain=.doubleclick.net
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
expires
Sat, 21 Dec 2019 00:59:53 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/
78 KB
29 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20191205/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
63890326f558587b0840eb0a6e6377f1bf39264e015e568f4c2a03aefce3f929
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://no.yourtripagent.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 21 Dec 2019 00:59:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1575654529893506"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
29463
x-xss-protection
0
expires
Sat, 21 Dec 2019 00:59:53 GMT
pxibyp8kv8jhgfvrlcz7z1xlfq.woff2
www.yourtripagent.com/template/template/css/
0
0

kfomcnqeu92fr1mu4mxk.woff2
www.yourtripagent.com/template/template/css/
0
0

fontawesome-webfont_001.woff2
www.yourtripagent.com/template/template/css/
0
0

pxieyp8kv8jhgfvrjjfecg.woff2
www.yourtripagent.com/template/template/css/
0
0

moatframe.js
z.moatads.com/addthismoatframe568911941483/
2 KB
1 KB
Script
General
Full URL
https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Referer
https://no.yourtripagent.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 21 Dec 2019 00:59:53 GMT
Content-Encoding
gzip
Last-Modified
Fri, 08 Nov 2019 20:13:52 GMT
Server
AmazonS3
x-amz-request-id
795A0DEE119FE2C4
ETag
"f14b4e1f799b14f798a195f43cf58376"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=47805
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
948
x-amz-id-2
ARlE0RXgmS7RZdnG6ZbXtcaiD2zRKqm8r0S35/8snRoTx3isvWHs+j7E4IfJy3GTATzM3S8j8M4=
hit
counter.yadro.ru/
Redirect Chain
  • https://counter.yadro.ru/hit?r;s1600*1200*24;uhttps%3A//no.yourtripagent.com/;0.20748918476867284
  • https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//no.yourtripagent.com/;0.20748918476867284
43 B
421 B
Image
General
Full URL
https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//no.yourtripagent.com/;0.20748918476867284
Requested by
Host: no.yourtripagent.com
URL: https://no.yourtripagent.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
88.212.201.216 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
host216.rax.ru
Software
nginx/1.11.1 /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://no.yourtripagent.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 21 Dec 2019 00:59:53 GMT
Server
nginx/1.11.1
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Cache-control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 20 Dec 2018 21:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 21 Dec 2019 00:59:53 GMT
Server
nginx/1.11.1
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Location
https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//no.yourtripagent.com/;0.20748918476867284
Cache-control
no-cache
Connection
keep-alive
Content-Type
text/html
Content-Length
32
Expires
Thu, 20 Dec 2018 21:00:00 GMT
tag.js
mc.yandex.ru/metrika/
362 KB
92 KB
Script
General
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: no.yourtripagent.com
URL: https://no.yourtripagent.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
53637866c5c5d5bad4a0342a6eb2fd39d7125273c57cd7a3aca611f31da84c8f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://no.yourtripagent.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 21 Dec 2019 00:59:53 GMT
Content-Encoding
br
Last-Modified
Tue, 10 Dec 2019 10:33:56 GMT
Server
nginx/1.14.2
ETag
"5def7494-16d88"
Strict-Transport-Security
max-age=31536000
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Content-Length
93576
Expires
Sat, 21 Dec 2019 01:59:53 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/
51 KB
16 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/3ff9a226-acf3-494c-bc19-38c88c7fb08e/plugin.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s25-in-f2.1e100.net
Software
sffe /
Resource Hash
8194ff3826976ab39199703c90dca9ddec292bfe5033e69e473f76b7fb8742e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://no.yourtripagent.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 21 Dec 2019 00:59:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"373 / 355 of 1000 / last-modified: 1576520981"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
15828
x-xss-protection
0
expires
Sat, 21 Dec 2019 00:59:53 GMT
prebid2.41.2.js
get.optad360.io/sf/
252 KB
80 KB
Script
General
Full URL
https://get.optad360.io/sf/prebid2.41.2.js
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/3ff9a226-acf3-494c-bc19-38c88c7fb08e/plugin.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:214f:8600:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b70619ef0c4ae71661967d69ee82e4bd4804a0880ec8ad3ef4710eef5d2ae841

Request headers

Referer
https://no.yourtripagent.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 21 Dec 2019 00:31:11 GMT
content-encoding
gzip
last-modified
Tue, 17 Dec 2019 08:26:51 GMT
server
AmazonS3
age
1723
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
cache-control
public, max-age=3600
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
61WfzS-yLJmJ4PNsAlw1rOaBcs3WGbxh7r1fLwXauC44qut_0a9CZA==
via
1.1 61adf71a363fe0f836dc69dbb43de824.cloudfront.net (CloudFront)
prebid_adplayer.js
get.optad360.io/sf/
252 KB
80 KB
Script
General
Full URL
https://get.optad360.io/sf/prebid_adplayer.js
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/3ff9a226-acf3-494c-bc19-38c88c7fb08e/plugin.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:214f:8600:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0f9b7472bb976f6492f4260ac2babb8666ac4b0bfc389312dd86574c3ddfd088

Request headers

Referer
https://no.yourtripagent.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 18 Dec 2019 13:56:39 GMT
content-encoding
gzip
last-modified
Wed, 18 Dec 2019 13:55:50 GMT
server
AmazonS3
age
212595
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
cache-control
public, max-age=360000
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
uxY-_2z3FPOgscONonL_ko4-qvR7QxSyY7KRBVIRgb6qxwO7lLfCjg==
via
1.1 61adf71a363fe0f836dc69dbb43de824.cloudfront.net (CloudFront)
_ate.track.config_resp
v1.addthisedge.com/live/boost/ra-5a9e384e4ddc3a9d/
2 KB
787 B
Script
General
Full URL
https://v1.addthisedge.com/live/boost/ra-5a9e384e4ddc3a9d/_ate.track.config_resp
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a23-210-248-44.deploy.static.akamaitechnologies.com
Software
Jetty(9.4.8.v20180619) /
Resource Hash
463ce0edc8159ca6cfa869e7c54854eb780bc35b4e944e3366136fdad3ece823

Request headers

Referer
https://no.yourtripagent.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 21 Dec 2019 00:59:53 GMT
content-encoding
gzip
surrogate-key
ra-5a9e384e4ddc3a9d
server
Jetty(9.4.8.v20180619)
etag
-1111936905--gzip
vary
Accept-Encoding
cache-tag
ra-5a9e384e4ddc3a9d
status
200
cache-control
public, max-age=57, s-maxage=86400
content-disposition
attachment; filename=1.txt
content-type
application/javascript;charset=utf-8
content-length
540
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/
1 KB
1 KB
XHR
General
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20191221
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid2.41.2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
30dcea4f6793e2ad92caac9989909fb5cda51c7ea736921eb0c56515c11816b6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://no.yourtripagent.com/
Origin
https://no.yourtripagent.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 21 Dec 2019 00:59:53 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-cache
HIT, HIT
status
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-served-by
cache-ams21029-AMS, cache-vie21642-VIE
timing-allow-origin
*
server
cloudflare
etag
W/"53e-w/BdGTKiaqYJlRdD4glg4gSxVP0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
5485ea7b3f4ccbc0-VIE
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/
1 KB
795 B
XHR
General
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20191221
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid_adplayer.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
30dcea4f6793e2ad92caac9989909fb5cda51c7ea736921eb0c56515c11816b6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://no.yourtripagent.com/
Origin
https://no.yourtripagent.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 21 Dec 2019 00:59:53 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-cache
HIT, HIT
status
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-served-by
cache-ams21029-AMS, cache-vie21647-VIE
timing-allow-origin
*
server
cloudflare
etag
W/"53e-w/BdGTKiaqYJlRdD4glg4gSxVP0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
5485ea7b3f4fcbc0-VIE
fontawesome-webfont_001.woff
www.yourtripagent.com/template/template/css/
0
0

layers.ab5cd98fe1b9a38a4a9f.js
s7.addthis.com/static/
263 KB
76 KB
Script
General
Full URL
https://s7.addthis.com/static/layers.ab5cd98fe1b9a38a4a9f.js
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a23-210-248-44.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
ecc0c4a707efeb061b7de57440221feb21ab08022938aaacee779e98fe809235
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://no.yourtripagent.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
last-modified
Wed, 18 Sep 2019 14:16:17 GMT
server
nginx/1.15.8
etag
W/"5d823c31-41b9f"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=86313600
date
Sat, 21 Dec 2019 00:59:53 GMT
x-host
s7.addthis.com
timing-allow-origin
*
content-length
77528
pubads_impl_2019121002.js
securepubads.g.doubleclick.net/gpt/
163 KB
60 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019121002.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s25-in-f2.1e100.net
Software
sffe /
Resource Hash
216fd62bccc74ef4e4d35292cd4874e7072a4fb30685afb6235d894a3ec1a2df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://no.yourtripagent.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 21 Dec 2019 00:59:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 10 Dec 2019 17:29:18 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
60922
x-xss-protection
0
expires
Sat, 21 Dec 2019 00:59:53 GMT
1
mc.yandex.ru/watch/54055402/
Redirect Chain
  • https://mc.yandex.ru/watch/54055402?wmode=7&page-url=https%3A%2F%2Fno.yourtripagent.com%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1576889991991%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A2166...
  • https://mc.yandex.ru/watch/54055402/1?wmode=7&page-url=https%3A%2F%2Fno.yourtripagent.com%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1576889991991%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A21...
0
-1 B
XHR
General
Full URL
https://mc.yandex.ru/watch/54055402/1?wmode=7&page-url=https%3A%2F%2Fno.yourtripagent.com%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1576889991991%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Az%3A60%3Ai%3A20191221015953%3Aet%3A1576889994%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A889504871%3Ahid%3A188229536%3Ads%3A30%2C53%2C1040%2C0%2C1%2C0%2C0%2C186%2C21%2C%2C%2C%2C1312%3Afp%3A1344%3Agdpr%3A14%3Av%3A1787%3Awv%3A2%3Ast%3A1576889994%3Au%3A1576889994539054576%3At%3AReiser%20Med%20R%C3%A5d%2C%20Tips%2C%20Inspirasjon%20For%20Reisende%20-%202019
Requested by
Host: no.yourtripagent.com
URL: https://no.yourtripagent.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://no.yourtripagent.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 21 Dec 2019 00:59:53 GMT
Last-Modified
Sat, 21-Dec-2019 00:59:53 GMT
Server
nginx/1.14.2
Location
/watch/54055402/1?wmode=7&page-url=https%3A%2F%2Fno.yourtripagent.com%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1576889991991%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Az%3A60%3Ai%3A20191221015953%3Aet%3A1576889994%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A889504871%3Ahid%3A188229536%3Ads%3A30%2C53%2C1040%2C0%2C1%2C0%2C0%2C186%2C21%2C%2C%2C%2C1312%3Afp%3A1344%3Agdpr%3A14%3Av%3A1787%3Awv%3A2%3Ast%3A1576889994%3Au%3A1576889994539054576%3At%3AReiser%20Med%20R%C3%A5d%2C%20Tips%2C%20Inspirasjon%20For%20Reisende%20-%202019
Strict-Transport-Security
max-age=31536000
Access-Control-Allow-Origin
https://no.yourtripagent.com
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
X-XSS-Protection
1; mode=block
Expires
Sat, 21-Dec-2019 00:59:53 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 21 Dec 2019 00:59:53 GMT
Last-Modified
Sat, 21-Dec-2019 00:59:53 GMT
Server
nginx/1.14.2
Access-Control-Allow-Origin
https://no.yourtripagent.com
Strict-Transport-Security
max-age=31536000
Location
/watch/54055402/1?wmode=7&page-url=https%3A%2F%2Fno.yourtripagent.com%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1576889991991%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Az%3A60%3Ai%3A20191221015953%3Aet%3A1576889994%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A889504871%3Ahid%3A188229536%3Ads%3A30%2C53%2C1040%2C0%2C1%2C0%2C0%2C186%2C21%2C%2C%2C%2C1312%3Afp%3A1344%3Agdpr%3A14%3Av%3A1787%3Awv%3A2%3Ast%3A1576889994%3Au%3A1576889994539054576%3At%3AReiser%20Med%20R%C3%A5d%2C%20Tips%2C%20Inspirasjon%20For%20Reisende%20-%202019
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
X-XSS-Protection
1; mode=block
Expires
Sat, 21-Dec-2019 00:59:53 GMT
fontawesome-webfont_001.ttf
www.yourtripagent.com/template/template/css/
0
0

advert.gif
mc.yandex.ru/metrika/
43 B
445 B
Image
General
Full URL
https://mc.yandex.ru/metrika/advert.gif
Requested by
Host: no.yourtripagent.com
URL: https://no.yourtripagent.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://no.yourtripagent.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 21 Dec 2019 00:59:53 GMT
Content-Encoding
gzip
Last-Modified
Mon, 12 Oct 2015 13:09:09 GMT
Server
nginx/1.14.2
ETag
"561bb0f5-3d"
Strict-Transport-Security
max-age=31536000
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Content-Length
61
Expires
Sat, 21 Dec 2019 01:59:53 GMT
client.no.min.json
s7.addthis.com/l10n/
2 KB
1 KB
XHR
General
Full URL
https://s7.addthis.com/l10n/client.no.min.json
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a23-210-248-44.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
3add1f858dac6ad44935cfb98c0fd485d1a5959118268fa11b40f73254fb8462
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://no.yourtripagent.com/
Origin
https://no.yourtripagent.com

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
last-modified
Tue, 10 Sep 2019 15:15:17 GMT
server
nginx/1.15.8
status
200
etag
W/"5d77be05-900"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
date
Sat, 21 Dec 2019 00:59:53 GMT
x-host
s7.addthis.com
timing-allow-origin
*
content-length
1143
1
mc.yandex.ru/watch/54055402/
152 B
708 B
XHR
General
Full URL
https://mc.yandex.ru/watch/54055402/1?wmode=7&page-url=https%3A%2F%2Fno.yourtripagent.com%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1576889991991%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Az%3A60%3Ai%3A20191221015953%3Aet%3A1576889994%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A889504871%3Ahid%3A188229536%3Ads%3A30%2C53%2C1040%2C0%2C1%2C0%2C0%2C186%2C21%2C%2C%2C%2C1312%3Afp%3A1344%3Agdpr%3A14%3Av%3A1787%3Awv%3A2%3Ast%3A1576889994%3Au%3A1576889994539054576%3At%3AReiser%20Med%20R%C3%A5d%2C%20Tips%2C%20Inspirasjon%20For%20Reisende%20-%202019
Requested by
Host: no.yourtripagent.com
URL: https://no.yourtripagent.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
36039a22e62e1c0e63b6348b1dab63fb1f472a0ffb20e06d42108705e77bf1a7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://no.yourtripagent.com/
Origin
https://no.yourtripagent.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Sat, 21 Dec 2019 00:59:53 GMT
X-Content-Type-Options
nosniff
Last-Modified
Sat, 21-Dec-2019 00:59:53 GMT
Server
nginx/1.14.2
Strict-Transport-Security
max-age=31536000
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://no.yourtripagent.com
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
152
X-XSS-Protection
1; mode=block
Expires
Sat, 21-Dec-2019 00:59:53 GMT
ads
securepubads.g.doubleclick.net/gampad/
45 KB
11 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=48726251179107&correlator=310519640138296&output=ldjh&impl=fif&adsid=NT&vrg=2019121002&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20191221&iu=%2F121764058%2Fyourtripagent.com%2Fyourtripagent.com_sf&sz=728x90%7C750x100%7C970x90%7C700x100&cookie_enabled=1&bc=31&abxe=1&lmt=1576889993&dt=1576889993677&dlt=1576889993117&idt=549&frm=20&biw=1585&bih=1200&oid=3&adx=-12245933&ady=-12245933&adk=1328295001&uci=1&ifi=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fno.yourtripagent.com%2F&dssz=28&icsg=2929704566816&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1&msz=728x-1&ga_vid=244913437.1576889993&ga_sid=1576889993&ga_hid=1567068621&fws=640&ohw=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019121002.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s25-in-f2.1e100.net
Software
cafe /
Resource Hash
1b622b5e0cbe2fbbdb84a586f1cd7f77216d6981981fe50072ea8e9a05456108
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://no.yourtripagent.com/
Origin
https://no.yourtripagent.com

Response headers

date
Sat, 21 Dec 2019 00:59:53 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
10253
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://no.yourtripagent.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_rendering_2019121002.js
securepubads.g.doubleclick.net/gpt/
64 KB
24 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019121002.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019121002.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s25-in-f2.1e100.net
Software
sffe /
Resource Hash
4c52ed8f9039265ffed7fdca0b967b2624325e6356433f437e044b0dd332cddf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://no.yourtripagent.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 21 Dec 2019 00:59:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 10 Dec 2019 17:29:18 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
24811
x-xss-protection
0
expires
Sat, 21 Dec 2019 00:59:53 GMT
container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/
0
0
Other
General
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019121002.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://no.yourtripagent.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

ads
securepubads.g.doubleclick.net/gampad/
38 KB
9 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=48726251179107&correlator=310519640138296&output=ldjh&impl=fif&adsid=NT&vrg=2019121002&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20191221&iu=%2F121764058%2Fyourtripagent.com%2Fyourtripagent.com_atf&sz=728x90%7C750x100%7C750x200%7C750x300%7C800x120%7C970x90%7C970x250%7C970x300%7C980x120%7C1000x100%7C400x300%7C640x480&cookie_enabled=1&bc=31&abxe=1&lmt=1576889993&dt=1576889993686&dlt=1576889993117&idt=549&frm=20&biw=1585&bih=1200&oid=3&adx=-12245933&ady=-12245933&adk=251913816&uci=2&ifi=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fno.yourtripagent.com%2F&dssz=29&icsg=565879657988128&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=728x90&ga_vid=244913437.1576889993&ga_sid=1576889993&ga_hid=1567068621&fws=128&ohw=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019121002.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s25-in-f2.1e100.net
Software
cafe /
Resource Hash
9b6aabdeb53d0b47ead7b818ebc4a04220f1caaa2523cba1dbd27194fa99a1ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://no.yourtripagent.com/
Origin
https://no.yourtripagent.com

Response headers

date
Sat, 21 Dec 2019 00:59:54 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
9396
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://no.yourtripagent.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
411 B
547 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=48726251179107&correlator=310519640138296&output=ldjh&impl=fif&adsid=NT&vrg=2019121002&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20191221&iu=%2F121764058%2Fyourtripagent.com%2Fyourtripagent.com_btf&sz=728x90%7C728x200%7C750x100%7C750x200%7C750x300%7C800x120%7C970x90%7C970x250%7C970x300%7C980x120%7C1000x100%7C400x300%7C640x480&cookie_enabled=1&bc=31&abxe=1&lmt=1576889993&dt=1576889993689&dlt=1576889993117&idt=549&frm=20&biw=1585&bih=1200&oid=3&adx=-12245933&ady=-12245933&adk=653496352&uci=3&ifi=3&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fno.yourtripagent.com%2F&dssz=29&icsg=565879657988128&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=728x90&ga_vid=244913437.1576889993&ga_sid=1576889993&ga_hid=1567068621&fws=128&ohw=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019121002.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s25-in-f2.1e100.net
Software
cafe /
Resource Hash
e895556eeeaf04e8539047b7c449d60066b9d0a6f0c1e362a0b457227867262f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://no.yourtripagent.com/
Origin
https://no.yourtripagent.com

Response headers

date
Sat, 21 Dec 2019 00:59:54 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
202
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://no.yourtripagent.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
fontawesome-webfont.woff2
www.yourtripagent.com/template/template/css/
0
0

fontawesome-webfont.woff
www.yourtripagent.com/template/template/css/
0
0

fontawesome-webfont.ttf
www.yourtripagent.com/template/template/css/
0
0

amp4ads-host-v0.js
cdn.ampproject.org/rtv/011912050130240/
20 KB
7 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/011912050130240/amp4ads-host-v0.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019121002.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
b0e077c071d8cadd7f559a3bfba9b136c071a5a0bc7cb6d952171b5f427cfa11
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://no.yourtripagent.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
10753
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
7140
x-xss-protection
0
server
sffe
date
Fri, 20 Dec 2019 22:00:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"d61e8113ad0598ef"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 19 Dec 2020 22:00:40 GMT
amp4ads-v0.js
cdn.ampproject.org/rtv/011912050130240/ Frame B6EC
200 KB
54 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/011912050130240/amp4ads-v0.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019121002.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
0289758c8c964fbe0ec421527203b54fa728f037f3e023b002691158c82d7f98
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://no.yourtripagent.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
38026
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
55703
x-xss-protection
0
server
sffe
date
Fri, 20 Dec 2019 14:26:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"5d665c0313f255e6"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 19 Dec 2020 14:26:07 GMT
amp-ad-exit-0.1.js
cdn.ampproject.org/rtv/011912050130240/v0/ Frame B6EC
15 KB
6 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/011912050130240/v0/amp-ad-exit-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019121002.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
b388700842c722b76892ae257a262436a354966566be5fc2fc06dcb7a006d49d
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://no.yourtripagent.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
56024
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
5590
x-xss-protection
0
server
sffe
date
Fri, 20 Dec 2019 09:26:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"725cf1b04be851c6"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 19 Dec 2020 09:26:09 GMT
amp-analytics-0.1.js
cdn.ampproject.org/rtv/011912050130240/v0/ Frame B6EC
152 KB
41 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/011912050130240/v0/amp-analytics-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019121002.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
ab99b94ce42722a9b966906754075df92c870cb9ff1aa1c48920008806079153
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://no.yourtripagent.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
38026
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
41415
x-xss-protection
0
server
sffe
date
Fri, 20 Dec 2019 14:26:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"66b88e0b1300c1e3"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 19 Dec 2020 14:26:07 GMT
amp-fit-text-0.1.js
cdn.ampproject.org/rtv/011912050130240/v0/ Frame B6EC
3 KB
1 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/011912050130240/v0/amp-fit-text-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019121002.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
627128aa43dc242642c6d678f53ebface174b2a3a3de58522b644fd5c61c5f67
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://no.yourtripagent.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
56024
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1398
x-xss-protection
0
server
sffe
date
Fri, 20 Dec 2019 09:26:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"0b9648fcbc3c015a"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 19 Dec 2020 09:26:09 GMT
amp-form-0.1.js
cdn.ampproject.org/rtv/011912050130240/v0/ Frame B6EC
45 KB
14 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/011912050130240/v0/amp-form-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019121002.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
816ec7f0b489b0fd32872606d9458c49ac0d3f3fcbb901bd0a38f797d2eb14b1
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://no.yourtripagent.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
56024
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
14335
x-xss-protection
0
server
sffe
date
Fri, 20 Dec 2019 09:26:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"e120bec091dd60ce"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 19 Dec 2020 09:26:09 GMT
css
fonts.googleapis.com/ Frame B6EC
4 KB
677 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019121002.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
efe95cb2cc312e0132b0ce914c642ecee0534223df3f1d47579cdabe6cc070cd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://no.yourtripagent.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sat, 21 Dec 2019 00:59:53 GMT
server
ESF
access-control-allow-origin
*
date
Sat, 21 Dec 2019 00:59:53 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
0
expires
Sat, 21 Dec 2019 00:59:53 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/15126418592955166032/ Frame B6EC
13 KB
13 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/15126418592955166032/downsize_200k_v1?w=300&h=300
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019121002.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
3cdc0a5ea9bae725bdcaeb0b5ce39e930ded6203a0ddaf0b4eb8b2be541b9443
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://no.yourtripagent.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 20 Nov 2019 04:41:03 GMT
x-content-type-options
nosniff
age
2665130
x-dns-prefetch-control
off
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
12926
x-xss-protection
0
last-modified
Tue, 08 Jan 2019 13:59:46 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 19 Nov 2020 04:41:03 GMT
truncated
/ Frame B6EC
216 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f4982df4745bbfde74701eb6dfba4705fddba1c8276a8fc4d7557f52fdeb3eab

Request headers

Referer
https://no.yourtripagent.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
no.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame B6EC
3 KB
3 KB
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/no.png
Requested by
Host: no.yourtripagent.com
URL: https://no.yourtripagent.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
6f2021e21c056b0aa47e7133e957ec82c3835780fe37eb1736428c42146e6907
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://no.yourtripagent.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 21 Dec 2019 00:50:34 GMT
x-content-type-options
nosniff
content-type
image/png
server
cafe
age
559
etag
7127422092083725281
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
public, max-age=86400
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
2706
x-xss-protection
0
expires
Sun, 22 Dec 2019 00:50:34 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame B6EC
295 B
418 B
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: no.yourtripagent.com
URL: https://no.yourtripagent.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://no.yourtripagent.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 20 Dec 2019 21:53:21 GMT
x-content-type-options
nosniff
content-type
image/png
server
cafe
age
11192
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
public, max-age=86400
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Sat, 21 Dec 2019 21:53:21 GMT
l
www.google.com/ads/measurement/ Frame B6EC
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRxBm7dHiLU57TlhWVxF9_4ASiNiWmK8HLNXRrvEMFOyssbk53jBBcmDsvZhDWy7mR2yHAbuB6HgTNXFdwGk8-ogtUQGA
Requested by
Host: no.yourtripagent.com
URL: https://no.yourtripagent.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://no.yourtripagent.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

adview
securepubads.g.doubleclick.net/pagead/ Frame B6EC
0
0
Image
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CoOUDiW79XdOQLMPXgAfisIioBZrH3tdausKu2tQKFBABIKqAwyJguei-gNQBoAH_24rIA8gBAeACAKgDAaoE1wFP0E1m5soOq41yu65idVA5yByODi1ohfU6qoXMqD3beprfisUma8cPstmySMe9hZm582dlmGq3cvc-Acer2UafZ6kar17-LK5fyhinJA48iJGrYcWEk-XHxvc9Q3GBwPPCA-Uv5cUIYr9zDueg8x9WiW7qulCYixD4zF7GS4Pm3E8QxrcrAnCk_OznfyOGMiv564VxHfe4cr9FzbPtoL9_T_OtJeOUJGKg7XXJxrj5FdYypWpq39P1dkb7qh8fN4ujKOFY_GMC7VOWPnuRVCvIADN-LXJ7-cAE1daAs6oC4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGAB4bznAmoB47OG6gH1ckbqAeT2BuoB7oGqAfy2RuoB6a-G6gH7NUb2AcB8gcEEPq_EdIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tODgxNDEwNTM1Mzc3MjI4MIAKA8gLAdgTDJgWAQ&sigh=ou7G5XJL6RU&template_id=5001&tpd=AGWhJmtzNSCDi64Hxm3grjieffXM51Nt9jla7LNp3HjdDcdKTA
Requested by
Host: no.yourtripagent.com
URL: https://no.yourtripagent.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s25-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://no.yourtripagent.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ Frame B6EC
11 KB
11 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
Requested by
Host: no.yourtripagent.com
URL: https://no.yourtripagent.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Origin
https://no.yourtripagent.com

Response headers

date
Thu, 19 Dec 2019 18:22:41 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:48 GMT
server
sffe
age
110232
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
11056
x-xss-protection
0
expires
Fri, 18 Dec 2020 18:22:41 GMT
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ Frame B6EC
11 KB
11 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: no.yourtripagent.com
URL: https://no.yourtripagent.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Origin
https://no.yourtripagent.com

Response headers

date
Thu, 21 Nov 2019 15:36:21 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:50 GMT
server
sffe
age
2539412
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
11016
x-xss-protection
0
expires
Fri, 20 Nov 2020 15:36:21 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame B6EC
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
0
Image
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: no.yourtripagent.com
URL: https://no.yourtripagent.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Redirect headers

date
Sat, 21 Dec 2019 00:59:53 GMT
x-content-type-options
nosniff
server
safe
location
https://googleads.g.doubleclick.net/pagead/drt/si
content-type
text/html; charset=UTF-8
status
302
cache-control
private
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
246
x-xss-protection
0
amp4ads-v0.js
cdn.ampproject.org/rtv/211912120230490/ Frame DA0C
200 KB
55 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/211912120230490/amp4ads-v0.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019121002.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
12ee4324d941ddfb112a7d02dfb99a37263f174c3f22cfb3e1210dbbfb6ee50a
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://no.yourtripagent.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
149009
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
55698
x-xss-protection
0
server
sffe
date
Thu, 19 Dec 2019 07:36:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"2aa317b8b19a640a"
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 18 Dec 2020 07:36:25 GMT
amp-ad-exit-0.1.js
cdn.ampproject.org/rtv/211912120230490/v0/ Frame DA0C
15 KB
6 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/211912120230490/v0/amp-ad-exit-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019121002.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
c1a64db0211f2b323739f4d8debbaf208bf87da750b3e9f2116aabd786d98202
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://no.yourtripagent.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
149009
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
5585
x-xss-protection
0
server
sffe
date
Thu, 19 Dec 2019 07:36:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"cf8457b88dda80ae"
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 18 Dec 2020 07:36:25 GMT
amp-analytics-0.1.js
cdn.ampproject.org/rtv/211912120230490/v0/ Frame DA0C
91 KB
27 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/211912120230490/v0/amp-analytics-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019121002.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
2f923033b9b44493186b2e7a0f8b02f56889b8b8e081d3bde06bdaebcdb38400
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://no.yourtripagent.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
149012
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
27873
x-xss-protection
0
server
sffe
date
Thu, 19 Dec 2019 07:36:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"d64f6bd1810e2e2a"
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 18 Dec 2020 07:36:22 GMT
amp-fit-text-0.1.js
cdn.ampproject.org/rtv/211912120230490/v0/ Frame DA0C
3 KB
1 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/211912120230490/v0/amp-fit-text-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019121002.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
b89aed407a4897e3bf38eebd8ca2ecce01ad11ef40236afaf34f9b4d7194c142
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://no.yourtripagent.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
149011
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1388
x-xss-protection
0
server
sffe
date
Thu, 19 Dec 2019 07:36:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"b79cc0d9c1967818"
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 18 Dec 2020 07:36:23 GMT
amp-form-0.1.js
cdn.ampproject.org/rtv/211912120230490/v0/ Frame DA0C
46 KB
14 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/211912120230490/v0/amp-form-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019121002.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
50febffdb3ce13fed909380de7a90d7e4303137709b19b38ebf13658de4894b4
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://no.yourtripagent.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
149009
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
14656
x-xss-protection
0
server
sffe
date
Thu, 19 Dec 2019 07:36:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"ba038035738a98c3"
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 18 Dec 2020 07:36:25 GMT
no.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame DA0C
3 KB
3 KB
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/no.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019121002.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
6f2021e21c056b0aa47e7133e957ec82c3835780fe37eb1736428c42146e6907
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://no.yourtripagent.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 21 Dec 2019 00:50:34 GMT
x-content-type-options
nosniff
content-type
image/png
server
cafe
age
560
etag
7127422092083725281
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
public, max-age=86400
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
2706
x-xss-protection
0
expires
Sun, 22 Dec 2019 00:50:34 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame DA0C
295 B
360 B
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019121002.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://no.yourtripagent.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 20 Dec 2019 21:53:21 GMT
x-content-type-options
nosniff
content-type
image/png
server
cafe
age
11193
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
public, max-age=86400
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Sat, 21 Dec 2019 21:53:21 GMT
truncated
/ Frame DA0C
212 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
88e69d23e1b4397e468c5f6b8232be267702c3602f65e1892bfbce20a069600e

Request headers

Referer
https://no.yourtripagent.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
16989848564531557661
tpc.googlesyndication.com/simgad/ Frame DA0C
6 KB
6 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/16989848564531557661?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qn7hVOmVt7fqFaTwsHFp4R5wUR4Lg
Requested by
Host: no.yourtripagent.com
URL: https://no.yourtripagent.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
85e28019bf28a1afb89a4e57cdc103b08a9d65f8851172db108ab94b8800b5ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://no.yourtripagent.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 22 Nov 2019 04:51:55 GMT
x-content-type-options
nosniff
last-modified
Wed, 01 Apr 2015 00:57:34 GMT
server
sffe
age
2491679
content-type
image/png
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
5716
x-xss-protection
0
expires
Sat, 21 Nov 2020 04:51:55 GMT
l
www.google.com/ads/measurement/ Frame DA0C
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTGRLkQFXnuOzsE0EwNjcms93mk0yFUQ4RMmMCkUKok_fUC_OEjH94tpZG-4csOFq-erC1UeEBryGwKfNqQuhsRrZCQuQ
Requested by
Host: no.yourtripagent.com
URL: https://no.yourtripagent.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://no.yourtripagent.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

adview
securepubads.g.doubleclick.net/pagead/ Frame DA0C
0
0
Image
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CL9bOiW79Xa3nNZbXgAe3-bXAB5rH3tda6ryu2tQKFBABIKqAwyJguei-gNQBoAH_24rIA8gBAuACAKgDAcgDCKoE3gFP0CxycJNDBLSd82Aa_pxqpTfj_GArp6iGdiRIhOCNYQ1KnhS0dbc1S-QWLpXJ22aURqcauCTzS7zYS6Ox5dMR5ZS92K78GL3l0gL86UXMUdF4gq_8dxeC4eNq831ZNd8rMPYWYVJQeycDcvdfwuWv8cFmU0NXFoQ1sZLkNyYnteFAZlSXVuHD34cN0pjY_IDx6u1Ua2gx7nYiv3Jooswh9wHg49kYjRSQtRiQEKiDoO_Bi1wP0OTSQP1BebofBgF0Fh7SDN2WB4m3ELlWAq3mY4bTqc_heJcg6BiD-WDABNXWgLOqAuAEAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYCgAeG85wJqAeOzhuoB9XJG6gHk9gbqAe6BqgH8tkbqAemvhuoB-zVG9gHAfIHBBDTnwPSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTg4MTQxMDUzNTM3NzIyODCACgPICwHYEwyYFgE&sigh=ZVRP24cPZzk&tpd=AGWhJmv6LgqyZbhGxpURQckW1U9A_tT-QyCeturCz61vP8mAhA
Requested by
Host: no.yourtripagent.com
URL: https://no.yourtripagent.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s25-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://no.yourtripagent.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

no.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame B6EC
3 KB
3 KB
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/no.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/011912050130240/amp4ads-v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
6f2021e21c056b0aa47e7133e957ec82c3835780fe37eb1736428c42146e6907
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://no.yourtripagent.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 21 Dec 2019 00:50:34 GMT
x-content-type-options
nosniff
content-type
image/png
server
cafe
age
560
etag
7127422092083725281
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
public, max-age=86400
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
2706
x-xss-protection
0
expires
Sun, 22 Dec 2019 00:50:34 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame B6EC
295 B
357 B
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/011912050130240/amp4ads-v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://no.yourtripagent.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 20 Dec 2019 21:53:21 GMT
x-content-type-options
nosniff
content-type
image/png
server
cafe
age
11193
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
public, max-age=86400
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Sat, 21 Dec 2019 21:53:21 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame DA0C
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
0
Image
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: no.yourtripagent.com
URL: https://no.yourtripagent.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Redirect headers

date
Sat, 21 Dec 2019 00:59:54 GMT
x-content-type-options
nosniff
server
safe
location
https://googleads.g.doubleclick.net/pagead/drt/si
content-type
text/html; charset=UTF-8
status
302
cache-control
private
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
246
x-xss-protection
0
cygnus
as-sec.casalemedia.com/
24 B
908 B
XHR
General
Full URL
https://as-sec.casalemedia.com/cygnus?s=425896&v=7.2&r=%7B%22id%22%3A%221e66e6943d22b4%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2225021019832246%22%2C%22ext%22%3A%7B%22siteID%22%3A%22425896%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fno.yourtripagent.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%7D&ac=j&sd=1&
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid2.41.2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
aad31dee4c06caba2d20f3cf31c8e5cb4ab00d88d898fa007cd6225bbf91d7bb

Request headers

Referer
https://no.yourtripagent.com/
Origin
https://no.yourtripagent.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 21 Dec 2019 00:59:54 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Access-Control-Allow-Origin
https://no.yourtripagent.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
44
Expires
Sat, 21 Dec 2019 00:59:54 GMT
prebid
ib.adnxs.com/ut/v3/
144 B
1 KB
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid2.41.2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.206 , Netherlands, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS
301.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.13.4 /
Resource Hash
1d830234043d6f0d3d2610c794b7d465b846a52a6fc750eb34860029bc5fd721
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://no.yourtripagent.com/
Origin
https://no.yourtripagent.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 21 Dec 2019 00:59:56 GMT
X-Proxy-Origin
82.102.19.132; 82.102.19.132; 301.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.45:80
AN-X-Request-Uuid
a77bdccf-d31f-4581-b701-14c951d31653
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://no.yourtripagent.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
adx.adform.net/adx/
5 B
406 B
XHR
General
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTcyMzM0NCZ0cmFuc2FjdGlvbklkPThhNjU4NjM5LTk1MjMtNDRhYS04YzlmLTU4ODc1MGQyMWZhMCZyY3VyPVBMTg%3D%3D&pt=gross&stid=438bfdfd-6191-4534-a907-7aed3a3989e6&fd=1
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid2.41.2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8

Request headers

Referer
https://no.yourtripagent.com/
Origin
https://no.yourtripagent.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 21 Dec 2019 00:59:54 GMT
server
nginx
status
200
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://no.yourtripagent.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length
5
expires
-1
v1
prg.smartadserver.com/prebid/
0
1 KB
XHR
General
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid2.41.2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://no.yourtripagent.com/
Origin
https://no.yourtripagent.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 21 Dec 2019 00:59:54 GMT
X-SMRT-D
4%3b19%3b59
P3P
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Access-Control-Allow-Origin
https://no.yourtripagent.com
Cache-Control
no-cache, no-store
Access-Control-Allow-Credentials
true
Content-Type
application/json
Content-Length
0
Expires
-1
bids
prebid-eu.creativecdn.com/bidder/prebid/
0
206 B
XHR
General
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid2.41.2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.30 , Poland, ASN204995 (RTB-HOUSE-AMS, NL),
Reverse DNS
ip-185-184-8-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://no.yourtripagent.com/
Origin
https://no.yourtripagent.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

status
204
date
Sat, 21 Dec 2019 00:59:54 GMT
access-control-allow-credentials
true
access-control-allow-origin
https://no.yourtripagent.com
access-control-max-age
3600
access-control-allow-methods
POST
16989848564531557661
tpc.googlesyndication.com/simgad/ Frame DA0C
6 KB
6 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/16989848564531557661?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qn7hVOmVt7fqFaTwsHFp4R5wUR4Lg
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/211912120230490/amp4ads-v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
85e28019bf28a1afb89a4e57cdc103b08a9d65f8851172db108ab94b8800b5ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://no.yourtripagent.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 22 Nov 2019 04:51:55 GMT
x-content-type-options
nosniff
last-modified
Wed, 01 Apr 2015 00:57:34 GMT
server
sffe
age
2491679
content-type
image/png
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
5716
x-xss-protection
0
expires
Sat, 21 Nov 2020 04:51:55 GMT
no.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame DA0C
3 KB
3 KB
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/no.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/211912120230490/amp4ads-v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
6f2021e21c056b0aa47e7133e957ec82c3835780fe37eb1736428c42146e6907
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://no.yourtripagent.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 21 Dec 2019 00:50:34 GMT
x-content-type-options
nosniff
content-type
image/png
server
cafe
age
560
etag
7127422092083725281
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
public, max-age=86400
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
2706
x-xss-protection
0
expires
Sun, 22 Dec 2019 00:50:34 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame DA0C
295 B
357 B
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/211912120230490/amp4ads-v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://no.yourtripagent.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 20 Dec 2019 21:53:21 GMT
x-content-type-options
nosniff
content-type
image/png
server
cafe
age
11193
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
public, max-age=86400
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Sat, 21 Dec 2019 21:53:21 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame B6EC
42 B
110 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssZIJgqx141Q82zVEMlPqDx-Ez_nBRh_tfLoRV7pgDwdD4OND_ZmImdkkyvoz4qmMPQBCEiMUV2cHx3-U0sCk_e7JyCCc2Wuwhjmk1pHa_6fcRkhqH6gQEWO1TQiQ&sai=AMfl-YSCOQ7FB-ThPRqFQ-3t7lQaQumFQuA9_MiaNEUYvWxDuayuMA_rLsVALixYTVNY3CkUne1r1Y_M6_Qp6DSxMQnTiM0PjpFpBWStsSggon8M4pV5PDN4HxKelFY&sig=Cg0ArKJSzJkKGOvH7sS-EAE&cid=CAASF-RowK7PJ-GzPR7i3XGLvbPEJwCVk6f0&id=ampim&o=308,1110&d=970,90&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=127&tls=1127&g=100&h=100&tt=1127&r=v&adk=1328295001&avms=ampa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://no.yourtripagent.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 Dec 2019 00:59:55 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, must-revalidate
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame DA0C
42 B
110 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuaZMRuxobHv68hJhdpsFjXMYRAc0mX8wLlYrAnMtnhbTPYH_Atm0C8zhVdshGT5eDP1eXp4xqc16V_I3WVP33yzxM1uL4EJTCjusKaeiuzgnUgSwETfFncG-8maA&sai=AMfl-YTSjWadGkXjG3F7w9Sr3N5qDlAg5NJ5xJwWiAmARW1UupCaEj68SrBs0MzzdIzv6txhrsh05cjlDywb9etQxCw0PqD0EaDJFguKWxftywHz_avD69AWhueYyVFO&sig=Cg0ArKJSzDDGSvLMQrBfEAE&cid=CAASF-RooDtTxUG_p5cQngi3jbRP7oaZf_Y1&id=ampim&o=429,202&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=117&tls=1117&g=100&h=100&tt=1117&r=v&adk=251913816&avms=ampa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://no.yourtripagent.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 Dec 2019 00:59:55 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, must-revalidate
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
optad360.js
serving.stat-rock.com/player/
248 KB
80 KB
Script
General
Full URL
https://serving.stat-rock.com/player/optad360.js
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/3ff9a226-acf3-494c-bc19-38c88c7fb08e/plugin.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.76.86.4 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
ap2.adplayer.pro
Software
nginx /
Resource Hash
5ca65f76b2755d221b152fb27c8b85fb20872d3e6496c92105eb6f96ebdb3799

Request headers

Referer
https://no.yourtripagent.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 21 Dec 2019 00:59:56 GMT
content-encoding
gzip
last-modified
Fri, 20 Dec 2019 12:14:45 GMT
server
nginx
etag
W/"5dfcbb35-3de00"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=600
truncated
/ Frame A555
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame A555
715 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame A555
626 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a77319d6ab3cf3a1c4a4a5ba4e6c5b3ccf689c5269ddb896b93b2393b93d319c

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame A555
630 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b66b3852ff6dbd325b0ba68ff6e6a86419269ac0a8d0f3f339feba3d9123fac2

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame A555
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
77f29a56a767d3352c66e30c98b1a48181b6030ee14d8708bd98a268d569c855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame A555
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
52f714c3f78011bc97493a37219e75e9edf220b7e9de5e7c3f40d6644c7a3232

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml
1
serving.stat-rock.com/v1/log/js/
35 B
233 B
Image
General
Full URL
https://serving.stat-rock.com/v1/log/js/1?id=1576889996523.78&type=INIT&placementId=hb3_G2ZNDtYK2jOHlEfSvAb-0IW9_eBuI2U5fOuXM2YMAad3voo1&tagId=&message=&u=https%3A%2F%2Fno.yourtripagent.com%2F&t=65&v=55&r=0.83766347955271
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.76.86.4 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
ap2.adplayer.pro
Software
nginx /
Resource Hash
0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://no.yourtripagent.com/
Origin
https://no.yourtripagent.com

Response headers

date
Sat, 21 Dec 2019 00:59:56 GMT
server
nginx
srvb
127.0.0.1:8082
access-control-allow-origin
https://no.yourtripagent.com
access-control-allow-methods
OPTIONS, GET
content-type
image/gif
status
200
access-control-allow-credentials
true
content-length
35
srvf
144.76.86.4
/
adx.adform.net/adx/
5 B
405 B
XHR
General
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTc0ODI5MCZ0cmFuc2FjdGlvbklkPWNjMzQxZmIxLTQzZmUtNDRkMy05YWU1LTU2N2RiNTk4ZTNiOCZyY3VyPVBMTg%3D%3D&pt=gross&stid=b3ef7310-91d7-4ce2-8810-b53249bd92eb&fd=1
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid_adplayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8

Request headers

Referer
https://no.yourtripagent.com/
Origin
https://no.yourtripagent.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 21 Dec 2019 00:59:56 GMT
server
nginx
status
200
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://no.yourtripagent.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length
5
expires
-1
prebid
ib.adnxs.com/ut/v3/
144 B
1 KB
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid_adplayer.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.206 , Netherlands, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS
301.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.13.4 /
Resource Hash
da1df5831c689016f4c4e43515a90942ca9d345ca32a9d0629f6c40fff02fc76
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://no.yourtripagent.com/
Origin
https://no.yourtripagent.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 21 Dec 2019 00:59:58 GMT
X-Proxy-Origin
82.102.19.132; 82.102.19.132; 301.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.154:80
AN-X-Request-Uuid
7ca05e53-d82c-4695-b991-805ab3a0a7a5
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://no.yourtripagent.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ad.css
serving.stat-rock.com/v1/ad/
0
175 B
XHR
General
Full URL
https://serving.stat-rock.com/v1/ad/ad.css?
Requested by
Host: serving.stat-rock.com
URL: https://serving.stat-rock.com/player/optad360.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.76.86.4 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
ap2.adplayer.pro
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
*/*
Referer
https://no.yourtripagent.com/
Origin
https://no.yourtripagent.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 21 Dec 2019 00:59:56 GMT
server
nginx
srvb
127.0.0.1:8082
status
204
access-control-allow-methods
OPTIONS, GET
access-control-allow-origin
https://no.yourtripagent.com
access-control-allow-credentials
true
srvf
144.76.86.4
1
serving.stat-rock.com/v1/log/js/
35 B
232 B
Image
General
Full URL
https://serving.stat-rock.com/v1/log/js/1?id=1576889996523.78&type=OPPORTUNITY&placementId=hb3_G2ZNDtYK2jOHlEfSvAb-0IW9_eBuI2U5fOuXM2YMAad3voo1&tagId=&message=&u=https%3A%2F%2Fno.yourtripagent.com%2F&t=140&v=55&r=0.9186724361092462
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.76.86.4 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
ap2.adplayer.pro
Software
nginx /
Resource Hash
0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://no.yourtripagent.com/
Origin
https://no.yourtripagent.com

Response headers

date
Sat, 21 Dec 2019 00:59:56 GMT
server
nginx
srvb
127.0.0.1:8082
access-control-allow-origin
https://no.yourtripagent.com
access-control-allow-methods
OPTIONS, GET
content-type
image/gif
status
200
access-control-allow-credentials
true
content-length
35
srvf
144.76.86.4
truncated
/ Frame A555
229 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
73d59c995fa22aef994576aeee12a68cd2dd63735b6aa04b342dca9f75e83b34

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.yourtripagent.com
URL
https://www.yourtripagent.com/template/template/css/pxibyp8kv8jhgfvrlcz7z1xlfq.woff2
Domain
www.yourtripagent.com
URL
https://www.yourtripagent.com/template/template/css/kfomcnqeu92fr1mu4mxk.woff2
Domain
www.yourtripagent.com
URL
https://www.yourtripagent.com/template/template/css/fontawesome-webfont_001.woff2
Domain
www.yourtripagent.com
URL
https://www.yourtripagent.com/template/template/css/pxieyp8kv8jhgfvrjjfecg.woff2
Domain
www.yourtripagent.com
URL
https://www.yourtripagent.com/template/template/css/fontawesome-webfont_001.woff
Domain
www.yourtripagent.com
URL
https://www.yourtripagent.com/template/template/css/fontawesome-webfont_001.ttf
Domain
www.yourtripagent.com
URL
https://www.yourtripagent.com/template/template/css/fontawesome-webfont.woff2
Domain
www.yourtripagent.com
URL
https://www.yourtripagent.com/template/template/css/fontawesome-webfont.woff
Domain
www.yourtripagent.com
URL
https://www.yourtripagent.com/template/template/css/fontawesome-webfont.ttf

Verdicts & Comments Add Verdict or Comment

93 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| adsbygoogle object| google_js_reporting_queue number| google_srt object| google_ad_modifications object| google_logging_queue object| ggeac boolean| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots function| google_spfd object| google_sv_map object| google_t12n_vars object| AdSlotCollection object| regeneratorRuntime function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| google_jobrunner object| google_persistent_state_async object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| google_iframe_oncopy boolean| google_osd_loaded boolean| google_onload_fired function| atwpjp string| _atd function| _euc function| _duc object| _atc string| _atr object| addthis string| addthis_pub function| emdot object| _ate object| _adr object| addthis_conf function| addthis_open function| addthis_close function| addthis_sendto function| ym object| cookieconsent object| googletag object| pbjs325474 object| pbjs object| addthis_share object| addthis_config object| Sk function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb function| pbjs325474Chunk object| _pbjsGlobals object| __core-js_shared__ function| JSEncrypt function| pbjsChunk boolean| __@@##MUH object| closure_memoize_cache_ object| Ya object| yaCounter54055402 object| _atw boolean| google_noFetch number| google_unique_id object| addthis_translations object| __AMP_LOG object| __AMP_ERRORS boolean| ampInaboxInitialized object| __AMP_MODE function| __AMP_REPORT_ERROR object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| AMP string| addthis_exclude boolean| addthis_use_personalization string| addthis_options_default string| addthis_options_rank string| addthis_options object| __callbacks function| AdPlayerPro object| DMVAST function| playerPro

8 Cookies

Domain/Path Name / Value
.yourtripagent.com/ Name: _ym_visorc_54055402
Value: w
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.yourtripagent.com/ Name: _ym_d
Value: 1576889994
.yourtripagent.com/ Name: _ym_isad
Value: 2
no.yourtripagent.com/ Name: __atuvs
Value: 5dfd6e895d223037000
.yourtripagent.com/ Name: _ym_uid
Value: 1576889994539054576
no.yourtripagent.com/ Name: __atuvc
Value: 1%7C51
.yourtripagent.com/ Name: __cfduid
Value: de4742bc42fc73865a61eb5d9fbb180641576889992

4 Console Messages

Source Level URL
Text
console-api error URL: https://netspooke3.biz/?pu=gy4giyldme5ha3ddf4ytinrw(Line 126)
Message:
Error: Browser is not suitable for subscriptions
console-api error URL: https://disgust.top/embed?key=clz2vteznvfpzddowdronvqwk3zvdz09(Line 94)
Message:
Error: Browser is not suitable for subscriptions
console-api info URL: https://cdn.ampproject.org/rtv/011912050130240/amp4ads-v0.js(Line 412)
Message:
Powered by AMP ⚡ HTML – Version 1912050130240 https://no.yourtripagent.com/
console-api info URL: https://cdn.ampproject.org/rtv/211912120230490/amp4ads-v0.js(Line 410)
Message:
Powered by AMP ⚡ HTML – Version 1912120230490 https://no.yourtripagent.com/

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
adx.adform.net
as-sec.casalemedia.com
cdn.ampproject.org
cdn.jsdelivr.net
counter.yadro.ru
disgust.top
fonts.googleapis.com
fonts.gstatic.com
get.optad360.io
googleads.g.doubleclick.net
ib.adnxs.com
mc.yandex.ru
netspooke3.biz
no.yourtripagent.com
pagead2.googlesyndication.com
prebid-eu.creativecdn.com
prg.smartadserver.com
s7.addthis.com
securepubads.g.doubleclick.net
serving.stat-rock.com
tpc.googlesyndication.com
v1.addthisedge.com
www.google.com
www.googletagservices.com
www.yourtripagent.com
z.moatads.com
www.yourtripagent.com
144.76.86.4
167.71.72.151
185.184.8.30
185.33.223.206
185.86.138.121
2.18.234.21
2.18.235.40
216.58.207.66
23.210.248.44
2600:9000:214f:8600:11:a4de:2580:93a1
2606:4700:30::681b:82be
2606:4700:30::681f:41bf
2606:4700::6810:5714
2a00:1450:4001:800::2001
2a00:1450:4001:809::200a
2a00:1450:4001:814::2001
2a00:1450:4001:816::2003
2a00:1450:4001:81a::2002
2a00:1450:4001:81c::2002
2a00:1450:4001:81d::2004
2a00:1450:4001:821::2002
2a02:6b8::1:119
37.157.6.247
88.212.201.216
00a6116c8f6c8edfd446dd3c33c6ffd7d067e6e30cf5ae066af77d7ced207ba8
01812210361be843e8f1e25b6715274836f1ab025f3069b16b3322afdc472428
01fabd1c1d3c624fb4a61fdb5fce8648db3e3c542a818ac3a846e0e19b38f153
0289758c8c964fbe0ec421527203b54fa728f037f3e023b002691158c82d7f98
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540
05e90bf91c45c58f32d35f3f577a3c27d60e90658a07ce07caeeaa26670eefbf
0f9b7472bb976f6492f4260ac2babb8666ac4b0bfc389312dd86574c3ddfd088
12ee4324d941ddfb112a7d02dfb99a37263f174c3f22cfb3e1210dbbfb6ee50a
15a92a7811588cdce3450b618f9084a5c07d6d1441e45eb03adf7bc765f5b6ca
1b622b5e0cbe2fbbdb84a586f1cd7f77216d6981981fe50072ea8e9a05456108
1d830234043d6f0d3d2610c794b7d465b846a52a6fc750eb34860029bc5fd721
20c828228ba8886fc8c55ea15367ccdc5c2e14a10dedf12a2a9f8b13be17bf0d
20cdda5f0e51f5dac5693ffe15fb394528dd838e9887a785de1d02e3bb2a418f
216fd62bccc74ef4e4d35292cd4874e7072a4fb30685afb6235d894a3ec1a2df
249f5eb97aa74fbf0915e6c93001b9359268905777debf6cb87c6af7c7104d5a
261c334884d6a6fb5a782adcdecc3b0342868793e259aed983f29ac0a514756c
29f606244aba28b2ef12601f3a007b334aa83bc3fbb7cc957717c5f8526a2f5e
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f923033b9b44493186b2e7a0f8b02f56889b8b8e081d3bde06bdaebcdb38400
30dcea4f6793e2ad92caac9989909fb5cda51c7ea736921eb0c56515c11816b6
36039a22e62e1c0e63b6348b1dab63fb1f472a0ffb20e06d42108705e77bf1a7
3add1f858dac6ad44935cfb98c0fd485d1a5959118268fa11b40f73254fb8462
3cdc0a5ea9bae725bdcaeb0b5ce39e930ded6203a0ddaf0b4eb8b2be541b9443
463ce0edc8159ca6cfa869e7c54854eb780bc35b4e944e3366136fdad3ece823
4c52ed8f9039265ffed7fdca0b967b2624325e6356433f437e044b0dd332cddf
4cb6e83e8e51f4d6ad9d06d65e164ab14010f67c611f644fa23abbeac7fcab2a
4e467353fac9972db09ec14359bddd1ab72b96f40db1d0a5ed0e2c5ec34d02a9
4f1094746331736d7a34b6d1e651184750e3600fd9b035947b33977fc7e363d7
50febffdb3ce13fed909380de7a90d7e4303137709b19b38ebf13658de4894b4
52f714c3f78011bc97493a37219e75e9edf220b7e9de5e7c3f40d6644c7a3232
53637866c5c5d5bad4a0342a6eb2fd39d7125273c57cd7a3aca611f31da84c8f
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
5ca65f76b2755d221b152fb27c8b85fb20872d3e6496c92105eb6f96ebdb3799
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
5eea15228cf1c875fbe630e70a73c7326ae4daa21e240613ee5c35482194ca85
627128aa43dc242642c6d678f53ebface174b2a3a3de58522b644fd5c61c5f67
63890326f558587b0840eb0a6e6377f1bf39264e015e568f4c2a03aefce3f929
68bcdec2fdc6ce23468b97a8c39a3f9eb86233e03be5072bf3b438ac1433714d
6bba84ac50e19eb94abc6d32a9aaaee4222a40545e3e98234923152cb6ba4c66
6f2021e21c056b0aa47e7133e957ec82c3835780fe37eb1736428c42146e6907
73d59c995fa22aef994576aeee12a68cd2dd63735b6aa04b342dca9f75e83b34
77be30971fd020eb16acf9670a832683a4b35be128a3f8e3ba02d10d2bde2beb
77f29a56a767d3352c66e30c98b1a48181b6030ee14d8708bd98a268d569c855
7c20e3e201e3d7c6821e907def1257deb544eb08578c7129b96d53bbf62d34e4
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
816ec7f0b489b0fd32872606d9458c49ac0d3f3fcbb901bd0a38f797d2eb14b1
8194ff3826976ab39199703c90dca9ddec292bfe5033e69e473f76b7fb8742e5
843ff5913271a173687f36c3c429f04dd2967e492d447ef7623775b50d3661e7
85e28019bf28a1afb89a4e57cdc103b08a9d65f8851172db108ab94b8800b5ea
88e69d23e1b4397e468c5f6b8232be267702c3602f65e1892bfbce20a069600e
898758f907573229d597fbb0a3f0454cb97f83e236c3809b1dd427d24083be80
909e203d92f64451854045777c8f35b878c0de34bc778c84be2eb6f0f0b5e4db
94e5bbd81e1bf29064c2deb5f9eb4613a9b4e85241b10cad0d824b3257d446b8
9a096fb37a7a06bcbdef32a1f2a0c0c216850f00e2235d6f284c82766d1d1650
9b6aabdeb53d0b47ead7b818ebc4a04220f1caaa2523cba1dbd27194fa99a1ca
9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627
a77319d6ab3cf3a1c4a4a5ba4e6c5b3ccf689c5269ddb896b93b2393b93d319c
aad31dee4c06caba2d20f3cf31c8e5cb4ab00d88d898fa007cd6225bbf91d7bb
ab99b94ce42722a9b966906754075df92c870cb9ff1aa1c48920008806079153
afb6556a3c0f34af178a01abc2cabedccf78df1a4985918765dcc8047ac84963
b0e077c071d8cadd7f559a3bfba9b136c071a5a0bc7cb6d952171b5f427cfa11
b388700842c722b76892ae257a262436a354966566be5fc2fc06dcb7a006d49d
b40f4ce40ca7f75e59a83ab8b9f5f342c398e5eb7ef531b5ce9dd7c336ffe466
b66b3852ff6dbd325b0ba68ff6e6a86419269ac0a8d0f3f339feba3d9123fac2
b70619ef0c4ae71661967d69ee82e4bd4804a0880ec8ad3ef4710eef5d2ae841
b89aed407a4897e3bf38eebd8ca2ecce01ad11ef40236afaf34f9b4d7194c142
c1a64db0211f2b323739f4d8debbaf208bf87da750b3e9f2116aabd786d98202
cacba9cf70e0944034d2524391974519bd75651e7264fc53809ba0f25584ef83
cd0d0b6e50ff01ff2f3a9a70d7cfb66a7c6cb9acf7a566325568be6d3bd31fc4
cd64397beed6b723fc13f6936e0ab276f0e8c804d08fa24a18e79e2484336547
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
da1df5831c689016f4c4e43515a90942ca9d345ca32a9d0629f6c40fff02fc76
de86051bb696ad85a77ddb6edf16fc6a51794ea3ac3e3599623da3822cd3ff77
e078d3b9c943b8ef953ed9597c27bdaf2988ca3821b80269653f0ed8b23992df
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5540d82c7049d035194d3bec436cf46428bec5a8c9a22218aa5958e7b6a9950
e55842a856a6d829feca3c3ad736c136b6c7549e9247274f78aa296259e06e24
e895556eeeaf04e8539047b7c449d60066b9d0a6f0c1e362a0b457227867262f
ecb3ab53f3487b35db40ba2be8f4ec4ca9c3d49eb768c17797e1aa09261a4011
ecc0c4a707efeb061b7de57440221feb21ab08022938aaacee779e98fe809235
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efe95cb2cc312e0132b0ce914c642ecee0534223df3f1d47579cdabe6cc070cd
f2b91f8c18c75402eec9c7e8643a08e86ad88c15de853f13e70ca422a8c4a182
f4982df4745bbfde74701eb6dfba4705fddba1c8276a8fc4d7557f52fdeb3eab