Submitted URL: http://www.breathtakingrussia.com/
Effective URL: https://breathtakingrussia.com/
Submission: On March 19 via api from CA — Scanned from CA

Summary

This website contacted 10 IPs in 2 countries across 7 domains to perform 42 HTTP transactions. The main IP is 2a00:f940:2:2:1:4:0:105, located in Russian Federation and belongs to AS-REG, RU. The main domain is breathtakingrussia.com.
TLS certificate: Issued by R3 on March 19th 2022. Valid for: 3 months.
This is the only time breathtakingrussia.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
19 breathtakingrussia.com
www.breathtakingrussia.com
breathtakingrussia.com
933 KB
12 cloudfront.net
d33dc62u65lw34.cloudfront.net
613 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 31
21 KB
4 gstatic.com
fonts.gstatic.com
130 KB
3 sharethis.com
l.sharethis.com — Cisco Umbrella Rank: 4230
platform-api.sharethis.com — Cisco Umbrella Rank: 4644
9 KB
2 pinterest.com
assets.pinterest.com — Cisco Umbrella Rank: 2430
log.pinterest.com — Cisco Umbrella Rank: 3280
19 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 54
36 KB
42 7
Domain Requested by
17 breathtakingrussia.com breathtakingrussia.com
12 d33dc62u65lw34.cloudfront.net breathtakingrussia.com
4 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
breathtakingrussia.com
4 fonts.gstatic.com breathtakingrussia.com
2 l.sharethis.com 1 redirects breathtakingrussia.com
2 www.breathtakingrussia.com 2 redirects
1 log.pinterest.com breathtakingrussia.com
1 platform-api.sharethis.com breathtakingrussia.com
1 assets.pinterest.com breathtakingrussia.com
1 www.googletagmanager.com breathtakingrussia.com
42 10

This site contains links to these domains. Also see Links.

Domain
www.instagram.com
www.facebook.com
www.youtube.com
www.tripadvisor.ru
pria.digital
Subject Issuer Validity Valid
breathtakingrussia.com
R3
2022-03-19 -
2022-06-17
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2022-02-28 -
2022-05-23
3 months crt.sh
*.cloudfront.net
Amazon
2022-02-01 -
2023-01-31
a year crt.sh
*.gstatic.com
GTS CA 1C3
2022-02-28 -
2022-05-23
3 months crt.sh
*.pinterest.com
DigiCert TLS RSA SHA256 2020 CA1
2021-07-26 -
2022-08-05
a year crt.sh
sharethis.com
Amazon
2021-07-19 -
2022-08-17
a year crt.sh

This page contains 1 frames:

Primary Page: https://breathtakingrussia.com/
Frame ID: 8E397B13FB999EEFBD60FBB889BF4E7D
Requests: 46 HTTP requests in this frame

Screenshot

Page Title

Breathtaking Russia • Selection of tours in Russia and booking excursions in Moscow

Page URL History Show full URLs

  1. http://www.breathtakingrussia.com/ HTTP 301
    https://www.breathtakingrussia.com/ HTTP 301
    https://breathtakingrussia.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

42
Requests

98 %
HTTPS

67 %
IPv6

7
Domains

10
Subdomains

10
IPs

2
Countries

1784 kB
Transfer

4136 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.breathtakingrussia.com/ HTTP 301
    https://www.breathtakingrussia.com/ HTTP 301
    https://breathtakingrussia.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 27
  • https://l.sharethis.com/pview?event=pview&hostname=breathtakingrussia.com&location=%2F&product=unknown&url=https%3A%2F%2Fbreathtakingrussia.com%2F&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=Breathtaking%20Russia%20%E2%80%A2%20Selection%20of%20tours%20in%20Russia%20and%20booking%20excursions%20in%20Moscow&cms=unknown&publisher=anonymous&sop=true&version=st_sop.js&lang=en&description=Breathtaking%20Russia%20%E2%9E%A8%20Large%20selection%20of%20tours%20in%20Russia%20with%20a%20description%20and%20prices%20%E2%9C%93%20Book%20your%20excursions%20online%20or%20by%20phone%20%2B7%20(926)%20280%209390 HTTP 301
  • https://l.sharethis.com/sc?event=pview&hostname=breathtakingrussia.com&location=%2F&product=unknown&url=https%3A%2F%2Fbreathtakingrussia.com%2F&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=Breathtaking%20Russia%20%E2%80%A2%20Selection%20of%20tours%20in%20Russia%20and%20booking%20excursions%20in%20Moscow&cms=unknown&publisher=anonymous&sop=true&version=st_sop.js&lang=en&description=Breathtaking%20Russia%20%E2%9E%A8%20Large%20selection%20of%20tours%20in%20Russia%20with%20a%20description%20and%20prices%20%E2%9C%93%20Book%20your%20excursions%20online%20or%20by%20phone%20%2B7%20(926)%20280%209390&samesite=None

42 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
breathtakingrussia.com/
Redirect Chain
  • http://www.breathtakingrussia.com/
  • https://www.breathtakingrussia.com/
  • https://breathtakingrussia.com/
311 KB
101 KB
Document
General
Full URL
https://breathtakingrussia.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:f940:2:2:1:4:0:105 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software
nginx / PHP/5.6.36
Resource Hash
d6e8ec5ee72e8ffc86ca0b5f9c227aa4e48a947a2d2534869b4bc64a72987623

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-CA,en;q=0.9

Response headers

server
nginx
date
Sat, 19 Mar 2022 18:04:29 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/5.6.36
link
<https://breathtakingrussia.com/wp-json/>; rel="https://api.w.org/", <https://breathtakingrussia.com/>; rel=shortlink
expires
Fri, 10 Mar 2023 13:06:20 GMT
content-encoding
gzip
vary
Accept-Encoding
last-modified
Thu, 10 Mar 2022 13:06:20 GMT
etag
"8e73ffe4e7055b5b148a3fb4a8c46c93"
access-control-allow-origin
*
referrer-policy
no-referrer-when-downgrade

Redirect headers

server
nginx
date
Sat, 19 Mar 2022 18:04:29 GMT
content-type
text/html; charset=UTF-8
content-length
20
x-powered-by
PHP/5.6.36
expires
Sat, 11 Mar 2023 18:25:50 GMT
content-encoding
gzip
vary
Accept-Encoding
location
https://breathtakingrussia.com/
last-modified
Fri, 11 Mar 2022 18:25:50 GMT
etag
"7029066c27ac6f5ef18d660d5741979a"
access-control-allow-origin
*
referrer-policy
no-referrer-when-downgrade
fda823a49cd6a202fbd293bffc653c6f.css
breathtakingrussia.com/wp-content/litespeed/css/
1 MB
263 KB
Stylesheet
General
Full URL
https://breathtakingrussia.com/wp-content/litespeed/css/fda823a49cd6a202fbd293bffc653c6f.css?ver=61c82
Requested by
Host: breathtakingrussia.com
URL: https://breathtakingrussia.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:f940:2:2:1:4:0:105 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software
nginx /
Resource Hash
44acae7105cd9164551b4e3c1b37c222b3d5b34efaffe7b2d56883e2597a5d98

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://breathtakingrussia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 18:04:29 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 08 Feb 2022 11:38:34 GMT
server
nginx
etag
"13cd43-5d780283d3522-gzip"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
expires
Sun, 19 Mar 2023 18:04:29 GMT
js
www.googletagmanager.com/gtag/
92 KB
36 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-150321585-1
Requested by
Host: breathtakingrussia.com
URL: https://breathtakingrussia.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2008 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d666d68c0606f29b1cfdb0b57c3037f352857704cfdff5dd370294cbe48b5395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://breathtakingrussia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 18:04:29 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36776
x-xss-protection
0
expires
Sat, 19 Mar 2022 18:04:29 GMT
jquery.js
d33dc62u65lw34.cloudfront.net/wp-includes/js/jquery/
95 KB
33 KB
Script
General
Full URL
https://d33dc62u65lw34.cloudfront.net/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by
Host: breathtakingrussia.com
URL: https://breathtakingrussia.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21ec:c000:b:457c:ac00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://breathtakingrussia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 18:03:27 GMT
content-encoding
gzip
age
62
x-cache
Hit from cloudfront
content-length
33776
access-control-allow-origin
*
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 20 Sep 2019 13:54:10 GMT
server
nginx
etag
"17a69-592fc67890480-gzip"
vary
Accept-Encoding
content-type
application/x-javascript
via
1.1 f2a089fdf9c4d9b8b64603e525d1fdf4.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
JFK51-C1
accept-ranges
bytes
x-amz-cf-id
uaovD9Xplg2xFEZG5gkRmYfBrLJMy3Eh77q3jo-nuLTkVT6EOjTUpQ==
expires
Sun, 19 Mar 2023 18:03:27 GMT
frontend-gtag.js
d33dc62u65lw34.cloudfront.net/wp-content/plugins/google-analytics-dashboard-for-wp/assets/js/
28 KB
7 KB
Script
General
Full URL
https://d33dc62u65lw34.cloudfront.net/wp-content/plugins/google-analytics-dashboard-for-wp/assets/js/frontend-gtag.js?ver=7.3.0
Requested by
Host: breathtakingrussia.com
URL: https://breathtakingrussia.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21ec:c000:b:457c:ac00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
71597aa99c05dc133319016ba3d025454b174b5c08b9178d19bc70bd5cb586d0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://breathtakingrussia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 18:03:29 GMT
content-encoding
gzip
age
60
x-cache
Hit from cloudfront
content-length
6190
access-control-allow-origin
*
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 17 Jan 2022 12:58:51 GMT
server
nginx
etag
"6ff6-5d5c6b6e0ddd0-gzip"
vary
Accept-Encoding
content-type
application/x-javascript
via
1.1 f2a089fdf9c4d9b8b64603e525d1fdf4.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
JFK51-C1
accept-ranges
bytes
x-amz-cf-id
VHY4gGY8L5ET7MYUCw70C6aCTLaDc19eQNXejo5IlO8W08_b372-rA==
expires
Sun, 19 Mar 2023 18:03:29 GMT
frontend-gtag.js
d33dc62u65lw34.cloudfront.net/wp-content/plugins/google-analytics-for-wordpress/assets/js/
28 KB
7 KB
Script
General
Full URL
https://d33dc62u65lw34.cloudfront.net/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.js?ver=8.3.0
Requested by
Host: breathtakingrussia.com
URL: https://breathtakingrussia.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21ec:c000:b:457c:ac00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
536832377d7eb6423d92a0b3c770f2eb85f720a8c6cc313fc6ec600ecdc731f6

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://breathtakingrussia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 18:03:29 GMT
content-encoding
gzip
age
60
x-cache
Hit from cloudfront
content-length
6191
access-control-allow-origin
*
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 17 Jan 2022 12:59:05 GMT
server
nginx
etag
"7038-5d5c6b7b358a0-gzip"
vary
Accept-Encoding
content-type
application/x-javascript
via
1.1 f2a089fdf9c4d9b8b64603e525d1fdf4.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
JFK51-C1
accept-ranges
bytes
x-amz-cf-id
SyqpZG1oXR8gk7cua0S7GG4vvpuzXG02a968Ysyyd1bd6ZJrrsrCTQ==
expires
Sun, 19 Mar 2023 18:03:29 GMT
2a74ffbcc4e1b959a1c57e875d58a5ee.js
breathtakingrussia.com/wp-content/litespeed/js/
1 MB
329 KB
Script
General
Full URL
https://breathtakingrussia.com/wp-content/litespeed/js/2a74ffbcc4e1b959a1c57e875d58a5ee.js?ver=61c82
Requested by
Host: breathtakingrussia.com
URL: https://breathtakingrussia.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:f940:2:2:1:4:0:105 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software
nginx /
Resource Hash
b3cad681fb83708109ed4590f7210be11fea54b85d3227c33b3b268f4ef7d74b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://breathtakingrussia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 18:04:29 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 10 Mar 2022 13:06:20 GMT
server
nginx
etag
"1240ea-5d9dce156e371-gzip"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
expires
Sun, 19 Mar 2023 18:04:29 GMT
truncated
/
725 B
0
Script
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b912bcebe93c51cc418e5e2e4966550259ae46b3a1a39a87dfa7553b775065f8

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
text/javascript
truncated
/
42 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://breathtakingrussia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
KFOmCnqEu92Fr1Mu4mxP.ttf
fonts.gstatic.com/s/roboto/v29/
35 KB
21 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxP.ttf
Requested by
Host: breathtakingrussia.com
URL: https://breathtakingrussia.com/wp-content/litespeed/css/fda823a49cd6a202fbd293bffc653c6f.css?ver=61c82
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2003 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
52e0349a641604d5204952039bfac8acde78242227defae8864d1caa48b8c5c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://breathtakingrussia.com/wp-content/litespeed/css/fda823a49cd6a202fbd293bffc653c6f.css?ver=61c82
Origin
https://breathtakingrussia.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 00:43:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
148854
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20743
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:21 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 18 Mar 2023 00:43:36 GMT
tripadvisor.png
breathtakingrussia.com/wp-content/themes/travel-log-child/img/
2 KB
2 KB
Image
General
Full URL
https://breathtakingrussia.com/wp-content/themes/travel-log-child/img/tripadvisor.png
Requested by
Host: breathtakingrussia.com
URL: https://breathtakingrussia.com/wp-content/litespeed/css/fda823a49cd6a202fbd293bffc653c6f.css?ver=61c82
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:f940:2:2:1:4:0:105 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software
nginx /
Resource Hash
d6abaa706d027d3f9eb42e58cfdcdfe566d6cad84bbe682157a79687a6bb319c

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://breathtakingrussia.com/wp-content/litespeed/css/fda823a49cd6a202fbd293bffc653c6f.css?ver=61c82
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 18:04:30 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 20 Sep 2019 13:54:10 GMT
server
nginx
etag
"614-592fc67890480"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-length
1556
expires
Sun, 19 Mar 2023 18:04:30 GMT
fa-brands-400.woff2
breathtakingrussia.com/wp-content/plugins/wp-travel/assets/css/lib/font-awesome/webfonts/
67 KB
68 KB
Font
General
Full URL
https://breathtakingrussia.com/wp-content/plugins/wp-travel/assets/css/lib/font-awesome/webfonts/fa-brands-400.woff2
Requested by
Host: breathtakingrussia.com
URL: https://breathtakingrussia.com/wp-content/litespeed/css/fda823a49cd6a202fbd293bffc653c6f.css?ver=61c82
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:f940:2:2:1:4:0:105 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software
nginx /
Resource Hash
67ca1abd107c1c587489a06adc41ed3221a1b77048be449a076a5e93c93d2b98

Request headers

Referer
https://breathtakingrussia.com/wp-content/litespeed/css/fda823a49cd6a202fbd293bffc653c6f.css?ver=61c82
Origin
https://breathtakingrussia.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 18:04:30 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 20 Sep 2019 13:54:10 GMT
server
nginx
etag
"10d9c-592fc67890480-gzip"
vary
Accept-Encoding
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
expires
Sun, 19 Mar 2023 18:04:30 GMT
fontawesome-webfont.woff2
breathtakingrussia.com/wp-content/themes/travel-log-child/fonts/
75 KB
76 KB
Font
General
Full URL
https://breathtakingrussia.com/wp-content/themes/travel-log-child/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: breathtakingrussia.com
URL: https://breathtakingrussia.com/wp-content/litespeed/css/fda823a49cd6a202fbd293bffc653c6f.css?ver=61c82
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:f940:2:2:1:4:0:105 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software
nginx /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer
https://breathtakingrussia.com/wp-content/litespeed/css/fda823a49cd6a202fbd293bffc653c6f.css?ver=61c82
Origin
https://breathtakingrussia.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 18:04:30 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 20 Sep 2019 13:54:10 GMT
server
nginx
etag
"12d68-592fc67890480-gzip"
vary
Accept-Encoding
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
expires
Sun, 19 Mar 2023 18:04:30 GMT
S6uyw4BMUTPHjx4wWw.ttf
fonts.gstatic.com/s/lato/v22/
59 KB
59 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v22/S6uyw4BMUTPHjx4wWw.ttf
Requested by
Host: breathtakingrussia.com
URL: https://breathtakingrussia.com/wp-content/litespeed/css/fda823a49cd6a202fbd293bffc653c6f.css?ver=61c82
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2003 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b6e055ad6056d64c89133fd73e9ee935c068d8bd3ac09366d5d99f9eee99e3f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://breathtakingrussia.com/wp-content/litespeed/css/fda823a49cd6a202fbd293bffc653c6f.css?ver=61c82
Origin
https://breathtakingrussia.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 06:56:56 GMT
x-content-type-options
nosniff
age
472054
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60540
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 19:14:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 14 Mar 2023 06:56:56 GMT
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-150321585-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::200e Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://breathtakingrussia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
4834
date
Sat, 19 Mar 2022 16:43:56 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Sat, 19 Mar 2022 18:43:56 GMT
header-2-1024x563.jpg
d33dc62u65lw34.cloudfront.net/wp-content/uploads/2019/03/
121 KB
121 KB
Image
General
Full URL
https://d33dc62u65lw34.cloudfront.net/wp-content/uploads/2019/03/header-2-1024x563.jpg
Requested by
Host: breathtakingrussia.com
URL: https://breathtakingrussia.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21ec:c000:b:457c:ac00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
214b7e1cba7c9dded1f4423157522dc2942f570a2b461ab83129056c3b2f07b3

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://breathtakingrussia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 18:03:29 GMT
via
1.1 f2a089fdf9c4d9b8b64603e525d1fdf4.cloudfront.net (CloudFront)
age
61
x-cache
Hit from cloudfront
content-length
123796
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 21 Feb 2020 11:28:51 GMT
server
nginx
etag
"1e394-59f14536762c0"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-pop
JFK51-C1
accept-ranges
bytes
x-amz-cf-id
6qdRxXRe4jV_ckEIcLSbPruJ6fpVEw7v4WNqhYYy_iq8vxJL8JXU_w==
expires
Sun, 19 Mar 2023 18:03:29 GMT
header-3.jpg
d33dc62u65lw34.cloudfront.net/wp-content/uploads/2019/03/
113 KB
114 KB
Image
General
Full URL
https://d33dc62u65lw34.cloudfront.net/wp-content/uploads/2019/03/header-3.jpg
Requested by
Host: breathtakingrussia.com
URL: https://breathtakingrussia.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21ec:c000:b:457c:ac00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
0a1ee581587adf1fd45be93a431e33ced8455833b74b6a9208cb0ad42520ab74

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://breathtakingrussia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 18:03:29 GMT
via
1.1 f2a089fdf9c4d9b8b64603e525d1fdf4.cloudfront.net (CloudFront)
age
61
x-cache
Hit from cloudfront
content-length
116129
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 21 Feb 2020 09:18:59 GMT
server
nginx
etag
"1c5a1-59f1282f6e6c0"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-pop
JFK51-C1
accept-ranges
bytes
x-amz-cf-id
Qi8MNB6V9MqO0l5ZU2JSl3v6le_rbKZBz_t_rZN4uB3xpLlXb75WTw==
expires
Sun, 19 Mar 2023 18:03:29 GMT
header-1-1024x563.jpg
d33dc62u65lw34.cloudfront.net/wp-content/uploads/2019/03/
97 KB
97 KB
Image
General
Full URL
https://d33dc62u65lw34.cloudfront.net/wp-content/uploads/2019/03/header-1-1024x563.jpg
Requested by
Host: breathtakingrussia.com
URL: https://breathtakingrussia.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21ec:c000:b:457c:ac00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
c794c56d75f06aa630d98329ead3432379de001248100060c7a7509f94876147

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://breathtakingrussia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 18:03:28 GMT
via
1.1 f2a089fdf9c4d9b8b64603e525d1fdf4.cloudfront.net (CloudFront)
age
62
x-cache
Hit from cloudfront
content-length
99210
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 21 Feb 2020 07:44:40 GMT
server
nginx
etag
"1838a-59f1131a96a00"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-pop
JFK51-C1
accept-ranges
bytes
x-amz-cf-id
RwK3gRQppfufNEQ7oHehaDuNHDCX7C-skzUQ2idpCYzAtkGIsf5apw==
expires
Sun, 19 Mar 2023 18:03:28 GMT
cloude-1024x157.png
d33dc62u65lw34.cloudfront.net/wp-content/uploads/2020/02/
37 KB
37 KB
Image
General
Full URL
https://d33dc62u65lw34.cloudfront.net/wp-content/uploads/2020/02/cloude-1024x157.png
Requested by
Host: breathtakingrussia.com
URL: https://breathtakingrussia.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21ec:c000:b:457c:ac00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
0845c9c03412d92c2caa1a15cba151515e45c96f8be9fa0fbe9f24acd283789c

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://breathtakingrussia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 18:03:29 GMT
via
1.1 f2a089fdf9c4d9b8b64603e525d1fdf4.cloudfront.net (CloudFront)
age
61
x-cache
Hit from cloudfront
content-length
37760
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 21 Feb 2020 11:34:48 GMT
server
nginx
etag
"9380-59f1468aec600"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-pop
JFK51-C1
accept-ranges
bytes
x-amz-cf-id
biQF-banXo1LQRZx-UilfpFQKnT7rruGeUivgkbQLLTgvGuiWZtQbw==
expires
Sun, 19 Mar 2023 18:03:29 GMT
icon-click.png
breathtakingrussia.com/wp-content/themes/travel-log-child/img/
869 B
1 KB
Image
General
Full URL
https://breathtakingrussia.com/wp-content/themes/travel-log-child/img/icon-click.png
Requested by
Host: breathtakingrussia.com
URL: https://breathtakingrussia.com/wp-content/litespeed/css/fda823a49cd6a202fbd293bffc653c6f.css?ver=61c82
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:f940:2:2:1:4:0:105 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software
nginx /
Resource Hash
052f3492792f3296d5ee2b9eb424838d80d61e93632bba15c67ca09ab567a438

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://breathtakingrussia.com/wp-content/litespeed/css/fda823a49cd6a202fbd293bffc653c6f.css?ver=61c82
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 18:04:30 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 20 Sep 2019 13:54:10 GMT
server
nginx
etag
"365-592fc67890480"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-length
869
expires
Sun, 19 Mar 2023 18:04:30 GMT
KFOlCnqEu92Fr1MmWUlfBBc9.ttf
fonts.gstatic.com/s/roboto/v29/
35 KB
20 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc9.ttf
Requested by
Host: breathtakingrussia.com
URL: https://breathtakingrussia.com/wp-content/litespeed/css/fda823a49cd6a202fbd293bffc653c6f.css?ver=61c82
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2003 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
52dc362cae7e441a98741305a38b045859ac60e99377d9d88922ec32cb944cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://breathtakingrussia.com/wp-content/litespeed/css/fda823a49cd6a202fbd293bffc653c6f.css?ver=61c82
Origin
https://breathtakingrussia.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 23:40:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
152641
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20778
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:28 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 17 Mar 2023 23:40:29 GMT
price.png
breathtakingrussia.com/wp-content/themes/travel-log-child/img/
2 KB
2 KB
Image
General
Full URL
https://breathtakingrussia.com/wp-content/themes/travel-log-child/img/price.png
Requested by
Host: breathtakingrussia.com
URL: https://breathtakingrussia.com/wp-content/litespeed/css/fda823a49cd6a202fbd293bffc653c6f.css?ver=61c82
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:f940:2:2:1:4:0:105 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software
nginx /
Resource Hash
22c654ada21ae3a9e78075058db404f9bf5d494cdc440e3f034a3691008f9ce9

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://breathtakingrussia.com/wp-content/litespeed/css/fda823a49cd6a202fbd293bffc653c6f.css?ver=61c82
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 18:04:30 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 20 Sep 2019 13:54:10 GMT
server
nginx
etag
"65b-592fc67890480"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-length
1627
expires
Sun, 19 Mar 2023 18:04:30 GMT
calendar.png
breathtakingrussia.com/wp-content/themes/travel-log-child/img/
1 KB
2 KB
Image
General
Full URL
https://breathtakingrussia.com/wp-content/themes/travel-log-child/img/calendar.png
Requested by
Host: breathtakingrussia.com
URL: https://breathtakingrussia.com/wp-content/litespeed/css/fda823a49cd6a202fbd293bffc653c6f.css?ver=61c82
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:f940:2:2:1:4:0:105 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software
nginx /
Resource Hash
413a4e2d623e4c74d1116a7aa62944985e3621a208c6abf2e044a58ac8dd36f8

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://breathtakingrussia.com/wp-content/litespeed/css/fda823a49cd6a202fbd293bffc653c6f.css?ver=61c82
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 18:04:30 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 20 Sep 2019 13:54:10 GMT
server
nginx
etag
"515-592fc67890480"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-length
1301
expires
Sun, 19 Mar 2023 18:04:30 GMT
icon-quote.png
breathtakingrussia.com/wp-content/themes/travel-log-child/img/
1 KB
1 KB
Image
General
Full URL
https://breathtakingrussia.com/wp-content/themes/travel-log-child/img/icon-quote.png
Requested by
Host: breathtakingrussia.com
URL: https://breathtakingrussia.com/wp-content/litespeed/css/fda823a49cd6a202fbd293bffc653c6f.css?ver=61c82
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:f940:2:2:1:4:0:105 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software
nginx /
Resource Hash
9fd314e71c343632498f7d08902e7424171b1db5953aff68f19b8ffc4ca401d0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://breathtakingrussia.com/wp-content/litespeed/css/fda823a49cd6a202fbd293bffc653c6f.css?ver=61c82
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 18:04:30 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 20 Sep 2019 13:54:10 GMT
server
nginx
etag
"491-592fc67890480"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-length
1169
expires
Sun, 19 Mar 2023 18:04:30 GMT
cloud_045-1024x598.png
d33dc62u65lw34.cloudfront.net/wp-content/uploads/2020/02/
107 KB
108 KB
Image
General
Full URL
https://d33dc62u65lw34.cloudfront.net/wp-content/uploads/2020/02/cloud_045-1024x598.png
Requested by
Host: breathtakingrussia.com
URL: https://breathtakingrussia.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21ec:c000:b:457c:ac00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
205bf2a141b8cf73001b519d97f7c3f2b9795c59f8fee2b4496cee983e05c083

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://breathtakingrussia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 18:03:29 GMT
via
1.1 f2a089fdf9c4d9b8b64603e525d1fdf4.cloudfront.net (CloudFront)
age
61
x-cache
Hit from cloudfront
content-length
109665
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 21 Feb 2020 13:38:50 GMT
server
nginx
etag
"1ac61-59f162442ae80"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-pop
JFK51-C1
accept-ranges
bytes
x-amz-cf-id
bn2UDbASMnxQzCwFpVoDmn0Wq2t5lQnwE8t2pwFuj1I1C3-VEY8uJg==
expires
Sun, 19 Mar 2023 18:03:29 GMT
cloude-footer-1024x157.png
d33dc62u65lw34.cloudfront.net/wp-content/uploads/2020/02/
38 KB
38 KB
Image
General
Full URL
https://d33dc62u65lw34.cloudfront.net/wp-content/uploads/2020/02/cloude-footer-1024x157.png
Requested by
Host: breathtakingrussia.com
URL: https://breathtakingrussia.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21ec:c000:b:457c:ac00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
96aecb445eae05b9e53cd0ce545a04c8d5d6842dc20f1bb0cedce3e7fea12627

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://breathtakingrussia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 18:03:29 GMT
via
1.1 f2a089fdf9c4d9b8b64603e525d1fdf4.cloudfront.net (CloudFront)
age
61
x-cache
Hit from cloudfront
content-length
38703
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 21 Feb 2020 11:26:09 GMT
server
nginx
etag
"972f-59f1449bf7640"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-pop
JFK51-C1
accept-ranges
bytes
x-amz-cf-id
1DB4BO8XpDCy99TvWad39huP9ZaUHgjW2lORAPnveMz22QDA0AXuxQ==
expires
Sun, 19 Mar 2023 18:03:29 GMT
truncated
/
25 KB
25 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d5e4b2256e6c1a6e0d31f393d0422ad333d5e71e69c0d907cd85863cbffcdf28

Request headers

Referer
Origin
https://breathtakingrussia.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
application/x-font-woff;charset=utf-8
S6u9w4BMUTPHh6UVSwiPHA.ttf
fonts.gstatic.com/s/lato/v22/
58 KB
29 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v22/S6u9w4BMUTPHh6UVSwiPHA.ttf
Requested by
Host: breathtakingrussia.com
URL: https://breathtakingrussia.com/wp-content/litespeed/css/fda823a49cd6a202fbd293bffc653c6f.css?ver=61c82
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2003 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7e15d8482756e9d79c5b14dde8cd92256fd2afe0307703d825d4e8178d416c41
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://breathtakingrussia.com/wp-content/litespeed/css/fda823a49cd6a202fbd293bffc653c6f.css?ver=61c82
Origin
https://breathtakingrussia.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 16 Mar 2022 05:18:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
305155
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29896
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 19:21:16 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 16 Mar 2023 05:18:35 GMT
sc
l.sharethis.com/
Redirect Chain
  • https://l.sharethis.com/pview?event=pview&hostname=breathtakingrussia.com&location=%2F&product=unknown&url=https%3A%2F%2Fbreathtakingrussia.com%2F&source=sharethis.js&fcmp=false&fcmpv2=false&has_se...
  • https://l.sharethis.com/sc?event=pview&hostname=breathtakingrussia.com&location=%2F&product=unknown&url=https%3A%2F%2Fbreathtakingrussia.com%2F&source=sharethis.js&fcmp=false&fcmpv2=false&has_segme...
161 B
689 B
XHR
General
Full URL
https://l.sharethis.com/sc?event=pview&hostname=breathtakingrussia.com&location=%2F&product=unknown&url=https%3A%2F%2Fbreathtakingrussia.com%2F&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=Breathtaking%20Russia%20%E2%80%A2%20Selection%20of%20tours%20in%20Russia%20and%20booking%20excursions%20in%20Moscow&cms=unknown&publisher=anonymous&sop=true&version=st_sop.js&lang=en&description=Breathtaking%20Russia%20%E2%9E%A8%20Large%20selection%20of%20tours%20in%20Russia%20with%20a%20description%20and%20prices%20%E2%9C%93%20Book%20your%20excursions%20online%20or%20by%20phone%20%2B7%20(926)%20280%209390&samesite=None
Requested by
Host: breathtakingrussia.com
URL: https://breathtakingrussia.com/
Protocol
HTTP/1.1
Server
3.129.242.122 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-129-242-122.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
cfbde5920b1286448eac4b82e57ee6c8d3e99907ce17089cea4f8afcb5b5000a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://breathtakingrussia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 19 Mar 2022 18:04:30 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Access-Control-Max-Age
1728000
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
https://breathtakingrussia.com
Access-Control-Expose-Headers
stid
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Access-Control-Allow-Headers
*
Content-Length
161
Stid
ZHMAA2I2Gy4AAAAIBvKLAw==

Redirect headers

Date
Sat, 19 Mar 2022 18:04:30 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Access-Control-Allow-Origin
https://breathtakingrussia.com
Access-Control-Max-Age
1728000
Content-Type
text/html; charset=utf-8
Location
/sc?event=pview&hostname=breathtakingrussia.com&location=%2F&product=unknown&url=https%3A%2F%2Fbreathtakingrussia.com%2F&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=Breathtaking%20Russia%20%E2%80%A2%20Selection%20of%20tours%20in%20Russia%20and%20booking%20excursions%20in%20Moscow&cms=unknown&publisher=anonymous&sop=true&version=st_sop.js&lang=en&description=Breathtaking%20Russia%20%E2%9E%A8%20Large%20selection%20of%20tours%20in%20Russia%20with%20a%20description%20and%20prices%20%E2%9C%93%20Book%20your%20excursions%20online%20or%20by%20phone%20%2B7%20(926)%20280%209390&samesite=None
Access-Control-Expose-Headers
stid
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Access-Control-Allow-Headers
*
Content-Length
713
Stid
ZHMAA2I2Gy4AAAAIBvKLAw==
prev.png
breathtakingrussia.com/wp-content/plugins/aesop-story-engine/public/assets/img/
1 KB
2 KB
Image
General
Full URL
https://breathtakingrussia.com/wp-content/plugins/aesop-story-engine/public/assets/img/prev.png
Requested by
Host: breathtakingrussia.com
URL: https://breathtakingrussia.com/wp-content/litespeed/css/fda823a49cd6a202fbd293bffc653c6f.css?ver=61c82
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:f940:2:2:1:4:0:105 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software
nginx /
Resource Hash
7fd9273f20fdb1229c224341271a119020a5eee74ccf6b4605730917c864caf2

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://breathtakingrussia.com/wp-content/litespeed/css/fda823a49cd6a202fbd293bffc653c6f.css?ver=61c82
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 18:04:31 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 08 Nov 2021 11:25:02 GMT
server
nginx
etag
"550-5d0453e725520"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-length
1360
expires
Sun, 19 Mar 2023 18:04:31 GMT
next.png
breathtakingrussia.com/wp-content/plugins/aesop-story-engine/public/assets/img/
1 KB
2 KB
Image
General
Full URL
https://breathtakingrussia.com/wp-content/plugins/aesop-story-engine/public/assets/img/next.png
Requested by
Host: breathtakingrussia.com
URL: https://breathtakingrussia.com/wp-content/litespeed/css/fda823a49cd6a202fbd293bffc653c6f.css?ver=61c82
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:f940:2:2:1:4:0:105 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software
nginx /
Resource Hash
15b869b02c6fbaa8c6c26445a2dd2d9bad80fd27b1409f8179e5dd89dc89d90a

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://breathtakingrussia.com/wp-content/litespeed/css/fda823a49cd6a202fbd293bffc653c6f.css?ver=61c82
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 18:04:31 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 08 Nov 2021 11:25:02 GMT
server
nginx
etag
"546-5d0453e725908"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-length
1350
expires
Sun, 19 Mar 2023 18:04:31 GMT
loading.gif
breathtakingrussia.com/wp-content/plugins/aesop-story-engine/public/assets/img/
8 KB
9 KB
Image
General
Full URL
https://breathtakingrussia.com/wp-content/plugins/aesop-story-engine/public/assets/img/loading.gif
Requested by
Host: breathtakingrussia.com
URL: https://breathtakingrussia.com/wp-content/litespeed/css/fda823a49cd6a202fbd293bffc653c6f.css?ver=61c82
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:f940:2:2:1:4:0:105 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software
nginx /
Resource Hash
225aa88b6ab02c06222ec9468d62e15fa188e39cdb9431d1f55401ad380753ed

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://breathtakingrussia.com/wp-content/litespeed/css/fda823a49cd6a202fbd293bffc653c6f.css?ver=61c82
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 18:04:31 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 08 Nov 2021 11:25:02 GMT
server
nginx
etag
"211c-5d0453e725908"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-length
8476
expires
Sun, 19 Mar 2023 18:04:31 GMT
close.png
breathtakingrussia.com/wp-content/plugins/aesop-story-engine/public/assets/img/
280 B
524 B
Image
General
Full URL
https://breathtakingrussia.com/wp-content/plugins/aesop-story-engine/public/assets/img/close.png
Requested by
Host: breathtakingrussia.com
URL: https://breathtakingrussia.com/wp-content/litespeed/css/fda823a49cd6a202fbd293bffc653c6f.css?ver=61c82
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:f940:2:2:1:4:0:105 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software
nginx /
Resource Hash
5d62e6c90005bfb71f6abb440f9e4753681cb23bbd5e60477ab6f442d2f0e69c

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://breathtakingrussia.com/wp-content/litespeed/css/fda823a49cd6a202fbd293bffc653c6f.css?ver=61c82
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 18:04:31 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 08 Nov 2021 11:25:02 GMT
server
nginx
etag
"118-5d0453e725908"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-length
280
expires
Sun, 19 Mar 2023 18:04:31 GMT
fa-solid-900.woff2
breathtakingrussia.com/wp-content/themes/travel-log/webfonts/
70 KB
71 KB
Font
General
Full URL
https://breathtakingrussia.com/wp-content/themes/travel-log/webfonts/fa-solid-900.woff2
Requested by
Host: breathtakingrussia.com
URL: https://breathtakingrussia.com/wp-content/litespeed/css/fda823a49cd6a202fbd293bffc653c6f.css?ver=61c82
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:f940:2:2:1:4:0:105 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software
nginx /
Resource Hash
ac1a655367b02648fe8217ee11d1b272786605b78989ff614cb0beab5f6f547c

Request headers

Referer
https://breathtakingrussia.com/wp-content/litespeed/css/fda823a49cd6a202fbd293bffc653c6f.css?ver=61c82
Origin
https://breathtakingrussia.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 18:04:31 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 20 Sep 2019 13:54:10 GMT
server
nginx
etag
"11910-592fc67890480-gzip"
vary
Accept-Encoding
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
expires
Sun, 19 Mar 2023 18:04:31 GMT
ajax-loader.gif
breathtakingrussia.com/wp-content/themes/travel-log/css/
4 KB
4 KB
Image
General
Full URL
https://breathtakingrussia.com/wp-content/themes/travel-log/css/ajax-loader.gif
Requested by
Host: breathtakingrussia.com
URL: https://breathtakingrussia.com/wp-content/litespeed/css/fda823a49cd6a202fbd293bffc653c6f.css?ver=61c82
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:f940:2:2:1:4:0:105 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software
nginx /
Resource Hash
e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://breathtakingrussia.com/wp-content/litespeed/css/fda823a49cd6a202fbd293bffc653c6f.css?ver=61c82
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 18:04:31 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 20 Sep 2019 13:54:10 GMT
server
nginx
etag
"1052-592fc67890480"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-length
4178
expires
Sun, 19 Mar 2023 18:04:31 GMT
slick.woff
breathtakingrussia.com/wp-content/themes/travel-log/css/fonts/
1 KB
2 KB
Font
General
Full URL
https://breathtakingrussia.com/wp-content/themes/travel-log/css/fonts/slick.woff
Requested by
Host: breathtakingrussia.com
URL: https://breathtakingrussia.com/wp-content/litespeed/css/fda823a49cd6a202fbd293bffc653c6f.css?ver=61c82
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:f940:2:2:1:4:0:105 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software
nginx /
Resource Hash
26726bac4060abb1226e6ceebc1336e84930fe7a7af1b3895a109d067f5b5dcc

Request headers

Referer
https://breathtakingrussia.com/wp-content/litespeed/css/fda823a49cd6a202fbd293bffc653c6f.css?ver=61c82
Origin
https://breathtakingrussia.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 18:04:31 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 20 Sep 2019 13:54:10 GMT
server
nginx
etag
"564-592fc67890480-gzip"
vary
Accept-Encoding
content-type
application/font-woff
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-length
1343
expires
Sun, 19 Mar 2023 18:04:31 GMT
truncated
/
43 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://breathtakingrussia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
pinit_main.js
assets.pinterest.com/js/
66 KB
19 KB
Script
General
Full URL
https://assets.pinterest.com/js/pinit_main.js
Requested by
Host: breathtakingrussia.com
URL: https://breathtakingrussia.com/wp-content/litespeed/js/2a74ffbcc4e1b959a1c57e875d58a5ee.js?ver=61c82
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:9000:690::1931 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
20f0315c97ff7007f2e7a94d659e094a7efc01b8306da53987538c1101489e0e

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://breathtakingrussia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

akamai-x-true-ttl
300
content-encoding
br
x-cdn
akamai
etag
"3725764cf05d1a0938de73d398772331"
vary
Accept-Encoding, Origin
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-max-age
86400
cache-control
max-age=239
accept-ranges
bytes
content-length
18679
access-control-expose-headers
X-CDN
ppg.js
platform-api.sharethis.com/
19 KB
7 KB
Script
General
Full URL
https://platform-api.sharethis.com/ppg.js
Requested by
Host: breathtakingrussia.com
URL: https://breathtakingrussia.com/wp-content/litespeed/js/2a74ffbcc4e1b959a1c57e875d58a5ee.js?ver=61c82
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.214.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-214-81.ewr50.r.cloudfront.net
Software
/
Resource Hash
3f93777b5887eaefac29c358a381e930f8d2269d6c6e079d02c893064f4b3e43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://breathtakingrussia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 17:31:11 GMT
content-encoding
gzip
last-modified
Tue, 15 Mar 2022 20:38:13 GMT
age
1999
x-frame-options
SAMEORIGIN
etag
W/"4b1f-17f8f4d7932"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 a0baca8f5dcda9f46c3f17957eeb39aa.cloudfront.net (CloudFront)
cache-control
public, max-age=3600
accept-ranges
bytes
x-amz-cf-pop
EWR50-C1
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-id
6YJiynQ7Jp_zQFx-GYK_4JQ4I4LlZ5vDP5Gqxv7zpXSXOhG6I7Hu7Q==
linkid.js
www.google-analytics.com/plugins/ua/
2 KB
884 B
Script
General
Full URL
https://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::200e Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://breathtakingrussia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 17:45:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1128
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
859
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sat, 19 Mar 2022 18:45:42 GMT
collect
www.google-analytics.com/j/
1 B
21 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1081916037&t=pageview&_s=1&dl=https%3A%2F%2Fbreathtakingrussia.com%2F&ul=en-us&de=UTF-8&dt=Breathtaking%20Russia%20%E2%80%A2%20Selection%20of%20tours%20in%20Russia%20and%20booking%20excursions%20in%20Moscow&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUIhAAAAAC~&jid=1456556349&gjid=630594406&cid=168135195.1647713071&tid=UA-150321585-1&_gid=144780949.1647713071&_r=1&gtm=2ou3e0&did=dNDMyYj&gdid=dNDMyYj&z=2107413317
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::200e Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://breathtakingrussia.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 19 Mar 2022 18:04:30 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://breathtakingrussia.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1081916037&t=pageview&_s=2&dl=https%3A%2F%2Fbreathtakingrussia.com%2F&ul=en-us&de=UTF-8&dt=Breathtaking%20Russia%20%E2%80%A2%20Selection%20of%20tours%20in%20Russia%20and%20booking%20excursions%20in%20Moscow&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAAUIhAAAAAC~&jid=&gjid=&cid=168135195.1647713071&tid=UA-150321585-1&_gid=144780949.1647713071&gtm=2ou3e0&did=dNDMyYj%2CdZGIzZG&gdid=dNDMyYj.dZGIzZG&z=1480095712
Requested by
Host: breathtakingrussia.com
URL: https://breathtakingrussia.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::200e Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://breathtakingrussia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Mar 2022 16:06:24 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
7086
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
log.pinterest.com/
0
334 B
Image
General
Full URL
https://log.pinterest.com/?type=pidget&guid=zD81Cri4XfAM&tv=2021110201&event=init&sub=www&button_count=0&follow_count=0&pin_count=0&profile_count=0&board_count=0&section_count=0&xload=1&lang=en&nvl=en-US&via=https%3A%2F%2Fbreathtakingrussia.com%2F&viaSrc=canonical
Requested by
Host: breathtakingrussia.com
URL: https://breathtakingrussia.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://breathtakingrussia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 18:04:31 GMT
via
1.1 varnish
x-cache
MISS
x-envoy-upstream-service-time
0
x-cache-hits
0
content-length
0
x-served-by
cache-yul12824-YUL
pragma
no-cache
server
envoy
x-timer
S1647713072.893537,VS0,VE15
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache,no-store,must-revalidate,max-age=0
x-pinterest-rid
1619477009694322
accept-ranges
bytes
expires
Sat, 01 Jan 2000 00:00:00 GMT
logo.png
d33dc62u65lw34.cloudfront.net/wp-content/uploads/2019/03/
3 KB
4 KB
Image
General
Full URL
https://d33dc62u65lw34.cloudfront.net/wp-content/uploads/2019/03/logo.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21ec:c000:b:457c:ac00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
9b74153a5bc191c9998c8a810906e2fa6f379ace51f7017229f6049804fb38a5

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://breathtakingrussia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 18:03:30 GMT
via
1.1 f2a089fdf9c4d9b8b64603e525d1fdf4.cloudfront.net (CloudFront)
age
61
x-cache
Hit from cloudfront
content-length
3174
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 21 Feb 2020 07:44:41 GMT
server
nginx
etag
"c66-59f1131b8ac40"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-pop
JFK51-C1
accept-ranges
bytes
x-amz-cf-id
vt0ckscfPoBQzkT_-VqdzZz_wLfF7Irg3svN5xg7ER-VMeD5TVhtew==
expires
Sun, 19 Mar 2023 18:03:30 GMT
title.png
d33dc62u65lw34.cloudfront.net/wp-content/themes/travel-log-child/img/
18 KB
18 KB
Image
General
Full URL
https://d33dc62u65lw34.cloudfront.net/wp-content/themes/travel-log-child/img/title.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21ec:c000:b:457c:ac00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
0ffb8cd1e98ea8c69eb471c0d3fb1d652837a14d67110ab907d6de3fb06c7f55

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://breathtakingrussia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 18:03:30 GMT
via
1.1 f2a089fdf9c4d9b8b64603e525d1fdf4.cloudfront.net (CloudFront)
age
61
x-cache
Hit from cloudfront
content-length
18116
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 20 Sep 2019 13:54:10 GMT
server
nginx
etag
"46c4-592fc67890480"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-pop
JFK51-C1
accept-ranges
bytes
x-amz-cf-id
IDdH-HkATj5F22-h7fO58AaEZzlvwOags2eXS64SeAa4coynZtrz3g==
expires
Sun, 19 Mar 2023 18:03:30 GMT
game_bg.png
d33dc62u65lw34.cloudfront.net/wp-content/themes/travel-log-child/img/
28 KB
28 KB
Image
General
Full URL
https://d33dc62u65lw34.cloudfront.net/wp-content/themes/travel-log-child/img/game_bg.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21ec:c000:b:457c:ac00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
cfd66c751f989ba86cc660a77585b7df48cf46b0fbf339c7e74edd3017359044

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://breathtakingrussia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 18:03:30 GMT
via
1.1 f2a089fdf9c4d9b8b64603e525d1fdf4.cloudfront.net (CloudFront)
age
62
x-cache
Hit from cloudfront
content-length
28621
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 20 Sep 2019 13:54:10 GMT
server
nginx
etag
"6fcd-592fc67890480"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-pop
JFK51-C1
accept-ranges
bytes
x-amz-cf-id
RBO6cxrlgZRfqvCgbTXlRez32uk-hRem8LgJw7001jpaBGBRgBSpRw==
expires
Sun, 19 Mar 2023 18:03:30 GMT

Verdicts & Comments Add Verdict or Comment

133 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone object| oncontextlost object| oncontextrestored string| gtm4wp_datalayer_name object| dataLayer string| em_version boolean| em_track_user string| em_no_track_reason object| disableStrs function| __gtagTrackerIsOptedOut undefined| index function| __gtagTrackerOptout function| gaOptout function| __gtagDataLayer function| __gtagTracker object| ExactMetricsDualTracker function| gtag function| __gaTracker string| mi_version boolean| mi_track_user string| mi_no_track_reason object| MonsterInsightsDualTracker undefined| $ function| jQuery object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| _extends function| _typeof function| LazyLoad function| ExactMetrics object| ExactMetricsObject function| MonsterInsights object| MonsterInsightsObject object| exactmetrics_frontend object| monsterinsights_frontend function| member_widget_click_handler function| member_widget_response function| bp_get_querystring object| wpp_params object| WordPressPopularPosts object| my_ajax_object object| wpcd_object object| wpcd_main_js function| wpcd_copyToClipboard function| wpcd_openCouponAffLink object| st object| __stdos__ boolean| tpcCookiesEnableCheckingDone boolean| tpcCookiesEnabledStatus string| ajaxurl object| wcct_info string| sbiajaxurl string| c object| _wpUtilSettings object| wp_travel object| BP_Nouveau object| wpcf7 object| wcct_data function| humanized_time_span boolean| wcct_timeOut object| wcctAllUniqueTimers object| mailchimp_public_data object| mailchimp object| mailchimp_cart object| mailchimp_billing_email object| mailchimp_username_email object| mailchimp_registration_email boolean| mailchimp_submitted_email function| mailchimpReady function| mailchimpGetCurrentUserByHash function| mailchimpHandleBillingEmail object| travel_log object| stbUserOptions object| sbscrbr_js_var function| set_cookie function| getCookie object| core object| __core-js_shared__ function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill object| wp function| sprintf function| vsprintf function| wpAutoTermsDomReady object| html5 object| Modernizr function| yepnope object| classie function| __sharethis__docReady object| __sharethis__ boolean| PIN_19070 function| _ object| bp object| addComment object| jQuery112406345610298768454 function| ScrollReveal function| Waypoint string| fotoramaVersion function| EventEmitter object| eventie function| imagesLoaded object| lightbox function| Retina function| RetinaImagePath function| RetinaImage function| moment function| jQueryBridget function| EvEmitter function| getSize function| matchesSelector object| fizzyUIUtils function| Outlayer function| Isotope function| Masonry function| ClipboardJS boolean| blockFotoramaData object| slider function| equalheight object| gaplugins object| gaGlobal object| gaData object| PIN_1647713070861 string| value string| key object| PinUtils function| arrive function| unbindArrive function| leave function| unbindLeave

6 Cookies

Domain/Path Name / Value
.sharethis.com/ Name: __stid
Value: ZHMAA2I2Gy4AAAAIBvKLAw==
.sharethis.com/ Name: __stidv
Value: 2
.breathtakingrussia.com/ Name: _ga
Value: GA1.2.168135195.1647713071
.breathtakingrussia.com/ Name: _gid
Value: GA1.2.144780949.1647713071
.breathtakingrussia.com/ Name: _gat_gtag_UA_150321585_1
Value: 1
.breathtakingrussia.com/ Name: fpestid
Value: SMuyComHDAhbFdbXwdqUpQjlMnIKoWk01kieRDHulImOfD5eprG35pzRkzlwBtFnBFAwWA

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.pinterest.com
breathtakingrussia.com
d33dc62u65lw34.cloudfront.net
fonts.gstatic.com
l.sharethis.com
log.pinterest.com
platform-api.sharethis.com
www.breathtakingrussia.com
www.google-analytics.com
www.googletagmanager.com
13.225.214.81
151.101.128.84
2600:141b:9000:690::1931
2600:9000:21ec:c000:b:457c:ac00:21
2607:f8b0:4006:80d::2003
2607:f8b0:4006:80e::2008
2607:f8b0:4006:820::200e
2a00:f940:2:2:1:4:0:105
3.129.242.122
052f3492792f3296d5ee2b9eb424838d80d61e93632bba15c67ca09ab567a438
0845c9c03412d92c2caa1a15cba151515e45c96f8be9fa0fbe9f24acd283789c
0a1ee581587adf1fd45be93a431e33ced8455833b74b6a9208cb0ad42520ab74
0ffb8cd1e98ea8c69eb471c0d3fb1d652837a14d67110ab907d6de3fb06c7f55
15b869b02c6fbaa8c6c26445a2dd2d9bad80fd27b1409f8179e5dd89dc89d90a
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
205bf2a141b8cf73001b519d97f7c3f2b9795c59f8fee2b4496cee983e05c083
20f0315c97ff7007f2e7a94d659e094a7efc01b8306da53987538c1101489e0e
214b7e1cba7c9dded1f4423157522dc2942f570a2b461ab83129056c3b2f07b3
225aa88b6ab02c06222ec9468d62e15fa188e39cdb9431d1f55401ad380753ed
22c654ada21ae3a9e78075058db404f9bf5d494cdc440e3f034a3691008f9ce9
26726bac4060abb1226e6ceebc1336e84930fe7a7af1b3895a109d067f5b5dcc
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
3f93777b5887eaefac29c358a381e930f8d2269d6c6e079d02c893064f4b3e43
413a4e2d623e4c74d1116a7aa62944985e3621a208c6abf2e044a58ac8dd36f8
44acae7105cd9164551b4e3c1b37c222b3d5b34efaffe7b2d56883e2597a5d98
52dc362cae7e441a98741305a38b045859ac60e99377d9d88922ec32cb944cfa
52e0349a641604d5204952039bfac8acde78242227defae8864d1caa48b8c5c1
536832377d7eb6423d92a0b3c770f2eb85f720a8c6cc313fc6ec600ecdc731f6
5d62e6c90005bfb71f6abb440f9e4753681cb23bbd5e60477ab6f442d2f0e69c
67ca1abd107c1c587489a06adc41ed3221a1b77048be449a076a5e93c93d2b98
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
71597aa99c05dc133319016ba3d025454b174b5c08b9178d19bc70bd5cb586d0
7e15d8482756e9d79c5b14dde8cd92256fd2afe0307703d825d4e8178d416c41
7fd9273f20fdb1229c224341271a119020a5eee74ccf6b4605730917c864caf2
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
96aecb445eae05b9e53cd0ce545a04c8d5d6842dc20f1bb0cedce3e7fea12627
9b74153a5bc191c9998c8a810906e2fa6f379ace51f7017229f6049804fb38a5
9fd314e71c343632498f7d08902e7424171b1db5953aff68f19b8ffc4ca401d0
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
ac1a655367b02648fe8217ee11d1b272786605b78989ff614cb0beab5f6f547c
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3cad681fb83708109ed4590f7210be11fea54b85d3227c33b3b268f4ef7d74b
b6e055ad6056d64c89133fd73e9ee935c068d8bd3ac09366d5d99f9eee99e3f4
b912bcebe93c51cc418e5e2e4966550259ae46b3a1a39a87dfa7553b775065f8
c794c56d75f06aa630d98329ead3432379de001248100060c7a7509f94876147
cfbde5920b1286448eac4b82e57ee6c8d3e99907ce17089cea4f8afcb5b5000a
cfd66c751f989ba86cc660a77585b7df48cf46b0fbf339c7e74edd3017359044
d5e4b2256e6c1a6e0d31f393d0422ad333d5e71e69c0d907cd85863cbffcdf28
d666d68c0606f29b1cfdb0b57c3037f352857704cfdff5dd370294cbe48b5395
d6abaa706d027d3f9eb42e58cfdcdfe566d6cad84bbe682157a79687a6bb319c
d6e8ec5ee72e8ffc86ca0b5f9c227aa4e48a947a2d2534869b4bc64a72987623
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629