urlscan.io logo urlscan.io
SecurityTrails logo

travelservice.cxtrvl.com Open in urlscan Pro
66.42.187.37  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://travelservice.cxtrvl.com/
Effective URL: https://travelservice.cxtrvl.com/ReceptionError
Submission: On August 13 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 2 countries across 5 domains to perform 22 HTTP transactions. The main IP is 66.42.187.37, located in Erlanger, United States and belongs to FUSE-NET, US. The main domain is travelservice.cxtrvl.com.
TLS certificate: Issued by Entrust Certification Authority - L1K on December 12th 2022. Valid for: a year.
This is the only time travelservice.cxtrvl.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

10    66.42.187.37 (Erlanger, United States)

ASN6181 (FUSE-NET, US)
PTR: affinion-group.static.fuse.net
travelservice.cxtrvl.com
8    2600:9000:2104:5000:1b:a923:3d80:93a1 (United States)

ASN16509 (AMAZON-02, US)
execution-360-cicolusp.cxtrvl.com
1    2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
Apex Domain
Subdomains		 Transfer
18 cxtrvl.com
travelservice.cxtrvl.com
execution-360-cicolusp.cxtrvl.com — Cisco Umbrella Rank: 102999
2 MB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 54
21 KB
1 gstatic.com
fonts.gstatic.com
48 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 67
1 KB
0 googletagmanager.com Failed
www.googletagmanager.com Failed
22 5
Domain Requested by
10 travelservice.cxtrvl.com 1 redirects travelservice.cxtrvl.com
8 execution-360-cicolusp.cxtrvl.com travelservice.cxtrvl.com
execution-360-cicolusp.cxtrvl.com
2 www.google-analytics.com travelservice.cxtrvl.com
www.google-analytics.com
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com travelservice.cxtrvl.com
0 www.googletagmanager.com Failed www.google-analytics.com
22 6

This site contains no links.

Subject Issuer Validity Valid
*.cxtrvl.com
Entrust Certification Authority - L1K		 2022-12-12 -
2024-01-12		 a year crt.sh
execution-360-cicolusp.cxtrvl.com
Amazon RSA 2048 M02		 2023-06-11 -
2024-07-09		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-07-17 -
2023-10-09		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-07-17 -
2023-10-09		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-07-17 -
2023-10-09		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://travelservice.cxtrvl.com/ReceptionError
Frame ID: 4FC64CC44AC04FF197FB9671138268D9
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

ReceptionError atmparkingpin-atm24hrcancellationactivityair-conditioningArrowAvailable for a Chargebaggagebarbeachcalendarcancelcaratm (1)chargechat-icon-whitecheckcheckmarkcheckmarkcenterchevroncirclecity_24pxclock-12close-panelclosecruisecruise_v2disclosure-triangledollardouble_chevronelevatorsexclaimation-triangleexclamation-triangleexclusiveoffersexpertsupportexternal-linkfilterfitness-facilityFlightflight_24pxfpogoanywherehandicapHotelhotel_24pximage-galleryIncluded in Fareinfo-outlineinfolandmark_pinpointloadinglocal-parkinglocation_24pxmagnifying-glassmenumodal-back-buttonnav-mytripsnav-profilenav-signoutno-image-availableNot OfferedoceanfrontoutlinestarPausepets-allowedpin-golf-coursespin-ground-transportationpin-mappin-museumspin-parkspin-restaurantpin-shoppingpin-theaterspluspointsandcashic_help_outline_black_20pxhelp_outlineradio-button-selectedradio-button-selectedrefundrestaurantrestaurantsrestroomround-carround-hotelroundbreakfastsearchshopping-cartsmiley-facesquarestarstaroutlinestopwatchswimming-poolthumb-downthumb-uptravel-creditupsell-activitywarningwatchwifi

Page URL History Show full URLs

  1. https://travelservice.cxtrvl.com/ HTTP 302
    https://travelservice.cxtrvl.com/ReceptionError Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Page Statistics

22
Requests

95 %
HTTPS

80 %
IPv6

5
Domains

6
Subdomains

6
IPs

2
Countries

1751 kB
Transfer

5388 kB
Size

13
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://travelservice.cxtrvl.com/ HTTP 302
    https://travelservice.cxtrvl.com/ReceptionError Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request ReceptionError
travelservice.cxtrvl.com/
Redirect Chain
  • https://travelservice.cxtrvl.com/
  • https://travelservice.cxtrvl.com/ReceptionError
7 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://travelservice.cxtrvl.com/ReceptionError
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.42.187.37 Erlanger, United States, ASN6181 (FUSE-NET, US),
Reverse DNS
affinion-group.static.fuse.net
Software
Microsoft-IIS/8.5 /
Resource Hash
b6f8ca356f15e7542da1cb401b7fc06356d1da40ec27800a7bc0ee4b355710bc
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'self' https://*.googleadservices.com https://*.dynatrace.com https://*.doubleclick.net https://*.googleapis.com https://*.gstatic.com https://www.google-analytics.com https://*.cxtrvl.com https://*.tstllc.net *.sas.com *.aimatch.com *.gigya.com 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://cloud.webtype.com https://hello.myfonts.net https://*.googleapis.com https://*.cxtrvl.com *.gigya.com 'unsafe-inline'; connect-src 'self' *.sas.com *.aimatch.com *.dynatrace.com https://*.cxtrvl.com *.foresee.com https://*.tstllc.net *.cnxloyalty.com *.gigya.com https://www.google-analytics.com *.cnxloyalty.com https://derbysoft.leonardocontentcloud.com *.cnxloyalty.com; font-src 'self' https://cloud.webtype.com https://*.gstatic.com https://*.googleapis.com https://*.cxtrvl.com; img-src 'self' data: https://*.vacationsdirect.com https://*.cloudfront.net https://*.viator.com *.budget.com *.avis.com *.thrifty.com *.dollar.com *.rcstatic.com *.gigya.com *.cartrawler.com *.enterprise.fr *.nationalcar.com *.alamo.com *.enterprise.com *.carhire-solutions.com https://*.cxtrvl.com *.cxloyalty.com https://*.tripadvisor.com https://pls.webtype.com *.orxenterprise.com https://www.google-analytics.com https://*.tripadvisor.com https://*.gstatic.com https://*.googleapis.com https://placehold.it https://placeholdit.imgix.net https://*.tacdn.com https://*.ehi.com *.payshield.com.au reflected-xss block *.cnxloyalty.com https://derbysoft.leonardocontentcloud.com; form-action 'self' *.cxtrvl.com *.gigya.com *.tstllc.net *.auth0.com; frame-ancestors *.sas.com *.aimatch.com *.cnxloyalty.com *.gigya.com; plugin-types application/pdf; frame-src https://chatbot.qa.cnxloyalty.com *.payshield.com.au;object-src 'self';
Strict-Transport-Security max-age=15552001
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache, no-store
Content-Encoding
gzip
Content-Length
2557
Content-Security-Policy
default-src 'none'; script-src 'self' https://*.googleadservices.com https://*.dynatrace.com https://*.doubleclick.net https://*.googleapis.com https://*.gstatic.com https://www.google-analytics.com https://*.cxtrvl.com https://*.tstllc.net *.sas.com *.aimatch.com *.gigya.com 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://cloud.webtype.com https://hello.myfonts.net https://*.googleapis.com https://*.cxtrvl.com *.gigya.com 'unsafe-inline'; connect-src 'self' *.sas.com *.aimatch.com *.dynatrace.com https://*.cxtrvl.com *.foresee.com https://*.tstllc.net *.cnxloyalty.com *.gigya.com https://www.google-analytics.com *.cnxloyalty.com https://derbysoft.leonardocontentcloud.com *.cnxloyalty.com; font-src 'self' https://cloud.webtype.com https://*.gstatic.com https://*.googleapis.com https://*.cxtrvl.com; img-src 'self' data: https://*.vacationsdirect.com https://*.cloudfront.net https://*.viator.com *.budget.com *.avis.com *.thrifty.com *.dollar.com *.rcstatic.com *.gigya.com *.cartrawler.com *.enterprise.fr *.nationalcar.com *.alamo.com *.enterprise.com *.carhire-solutions.com https://*.cxtrvl.com *.cxloyalty.com https://*.tripadvisor.com https://pls.webtype.com *.orxenterprise.com https://www.google-analytics.com https://*.tripadvisor.com https://*.gstatic.com https://*.googleapis.com https://placehold.it https://placeholdit.imgix.net https://*.tacdn.com https://*.ehi.com *.payshield.com.au reflected-xss block *.cnxloyalty.com https://derbysoft.leonardocontentcloud.com; form-action 'self' *.cxtrvl.com *.gigya.com *.tstllc.net *.auth0.com; frame-ancestors *.sas.com *.aimatch.com *.cnxloyalty.com *.gigya.com; plugin-types application/pdf; frame-src https://chatbot.qa.cnxloyalty.com *.payshield.com.au;object-src 'self';
Content-Type
text/html; charset=utf-8
Date
Sun, 13 Aug 2023 12:49:07 GMT
Expires
-1
Pragma
no-cache
Server
Microsoft-IIS/8.5
Strict-Transport-Security
max-age=15552001
Vary
Accept-Encoding
X-AspNet-Version
4.0.30319
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
X-UA-Compatible
IE=Edge
X-XSS-Protection
1; mode=block

Redirect headers

Cache-Control
private
Content-Type
text/html; charset=utf-8
Date
Sun, 13 Aug 2023 12:49:07 GMT
Location
https://travelservice.cxtrvl.com/ReceptionError
Strict-Transport-Security
max-age=15552001
Transfer-Encoding
chunked
X-Content-Type-Options
nosniff
X-UA-Compatible
IE=Edge
X-XSS-Protection
1; mode=block
main.LTR.zz-zz.css
travelservice.cxtrvl.com/Uploads/Sites/Membership/Themes/Membership/css/ 		1 MB
229 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://travelservice.cxtrvl.com/Uploads/Sites/Membership/Themes/Membership/css/main.LTR.zz-zz.css?v=333813296
Requested by
Host: travelservice.cxtrvl.com
URL: https://travelservice.cxtrvl.com/ReceptionError
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.42.187.37 Erlanger, United States, ASN6181 (FUSE-NET, US),
Reverse DNS
affinion-group.static.fuse.net
Software
Microsoft-IIS/8.5 /
Resource Hash
17cf7216ff1bf09aff689b6d1bab692ae9935c73cca6731e4a0914a9d462e4c3
Security Headers
Name Value
Strict-Transport-Security max-age=15552001
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travelservice.cxtrvl.com/ReceptionError
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Sun, 13 Aug 2023 12:49:07 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=15552001
Last-Modified
Fri, 14 Apr 2023 15:09:52 GMT
Server
Microsoft-IIS/8.5
ETag
"060ad29e36ed91:0"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=31536000
Accept-Ranges
bytes
Content-Length
234088
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=Edge
all.frameworks.min.js
travelservice.cxtrvl.com/Widgets/Resources/Min/ 		689 KB
260 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://travelservice.cxtrvl.com/Widgets/Resources/Min/all.frameworks.min.js?v=333813296
Requested by
Host: travelservice.cxtrvl.com
URL: https://travelservice.cxtrvl.com/ReceptionError
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.42.187.37 Erlanger, United States, ASN6181 (FUSE-NET, US),
Reverse DNS
affinion-group.static.fuse.net
Software
/
Resource Hash
41ec5d092dc6a2e0c6423accc4051b332edaf819834ffae849f8c89c5e1acdc8
Security Headers
Name Value
Strict-Transport-Security max-age=15552001
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travelservice.cxtrvl.com/ReceptionError
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Sun, 13 Aug 2023 12:49:07 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=15552001
Last-Modified
Tue, 16 Aug 2022 07:20:20 GMT
ETag
"0924da440b1d81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
private,max-age=31536000
Accept-Ranges
bytes
Content-Length
265996
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=Edge
all.min.js
travelservice.cxtrvl.com/Widgets/Resources/Min/ 		2 MB
762 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://travelservice.cxtrvl.com/Widgets/Resources/Min/all.min.js?v=333813296
Requested by
Host: travelservice.cxtrvl.com
URL: https://travelservice.cxtrvl.com/ReceptionError
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.42.187.37 Erlanger, United States, ASN6181 (FUSE-NET, US),
Reverse DNS
affinion-group.static.fuse.net
Software
/
Resource Hash
f0665b9851125b1ce79bca1411d7d65c637eef2ebf0fd1ab3b9da3c7f30886f6
Security Headers
Name Value
Strict-Transport-Security max-age=15552001
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travelservice.cxtrvl.com/ReceptionError
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Sun, 13 Aug 2023 12:49:07 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=15552001
Last-Modified
Fri, 16 Jun 2023 15:53:54 GMT
ETag
"0d574c06aa0d91:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
private,max-age=31536000
Accept-Ranges
bytes
Content-Length
780321
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=Edge
JavascriptInitialization.ashx
travelservice.cxtrvl.com/Handlers/ 		148 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://travelservice.cxtrvl.com/Handlers/JavascriptInitialization.ashx?v=60856d97-0e37-4e88-970d-bddf9f130213&l=en-us
Requested by
Host: travelservice.cxtrvl.com
URL: https://travelservice.cxtrvl.com/ReceptionError
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.42.187.37 Erlanger, United States, ASN6181 (FUSE-NET, US),
Reverse DNS
affinion-group.static.fuse.net
Software
Microsoft-IIS/8.5 /
Resource Hash
d188d129c859cdd84cb3df6bad8f61559e2e914c51982f18a0cea83033d0144d
Security Headers
Name Value
Strict-Transport-Security max-age=15552001
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travelservice.cxtrvl.com/ReceptionError
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

X-UA-Compatible
IE=Edge
Date
Sun, 13 Aug 2023 12:49:07 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=15552001
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
private
Content-Length
45315
X-XSS-Protection
1; mode=block
Expires
Sun, 13 Aug 2023 16:49:08 GMT
JavascriptInitialization.ashx
travelservice.cxtrvl.com/Handlers/ 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://travelservice.cxtrvl.com/Handlers/JavascriptInitialization.ashx?id=1420&v=60856d97-0e37-4e88-970d-bddf9f130213&l=en-us
Requested by
Host: travelservice.cxtrvl.com
URL: https://travelservice.cxtrvl.com/ReceptionError
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.42.187.37 Erlanger, United States, ASN6181 (FUSE-NET, US),
Reverse DNS
affinion-group.static.fuse.net
Software
/
Resource Hash
8868e1f91ec52d5267834e0b2275d45ee33df7e50966891547a01b78b612658d
Security Headers
Name Value
Strict-Transport-Security max-age=15552001
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travelservice.cxtrvl.com/ReceptionError
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

X-UA-Compatible
IE=Edge
Date
Sun, 13 Aug 2023 12:49:08 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=15552001
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
private
Content-Length
6160
X-XSS-Protection
1; mode=block
Expires
Sun, 13 Aug 2023 16:49:08 GMT
ot-all.min.js
execution-360-cicolusp.cxtrvl.com/js/ 		21 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://execution-360-cicolusp.cxtrvl.com/js/ot-all.min.js
Requested by
Host: travelservice.cxtrvl.com
URL: https://travelservice.cxtrvl.com/ReceptionError
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:5000:1b:a923:3d80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
490b0d73c63ee8b7b8c420abfd81282cde261aceeb14f7ec1081e4b63d3cdb9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travelservice.cxtrvl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 13 Aug 2023 12:33:16 GMT
content-encoding
gzip
via
1.1 8e380527758859f940c2c93ed9fbd5d8.cloudfront.net (CloudFront)
sas-service-response-flag
true
x-amz-cf-pop
AMS1-C1
age
952
vary
accept-encoding
x-cache
Hit from cloudfront
content-type
application/javascript;charset=UTF-8
cache-control
max-age=1800
content-disposition
inline;filename=f.txt
x-amz-cf-id
6x5F1PbiJqOLScDwSuxZU9aOZzSdToHxP3jYktiRb5iSiIt6X22FUQ==
css
fonts.googleapis.com/ 		17 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400italic,600italic,700italic,400,600,700&display=swap
Requested by
Host: travelservice.cxtrvl.com
URL: https://travelservice.cxtrvl.com/Uploads/Sites/Membership/Themes/Membership/css/main.LTR.zz-zz.css?v=333813296
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a34acc028ee66107062677f9fa72567e5f62bd18af7fe466e8f11af6a8234589
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travelservice.cxtrvl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 13 Aug 2023 12:49:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 13 Aug 2023 12:49:09 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 13 Aug 2023 12:49:09 GMT
ot-min.js
execution-360-cicolusp.cxtrvl.com/js/ 		172 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://execution-360-cicolusp.cxtrvl.com/js/ot-min.js
Requested by
Host: execution-360-cicolusp.cxtrvl.com
URL: https://execution-360-cicolusp.cxtrvl.com/js/ot-all.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:5000:1b:a923:3d80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
f30d5e75191cea452561164d91b2cd841723d37ad5ff41595e4571c017ba59b2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travelservice.cxtrvl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 13 Aug 2023 12:46:55 GMT
content-encoding
gzip
via
1.1 8e380527758859f940c2c93ed9fbd5d8.cloudfront.net (CloudFront)
sas-service-response-flag
true
x-amz-cf-pop
AMS1-C1
age
134
vary
accept-encoding
x-cache
Hit from cloudfront
content-type
application/javascript;charset=UTF-8
cache-control
max-age=1800
content-disposition
inline;filename=f.txt
x-amz-cf-id
93JcxLXOz2nIt2imL_PD92srWqsipBiJYnYO_zcdPePhT6rJQ7MZAg==
svg-sprite.en-us.svg
travelservice.cxtrvl.com/Uploads/Sites/Membership/Themes/Membership/images/ 		99 KB
99 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://travelservice.cxtrvl.com/Uploads/Sites/Membership/Themes/Membership/images/svg-sprite.en-us.svg?v=333813296
Requested by
Host: travelservice.cxtrvl.com
URL: https://travelservice.cxtrvl.com/Widgets/Resources/Min/all.min.js?v=333813296
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.42.187.37 Erlanger, United States, ASN6181 (FUSE-NET, US),
Reverse DNS
affinion-group.static.fuse.net
Software
/
Resource Hash
26fefb45a21f04dfe3e849d35b80e4420297e866c54bc555beef89b3fec22dfe
Security Headers
Name Value
Strict-Transport-Security max-age=15552001
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travelservice.cxtrvl.com/ReceptionError
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Sun, 13 Aug 2023 12:49:10 GMT
Strict-Transport-Security
max-age=15552001
X-Content-Type-Options
nosniff
Last-Modified
Fri, 28 Jan 2022 20:12:18 GMT
ETag
"07d5d598314d81:0"
Content-Type
image/svg+xml
Cache-Control
max-age=31536000
Accept-Ranges
bytes
Content-Length
100905
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=Edge
/
travelservice.cxtrvl.com/Services/HelperServices/CltsCultureResourceService.svc/GetCultureResources/ 		13 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://travelservice.cxtrvl.com/Services/HelperServices/CltsCultureResourceService.svc/GetCultureResources/
Requested by
Host: travelservice.cxtrvl.com
URL: https://travelservice.cxtrvl.com/Widgets/Resources/Min/all.frameworks.min.js?v=333813296
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.42.187.37 Erlanger, United States, ASN6181 (FUSE-NET, US),
Reverse DNS
affinion-group.static.fuse.net
Software
/
Resource Hash
5243e6515570e5480703b478061a68285799c212d3d81a36ac4487e08383991d
Security Headers
Name Value
Strict-Transport-Security max-age=15552001
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://travelservice.cxtrvl.com/ReceptionError
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
application/json

Response headers

X-CompressResponseStream
deflate
Content-Encoding
deflate
X-Content-Type-Options
nosniff
Date
Sun, 13 Aug 2023 12:49:10 GMT
Strict-Transport-Security
max-age=15552001
Content-Type
application/json; charset=utf-8
Cache-Control
private
Content-Length
1792
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=Edge
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v35/ 		47 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400italic,600italic,700italic,400,600,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://travelservice.cxtrvl.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 00:05:03 GMT
x-content-type-options
nosniff
age
132247
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48412
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:08:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 11 Aug 2024 00:05:03 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: travelservice.cxtrvl.com
URL: https://travelservice.cxtrvl.com/Widgets/Resources/Min/all.min.js?v=333813296
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travelservice.cxtrvl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 13 Aug 2023 11:49:43 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
3567
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sun, 13 Aug 2023 13:49:43 GMT
suitcase.png
travelservice.cxtrvl.com/Uploads/Sites/Membership/Themes/Membership/images/ 		182 KB
183 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://travelservice.cxtrvl.com/Uploads/Sites/Membership/Themes/Membership/images/suitcase.png
Requested by
Host: travelservice.cxtrvl.com
URL: https://travelservice.cxtrvl.com/ReceptionError
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.42.187.37 Erlanger, United States, ASN6181 (FUSE-NET, US),
Reverse DNS
affinion-group.static.fuse.net
Software
/
Resource Hash
37814d130f3b7fc6a03ac3eb67cf79cfe6a26ef60383dd91e4f47ab073e949bb
Security Headers
Name Value
Strict-Transport-Security max-age=15552001
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travelservice.cxtrvl.com/ReceptionError
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Sun, 13 Aug 2023 12:49:10 GMT
Strict-Transport-Security
max-age=15552001
X-Content-Type-Options
nosniff
Last-Modified
Tue, 14 Apr 2020 06:20:10 GMT
ETag
"0c9ccbf2412d61:0"
Content-Type
image/png
Cache-Control
private,max-age=31536000
Accept-Ranges
bytes
Content-Length
186821
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=Edge
1691930950660
execution-360-cicolusp.cxtrvl.com/t/s/c/b2a8ee90e0000138a2a5865c/ 		75 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://execution-360-cicolusp.cxtrvl.com/t/s/c/b2a8ee90e0000138a2a5865c/1691930950660?version=1.1.0&domain=travelservice.cxtrvl.com&p=%2FReceptionError&params=&page_title=ReceptionError&referrer=&uri=https%3A%2F%2Ftravelservice.cxtrvl.com%2FReceptionError&requestedfile=%2FReceptionError&cts=1691930950660&tzo=-120&platform=Win32&port=&protocol=https&flash_enabled=false&flash_version=&java_enabled=false&java_version=&screen_info=1600x1200@24&browser_language=en-US&character_set=UTF-8&csz=1239&bsz=1600x1200&tab_id=64844556941
Requested by
Host: execution-360-cicolusp.cxtrvl.com
URL: https://execution-360-cicolusp.cxtrvl.com/js/ot-all.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:5000:1b:a923:3d80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
127e60f5b3639e113f82ec627e82fe3efdc9e1edfc0ccc46a6486c9df2f5ca01

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travelservice.cxtrvl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 13 Aug 2023 12:49:11 GMT
content-encoding
gzip
via
1.1 8e380527758859f940c2c93ed9fbd5d8.cloudfront.net (CloudFront)
sas-service-response-flag
true
x-amz-cf-pop
AMS1-C1
vary
accept-encoding
x-cache
Miss from cloudfront
content-type
application/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
Accept, Accept-Language, Content-Language, Content-Type
x-amz-cf-id
f7cO3jPUpm6WJ5NxzTON_vuHgx4vp7czsZCMjlLSzrcf5Ea5R8HESg==
collect
www.google-analytics.com/j/ 		15 B
227 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=2019655836&t=pageview&_s=1&dl=https%3A%2F%2Ftravelservice.cxtrvl.com%2FReceptionError&ul=en-us&de=UTF-8&dt=ReceptionError&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAAABCAAAACAAsAB~&jid=721402027&gjid=1843193726&cid=1067694260.1691930951&tid=UA-68629601-1&_gid=159588422.1691930951&_r=1&_slc=1&z=2026058008
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3c4e0451a27f2074acb0d34267a55409643fc23c3771267e3fdb5161df2aedd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://travelservice.cxtrvl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 13 Aug 2023 12:49:11 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://travelservice.cxtrvl.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		0
0
b2a8ee90e0000138a2a5865c
execution-360-cicolusp.cxtrvl.com/t/s/p/ 		87 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://execution-360-cicolusp.cxtrvl.com/t/s/p/b2a8ee90e0000138a2a5865c?version=1.1.0&domain=travelservice.cxtrvl.com&p=%2FReceptionError&params=&page_title=ReceptionError&referrer=&uri=https%3A%2F%2Ftravelservice.cxtrvl.com%2FReceptionError&requestedfile=%2FReceptionError&platform=Win32&port=&protocol=https&browser_language=en-US&character_set=UTF-8
Requested by
Host: execution-360-cicolusp.cxtrvl.com
URL: https://execution-360-cicolusp.cxtrvl.com/js/ot-all.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:5000:1b:a923:3d80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
01e02a02093340071d1364f08f71d9f2c62e272ba902bbc4a01bc505f693fc1e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travelservice.cxtrvl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 13 Aug 2023 12:49:11 GMT
via
1.1 8e380527758859f940c2c93ed9fbd5d8.cloudfront.net (CloudFront)
sas-service-response-flag
true
x-amz-cf-pop
AMS1-C1
x-cache
Miss from cloudfront
content-type
application/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=1800
access-control-allow-credentials
true
access-control-allow-headers
Accept, Accept-Language, Content-Language, Content-Type
content-length
87
x-amz-cf-id
VxpWH5v_4O1XpEeNZIAI3M30jme7INQEei5ZMYTBfTcmH2gb4Wjc0w==
b2a8ee90e0000138a2a5865c
execution-360-cicolusp.cxtrvl.com/t/e/ 		2 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://execution-360-cicolusp.cxtrvl.com/t/e/b2a8ee90e0000138a2a5865c
Requested by
Host: execution-360-cicolusp.cxtrvl.com
URL: https://execution-360-cicolusp.cxtrvl.com/js/ot-min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:5000:1b:a923:3d80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
https://travelservice.cxtrvl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Sun, 13 Aug 2023 12:49:11 GMT
via
1.1 8e380527758859f940c2c93ed9fbd5d8.cloudfront.net (CloudFront)
sas-service-response-flag
true
x-amz-cf-pop
AMS1-C1
x-cache
Miss from cloudfront
content-type
text/plain;charset=ISO-8859-1
access-control-allow-origin
https://travelservice.cxtrvl.com
cache-control
no-store
access-control-allow-credentials
true
access-control-allow-headers
Accept, Accept-Language, Content-Language, Content-Type
content-length
2
x-amz-cf-id
S9aIGFHFfjAaIkBKLmX9kgMGOhDqbO6FOBHe5P67aIzwkD117mEcCg==
ot-api.min.js
execution-360-cicolusp.cxtrvl.com/js/ 		65 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://execution-360-cicolusp.cxtrvl.com/js/ot-api.min.js
Requested by
Host: execution-360-cicolusp.cxtrvl.com
URL: https://execution-360-cicolusp.cxtrvl.com/js/ot-all.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:5000:1b:a923:3d80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a1882ab7ceb1937cbeb4351e50d882511fe31f555057e0d3226371ad3c3898ee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travelservice.cxtrvl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 13 Aug 2023 12:33:17 GMT
content-encoding
gzip
via
1.1 8e380527758859f940c2c93ed9fbd5d8.cloudfront.net (CloudFront)
sas-service-response-flag
true
x-amz-cf-pop
AMS1-C1
age
954
vary
accept-encoding
x-cache
Hit from cloudfront
content-type
application/javascript;charset=UTF-8
cache-control
max-age=1800
content-disposition
inline;filename=f.txt
x-amz-cf-id
_XfRTkKYUR0AmnU6BH_cCTsjISRkClsq0OpAo2qz_0gLSrQCXO3zgg==
b2a8ee90e0000138a2a5865c
execution-360-cicolusp.cxtrvl.com/t/s/c/ 		329 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://execution-360-cicolusp.cxtrvl.com/t/s/c/b2a8ee90e0000138a2a5865c?domain=travelservice.cxtrvl.com&vid=9ef26c3141e5fd3224ad9684&sid=74cb387e4a4adc5d592d5195&hb=5&loadId=7826f79bf814812e6e0b555b&p=%2FReceptionError&params=&page_title=ReceptionError&referrer=&uri=https%3A%2F%2Ftravelservice.cxtrvl.com%2FReceptionError&cts=1691930951707&tzo=-120&platform=Win32&port=&protocol=https&screen_info=1600x1200@24&browser_language=en-US&character_set=UTF-8&csz=107249&bsz=1600x1200&tab_id=64844556941&java_enabled=false&flash_enabled=false
Requested by
Host: execution-360-cicolusp.cxtrvl.com
URL: https://execution-360-cicolusp.cxtrvl.com/js/ot-api.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:5000:1b:a923:3d80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
82a7af9aef41a4d5aef8c397b43310a79d9d03075ca31b4621f9dce05b969a14

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travelservice.cxtrvl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 13 Aug 2023 12:49:11 GMT
via
1.1 8e380527758859f940c2c93ed9fbd5d8.cloudfront.net (CloudFront)
sas-service-response-flag
true
x-amz-cf-pop
AMS1-C1
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
https://travelservice.cxtrvl.com
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
Accept, Accept-Language, Content-Language, Content-Type
content-length
329
x-amz-cf-id
_1FSkjrj8MPdq_qAlyzyqqK2CZ0X2h_nDHC_Q_MCYIlyKkhV7mWBrQ==
b2a8ee90e0000138a2a5865c
execution-360-cicolusp.cxtrvl.com/t/e/ 		2 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://execution-360-cicolusp.cxtrvl.com/t/e/b2a8ee90e0000138a2a5865c
Requested by
Host: execution-360-cicolusp.cxtrvl.com
URL: https://execution-360-cicolusp.cxtrvl.com/js/ot-min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:5000:1b:a923:3d80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
https://travelservice.cxtrvl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Sun, 13 Aug 2023 12:49:11 GMT
via
1.1 8e380527758859f940c2c93ed9fbd5d8.cloudfront.net (CloudFront)
sas-service-response-flag
true
x-amz-cf-pop
AMS1-C1
x-cache
Miss from cloudfront
content-type
text/plain;charset=ISO-8859-1
access-control-allow-origin
https://travelservice.cxtrvl.com
cache-control
no-store
access-control-allow-credentials
true
access-control-allow-headers
Accept, Accept-Language, Content-Language, Content-Type
content-length
2
x-amz-cf-id
X0yRnOLqDN7kNwqvXkJ7tiAlYcIu3GWnIDvRkx5dpn7X16wlacGAbQ==

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.googletagmanager.com
URL
https://www.googletagmanager.com/gtag/js?id=G-N0RE85M3MB&cx=c&_slc=1

Verdicts & Comments Add Verdict or Comment

76 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| ClusterIcon function| Cluster function| MarkerClusterer function| _typeof function| loadWidgetInstance object| connexions object| interfaceDefinition object| pubSub function| $ function| jQuery function| _ object| Backbone object| enquire object| ServiceErrors object| serviceUtilities function| JQClass function| Combobox function| svg4everybody function| Tether function| Drop function| Tooltip function| Q function| _toConsumableArray function| _objectValues function| _defineProperty function| googleMapLoader object| clts_datalayer boolean| ensightenEnabled object| itineraries object| mockAirSearchData object| itinerary1 number| itinerary1Number object| itinerary2 number| itinerary2Number object| itinerary3 number| itinerary3Number object| itinerary4 number| itinerary4Number object| itinerary5 number| itinerary5Number object| itinerary6 number| itinerary6Number object| tripCartAppRouter function| ShowPageError object| utility object| com_sas_ci_acs object| CryptoJS object| overrideDomain function| ClientJS function| UAParser string| GoogleAnalyticsObject function| cltsga object| c3 function| overridePrototypes object| Hashcode object| GeneralBase64 object| Base64 function| getDecisionParams object| spotMap function| loadDoc function| extractValue object| dataTagToEventMap function| handleInjectResponse function| windowFocused function| windowBlured function| LocalQueue function| onYouTubeIframeAPIReady function| onYouTubePlayerReady object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| dataLayer object| $ci360 boolean| ci360_config_called function| ci360

13 Cookies

Domain/Path Name / Value
travelservice.cxtrvl.com/ Name: ASP.NET_SessionId
Value: pc22u5myhohek1hpblljry30
.travelservice.cxtrvl.com/ Name: _ga
Value: GA1.3.1067694260.1691930951
.travelservice.cxtrvl.com/ Name: _gid
Value: GA1.3.159588422.1691930951
.travelservice.cxtrvl.com/ Name: _gat_clts0
Value: 1
execution-360-cicolusp.cxtrvl.com/ Name: _SI_VS_3.b2a8ee90e0000138a2a5865c
Value: 74cb387e4a4adc5d592d5195
execution-360-cicolusp.cxtrvl.com/ Name: _SI_VID_3.b2a8ee90e0000138a2a5865c
Value: 9ef26c3141e5fd3224ad9684
execution-360-cicolusp.cxtrvl.com/ Name: _SI_DID_3.b2a8ee90e0000138a2a5865c
Value: f6e5e3b3-5408-32e6-abcb-c6e8da833553
.cxtrvl.com/ Name: _SI_VID_1.b2a8ee90e0000138a2a5865c
Value: 9ef26c3141e5fd3224ad9684
.cxtrvl.com/ Name: _SI_DID_1.b2a8ee90e0000138a2a5865c
Value: f6e5e3b3-5408-32e6-abcb-c6e8da833553
.cxtrvl.com/ Name: _SI_SID_1.b2a8ee90e0000138a2a5865c
Value: 74cb387e4a4adc5d592d5195.1691930951856.408
execution-360-cicolusp.cxtrvl.com/ Name: AWSALB
Value: Xjlq+l0606gfix6+6DbNIKHJccPkrkWjeTfJqPutvnhUzjI2ds9zZ1I0jZ6k7xi6xnDjaDx6Ud6Vn7es1SVLAT58nYdJVAFTToKF7OQyT0qJItJ0W7S6ecBcPBJiS/1L9X8psezQVVoZnWV4SxPGPoIlIMIititTgPXK7+Ngq1fEig7Iz/mTTf5tWdFBfA==
execution-360-cicolusp.cxtrvl.com/ Name: AWSALBCORS
Value: Xjlq+l0606gfix6+6DbNIKHJccPkrkWjeTfJqPutvnhUzjI2ds9zZ1I0jZ6k7xi6xnDjaDx6Ud6Vn7es1SVLAT58nYdJVAFTToKF7OQyT0qJItJ0W7S6ecBcPBJiS/1L9X8psezQVVoZnWV4SxPGPoIlIMIititTgPXK7+Ngq1fEig7Iz/mTTf5tWdFBfA==
execution-360-cicolusp.cxtrvl.com/ Name: _SI_SID_3.b2a8ee90e0000138a2a5865c
Value: 74cb387e4a4adc5d592d5195.1691930951948.434

3 Console Messages

Source Level URL
Text
security error URL: https://travelservice.cxtrvl.com/ReceptionError
Message:
The Content-Security-Policy directive 'plugin-types' has been removed from the specification. If you want to block plugins, consider specifying "object-src 'none'" instead.
security error URL: https://www.google-analytics.com/analytics.js(Line 23)
Message:
Refused to load the script 'https://www.googletagmanager.com/gtag/js?id=G-N0RE85M3MB&cx=c&_slc=1' because it violates the following Content Security Policy directive: "script-src 'self' https://*.googleadservices.com https://*.dynatrace.com https://*.doubleclick.net https://*.googleapis.com https://*.gstatic.com https://www.google-analytics.com https://*.cxtrvl.com https://*.tstllc.net *.sas.com *.aimatch.com *.gigya.com 'unsafe-inline' 'unsafe-eval'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
deprecation warning URL: https://execution-360-cicolusp.cxtrvl.com/js/ot-min.js(Line 61)
Message:
Listener added for a synchronous 'DOMNodeInserted' DOM Mutation Event. This event type is deprecated (https://w3c.github.io/uievents/#legacy-event-types) and work is underway to remove it from this browser. Usage of this event listener will cause performance issues today, and represents a risk of future incompatibility. Consider using MutationObserver instead.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'none'; script-src 'self' https://*.googleadservices.com https://*.dynatrace.com https://*.doubleclick.net https://*.googleapis.com https://*.gstatic.com https://www.google-analytics.com https://*.cxtrvl.com https://*.tstllc.net *.sas.com *.aimatch.com *.gigya.com 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://cloud.webtype.com https://hello.myfonts.net https://*.googleapis.com https://*.cxtrvl.com *.gigya.com 'unsafe-inline'; connect-src 'self' *.sas.com *.aimatch.com *.dynatrace.com https://*.cxtrvl.com *.foresee.com https://*.tstllc.net *.cnxloyalty.com *.gigya.com https://www.google-analytics.com *.cnxloyalty.com https://derbysoft.leonardocontentcloud.com *.cnxloyalty.com; font-src 'self' https://cloud.webtype.com https://*.gstatic.com https://*.googleapis.com https://*.cxtrvl.com; img-src 'self' data: https://*.vacationsdirect.com https://*.cloudfront.net https://*.viator.com *.budget.com *.avis.com *.thrifty.com *.dollar.com *.rcstatic.com *.gigya.com *.cartrawler.com *.enterprise.fr *.nationalcar.com *.alamo.com *.enterprise.com *.carhire-solutions.com https://*.cxtrvl.com *.cxloyalty.com https://*.tripadvisor.com https://pls.webtype.com *.orxenterprise.com https://www.google-analytics.com https://*.tripadvisor.com https://*.gstatic.com https://*.googleapis.com https://placehold.it https://placeholdit.imgix.net https://*.tacdn.com https://*.ehi.com *.payshield.com.au reflected-xss block *.cnxloyalty.com https://derbysoft.leonardocontentcloud.com; form-action 'self' *.cxtrvl.com *.gigya.com *.tstllc.net *.auth0.com; frame-ancestors *.sas.com *.aimatch.com *.cnxloyalty.com *.gigya.com; plugin-types application/pdf; frame-src https://chatbot.qa.cnxloyalty.com *.payshield.com.au;object-src 'self';
Strict-Transport-Security max-age=15552001
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

execution-360-cicolusp.cxtrvl.com
fonts.googleapis.com
fonts.gstatic.com
travelservice.cxtrvl.com
www.google-analytics.com
www.googletagmanager.com
www.googletagmanager.com
2600:9000:2104:5000:1b:a923:3d80:93a1
2a00:1450:4001:811::200a
2a00:1450:4001:828::2003
2a00:1450:4001:831::200e
66.42.187.37
01e02a02093340071d1364f08f71d9f2c62e272ba902bbc4a01bc505f693fc1e
127e60f5b3639e113f82ec627e82fe3efdc9e1edfc0ccc46a6486c9df2f5ca01
17cf7216ff1bf09aff689b6d1bab692ae9935c73cca6731e4a0914a9d462e4c3
26fefb45a21f04dfe3e849d35b80e4420297e866c54bc555beef89b3fec22dfe
37814d130f3b7fc6a03ac3eb67cf79cfe6a26ef60383dd91e4f47ab073e949bb
41ec5d092dc6a2e0c6423accc4051b332edaf819834ffae849f8c89c5e1acdc8
490b0d73c63ee8b7b8c420abfd81282cde261aceeb14f7ec1081e4b63d3cdb9e
5243e6515570e5480703b478061a68285799c212d3d81a36ac4487e08383991d
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
82a7af9aef41a4d5aef8c397b43310a79d9d03075ca31b4621f9dce05b969a14
8868e1f91ec52d5267834e0b2275d45ee33df7e50966891547a01b78b612658d
a1882ab7ceb1937cbeb4351e50d882511fe31f555057e0d3226371ad3c3898ee
a34acc028ee66107062677f9fa72567e5f62bd18af7fe466e8f11af6a8234589
b6f8ca356f15e7542da1cb401b7fc06356d1da40ec27800a7bc0ee4b355710bc
d188d129c859cdd84cb3df6bad8f61559e2e914c51982f18a0cea83033d0144d
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3c4e0451a27f2074acb0d34267a55409643fc23c3771267e3fdb5161df2aedd
f0665b9851125b1ce79bca1411d7d65c637eef2ebf0fd1ab3b9da3c7f30886f6
f30d5e75191cea452561164d91b2cd841723d37ad5ff41595e4571c017ba59b2