cheapoair.privatehavens.com Open in urlscan Pro
2606:4700:20::ac43:4b1c Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://cheapoair.privatehavens.com/
Effective URL:
https://cheapoair.privatehavens.com/home
Submission: On May 25 via manual (May 25th 2022, 11:21:29 am UTC) from SG — Scanned from DE

Summary HTTP 73 Redirects Behaviour Indicators

Summary

This website contacted 27 IPs in 3 countries across 22 domains to perform 73 HTTP transactions. The main IP is 2606:4700:20::ac43:4b1c, located in United States and belongs to CLOUDFLARENET, US. The main domain is cheapoair.privatehavens.com.
TLS certificate: Issued by E1 on May 15th 2022. Valid for: 3 months.

This is the only time cheapoair.privatehavens.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 6	2606:4700:20:... 2606:4700:20::ac43:4b1c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a04:4e42:200... 2a04:4e42:200::388	54113 (FASTLY) (FASTLY)
2	108.156.253.85 108.156.253.85	16509 (AMAZON-02) (AMAZON-02)
3	2606:4700::68... 2606:4700::6810:5714	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 21	2a04:4e42::393 2a04:4e42::393	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:802::2008	15169 (GOOGLE) (GOOGLE)
10	18.66.248.127 18.66.248.127	16509 (AMAZON-02) (AMAZON-02)
3	2a02:26f0:350... 2a02:26f0:3500:7::17d8:4dcf	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a02:26f0:350... 2a02:26f0:3500:7::17d8:4dd4	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	23.36.163.232 23.36.163.232	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	52.217.129.24 52.217.129.24	16509 (AMAZON-02) (AMAZON-02)
5	2606:4700:440... 2606:4700:4400::ac40:9375	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:20:... 2606:4700:20::681a:6b4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2a02:26f0:350... 2a02:26f0:3500:880::523	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
1 2	151.139.128.11 151.139.128.11	20446 (STACKPATH...) (STACKPATH-CDN)
1	130.211.5.208 130.211.5.208	15169 (GOOGLE) (GOOGLE)
1	65.9.63.26 65.9.63.26	16509 (AMAZON-02) (AMAZON-02)
2	107.20.46.247 107.20.46.247	14618 (AMAZON-AES) (AMAZON-AES)
2	2604:9a00:210... 2604:9a00:2100:a04a:1::44	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
1	2a04:4e42:400... 2a04:4e42:400::729	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c08::9b	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
1	151.101.130.137 151.101.130.137	54113 (FASTLY) (FASTLY)
1	162.247.242.20 162.247.242.20	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
73	27

6 2606:4700:20::ac43:4b1c (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

cheapoair.privatehavens.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:200::388 (United States)

ASN54113 (FASTLY, US)

cdn.transifex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.156.253.85 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-156-253-85.dus51.r.cloudfront.net

d1azc1qln24ryf.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a04:4e42::393 (United States) 1 redirects

ASN54113 (FASTLY, US)

res.cloudinary.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
upload-widget.cloudinary.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 18.66.248.127 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-127.dus51.r.cloudfront.net

widget.happyfoxchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:3500:7::17d8:4dcf (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:7::17d8:4dd4 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.36.163.232 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-36-163-232.deploy.static.akamaitechnologies.com

www.cheapoair.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.217.129.24 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:4400::ac40:9375 (United States)

ASN13335 (CLOUDFLARENET, US)

happyfoxchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
avl.happyfoxchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vinfo-v.happyfoxchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:6b4 (United States)

ASN13335 (CLOUDFLARENET, US)

browser-update.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:880::523 (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)

widget.cloudinary.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.139.128.11 (United States) 1 redirects

ASN20446 (STACKPATH-CDN, US)

cdn.mouseflow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 130.211.5.208 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 208.5.211.130.bc.googleusercontent.com

cdn4.mxpnl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.63.26 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-63-26.fra56.r.cloudfront.net

cdn.heapanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 107.20.46.247 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-20-46-247.compute-1.amazonaws.com

heapanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2604:9a00:2100:a04a:1::44 (United States)

ASN30633 (LEASEWEB-USA-WDC, US)

n2.mouseflow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::729 (United States)

ASN54113 (FASTLY, US)

browser.sentry-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.130.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.242.20 (United States)

ASN23467 (NEWRELIC-AS-1, US)
PTR: bam-8.nr-data.net

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	cloudinary.com 2 redirects res.cloudinary.com — Cisco Umbrella Rank: 2274 widget.cloudinary.com — Cisco Umbrella Rank: 53654 upload-widget.cloudinary.com — Cisco Umbrella Rank: 54471	3 MB
15	happyfoxchat.com widget.happyfoxchat.com — Cisco Umbrella Rank: 71137 happyfoxchat.com — Cisco Umbrella Rank: 50771 avl.happyfoxchat.com — Cisco Umbrella Rank: 68960 vinfo-v.happyfoxchat.com — Cisco Umbrella Rank: 164691	750 KB
6	privatehavens.com 2 redirects cheapoair.privatehavens.com	1 MB
4	mouseflow.com 1 redirects cdn.mouseflow.com — Cisco Umbrella Rank: 5968 n2.mouseflow.com — Cisco Umbrella Rank: 18070	53 KB
4	amazonaws.com s3.amazonaws.com	450 KB
4	typekit.net use.typekit.net — Cisco Umbrella Rank: 497 p.typekit.net — Cisco Umbrella Rank: 633	56 KB
3	heapanalytics.com cdn.heapanalytics.com — Cisco Umbrella Rank: 3283 heapanalytics.com — Cisco Umbrella Rank: 2777	42 KB
3	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 432	83 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 37	20 KB
2	cloudfront.net d1azc1qln24ryf.cloudfront.net	123 KB
2	transifex.com cdn.transifex.com — Cisco Umbrella Rank: 102802	26 KB
1	nr-data.net bam.nr-data.net — Cisco Umbrella Rank: 586	322 B
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 381	14 KB
1	google.de www.google.de — Cisco Umbrella Rank: 5483	501 B
1	google.com www.google.com — Cisco Umbrella Rank: 7	501 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 92	450 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 46	1 KB
1	sentry-cdn.com browser.sentry-cdn.com — Cisco Umbrella Rank: 3930	21 KB
1	mxpnl.com cdn4.mxpnl.com — Cisco Umbrella Rank: 12132	18 KB
1	browser-update.org browser-update.org — Cisco Umbrella Rank: 5832	5 KB
1	cheapoair.com www.cheapoair.com — Cisco Umbrella Rank: 59600	11 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 71	56 KB
73	22

	Domain	Requested by
19	res.cloudinary.com	cheapoair.privatehavens.com
10	widget.happyfoxchat.com	cheapoair.privatehavens.com widget.happyfoxchat.com
6	cheapoair.privatehavens.com	2 redirects cheapoair.privatehavens.com
4	s3.amazonaws.com	cheapoair.privatehavens.com
3	use.typekit.net	cheapoair.privatehavens.com use.typekit.net
3	cdn.jsdelivr.net	cheapoair.privatehavens.com
2	vinfo-v.happyfoxchat.com	widget.happyfoxchat.com
2	n2.mouseflow.com	cheapoair.privatehavens.com
2	heapanalytics.com	cheapoair.privatehavens.com
2	cdn.mouseflow.com	1 redirects cheapoair.privatehavens.com
2	www.google-analytics.com	www.googletagmanager.com cheapoair.privatehavens.com
2	upload-widget.cloudinary.com	1 redirects cheapoair.privatehavens.com
2	happyfoxchat.com	cheapoair.privatehavens.com widget.happyfoxchat.com
2	d1azc1qln24ryf.cloudfront.net	cheapoair.privatehavens.com d1azc1qln24ryf.cloudfront.net
2	cdn.transifex.com	cheapoair.privatehavens.com cdn.transifex.com
1	bam.nr-data.net	js-agent.newrelic.com
1	js-agent.newrelic.com	cheapoair.privatehavens.com
1	avl.happyfoxchat.com	widget.happyfoxchat.com
1	www.google.de	cheapoair.privatehavens.com
1	www.google.com	cheapoair.privatehavens.com
1	stats.g.doubleclick.net	cheapoair.privatehavens.com
1	fonts.googleapis.com	widget.happyfoxchat.com
1	browser.sentry-cdn.com	widget.happyfoxchat.com
1	cdn.heapanalytics.com	cheapoair.privatehavens.com
1	cdn4.mxpnl.com	cheapoair.privatehavens.com
1	widget.cloudinary.com	1 redirects
1	browser-update.org	cheapoair.privatehavens.com
1	www.cheapoair.com	cheapoair.privatehavens.com
1	p.typekit.net	use.typekit.net
1	www.googletagmanager.com	cheapoair.privatehavens.com
73	30

This site contains no links.

Subject Issuer	Validity	Valid
*.privatehavens.com E1	`2022-05-15` - `2022-08-13`	3 months	crt.sh
cdn.transifex.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-12-24` - `2023-01-25`	a year	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-03` - `2022-07-02`	a year	crt.sh
*.cloudinary.com Go Daddy Secure Certificate Authority - G2	`2020-05-27` - `2022-06-22`	2 years	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.happyfoxchat.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-25` - `2023-03-28`	a year	crt.sh
use.typekit.net DigiCert TLS RSA SHA256 2020 CA1	`2022-03-07` - `2023-04-07`	a year	crt.sh
www.cheapoair.com DigiCert ECC Extended Validation Server CA	`2022-03-29` - `2023-03-29`	a year	crt.sh
s3.amazonaws.com Amazon	`2022-04-01` - `2023-03-30`	a year	crt.sh
*.mxpnl.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2021-07-15` - `2022-07-28`	a year	crt.sh
cdn.heapanalytics.com Amazon	`2021-08-28` - `2022-09-26`	a year	crt.sh
heapanalytics.com Amazon	`2021-12-09` - `2023-01-06`	a year	crt.sh
*.mouseflow.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-12` - `2022-09-14`	2 years	crt.sh
*.sentry-cdn.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-11-26` - `2022-12-28`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-10-06` - `2022-11-07`	a year	crt.sh
*.nr-data.net DigiCert TLS RSA SHA256 2020 CA1	`2022-01-10` - `2023-02-10`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://cheapoair.privatehavens.com/home
Frame ID: 6A25F52D6671006CCC1297102D7E33DD
Requests: 62 HTTP requests in this frame

Frame: https://widget.happyfoxchat.com/v2/visitor/widget-4df9122d1aef365be235db2b2886caf0.html
Frame ID: 7AC9891C6FAEF83306D388C35FFF370A
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Havens | Private Homes, Villas Suites, Residences & Novelty Stays | cheapoair.com

Page URL History Show full URLs

http://cheapoair.privatehavens.com/ HTTP 301
https://cheapoair.privatehavens.com/ HTTP 302
https://cheapoair.privatehavens.com/home Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Sentry (Issue Trackers) Expand

Overall confidence: 100%
Detected patterns

browser\.sentry\-cdn\.com/([0-9.]+)/bundle(?:\.tracing)?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Heap (Analytics) Expand

Overall confidence: 100%
Detected patterns

heap-\d+\.js

Mouse Flow (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.mouseflow\.com

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

73
Requests

97 %
HTTPS

63 %
IPv6

22
Domains

30
Subdomains

27
IPs

3
Countries

5768 kB
Transfer

11302 kB
Size

10
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://cheapoair.privatehavens.com/ HTTP 301
https://cheapoair.privatehavens.com/ HTTP 302
https://cheapoair.privatehavens.com/home Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 44

https://widget.cloudinary.com/v2.0/global/all.js HTTP 302
https://upload-widget.cloudinary.com/global/all.js HTTP 301
https://upload-widget.cloudinary.com/2.1.34/global/all.js

Request Chain 46

https://cdn.mouseflow.com/projects/746f146e-2c91-4e61-a7d3-50f9de2b6b22.js HTTP 301
https://cdn.mouseflow.com/projects/746f146e-2c91-4e61-a7d3-50f9de2b6b22_eu.js

73 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request home Show response
cheapoair.privatehavens.com/
Redirect Chain

http://cheapoair.privatehavens.com/
https://cheapoair.privatehavens.com/
https://cheapoair.privatehavens.com/home

46 KB
12 KB

234ms
234ms

Document
text/html

2606:4700:20::ac43:4b1c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cheapoair.privatehavens.com/home

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4b1c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2433427611a6604b46fc2f296738b7964cd4fee73dcbf05a66ef63413f8e985d

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 710de31f8ad95c4a-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Wed, 25 May 2022 11:21:23 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tDiaD9uiYlXxDvJVEMTy9y%2BuVT8%2Fbkm2ax9uZPgoXkNXvpr6ruEbhaO6d7f%2B1yifP1I83ro5NuEs6owWD7WYK0Zu8UQShSt0OGVDBW%2FMVg9%2FlpS57cp1LqkSZLIAe75edj1QRWwQBZBG2nxO4wF0fjxjgOvQ1x62qw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=60; preload
vary: Accept-Language, Cookie
via: 1.1 vegur
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

Redirect headers

cf-cache-status: DYNAMIC
cf-ray: 710de31cee155c4a-FRA
content-language: en
content-type: text/html; charset=utf-8
date: Wed, 25 May 2022 11:21:23 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location: /home
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LC2fYhspn78vHNmxyKHmD3im7YzgFQOD7IVEmQQZMfKvZlDXyIr%2BFZfLtoLzOnTDpZvh8Mn49voM4sWs6d2KOsg%2BLblVeErkxo%2F%2BuuXvEr5mz2aUZxalXO%2BJZp9J2YaGDSaCfFKfQzU379d1yDiuqcWMAxbHH0PxsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=60; preload
vary: Accept-Language, Cookie
via: 1.1 vegur
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 live.js Show response
cdn.transifex.com/ 91 KB
25 KB 47ms
6ms Script
text/javascript 2a04:4e42:200::388
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.transifex.com/live.js
Requested by: Host: cheapoair.privatehavens.com
URL: https://cheapoair.privatehavens.com/home
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:200::388 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5cd4a3fa08459c8cfae4a111e47b3f175596ec981b2ffbec2073f6329a666113

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cheapoair.privatehavens.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id: 0scDbNXLZgXJtcJUudyW3DPC0AZyA8lQ
content-encoding: gzip
etag: "246f58b7b09416937d31f7bcdebd9f2d"
age: 613182
via: 1.1 varnish
x-cache: HIT
content-length: 25443
x-amz-id-2: DbGQixPUZLl40Pbyn+YRUcyCUf1TyHHTccC9dVlfahA7l7K90XR29dQX4zsApt1TsI+0dzD6eYg=
x-tx-live-key: live.js
x-served-by: cache-hhn4070-HHN
last-modified: Wed, 20 Oct 2021 10:54:31 GMT
server: AmazonS3
x-timer: S1653477683.421736,VS0,VE0
date: Wed, 25 May 2022 11:21:23 GMT
vary: Accept-Encoding
x-amz-request-id: 26WATYEJM1D62DYH
access-control-allow-origin: *
accept-ranges: bytes
content-type: text/javascript
x-cache-hits: 559

GET
H2 200 style-cf.css
d1azc1qln24ryf.cloudfront.net/177007/HVN/ 23 KB
5 KB 38ms
10ms Stylesheet
text/css 108.156.253.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1azc1qln24ryf.cloudfront.net/177007/HVN/style-cf.css?73kofo
Requested by: Host: cheapoair.privatehavens.com
URL: https://cheapoair.privatehavens.com/home
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.253.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-253-85.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 85310ffb1b947d7a8aeff0e006336c1b3609a0bc53eff961b13bca3c0ca2af71

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cheapoair.privatehavens.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 17:37:07 GMT
content-encoding: gzip
last-modified: Mon, 16 May 2022 15:33:39 GMT
server: AmazonS3
age: 755057
etag: "6028fce90e3173914c9c1e571fa0f247"
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 021d8c03b9a9a9281489f9b9055209cc.cloudfront.net (CloudFront)
cache-control: max-age=31000000
x-amz-cf-pop: DUS51-P2
accept-ranges: bytes
content-length: 5061
x-amz-cf-id: F3_djZgRlz2R3YOS7Vd0aEptGTwtIeYRi09642iSCe19oZEtZ3sfqA==

GET
H2 200 cookieconsent.min.css
cdn.jsdelivr.net/npm/cookieconsent@3/build/ 5 KB
2 KB 73ms
34ms Stylesheet
text/css 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/cookieconsent@3/build/cookieconsent.min.css

Requested by

Host: cheapoair.privatehavens.com
URL: https://cheapoair.privatehavens.com/home

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cd0d0b6e50ff01ff2f3a9a70d7cfb66a7c6cb9acf7a566325568be6d3bd31fc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cheapoair.privatehavens.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 11:21:23 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 6923
x-jsd-version: 3.1.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19138-FRA, cache-hhn4022-HHN
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"135e-3nthfC1sCV/yhiNebPZMMo2hpL8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cd0MeT9umiWwCB7JfPCGHx2P%2FE61wBO8mqH5t3w3aP%2Fwie6p%2B5seE77POvio5u4y56nXy2lBtos9XjoKvwDul7Z27rmBvIQvTX0MRklPGaNNxAQeoX7F5N6cLb4LvZbzvc%2BMCCnowLTVcVwtO6w%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 710de3216c109019-FRA

GET
H2 200 cheapoair.a2ced1b17db7262900a1.css
cheapoair.privatehavens.com/static/bundles/ 986 KB
129 KB 22ms
21ms Stylesheet
text/css 2606:4700:20::ac43:4b1c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cheapoair.privatehavens.com/static/bundles/cheapoair.a2ced1b17db7262900a1.css
Requested by: Host: cheapoair.privatehavens.com
URL: https://cheapoair.privatehavens.com/home
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6417ac7006c02a2ca7286d50ba079bff21966aa3ea3075036986dac90f441802

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cheapoair.privatehavens.com/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 11:21:23 GMT
via: 1.1 vegur
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 17
content-encoding: br
last-modified: Wed, 25 May 2022 01:33:14 GMT
server: cloudflare
etag: W/"628d875a-f66d0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HnBmKduqp0Fz1kow6KuGh2lrGFt9RWn9p4FF6wXicBP2ePvPFMyHJg6zv74IYkziYYGICqRY33a3CQqxcDPTS6bEBYWCjRvlLF64%2Br1W33hkdQz%2BRbAEjeeKSvO5YCH9pJStDLGdf3Ns4LCeRsC6EIFHHtswam8OPA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset="utf-8"
access-control-allow-origin: *
cache-control: public, max-age=14400
cf-ray: 710de3212db05c4a-FRA

GET
H2 200 cheapoair-a2ced1b17db7262900a1.js Show response
cheapoair.privatehavens.com/static/bundles/ 1 KB
1 KB 15ms
14ms Script
application/javascript 2606:4700:20::ac43:4b1c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cheapoair.privatehavens.com/static/bundles/cheapoair-a2ced1b17db7262900a1.js
Requested by: Host: cheapoair.privatehavens.com
URL: https://cheapoair.privatehavens.com/home
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7b33c8928a3838ad0bd8734d831097c11f44e91243ab8a329417b14bc23cf814

Request headers

Referer: https://cheapoair.privatehavens.com/home
Origin: https://cheapoair.privatehavens.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 11:21:23 GMT
via: 1.1 vegur
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 17
content-encoding: br
last-modified: Wed, 25 May 2022 01:33:14 GMT
server: cloudflare
etag: W/"628d875a-592"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M6pvbxhzww9ekURqQBmvD9E%2BQcdjPg06IR3KwQq0t04vAmLKkIlqdic9RR84DOqyoWGlS92z8E6EFBfQFwWimbDExs11awZdT569otQym9RNMuGMu%2FkYOj8VEuPkrMTtedaoQfs%2B5vO0fyxVF7AojJUMZDlOE6SWhQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset="utf-8"
access-control-allow-origin: *
cache-control: public, max-age=14400
cf-ray: 710de3212db15c4a-FRA

GET
H2 200 main-a2ced1b17db7262900a1.js Show response
cheapoair.privatehavens.com/static/bundles/ 3 MB
968 KB 34ms
34ms Script
application/javascript 2606:4700:20::ac43:4b1c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cheapoair.privatehavens.com/static/bundles/main-a2ced1b17db7262900a1.js
Requested by: Host: cheapoair.privatehavens.com
URL: https://cheapoair.privatehavens.com/home
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fcf22fd71284323af7a193154431b53e729e0d7eb9d290a0a6490a37481acfbe

Request headers

Referer: https://cheapoair.privatehavens.com/home
Origin: https://cheapoair.privatehavens.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 11:21:23 GMT
via: 1.1 vegur
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 17
content-encoding: br
last-modified: Wed, 25 May 2022 01:33:14 GMT
server: cloudflare
etag: W/"628d875a-338731"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=psJHt1Kd3U15n03NMtEv%2FqXcFdOntvVFv06lgxlNiDhZHjJcCpoMlfwY8PE1%2Fu1xVqMdjXOcQzZkYS2Ucu7MakTWUcttOdNm9yIhrR0sz4SSj02567c%2FeoNlVsHKzqu%2BIDNe9SR30N0%2BS5RDbbkOrK%2FIrvkpABCJXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset="utf-8"
access-control-allow-origin: *
cache-control: public, max-age=14400
cf-ray: 710de3212db25c4a-FRA

GET
H2 200 image35_ixkfla.png
res.cloudinary.com/stayhvn/image/upload/e_trim/v1639021333/uploads/ 2 KB
2 KB 36ms
8ms Image
image/png 2a04:4e42::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/stayhvn/image/upload/e_trim/v1639021333/uploads/image35_ixkfla.png

Requested by

Host: cheapoair.privatehavens.com
URL: https://cheapoair.privatehavens.com/home

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

fddb543054695245da28fa565e01d01e6e5ad7fcf0c9eec69df9e8d51b662ba8

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cheapoair.privatehavens.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 11:21:23 GMT
x-content-type-options: nosniff
last-modified: Thu, 09 Dec 2021 03:44:44 GMT
server: Cloudinary
etag: "11191fe1eeeb72acda27fea80dd8ec5d"
strict-transport-security: max-age=604800
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=2592000
server-timing: fastly;dur=2;cpu=1;start=2022-05-25T11:21:23.489Z;desc=hit,rtt;dur=6
accept-ranges: bytes
timing-allow-origin: *
content-length: 1929

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 153 KB
56 KB 165ms
83ms Script
application/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-M3SM5M2

Requested by

Host: cheapoair.privatehavens.com
URL: https://cheapoair.privatehavens.com/home

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

629fbc7e8771843af72d54db59f3571ed9e81c2a93f672362de2089996cc0128

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cheapoair.privatehavens.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 11:21:23 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57020
x-xss-protection: 0
last-modified: Wed, 25 May 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 25 May 2022 11:21:23 GMT

GET
H/1.1 200
OK widget-loader.js Show response
widget.happyfoxchat.com/v2/visitor/js/ 13 KB
4 KB 262ms
184ms Script
application/javascript 18.66.248.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.happyfoxchat.com/v2/visitor/js/widget-loader.js
Requested by: Host: cheapoair.privatehavens.com
URL: https://cheapoair.privatehavens.com/home
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-127.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6e3c5d3727eb05f432ee9c020a01bb21ec2623d2067b28aa34eca85f06e97df2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cheapoair.privatehavens.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 11:21:24 GMT
Content-Encoding: br
Last-Modified: Tue, 10 May 2022 12:43:53 GMT
Server: AmazonS3
X-Amz-Cf-Pop: DUS51-P1
ETag: W/"f978461b81b283f83a3d77ae0e8e9f77"
Vary: Accept-Encoding
X-Cache: RefreshHit from cloudfront
Content-Type: application/javascript;charset=UTF-8
Via: 1.1 6ee47dd27ca379a812104b559e9a5a22.cloudfront.net (CloudFront)
Cache-Control: no-cache, no-store, must-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
X-Amz-Cf-Id: q05gM6Asgp9eVbkf2mQMGo08dy4_zYfKctPHvikCy2bjAF3LjL8aag==

GET
H2 200 amt7bsn.css
use.typekit.net/ 3 KB
987 B 33ms
11ms Stylesheet
text/css 2a02:26f0:3500:7::17d8:4dcf
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/amt7bsn.css

Requested by

Host: cheapoair.privatehavens.com
URL: https://cheapoair.privatehavens.com/static/bundles/cheapoair.a2ced1b17db7262900a1.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:7::17d8:4dcf Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

3aea93eec938c513af0b87d68613aaca4c4885e041d4fb8d56b376dc76eea348

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cheapoair.privatehavens.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
server: nginx
date: Wed, 25 May 2022 11:21:23 GMT
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 755

GET
H2 200 lazyload.min.js Show response
cdn.jsdelivr.net/npm/vanilla-lazyload@17.4.0/dist/ 7 KB
3 KB 24ms
24ms Script
application/javascript 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/vanilla-lazyload@17.4.0/dist/lazyload.min.js

Requested by

Host: cheapoair.privatehavens.com
URL: https://cheapoair.privatehavens.com/home

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

52e933f3e16543bf2d538de2c76a0a0dc2bce2c269298cee53c5f0790d43694d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cheapoair.privatehavens.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 11:21:23 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 5623158
x-jsd-version: 17.4.0
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19126-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"1d99-sBjYQg767ak4wapTiZ59CfMr0g0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nCgqwOR8bA6CTZbbDmIqQc8vLoTx1zJIVIDBCTc7x4ohWh4go9%2Bo8DKRr7x1zNt%2BBulgR9TksItuJuXFG3AaZ94lsQ8QeJJEHUEY8%2FkvFxP634dpIINQxx%2FsFhbr9lDIqUjOZsbKYob5BYOboHs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 710de321ac5e9019-FRA

GET
H2 200 manifest.jsonp Show response
cdn.transifex.com/089d11df990f468d8b26c80c2ae99dff/latest/ 692 B
548 B 7ms
7ms Script
text/javascript 2a04:4e42:200::388
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.transifex.com/089d11df990f468d8b26c80c2ae99dff/latest/manifest.jsonp
Requested by: Host: cdn.transifex.com
URL: https://cdn.transifex.com/live.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:200::388 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3c8f4eb2d0c4ddd282f6c11e4caea9aae83e839b5b2549ff5347e6553d2283f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cheapoair.privatehavens.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: "8368e9e5a4ce7d3f0e5f1dc422509e5f"
age: 1903887
via: 1.1 varnish
x-cache: HIT
content-length: 314
x-amz-id-2: lsl2+97z52IaYGzLeAXooQnGEOWcUfVAt6hagZP8XI6Qjx4gITAcF7O93XLLvBp520v1XMMLW2g=
x-tx-live-key: 089d11df990f468d8b26c80c2ae99dff
x-served-by: cache-hhn4070-HHN
last-modified: Fri, 23 Oct 2020 13:15:39 GMT
server: AmazonS3
x-timer: S1653477683.463139,VS0,VE1
date: Wed, 25 May 2022 11:21:23 GMT
vary: Accept-Encoding
x-amz-request-id: D5M52QDQX1BEZ6HP
access-control-allow-origin: *
accept-ranges: bytes
content-type: text/javascript
x-cache-hits: 1

GET
H2 200 p.css
p.typekit.net/ 5 B
181 B 44ms
8ms Stylesheet
text/css 2a02:26f0:3500:7::17d8:4dd4
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=amt7bsn&ht=tk&f=8482.8484.10294&a=7306612&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/amt7bsn.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:7::17d8:4dd4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://use.typekit.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 11:21:23 GMT
last-modified: Sat, 16 Oct 2021 08:18:43 GMT
server: nginx
etag: "616a8ae3-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H2 200 coa-logo.png
www.cheapoair.com/reasonstotravel/wp-content/uploads/sites/2/2017/06/ 11 KB
11 KB 88ms
18ms Image
image/png 23.36.163.232
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cheapoair.com/reasonstotravel/wp-content/uploads/sites/2/2017/06/coa-logo.png
Requested by: Host: cheapoair.privatehavens.com
URL: https://cheapoair.privatehavens.com/home
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.232 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-232.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e6fe653b95e15ba3388e6c75ffd69392c9c2ea9c35c0c7569a64906bb87c1e46

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cheapoair.privatehavens.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 11:21:23 GMT
last-modified: Mon, 04 May 2020 00:55:12 GMT
etag: "5eaf67f0-2a7e"
akamai-x-true-edgecontrol-ttl: 604800
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
content-length: 10878
expires: Thu, 26 May 2022 11:21:23 GMT

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5a39215fb9a5d1e5a04a4d0c82fa40fc9a889bc0136604940c3a7fc5de5179a2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK Gotham-Book_Web.woff2
s3.amazonaws.com/assets-a.stayhvn.com/hco_fonts/woff2/ 41 KB
41 KB 441ms
129ms Font
binary/octet-stream 52.217.129.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/assets-a.stayhvn.com/hco_fonts/woff2/Gotham-Book_Web.woff2
Requested by: Host: cheapoair.privatehavens.com
URL: https://cheapoair.privatehavens.com/static/bundles/cheapoair.a2ced1b17db7262900a1.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.129.24 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 3f51250e2d3ef478f59bc89cb67681b5ed423f8f8dc22062fb49e101e5032a2e

Request headers

Referer: https://cheapoair.privatehavens.com/
Origin: https://cheapoair.privatehavens.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 11:21:25 GMT
Last-Modified: Wed, 27 Mar 2019 20:37:07 GMT
Server: AmazonS3
x-amz-request-id: MGQCBHFAMFDBP6C5
ETag: "d838b98f75e3cb9574f9b8b796eb1e8f"
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods: GET, HEAD
Content-Type: binary/octet-stream
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 3000
Accept-Ranges: bytes
Content-Length: 41728
x-amz-id-2: ddvHsSWTIVtzK/+1J6GWsfF0j1sVdqErXcAtjvj7HE5c6EEQsrO2HI8S1Ln89s4FQVDwRvTbqd8=

GET
H/1.1 200
OK Gotham-Medium_Web.woff2
s3.amazonaws.com/assets-a.stayhvn.com/hco_fonts/woff2/ 41 KB
41 KB 444ms
132ms Font
binary/octet-stream 52.217.129.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/assets-a.stayhvn.com/hco_fonts/woff2/Gotham-Medium_Web.woff2
Requested by: Host: cheapoair.privatehavens.com
URL: https://cheapoair.privatehavens.com/static/bundles/cheapoair.a2ced1b17db7262900a1.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.129.24 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: ba17f8257b1f710aa0e7136f4bd4b91a9a7db4f9cac2c409caf8708a64787303

Request headers

Referer: https://cheapoair.privatehavens.com/
Origin: https://cheapoair.privatehavens.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 11:21:25 GMT
Last-Modified: Wed, 27 Mar 2019 20:37:07 GMT
Server: AmazonS3
x-amz-request-id: MGQ19XMNCBMSYH9K
ETag: "68ce85d44fef05344ea74f94f3e6b472"
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods: GET, HEAD
Content-Type: binary/octet-stream
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 3000
Accept-Ranges: bytes
Content-Length: 41488
x-amz-id-2: B83NuQtjUY5rDrFDwCZ6NnN2a8eOsiUbyA8avxCcoByizerLhqs16gbVgQO2REDthbnZqCxUZr0=

GET
DATA 200
OK truncated
/ 2 KB
2 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60280b8ab4c8d489c74567c55e14945b935c2f5937855f808163ee40a65f065f

Request headers

Referer
Origin: https://cheapoair.privatehavens.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
H2 200 icomoon.woff2
d1azc1qln24ryf.cloudfront.net/177007/HVN/ 117 KB
117 KB 39ms
20ms Font
application/font-woff2 108.156.253.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1azc1qln24ryf.cloudfront.net/177007/HVN/icomoon.woff2?xb0xly
Requested by: Host: d1azc1qln24ryf.cloudfront.net
URL: https://d1azc1qln24ryf.cloudfront.net/177007/HVN/style-cf.css?73kofo
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.253.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-253-85.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 565bfdebc1a71d7b9e86b9671f4bec3edb66f547ae11a6ba02b0005365394ab2

Request headers

Referer: https://d1azc1qln24ryf.cloudfront.net/177007/HVN/style-cf.css?73kofo
Origin: https://cheapoair.privatehavens.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 11:21:09 GMT
via: 1.1 6d98bef126a4247ea75e1c5621ccd3fc.cloudfront.net (CloudFront)
age: 15
x-cache: Hit from cloudfront
content-length: 119656
last-modified: Mon, 16 May 2022 15:33:40 GMT
server: AmazonS3
etag: "64c089a0ff3db0b5a310f3785751e27d"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=31000000
x-amz-cf-pop: DUS51-P2
accept-ranges: bytes
x-amz-cf-id: 3ZcHx_7u7yipCuVzkYh4Amfhs9YB9N45OlgGUhfc82swI7smXSVclg==

GET
H3 200 fa-solid-900.woff2
cdn.jsdelivr.net/npm/@fortawesome/fontawesome-free@5.13.0/webfonts/ 78 KB
78 KB 41ms
24ms Font
font/woff2 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/@fortawesome/fontawesome-free@5.13.0/webfonts/fa-solid-900.woff2

Requested by

Host: cheapoair.privatehavens.com
URL: https://cheapoair.privatehavens.com/static/bundles/cheapoair.a2ced1b17db7262900a1.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7f4d3fd0a705dbf8403298aad91d5de6972e6b5d536068eba8b24954a5a0a8c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://cheapoair.privatehavens.com/
Origin: https://cheapoair.privatehavens.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 11:21:23 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 5623164
x-jsd-version: 5.13.0
x-cache: MISS, HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 79444
x-served-by: cache-fra19121-FRA, cache-hhn4081-HHN
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"13654-daiIFcR6JJ6ttfDtwWdZV/hgzKc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J9f7XigHdfPGWPDvrpPtnGfBUhsq2UhWcxZxAfgQ%2FWwqJUKrMWXeddVg4pVGImStxnom3oreUN4LtUrpE%2F0yUaQaAUTOhf1STB5pixFC5exEQNv3OPcPDIacHbud4AXsTt8s7KNSUYWl0cd2AeQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
cf-ray: 710de323df9f9bac-FRA

GET
H/1.1 200
OK Gotham-Bold_Web.woff2
s3.amazonaws.com/assets-a.stayhvn.com/hco_fonts/woff2/ 38 KB
39 KB 439ms
127ms Font
binary/octet-stream 52.217.129.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/assets-a.stayhvn.com/hco_fonts/woff2/Gotham-Bold_Web.woff2
Requested by: Host: cheapoair.privatehavens.com
URL: https://cheapoair.privatehavens.com/static/bundles/cheapoair.a2ced1b17db7262900a1.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.129.24 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 319881caca6f5f0d1e8e24040579d93386008e39dee1045965124b86303143e1

Request headers

Referer: https://cheapoair.privatehavens.com/
Origin: https://cheapoair.privatehavens.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 11:21:25 GMT
Last-Modified: Wed, 27 Mar 2019 20:37:07 GMT
Server: AmazonS3
x-amz-request-id: MGQ8V0DQA6DTAP6H
ETag: "003e90cf8cb3f8b4bef30d6764da18ed"
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods: GET, HEAD
Content-Type: binary/octet-stream
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 3000
Accept-Ranges: bytes
Content-Length: 39264
x-amz-id-2: LfK0AQaKwjDadBQHAxAWwIa+P8rV3cfGuSM4lxWy7x//5Y0GnJ+ZOnE2MyWB6zWJtEXzddTp1Lc=

GET
H/1.1 200
OK santorini_villaaura_02.jpg
s3.amazonaws.com/assets-a.stayhvn.com/images/ 329 KB
329 KB 636ms
332ms Image
image/jpeg 52.217.129.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/assets-a.stayhvn.com/images/santorini_villaaura_02.jpg
Requested by: Host: cheapoair.privatehavens.com
URL: https://cheapoair.privatehavens.com/static/bundles/cheapoair.a2ced1b17db7262900a1.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.129.24 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 11fbca1536a0121840be0f7bb51590ae6f85b0a44101f377e3abf294086ea211

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cheapoair.privatehavens.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 11:21:25 GMT
Last-Modified: Mon, 03 Dec 2018 20:59:02 GMT
Server: AmazonS3
x-amz-request-id: MGQ7DCNDWKXRAAPJ
ETag: "c24fd37701270db88f9143883619930b"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 336786
x-amz-id-2: d4QhAA3vA/ISjIPWqMYhasVd1rTQ6evJsevGjAtSiJRiaPlbR8XT790MlD1JLsusFYdIJwyYBas=

GET
H2 200 svcd_ytww3u.jpg
res.cloudinary.com/stayhvn/image/upload/f_auto,q_auto/v1563836036/uploads/ 342 KB
342 KB 8ms
8ms Image
image/jpeg 2a04:4e42::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/stayhvn/image/upload/f_auto,q_auto/v1563836036/uploads/svcd_ytww3u.jpg

Requested by

Host: cheapoair.privatehavens.com
URL: https://cheapoair.privatehavens.com/home

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

90e29c1fcab485fafd5ea0a7c1e8fe2f2f0fa425e369ead0ae8e39fae28683b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cheapoair.privatehavens.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 11:21:23 GMT
x-content-type-options: nosniff
last-modified: Fri, 27 Aug 2021 15:03:57 GMT
server: Cloudinary
etag: "a84c409f52ee12d114a24d1aea073ecc"
vary: Save-Data
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=2592000
server-timing: fastly;dur=1;cpu=0;start=2022-05-25T11:21:23.844Z;desc=hit,rtt;dur=6
strict-transport-security: max-age=604800
accept-ranges: bytes
timing-allow-origin: *
content-length: 350149

GET
H2 200 private_rynebv.jpg
res.cloudinary.com/stayhvn/image/upload/f_auto,q_auto/v1563836267/uploads/ 258 KB
258 KB 9ms
8ms Image
image/jpeg 2a04:4e42::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/stayhvn/image/upload/f_auto,q_auto/v1563836267/uploads/private_rynebv.jpg

Requested by

Host: cheapoair.privatehavens.com
URL: https://cheapoair.privatehavens.com/home

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

ca3457ef334225209dc944b8e9ad0d7777d4ac998c253fef5d41700b627fc34b

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cheapoair.privatehavens.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 11:21:23 GMT
x-content-type-options: nosniff
last-modified: Fri, 27 Aug 2021 15:03:57 GMT
server: Cloudinary
etag: "36550bcfe45a524b794396f427af48db"
vary: Save-Data
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=2592000
server-timing: fastly;dur=1;cpu=0;start=2022-05-25T11:21:23.844Z;desc=hit,rtt;dur=6
strict-transport-security: max-age=604800
accept-ranges: bytes
timing-allow-origin: *
content-length: 264061

GET
H2 200 novelty_bdh2is.jpg
res.cloudinary.com/stayhvn/image/upload/f_auto,q_auto/v1563836367/uploads/ 192 KB
192 KB 8ms
8ms Image
image/webp 2a04:4e42::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/stayhvn/image/upload/f_auto,q_auto/v1563836367/uploads/novelty_bdh2is.jpg

Requested by

Host: cheapoair.privatehavens.com
URL: https://cheapoair.privatehavens.com/home

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

221776ee48824ac64102b9173a72759142fefdb925c73b0b2c29db8bfb5d3bf9

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cheapoair.privatehavens.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 11:21:23 GMT
x-content-type-options: nosniff
content-disposition: inline; filename="novelty_bdh2is.webp"
server-timing: fastly;dur=1;cpu=0;start=2022-05-25T11:21:23.844Z;desc=hit,rtt;dur=6
vary: Save-Data
content-length: 196790
last-modified: Fri, 27 Aug 2021 15:03:57 GMT
server: Cloudinary
etag: "2887fc589e8c679acb6bf437d134a5a2"
strict-transport-security: max-age=604800
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 Serendipity_Palm_Springs_-_138_cover_image_oxhzwp.jpg
res.cloudinary.com/stayhvn/image/upload/f_auto,q_auto/v1576540691/uploads/ 252 KB
252 KB 9ms
9ms Image
image/jpeg 2a04:4e42::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/stayhvn/image/upload/f_auto,q_auto/v1576540691/uploads/Serendipity_Palm_Springs_-_138_cover_image_oxhzwp.jpg

Requested by

Host: cheapoair.privatehavens.com
URL: https://cheapoair.privatehavens.com/home

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

1735146bbf31c3c00c4014c17fdcdbbeede00dc599187e429019bfe1d2439d1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cheapoair.privatehavens.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 11:21:23 GMT
x-content-type-options: nosniff
last-modified: Fri, 27 Aug 2021 15:03:57 GMT
server: Cloudinary
etag: "6cc3f0baf67a0dbe0bbad2163d130cea"
vary: Save-Data
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=2592000
server-timing: fastly;dur=1;cpu=0;start=2022-05-25T11:21:23.845Z;desc=hit,rtt;dur=6
strict-transport-security: max-age=604800
accept-ranges: bytes
timing-allow-origin: *
content-length: 258232

GET
H2 200 hawaii_on1j2e.jpg
res.cloudinary.com/stayhvn/image/upload/f_auto,q_auto/v1563999302/uploads/ 54 KB
54 KB 23ms
23ms Image
image/webp 2a04:4e42::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/stayhvn/image/upload/f_auto,q_auto/v1563999302/uploads/hawaii_on1j2e.jpg

Requested by

Host: cheapoair.privatehavens.com
URL: https://cheapoair.privatehavens.com/home

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

2ac54e2f20f9445213a00e6f720292d4ced1b800f011aec803a6dc030b342dab

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cheapoair.privatehavens.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 11:21:23 GMT
x-content-type-options: nosniff
content-disposition: inline; filename="hawaii_on1j2e.webp"
server-timing: fastly;dur=1;cpu=0;start=2022-05-25T11:21:23.845Z;desc=hit,rtt;dur=6
vary: Save-Data
content-length: 54854
last-modified: Fri, 27 Aug 2021 15:03:56 GMT
server: Cloudinary
etag: "6f604e9a9911c6ff1a1618299ab6477e"
strict-transport-security: max-age=604800
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 orlando_ydaoqr.jpg
res.cloudinary.com/stayhvn/image/upload/f_auto,q_auto/v1563999410/uploads/ 41 KB
41 KB 24ms
24ms Image
image/webp 2a04:4e42::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/stayhvn/image/upload/f_auto,q_auto/v1563999410/uploads/orlando_ydaoqr.jpg

Requested by

Host: cheapoair.privatehavens.com
URL: https://cheapoair.privatehavens.com/home

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

62e460a468b10d621daf574a9b5d1d023622bf5d4b66e7de312e16282d89cde8

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cheapoair.privatehavens.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 11:21:23 GMT
x-content-type-options: nosniff
content-disposition: inline; filename="orlando_ydaoqr.webp"
server-timing: fastly;dur=1;cpu=0;start=2022-05-25T11:21:23.845Z;desc=hit,rtt;dur=6
vary: Save-Data
content-length: 42124
last-modified: Fri, 27 Aug 2021 15:03:57 GMT
server: Cloudinary
etag: "0c3f7c2e13af216938660fa62c410a7e"
strict-transport-security: max-age=604800
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 Arkup_Miami_copy_jac1h0.jpg
res.cloudinary.com/stayhvn/image/upload/f_auto,q_auto/v1580154752/uploads/ 60 KB
60 KB 24ms
23ms Image
image/webp 2a04:4e42::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/stayhvn/image/upload/f_auto,q_auto/v1580154752/uploads/Arkup_Miami_copy_jac1h0.jpg

Requested by

Host: cheapoair.privatehavens.com
URL: https://cheapoair.privatehavens.com/home

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

243ffe1560702f3461e112c0cfdc99f9addbdddf548aed2dcfd1095a0caf2a92

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cheapoair.privatehavens.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 11:21:23 GMT
x-content-type-options: nosniff
content-disposition: inline; filename="Arkup_Miami_copy_jac1h0.webp"
server-timing: fastly;dur=1;cpu=0;start=2022-05-25T11:21:23.846Z;desc=hit,rtt;dur=6
vary: Save-Data
content-length: 61164
last-modified: Fri, 27 Aug 2021 15:03:57 GMT
server: Cloudinary
etag: "287ce6ffb54d764a7e6a568d34d1f960"
strict-transport-security: max-age=604800
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 l
use.typekit.net/af/3cbd9b/000000000000000000012d68/27/ 28 KB
28 KB 46ms
23ms Font
application/font-woff2 2a02:26f0:3500:7::17d8:4dcf
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/3cbd9b/000000000000000000012d68/27/l?primer=7fa3915bdafdf03041871920a205bef951d72bf64dd4c4460fb992e3ecc3a862&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/amt7bsn.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:7::17d8:4dcf Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: abce8273d13121fd8b8f43dbe7fcecebab2473b834962d97bbb7d0b5c35c640f

Request headers

Referer: https://use.typekit.net/amt7bsn.css
Origin: https://cheapoair.privatehavens.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 11:21:23 GMT
server: nginx
etag: "b6c1b6a2f6ef98e58bd208f1e69434410529b11f"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 28404

GET
H2 200 l
use.typekit.net/af/1da05b/0000000000000000000132df/27/ 26 KB
27 KB 36ms
14ms Font
application/font-woff2 2a02:26f0:3500:7::17d8:4dcf
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/1da05b/0000000000000000000132df/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/amt7bsn.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:7::17d8:4dcf Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: c763917e443b5583abccb9674edfaf82deada941ad5894d28c672c632fcd64dc

Request headers

Referer: https://use.typekit.net/amt7bsn.css
Origin: https://cheapoair.privatehavens.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 11:21:23 GMT
server: nginx
etag: "49d80c15efa35e0c65ed7e265d2c0333b309aa4e"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 26888

GET
H2 200 version Show response
happyfoxchat.com/company/72e84340-d375-11ea-993d-9514b0980f09/ 33 B
530 B 274ms
227ms XHR
application/json 2606:4700:4400::ac40:9375
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://happyfoxchat.com/company/72e84340-d375-11ea-993d-9514b0980f09/version

Requested by

Host: cheapoair.privatehavens.com
URL: https://cheapoair.privatehavens.com/static/bundles/main-a2ced1b17db7262900a1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9375 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1d027accd770e1a5f55e2610056774c3e577ffc5819ad4c6eb481174e3efa91c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cheapoair.privatehavens.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 11:21:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
vary: Accept-Encoding
x-xss-protection: 0
pragma: no-cache
referrer-policy: no-referrer
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"21-moUv/bBGsgJIRa1aps27FqOUwy8"
expect-ct: max-age=0
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
content-type: application/json; charset=utf-8
access-control-allow-origin: https://cheapoair.privatehavens.com
cache-control: private, no-cache, no-store, must-revalidate
x-hf-build-version: 9.0.0
cf-ray: 710de324be2e9b77-FRA
expires: -1

GET
H2 200 Gran_Via_V_udirek.jpg
res.cloudinary.com/stayhvn/image/upload/f_auto,q_auto/v1580926144/uploads/ 380 KB
380 KB 8ms
8ms Image
image/webp 2a04:4e42::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/stayhvn/image/upload/f_auto,q_auto/v1580926144/uploads/Gran_Via_V_udirek.jpg

Requested by

Host: cheapoair.privatehavens.com
URL: https://cheapoair.privatehavens.com/home

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

b463cd3af96ef76d6ebcfde8d987efb502f739f07842a5e6a95a026ff736f118

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cheapoair.privatehavens.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 11:21:23 GMT
x-content-type-options: nosniff
content-disposition: inline; filename="Gran_Via_V_udirek.webp"
server-timing: fastly;dur=1;cpu=0;start=2022-05-25T11:21:23.907Z;desc=hit,rtt;dur=8
vary: Save-Data
content-length: 389046
last-modified: Fri, 27 Aug 2021 15:03:59 GMT
server: Cloudinary
etag: "d1a944a443897ee71ee60ca936ef34c1"
strict-transport-security: max-age=604800
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 Ca_Pantalon_Venice_zwg0a4.jpg
res.cloudinary.com/stayhvn/image/upload/f_auto,q_auto/v1580936749/uploads/ 442 KB
442 KB 8ms
8ms Image
image/jpeg 2a04:4e42::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/stayhvn/image/upload/f_auto,q_auto/v1580936749/uploads/Ca_Pantalon_Venice_zwg0a4.jpg

Requested by

Host: cheapoair.privatehavens.com
URL: https://cheapoair.privatehavens.com/home

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

8dfdb15cf90fdc8efc1d710f87b03133eb613372605c80668c8bbc2bab9e781a

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cheapoair.privatehavens.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 11:21:23 GMT
x-content-type-options: nosniff
last-modified: Fri, 27 Aug 2021 15:04:00 GMT
server: Cloudinary
etag: "48600f0c8547c0b3a1bd9ce2a6b75ec6"
vary: Save-Data
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=2592000
server-timing: fastly;dur=1;cpu=0;start=2022-05-25T11:21:23.908Z;desc=hit,rtt;dur=8
strict-transport-security: max-age=604800
accept-ranges: bytes
timing-allow-origin: *
content-length: 452435

GET
H2 200 South_Beach_Cottage_-_2708_original_bpp1uf.jpg
res.cloudinary.com/stayhvn/image/upload/f_auto,q_auto/v1568215183/uploads/ 188 KB
188 KB 9ms
8ms Image
image/webp 2a04:4e42::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/stayhvn/image/upload/f_auto,q_auto/v1568215183/uploads/South_Beach_Cottage_-_2708_original_bpp1uf.jpg

Requested by

Host: cheapoair.privatehavens.com
URL: https://cheapoair.privatehavens.com/home

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

d85f8f547ee635f91471dbe7f59c381f73ff44d0a14236bd1e7d17c77dadf7b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cheapoair.privatehavens.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 11:21:23 GMT
x-content-type-options: nosniff
content-disposition: inline; filename="South_Beach_Cottage_-_2708_original_bpp1uf.webp"
server-timing: fastly;dur=1;cpu=0;start=2022-05-25T11:21:23.908Z;desc=hit,rtt;dur=8
vary: Save-Data
content-length: 192510
last-modified: Fri, 27 Aug 2021 15:03:58 GMT
server: Cloudinary
etag: "2fe20a785e143bec2971a114ead21683"
strict-transport-security: max-age=604800
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 Tortuga_Bay_B9_ivywxx.jpg
res.cloudinary.com/stayhvn/image/upload/f_auto,q_auto/v1578682054/uploads/ 66 KB
66 KB 8ms
8ms Image
image/webp 2a04:4e42::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/stayhvn/image/upload/f_auto,q_auto/v1578682054/uploads/Tortuga_Bay_B9_ivywxx.jpg

Requested by

Host: cheapoair.privatehavens.com
URL: https://cheapoair.privatehavens.com/home

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

4d02bd73fb510465b3bde6ab7fabab7dcb08148c808706b8525e931f393802ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cheapoair.privatehavens.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 11:21:23 GMT
x-content-type-options: nosniff
content-disposition: inline; filename="Tortuga_Bay_B9_ivywxx.webp"
server-timing: fastly;dur=1;cpu=0;start=2022-05-25T11:21:23.908Z;desc=hit,rtt;dur=8
vary: Save-Data
content-length: 67248
last-modified: Fri, 27 Aug 2021 15:03:58 GMT
server: Cloudinary
etag: "62c63a929dc9facb74ba307c811f14b6"
strict-transport-security: max-age=604800
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 Cabo_San_Lucas_beachfront_mnqycc.jpg
res.cloudinary.com/stayhvn/image/upload/f_auto,q_auto/v1578683180/uploads/ 284 KB
284 KB 9ms
8ms Image
image/jpeg 2a04:4e42::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/stayhvn/image/upload/f_auto,q_auto/v1578683180/uploads/Cabo_San_Lucas_beachfront_mnqycc.jpg

Requested by

Host: cheapoair.privatehavens.com
URL: https://cheapoair.privatehavens.com/home

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

2519affcf79e9da2e4ee6b773f1e3851931aedb948f2063a605a00db1a4d393d

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cheapoair.privatehavens.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 11:21:23 GMT
x-content-type-options: nosniff
last-modified: Fri, 27 Aug 2021 15:03:58 GMT
server: Cloudinary
etag: "0ef164ff7d00df983326d7577d4ad921"
vary: Save-Data
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=2592000
server-timing: fastly;dur=1;cpu=0;start=2022-05-25T11:21:23.908Z;desc=hit,rtt;dur=8
strict-transport-security: max-age=604800
accept-ranges: bytes
timing-allow-origin: *
content-length: 290488

GET
H2 200 Villa_View_Cover_Image_gn00jd.jpg
res.cloudinary.com/stayhvn/image/upload/f_auto,q_auto/v1576535231/uploads/ 40 KB
40 KB 8ms
8ms Image
image/webp 2a04:4e42::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/stayhvn/image/upload/f_auto,q_auto/v1576535231/uploads/Villa_View_Cover_Image_gn00jd.jpg

Requested by

Host: cheapoair.privatehavens.com
URL: https://cheapoair.privatehavens.com/home

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

8f2a9f9fcc004405942cd8bd7249853770add9ee5d90581947fdb8c6d12cad21

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cheapoair.privatehavens.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 11:21:23 GMT
x-content-type-options: nosniff
content-disposition: inline; filename="Villa_View_Cover_Image_gn00jd.webp"
server-timing: fastly;dur=1;cpu=0;start=2022-05-25T11:21:23.908Z;desc=hit,rtt;dur=8
vary: Save-Data
content-length: 41328
last-modified: Fri, 27 Aug 2021 15:03:58 GMT
server: Cloudinary
etag: "af580a5ca5cec350c6d55f74c0b39e62"
strict-transport-security: max-age=604800
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 ibiza_red_villa_2_copy_h499et.jpg
res.cloudinary.com/stayhvn/image/upload/f_auto,q_auto/v1568222124/uploads/ 24 KB
25 KB 18ms
17ms Image
image/webp 2a04:4e42::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/stayhvn/image/upload/f_auto,q_auto/v1568222124/uploads/ibiza_red_villa_2_copy_h499et.jpg

Requested by

Host: cheapoair.privatehavens.com
URL: https://cheapoair.privatehavens.com/home

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

67d3d6e0114ee7a68c3d83386e7f36233e5ae2262946881ebab28b4bf41b385e

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cheapoair.privatehavens.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 11:21:23 GMT
x-content-type-options: nosniff
content-disposition: inline; filename="ibiza_red_villa_2_copy_h499et.webp"
server-timing: fastly;dur=2;cpu=1;start=2022-05-25T11:21:23.909Z;desc=hit,rtt;dur=8
vary: Save-Data
content-length: 24984
last-modified: Fri, 27 Aug 2021 15:03:58 GMT
server: Cloudinary
etag: "82d2cf8a2e535fe4590357e7cda67b7e"
strict-transport-security: max-age=604800
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 secret_ezjp0u.jpg
res.cloudinary.com/stayhvn/image/upload/f_auto,q_auto/v1564104566/uploads/ 49 KB
50 KB 16ms
15ms Image
image/webp 2a04:4e42::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/stayhvn/image/upload/f_auto,q_auto/v1564104566/uploads/secret_ezjp0u.jpg

Requested by

Host: cheapoair.privatehavens.com
URL: https://cheapoair.privatehavens.com/home

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

ca0bad3219ecd67fa1901967767866acbed228067b64c685ac584d6f6e5567d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cheapoair.privatehavens.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 11:21:23 GMT
x-content-type-options: nosniff
content-disposition: inline; filename="secret_ezjp0u.webp"
server-timing: fastly;dur=1;start=2022-05-25T11:21:23.909Z;desc=hit,rtt;dur=8
vary: Save-Data
content-length: 50524
last-modified: Fri, 27 Aug 2021 15:03:59 GMT
server: Cloudinary
etag: "9bcad91e2e2fe878f3ecb2dd3537ac30"
strict-transport-security: max-age=604800
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 citybreaks_ciflgh.jpg
res.cloudinary.com/stayhvn/image/upload/f_auto,q_auto/v1564523042/uploads/ 95 KB
96 KB 11ms
10ms Image
image/webp 2a04:4e42::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/stayhvn/image/upload/f_auto,q_auto/v1564523042/uploads/citybreaks_ciflgh.jpg

Requested by

Host: cheapoair.privatehavens.com
URL: https://cheapoair.privatehavens.com/home

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

3d5be96d05565c28de6f434d0e8c0231bcdc8bb0eef0a5b52c6588cf78a7773f

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cheapoair.privatehavens.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 11:21:23 GMT
x-content-type-options: nosniff
content-disposition: inline; filename="citybreaks_ciflgh.webp"
server-timing: fastly;dur=1;cpu=0;start=2022-05-25T11:21:23.909Z;desc=hit,rtt;dur=8
vary: Save-Data
content-length: 97732
last-modified: Fri, 27 Aug 2021 15:03:59 GMT
server: Cloudinary
etag: "e60dd9606d18acbbec8fa88930d4b554"
strict-transport-security: max-age=604800
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 corporate_wvmayk.jpg
res.cloudinary.com/stayhvn/image/upload/f_auto,q_auto/v1564523114/uploads/ 62 KB
62 KB 16ms
15ms Image
image/webp 2a04:4e42::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/stayhvn/image/upload/f_auto,q_auto/v1564523114/uploads/corporate_wvmayk.jpg

Requested by

Host: cheapoair.privatehavens.com
URL: https://cheapoair.privatehavens.com/home

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

f80373b96edd330b165701474ef09d8db91fde50197b8ef70b07026fdafbc6d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cheapoair.privatehavens.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 11:21:23 GMT
x-content-type-options: nosniff
content-disposition: inline; filename="corporate_wvmayk.webp"
server-timing: fastly;dur=1;cpu=0;start=2022-05-25T11:21:23.910Z;desc=hit,rtt;dur=8
vary: Save-Data
content-length: 63288
last-modified: Fri, 27 Aug 2021 15:03:59 GMT
server: Cloudinary
etag: "a17cc2a3df08b031b2f627c204e22822"
strict-transport-security: max-age=604800
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 country_d5osgk.jpg
res.cloudinary.com/stayhvn/image/upload/f_auto,q_auto/v1564523180/uploads/ 55 KB
55 KB 15ms
15ms Image
image/jpeg 2a04:4e42::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/stayhvn/image/upload/f_auto,q_auto/v1564523180/uploads/country_d5osgk.jpg

Requested by

Host: cheapoair.privatehavens.com
URL: https://cheapoair.privatehavens.com/home

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

0c28df1fb6f7f104a4c8b15e195c2a4de9ad5fff376dbcaeb3e867669a71403d

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cheapoair.privatehavens.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 11:21:23 GMT
x-content-type-options: nosniff
last-modified: Fri, 27 Aug 2021 15:03:59 GMT
server: Cloudinary
etag: "f1a6f5699121aaa75c2e5fb0986f0d56"
vary: Save-Data
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=2592000
server-timing: fastly;dur=1;cpu=0;start=2022-05-25T11:21:23.910Z;desc=hit,rtt;dur=8
strict-transport-security: max-age=604800
accept-ranges: bytes
timing-allow-origin: *
content-length: 56283

GET
H2 200 update.min.js Show response
browser-update.org/ 9 KB
5 KB 103ms
54ms Script
application/javascript 2606:4700:20::681a:6b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://browser-update.org/update.min.js
Requested by: Host: cheapoair.privatehavens.com
URL: https://cheapoair.privatehavens.com/home
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:6b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9d55c7f0d381507af2908d61c122c4e6bbd5dc37645a1749ea3ba6df2dfe054a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cheapoair.privatehavens.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 11:21:24 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 11 Mar 2022 03:42:26 GMT
server: cloudflare
age: 1669114
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gtPAOuB3lbjpANyKWGzVH1s9ym8pX2C%2FdO6CjGXqKBbbtGKgYMw3vPHDffuPl2Uj%2Bqr0LqC%2BPsLHxzTyoPfRPd272YdfVF3YvXAqcKPkykc5iilkXnFEZmdBuWBVMdNqaJjN%2FKcBqy6Vyf3K67wxqg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=86400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-disposition: inline; filename=update.min.js
cf-ray: 710de324da4490c7-FRA
expires: Sat, 07 May 2022 03:42:50 GMT

GET
H2

200

all.js Show response
upload-widget.cloudinary.com/2.1.34/global/
Redirect Chain

https://widget.cloudinary.com/v2.0/global/all.js
https://upload-widget.cloudinary.com/global/all.js
https://upload-widget.cloudinary.com/2.1.34/global/all.js

96 KB
34 KB

7ms
6ms

Script
application/javascript

2a04:4e42::393
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://upload-widget.cloudinary.com/2.1.34/global/all.js
Requested by: Host: cheapoair.privatehavens.com
URL: https://cheapoair.privatehavens.com/home
Protocol: H2
Server: 2a04:4e42::393 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 244d5fc46a3f01d520f1d262d2b5538881038d575a33e920d56156dfa4b912b2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cheapoair.privatehavens.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 11:21:24 GMT
content-encoding: gzip
age: 133
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 35117
x-served-by: cache-hhn4054-HHN
last-modified: Mon, 21 Mar 2022 14:11:48 GMT
server: AmazonS3
x-timer: S1653477684.133607,VS0,VE0
etag: "d4f678ee754cf623509f1b3951def0f2"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, s-maxage=365 days, max-age=60
accept-ranges: bytes
x-cache-hits: 8

Redirect headers

date: Wed, 25 May 2022 11:21:24 GMT
via: 1.1 varnish
age: 94
x-served-by: cache-hhn4054-HHN
x-cache: HIT
location: https://upload-widget.cloudinary.com/2.1.34/global/all.js
cache-control: public, s-maxage=365 days, max-age=60
accept-ranges: bytes
x-timer: S1653477684.126370,VS0,VE0
content-length: 0
apigw-requestid: SreRdjRYoAMESLQ=
x-cache-hits: 5

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 120ms
38ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M3SM5M2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cheapoair.privatehavens.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 3736
date: Wed, 25 May 2022 10:19:08 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 25 May 2022 12:19:08 GMT

GET
H2

200

746f146e-2c91-4e61-a7d3-50f9de2b6b22_eu.js Show response
cdn.mouseflow.com/projects/
Redirect Chain

https://cdn.mouseflow.com/projects/746f146e-2c91-4e61-a7d3-50f9de2b6b22.js
https://cdn.mouseflow.com/projects/746f146e-2c91-4e61-a7d3-50f9de2b6b22_eu.js

181 KB
52 KB

20ms
20ms

Script
application/javascript

151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mouseflow.com/projects/746f146e-2c91-4e61-a7d3-50f9de2b6b22_eu.js
Requested by: Host: cheapoair.privatehavens.com
URL: https://cheapoair.privatehavens.com/home
Protocol: H2
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: /
Resource Hash: 9049c9a13d1f98c93df32622d4600552cbfca5aff9a63cabcbc235ddf1db8fc5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cheapoair.privatehavens.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 11:21:24 GMT
content-encoding: gzip
last-modified: Tue, 26 Apr 2022 15:00:34 GMT
server
etag: "d9d3be617e59d81:0"
x-hw: 1653477684.cds270.am5.hn,1653477684.cds009.am5.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
content-length: 53313

Redirect headers

date: Wed, 25 May 2022 11:21:24 GMT
content-encoding: gzip
last-modified: Tue, 26 Apr 2022 15:00:32 GMT
server
etag: "f54794607e59d81:0"
location: https://cdn.mouseflow.com/projects/746f146e-2c91-4e61-a7d3-50f9de2b6b22_eu.js
x-hw: 1653477684.cds270.am5.hn,1653477684.cds219.am5.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
x-hw-loc: https://cdn.mouseflow.com/projects/746f146e-2c91-4e61-a7d3-50f9de2b6b22.js
content-length: 53311

GET
H2 200 mixpanel-2-latest.min.js Show response
cdn4.mxpnl.com/libs/ 50 KB
18 KB 121ms
33ms Script
text/javascript 130.211.5.208
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn4.mxpnl.com/libs/mixpanel-2-latest.min.js
Requested by: Host: cheapoair.privatehavens.com
URL: https://cheapoair.privatehavens.com/home
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.5.208 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 208.5.211.130.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: da7a511c69cdf1e0f950a29019d09854b8919bc154bb95fe5d5ec580ed2f0997

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cheapoair.privatehavens.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 11:13:43 GMT
content-encoding: gzip
age: 461
x-guploader-uploadid: ADPycdu8oR8ijeI78VOIDFEE-6WtNkszRM9xCSogAz6SfJ0GnE8yxkruWCVYKkfGFJtzQgjpVH9QLNDACA4FFofQg2fTiA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17435
last-modified: Thu, 17 Feb 2022 20:21:50 GMT
server: UploadServer
etag: "caa762087e9d75cecc34b5d6626cb7b9"
vary: Accept-Encoding
x-goog-hash: crc32c=PPVzJA==, md5=yqdiCH6ddc7MNLXWYmy3uQ==
x-goog-generation: 1645129310876382
access-control-allow-origin: *
cache-control: public,max-age=600
x-goog-stored-content-length: 17435
accept-ranges: bytes
content-type: text/javascript
expires: Wed, 25 May 2022 11:23:43 GMT

GET
H2 200 heap-2592999823.js Show response
cdn.heapanalytics.com/js/ 106 KB
42 KB 37ms
10ms Script
application/javascript 65.9.63.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.heapanalytics.com/js/heap-2592999823.js

Requested by

Host: cheapoair.privatehavens.com
URL: https://cheapoair.privatehavens.com/home

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.63.26 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-63-26.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

464f20bc5bf09ed32ea285d3d13be8415884979318033b302c796de5cd45eb74

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cheapoair.privatehavens.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 11:21:05 GMT
content-encoding: gzip
server: nginx
age: 19
etag: W/"1a803-Z22b25ptoIuOCOb2EWXtPQ"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 c359abeab0060e721cfaac65ce34b1cc.cloudfront.net (CloudFront)
cache-control: public, max-age=120
x-amz-cf-pop: FRA56-C1
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-id: QXnLOKv3Jez-7HDR3a8eDLqjffndII4nnd08GwlzApVMrshy0arqvw==

GET
H2 200 telemetry
heapanalytics.com/api/ 37 B
259 B 313ms
102ms Image
image/gif 107.20.46.247
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/api/telemetry?a=2592999823&te=type&te=data&te=cm&te=resetIdentityTelemetry%20-%20anonymous%20user&st=1653477684112&hv=4.17.2

Requested by

Host: cheapoair.privatehavens.com
URL: https://cheapoair.privatehavens.com/home

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

107.20.46.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-107-20-46-247.compute-1.amazonaws.com

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cheapoair.privatehavens.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 11:21:24 GMT
server: nginx
etag: W/"25-PqzQEyMQ6kTK11azeKO8Bw"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

GET
H2 200 h
heapanalytics.com/ 37 B
258 B 306ms
102ms Image
image/gif 107.20.46.247
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/h?a=2592999823&u=7486659657351158&v=608404317198421&s=4032358795179153&b=web&tv=4.0&z=0&h=%2Fhome&d=cheapoair.privatehavens.com&t=Havens%20%7C%20Private%20Homes%2C%20Villas%20Suites%2C%20Residences%20%26%20Novelty%20Stays%20%7C%20cheapoair.com&ts=1653477684118&st=1653477684120

Requested by

Host: cheapoair.privatehavens.com
URL: https://cheapoair.privatehavens.com/home

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

107.20.46.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-107-20-46-247.compute-1.amazonaws.com

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cheapoair.privatehavens.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 11:21:24 GMT
server: nginx
etag: W/"25-PqzQEyMQ6kTK11azeKO8Bw"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

GET
H/1.1 200
OK widget-loader-core.vendor-ded761ad3b7315856bf4.js Show response
widget.happyfoxchat.com/v2/visitor/js/ 130 KB
43 KB 11ms
10ms Script
application/javascript 18.66.248.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.happyfoxchat.com/v2/visitor/js/widget-loader-core.vendor-ded761ad3b7315856bf4.js
Requested by: Host: widget.happyfoxchat.com
URL: https://widget.happyfoxchat.com/v2/visitor/js/widget-loader.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-127.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b25fcb3814d463af8f49eea9af0521a402ab58bdb2574f15020eac3bce9acd94

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cheapoair.privatehavens.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 11 May 2022 23:16:57 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Tue, 10 May 2022 12:43:53 GMT
Server: AmazonS3
Age: 1166668
ETag: W/"5ba8241c4d82e6792baa490c20d587ad"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript;charset=UTF-8
Via: 1.1 6ee47dd27ca379a812104b559e9a5a22.cloudfront.net (CloudFront)
Cache-Control: max-age=31536000, public
Transfer-Encoding: chunked
X-Amz-Cf-Pop: DUS51-P1
X-Amz-Cf-Id: b6JK9dSKVv0j6FFvFs0EiQKbaHl0RIHBzjI73t9w-pUr_mxJyWZWBw==

GET
H/1.1 200
OK widget-loader-core-7012590b4feea026797022437aa53672.js Show response
widget.happyfoxchat.com/v2/visitor/js/ 36 KB
11 KB 29ms
10ms Script
application/javascript 18.66.248.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.happyfoxchat.com/v2/visitor/js/widget-loader-core-7012590b4feea026797022437aa53672.js
Requested by: Host: widget.happyfoxchat.com
URL: https://widget.happyfoxchat.com/v2/visitor/js/widget-loader.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-127.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0691a9e7c70272f89f5f9a1666bf71310d0bf5fab79cb5abd3c4e95cbcea273f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cheapoair.privatehavens.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Thu, 19 May 2022 23:01:21 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Tue, 10 May 2022 12:43:53 GMT
Server: AmazonS3
Age: 476403
ETag: W/"7012590b4feea026797022437aa53672"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript;charset=UTF-8
Via: 1.1 6ee47dd27ca379a812104b559e9a5a22.cloudfront.net (CloudFront)
Cache-Control: max-age=31536000, public
Transfer-Encoding: chunked
X-Amz-Cf-Pop: DUS51-P1
X-Amz-Cf-Id: 6NEiRiO2B6Y7g-YjiShiBLDqeGTq4w8bjlcl3nAYtxWnw7acwP-_aw==

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 125ms
46ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=152622712&t=pageview&_s=1&dl=https%3A%2F%2Fcheapoair.privatehavens.com%2Fhome&ul=en-us&de=UTF-8&dt=Havens%20%7C%20Private%20Homes%2C%20Villas%20Suites%2C%20Residences%20%26%20Novelty%20Stays%20%7C%20cheapoair.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=321784867&gjid=946750020&cid=847702011.1653477684&tid=UA-122546147-1&_gid=128759452.1653477684&_r=1&gtm=2wg5n0M3SM5M2&z=227114775

Requested by

Host: cheapoair.privatehavens.com
URL: https://cheapoair.privatehavens.com/static/bundles/main-a2ced1b17db7262900a1.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://cheapoair.privatehavens.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 25 May 2022 11:21:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://cheapoair.privatehavens.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK widget-4df9122d1aef365be235db2b2886caf0.html Show response
widget.happyfoxchat.com/v2/visitor/ Frame 7AC9 809 B
1 KB 10ms
9ms Document
text/html 18.66.248.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.happyfoxchat.com/v2/visitor/widget-4df9122d1aef365be235db2b2886caf0.html
Requested by: Host: widget.happyfoxchat.com
URL: https://widget.happyfoxchat.com/v2/visitor/js/widget-loader-core.vendor-ded761ad3b7315856bf4.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-127.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0c04f397fc9d230bac0a5ed5b1d070763ecb06325046e2c78c2202ce9c7ab637

Request headers

Referer: https://cheapoair.privatehavens.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Age: 648967
Cache-Control: max-age=31536000, public
Connection: keep-alive
Content-Length: 809
Content-Type: text/html
Date: Tue, 17 May 2022 23:05:18 GMT
ETag: "4df9122d1aef365be235db2b2886caf0"
Last-Modified: Tue, 10 May 2022 12:43:53 GMT
Server: AmazonS3
Via: 1.1 6ee47dd27ca379a812104b559e9a5a22.cloudfront.net (CloudFront)
X-Amz-Cf-Id: VBLE-OG-iJNQIclMqfSA7Oms3Qkwo9d35utSLE2rQubVnzNbxshL2A==
X-Amz-Cf-Pop: DUS51-P1
X-Cache: Hit from cloudfront

GET
H2 200 init Show response
n2.mouseflow.com/ 0
325 B 437ms
110ms XHR
text/plain 2604:9a00:2100:a04a:1::44
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL

https://n2.mouseflow.com/init?v=17.64&p=746f146e-2c91-4e61-a7d3-50f9de2b6b22&s=d4a3724b0452cdc616e967f558b9d62b&page=05252449788b3c0b87a1907de55febf76cac0c6e&ret=0&u=adf1d544bac7754aa5a788a2fac114c7&href=https%3A%2F%2Fcheapoair.privatehavens.com%2Fhome&url=%2Fhome&ref=&title=Havens%20%7C%20Private%20Homes%2C%20Villas%20Suites%2C%20Residences%20%26%20Novelty%20Stays%20%7C%20cheapoair.com&res=1600x1200&tz=0&to=0&dnt=0&ori=&dw=1600&dh=1200&time=889&pxr=1&gdpr=1

Requested by

Host: cheapoair.privatehavens.com
URL: https://cheapoair.privatehavens.com/static/bundles/main-a2ced1b17db7262900a1.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2604:9a00:2100:a04a:1::44 , United States, ASN30633 (LEASEWEB-USA-WDC, US),

Reverse DNS

Software

Mouseflow /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://cheapoair.privatehavens.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Wed, 25 May 2022 11:21:24 GMT
server: Mouseflow
x-recorder: rec-19-us
content-type: text/plain; charset=Windows-1252
access-control-allow-origin: https://cheapoair.privatehavens.com
cache-control: no-cache
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 0
expires: -1

GET
H2 200 bundle.min.js Show response
browser.sentry-cdn.com/4.4.0/ Frame 7AC9 66 KB
21 KB 38ms
7ms Script
application/json 2a04:4e42:400::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://browser.sentry-cdn.com/4.4.0/bundle.min.js

Requested by

Host: widget.happyfoxchat.com
URL: https://widget.happyfoxchat.com/v2/visitor/widget-4df9122d1aef365be235db2b2886caf0.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:400::729 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

dfe611eb20ef1f5d23bfc954cbb1e1ba4b0189973e3495f5ae6296959a5c231b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://widget.happyfoxchat.com/
Origin: https://widget.happyfoxchat.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 11:21:24 GMT
content-encoding: gzip
last-modified: Tue, 27 Nov 2018 15:40:13 GMT
server: Fastly
age: 2514063
etag: "741cd3d735ceacfbd3ef6a8a052fb3d4"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
strict-transport-security: max-age=31536000; includeSubDomains
accept-ranges: bytes
content-length: 21382
expires: Wed, 26 Apr 2023 09:00:21 GMT

GET
H/1.1 200
OK widget.vendor-4a2c6f95c6d5be568a44.css
widget.happyfoxchat.com/v2/visitor/css/ Frame 7AC9 22 KB
4 KB 10ms
9ms Stylesheet
text/css 18.66.248.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.happyfoxchat.com/v2/visitor/css/widget.vendor-4a2c6f95c6d5be568a44.css
Requested by: Host: widget.happyfoxchat.com
URL: https://widget.happyfoxchat.com/v2/visitor/widget-4df9122d1aef365be235db2b2886caf0.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-127.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 623d82d1430e08dd80f9126eef17423eba43ceb5ee9b20212a4c0efa41e8432d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.happyfoxchat.com/v2/visitor/widget-4df9122d1aef365be235db2b2886caf0.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 11 May 2022 23:16:59 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Tue, 10 May 2022 12:43:53 GMT
Server: AmazonS3
Age: 1166666
ETag: W/"87e73c2941b0a5e2a7e9a445de795e0f"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: text/css;charset=UTF-8
Via: 1.1 6ee47dd27ca379a812104b559e9a5a22.cloudfront.net (CloudFront)
Cache-Control: max-age=31536000, public
Transfer-Encoding: chunked
X-Amz-Cf-Pop: DUS51-P1
X-Amz-Cf-Id: 7Cr5gIUspGiLJomxQJXoUu9gLEwYVGi1Z-eGjnE839Vp-xT091RwhQ==

GET
H/1.1 200
OK widget-b25eeac1296bce8fee55.css
widget.happyfoxchat.com/v2/visitor/css/ Frame 7AC9 30 KB
6 KB 10ms
10ms Stylesheet
text/css 18.66.248.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.happyfoxchat.com/v2/visitor/css/widget-b25eeac1296bce8fee55.css
Requested by: Host: widget.happyfoxchat.com
URL: https://widget.happyfoxchat.com/v2/visitor/widget-4df9122d1aef365be235db2b2886caf0.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-127.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cf0f1e3776adda3680ee91ff566122e5484f65bc29e00c0ce7a67d19450f0fb9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.happyfoxchat.com/v2/visitor/widget-4df9122d1aef365be235db2b2886caf0.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Tue, 10 May 2022 00:13:44 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Wed, 04 May 2022 12:31:13 GMT
Server: AmazonS3
Age: 1336061
ETag: W/"ac1882152df86705ce11e8e6b1870996"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: text/css;charset=UTF-8
Via: 1.1 9ce5bc08de451222a6a280b1273d60c6.cloudfront.net (CloudFront)
Cache-Control: max-age=31536000, public
Transfer-Encoding: chunked
X-Amz-Cf-Pop: DUS51-P1
X-Amz-Cf-Id: t1j83j6xvHwy5Y5ePfXk1_EQsWy22sdQJ4UuvLYwhfaQljD46SjHCA==

GET
H/1.1 200
OK widget.vendor-dd27fc7bee95765a6916.js Show response
widget.happyfoxchat.com/v2/visitor/js/ Frame 7AC9 2 MB
543 KB 20ms
10ms Script
application/javascript 18.66.248.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.happyfoxchat.com/v2/visitor/js/widget.vendor-dd27fc7bee95765a6916.js
Requested by: Host: widget.happyfoxchat.com
URL: https://widget.happyfoxchat.com/v2/visitor/widget-4df9122d1aef365be235db2b2886caf0.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-127.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ae4f891df11b9751ae89b0294cdb4786938909136d7e18377376576aa100e8c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.happyfoxchat.com/v2/visitor/widget-4df9122d1aef365be235db2b2886caf0.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Sun, 08 May 2022 19:34:24 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Wed, 04 May 2022 12:31:13 GMT
Server: AmazonS3
Age: 1439221
ETag: W/"2bd6c16368b7184a5302a0aad7a4b7dd"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript;charset=UTF-8
Via: 1.1 6ee47dd27ca379a812104b559e9a5a22.cloudfront.net (CloudFront)
Cache-Control: max-age=31536000, public
Transfer-Encoding: chunked
X-Amz-Cf-Pop: DUS51-P1
X-Amz-Cf-Id: MZthblzryFd5ljY3lRA8MZcOGqOmFnX0o0nNE21C1c2zML7mveK0MA==

GET
H/1.1 200
OK widget-27fc0e6b2e71aa74a52c.js Show response
widget.happyfoxchat.com/v2/visitor/js/ Frame 7AC9 471 KB
99 KB 22ms
11ms Script
application/javascript 18.66.248.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.happyfoxchat.com/v2/visitor/js/widget-27fc0e6b2e71aa74a52c.js
Requested by: Host: widget.happyfoxchat.com
URL: https://widget.happyfoxchat.com/v2/visitor/widget-4df9122d1aef365be235db2b2886caf0.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-127.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 42be7f032f1849077dfcf46b1ce98f6f2329c42dc4249c30c1a8bf964bf31371

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.happyfoxchat.com/v2/visitor/widget-4df9122d1aef365be235db2b2886caf0.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Sun, 08 May 2022 20:43:41 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Wed, 04 May 2022 12:31:13 GMT
Server: AmazonS3
Age: 1435064
ETag: W/"acbd237865902075b3d37836c3ddd305"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript;charset=UTF-8
Via: 1.1 9ce5bc08de451222a6a280b1273d60c6.cloudfront.net (CloudFront)
Cache-Control: max-age=31536000, public
Transfer-Encoding: chunked
X-Amz-Cf-Pop: DUS51-P1
X-Amz-Cf-Id: n6sY7LEnMUBiWLFUuQ-P25fXvKdGsGOXhLpYIRGpoT9GRlAhMPj_RA==

GET
H2 200 css
fonts.googleapis.com/ Frame 7AC9 4 KB
1 KB 134ms
48ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Requested by

Host: widget.happyfoxchat.com
URL: https://widget.happyfoxchat.com/v2/visitor/css/widget-b25eeac1296bce8fee55.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

918e1cfa104cf2ad2942fd66030698b8bd602ded209a4fd35552e210e59b5931

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.happyfoxchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 25 May 2022 10:04:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 25 May 2022 11:21:24 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 25 May 2022 11:21:24 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
450 B 56ms
18ms XHR
text/plain 2a00:1450:400c:c08::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-122546147-1&cid=847702011.1653477684&jid=321784867&gjid=946750020&_gid=128759452.1653477684&_u=YEBAAEAAAAAAAC~&z=1171188957

Requested by

Host: cheapoair.privatehavens.com
URL: https://cheapoair.privatehavens.com/static/bundles/main-a2ced1b17db7262900a1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://cheapoair.privatehavens.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 25 May 2022 11:21:24 GMT
content-type: text/plain
access-control-allow-origin: https://cheapoair.privatehavens.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 148ms
64ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-122546147-1&cid=847702011.1653477684&jid=321784867&_u=YEBAAEAAAAAAAC~&z=79157746

Requested by

Host: cheapoair.privatehavens.com
URL: https://cheapoair.privatehavens.com/home

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cheapoair.privatehavens.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 11:21:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 158ms
73ms Image
image/gif 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-122546147-1&cid=847702011.1653477684&jid=321784867&_u=YEBAAEAAAAAAAC~&z=79157746

Requested by

Host: cheapoair.privatehavens.com
URL: https://cheapoair.privatehavens.com/home

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cheapoair.privatehavens.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 11:21:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 206
Partial Content 0eaba34d14acc6dccc348f565f5ed08c.mp3
widget.happyfoxchat.com/v2/visitor/sounds/ Frame 7AC9 5 KB
6 KB 10ms
10ms Media
audio/mpeg 18.66.248.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.happyfoxchat.com/v2/visitor/sounds/0eaba34d14acc6dccc348f565f5ed08c.mp3
Requested by: Host: widget.happyfoxchat.com
URL: https://widget.happyfoxchat.com/v2/visitor/widget-4df9122d1aef365be235db2b2886caf0.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-127.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d57fb84e0c54f3e0147c0d5400ec1b5afc0b52c34b6081d7b8ea995af0c9b2fc

Request headers

Referer: https://widget.happyfoxchat.com/v2/visitor/widget-4df9122d1aef365be235db2b2886caf0.html
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Range: bytes=0-

Response headers

Date: Fri, 20 May 2022 01:24:23 GMT
Via: 1.1 6ee47dd27ca379a812104b559e9a5a22.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Tue, 10 May 2022 12:43:53 GMT
Server: AmazonS3
Age: 467821
ETag: "0eaba34d14acc6dccc348f565f5ed08c"
X-Cache: Hit from cloudfront
Content-Type: audio/mpeg
Content-Range: bytes 0-5431/5432
Cache-Control: max-age=31536000, public
X-Amz-Cf-Pop: DUS51-P1
Accept-Ranges: bytes
Content-Length: 5432
X-Amz-Cf-Id: OOJEnbMWtVz_cwQuu0PhmEqwDpoOKP9uhnM6biF7xzG_UDY2col60w==

GET
H/1.1 206
Partial Content efa61ba62518ba3fd7ae1ae83dbf9893.mp3
widget.happyfoxchat.com/v2/visitor/sounds/ Frame 7AC9 27 KB
28 KB 10ms
10ms Media
audio/mpeg 18.66.248.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.happyfoxchat.com/v2/visitor/sounds/efa61ba62518ba3fd7ae1ae83dbf9893.mp3
Requested by: Host: widget.happyfoxchat.com
URL: https://widget.happyfoxchat.com/v2/visitor/widget-4df9122d1aef365be235db2b2886caf0.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-127.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a5f1ee8787abb7fbe3fbc8d39e9e328540ad8c82e5876c61e033885c20910fab

Request headers

Referer: https://widget.happyfoxchat.com/v2/visitor/widget-4df9122d1aef365be235db2b2886caf0.html
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Range: bytes=0-

Response headers

Date: Thu, 05 May 2022 14:12:50 GMT
Via: 1.1 9ce5bc08de451222a6a280b1273d60c6.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Wed, 04 May 2022 12:31:13 GMT
Server: AmazonS3
Age: 1717715
ETag: "efa61ba62518ba3fd7ae1ae83dbf9893"
X-Cache: Hit from cloudfront
Content-Type: audio/mpeg
Content-Range: bytes 0-27647/27648
Cache-Control: max-age=31536000, public
X-Amz-Cf-Pop: DUS51-P1
Accept-Ranges: bytes
Content-Length: 27648
X-Amz-Cf-Id: slpSRIJRT-B0t64oYz54rm_nVv0hGc-fSliam-xHxbDLWKp2viZhOw==

POST
H2 200 ping Show response
happyfoxchat.com/company/72e84340-d375-11ea-993d-9514b0980f09/ Frame 7AC9 10 KB
4 KB 204ms
204ms XHR
application/json 2606:4700:4400::ac40:9375
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://happyfoxchat.com/company/72e84340-d375-11ea-993d-9514b0980f09/ping

Requested by

Host: widget.happyfoxchat.com
URL: https://widget.happyfoxchat.com/v2/visitor/js/widget.vendor-dd27fc7bee95765a6916.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9375 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef5c46e67d7fee2af5436320fdb825be62df3455349d3e25d64145a93b26d8e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: application/json, text/plain, */*
Referer: https://widget.happyfoxchat.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 25 May 2022 11:21:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
vary: Accept-Encoding
x-xss-protection: 0
pragma: no-cache
referrer-policy: no-referrer
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"27ef-jnX8rOvRGTHnKrWlkixC3mfiEls"
expect-ct: max-age=0
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
content-type: application/json; charset=utf-8
access-control-allow-origin: https://widget.happyfoxchat.com
access-control-expose-headers: x-hfc-tls-unsupported,x-hf-build-version
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-hf-build-version: 9.0.0
cf-ray: 710de328df949b77-FRA
expires: -1

GET
H2 200 availability Show response
avl.happyfoxchat.com/api/v1/ Frame 7AC9 231 B
312 B 206ms
193ms XHR
application/json 2606:4700:4400::ac40:9375
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://avl.happyfoxchat.com/api/v1/availability?visitorApiToken=fa760039-0c48-4b8d-8569-90691ed91643&profile=5f248e1ebe9a43300e0f17fc
Requested by: Host: widget.happyfoxchat.com
URL: https://widget.happyfoxchat.com/v2/visitor/js/widget.vendor-dd27fc7bee95765a6916.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9375 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 09529c962b61533eb693dc7e133d4e0c26fc0975bc02f2da0a480783bb1906e9

Request headers

accept: application/json
Referer: https://widget.happyfoxchat.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 11:21:25 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://widget.happyfoxchat.com
access-control-expose-headers: Content-Length
cf-ray: 710de32a6add9b77-FRA

GET
H2 200 nr-1216.min.js Show response
js-agent.newrelic.com/ 38 KB
14 KB 29ms
6ms Script
application/javascript 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-1216.min.js
Requested by: Host: cheapoair.privatehavens.com
URL: https://cheapoair.privatehavens.com/home
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6f973e7d75a7e6f6e59708f19631c8890034db5debb4d04f189deb53c114e708

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cheapoair.privatehavens.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id: mHHzJIqOizHibcYt0xqAszRr0gQRiNYy
content-encoding: gzip
etag: "9f533d8cd24b2c5e3b4dc886ecbd43e8"
x-amz-request-id: 702BXDH9DS50TBSA
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 14391
x-amz-id-2: 5vd9vstz3V3z74kfjj1dCPZWEqafZIkasHjA0BdDCJvZTnwH4UnkRjWckumVI0cOdusYAlzF0pM=
x-served-by: cache-hhn4020-HHN
last-modified: Thu, 14 Apr 2022 16:45:57 GMT
server: AmazonS3
x-timer: S1653477685.910969,VS0,VE0
date: Wed, 25 May 2022 11:21:24 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 2743

GET
H/1.1 200
OK 414f0595f0 Show response
bam.nr-data.net/1/ 57 B
322 B 433ms
107ms Script
text/javascript 162.247.242.20
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/414f0595f0?a=258062286&v=1216.487a282&to=MwMDMktZDEVTB0ZcWwpJJxNXWxZfXQodV1sLDRILWEoWU0BKREcaEg8EEUoWCllfAQh9WwkDNw9cT0xRVxA%3D&rst=2513&ck=1&ref=https://cheapoair.privatehavens.com/home&ap=43&be=973&fe=2478&dc=1521&perf=%7B%22timing%22:%7B%22of%22:1653477682405,%22n%22:0,%22f%22:719,%22dn%22:719,%22dne%22:719,%22c%22:719,%22ce%22:719,%22rq%22:719,%22rp%22:953,%22rpe%22:1037,%22dl%22:955,%22di%22:1521,%22ds%22:1521,%22de%22:1542,%22dc%22:2477,%22l%22:2477,%22le%22:2479%7D,%22navigation%22:%7B%7D%7D&fp=1431&fcp=1431&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1216.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.247.242.20 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS: bam-8.nr-data.net
Software: /
Resource Hash: f69a13217482dc43f25e74cfcb9391d0f06d22501f10f5cb5e413d2d98a5cd23

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cheapoair.privatehavens.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Cross-Origin-Resource-Policy: cross-origin
Content-Type: text/javascript;charset=iso-8859-1
Content-Length: 57
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 visitor Show response
vinfo-v.happyfoxchat.com/api/v1/ Frame 7AC9 64 B
276 B 212ms
212ms XHR
application/json 2606:4700:4400::ac40:9375
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vinfo-v.happyfoxchat.com/api/v1/visitor
Requested by: Host: widget.happyfoxchat.com
URL: https://widget.happyfoxchat.com/v2/visitor/js/widget.vendor-dd27fc7bee95765a6916.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9375 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c4b14083e818ddfbbb63c30efde607094437b754882afd639b0300bf0f9bf2d5

Request headers

Accept: application/json, text/plain, */*
X-HFC-VINFO-AUTH: fa760039-0c48-4b8d-8569-90691ed91643
Referer: https://widget.happyfoxchat.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

cf-ray: 710de33049319b77-FRA
x-rate-limit-request-remote-addr: 20.0.3.173:12990
date: Wed, 25 May 2022 11:21:25 GMT
x-rate-limit-request-forwarded-for: 2a03:1b20:6:f011::5e, 172.70.251.19
x-rate-limit-limit: 5.00
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://widget.happyfoxchat.com
access-control-expose-headers: Content-Length
access-control-allow-credentials: true
content-encoding: gzip
x-rate-limit-duration: 1

OPTIONS
H2 204 visitor
vinfo-v.happyfoxchat.com/api/v1/ Frame 0
0 721ms
712ms Preflight 2606:4700:4400::ac40:9375
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vinfo-v.happyfoxchat.com/api/v1/visitor
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9375 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-hfc-vinfo-auth
Access-Control-Request-Method: POST
Origin: https://widget.happyfoxchat.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin,X-Hfc-Vinfo-Auth,Content-Type
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE
access-control-allow-origin: https://widget.happyfoxchat.com
access-control-max-age: 43200
cf-cache-status: DYNAMIC
cf-ray: 710de32bce499b77-FRA
date: Wed, 25 May 2022 11:21:25 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

POST
H2 200 html Show response
n2.mouseflow.com/ 0
325 B 843ms
528ms XHR
text/plain 2604:9a00:2100:a04a:1::44
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL

https://n2.mouseflow.com/html?website=746f146e-2c91-4e61-a7d3-50f9de2b6b22&session=d4a3724b0452cdc616e967f558b9d62b&page=05252449788b3c0b87a1907de55febf76cac0c6e&gz=1

Requested by

Host: cheapoair.privatehavens.com
URL: https://cheapoair.privatehavens.com/static/bundles/main-a2ced1b17db7262900a1.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2604:9a00:2100:a04a:1::44 , United States, ASN30633 (LEASEWEB-USA-WDC, US),

Reverse DNS

Software

Mouseflow /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://cheapoair.privatehavens.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Wed, 25 May 2022 11:21:26 GMT
server: Mouseflow
x-recorder: rec-10-us
content-type: text/plain; charset=Windows-1252
access-control-allow-origin: https://cheapoair.privatehavens.com
cache-control: no-cache
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 0
expires: -1

Verdicts & Comments Add Verdict or Comment

95 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
cheapoair.privatehavens.com/	1970-01-20 03:38:07	Name: sessionid Value: 7lg86qxc1vv63yx3hzyc02a3j7hfrooj
.privatehavens.com/	1970-01-20 12:45:55	Name: _hp2_id.2592999823 Value: %7B%22userId%22%3A%227486659657351158%22%2C%22pageviewId%22%3A%22608404317198421%22%2C%22sessionId%22%3A%224032358795179153%22%2C%22identity%22%3Anull%2C%22trackerVersion%22%3A%224.0%22%7D
.privatehavens.com/	1970-01-20 20:49:09	Name: _ga Value: GA1.2.847702011.1653477684
.privatehavens.com/	1970-01-20 03:19:24	Name: _gid Value: GA1.2.128759452.1653477684
.privatehavens.com/	1970-01-20 03:17:57	Name: _gat_UA-122546147-1 Value: 1
.privatehavens.com/	1970-01-20 12:03:33	Name: mp_2d8b221d067dd66d8b0c4571f62cb634_mixpanel Value: %7B%22distinct_id%22%3A%20%22180faf333e3ab0-0f3a12d631abf2-17333270-1d4c00-180faf333e4a68%22%2C%22%24device_id%22%3A%20%22180faf333e3ab0-0f3a12d631abf2-17333270-1d4c00-180faf333e4a68%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D
.privatehavens.com/	1970-01-20 05:27:33	Name: mf_user Value: adf1d544bac7754aa5a788a2fac114c7\|
.privatehavens.com/	1969-12-31 23:59:59	Name: mf_746f146e-2c91-4e61-a7d3-50f9de2b6b22 Value: d4a3724b0452cdc616e967f558b9d62b\|05252449788b3c0b87a1907de55febf76cac0c6e.46613902.1653477684253\|1653477684249\|\|0\|\|\|0\|17.64\|30.02106
.privatehavens.com/	1970-01-20 03:17:59	Name: _hp2_ses_props.2592999823 Value: %7B%22ts%22%3A1653477684118%2C%22d%22%3A%22cheapoair.privatehavens.com%22%2C%22h%22%3A%22%2Fhome%22%7D
.nr-data.net/	1969-12-31 23:59:59	Name: JSESSIONID Value: 3d9f7da600c85448

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=60; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

avl.happyfoxchat.com
bam.nr-data.net
browser-update.org
browser.sentry-cdn.com
cdn.heapanalytics.com
cdn.jsdelivr.net
cdn.mouseflow.com
cdn.transifex.com
cdn4.mxpnl.com
cheapoair.privatehavens.com
d1azc1qln24ryf.cloudfront.net
fonts.googleapis.com
happyfoxchat.com
heapanalytics.com
js-agent.newrelic.com
n2.mouseflow.com
p.typekit.net
res.cloudinary.com
s3.amazonaws.com
stats.g.doubleclick.net
upload-widget.cloudinary.com
use.typekit.net
vinfo-v.happyfoxchat.com
widget.cloudinary.com
widget.happyfoxchat.com
www.cheapoair.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
107.20.46.247
108.156.253.85
130.211.5.208
151.101.130.137
151.139.128.11
162.247.242.20
18.66.248.127
23.36.163.232
2604:9a00:2100:a04a:1::44
2606:4700:20::681a:6b4
2606:4700:20::ac43:4b1c
2606:4700:4400::ac40:9375
2606:4700::6810:5714
2a00:1450:4001:801::2003
2a00:1450:4001:802::2008
2a00:1450:4001:813::2004
2a00:1450:4001:827::200a
2a00:1450:4001:827::200e
2a00:1450:400c:c08::9b
2a02:26f0:3500:7::17d8:4dcf
2a02:26f0:3500:7::17d8:4dd4
2a02:26f0:3500:880::523
2a04:4e42:200::388
2a04:4e42:400::729
2a04:4e42::393
52.217.129.24
65.9.63.26
0691a9e7c70272f89f5f9a1666bf71310d0bf5fab79cb5abd3c4e95cbcea273f
09529c962b61533eb693dc7e133d4e0c26fc0975bc02f2da0a480783bb1906e9
0c04f397fc9d230bac0a5ed5b1d070763ecb06325046e2c78c2202ce9c7ab637
0c28df1fb6f7f104a4c8b15e195c2a4de9ad5fff376dbcaeb3e867669a71403d
11fbca1536a0121840be0f7bb51590ae6f85b0a44101f377e3abf294086ea211
1735146bbf31c3c00c4014c17fdcdbbeede00dc599187e429019bfe1d2439d1a
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1d027accd770e1a5f55e2610056774c3e577ffc5819ad4c6eb481174e3efa91c
221776ee48824ac64102b9173a72759142fefdb925c73b0b2c29db8bfb5d3bf9
2433427611a6604b46fc2f296738b7964cd4fee73dcbf05a66ef63413f8e985d
243ffe1560702f3461e112c0cfdc99f9addbdddf548aed2dcfd1095a0caf2a92
244d5fc46a3f01d520f1d262d2b5538881038d575a33e920d56156dfa4b912b2
2519affcf79e9da2e4ee6b773f1e3851931aedb948f2063a605a00db1a4d393d
2ac54e2f20f9445213a00e6f720292d4ced1b800f011aec803a6dc030b342dab
319881caca6f5f0d1e8e24040579d93386008e39dee1045965124b86303143e1
3aea93eec938c513af0b87d68613aaca4c4885e041d4fb8d56b376dc76eea348
3d5be96d05565c28de6f434d0e8c0231bcdc8bb0eef0a5b52c6588cf78a7773f
3f51250e2d3ef478f59bc89cb67681b5ed423f8f8dc22062fb49e101e5032a2e
42be7f032f1849077dfcf46b1ce98f6f2329c42dc4249c30c1a8bf964bf31371
464f20bc5bf09ed32ea285d3d13be8415884979318033b302c796de5cd45eb74
4d02bd73fb510465b3bde6ab7fabab7dcb08148c808706b8525e931f393802ab
52e933f3e16543bf2d538de2c76a0a0dc2bce2c269298cee53c5f0790d43694d
565bfdebc1a71d7b9e86b9671f4bec3edb66f547ae11a6ba02b0005365394ab2
5a39215fb9a5d1e5a04a4d0c82fa40fc9a889bc0136604940c3a7fc5de5179a2
5cd4a3fa08459c8cfae4a111e47b3f175596ec981b2ffbec2073f6329a666113
60280b8ab4c8d489c74567c55e14945b935c2f5937855f808163ee40a65f065f
623d82d1430e08dd80f9126eef17423eba43ceb5ee9b20212a4c0efa41e8432d
629fbc7e8771843af72d54db59f3571ed9e81c2a93f672362de2089996cc0128
62e460a468b10d621daf574a9b5d1d023622bf5d4b66e7de312e16282d89cde8
6417ac7006c02a2ca7286d50ba079bff21966aa3ea3075036986dac90f441802
67d3d6e0114ee7a68c3d83386e7f36233e5ae2262946881ebab28b4bf41b385e
6e3c5d3727eb05f432ee9c020a01bb21ec2623d2067b28aa34eca85f06e97df2
6f973e7d75a7e6f6e59708f19631c8890034db5debb4d04f189deb53c114e708
7b33c8928a3838ad0bd8734d831097c11f44e91243ab8a329417b14bc23cf814
7f4d3fd0a705dbf8403298aad91d5de6972e6b5d536068eba8b24954a5a0a8c7
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85310ffb1b947d7a8aeff0e006336c1b3609a0bc53eff961b13bca3c0ca2af71
8dfdb15cf90fdc8efc1d710f87b03133eb613372605c80668c8bbc2bab9e781a
8f2a9f9fcc004405942cd8bd7249853770add9ee5d90581947fdb8c6d12cad21
9049c9a13d1f98c93df32622d4600552cbfca5aff9a63cabcbc235ddf1db8fc5
90e29c1fcab485fafd5ea0a7c1e8fe2f2f0fa425e369ead0ae8e39fae28683b8
918e1cfa104cf2ad2942fd66030698b8bd602ded209a4fd35552e210e59b5931
9d55c7f0d381507af2908d61c122c4e6bbd5dc37645a1749ea3ba6df2dfe054a
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a5f1ee8787abb7fbe3fbc8d39e9e328540ad8c82e5876c61e033885c20910fab
abce8273d13121fd8b8f43dbe7fcecebab2473b834962d97bbb7d0b5c35c640f
ae4f891df11b9751ae89b0294cdb4786938909136d7e18377376576aa100e8c9
b25fcb3814d463af8f49eea9af0521a402ab58bdb2574f15020eac3bce9acd94
b463cd3af96ef76d6ebcfde8d987efb502f739f07842a5e6a95a026ff736f118
ba17f8257b1f710aa0e7136f4bd4b91a9a7db4f9cac2c409caf8708a64787303
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c4b14083e818ddfbbb63c30efde607094437b754882afd639b0300bf0f9bf2d5
c763917e443b5583abccb9674edfaf82deada941ad5894d28c672c632fcd64dc
ca0bad3219ecd67fa1901967767866acbed228067b64c685ac584d6f6e5567d7
ca3457ef334225209dc944b8e9ad0d7777d4ac998c253fef5d41700b627fc34b
cd0d0b6e50ff01ff2f3a9a70d7cfb66a7c6cb9acf7a566325568be6d3bd31fc4
cf0f1e3776adda3680ee91ff566122e5484f65bc29e00c0ce7a67d19450f0fb9
d57fb84e0c54f3e0147c0d5400ec1b5afc0b52c34b6081d7b8ea995af0c9b2fc
d85f8f547ee635f91471dbe7f59c381f73ff44d0a14236bd1e7d17c77dadf7b8
da7a511c69cdf1e0f950a29019d09854b8919bc154bb95fe5d5ec580ed2f0997
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dfe611eb20ef1f5d23bfc954cbb1e1ba4b0189973e3495f5ae6296959a5c231b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3c8f4eb2d0c4ddd282f6c11e4caea9aae83e839b5b2549ff5347e6553d2283f
e6fe653b95e15ba3388e6c75ffd69392c9c2ea9c35c0c7569a64906bb87c1e46
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef5c46e67d7fee2af5436320fdb825be62df3455349d3e25d64145a93b26d8e0
f69a13217482dc43f25e74cfcb9391d0f06d22501f10f5cb5e413d2d98a5cd23
f80373b96edd330b165701474ef09d8db91fde50197b8ef70b07026fdafbc6d3
fcf22fd71284323af7a193154431b53e729e0d7eb9d290a0a6490a37481acfbe
fddb543054695245da28fa565e01d01e6e5ad7fcf0c9eec69df9e8d51b662ba8

cheapoair.privatehavens.com Open in urlscan Pro 2606:4700:20::ac43:4b1c Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

73 Requests

97 %HTTPS

63 %IPv6

22 Domains

30 Subdomains

27 IPs

3 Countries

5768 kBTransfer

11302 kBSize

10 Cookies

0 Outgoing links

Page URL History

Redirected requests

73 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

cheapoair.privatehavens.com Open in urlscan Pro
2606:4700:20::ac43:4b1c Public Scan

Screenshot
Live screenshot

Full Image

73
Requests

97 %
HTTPS

63 %
IPv6

22
Domains

30
Subdomains

27
IPs

3
Countries

5768 kB
Transfer

11302 kB
Size

10
Cookies

73 HTTP transactions
2 data transactions