urlscan.io logo urlscan.io
SecurityTrails logo

hiddencruisefares.com Open in urlscan Pro
45.154.204.154  Public Scan

Go To Rescan Add Verdict Report
URL: https://hiddencruisefares.com/
Submission: On January 14 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 2 countries across 10 domains to perform 23 HTTP transactions. The main IP is 45.154.204.154, located in Montreal, Canada and belongs to ONEPROVIDER-AS BrainStorm Network, Inc, CA. The main domain is hiddencruisefares.com.
TLS certificate: Issued by R3 on November 18th 2023. Valid for: 3 months.
This is the only time hiddencruisefares.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

8    45.154.204.154 (Montreal, Canada)

ASN136258 (ONEPROVIDER-AS BrainStorm Network, Inc, CA)
hiddencruisefares.com
www.cruisecompare.ca
3    2607:f8b0:4004:c09::61 (Ashburn, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2606:4700:3038::6815:eaeb (United States)

ASN13335 (CLOUDFLARENET, US)
rsms.me
5    23.44.203.147 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-44-203-147.deploy.static.akamaitechnologies.com
analytics.tiktok.com
2    2a03:2880:f003:c0e:face:b00c:0:3 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2607:f8b0:4004:c09::5f (Ashburn, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2607:f8b0:4004:c06::8b (Washington, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2001:41c8:51:6f1:fcff:ff:fe00:409c (None, )

ASN- ()
www.widgety.co.uk
1    2a03:2880:f103:83:face:b00c:0:25de (Ashburn, United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
Apex Domain
Subdomains		 Transfer
7 hiddencruisefares.com
hiddencruisefares.com
1 MB
5 tiktok.com
analytics.tiktok.com — Cisco Umbrella Rank: 752
144 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 37
232 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 174
92 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 107
185 B
1 widgety.co.uk
www.widgety.co.uk
1 cruisecompare.ca
www.cruisecompare.ca
6 KB
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
258 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 28
1 KB
1 rsms.me
rsms.me — Cisco Umbrella Rank: 9698
1 KB
23 10
Domain Requested by
7 hiddencruisefares.com hiddencruisefares.com
5 analytics.tiktok.com hiddencruisefares.com
analytics.tiktok.com
3 www.googletagmanager.com hiddencruisefares.com
2 connect.facebook.net hiddencruisefares.com
connect.facebook.net
1 www.facebook.com
1 www.widgety.co.uk hiddencruisefares.com
1 www.cruisecompare.ca hiddencruisefares.com
1 www.google-analytics.com www.googletagmanager.com
1 fonts.googleapis.com hiddencruisefares.com
1 rsms.me hiddencruisefares.com
23 10

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.instagram.com
Subject Issuer Validity Valid
www.cruisecompare.ca
R3		 2023-11-18 -
2024-02-16		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
rsms.me
E1		 2023-12-29 -
2024-03-28		 3 months crt.sh
*.tiktok.com
RapidSSL ECC CA 2018		 2023-07-14 -
2024-08-13		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-10-24 -
2024-01-22		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
widgety.co.uk
R3		 2023-11-21 -
2024-02-19		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://hiddencruisefares.com/
Frame ID: 1990E3D8DC5D7A6FCE4D3838EED8397C
Requests: 27 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

CruiseCompare.ca

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • [^a-z]mtc.*\.js

Page Statistics

23
Requests

70 %
HTTPS

78 %
IPv6

10
Domains

10
Subdomains

10
IPs

2
Countries

1526 kB
Transfer

4654 kB
Size

6
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
hiddencruisefares.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hiddencruisefares.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.154.204.154 Montreal, Canada, ASN136258 (ONEPROVIDER-AS BrainStorm Network, Inc, CA),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
f29862d8e3c0a675e636cb2a48cf7adb80c869d18c76e9fc1a25c2981e879488

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
Upgrade, Keep-Alive
Content-Encoding
gzip
Content-Length
1438
Content-Type
text/html
Date
Sun, 14 Jan 2024 21:54:14 GMT
ETag
"c96-60d8127225ceb-gzip"
Keep-Alive
timeout=5, max=100
Last-Modified
Wed, 27 Dec 2023 17:30:18 GMT
Server
Apache/2.4.41 (Ubuntu)
Upgrade
h2,h2c
Vary
Accept-Encoding
js
www.googletagmanager.com/gtag/ 		290 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-NJKY607G7Y
Requested by
Host: hiddencruisefares.com
URL: https://hiddencruisefares.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::61 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e90c1942c70318fbebbd2c71097ddef304e8d5cb54d9fa7ae65a3aa7df30827b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hiddencruisefares.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 21:54:14 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
96400
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 14 Jan 2024 21:54:14 GMT
inter.css
rsms.me/inter/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rsms.me/inter/inter.css
Requested by
Host: hiddencruisefares.com
URL: https://hiddencruisefares.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:eaeb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8fedfb7def1421aa9d58d1732be7164e33eec27b9c87193e010b9ddaa67b6a18

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hiddencruisefares.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-fastly-request-id
4f337a9caac6bbe4b22952084cf9169120d5cb71
date
Sun, 14 Jan 2024 21:54:14 GMT
via
1.1 varnish
content-encoding
br
expires
Fri, 12 Jan 2024 21:32:07 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
128
x-cache
HIT
x-proxy-cache
MISS
alt-svc
h3=":443"; ma=86400
x-served-by
cache-nyc-kteb1890058-NYC
last-modified
Mon, 20 Nov 2023 16:23:05 GMT
server
cloudflare
x-github-request-id
D55E:6CDC:162061B:1C77F8A:655F9FC8
x-timer
S1700827888.980760,VS0,VE11
etag
W/"655b87e9-1b8d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uKoLYmrcbhS7E2Teh%2FEF5WBUVsYhT1oKoiFS8LnescnwZwvdAH%2Fg2SA1NRAADqag1HgifPMsccdR0jTI4s3HfIQo7GRuCzzTkA0Vp9Itek9ArmGX0RlrvXxALY6B%2BIuVD4bBHI7G"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=14400
x-origin-cache
HIT
cf-ray
84591dc91d734bbb-BUF
x-cache-hits
1
main.e390e2ee.js
hiddencruisefares.com/static/js/ 		2 MB
545 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hiddencruisefares.com/static/js/main.e390e2ee.js
Requested by
Host: hiddencruisefares.com
URL: https://hiddencruisefares.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.154.204.154 Montreal, Canada, ASN136258 (ONEPROVIDER-AS BrainStorm Network, Inc, CA),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
fb900f4ad56752e1bc2c00feabcb19de1d587d6818ae80f37bd506a2776f2d41

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hiddencruisefares.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Sun, 14 Jan 2024 21:54:14 GMT
Content-Encoding
gzip
Last-Modified
Wed, 27 Dec 2023 17:30:18 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"1fd41b-60d812722baab-gzip"
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
main.79163cf7.css
hiddencruisefares.com/static/css/ 		340 KB
54 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hiddencruisefares.com/static/css/main.79163cf7.css
Requested by
Host: hiddencruisefares.com
URL: https://hiddencruisefares.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.154.204.154 Montreal, Canada, ASN136258 (ONEPROVIDER-AS BrainStorm Network, Inc, CA),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
cb4f729f0fba8f4929be4d9ed995be432d0bc33703c1ae89367af9c054eab3fa

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hiddencruisefares.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Sun, 14 Jan 2024 21:54:14 GMT
Content-Encoding
gzip
Last-Modified
Wed, 27 Dec 2023 17:30:18 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"5512a-60d812722baab-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
54698
gtm.js
www.googletagmanager.com/ 		114 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-54RRH9CF
Requested by
Host: hiddencruisefares.com
URL: https://hiddencruisefares.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::61 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
bfbe0bfe31a0a3ac0611f24cb4b841ae989627f0a67644eb7296fc8307540ee0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hiddencruisefares.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 21:54:14 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44587
x-xss-protection
0
last-modified
Sun, 14 Jan 2024 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 14 Jan 2024 21:54:14 GMT
events.js
analytics.tiktok.com/i18n/pixel/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CKD2NF3C77U2JMMIRA8G&lib=ttq
Requested by
Host: hiddencruisefares.com
URL: https://hiddencruisefares.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.44.203.147 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-44-203-147.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
7e12f6c4195a24c43752e29e3919a7d2f3213ef8f444e5fc5e7476a2ef3e2229

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hiddencruisefares.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-akamai-request-id
bbe889d
date
Sun, 14 Jan 2024 21:54:14 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-2401142154141A94A8D7E512F536A7E1-3874CF5DA22AA289-00
x-cache
TCP_MISS from a23-44-202-19.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0.1-53785976) (-)
server-timing
inner; dur=3, cdn-cache; desc=MISS, edge; dur=0, origin; dur=11
pragma
no-cache
server
nginx
x-tt-logid
202401142154141A94A8D7E512F536A7E1
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
11,23.44.202.19
x-tt-trace-host
011367272af88a3fae6823c0e41bb8c70a824ed955c93f0bbf967f790c39ed8f3be6157bc32a611256c3768370162294dd73ffc6070896cc8996a305e8d7e7a01c475a6a51204ce1fcd355690731c0ebd72fd9681bd78a6dff6a034897374a78bf
expires
Sun, 14 Jan 2024 21:54:14 GMT
fbevents.js
connect.facebook.net/en_US/ 		212 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: hiddencruisefares.com
URL: https://hiddencruisefares.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0c9cc88c27618b01e95063377382195b9062bdbef5eb1687e5881d3f318dbe63
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hiddencruisefares.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sun, 14 Jan 2024 21:54:14 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
56915
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
szQG1FryZIES+bnLblfPYUyJ5y6MCqexOSD2OCt8N2uBd9E4DL+nG+x23m2wTUSDWp1YWXfPI/nctdXr3IPn0A==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
css2
fonts.googleapis.com/ 		10 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Poppins:wght@100;200;300;400;500;600;700;800;900&display=swap
Requested by
Host: hiddencruisefares.com
URL: https://hiddencruisefares.com/static/css/main.79163cf7.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::5f Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ad26ec8a3728c7ab759a937b415be68bb65886fb81ac6a3d1c050d2989c512a8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hiddencruisefares.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 14 Jan 2024 21:54:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 14 Jan 2024 21:36:42 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 14 Jan 2024 21:54:14 GMT
collect
www.google-analytics.com/g/ 		0
258 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-NJKY607G7Y&gtm=45je41a0v9137459336&_p=1705269254515&gcd=11l1l1l1l1&dma=0&cid=737654979.1705269255&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1705269254&sct=1&seg=0&dl=https%3A%2F%2Fhiddencruisefares.com%2F&dt=CruiseCompare.ca&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=346
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NJKY607G7Y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::8b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hiddencruisefares.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Jan 2024 21:54:14 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://hiddencruisefares.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
main.MTc3MGUxMzJiMQ.js
analytics.tiktok.com/i18n/pixel/static/ 		396 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/main.MTc3MGUxMzJiMQ.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CKD2NF3C77U2JMMIRA8G&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.44.203.147 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-44-203-147.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
08986577afb5ec60577a1ce35175147bede79ff0c4462d9a1d84eb42aeccce7b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hiddencruisefares.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-akamai-request-id
bbe88ec
date
Sun, 14 Jan 2024 21:54:14 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
202401121632150B85C375DD06F56798C9
x-tt-trace-id
00-2401121632150B85C375DD06F56798C9-2E0AFA1DA429F9E9-00
vary
Accept-Encoding
x-cache
TCP_HIT from a23-44-202-19.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0.1-53785976) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
01596045ed50af054b2f60edcf962f902d9fdc413110cd1c8ef1186f9a5937ef9c15455eb304615b18532ea269d2d695d54fa04dba22c05d110a32a1f65dc6b8bfd57a0ebb4620ac416f897ea4a7484e28baa66ede9206a85d425b9e2b4afb3080
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=3
content-length
105197
js
www.googletagmanager.com/gtag/ 		290 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-NJKY607G7Y
Requested by
Host: hiddencruisefares.com
URL: https://hiddencruisefares.com/static/js/main.e390e2ee.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::61 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e90c1942c70318fbebbd2c71097ddef304e8d5cb54d9fa7ae65a3aa7df30827b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hiddencruisefares.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 21:54:14 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
96400
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 14 Jan 2024 21:54:14 GMT
specialCruises
www.cruisecompare.ca/api/ 		5 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.cruisecompare.ca:6010/api/specialCruises
Requested by
Host: hiddencruisefares.com
URL: https://hiddencruisefares.com/static/js/main.e390e2ee.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.154.204.154 Montreal, Canada, ASN136258 (ONEPROVIDER-AS BrainStorm Network, Inc, CA),
Reverse DNS
Software
/
Resource Hash
b829d2c7fba1ff2e01d7aa181c69e41e202d501291ddcbbc205ace78424816ec
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
application/json, text/plain, */*
Referer
https://hiddencruisefares.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Security-Policy
default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security
max-age=15552000; includeSubDomains
X-Content-Type-Options
nosniff
Date
Sun, 14 Jan 2024 21:54:15 GMT
X-Permitted-Cross-Domain-Policies
none
X-DNS-Prefetch-Control
off
Cross-Origin-Resource-Policy
same-origin
Connection
keep-alive
Content-Length
5256
X-XSS-Protection
0
Referrer-Policy
no-referrer
Cross-Origin-Opener-Policy
same-origin
ETag
W/"1488-rW7NMVHfoVcPWvkKN3lB4F4Zq8I"
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Origin-Agent-Cluster
?1
Keep-Alive
timeout=5
brandmark-design.png
hiddencruisefares.com/logo/ 		83 KB
83 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hiddencruisefares.com/logo/brandmark-design.png
Requested by
Host: hiddencruisefares.com
URL: https://hiddencruisefares.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.154.204.154 Montreal, Canada, ASN136258 (ONEPROVIDER-AS BrainStorm Network, Inc, CA),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
b69d48174e92891caf47e5d5438d48fe75689f991b90c1a2ba6c6cb71cb46905

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hiddencruisefares.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Sun, 14 Jan 2024 21:54:14 GMT
Last-Modified
Wed, 27 Dec 2023 17:29:24 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"14cc4-60d8123e82060"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
85188
HeroVector.3d1bc3a728d26fa4f95e.png
hiddencruisefares.com/static/media/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hiddencruisefares.com/static/media/HeroVector.3d1bc3a728d26fa4f95e.png
Requested by
Host: hiddencruisefares.com
URL: https://hiddencruisefares.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.154.204.154 Montreal, Canada, ASN136258 (ONEPROVIDER-AS BrainStorm Network, Inc, CA),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
705794e355c69a8ee6395fa2f772ca4e6110a627a47173994eb6216152e3e658

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hiddencruisefares.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Sun, 14 Jan 2024 21:54:15 GMT
Last-Modified
Wed, 27 Dec 2023 17:30:18 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"2a55-60d8127225ceb"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
10837
hero-img.cdc312b75eec2e45f555.png
hiddencruisefares.com/static/media/ 		333 KB
333 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hiddencruisefares.com/static/media/hero-img.cdc312b75eec2e45f555.png
Requested by
Host: hiddencruisefares.com
URL: https://hiddencruisefares.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.154.204.154 Montreal, Canada, ASN136258 (ONEPROVIDER-AS BrainStorm Network, Inc, CA),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
ca36e7b01be2a0ff043fddffcabbd048acbdec09c7960692cf91dc33f4a90803

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hiddencruisefares.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Sun, 14 Jan 2024 21:54:15 GMT
Last-Modified
Wed, 27 Dec 2023 17:30:18 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"53350-60d8127225ceb"
Upgrade
h2,h2c
Content-Type
image/png
Connection
Upgrade, Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
340816
truncated
/ 		8 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
05745f317a650fb302ea15c99ae8056cde82bd36e6e4e8bcdc7bcb7810b00a18

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		9 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
53b6a3ce60db0444ff23383d74261f30994f2471e7c99b1a5b24933e531a0a63

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		8 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a06e9ca729f7f9e4e608a302cc2fee55b260b1d471087f7990b3b000cff19654

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		6 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a00ceb28d6eb5475d5afc0beb5207052d4130b769fe86535fbd56c5b9e137d9c

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/png
1285234552195553
connect.facebook.net/signals/config/ 		135 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1285234552195553?v=2.9.140&r=stable&domain=hiddencruisefares.com
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
236286d09b19c66b778e039c51280aea083ae692d395ae2a2e0f377bbef56652
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hiddencruisefares.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sun, 14 Jan 2024 21:54:15 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
LkWCGyvOTx7um0yD0WwTs+uevpKiLXdBWD6xw1EjlLCUp5mVfRWYx/Pc+oYQmAZvXSLUIesrWk4gOIo0C2fOYQ==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
identify_55404.js
analytics.tiktok.com/i18n/pixel/static/ 		137 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/identify_55404.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTc3MGUxMzJiMQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.44.203.147 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-44-203-147.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
a758246f43df5cf0f88a3c46a95cb7e962ec2e16327f7fc6b70d2150981b86df

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hiddencruisefares.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-akamai-request-id
bbe8914
date
Sun, 14 Jan 2024 21:54:15 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
202401041514482C00735450CE6E6F68C6
x-tt-trace-id
00-2401041514482C00735450CE6E6F68C6-0D89955F75ABBF1B-00
vary
Accept-Encoding
x-cache
TCP_MEM_HIT from a23-44-202-19.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0.1-53785976) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
01a2502e1791f2883e7a763f66adc3bdb21c3ffedd7ccd8343a4b28cd4d7e1a6c76f959c3fb27fb92319de7b1eb5206cc159907f87194ed1ff2c75cca33255eb5c9df7a859d45db1cfdafb34ec7c93860aed2cb9f8a3eed38de70e330db058c031
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=4
content-length
37013
pixel
analytics.tiktok.com/api/v2/ 		0
701 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTc3MGUxMzJiMQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.44.203.147 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-44-203-147.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hiddencruisefares.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
bbe8926
date
Sun, 14 Jan 2024 21:54:15 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-2401142154155F9B0ADD960DCF33E908-5A248552908C853D-00
x-cache
TCP_MISS from a23-44-202-19.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0.1-53785976) (-)
server-timing
inner; dur=40, cdn-cache; desc=MISS, edge; dur=5, origin; dur=47
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
202401142154155F9B0ADD960DCF33E908
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
48,23.44.202.19
x-tt-trace-host
011367272af88a3fae6823c0e41bb8c70a824ed955c93f0bbf967f790c39ed8f3be404ac9075145b37a67f602734ed7e6c2855973cbb798c912dbb7e454930e0f56361d470ff420778bb1d6f073d9bb6a697e589ebc8747351f1e8c7e6e8b90e91
access-control-allow-headers
Authorization,*
expires
Sun, 14 Jan 2024 21:54:15 GMT
ships.json
www.widgety.co.uk/api/ 		194 KB
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.widgety.co.uk/api/ships.json?operator=royal-caribbean-international&include_cruises=true&page=1&app_id=92db4501d45ba484ea7f70b5cfb3db238e1b9f6e&token=7974dbd6e613308e77530f989f593b96a393c3793687dd8d6bab7b1220133a7e
Requested by
Host: hiddencruisefares.com
URL: https://hiddencruisefares.com/static/js/main.e390e2ee.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2001:41c8:51:6f1:fcff:ff:fe00:409c -, , ASN (),
Reverse DNS
Software
nginx + Phusion Passenger 5.0.29 / Phusion Passenger 5.0.29
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://hiddencruisefares.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Sun, 14 Jan 2024 21:52:12 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Powered-By
Phusion Passenger 5.0.29
Transfer-Encoding
chunked
Status
200 OK
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
8cb4db2f-4d8e-4907-af35-ee0f4dc69c88
X-Runtime
3.816027
Server
nginx + Phusion Passenger 5.0.29
ETag
W/"7c7369ede342e1002d5f3604bb3c9e5c"
Access-Control-Max-Age
1728000
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, private, must-revalidate
Vary
Origin
X-Frame-Options
SAMEORIGIN
bookingImage2.074bc0149649cbf54ae7.jpeg
hiddencruisefares.com/static/media/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hiddencruisefares.com/static/media/bookingImage2.074bc0149649cbf54ae7.jpeg
Requested by
Host: hiddencruisefares.com
URL: https://hiddencruisefares.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.154.204.154 Montreal, Canada, ASN136258 (ONEPROVIDER-AS BrainStorm Network, Inc, CA),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
9a74622ac3d615529fd9988f4d4d1037a6c47bc1f777d0145042aecdf09b88a4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hiddencruisefares.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Sun, 14 Jan 2024 21:54:15 GMT
Last-Modified
Wed, 27 Dec 2023 17:30:18 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"5384-60d8127225ceb"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
21380
act
analytics.tiktok.com/api/v2/pixel/ 		0
702 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel/act
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTc3MGUxMzJiMQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.44.203.147 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-44-203-147.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hiddencruisefares.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
bbe8979
date
Sun, 14 Jan 2024 21:54:15 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-2401142154156CCB67F7BC55ED353186-22E4A9E3C06D2943-00
x-cache
TCP_MISS from a23-44-202-19.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0.1-53785976) (-)
server-timing
inner; dur=20, cdn-cache; desc=MISS, edge; dur=7, origin; dur=31
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
202401142154156CCB67F7BC55ED353186
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
32,23.44.202.19
x-tt-trace-host
011367272af88a3fae6823c0e41bb8c70a824ed955c93f0bbf967f790c39ed8f3b671df3ef47b8f2b184b28a31cc46bac120cdff7f7932f8fa0f2813bd7bc8d600778f6dafc96abee4c682d9a06a13c6ef8af90ec0e296368735865769d8f8ef14
access-control-allow-headers
Authorization,*
expires
Sun, 14 Jan 2024 21:54:15 GMT
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1285234552195553&ev=PageView&dl=https%3A%2F%2Fhiddencruisefares.com%2F&rl=&if=false&ts=1705269255341&sw=1600&sh=1200&v=2.9.140&r=stable&ec=0&o=4126&fbp=fb.1.1705269255143.871972843&ler=empty&it=1705269254984&coo=false&cdl=&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hiddencruisefares.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Sun, 14 Jan 2024 21:54:15 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 function| gtag object| dataLayer string| TiktokAnalyticsObject object| ttq function| fbq function| _fbq object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal function| _ object| webpackJsonp.TiktTokAnalytics object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge function| TiktokJelly object| _jelly_sdks

6 Cookies

Domain/Path Name / Value
.hiddencruisefares.com/ Name: _ga
Value: GA1.1.737654979.1705269255
.tiktok.com/ Name: _ttp
Value: 2axnmGgVhTXI9ps82Z4yiLTUm6J
.hiddencruisefares.com/ Name: _ga_NJKY607G7Y
Value: GS1.1.1705269254.1.0.1705269254.0.0.0
.hiddencruisefares.com/ Name: _tt_enable_cookie
Value: 1
.hiddencruisefares.com/ Name: _ttp
Value: MeR_VuS3f1ZuyKTucuTVtpr7h21
.hiddencruisefares.com/ Name: _fbp
Value: fb.1.1705269255143.871972843

1 Console Messages

Source Level URL
Text
other warning URL: https://connect.facebook.net/signals/config/1285234552195553?v=2.9.140&r=stable&domain=hiddencruisefares.com(Line 127)
Message:
Unrecognized feature: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.tiktok.com
connect.facebook.net
fonts.googleapis.com
hiddencruisefares.com
rsms.me
www.cruisecompare.ca
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.widgety.co.uk
2001:41c8:51:6f1:fcff:ff:fe00:409c
23.44.203.147
2606:4700:3038::6815:eaeb
2607:f8b0:4004:c06::8b
2607:f8b0:4004:c09::5f
2607:f8b0:4004:c09::61
2a03:2880:f003:c0e:face:b00c:0:3
2a03:2880:f103:83:face:b00c:0:25de
45.154.204.154
05745f317a650fb302ea15c99ae8056cde82bd36e6e4e8bcdc7bcb7810b00a18
08986577afb5ec60577a1ce35175147bede79ff0c4462d9a1d84eb42aeccce7b
0c9cc88c27618b01e95063377382195b9062bdbef5eb1687e5881d3f318dbe63
236286d09b19c66b778e039c51280aea083ae692d395ae2a2e0f377bbef56652
53b6a3ce60db0444ff23383d74261f30994f2471e7c99b1a5b24933e531a0a63
705794e355c69a8ee6395fa2f772ca4e6110a627a47173994eb6216152e3e658
7e12f6c4195a24c43752e29e3919a7d2f3213ef8f444e5fc5e7476a2ef3e2229
8fedfb7def1421aa9d58d1732be7164e33eec27b9c87193e010b9ddaa67b6a18
9a74622ac3d615529fd9988f4d4d1037a6c47bc1f777d0145042aecdf09b88a4
a00ceb28d6eb5475d5afc0beb5207052d4130b769fe86535fbd56c5b9e137d9c
a06e9ca729f7f9e4e608a302cc2fee55b260b1d471087f7990b3b000cff19654
a758246f43df5cf0f88a3c46a95cb7e962ec2e16327f7fc6b70d2150981b86df
ad26ec8a3728c7ab759a937b415be68bb65886fb81ac6a3d1c050d2989c512a8
b69d48174e92891caf47e5d5438d48fe75689f991b90c1a2ba6c6cb71cb46905
b829d2c7fba1ff2e01d7aa181c69e41e202d501291ddcbbc205ace78424816ec
bfbe0bfe31a0a3ac0611f24cb4b841ae989627f0a67644eb7296fc8307540ee0
ca36e7b01be2a0ff043fddffcabbd048acbdec09c7960692cf91dc33f4a90803
cb4f729f0fba8f4929be4d9ed995be432d0bc33703c1ae89367af9c054eab3fa
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e90c1942c70318fbebbd2c71097ddef304e8d5cb54d9fa7ae65a3aa7df30827b
f29862d8e3c0a675e636cb2a48cf7adb80c869d18c76e9fc1a25c2981e879488
fb900f4ad56752e1bc2c00feabcb19de1d587d6818ae80f37bd506a2776f2d41