herontrackadb2ctst.b2clogin.com Open in urlscan Pro
2603:1026:3000:150::8 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://tourex.herontrack.com/
Effective URL:
https://herontrackadb2ctst.b2clogin.com/herontrackadb2ctst.onmicrosoft.com/b2c_1a_signup_signin/oauth2/v2.0/authorize?client_id=8170ad47...
Submission: On August 30 via automatic, source certstream-suspicious (August 30th 2024, 1:37:14 pm UTC) — Scanned from DE

Summary HTTP 61 Redirects Behaviour Indicators

Summary

This website contacted 13 IPs in 4 countries across 10 domains to perform 61 HTTP transactions. The main IP is 2603:1026:3000:150::8, located in Amsterdam, Netherlands and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is herontrackadb2ctst.b2clogin.com.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on May 21st 2024. Valid for: a year.

This is the only time herontrackadb2ctst.b2clogin.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
20	2620:1ec:bdf::67 2620:1ec:bdf::67	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
12	2606:4700:440... 2606:4700:4400::ac40:93bc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.17.24.14 104.17.24.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6812:bb1f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	216.239.32.36 216.239.32.36	15169 (GOOGLE) (GOOGLE)
1	34.120.195.249 34.120.195.249	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2603:1026:300... 2603:1026:3000:148::e	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	20.50.88.242 20.50.88.242	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2603:1026:300... 2603:1026:3000:150::8	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2620:1ec:bdf::42 2620:1ec:bdf::42	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
61	13

20 2620:1ec:bdf::67 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

tourex.herontrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tools.herontrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700:4400::ac40:93bc (United States)

ASN13335 (CLOUDFLARENET, US)

kit.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ka-p.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:bb1f (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.239.32.36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.195.249 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 249.195.120.34.bc.googleusercontent.com

o4505154986377216.ingest.sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2603:1026:3000:148::e (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

herontrackadb2ctst.b2clogin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 20.50.88.242 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

dc.services.visualstudio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2603:1026:3000:150::8 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

herontrackadb2ctst.b2clogin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:bdf::42 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

aadcdn.msftauthimages.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	herontrack.com tourex.herontrack.com tools.herontrack.com	10 MB
12	fontawesome.com kit.fontawesome.com — Cisco Umbrella Rank: 3618 ka-p.fontawesome.com — Cisco Umbrella Rank: 6252	209 KB
4	visualstudio.com dc.services.visualstudio.com — Cisco Umbrella Rank: 853	354 B
4	b2clogin.com herontrackadb2ctst.b2clogin.com	208 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 112	174 KB
2	msftauthimages.net aadcdn.msftauthimages.net — Cisco Umbrella Rank: 6330	180 KB
2	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 3123
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 410	11 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 336	53 KB
1	sentry.io o4505154986377216.ingest.sentry.io Failed	20 B
61	10

	Domain	Requested by
11	tools.herontrack.com	tourex.herontrack.com tools.herontrack.com cdnjs.cloudflare.com
10	ka-p.fontawesome.com	kit.fontawesome.com
9	tourex.herontrack.com	tourex.herontrack.com cdnjs.cloudflare.com
4	dc.services.visualstudio.com	tools.herontrack.com
4	herontrackadb2ctst.b2clogin.com	tools.herontrack.com herontrackadb2ctst.b2clogin.com
4	www.googletagmanager.com	tourex.herontrack.com www.googletagmanager.com tools.herontrack.com
2	aadcdn.msftauthimages.net
2	region1.google-analytics.com	tourex.herontrack.com tools.herontrack.com
2	cdn.jsdelivr.net	client
2	cdnjs.cloudflare.com	tourex.herontrack.com tools.herontrack.com
2	kit.fontawesome.com	tourex.herontrack.com tools.herontrack.com
1	o4505154986377216.ingest.sentry.io	tourex.herontrack.com tools.herontrack.com
61	12

This site contains no links.

Subject Issuer	Validity	Valid
tourex.herontrack.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2024-04-13` - `2024-10-13`	6 months	crt.sh
*.fontawesome.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-07-30` - `2025-01-27`	6 months	crt.sh
cdnjs.cloudflare.com WE1	`2024-07-31` - `2024-10-29`	3 months	crt.sh
*.google-analytics.com WR2	`2024-08-05` - `2024-10-28`	3 months	crt.sh
*.jsdelivr.net Sectigo RSA Domain Validation Secure Server CA	`2024-05-04` - `2025-05-04`	a year	crt.sh
tools.herontrack.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2024-08-30` - `2025-02-27`	6 months	crt.sh
ingest.sentry.io DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-11-02` - `2024-12-02`	a year	crt.sh
graph.windows.net DigiCert SHA2 Secure Server CA	`2024-05-21` - `2025-05-21`	a year	crt.sh
prod.ai.ingestion.msftcloudes.com Microsoft Azure RSA TLS Issuing CA 03	`2024-06-25` - `2025-06-20`	a year	crt.sh
aadcdn.msftauthimages.net Microsoft Azure RSA TLS Issuing CA 03	`2024-08-04` - `2025-07-30`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://herontrackadb2ctst.b2clogin.com/herontrackadb2ctst.onmicrosoft.com/b2c_1a_signup_signin/oauth2/v2.0/authorize?client_id=8170ad47-f405-4439-9066-a10cedda14c9&scope=https%3A%2F%2Fherontrackadb2ctst.onmicrosoft.com%2Fwebapi%2Fwebapi.readwrite%20openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Ftools.herontrack.com%2Fauth&client-request-id=98839ac7-00ce-42ce-9252-1246c03c9194&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.37.0&client_info=1&code_challenge=7Lmg1AxT_tf_BCjjd3lL42uoWrCAKtXBIwKtvKy6qCY&code_challenge_method=S256&nonce=36e6396d-0b7e-409f-a836-138a705f02bd&state=eyJpZCI6IjEzMzViN2ExLWI3NzItNGQ4OS04ZTQ3LWQ5NmZiMGUyMTBlMyIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D
Frame ID: D8FEE04824199610CBCCC93A877B129E
Requests: 59 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sign up or sign in

Page URL History Show full URLs

https://tourex.herontrack.com/ Page URL
https://tools.herontrack.com/?partner=tourex Page URL
https://herontrackadb2ctst.b2clogin.com/herontrackadb2ctst.onmicrosoft.com/b2c_1a_signup_signin/oauth2/v2.0/authoriz... Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
kit\.fontawesome\.com/([0-9a-z]+).js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

61
Requests

87 %
HTTPS

67 %
IPv6

10
Domains

12
Subdomains

13
IPs

4
Countries

11072 kB
Transfer

14905 kB
Size

15
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://tourex.herontrack.com/ Page URL
https://tools.herontrack.com/?partner=tourex Page URL
https://herontrackadb2ctst.b2clogin.com/herontrackadb2ctst.onmicrosoft.com/b2c_1a_signup_signin/oauth2/v2.0/authorize?client_id=8170ad47-f405-4439-9066-a10cedda14c9&scope=https%3A%2F%2Fherontrackadb2ctst.onmicrosoft.com%2Fwebapi%2Fwebapi.readwrite%20openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Ftools.herontrack.com%2Fauth&client-request-id=98839ac7-00ce-42ce-9252-1246c03c9194&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.37.0&client_info=1&code_challenge=7Lmg1AxT_tf_BCjjd3lL42uoWrCAKtXBIwKtvKy6qCY&code_challenge_method=S256&nonce=36e6396d-0b7e-409f-a836-138a705f02bd&state=eyJpZCI6IjEzMzViN2ExLWI3NzItNGQ4OS04ZTQ3LWQ5NmZiMGUyMTBlMyIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

61 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
tourex.herontrack.com/ 33 KB
7 KB 299ms
93ms Document
text/html 2620:1ec:bdf::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://tourex.herontrack.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::67 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

afe2e4466a37b49bdb03c98eacb20c08cf45b83fcdee1437acc73e460df7d22c

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

cache-control: public, must-revalidate, max-age=15, proxy-revalidate, s-maxage=30
content-encoding: br
content-type: text/html
date: Fri, 30 Aug 2024 13:37:02 GMT
etag: W/"57352130"
last-modified: Tue, 27 Aug 2024 09:21:11 GMT
referrer-policy: same-origin
strict-transport-security: max-age=10886400; includeSubDomains; preload
vary: Accept-Encoding
x-azure-ref: 20240830T133701Z-r1bf48c95476dpspe2spqcatk400000007t000000000kz43
x-cache: TCP_MISS
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-fd-int-roxy-purgeid: 55226667
x-xss-protection: 1; mode=block

GET
H2 200 a561ee801b.js Show response
kit.fontawesome.com/ 14 KB
5 KB 281ms
176ms Script
text/javascript 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kit.fontawesome.com/a561ee801b.js
Requested by: Host: tourex.herontrack.com
URL: https://tourex.herontrack.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c87712c42e1a5eecb36d5b06761dc57c8d9b2d4d82d48366dcf81f06c08df18

Request headers

Referer
Origin: https://tourex.herontrack.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 13:37:02 GMT
content-encoding: gzip
cf-cache-status: MISS
server: cloudflare
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
access-control-max-age: 3000
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
content-type: text/javascript
cache-control: max-age=60, public, stale-while-revalidate=30
cf-ray: 8bb52c54cd3d3830-FRA
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id: F_CFHkFiKyyMxjwqcPDh

GET
H3 200 lottie.min.js Show response
cdnjs.cloudflare.com/ajax/libs/lottie-web/5.7.1/ 250 KB
53 KB 115ms
57ms Script
application/javascript 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/lottie-web/5.7.1/lottie.min.js

Requested by

Host: tourex.herontrack.com
URL: https://tourex.herontrack.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4c65e73bfbb0312929232d4b0b255f3a954418db0ee428912979f5cba0b48c5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://tourex.herontrack.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 13:37:02 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 665330
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 53841
last-modified: Mon, 20 Jul 2020 16:37:20 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f15c840-3e812"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=T19OEDjSGcWYML6j85PHdZf2Pm5rcEp44VRg1%2BxW3pZHfbtyPRp%2BL4XvmcKUdGxu7QJteu4Ct3UcdyMolKzsyemWCoVg8A%2BDlq80y8vezjb2tnANGN1d76i5dsUOaEWqQ6DgSBEW"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8bb52c547fac91d1-FRA
expires: Wed, 20 Aug 2025 13:37:02 GMT

GET
H2 200 runtime.3913e2c0df24b5a1.js Show response
tourex.herontrack.com/ 5 KB
5 KB 153ms
152ms Script
text/javascript 2620:1ec:bdf::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://tourex.herontrack.com/runtime.3913e2c0df24b5a1.js

Requested by

Host: tourex.herontrack.com
URL: https://tourex.herontrack.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::67 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

189e3297d28b0129d841aba8dab828ba001d804853ac4beb744ecf7292a8e91b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tourex.herontrack.com/
Origin: https://tourex.herontrack.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 13:37:02 GMT
strict-transport-security: max-age=10886400; includeSubDomains; preload
referrer-policy: same-origin
x-content-type-options: nosniff
last-modified: Tue, 27 Aug 2024 09:21:11 GMT
etag: "57352130"
x-dns-prefetch-control: off
x-azure-ref: 20240830T133702Z-r1bf48c95476dpspe2spqcatk400000007t000000000kz49
content-type: text/javascript
x-cache: TCP_MISS
cache-control: public, must-revalidate, max-age=15, proxy-revalidate, s-maxage=30
x-fd-int-roxy-purgeid: 55226667
accept-ranges: bytes
content-length: 4865
x-xss-protection: 1; mode=block

GET
H2 200 polyfills.2f41bf282c53164c.js Show response
tourex.herontrack.com/ 33 KB
34 KB 116ms
115ms Script
text/javascript 2620:1ec:bdf::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://tourex.herontrack.com/polyfills.2f41bf282c53164c.js

Requested by

Host: tourex.herontrack.com
URL: https://tourex.herontrack.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::67 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

ce3692a579adb4feeea1559a0bb1b3f7e012b851df309d45462f228e1991d6fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tourex.herontrack.com/
Origin: https://tourex.herontrack.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 13:37:02 GMT
strict-transport-security: max-age=10886400; includeSubDomains; preload
referrer-policy: same-origin
x-content-type-options: nosniff
last-modified: Tue, 27 Aug 2024 09:21:11 GMT
etag: "57352130"
x-dns-prefetch-control: off
x-azure-ref: 20240830T133702Z-r1bf48c95476dpspe2spqcatk400000007t000000000kz4a
content-type: text/javascript
x-cache: TCP_MISS
cache-control: public, must-revalidate, max-age=15, proxy-revalidate, s-maxage=30
x-fd-int-roxy-purgeid: 55226667
accept-ranges: bytes
content-length: 34132
x-xss-protection: 1; mode=block

GET
H2 200 scripts.669eef0e2cb906a9.js Show response
tourex.herontrack.com/ 727 KB
729 KB 177ms
176ms Script
text/javascript 2620:1ec:bdf::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://tourex.herontrack.com/scripts.669eef0e2cb906a9.js

Requested by

Host: tourex.herontrack.com
URL: https://tourex.herontrack.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::67 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

22036433211b4720091524b38b07e0b6241c838da03081d564cd8053060bb03e

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tourex.herontrack.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 13:37:02 GMT
strict-transport-security: max-age=10886400; includeSubDomains; preload
referrer-policy: same-origin
x-content-type-options: nosniff
last-modified: Tue, 27 Aug 2024 09:21:11 GMT
etag: "57352130"
x-dns-prefetch-control: off
x-azure-ref: 20240830T133702Z-r1bf48c95476dpspe2spqcatk400000007t000000000kz5a
content-type: text/javascript
x-cache: TCP_MISS
cache-control: public, must-revalidate, max-age=15, proxy-revalidate, s-maxage=30
x-fd-int-roxy-purgeid: 55226667
accept-ranges: bytes
content-length: 744850
x-xss-protection: 1; mode=block

GET
H2 200 main.2fd1e03f1c5206c7.js Show response
tourex.herontrack.com/ 4 MB
4 MB 277ms
277ms Script
text/javascript 2620:1ec:bdf::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://tourex.herontrack.com/main.2fd1e03f1c5206c7.js

Requested by

Host: tourex.herontrack.com
URL: https://tourex.herontrack.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::67 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

b455281c0b653c3432ef1a91ea0da75e5772e4aafe1ac78ccad9e44a768c49fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tourex.herontrack.com/
Origin: https://tourex.herontrack.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 13:37:02 GMT
strict-transport-security: max-age=10886400; includeSubDomains; preload
referrer-policy: same-origin
x-content-type-options: nosniff
last-modified: Tue, 27 Aug 2024 09:21:11 GMT
etag: "57352130"
x-dns-prefetch-control: off
x-azure-ref: 20240830T133702Z-r1bf48c95476dpspe2spqcatk400000007t000000000kz4b
content-type: text/javascript
x-cache: TCP_MISS
cache-control: public, must-revalidate, max-age=15, proxy-revalidate, s-maxage=30
x-fd-int-roxy-purgeid: 55226667
accept-ranges: bytes
content-length: 3963339
x-xss-protection: 1; mode=block

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 199 KB
71 KB 147ms
59ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5ZN4G6K

Requested by

Host: tourex.herontrack.com
URL: https://tourex.herontrack.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8adf48bedb936cc90460b9c6bf7cea59bce99fa873c53b07d73dd45b3ab234d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 13:37:02 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72495
x-xss-protection: 0
last-modified: Fri, 30 Aug 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 30 Aug 2024 13:37:02 GMT

GET
H2 200 pro.min.css Show response
ka-p.fontawesome.com/releases/v6.6.0/css/ 1 MB
179 KB 777ms
769ms Fetch
text/css 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.6.0/css/pro.min.css?token=a561ee801b
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/a561ee801b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ae7c0230749b8a1ac31acdabea1094f958afa5775035ae537cda4a07bf973582

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 13:37:03 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Mon, 15 Jul 2024 22:20:39 GMT
server: cloudflare
etag: "6695a0b7-2cce4"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 8bb52c55ff313830-FRA
content-length: 183524

GET
H2 200 pro-v4-shims.min.css Show response
ka-p.fontawesome.com/releases/v6.6.0/css/ 27 KB
4 KB 646ms
639ms Fetch
text/css 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.6.0/css/pro-v4-shims.min.css?token=a561ee801b
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/a561ee801b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f0fdba09e5424857290d8e5aa6beb9953d22465dd8cd82e760e549a3f0663320

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 13:37:02 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Mon, 15 Jul 2024 22:20:39 GMT
server: cloudflare
etag: "6695a0b7-10e7"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 8bb52c55ff2e3830-FRA
content-length: 4327

GET
H2 200 pro-v5-font-face.min.css Show response
ka-p.fontawesome.com/releases/v6.6.0/css/ 50 KB
7 KB 470ms
462ms Fetch
text/css 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.6.0/css/pro-v5-font-face.min.css?token=a561ee801b
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/a561ee801b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5dba1570e2c1f739e153f9c8d38e73de101eb05a1c3b158b3a267e55c4b545a8

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 13:37:02 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Mon, 15 Jul 2024 22:20:40 GMT
server: cloudflare
etag: "6695a0b8-1c1c"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 8bb52c55ff2a3830-FRA
content-length: 7196

GET
H2 200 pro-v4-font-face.min.css Show response
ka-p.fontawesome.com/releases/v6.6.0/css/ 7 KB
2 KB 494ms
487ms Fetch
text/css 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.6.0/css/pro-v4-font-face.min.css?token=a561ee801b
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/a561ee801b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 42ffeae687ee562cc3d669407321ce1754cc922ed793e3371efac196b33cbf47

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 13:37:02 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Mon, 15 Jul 2024 22:20:39 GMT
server: cloudflare
etag: "6695a0b7-6ca"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 8bb52c55ff323830-FRA
content-length: 1738

GET
H2 200 custom-icons.css Show response
ka-p.fontawesome.com/assets/a561ee801b/44547184/ 8 KB
6 KB 734ms
727ms Fetch
text/css 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/assets/a561ee801b/44547184/custom-icons.css?token=a561ee801b
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/a561ee801b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d87cde31192c240ac5032cdeb6183f79732ddf7b0e8dfd486c4f9123e9784616

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 13:37:03 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Mon, 11 Mar 2024 14:50:52 GMT
server: cloudflare
etag: W/"7fea808246e6455d51700d0771bd33c9"
x-cache-status: HIT
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
cf-ray: 8bb52c55ff2d3830-FRA

GET
H2 200 bootstrap-icons.css
cdn.jsdelivr.net/npm/bootstrap-icons@1.8.1/font/ 79 KB
11 KB 150ms
54ms Stylesheet
text/css 2606:4700::6812:bb1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap-icons@1.8.1/font/bootstrap-icons.css

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bb1f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af35cc6aba34e5005de77099dfa72d4c1a7715d28ddcec343f48031dc8cb08bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 13:37:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 9854892
x-jsd-version: 1.8.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 10883
x-served-by: cache-fra-etou8220090-FRA, cache-lga21953-LGA
x-jsd-version-type: version
server: cloudflare
etag: W/"13a7e-T26mnA4DQx/6Ggl6RUU7WzskbYs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p3%2B%2BaKwtnL21IS1OD%2BYd0eBS2u8kmaoHnlFJ9InWytyAiGw%2F2CDpgzsRA3SYnnSHGoqXhzHhIKK7UM47gvnfgt5Eyivf%2B%2BmFHA%2FLn45%2FaXoCTcZilXXrwb0Eo6%2FXAAc3m5A66m9N9AR897koOPQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8bb52c569cc23a68-FRA

GET
H2 200 styles.afa55f5cd8772d8d.css
tourex.herontrack.com/ 421 KB
422 KB 160ms
160ms Stylesheet
text/css 2620:1ec:bdf::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://tourex.herontrack.com/styles.afa55f5cd8772d8d.css

Requested by

Host: tourex.herontrack.com
URL: https://tourex.herontrack.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::67 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

54546f54a25b8367215d10d77edf193aced58c7e6fe0887863e35ea25ad646c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tourex.herontrack.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 13:37:02 GMT
strict-transport-security: max-age=10886400; includeSubDomains; preload
referrer-policy: same-origin
x-content-type-options: nosniff
last-modified: Tue, 27 Aug 2024 09:21:11 GMT
etag: "57352130"
x-dns-prefetch-control: off
x-azure-ref: 20240830T133702Z-r1bf48c95476dpspe2spqcatk400000007t000000000kz5b
content-type: text/css
x-cache: TCP_MISS
cache-control: public, must-revalidate, max-age=15, proxy-revalidate, s-maxage=30
x-fd-int-roxy-purgeid: 55226667
accept-ranges: bytes
content-length: 431490
x-xss-protection: 1; mode=block

GET
H2 200 loaderHT.json Show response
tourex.herontrack.com/assets/animations/ 8 KB
9 KB 149ms
148ms XHR
application/json 2620:1ec:bdf::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://tourex.herontrack.com/assets/animations/loaderHT.json

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/lottie-web/5.7.1/lottie.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::67 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

b6e59b2f2554d31bfb2e4d7a0337c46a97b0c98bea9a8ec9124c2721379f50f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tourex.herontrack.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 13:37:02 GMT
strict-transport-security: max-age=10886400; includeSubDomains; preload
referrer-policy: same-origin
x-content-type-options: nosniff
last-modified: Tue, 27 Aug 2024 09:21:11 GMT
etag: "57352130"
x-dns-prefetch-control: off
x-azure-ref: 20240830T133702Z-r1bf48c95476dpspe2spqcatk400000007t000000000kz5v
content-type: application/json
x-cache: TCP_MISS
cache-control: public, must-revalidate, max-age=15, proxy-revalidate, s-maxage=30
x-fd-int-roxy-purgeid: 55226667
accept-ranges: bytes
content-length: 8592
x-xss-protection: 1; mode=block

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 310 KB
102 KB 61ms
60ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-7WXXNTFFJE&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5ZN4G6K

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

828c6f9df8809c2f095f0c825853efb771c43b8073fcff010b07e13725a2e3dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 13:37:02 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 104765
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 30 Aug 2024 13:37:02 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 135ms
48ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-7WXXNTFFJE&gtm=45je48s0v9119648254z89119625179za200zb9119625179&_p=1725025022130&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=2061909079.1725025023&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1725025022&sct=1&seg=0&dl=https%3A%2F%2Ftourex.herontrack.com%2F&dt=HeronTrack&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1011
Requested by: Host: tourex.herontrack.com
URL: https://tourex.herontrack.com/polyfills.2f41bf282c53164c.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Aug 2024 13:37:02 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://tourex.herontrack.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
tools.herontrack.com/ 33 KB
7 KB 299ms
123ms Document
text/html 2620:1ec:bdf::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://tools.herontrack.com/?partner=tourex

Requested by

Host: tourex.herontrack.com
URL: https://tourex.herontrack.com/main.2fd1e03f1c5206c7.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::67 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

afe2e4466a37b49bdb03c98eacb20c08cf45b83fcdee1437acc73e460df7d22c

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

cache-control: public, must-revalidate, max-age=15, proxy-revalidate, s-maxage=30
content-encoding: br
content-type: text/html
date: Fri, 30 Aug 2024 13:37:04 GMT
etag: W/"57352130"
last-modified: Tue, 27 Aug 2024 09:21:11 GMT
referrer-policy: same-origin
strict-transport-security: max-age=10886400; includeSubDomains; preload
vary: Accept-Encoding
x-azure-ref: 20240830T133704Z-r1bf48c9547p6gxqczdu8sudew000000087000000000nuer
x-cache: TCP_MISS
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-fd-int-roxy-purgeid: 55226667
x-xss-protection: 1; mode=block

GET
H2 200 msal-settings.json
tourex.herontrack.com/assets/configuration/ 3 KB
3 KB 80ms
80ms Fetch
application/json 2620:1ec:bdf::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://tourex.herontrack.com/assets/configuration/msal-settings.json

Requested by

Host: tourex.herontrack.com
URL: https://tourex.herontrack.com/polyfills.2f41bf282c53164c.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::67 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tourex.herontrack.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 13:37:04 GMT
strict-transport-security: max-age=10886400; includeSubDomains; preload
referrer-policy: same-origin
x-content-type-options: nosniff
last-modified: Tue, 27 Aug 2024 09:21:11 GMT
etag: "57352130"
x-dns-prefetch-control: off
x-azure-ref: 20240830T133704Z-r1bf48c95476dpspe2spqcatk400000007t000000000kzc7
content-type: application/json
x-cache: TCP_MISS
cache-control: public, must-revalidate, max-age=15, proxy-revalidate, s-maxage=30
x-fd-int-roxy-purgeid: 55226667
accept-ranges: bytes
content-length: 3031
x-xss-protection: 1; mode=block

GET
H2 200 settings.json
tourex.herontrack.com/assets/configuration/ 744 B
1 KB 91ms
91ms XHR
application/json 2620:1ec:bdf::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://tourex.herontrack.com/assets/configuration/settings.json

Requested by

Host: tourex.herontrack.com
URL: https://tourex.herontrack.com/polyfills.2f41bf282c53164c.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::67 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://tourex.herontrack.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 13:37:04 GMT
strict-transport-security: max-age=10886400; includeSubDomains; preload
referrer-policy: same-origin
x-content-type-options: nosniff
last-modified: Tue, 27 Aug 2024 09:21:11 GMT
etag: "57352130"
x-dns-prefetch-control: off
x-azure-ref: 20240830T133704Z-r1bf48c95476dpspe2spqcatk400000007t000000000kzcp
content-type: application/json
x-cache: TCP_MISS
cache-control: public, must-revalidate, max-age=15, proxy-revalidate, s-maxage=30
x-fd-int-roxy-purgeid: 55226667
accept-ranges: bytes
content-length: 744
x-xss-protection: 1; mode=block

GET en.json
tourex.herontrack.com/assets/i18n/ 0
0

POST /
o4505154986377216.ingest.sentry.io/api/4505154989916160/envelope/ 0
0

GET c22f851a-ece6-4bff-9112-04666a8688a5
https://tourex.herontrack.com/ 0
0

POST collect
region1.google-analytics.com/g/ 0
0

POST /
o4505154986377216.ingest.sentry.io/api/4505154989916160/envelope/ 0
0

GET
H2 200 a561ee801b.js Show response
kit.fontawesome.com/ 14 KB
5 KB 167ms
164ms Script
text/javascript 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kit.fontawesome.com/a561ee801b.js
Requested by: Host: tools.herontrack.com
URL: https://tools.herontrack.com/?partner=tourex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c87712c42e1a5eecb36d5b06761dc57c8d9b2d4d82d48366dcf81f06c08df18

Request headers

Referer
Origin: https://tools.herontrack.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 13:37:04 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
server: cloudflare
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
access-control-max-age: 3000
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
content-type: text/javascript
cache-control: max-age=60, public, stale-while-revalidate=30
cf-ray: 8bb52c639e0b3830-FRA
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id: F_B-gTQKzr54zJ7Rtgxh

GET
H3 200 lottie.min.js Show response
cdnjs.cloudflare.com/ajax/libs/lottie-web/5.7.1/ 250 KB
0 2ms
2ms Script
application/javascript 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/lottie-web/5.7.1/lottie.min.js

Requested by

Host: tools.herontrack.com
URL: https://tools.herontrack.com/?partner=tourex

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4c65e73bfbb0312929232d4b0b255f3a954418db0ee428912979f5cba0b48c5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://tools.herontrack.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 13:37:02 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 665330
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 53841
last-modified: Mon, 20 Jul 2020 16:37:20 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f15c840-3e812"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=T19OEDjSGcWYML6j85PHdZf2Pm5rcEp44VRg1%2BxW3pZHfbtyPRp%2BL4XvmcKUdGxu7QJteu4Ct3UcdyMolKzsyemWCoVg8A%2BDlq80y8vezjb2tnANGN1d76i5dsUOaEWqQ6DgSBEW"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8bb52c547fac91d1-FRA
expires: Wed, 20 Aug 2025 13:37:02 GMT

GET
H2 200 runtime.3913e2c0df24b5a1.js Show response
tools.herontrack.com/ 5 KB
5 KB 82ms
79ms Script
text/javascript 2620:1ec:bdf::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://tools.herontrack.com/runtime.3913e2c0df24b5a1.js

Requested by

Host: tools.herontrack.com
URL: https://tools.herontrack.com/?partner=tourex

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::67 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

189e3297d28b0129d841aba8dab828ba001d804853ac4beb744ecf7292a8e91b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tools.herontrack.com/?partner=tourex
Origin: https://tools.herontrack.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 13:37:04 GMT
strict-transport-security: max-age=10886400; includeSubDomains; preload
referrer-policy: same-origin
x-content-type-options: nosniff
last-modified: Tue, 27 Aug 2024 09:21:11 GMT
etag: "57352130"
x-dns-prefetch-control: off
x-azure-ref: 20240830T133704Z-r1bf48c9547p6gxqczdu8sudew000000087000000000nufq
content-type: text/javascript
x-cache: TCP_REVALIDATED_HIT
cache-control: public, must-revalidate, max-age=15, proxy-revalidate, s-maxage=30
x-fd-int-roxy-purgeid: 55226667
accept-ranges: bytes
content-length: 4865
x-xss-protection: 1; mode=block

GET
H2 200 polyfills.2f41bf282c53164c.js Show response
tools.herontrack.com/ 33 KB
34 KB 122ms
119ms Script
text/javascript 2620:1ec:bdf::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://tools.herontrack.com/polyfills.2f41bf282c53164c.js

Requested by

Host: tools.herontrack.com
URL: https://tools.herontrack.com/?partner=tourex

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::67 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

ce3692a579adb4feeea1559a0bb1b3f7e012b851df309d45462f228e1991d6fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tools.herontrack.com/?partner=tourex
Origin: https://tools.herontrack.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 13:37:04 GMT
strict-transport-security: max-age=10886400; includeSubDomains; preload
referrer-policy: same-origin
x-content-type-options: nosniff
last-modified: Tue, 27 Aug 2024 09:21:11 GMT
etag: "57352130"
x-dns-prefetch-control: off
x-azure-ref: 20240830T133704Z-r1bf48c9547p6gxqczdu8sudew000000087000000000nufr
content-type: text/javascript
x-cache: TCP_REVALIDATED_HIT
cache-control: public, must-revalidate, max-age=15, proxy-revalidate, s-maxage=30
x-fd-int-roxy-purgeid: 55226667
accept-ranges: bytes
content-length: 34132
x-xss-protection: 1; mode=block

GET
H2 200 scripts.669eef0e2cb906a9.js Show response
tools.herontrack.com/ 727 KB
729 KB 203ms
199ms Script
text/javascript 2620:1ec:bdf::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://tools.herontrack.com/scripts.669eef0e2cb906a9.js

Requested by

Host: tools.herontrack.com
URL: https://tools.herontrack.com/?partner=tourex

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::67 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

22036433211b4720091524b38b07e0b6241c838da03081d564cd8053060bb03e

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tools.herontrack.com/?partner=tourex
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 13:37:04 GMT
strict-transport-security: max-age=10886400; includeSubDomains; preload
referrer-policy: same-origin
x-content-type-options: nosniff
last-modified: Tue, 27 Aug 2024 09:21:11 GMT
etag: "57352130"
x-dns-prefetch-control: off
x-azure-ref: 20240830T133704Z-r1bf48c9547p6gxqczdu8sudew000000087000000000nugd
content-type: text/javascript
x-cache: TCP_REVALIDATED_HIT
cache-control: public, must-revalidate, max-age=15, proxy-revalidate, s-maxage=30
x-fd-int-roxy-purgeid: 55226667
accept-ranges: bytes
content-length: 744850
x-xss-protection: 1; mode=block

GET
H2 200 main.2fd1e03f1c5206c7.js Show response
tools.herontrack.com/ 4 MB
4 MB 82ms
79ms Script
text/javascript 2620:1ec:bdf::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://tools.herontrack.com/main.2fd1e03f1c5206c7.js

Requested by

Host: tools.herontrack.com
URL: https://tools.herontrack.com/?partner=tourex

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::67 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

b455281c0b653c3432ef1a91ea0da75e5772e4aafe1ac78ccad9e44a768c49fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tools.herontrack.com/?partner=tourex
Origin: https://tools.herontrack.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 13:37:04 GMT
strict-transport-security: max-age=10886400; includeSubDomains; preload
referrer-policy: same-origin
x-content-type-options: nosniff
last-modified: Tue, 27 Aug 2024 09:21:11 GMT
etag: "57352130"
x-dns-prefetch-control: off
x-azure-ref: 20240830T133704Z-r1bf48c9547p6gxqczdu8sudew000000087000000000nufs
content-type: text/javascript
x-cache: TCP_REVALIDATED_HIT
cache-control: public, must-revalidate, max-age=15, proxy-revalidate, s-maxage=30
x-fd-int-roxy-purgeid: 55226667
accept-ranges: bytes
content-length: 3963339
x-xss-protection: 1; mode=block

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 199 KB
0 2ms
1ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5ZN4G6K

Requested by

Host: tools.herontrack.com
URL: https://tools.herontrack.com/?partner=tourex

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8adf48bedb936cc90460b9c6bf7cea59bce99fa873c53b07d73dd45b3ab234d0

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 13:37:02 GMT
content-encoding: br
last-modified: Fri, 30 Aug 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 72495
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 30 Aug 2024 13:37:02 GMT

GET
H2 200 pro.min.css Show response
ka-p.fontawesome.com/releases/v6.6.0/css/ 1 MB
47 B 57ms
54ms Fetch
text/css 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.6.0/css/pro.min.css?token=a561ee801b
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/a561ee801b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ae7c0230749b8a1ac31acdabea1094f958afa5775035ae537cda4a07bf973582

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 13:37:04 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 15 Jul 2024 22:20:39 GMT
server: cloudflare
age: 290050
etag: "6695a0b7-2cce4"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 8bb52c64af053830-FRA
content-length: 183524

GET
H2 200 pro-v4-shims.min.css Show response
ka-p.fontawesome.com/releases/v6.6.0/css/ 27 KB
37 B 65ms
62ms Fetch
text/css 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.6.0/css/pro-v4-shims.min.css?token=a561ee801b
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/a561ee801b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f0fdba09e5424857290d8e5aa6beb9953d22465dd8cd82e760e549a3f0663320

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 13:37:04 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 15 Jul 2024 22:20:39 GMT
server: cloudflare
age: 365470
etag: "6695a0b7-10e7"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 8bb52c64af073830-FRA
content-length: 4327

GET
H2 200 pro-v5-font-face.min.css Show response
ka-p.fontawesome.com/releases/v6.6.0/css/ 50 KB
37 B 64ms
62ms Fetch
text/css 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.6.0/css/pro-v5-font-face.min.css?token=a561ee801b
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/a561ee801b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5dba1570e2c1f739e153f9c8d38e73de101eb05a1c3b158b3a267e55c4b545a8

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 13:37:04 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 15 Jul 2024 22:20:40 GMT
server: cloudflare
age: 365470
etag: "6695a0b8-1c1c"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 8bb52c64af083830-FRA
content-length: 7196

GET
H2 200 pro-v4-font-face.min.css Show response
ka-p.fontawesome.com/releases/v6.6.0/css/ 7 KB
43 B 57ms
55ms Fetch
text/css 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.6.0/css/pro-v4-font-face.min.css?token=a561ee801b
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/a561ee801b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 42ffeae687ee562cc3d669407321ce1754cc922ed793e3371efac196b33cbf47

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 13:37:04 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 15 Jul 2024 22:20:39 GMT
server: cloudflare
age: 365470
etag: "6695a0b7-6ca"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 8bb52c64af093830-FRA
content-length: 1738

GET
H2 200 custom-icons.css Show response
ka-p.fontawesome.com/assets/a561ee801b/44547184/ 8 KB
79 B 60ms
58ms Fetch
text/css 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/assets/a561ee801b/44547184/custom-icons.css?token=a561ee801b
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/a561ee801b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d87cde31192c240ac5032cdeb6183f79732ddf7b0e8dfd486c4f9123e9784616

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 13:37:04 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 11 Mar 2024 14:50:52 GMT
server: cloudflare
age: 197828
etag: W/"7fea808246e6455d51700d0771bd33c9"
x-cache-status: MISS
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-max-age: 3000
access-control-allow-methods: GET
access-control-allow-origin: *
content-type: text/css
cache-control: max-age=31556926
cf-ray: 8bb52c64af0a3830-FRA

GET
H2 200 bootstrap-icons.css
cdn.jsdelivr.net/npm/bootstrap-icons@1.8.1/font/ 79 KB
0 0ms
0ms Stylesheet
text/css 2606:4700::6812:bb1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap-icons@1.8.1/font/bootstrap-icons.css

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bb1f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af35cc6aba34e5005de77099dfa72d4c1a7715d28ddcec343f48031dc8cb08bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 13:37:02 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 9854892
x-jsd-version: 1.8.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 10883
x-served-by: cache-fra-etou8220090-FRA, cache-lga21953-LGA
x-jsd-version-type: version
server: cloudflare
etag: W/"13a7e-T26mnA4DQx/6Ggl6RUU7WzskbYs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p3%2B%2BaKwtnL21IS1OD%2BYd0eBS2u8kmaoHnlFJ9InWytyAiGw%2F2CDpgzsRA3SYnnSHGoqXhzHhIKK7UM47gvnfgt5Eyivf%2B%2BmFHA%2FLn45%2FaXoCTcZilXXrwb0Eo6%2FXAAc3m5A66m9N9AR897koOPQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8bb52c569cc23a68-FRA

GET
H2 200 styles.afa55f5cd8772d8d.css
tools.herontrack.com/ 421 KB
422 KB 203ms
201ms Stylesheet
text/css 2620:1ec:bdf::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://tools.herontrack.com/styles.afa55f5cd8772d8d.css

Requested by

Host: tools.herontrack.com
URL: https://tools.herontrack.com/?partner=tourex

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::67 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

54546f54a25b8367215d10d77edf193aced58c7e6fe0887863e35ea25ad646c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tools.herontrack.com/?partner=tourex
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 13:37:04 GMT
strict-transport-security: max-age=10886400; includeSubDomains; preload
referrer-policy: same-origin
x-content-type-options: nosniff
last-modified: Tue, 27 Aug 2024 09:21:11 GMT
etag: "57352130"
x-dns-prefetch-control: off
x-azure-ref: 20240830T133704Z-r1bf48c9547p6gxqczdu8sudew000000087000000000nuge
content-type: text/css
x-cache: TCP_REVALIDATED_HIT
cache-control: public, must-revalidate, max-age=15, proxy-revalidate, s-maxage=30
x-fd-int-roxy-purgeid: 55226667
accept-ranges: bytes
content-length: 431490
x-xss-protection: 1; mode=block

GET
H2 200 loaderHT.json Show response
tools.herontrack.com/assets/animations/ 8 KB
9 KB 189ms
188ms XHR
application/json 2620:1ec:bdf::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://tools.herontrack.com/assets/animations/loaderHT.json

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/lottie-web/5.7.1/lottie.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::67 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

b6e59b2f2554d31bfb2e4d7a0337c46a97b0c98bea9a8ec9124c2721379f50f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tools.herontrack.com/?partner=tourex
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 13:37:04 GMT
strict-transport-security: max-age=10886400; includeSubDomains; preload
referrer-policy: same-origin
x-content-type-options: nosniff
last-modified: Tue, 27 Aug 2024 09:21:11 GMT
etag: "57352130"
x-dns-prefetch-control: off
x-azure-ref: 20240830T133704Z-r1bf48c9547p6gxqczdu8sudew000000087000000000nugg
content-type: application/json
x-cache: TCP_REVALIDATED_HIT
cache-control: public, must-revalidate, max-age=15, proxy-revalidate, s-maxage=30
x-fd-int-roxy-purgeid: 55226667
accept-ranges: bytes
content-length: 8592
x-xss-protection: 1; mode=block

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 310 KB
0 0ms
0ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-7WXXNTFFJE&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5ZN4G6K

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

828c6f9df8809c2f095f0c825853efb771c43b8073fcff010b07e13725a2e3dc

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 13:37:02 GMT
content-encoding: br
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 104765
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 30 Aug 2024 13:37:02 GMT

POST
H3 204 collect
region1.google-analytics.com/g/ 0
0 48ms
47ms Fetch
text/plain 216.239.32.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-7WXXNTFFJE&gtm=45je48s0v9119648254z89119625179za200zb9119625179&_p=1725025024582&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=2061909079.1725025023&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1725025022&sct=1&seg=1&dl=https%3A%2F%2Ftools.herontrack.com%2F%3Fpartner%3Dtourex&dt=HeronTrack&en=page_view&tfd=923
Requested by: Host: tools.herontrack.com
URL: https://tools.herontrack.com/polyfills.2f41bf282c53164c.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Aug 2024 13:37:05 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://tools.herontrack.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 msal-settings.json Show response
tools.herontrack.com/assets/configuration/ 3 KB
3 KB 78ms
77ms Fetch
application/json 2620:1ec:bdf::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://tools.herontrack.com/assets/configuration/msal-settings.json

Requested by

Host: tools.herontrack.com
URL: https://tools.herontrack.com/polyfills.2f41bf282c53164c.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::67 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

2126e622bac9c638fe7383c7da99c4c13f405c707c77d607dd4219c4d050c73e

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tools.herontrack.com/?partner=tourex
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 13:37:07 GMT
strict-transport-security: max-age=10886400; includeSubDomains; preload
referrer-policy: same-origin
x-content-type-options: nosniff
last-modified: Tue, 27 Aug 2024 09:21:11 GMT
etag: "57352130"
x-dns-prefetch-control: off
x-azure-ref: 20240830T133707Z-r1bf48c9547p6gxqczdu8sudew000000087000000000nuu7
content-type: application/json
x-cache: TCP_REVALIDATED_HIT
cache-control: public, must-revalidate, max-age=15, proxy-revalidate, s-maxage=30
x-fd-int-roxy-purgeid: 55226667
accept-ranges: bytes
content-length: 3031
x-xss-protection: 1; mode=block

GET
H2 200 favicon.ico
tools.herontrack.com/ 21 KB
21 KB 134ms
133ms Other
image/vnd.microsoft.icon 2620:1ec:bdf::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://tools.herontrack.com/favicon.ico

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::67 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

288caec86cfd7f5b43c36933b78fee708387051fc045a1f3580b86fe48ab1bf2

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tools.herontrack.com/?partner=tourex
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 13:37:07 GMT
strict-transport-security: max-age=10886400; includeSubDomains; preload
referrer-policy: same-origin
x-content-type-options: nosniff
last-modified: Tue, 27 Aug 2024 09:21:11 GMT
etag: "57352130"
x-dns-prefetch-control: off
x-azure-ref: 20240830T133707Z-r1bf48c9547p6gxqczdu8sudew000000087000000000nuug
content-type: image/vnd.microsoft.icon
x-cache: TCP_REVALIDATED_HIT
cache-control: public, must-revalidate, max-age=15, proxy-revalidate, s-maxage=30
x-fd-int-roxy-purgeid: 55226667
accept-ranges: bytes
content-length: 21078
x-xss-protection: 1; mode=block

GET
H2 200 settings.json Show response
tools.herontrack.com/assets/configuration/ 744 B
1 KB 117ms
116ms XHR
application/json 2620:1ec:bdf::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://tools.herontrack.com/assets/configuration/settings.json

Requested by

Host: tools.herontrack.com
URL: https://tools.herontrack.com/polyfills.2f41bf282c53164c.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::67 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

fbd8cadf39d718f5c110d894fc09e688568146616e0e3e902027e957edbcdf4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://tools.herontrack.com/?partner=tourex
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 13:37:07 GMT
strict-transport-security: max-age=10886400; includeSubDomains; preload
referrer-policy: same-origin
x-content-type-options: nosniff
last-modified: Tue, 27 Aug 2024 09:21:11 GMT
etag: "57352130"
x-dns-prefetch-control: off
x-azure-ref: 20240830T133707Z-r1bf48c9547p6gxqczdu8sudew000000087000000000nuuq
content-type: application/json
x-cache: TCP_REVALIDATED_HIT
cache-control: public, must-revalidate, max-age=15, proxy-revalidate, s-maxage=30
x-fd-int-roxy-purgeid: 55226667
accept-ranges: bytes
content-length: 744
x-xss-protection: 1; mode=block

GET
H2 200 en.json Show response
tools.herontrack.com/assets/i18n/ 44 KB
45 KB 98ms
97ms XHR
application/json 2620:1ec:bdf::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://tools.herontrack.com/assets/i18n/en.json

Requested by

Host: tools.herontrack.com
URL: https://tools.herontrack.com/polyfills.2f41bf282c53164c.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::67 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

0164c8fc0d4f5740cdf2d76c51e2c6633f88ba36c3e9a902720d35641d66839c

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://tools.herontrack.com/?partner=tourex
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 13:37:07 GMT
strict-transport-security: max-age=10886400; includeSubDomains; preload
referrer-policy: same-origin
x-content-type-options: nosniff
last-modified: Tue, 27 Aug 2024 09:21:11 GMT
etag: "57352130"
x-dns-prefetch-control: off
x-azure-ref: 20240830T133707Z-r1bf48c9547p6gxqczdu8sudew000000087000000000nuus
content-type: application/json
x-cache: TCP_REVALIDATED_HIT
cache-control: public, must-revalidate, max-age=15, proxy-revalidate, s-maxage=30
x-fd-int-roxy-purgeid: 55226667
accept-ranges: bytes
content-length: 45408
x-xss-protection: 1; mode=block

POST
H3 200 / Show response
o4505154986377216.ingest.sentry.io/api/4505154989916160/envelope/ 2 B
20 B 43ms
42ms Fetch
application/json 34.120.195.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://o4505154986377216.ingest.sentry.io/api/4505154989916160/envelope/?sentry_key=7e0e640d0d0f47a4ae698c478101fbc6&sentry_version=7&sentry_client=sentry.javascript.angular-ivy%2F7.51.2

Requested by

Host: tools.herontrack.com
URL: https://tools.herontrack.com/polyfills.2f41bf282c53164c.js

Protocol

Security

QUIC, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://tools.herontrack.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 30 Aug 2024 13:37:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
server: nginx
vary: origin, access-control-request-method, access-control-request-headers
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

GET 524fd34c-3730-488e-99df-872229054053
https://tools.herontrack.com/ 0
0

GET
H/1.1 200
OK openid-configuration Show response
herontrackadb2ctst.b2clogin.com/herontrackadb2ctst.onmicrosoft.com/b2c_1a_signup_signin/v2.0/.well-known/ 2 KB
2 KB 275ms
101ms Fetch
application/json 2603:1026:3000:148::e
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://herontrackadb2ctst.b2clogin.com/herontrackadb2ctst.onmicrosoft.com/b2c_1a_signup_signin/v2.0/.well-known/openid-configuration

Requested by

Host: tools.herontrack.com
URL: https://tools.herontrack.com/polyfills.2f41bf282c53164c.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2603:1026:3000:148::e Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

63099cb69322c7ed219ef38176a6398f22a9ae8f3af86dde8cbfc671a5f6afb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Date: Fri, 30 Aug 2024 13:37:08 GMT
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: GET, OPTIONS
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://tools.herontrack.com
Public: OPTIONS,TRACE,GET,HEAD,POST
Cache-Control: no-store, must-revalidate, no-cache
Allow: OPTIONS, TRACE, GET, HEAD, POST
x-ms-gateway-requestid: e0e2d25c-d99a-42c7-ac45-45640f0a261a
Content-Length: 1685
X-XSS-Protection: 1; mode=block

POST
H2 200 track
dc.services.visualstudio.com/v2/ 96 B
200 B 48ms
46ms XHR
application/json 20.50.88.242
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Requested by

Host: tools.herontrack.com
URL: https://tools.herontrack.com/polyfills.2f41bf282c53164c.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.50.88.242 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer
Sdk-Context: appId
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-type: application/json

Response headers

access-control-allow-origin: *
strict-transport-security: max-age=31536000
date: Fri, 30 Aug 2024 13:37:07 GMT
x-content-type-options: nosniff
server: Microsoft-HTTPAPI/2.0
content-type: application/json; charset=utf-8

OPTIONS
H2 204 track
dc.services.visualstudio.com/v2/ 0
0 320ms
64ms Preflight 20.50.88.242
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.50.88.242 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,sdk-context
Access-Control-Request-Method: POST
Origin: https://tools.herontrack.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Origin,X-Requested-With,Content-Name,Content-Type,Accept,Cache-Control,Sdk-Context
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 3600
date: Fri, 30 Aug 2024 13:37:07 GMT
server: Microsoft-HTTPAPI/2.0
strict-transport-security: max-age=31536000

OPTIONS
H2 204 track
dc.services.visualstudio.com/v2/ 0
0 65ms
65ms Preflight 20.50.88.242
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.50.88.242 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,sdk-context
Access-Control-Request-Method: POST
Origin: https://tools.herontrack.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Origin,X-Requested-With,Content-Name,Content-Type,Accept,Cache-Control,Sdk-Context
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 3600
date: Fri, 30 Aug 2024 13:37:07 GMT
server: Microsoft-HTTPAPI/2.0
strict-transport-security: max-age=31536000

GET
H/1.1 200
OK Primary Request authorize Show response
herontrackadb2ctst.b2clogin.com/herontrackadb2ctst.onmicrosoft.com/b2c_1a_signup_signin/oauth2/v2.0/ 431 KB
157 KB 272ms
147ms Document
text/html 2603:1026:3000:150::8
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://herontrackadb2ctst.b2clogin.com/herontrackadb2ctst.onmicrosoft.com/b2c_1a_signup_signin/oauth2/v2.0/authorize?client_id=8170ad47-f405-4439-9066-a10cedda14c9&scope=https%3A%2F%2Fherontrackadb2ctst.onmicrosoft.com%2Fwebapi%2Fwebapi.readwrite%20openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Ftools.herontrack.com%2Fauth&client-request-id=98839ac7-00ce-42ce-9252-1246c03c9194&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.37.0&client_info=1&code_challenge=7Lmg1AxT_tf_BCjjd3lL42uoWrCAKtXBIwKtvKy6qCY&code_challenge_method=S256&nonce=36e6396d-0b7e-409f-a836-138a705f02bd&state=eyJpZCI6IjEzMzViN2ExLWI3NzItNGQ4OS04ZTQ3LWQ5NmZiMGUyMTBlMyIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D

Requested by

Host: tools.herontrack.com
URL: https://tools.herontrack.com/main.2fd1e03f1c5206c7.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2603:1026:3000:150::8 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

3ea6f6bcc4fed83b5f6599134387757cc14e6ebaec1db3950fefc4bdd51e6e22

Security Headers

Name	Value
Content-Security-Policy	script-src 'strict-dynamic' 'self' 'nonce-+CSSWQV0OU4xtS+rxyECFg==' 'report-sample'; report-uri /herontrackadb2ctst.onmicrosoft.com/B2C_1A_signup_signin/client/cspreport?p=B2C_1A_signup_signin
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Allow: OPTIONS TRACE GET HEAD POST
Cache-Control: no-store, must-revalidate, no-cache
Content-Encoding: gzip
Content-Length: 158368
Content-Security-Policy: script-src 'strict-dynamic' 'self' 'nonce-+CSSWQV0OU4xtS+rxyECFg==' 'report-sample'; report-uri /herontrackadb2ctst.onmicrosoft.com/B2C_1A_signup_signin/client/cspreport?p=B2C_1A_signup_signin
Content-Type: text/html; charset=utf-8
Date: Fri, 30 Aug 2024 13:37:07 GMT
Expires: -1
Public: OPTIONS,TRACE,GET,HEAD,POST
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding
X-Build: 1.1.239.0
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-Request-ID: 257ff409-ec4d-41cd-b85f-c4c80aa3f665
X-UA-Compatible: IE=edge
X-XSS-Protection: 1; mode=block
x-ms-gateway-requestid: e553886d-0fe6-478f-a2b3-094321bc66ee

POST
H2 200 track
dc.services.visualstudio.com/v2/ 96 B
154 B 47ms
45ms Fetch
application/json 20.50.88.242
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Requested by

Host: tools.herontrack.com
URL: https://tools.herontrack.com/polyfills.2f41bf282c53164c.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.50.88.242 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer
sdk-context: appId
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
strict-transport-security: max-age=31536000
date: Fri, 30 Aug 2024 13:37:07 GMT
x-content-type-options: nosniff
server: Microsoft-HTTPAPI/2.0
content-type: application/json; charset=utf-8

GET
H/1.1 200
OK unified.cshtml Show response
herontrackadb2ctst.b2clogin.com/static/tenant/default/ 56 KB
47 KB 61ms
61ms XHR
text/html 2603:1026:3000:150::8
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://herontrackadb2ctst.b2clogin.com/static/tenant/default/unified.cshtml?slice=001-000&dc=AM3

Requested by

Host: herontrackadb2ctst.b2clogin.com
URL: https://herontrackadb2ctst.b2clogin.com/herontrackadb2ctst.onmicrosoft.com/b2c_1a_signup_signin/oauth2/v2.0/authorize?client_id=8170ad47-f405-4439-9066-a10cedda14c9&scope=https%3A%2F%2Fherontrackadb2ctst.onmicrosoft.com%2Fwebapi%2Fwebapi.readwrite%20openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Ftools.herontrack.com%2Fauth&client-request-id=98839ac7-00ce-42ce-9252-1246c03c9194&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.37.0&client_info=1&code_challenge=7Lmg1AxT_tf_BCjjd3lL42uoWrCAKtXBIwKtvKy6qCY&code_challenge_method=S256&nonce=36e6396d-0b7e-409f-a836-138a705f02bd&state=eyJpZCI6IjEzMzViN2ExLWI3NzItNGQ4OS04ZTQ3LWQ5NmZiMGUyMTBlMyIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2603:1026:3000:150::8 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

c043ff1b64f2e0448a208f1b248f84113ed596ec8cff8e2bd88242ad0c7e9c21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://herontrackadb2ctst.b2clogin.com/herontrackadb2ctst.onmicrosoft.com/b2c_1a_signup_signin/oauth2/v2.0/authorize?client_id=8170ad47-f405-4439-9066-a10cedda14c9&scope=https%3A%2F%2Fherontrackadb2ctst.onmicrosoft.com%2Fwebapi%2Fwebapi.readwrite%20openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Ftools.herontrack.com%2Fauth&client-request-id=98839ac7-00ce-42ce-9252-1246c03c9194&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.37.0&client_info=1&code_challenge=7Lmg1AxT_tf_BCjjd3lL42uoWrCAKtXBIwKtvKy6qCY&code_challenge_method=S256&nonce=36e6396d-0b7e-409f-a836-138a705f02bd&state=eyJpZCI6IjEzMzViN2ExLWI3NzItNGQ4OS04ZTQ3LWQ5NmZiMGUyMTBlMyIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Fri, 30 Aug 2024 13:37:07 GMT
Last-Modified: Fri, 30 Aug 2024 13:37:08 GMT
Content-Length: 47874
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, OPTIONS
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=86400
Access-Control-Max-Age: 3600
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
Expires: Sat, 31 Aug 2024 13:37:08 GMT

GET default_signin_illustration_optimized.png
herontrackadb2ctst.b2clogin.com/static/tenant/default/img/ 0
0

GET
H2 200 illustration
aadcdn.msftauthimages.net/c1c6b6c8-plehlhgdhlva24s83zhjnb5whlvzyifitbtko-zzaxu/logintenantbranding/0/ 177 KB
178 KB 252ms
78ms Image
image/* 2620:1ec:bdf::42
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aadcdn.msftauthimages.net/c1c6b6c8-plehlhgdhlva24s83zhjnb5whlvzyifitbtko-zzaxu/logintenantbranding/0/illustration?ts=638139495441600143

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::42 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

730a24214208ca53e0b0fe8190ebf9fbba2bdd8d4b52250bb29a082ae1df8281

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://herontrackadb2ctst.b2clogin.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 30 Aug 2024 13:37:08 GMT
x-content-type-options: nosniff
x-cache: TCP_HIT
x-cache-info: L1_T2
x-fd-int-roxy-purgeid: 0
content-length: 181084
x-ms-lease-status: unlocked
last-modified: Thu, 09 Mar 2023 09:05:44 GMT
etag: 0x8DB207D7718463A
x-azure-ref: 20240830T133708Z-r1bf48c954724zlqxma0hhufh40000000810000000004n3d
content-type: image/*
access-control-allow-origin: *
x-ms-request-id: 7e998106-901e-0035-6972-f737b8000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 bannerlogo
aadcdn.msftauthimages.net/c1c6b6c8-plehlhgdhlva24s83zhjnb5whlvzyifitbtko-zzaxu/logintenantbranding/0/ 2 KB
3 KB 322ms
148ms Image
image/* 2620:1ec:bdf::42
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aadcdn.msftauthimages.net/c1c6b6c8-plehlhgdhlva24s83zhjnb5whlvzyifitbtko-zzaxu/logintenantbranding/0/bannerlogo?ts=638139495447130889

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::42 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

4dfd3c4820e3704a700337eeffc46d855978cf9f074190407a5b5955e469c365

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://herontrackadb2ctst.b2clogin.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 30 Aug 2024 13:37:08 GMT
x-content-type-options: nosniff
x-cache: TCP_REVALIDATED_HIT
x-fd-int-roxy-purgeid: 0
content-length: 2452
x-ms-lease-status: unlocked
last-modified: Thu, 09 Mar 2023 09:05:44 GMT
etag: 0x8DB207D77519D7E
x-azure-ref: 20240830T133708Z-r1bf48c954724zlqxma0hhufh40000000810000000004n3c
content-type: image/*
access-control-allow-origin: *
x-ms-request-id: 78bcfc56-801e-0029-137c-f765d8000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ab1e12ab060b69196fc0403e37c99fdfcec7cf0261d28b642d7c7a09005b6010

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ 785 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f329f423eccc75e269fc9a6e6690dc0d793987e70ba9f36943682e43d174f215

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

POST
H/1.1 200
OK perftrace Show response
herontrackadb2ctst.b2clogin.com/herontrackadb2ctst.onmicrosoft.com/B2C_1A_signup_signin/client/ 0
447 B 269ms
131ms XHR
text/plain 2603:1026:3000:150::8
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://herontrackadb2ctst.b2clogin.com/herontrackadb2ctst.onmicrosoft.com/B2C_1A_signup_signin/client/perftrace?tx=StateProperties=eyJUSUQiOiIyNTdmZjQwOS1lYzRkLTQxY2QtYjg1Zi1jNGM4MGFhM2Y2NjUifQ&p=B2C_1A_signup_signin

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2603:1026:3000:150::8 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://herontrackadb2ctst.b2clogin.com/herontrackadb2ctst.onmicrosoft.com/b2c_1a_signup_signin/oauth2/v2.0/authorize?client_id=8170ad47-f405-4439-9066-a10cedda14c9&scope=https%3A%2F%2Fherontrackadb2ctst.onmicrosoft.com%2Fwebapi%2Fwebapi.readwrite%20openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Ftools.herontrack.com%2Fauth&client-request-id=98839ac7-00ce-42ce-9252-1246c03c9194&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.37.0&client_info=1&code_challenge=7Lmg1AxT_tf_BCjjd3lL42uoWrCAKtXBIwKtvKy6qCY&code_challenge_method=S256&nonce=36e6396d-0b7e-409f-a836-138a705f02bd&state=eyJpZCI6IjEzMzViN2ExLWI3NzItNGQ4OS04ZTQ3LWQ5NmZiMGUyMTBlMyIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D
X-Requested-With: XMLHttpRequest
X-CSRF-TOKEN: Ky9NYVYxL2MyRGhPblp4ZkErNHdvV1dBc2I3ZE5jcGVjaWhNTWZ5MGVKNzVKZjBDK1ZSdTZVOWNlWmd1ZTh6K0I0M0hWQkZZU0c4WVhyNmoxcGhPZHc9PTsyMDI0LTA4LTMwVDEzOjM3OjA4LjM0NDE2WjtqcjNjQk5sQjI3SXVTTDdSNkZkQ25BPT07eyJPcmNoZXN0cmF0aW9uU3RlcCI6MX0=
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Date: Fri, 30 Aug 2024 13:37:08 GMT
X-Content-Type-Options: nosniff
Allow: OPTIONS, TRACE, GET, HEAD, POST
X-Frame-Options: DENY
Public: OPTIONS,TRACE,GET,HEAD,POST
Cache-Control: no-store, must-revalidate, no-cache
x-ms-gateway-requestid: 58628557-d506-4899-babf-47258789563e
Content-Length: 0
X-XSS-Protection: 1; mode=block

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: tourex.herontrack.com
URL: https://tourex.herontrack.com/assets/i18n/en.json

Domain: o4505154986377216.ingest.sentry.io
URL: https://o4505154986377216.ingest.sentry.io/api/4505154989916160/envelope/?sentry_key=7e0e640d0d0f47a4ae698c478101fbc6&sentry_version=7&sentry_client=sentry.javascript.angular-ivy%2F7.51.2

Domain: tourex.herontrack.com
URL: blob:https://tourex.herontrack.com/c22f851a-ece6-4bff-9112-04666a8688a5

Domain: region1.google-analytics.com
URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-7WXXNTFFJE&gtm=45je48s0v9119648254za200zb9119625179&_p=1725025022130&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=2061909079.1725025023&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1725025022&sct=1&seg=0&dl=https%3A%2F%2Ftourex.herontrack.com%2F&dt=HeronTrack&en=scroll&epn.percent_scrolled=90&_et=7&tfd=2765

Domain: region1.google-analytics.com
URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-7WXXNTFFJE&gtm=45je48s0v9119648254za200zb9119625179&_p=1725025022130&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=2061909079.1725025023&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=3&sid=1725025022&sct=1&seg=0&dl=https%3A%2F%2Ftourex.herontrack.com%2F&dt=HeronTrack&en=user_engagement&_et=1740&tfd=2768

Domain: o4505154986377216.ingest.sentry.io
URL: https://o4505154986377216.ingest.sentry.io/api/4505154989916160/envelope/?sentry_key=7e0e640d0d0f47a4ae698c478101fbc6&sentry_version=7&sentry_client=sentry.javascript.angular-ivy%2F7.51.2

Domain: tools.herontrack.com
URL: blob:https://tools.herontrack.com/524fd34c-3730-488e-99df-872229054053

Domain: herontrackadb2ctst.b2clogin.com
URL: https://herontrackadb2ctst.b2clogin.com/static/tenant/default/img/default_signin_illustration_optimized.png

Verdicts & Comments Add Verdict or Comment

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.herontrack.com/	1970-01-21 08:46:25	Name: _ga Value: GA1.1.2061909079.1725025023
tourex.herontrack.com/	1970-01-21 07:56:01	Name: ai_user Value: W9XG5IAgtfcndmtnDZzPhr\|2024-08-30T13:37:04.336Z
tools.herontrack.com/	1970-01-21 07:56:01	Name: ai_user Value: 5gSNnNYThw9U16iGDbkavK\|2024-08-30T13:37:07.621Z
tools.herontrack.com/	1970-01-20 23:10:26	Name: ai_session Value: 1nVbVvcTxv1xUAB+jEjzRi\|1725025027650\|1725025027650
tools.herontrack.com/	1969-12-31 23:59:59	Name: msal.interaction.status Value: 8170ad47-f405-4439-9066-a10cedda14c9
tools.herontrack.com/	1969-12-31 23:59:59	Name: msal.8170ad47-f405-4439-9066-a10cedda14c9.request.state.1335b7a1-b772-4d89-8e47-d96fb0e210e3 Value: eyJpZCI6IjEzMzViN2ExLWI3NzItNGQ4OS04ZTQ3LWQ5NmZiMGUyMTBlMyIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D
tools.herontrack.com/	1969-12-31 23:59:59	Name: msal.8170ad47-f405-4439-9066-a10cedda14c9.nonce.id_token.1335b7a1-b772-4d89-8e47-d96fb0e210e3 Value: 36e6396d-0b7e-409f-a836-138a705f02bd
tools.herontrack.com/	1969-12-31 23:59:59	Name: msal.8170ad47-f405-4439-9066-a10cedda14c9.authority.1335b7a1-b772-4d89-8e47-d96fb0e210e3 Value: https%3A%2F%2Fherontrackadb2ctst.b2clogin.com%2Fherontrackadb2ctst.onmicrosoft.com%2FB2C_1A_SIGNUP_SIGNIN
tools.herontrack.com/	1969-12-31 23:59:59	Name: msal.8170ad47-f405-4439-9066-a10cedda14c9.request.origin Value: https%3A%2F%2Ftools.herontrack.com%2Fmonitoring%3Fpartner%3Dtourex
tools.herontrack.com/	1969-12-31 23:59:59	Name: msal.8170ad47-f405-4439-9066-a10cedda14c9.request.correlationId Value: 98839ac7-00ce-42ce-9252-1246c03c9194
tools.herontrack.com/	1969-12-31 23:59:59	Name: msal.8170ad47-f405-4439-9066-a10cedda14c9.request.params Value: eyJjb3JyZWxhdGlvbklkIjoiOTg4MzlhYzctMDBjZS00MmNlLTkyNTItMTI0NmMwM2M5MTk0IiwicmVkaXJlY3RTdGFydFBhZ2UiOiJodHRwczovL3Rvb2xzLmhlcm9udHJhY2suY29tL21vbml0b3Jpbmc%2FcGFydG5lcj10b3VyZXgiLCJzY29wZXMiOlsiaHR0cHM6Ly9oZXJvbnRyYWNrYWRiMmN0c3Qub25taWNyb3NvZnQuY29tL3dlYmFwaS93ZWJhcGkucmVhZHdyaXRlIl0sImF1dGhvcml0eSI6Imh0dHBzOi8vaGVyb250cmFja2FkYjJjdHN0LmIyY2xvZ2luLmNvbS9oZXJvbnRyYWNrYWRiMmN0c3Qub25taWNyb3NvZnQuY29tL0IyQ18xQV9TSUdOVVBfU0lHTklOIiwiYXV0aGVudGljYXRpb25TY2hlbWUiOiJCZWFyZXIiLCJyZWRpcmVjdFVyaSI6Imh0dHBzOi8vdG9vbHMuaGVyb250cmFjay5jb20vYXV0aCIsInN0YXRlIjoiZXlKcFpDSTZJakV6TXpWaU4yRXhMV0kzTnpJdE5HUTRPUzA0WlRRM0xXUTVObVppTUdVeU1UQmxNeUlzSW0xbGRHRWlPbnNpYVc1MFpYSmhZM1JwYjI1VWVYQmxJam9pY21Wa2FYSmxZM1FpZlgwPSIsIm5vbmNlIjoiMzZlNjM5NmQtMGI3ZS00MDlmLWE4MzYtMTM4YTcwNWYwMmJkIiwicmVzcG9uc2VNb2RlIjoiZnJhZ21lbnQiLCJjb2RlIjoiIiwiY29kZVZlcmlmaWVyIjoiTWgtelktdWVPQ1lXZGpxbllMbGNIcjZPdHpadmZtaXNhc2FFY1Bla1g5TSJ9
.herontrackadb2ctst.b2clogin.com/	1969-12-31 23:59:59	Name: x-ms-cpim-csrf Value: Ky9NYVYxL2MyRGhPblp4ZkErNHdvV1dBc2I3ZE5jcGVjaWhNTWZ5MGVKNzVKZjBDK1ZSdTZVOWNlWmd1ZTh6K0I0M0hWQkZZU0c4WVhyNmoxcGhPZHc9PTsyMDI0LTA4LTMwVDEzOjM3OjA4LjM0NDE2WjtqcjNjQk5sQjI3SXVTTDdSNkZkQ25BPT07eyJPcmNoZXN0cmF0aW9uU3RlcCI6MX0=
.herontrackadb2ctst.b2clogin.com/	1969-12-31 23:59:59	Name: x-ms-cpim-cache\|cfr_ju3szug4x8ticqp2zq_0 Value: m1.U/JWoDNEeU6N2s9M.tZoIQYGauHUHxX7yJfVHbA==.0.3a08Ggm68M+WC8xDX3hBf8oquY1T8ZZCfKWLoAPWy4joiyWkC7MZi3aKdtdcG0yiaEYUM/K4VFfhvK0cj0QdZPN33UeT863C8eju2xrIFPIoD94+Upn4HNXQMhx4+ZGRzhw//ccTqKV/H1ZmPkxeaW15b8C7UrSPqsuODgnQodQK0yYeTLkGYSBYzIkYgw4S7rx++BMXKa/TUL/gb8g/lqjq9cBLV5t4dX02VZpC/2giJ8x81bDFzdyQOYeNh0nT15pPmIxFwkOOfXWr8RvDosHWBfPmWDKZgFCy5s7+mgk9EtZ+dqdDTESDFQ14kNr+fBnz89bSawIqTTVkS3j6Qy9pt9siLBFoODPXZK0Dm49l5AteYuz7I486+flbIcmbJKeus3dOZ0hrBpMoQlxgwSFi2RXct/U+nDw0YL8voovDKT649HOwcBKJfyAGmt83KiIiGlUeXslq0SA5zciZeHiqqFKH4+swqq3C2HIFWMLEOvzXmyhOfo3ZKTt+ZQTCeTgeTnZAoTJL1d+ziGXUo5XFke4QI0uMDftFijI3dfOtOtB4yJ9937KCQ6OKRlLW6hfWrxz/RaRyPoaHl17s9knwAN3rGbYAPIXo61TPW0c5GFf2BOXTLc6wBQ4ZaSkF0txgrAAdzd6rmu1fbayu8IQ75RwpSX0jqWOWEx9p4FpQuoVUseA/XA3xj8SbQOWszJzTiHwMK2cbvjpWsZ+BbAnsytHZfFNelPV+l+cXMI9zZdA7bHZXr8b/dO28TO+MZzqWcGfwO/l+UoKAQ+W6vaJc80/1YZFDlra+wIrAd7ky8GQMI5NZl87wu+SZtkHL5rAxj0USP7Iw/8fIU83TgDrIAROBeteo59Oh/Ol83IhWDkkobbwjlc/h7XyASQDFIucufyW0G8tKU/9vI+/8nNH3XHLp7ksXlRs5N9HxmL7MbtPD7Ua2wXKwHqK+T2zOdD6kAaC0ykPfmw+VJceByhfNWy+kHeDln4SPRpLX7oNMgaP6fQbRo1TQX1pq7JVNxgtP6TjgyFhfKoAgZ9WwxWdu7bBZOUwlScfeB+sa4g8sY9vhnOg11vsLyaIa
.herontrackadb2ctst.b2clogin.com/	1969-12-31 23:59:59	Name: x-ms-cpim-trans Value: eyJUX0RJQyI6W3siSSI6IjI1N2ZmNDA5LWVjNGQtNDFjZC1iODVmLWM0YzgwYWEzZjY2NSIsIlQiOiJoZXJvbnRyYWNrYWRiMmN0c3Qub25taWNyb3NvZnQuY29tIiwiUCI6ImIyY18xYV9zaWdudXBfc2lnbmluIiwiQyI6IjgxNzBhZDQ3LWY0MDUtNDQzOS05MDY2LWExMGNlZGRhMTRjOSIsIlMiOjEsIk0iOnt9LCJEIjowLCJFIjoiIn1dLCJDX0lEIjoiMjU3ZmY0MDktZWM0ZC00MWNkLWI4NWYtYzRjODBhYTNmNjY1In0=
.herontrack.com/	1970-01-21 08:46:25	Name: _ga_7WXXNTFFJE Value: GS1.1.1725025022.1.1.1725025028.0.0.0

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: https://herontrackadb2ctst.b2clogin.com/herontrackadb2ctst.onmicrosoft.com/b2c_1a_signup_signin/oauth2/v2.0/authorize?client_id=8170ad47-f405-4439-9066-a10cedda14c9&scope=https%3A%2F%2Fherontrackadb2ctst.onmicrosoft.com%2Fwebapi%2Fwebapi.readwrite%20openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Ftools.herontrack.com%2Fauth&client-request-id=98839ac7-00ce-42ce-9252-1246c03c9194&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.37.0&client_info=1&code_challenge=7Lmg1AxT_tf_BCjjd3lL42uoWrCAKtXBIwKtvKy6qCY&code_challenge_method=S256&nonce=36e6396d-0b7e-409f-a836-138a705f02bd&state=eyJpZCI6IjEzMzViN2ExLWI3NzItNGQ4OS04ZTQ3LWQ5NmZiMGUyMTBlMyIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D Message: [DOM] Input elements should have autocomplete attributes (suggested: "username"): (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aadcdn.msftauthimages.net
cdn.jsdelivr.net
cdnjs.cloudflare.com
dc.services.visualstudio.com
herontrackadb2ctst.b2clogin.com
ka-p.fontawesome.com
kit.fontawesome.com
o4505154986377216.ingest.sentry.io
region1.google-analytics.com
tools.herontrack.com
tourex.herontrack.com
www.googletagmanager.com
herontrackadb2ctst.b2clogin.com
o4505154986377216.ingest.sentry.io
region1.google-analytics.com
tools.herontrack.com
tourex.herontrack.com
104.17.24.14
20.50.88.242
2001:4860:4802:34::36
216.239.32.36
2603:1026:3000:148::e
2603:1026:3000:150::8
2606:4700:4400::ac40:93bc
2606:4700::6812:bb1f
2620:1ec:bdf::42
2620:1ec:bdf::67
2a00:1450:4001:811::2008
34.120.195.249
0164c8fc0d4f5740cdf2d76c51e2c6633f88ba36c3e9a902720d35641d66839c
189e3297d28b0129d841aba8dab828ba001d804853ac4beb744ecf7292a8e91b
1c87712c42e1a5eecb36d5b06761dc57c8d9b2d4d82d48366dcf81f06c08df18
2126e622bac9c638fe7383c7da99c4c13f405c707c77d607dd4219c4d050c73e
22036433211b4720091524b38b07e0b6241c838da03081d564cd8053060bb03e
288caec86cfd7f5b43c36933b78fee708387051fc045a1f3580b86fe48ab1bf2
3ea6f6bcc4fed83b5f6599134387757cc14e6ebaec1db3950fefc4bdd51e6e22
42ffeae687ee562cc3d669407321ce1754cc922ed793e3371efac196b33cbf47
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4c65e73bfbb0312929232d4b0b255f3a954418db0ee428912979f5cba0b48c5f
4dfd3c4820e3704a700337eeffc46d855978cf9f074190407a5b5955e469c365
54546f54a25b8367215d10d77edf193aced58c7e6fe0887863e35ea25ad646c5
5dba1570e2c1f739e153f9c8d38e73de101eb05a1c3b158b3a267e55c4b545a8
63099cb69322c7ed219ef38176a6398f22a9ae8f3af86dde8cbfc671a5f6afb9
730a24214208ca53e0b0fe8190ebf9fbba2bdd8d4b52250bb29a082ae1df8281
828c6f9df8809c2f095f0c825853efb771c43b8073fcff010b07e13725a2e3dc
8adf48bedb936cc90460b9c6bf7cea59bce99fa873c53b07d73dd45b3ab234d0
ab1e12ab060b69196fc0403e37c99fdfcec7cf0261d28b642d7c7a09005b6010
ae7c0230749b8a1ac31acdabea1094f958afa5775035ae537cda4a07bf973582
af35cc6aba34e5005de77099dfa72d4c1a7715d28ddcec343f48031dc8cb08bc
afe2e4466a37b49bdb03c98eacb20c08cf45b83fcdee1437acc73e460df7d22c
b455281c0b653c3432ef1a91ea0da75e5772e4aafe1ac78ccad9e44a768c49fb
b6e59b2f2554d31bfb2e4d7a0337c46a97b0c98bea9a8ec9124c2721379f50f5
c043ff1b64f2e0448a208f1b248f84113ed596ec8cff8e2bd88242ad0c7e9c21
ce3692a579adb4feeea1559a0bb1b3f7e012b851df309d45462f228e1991d6fd
d87cde31192c240ac5032cdeb6183f79732ddf7b0e8dfd486c4f9123e9784616
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f0fdba09e5424857290d8e5aa6beb9953d22465dd8cd82e760e549a3f0663320
f329f423eccc75e269fc9a6e6690dc0d793987e70ba9f36943682e43d174f215
fbd8cadf39d718f5c110d894fc09e688568146616e0e3e902027e957edbcdf4d

herontrackadb2ctst.b2clogin.com Open in urlscan Pro 2603:1026:3000:150::8 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

61 Requests

87 %HTTPS

67 %IPv6

10 Domains

12 Subdomains

13 IPs

4 Countries

11072 kBTransfer

14905 kBSize

15 Cookies

0 Outgoing links

Page URL History

Redirected requests

61 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

herontrackadb2ctst.b2clogin.com Open in urlscan Pro
2603:1026:3000:150::8 Public Scan

Screenshot
Live screenshot

Full Image

61
Requests

87 %
HTTPS

67 %
IPv6

10
Domains

12
Subdomains

13
IPs

4
Countries

11072 kB
Transfer

14905 kB
Size

15
Cookies

61 HTTP transactions
2 data transactions