tftravel.co Open in urlscan Pro
15.197.142.173 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://tftravel.co/
Submission: On May 17 via api (May 17th 2023, 10:50:06 pm UTC) from US — Scanned from US

Summary HTTP 149 Redirects Behaviour Indicators

Summary

This website contacted 28 IPs in 2 countries across 18 domains to perform 149 HTTP transactions. The main IP is 15.197.142.173, located in United States and belongs to AMAZON-02, US. The main domain is tftravel.co.

This is the only time tftravel.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	15.197.142.173 15.197.142.173	16509 (AMAZON-02) (AMAZON-02)
1 1	52.33.8.180 52.33.8.180	16509 (AMAZON-02) (AMAZON-02)
3 18	52.88.130.181 52.88.130.181	16509 (AMAZON-02) (AMAZON-02)
3	2600:9000:21a... 2600:9000:21a2:0:16:4349:fe00:93a1	16509 (AMAZON-02) (AMAZON-02)
15	2607:f8b0:402... 2607:f8b0:4020:807::200e	15169 (GOOGLE) (GOOGLE)
3	146.75.32.193 146.75.32.193	54113 (FASTLY) (FASTLY)
8	2606:4700::68... 2606:4700::6812:a92	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	52.218.168.105 52.218.168.105	16509 (AMAZON-02) (AMAZON-02)
1	2607:f8b0:402... 2607:f8b0:4020:805::200a	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:402... 2607:f8b0:4020:806::200a	15169 (GOOGLE) (GOOGLE)
5	2607:f8b0:400... 2607:f8b0:4006:80c::2003	15169 (GOOGLE) (GOOGLE)
6	2606:4700:10:... 2606:4700:10::6816:179d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2600:1400:b00... 2600:1400:b000::6872:481a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
12	2606:4700:10:... 2606:4700:10::ac43:1df5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
32	2606:4700:10:... 2606:4700:10::6816:169d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a04:4e42:200... 2a04:4e42:200::729	54113 (FASTLY) (FASTLY)
2	209.95.50.27 209.95.50.27	32780 (HOSTINGSE...) (HOSTINGSERVICES-INC)
2	2607:f8b0:402... 2607:f8b0:4020:806::2008	() ()
1 2	2607:f8b0:400... 2607:f8b0:4006:823::2002	() ()
1	2607:f8b0:402... 2607:f8b0:4020:804::2006	() ()
1	2607:f8b0:402... 2607:f8b0:4020:807::2004	() ()
1	2607:f8b0:402... 2607:f8b0:4020:805::2016	() ()
1	2607:f8b0:402... 2607:f8b0:4020:806::2001	() ()
6	2600:141b:900... 2600:141b:9000::1725:7b88	() ()
2	2607:f8b0:402... 2607:f8b0:4020:804::200a	() ()
1	2607:f8b0:402... 2607:f8b0:4020:807::2003	() ()
2	2600:141b:13:... 2600:141b:13::17d7:82a8	() ()
18	209.95.50.25 209.95.50.25	() ()
149	28

1 15.197.142.173 (United States)

ASN16509 (AMAZON-02, US)
PTR: a4ec4c6ea1c92e2e6.awsglobalaccelerator.com

tftravel.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.33.8.180 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-33-8-180.us-west-2.compute.amazonaws.com

j2fx.vacation.escapevacations.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 52.88.130.181 (Boardman, United States) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-88-130-181.us-west-2.compute.amazonaws.com

j2fx.vacation.escapevacations.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:21a2:0:16:4349:fe00:93a1 (United States)

ASN16509 (AMAZON-02, US)

skins.webtreepro.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2607:f8b0:4020:807::200e (Montreal, Canada)

ASN15169 (GOOGLE, US)

maps.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 146.75.32.193 (Ashburn, United States)

ASN54113 (FASTLY, US)

i.imgur.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700::6812:a92 (United States)

ASN13335 (CLOUDFLARENET, US)

agentprofiler.travelleaders.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.travelleaders.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.218.168.105 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2-r-w.amazonaws.com

wtp-prd.s3.us-west-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4020:805::200a (Montreal, Canada)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4020:806::200a (Montreal, Canada)

ASN15169 (GOOGLE, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4006:80c::2003 (Flushing, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:10::6816:179d (United States)

ASN13335 (CLOUDFLARENET, US)

viewer.joomag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1400:b000::6872:481a (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)

consent.cookiebot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700:10::ac43:1df5 (United States)

ASN13335 (CLOUDFLARENET, US)

static.joomag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s8cdn.joomag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 2606:4700:10::6816:169d (United States)

ASN13335 (CLOUDFLARENET, US)

app.joomag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:200::729 (United States)

ASN54113 (FASTLY, US)

browser.sentry-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 209.95.50.27 (New York, United States)

ASN32780 (HOSTINGSERVICES-INC, US)
PTR: www.joomag.com

www.joomag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4020:806::2008 (None, )

ASN- ()

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:823::2002 (None, ) 1 redirects

ASN- ()

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4020:804::2006 (None, )

ASN- ()

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4020:807::2004 (None, )

ASN- ()

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4020:805::2016 (None, )

ASN- ()

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4020:806::2001 (None, )

ASN- ()

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:141b:9000::1725:7b88 (None, )

ASN- ()

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4020:804::200a (None, )

ASN- ()

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4020:807::2003 (None, )

ASN- ()

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:141b:13::17d7:82a8 (None, )

ASN- ()

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 209.95.50.25 (None, )

ASN- ()

an3.joomag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
70	joomag.com viewer.joomag.com — Cisco Umbrella Rank: 292223 static.joomag.com — Cisco Umbrella Rank: 470035 app.joomag.com — Cisco Umbrella Rank: 324843 www.joomag.com — Cisco Umbrella Rank: 392738 s8cdn.joomag.com an3.joomag.com	5 MB
19	escapevacations.com 4 redirects j2fx.vacation.escapevacations.com	396 KB
9	youtube.com www.youtube.com — Cisco Umbrella Rank: 80	952 KB
8	typekit.net use.typekit.net p.typekit.net	311 KB
8	travelleaders.com agentprofiler.travelleaders.com — Cisco Umbrella Rank: 698952 www.travelleaders.com — Cisco Umbrella Rank: 883806	81 KB
7	google.com maps.google.com — Cisco Umbrella Rank: 1746 www.google.com	236 KB
6	gstatic.com fonts.gstatic.com www.gstatic.com	102 KB
6	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35 maps.googleapis.com — Cisco Umbrella Rank: 353 jnn-pa.googleapis.com	32 KB
3	doubleclick.net 1 redirects googleads.g.doubleclick.net static.doubleclick.net	1 KB
3	amazonaws.com wtp-prd.s3.us-west-2.amazonaws.com	3 MB
3	imgur.com i.imgur.com — Cisco Umbrella Rank: 6148	372 B
3	webtreepro.com skins.webtreepro.com	422 KB
2	googletagmanager.com www.googletagmanager.com	94 KB
2	sentry-cdn.com browser.sentry-cdn.com — Cisco Umbrella Rank: 4086	110 KB
2	cookiebot.com consent.cookiebot.com — Cisco Umbrella Rank: 3981	66 KB
1	ggpht.com yt3.ggpht.com	3 KB
1	ytimg.com i.ytimg.com	93 KB
1	tftravel.co tftravel.co	816 B
149	18

	Domain	Requested by
32	app.joomag.com	viewer.joomag.com app.joomag.com
19	j2fx.vacation.escapevacations.com	4 redirects tftravel.co j2fx.vacation.escapevacations.com
18	an3.joomag.com	www.joomag.com
10	s8cdn.joomag.com	viewer.joomag.com
9	www.youtube.com	j2fx.vacation.escapevacations.com www.youtube.com
7	www.travelleaders.com	j2fx.vacation.escapevacations.com
6	use.typekit.net	app.joomag.com viewer.joomag.com
6	viewer.joomag.com	j2fx.vacation.escapevacations.com viewer.joomag.com
6	maps.google.com	j2fx.vacation.escapevacations.com maps.google.com
5	fonts.gstatic.com	fonts.googleapis.com www.youtube.com
4	jnn-pa.googleapis.com	www.youtube.com
3	wtp-prd.s3.us-west-2.amazonaws.com	j2fx.vacation.escapevacations.com
3	i.imgur.com	j2fx.vacation.escapevacations.com
3	skins.webtreepro.com	j2fx.vacation.escapevacations.com skins.webtreepro.com
2	p.typekit.net	viewer.joomag.com
2	googleads.g.doubleclick.net	1 redirects www.youtube.com
2	www.googletagmanager.com	viewer.joomag.com
2	www.joomag.com	viewer.joomag.com
2	browser.sentry-cdn.com	viewer.joomag.com
2	static.joomag.com	viewer.joomag.com
2	consent.cookiebot.com	viewer.joomag.com
1	www.gstatic.com	www.youtube.com
1	yt3.ggpht.com	www.youtube.com
1	i.ytimg.com	www.youtube.com
1	www.google.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	maps.googleapis.com	maps.google.com
1	fonts.googleapis.com	skins.webtreepro.com
1	agentprofiler.travelleaders.com	j2fx.vacation.escapevacations.com
1	tftravel.co
149	30

This site contains no links.

Subject Issuer	Validity	Valid
j2fx.vacation.escapevacations.com R3	`2023-04-25` - `2023-07-24`	3 months	crt.sh
skins.webtreepro.com Amazon RSA 2048 M01	`2023-03-24` - `2024-04-21`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.imgur.com Sectigo RSA Domain Validation Secure Server CA	`2023-03-13` - `2024-03-12`	a year	crt.sh
travelleaders.com Cloudflare Inc ECC CA-3	`2023-03-27` - `2023-06-25`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-01-04` - `2024-01-03`	a year	crt.sh
consent.cookiebot.com DigiCert TLS RSA SHA256 2020 CA1	`2023-04-06` - `2024-04-06`	a year	crt.sh
*.sentry-cdn.com GlobalSign Atlas R3 DV TLS CA 2022 Q3	`2022-09-28` - `2023-10-30`	a year	crt.sh
*.joomag.com Go Daddy Secure Certificate Authority - G2	`2023-01-31` - `2024-03-03`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
use.typekit.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-14` - `2023-10-15`	a year	crt.sh

This page contains 5 frames:

Primary Page: http://tftravel.co/
Frame ID: EAFA4A4D269C1E9F3F31835CAC90FE6B
Requests: 1 HTTP requests in this frame

Frame: https://j2fx.vacation.escapevacations.com/
Frame ID: 8AA45094C11CA23271ABFF949BBB40CC
Requests: 43 HTTP requests in this frame

Frame: https://www.youtube.com/embed/Ig4Iq3rUsMg?rel=0
Frame ID: 1EBB0F8B66FDD216DEF10B90068084CD
Requests: 20 HTTP requests in this frame

Frame: https://viewer.joomag.com/escape-fun-and-sun-2022/0396189001669226438?short&
Frame ID: 248B4562F64862B37C8A58186CC76E14
Requests: 39 HTTP requests in this frame

Frame: https://viewer.joomag.com/escape-insider-march-2023/0692904001676562170?short&
Frame ID: 718F593BA9BCE6126616055E3972ABCE
Requests: 40 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

** Transforming Travel LLC **

Detected technologies

Sentry (Issue Trackers) Expand

Overall confidence: 100%
Detected patterns

browser\.sentry\-cdn\.com/([0-9.]+)/bundle(?:\.tracing)?(?:\.min)?\.js

Google Maps (Maps) Expand

Overall confidence: 100%
Detected patterns

//maps\.google(?:apis)?\.com/maps/api/js

Cookiebot (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

consent\.cookiebot\.com

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

SWFObject (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

swfobject.*\.js

Page Statistics

149
Requests

97 %
HTTPS

75 %
IPv6

18
Domains

30
Subdomains

28
IPs

2
Countries

11045 kB
Transfer

20964 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://j2fx.vacation.escapevacations.com/ HTTP 301
https://j2fx.vacation.escapevacations.com/

Request Chain 19

https://j2fx.vacation.escapevacations.com/common/showimage.ashx/599785/le.png HTTP 302
https://wtp-prd.s3.us-west-2.amazonaws.com/sites/9040/files/93e778a28a1041c89f630a3dda4d5fd3.png?X-Amz-Expires=86400&response-cache-control=max-age%3D86400&response-content-disposition=inline%3B%20filename%3D%22le.png%22&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAZWPS3ZQLDHMNQ5J6/20230517/us-west-2/s3/aws4_request&X-Amz-Date=20230517T144258Z&X-Amz-SignedHeaders=host&X-Amz-Signature=9bca066e435bd84d9c3c129928ab4fff80e15a8f52a431b96eb0375eea590f1c

Request Chain 27

https://j2fx.vacation.escapevacations.com/common/showimage.ashx/567904/306x120.png HTTP 302
https://wtp-prd.s3.us-west-2.amazonaws.com/sites/9040/files/49bc823434fc4f48ad2c1dc52eae12e5.png?X-Amz-Expires=86400&response-cache-control=max-age%3D86400&response-content-disposition=inline%3B%20filename%3D%22Nexion-Independent%20Affiliate.png%22&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAZWPS3ZQLDHMNQ5J6/20230517/us-west-2/s3/aws4_request&X-Amz-Date=20230517T140307Z&X-Amz-SignedHeaders=host&X-Amz-Signature=6c749d77261347d39ab6358d175a43dcd8da8fac5d83542224ad4ae845f044a1

Request Chain 35

https://j2fx.vacation.escapevacations.com/Common/showimage.ashx/552793 HTTP 302
https://wtp-prd.s3.us-west-2.amazonaws.com/sites/9040/files/72dca8dd5a1542408b3a4faaa9c57c59.jpg?X-Amz-Expires=86400&response-cache-control=max-age%3D86400&response-content-disposition=inline%3B%20filename%3D%22Header-Caribbean2.jpg%22&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAZWPS3ZQLDHMNQ5J6/20230517/us-west-2/s3/aws4_request&X-Amz-Date=20230517T224726Z&X-Amz-SignedHeaders=host&X-Amz-Signature=4e9cfd6c1060546f418698cd9e99c21f75b0d43be83168dd718f7bd57d89afa3

Request Chain 73

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

149 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
tftravel.co/ 584 B
816 B 79ms
23ms Document
text/html 15.197.142.173
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://tftravel.co/
Protocol: HTTP/1.1
Server: 15.197.142.173 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a4ec4c6ea1c92e2e6.awsglobalaccelerator.com
Software: ip-10-123-123-55.ec2.internal /
Resource Hash: 3b5afc192e2228c0a155212d6ea8af359ec4501cfbd048da60a2da36bbef46a1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Connection: keep-alive
Content-Length: 584
Content-Type: text/html; charset=utf-8
Date: Wed, 17 May 2023 22:49:51 GMT
Server: ip-10-123-123-55.ec2.internal
X-Request-Id: 43f52096-c159-4949-a95e-6bb188e1a4f9

GET
H2

200

/ Show response
j2fx.vacation.escapevacations.com/ Frame 8AA4
Redirect Chain

http://j2fx.vacation.escapevacations.com/
https://j2fx.vacation.escapevacations.com/

38 KB
38 KB

1249ms
1050ms

Document
text/html

52.88.130.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://j2fx.vacation.escapevacations.com/
Requested by: Host: tftravel.co
URL: http://tftravel.co/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.88.130.181 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-88-130-181.us-west-2.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 896dab9e181bd9f1bf4eba720b92ae23647bec7770bab1b6733f0c4f0c37164e

Request headers

Referer: http://tftravel.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
access-control-allow-origin: *
cache-control: private
content-length: 38645
content-type: text/html; charset=utf-8
date: Wed, 17 May 2023 22:49:52 GMT
server: Microsoft-IIS/10.0
vary: User-Agent
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET

Redirect headers

Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Methods: GET,PUT,POST,DELETE,OPTIONS
Access-Control-Allow-Origin: *
Cache-Control: private
Content-Length: 159
Content-Type: text/html; charset=utf-8
Date: Wed, 17 May 2023 22:49:51 GMT
Location: https://J2FX.vacation.escapevacations.com/
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET

GET
H2 200 Kk2Ywj48J-EnLL-bQAsEAAA1 Show response
j2fx.vacation.escapevacations.com/dynamicScriptBundle/638192051331684007/CwQAAB-LCAAAAAAABACdU8tOwzAQ_JpyIxKFH0ClQFGROBSuyIk37Sa2d7HXbfr3OCQC08cBTlnPjDe7M_JkWj-FybRuPiL4fdGEi8lvZAeleAD2lJMVUYsQRmjl... Frame 8AA4 553 KB
146 KB 261ms
228ms Script
text/javascript 52.88.130.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://j2fx.vacation.escapevacations.com/dynamicScriptBundle/638192051331684007/CwQAAB-LCAAAAAAABACdU8tOwzAQ_JpyIxKFH0ClQFGROBSuyIk37Sa2d7HXbfr3OCQC08cBTlnPjDe7M_JkWj-FybRuPiL4fdGEi8lvZAeleAD2lJMVUYsQRmjlVdWiW2dlLg67msoGKsnBmrwNDpnhF9wihdaShhxUjeoewTD4MCNryR3PGfG7vIyY8zvhdyaOnIOOZN9zP8v1yAnF6MIXy2k1tQY9ym6Z359VEPAvCe3vrMCyUTLUy4clKJ1Gnus1/JIBjaTBsst2aXlcSSRCvuLDoDomSujNwFDT5uMhK34H8mNxkGVpQzoKLOdWf02dDW_ALJ-DkBBti73kswzmuThuN3CwGIZvkw_JjbKkakss7pEgK2TO8KYNaCfkTM5eGqvZ1cbb5gNxqvXDp9HZ9cF2gkxqNyez78mmjnDZQKh8KH52ghcvtTXFVTP_yozzne1ASPegXT5YEyfWghtAK8X97zrvKxIBbmHfJOQRXwXHXFJpXDqTXa0wmjo4Ph_G5HL_Z/Kk2Ywj48J-EnLL-bQAsEAAA1
Requested by: Host: j2fx.vacation.escapevacations.com
URL: https://j2fx.vacation.escapevacations.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.88.130.181 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-88-130-181.us-west-2.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: d4cc4241b70d13698b24914888bd646e5407236e30469154680718c0fe9f4a3c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://j2fx.vacation.escapevacations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 22:49:53 GMT
content-encoding: gzip
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-headers: Content-Type
content-length: 149239
expires: Thu, 16 May 2024 22:49:53 GMT

GET
H2 200 font-awesome.min.css
skins.webtreepro.com/skins/common/fontawesome4/css/ Frame 8AA4 28 KB
29 KB 164ms
29ms Stylesheet
text/css 2600:9000:21a2:0:16:4349:fe00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://skins.webtreepro.com/skins/common/fontawesome4/css/font-awesome.min.css
Requested by: Host: j2fx.vacation.escapevacations.com
URL: https://j2fx.vacation.escapevacations.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21a2:0:16:4349:fe00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ed0f05101d480726c58bcd4956a1e7b02f12b538d02058f1b0ebfdabe8a7ef42

Request headers

accept-language: en-US,en;q=0.9
Referer: https://j2fx.vacation.escapevacations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id: null
date: Wed, 17 May 2023 14:21:46 GMT
via: 1.1 9edd97b808f35ec81d31fc57c74508ce.cloudfront.net (CloudFront)
last-modified: Tue, 10 Jul 2018 20:47:42 GMT
server: AmazonS3
x-amz-cf-pop: YUL62-C1
age: 31506
etag: "fea395db9a5c8eaba924d98161324597"
x-cache: Hit from cloudfront
content-type: text/css
accept-ranges: bytes
content-length: 29067
x-amz-cf-id: ucSLCyG4GWrl5x2wQblzm49NTxuhAVsL77TSqYQ9YzhCg3MZY14l2w==

GET
H2 200 CAIAAB-LCAAAAAAABACVjEEKwjAQRU8Tl0UriFtbwZWreIE0ndpoZlIyiXh8p6DipmA2w2N476t6aANiICWgtdwmU--BhY4wmOyTUOfDtbLMK_WX3oh-iHZ0D-CCTMwuPAuCN5UX-u6ooDpF1xfoZ6BcoF8AJ28SLCStB0O_k7c5R3l8Fc4TxMHxuKygjOBnxBEnQ...
j2fx.vacation.escapevacations.com/dynamicStyleBundle/638192053542898655/ Frame 8AA4 21 KB
5 KB 258ms
226ms Stylesheet
text/css 52.88.130.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://j2fx.vacation.escapevacations.com/dynamicStyleBundle/638192053542898655/CAIAAB-LCAAAAAAABACVjEEKwjAQRU8Tl0UriFtbwZWreIE0ndpoZlIyiXh8p6DipmA2w2N476t6aANiICWgtdwmU--BhY4wmOyTUOfDtbLMK_WX3oh-iHZ0D-CCTMwuPAuCN5UX-u6ooDpF1xfoZ6BcoF8AJ28SLCStB0O_k7c5R3l8Fc4TxMHxuKygjOBnxBEnQxaq7a5eb_bz7wVzX4cJCAIAAA2
Requested by: Host: j2fx.vacation.escapevacations.com
URL: https://j2fx.vacation.escapevacations.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.88.130.181 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-88-130-181.us-west-2.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 571fd23b11b71198cc794d4dadf4bfd6b8cbe6ccfd75fd051cfca4a9b724c5f1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://j2fx.vacation.escapevacations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 22:49:53 GMT
content-encoding: gzip
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-headers: Content-Type
content-length: 4590
expires: Thu, 16 May 2024 22:49:53 GMT

GET
H2 200 jquery-ui-1.10.2.custom.css
j2fx.vacation.escapevacations.com/App_Themes/intranet/jquery-ui/ Frame 8AA4 34 KB
6 KB 122ms
90ms Stylesheet
text/css 52.88.130.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://j2fx.vacation.escapevacations.com/App_Themes/intranet/jquery-ui/jquery-ui-1.10.2.custom.css
Requested by: Host: j2fx.vacation.escapevacations.com
URL: https://j2fx.vacation.escapevacations.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.88.130.181 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-88-130-181.us-west-2.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 0130a8dceb8fc8165defe555fb6311120ce66f1ee2a51abe20990eb2bffc6f66

Request headers

accept-language: en-US,en;q=0.9
Referer: https://j2fx.vacation.escapevacations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 22:49:53 GMT
content-encoding: gzip
last-modified: Tue, 12 May 2020 20:08:03 GMT
server: Microsoft-IIS/10.0
etag: "8013c8a9928d61:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
access-control-allow-headers: Content-Type
content-length: 6056

GET
H2 200 Toolbar.css
j2fx.vacation.escapevacations.com/App_Themes/Intranet/ Frame 8AA4 11 KB
2 KB 123ms
91ms Stylesheet
text/css 52.88.130.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://j2fx.vacation.escapevacations.com/App_Themes/Intranet/Toolbar.css
Requested by: Host: j2fx.vacation.escapevacations.com
URL: https://j2fx.vacation.escapevacations.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.88.130.181 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-88-130-181.us-west-2.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: df178a76e5527927a54a4ee4b0d9f28c40a1925cc7e5aa5db16a8ba9fdf0b3ce

Request headers

accept-language: en-US,en;q=0.9
Referer: https://j2fx.vacation.escapevacations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 22:49:53 GMT
content-encoding: gzip
last-modified: Wed, 23 Mar 2022 17:28:37 GMT
server: Microsoft-IIS/10.0
etag: "8050e66ddb3ed81:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
access-control-allow-headers: Content-Type
content-length: 2270

GET
H2 200 cookieconsent.min.css
j2fx.vacation.escapevacations.com/Js/cookieconsent/css/ Frame 8AA4 4 KB
4 KB 166ms
136ms Stylesheet
text/css 52.88.130.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://j2fx.vacation.escapevacations.com/Js/cookieconsent/css/cookieconsent.min.css
Requested by: Host: j2fx.vacation.escapevacations.com
URL: https://j2fx.vacation.escapevacations.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.88.130.181 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-88-130-181.us-west-2.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 2f828220b9dd6c92f5c9c096bfa3bb3fbc579380e2b0ec1e4733d850e116a7f1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://j2fx.vacation.escapevacations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 22:49:53 GMT
last-modified: Fri, 18 Jan 2019 19:09:27 GMT
server: Microsoft-IIS/10.0
etag: "bebf3a5561afd41:0"
x-powered-by: ASP.NET
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
access-control-allow-headers: Content-Type
content-length: 3957

GET
H2 200 default.css
skins.webtreepro.com/skins/tlgleadersedge/ Frame 8AA4 321 KB
322 KB 161ms
27ms Stylesheet
text/css 2600:9000:21a2:0:16:4349:fe00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://skins.webtreepro.com/skins/tlgleadersedge/default.css?t=638186904604970000
Requested by: Host: j2fx.vacation.escapevacations.com
URL: https://j2fx.vacation.escapevacations.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21a2:0:16:4349:fe00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0ca722bc1c654b88f46c7ffce0d76198c73b049d901481bcbf2a2326f07d0116

Request headers

accept-language: en-US,en;q=0.9
Referer: https://j2fx.vacation.escapevacations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 03 May 2023 13:04:44 GMT
x-amz-version-id: Go5oht00QndzUOlbZnlXlvOxktLWkx5K
via: 1.1 9edd97b808f35ec81d31fc57c74508ce.cloudfront.net (CloudFront)
last-modified: Wed, 03 May 2023 13:00:59 GMT
server: AmazonS3
x-amz-cf-pop: YUL62-C1
age: 1244709
etag: "43ea8cfc542b0c061859f7c236e3b9df"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 329213
x-amz-cf-id: tpMOeu2q0Y_02aI1eR49Wp9i-MQh-bvkmiHrkER9QEV6NZYhHdrueg==

GET
H2 200 swfobject.js Show response
j2fx.vacation.escapevacations.com/Js/ Frame 8AA4 7 KB
7 KB 352ms
322ms Script
application/javascript 52.88.130.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://j2fx.vacation.escapevacations.com/Js/swfobject.js
Requested by: Host: j2fx.vacation.escapevacations.com
URL: https://j2fx.vacation.escapevacations.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.88.130.181 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-88-130-181.us-west-2.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 228e7abc6f0b491c177be9ee528856caf19ea3135c014713cc67ad64f2ae50b6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://j2fx.vacation.escapevacations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 22:49:53 GMT
last-modified: Fri, 18 Jan 2019 19:09:27 GMT
server: Microsoft-IIS/10.0
etag: "bff4465561afd41:0"
x-powered-by: ASP.NET
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
access-control-allow-headers: Content-Type
content-length: 6887

GET
H2 200 js Show response
maps.google.com/maps/api/ Frame 8AA4 188 KB
62 KB 199ms
76ms Script
text/javascript 2607:f8b0:4020:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.google.com/maps/api/js?key=AIzaSyAxuVERn-bIKl8t1fV19IpqYCrAgzZCAv0

Requested by

Host: j2fx.vacation.escapevacations.com
URL: https://j2fx.vacation.escapevacations.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::200e Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

0918e596789e5b798e852663d3dcb263f7d46dafcb17abac081577a1259c23b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://j2fx.vacation.escapevacations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 22:49:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Accept-Language, Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63466
x-xss-protection: 0

GET
H2 200 map.js Show response
j2fx.vacation.escapevacations.com/Customers/TLG/CustomAddIn/V3/js/ Frame 8AA4 1 KB
1 KB 353ms
324ms Script
application/javascript 52.88.130.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://j2fx.vacation.escapevacations.com/Customers/TLG/CustomAddIn/V3/js/map.js
Requested by: Host: j2fx.vacation.escapevacations.com
URL: https://j2fx.vacation.escapevacations.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.88.130.181 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-88-130-181.us-west-2.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 38e16f15e0f3294a97b254a8332d9f7823dece3e40744a293b4334b9dd7845d2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://j2fx.vacation.escapevacations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 22:49:53 GMT
last-modified: Tue, 11 Jun 2019 21:03:11 GMT
server: Microsoft-IIS/10.0
etag: "893221149920d51:0"
x-powered-by: ASP.NET
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
access-control-allow-headers: Content-Type
content-length: 1353

GET
H2 200 MsAjaxJs Show response
j2fx.vacation.escapevacations.com/bundles/ Frame 8AA4 131 KB
132 KB 166ms
136ms Script
text/javascript 52.88.130.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://j2fx.vacation.escapevacations.com/bundles/MsAjaxJs?v=FKpG-smDBfGNUdgJeZvfEIGvJ6cYQEn3X0F5sU-GCEA1
Requested by: Host: j2fx.vacation.escapevacations.com
URL: https://j2fx.vacation.escapevacations.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.88.130.181 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-88-130-181.us-west-2.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 0b5ccf8ec360d4ce45730aac1718af91e431ee6379282eebc3f44476363a52c7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://j2fx.vacation.escapevacations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 22:49:53 GMT
last-modified: Wed, 17 May 2023 22:49:53 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
vary: User-Agent
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public
access-control-allow-headers: Content-Type
content-length: 134643
expires: Thu, 16 May 2024 22:49:53 GMT

GET
H2 200 WebFormsJs Show response
j2fx.vacation.escapevacations.com/bundles/ Frame 8AA4 45 KB
45 KB 388ms
360ms Script
text/javascript 52.88.130.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://j2fx.vacation.escapevacations.com/bundles/WebFormsJs?v=zi3b_79ovDvaSGwa114ouQNXKwAavyGdBw6Yku1697w1
Requested by: Host: j2fx.vacation.escapevacations.com
URL: https://j2fx.vacation.escapevacations.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.88.130.181 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-88-130-181.us-west-2.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: a78e9e80a951a4a1c522745ee893c891a91d429dc6b66c5901b79d5ee4715e5c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://j2fx.vacation.escapevacations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 22:49:53 GMT
last-modified: Wed, 17 May 2023 22:49:53 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
vary: User-Agent
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public
access-control-allow-headers: Content-Type
content-length: 46189
expires: Thu, 16 May 2024 22:49:53 GMT

GET
H2 200 DefaultLogo.ashx
j2fx.vacation.escapevacations.com/Customers/TLG/CustomAddIn/ Frame 8AA4 0
97 B 99ms
99ms Image
image/png 52.88.130.181
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://j2fx.vacation.escapevacations.com/Customers/TLG/CustomAddIn/DefaultLogo.ashx
Requested by: Host: j2fx.vacation.escapevacations.com
URL: https://j2fx.vacation.escapevacations.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.88.130.181 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-88-130-181.us-west-2.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://j2fx.vacation.escapevacations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 22:49:53 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: private
access-control-allow-headers: Content-Type
content-length: 0

GET
H2 429 43puBan.png
i.imgur.com/ Frame 8AA4 0
250 B 123ms
27ms Image
text/plain 146.75.32.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/43puBan.png

Requested by

Host: j2fx.vacation.escapevacations.com
URL: https://j2fx.vacation.escapevacations.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.32.193 Ashburn, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: en-US,en;q=0.9
Referer: https://j2fx.vacation.escapevacations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-cache-hits: 0
date: Wed, 17 May 2023 22:49:53 GMT
strict-transport-security: max-age=300
server: cat factory 1.0
x-timer: S1684363794.861187,VS0,VE0
x-cache: MISS
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
accept-ranges: bytes
content-length: 0
retry-after: 0
x-served-by: cache-iad-kjyo7100104-IAD

GET
H2 429 OGn61rg.png
i.imgur.com/ Frame 8AA4 0
62 B 123ms
28ms Image
text/plain 146.75.32.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/OGn61rg.png

Requested by

Host: j2fx.vacation.escapevacations.com
URL: https://j2fx.vacation.escapevacations.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.32.193 Ashburn, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: en-US,en;q=0.9
Referer: https://j2fx.vacation.escapevacations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-cache-hits: 0
date: Wed, 17 May 2023 22:49:53 GMT
strict-transport-security: max-age=300
server: cat factory 1.0
x-timer: S1684363794.861767,VS0,VE0
x-cache: MISS
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
accept-ranges: bytes
content-length: 0
retry-after: 0
x-served-by: cache-iad-kjyo7100104-IAD

GET
H2 429 bG1rN6i.png
i.imgur.com/ Frame 8AA4 0
60 B 124ms
29ms Image
text/plain 146.75.32.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/bG1rN6i.png

Requested by

Host: j2fx.vacation.escapevacations.com
URL: https://j2fx.vacation.escapevacations.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.32.193 Ashburn, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: en-US,en;q=0.9
Referer: https://j2fx.vacation.escapevacations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-cache-hits: 0
date: Wed, 17 May 2023 22:49:53 GMT
strict-transport-security: max-age=300
server: cat factory 1.0
x-timer: S1684363794.861752,VS0,VE0
x-cache: MISS
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
accept-ranges: bytes
content-length: 0
retry-after: 0
x-served-by: cache-iad-kjyo7100104-IAD

GET
H2 200 img_handler.ashx
agentprofiler.travelleaders.com/Common/Handlers/ Frame 8AA4 22 KB
23 KB 338ms
1ms Image
image/jpeg 2606:4700::6812:a92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://agentprofiler.travelleaders.com/Common/Handlers/img_handler.ashx?type=agt&id=268574

Requested by

Host: j2fx.vacation.escapevacations.com
URL: https://j2fx.vacation.escapevacations.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a92 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3733a6662cc8c565b969f26de3998142efcc30de64a3fb4fb5b06a7ed593ebfd

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
Public-Key-Pins	pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://j2fx.vacation.escapevacations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 22:49:54 GMT
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
cf-cache-status: DYNAMIC
server: cloudflare
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: private
cf-ray: 7c8f6a90db7817b1-EWR
content-length: 22711
x-xss-protection: 1; mode=block
public-key-pins: pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000

GET
H2 200 loadingAnimation.gif
j2fx.vacation.escapevacations.com/Images/ Frame 8AA4 6 KB
6 KB 109ms
107ms Image
image/gif 52.88.130.181
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://j2fx.vacation.escapevacations.com/Images/loadingAnimation.gif
Requested by: Host: j2fx.vacation.escapevacations.com
URL: https://j2fx.vacation.escapevacations.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.88.130.181 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-88-130-181.us-west-2.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e69abd7e0cc82f336e61fea889e406ecbbeb7ece1df960231b7a9ba0d1dd1676

Request headers

accept-language: en-US,en;q=0.9
Referer: https://j2fx.vacation.escapevacations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 22:49:53 GMT
last-modified: Fri, 18 Jan 2019 19:09:27 GMT
server: Microsoft-IIS/10.0
etag: "b9d1d45461afd41:0"
x-powered-by: ASP.NET
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
access-control-allow-headers: Content-Type
content-length: 5886

GET
H/1.1

200
OK

93e778a28a1041c89f630a3dda4d5fd3.png
wtp-prd.s3.us-west-2.amazonaws.com/sites/9040/files/ Frame 8AA4
Redirect Chain

https://j2fx.vacation.escapevacations.com/common/showimage.ashx/599785/le.png
https://wtp-prd.s3.us-west-2.amazonaws.com/sites/9040/files/93e778a28a1041c89f630a3dda4d5fd3.png?X-Amz-Expires=86400&response-cache-control=max-age%3D86400&response-content-disposition=inline%3B%20...

375 KB
376 KB

389ms
176ms

Image
image/png

52.218.168.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wtp-prd.s3.us-west-2.amazonaws.com/sites/9040/files/93e778a28a1041c89f630a3dda4d5fd3.png?X-Amz-Expires=86400&response-cache-control=max-age%3D86400&response-content-disposition=inline%3B%20filename%3D%22le.png%22&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAZWPS3ZQLDHMNQ5J6/20230517/us-west-2/s3/aws4_request&X-Amz-Date=20230517T144258Z&X-Amz-SignedHeaders=host&X-Amz-Signature=9bca066e435bd84d9c3c129928ab4fff80e15a8f52a431b96eb0375eea590f1c
Requested by: Host: j2fx.vacation.escapevacations.com
URL: https://j2fx.vacation.escapevacations.com/
Protocol: HTTP/1.1
Server: 52.218.168.105 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: ddc36e73252a9b70a6719668bd527e32d7c5d68799bec161fde176141bfd539f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://j2fx.vacation.escapevacations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Wed, 17 May 2023 22:49:55 GMT
x-amz-version-id: ctZKYBHRuoRyEXDWabtEXQ8xocUSTGaW
x-amz-request-id: 3DDK448F40B2HF3Q
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
Content-Disposition: inline; filename="le.png"
x-amz-meta-fileid: 599785
x-amz-meta-siteid: 9040
Content-Length: 384263
x-amz-id-2: utozk2PnExyJ0BI7TBZNTC+5tqUbTysy84NJyJM039ZcVJ6WlqP2AEeUFodmsIR1nAiPxxvpYSc=
Last-Modified: Tue, 14 Mar 2023 14:03:16 GMT
Server: AmazonS3
ETag: "c49f559eb334bbf3734ada096457f9fc"
Content-Type: image/png
Cache-Control: max-age=86400
Accept-Ranges: bytes

Redirect headers

date: Wed, 17 May 2023 22:49:53 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: text/html; charset=utf-8
location: https://wtp-prd.s3.us-west-2.amazonaws.com/sites/9040/files/93e778a28a1041c89f630a3dda4d5fd3.png?X-Amz-Expires=86400&response-cache-control=max-age%3D86400&response-content-disposition=inline%3B%20filename%3D%22le.png%22&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAZWPS3ZQLDHMNQ5J6/20230517/us-west-2/s3/aws4_request&X-Amz-Date=20230517T144258Z&X-Amz-SignedHeaders=host&X-Amz-Signature=9bca066e435bd84d9c3c129928ab4fff80e15a8f52a431b96eb0375eea590f1c
access-control-allow-origin: *
cache-control: private
access-control-allow-headers: Content-Type
content-length: 605

GET
H2 200 Globus.png
www.travelleaders.com/images/supplierLogos/Tour/ Frame 8AA4 6 KB
6 KB 367ms
22ms Image
image/png 2606:4700::6812:a92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.travelleaders.com/images/supplierLogos/Tour/Globus.png?ver=11.10

Requested by

Host: j2fx.vacation.escapevacations.com
URL: https://j2fx.vacation.escapevacations.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a92 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db108a435cc382203c1258d77693c7ab892ce10e22c5e156075d2128d2ee8403

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
Public-Key-Pins	pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://j2fx.vacation.escapevacations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 22:49:54 GMT
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1544
content-length: 5647
x-xss-protection: 1; mode=block
public-key-pins: pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 10 Nov 2021 15:53:12 GMT
server: cloudflare
etag: "1d7d64b1097f20f"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7c8f6a911bb943dc-EWR
expires: Thu, 18 May 2023 02:49:54 GMT

GET
H2 200 Funjet.png
www.travelleaders.com/images/supplierLogos/Tour/ Frame 8AA4 4 KB
4 KB 369ms
25ms Image
image/png 2606:4700::6812:a92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.travelleaders.com/images/supplierLogos/Tour/Funjet.png

Requested by

Host: j2fx.vacation.escapevacations.com
URL: https://j2fx.vacation.escapevacations.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a92 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

904f63842105f4bc8cf46cc7a080b96f54eb7aa9de1d9ddfcbabe7a6a9419ce6

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
Public-Key-Pins	pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://j2fx.vacation.escapevacations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 22:49:54 GMT
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1544
content-length: 4384
x-xss-protection: 1; mode=block
public-key-pins: pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 11 Feb 2019 12:58:42 GMT
server: cloudflare
etag: "1d4c20983a97c20"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7c8f6a911bba43dc-EWR
expires: Thu, 18 May 2023 02:49:54 GMT

GET
H2 200 NCL_logo_176x84_C.png
www.travelleaders.com/images/supplierLogos/Cruise/ Frame 8AA4 6 KB
6 KB 367ms
23ms Image
image/png 2606:4700::6812:a92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.travelleaders.com/images/supplierLogos/Cruise/NCL_logo_176x84_C.png

Requested by

Host: j2fx.vacation.escapevacations.com
URL: https://j2fx.vacation.escapevacations.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a92 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8250d7e9fc2cfadd8e9a3022bb66c06a16a2cede04b5ac9f4c83872f7f903cde

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
Public-Key-Pins	pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://j2fx.vacation.escapevacations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 22:49:54 GMT
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1544
content-length: 6058
x-xss-protection: 1; mode=block
public-key-pins: pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 14 Sep 2011 14:31:35 GMT
server: cloudflare
etag: "1cc72eb01346a2a"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7c8f6a911bbc43dc-EWR
expires: Thu, 18 May 2023 02:49:54 GMT

GET
H2 200 HAL_logo_176x84_C.png
www.travelleaders.com/images/supplierLogos/Cruise/ Frame 8AA4 20 KB
20 KB 360ms
16ms Image
image/png 2606:4700::6812:a92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.travelleaders.com/images/supplierLogos/Cruise/HAL_logo_176x84_C.png

Requested by

Host: j2fx.vacation.escapevacations.com
URL: https://j2fx.vacation.escapevacations.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a92 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ac7e983629cc7e54599642979b3e68791326a7ae5e3f49e659def46ffd7870f9

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
Public-Key-Pins	pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://j2fx.vacation.escapevacations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 22:49:54 GMT
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1544
content-length: 19978
x-xss-protection: 1; mode=block
public-key-pins: pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 09 Feb 2017 16:16:39 GMT
server: cloudflare
etag: "1d282efe486838a"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7c8f6a911bbd43dc-EWR
expires: Thu, 18 May 2023 02:49:54 GMT

GET
H2 200 Princess_logo_176x84_C.png
www.travelleaders.com/images/supplierLogos/Cruise/ Frame 8AA4 6 KB
6 KB 368ms
24ms Image
image/png 2606:4700::6812:a92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.travelleaders.com/images/supplierLogos/Cruise/Princess_logo_176x84_C.png?ver=5.05

Requested by

Host: j2fx.vacation.escapevacations.com
URL: https://j2fx.vacation.escapevacations.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a92 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0702a0cb8bcb18643cddddab91747225c50bb00e71f0529f61a2bd558a003cdb

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
Public-Key-Pins	pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://j2fx.vacation.escapevacations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 22:49:54 GMT
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3685
content-length: 5777
x-xss-protection: 1; mode=block
public-key-pins: pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 05 May 2023 17:40:40 GMT
server: cloudflare
etag: "1d97f78b5614a91"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7c8f6a911bbe43dc-EWR
expires: Thu, 18 May 2023 02:49:54 GMT

GET
H2 200 DL-JV-Partners-Logo.png
www.travelleaders.com/images/supplierLogos/Air/ Frame 8AA4 8 KB
8 KB 365ms
21ms Image
image/png 2606:4700::6812:a92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.travelleaders.com/images/supplierLogos/Air/DL-JV-Partners-Logo.png

Requested by

Host: j2fx.vacation.escapevacations.com
URL: https://j2fx.vacation.escapevacations.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a92 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7e4561f346177138f2e6b048577ea5df1e1253f489935bb21341f19593e725f2

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
Public-Key-Pins	pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://j2fx.vacation.escapevacations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 22:49:54 GMT
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1544
content-length: 7792
x-xss-protection: 1; mode=block
public-key-pins: pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 03 Jan 2022 14:27:34 GMT
server: cloudflare
etag: "1d800ae0c69d170"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7c8f6a911bbf43dc-EWR
expires: Thu, 18 May 2023 02:49:54 GMT

GET
H2 200 condor.png
www.travelleaders.com/images/supplierLogos/Air/ Frame 8AA4 9 KB
9 KB 43ms
40ms Image
image/png 2606:4700::6812:a92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.travelleaders.com/images/supplierLogos/Air/condor.png?ver=1

Requested by

Host: j2fx.vacation.escapevacations.com
URL: https://j2fx.vacation.escapevacations.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a92 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

a85d0ce7db7aa91abc2aa3d6d73e7b77c1cedb2d7340c5b2813c8f57e949bf84

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
Public-Key-Pins	pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://j2fx.vacation.escapevacations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 22:49:54 GMT
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
x-content-type-options: nosniff
cf-cache-status: HIT
x-powered-by: ASP.NET
content-length: 8865
x-xss-protection: 1; mode=block
public-key-pins: pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 26 Oct 2022 13:35:39 GMT
server: cloudflare
etag: "1d8e93fd600a521"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7c8f6a911bc143dc-EWR
expires: Thu, 18 May 2023 02:49:54 GMT

GET
H/1.1

200
OK

49bc823434fc4f48ad2c1dc52eae12e5.png
wtp-prd.s3.us-west-2.amazonaws.com/sites/9040/files/ Frame 8AA4
Redirect Chain

https://j2fx.vacation.escapevacations.com/common/showimage.ashx/567904/306x120.png
https://wtp-prd.s3.us-west-2.amazonaws.com/sites/9040/files/49bc823434fc4f48ad2c1dc52eae12e5.png?X-Amz-Expires=86400&response-cache-control=max-age%3D86400&response-content-disposition=inline%3B%20...

122 KB
123 KB

349ms
136ms

Image
image/png

52.218.168.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wtp-prd.s3.us-west-2.amazonaws.com/sites/9040/files/49bc823434fc4f48ad2c1dc52eae12e5.png?X-Amz-Expires=86400&response-cache-control=max-age%3D86400&response-content-disposition=inline%3B%20filename%3D%22Nexion-Independent%20Affiliate.png%22&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAZWPS3ZQLDHMNQ5J6/20230517/us-west-2/s3/aws4_request&X-Amz-Date=20230517T140307Z&X-Amz-SignedHeaders=host&X-Amz-Signature=6c749d77261347d39ab6358d175a43dcd8da8fac5d83542224ad4ae845f044a1
Requested by: Host: j2fx.vacation.escapevacations.com
URL: https://j2fx.vacation.escapevacations.com/
Protocol: HTTP/1.1
Server: 52.218.168.105 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: dfbf5b584d442b984225b38ac999fa488f6157b2bf6dd015afc7d3d3d1f98c29

Request headers

accept-language: en-US,en;q=0.9
Referer: https://j2fx.vacation.escapevacations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Wed, 17 May 2023 22:49:55 GMT
x-amz-version-id: czoBIptvqnaP1Gf0cOf8h4njTdaLjNXZ
Last-Modified: Tue, 05 May 2020 18:20:15 GMT
Server: AmazonS3
x-amz-request-id: 3DDM5XGKMAXHNMSQ
ETag: "24a55d4643937809db6888936cce1dee"
Content-Type: image/png
Cache-Control: max-age=86400
x-amz-replication-status: COMPLETED
Content-Disposition: inline; filename="Nexion-Independent Affiliate.png"
x-amz-meta-fileid: 567904
Accept-Ranges: bytes
x-amz-meta-siteid: 9040
Content-Length: 124884
x-amz-id-2: M1XW9OpOBZJjxGqpDT+bT9Gw1aOGg8fgg3hBidyfcUkIXsVWi+gnHvcthrobfvpV4h69c3PWt1Q=

Redirect headers

date: Wed, 17 May 2023 22:49:53 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: text/html; charset=utf-8
location: https://wtp-prd.s3.us-west-2.amazonaws.com/sites/9040/files/49bc823434fc4f48ad2c1dc52eae12e5.png?X-Amz-Expires=86400&response-cache-control=max-age%3D86400&response-content-disposition=inline%3B%20filename%3D%22Nexion-Independent%20Affiliate.png%22&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAZWPS3ZQLDHMNQ5J6/20230517/us-west-2/s3/aws4_request&X-Amz-Date=20230517T140307Z&X-Amz-SignedHeaders=host&X-Amz-Signature=6c749d77261347d39ab6358d175a43dcd8da8fac5d83542224ad4ae845f044a1
access-control-allow-origin: *
cache-control: private
access-control-allow-headers: Content-Type
content-length: 633

GET
H2 200 editbutton.css
j2fx.vacation.escapevacations.com/App_Themes/Intranet/ Frame 8AA4 1 KB
2 KB 92ms
90ms Stylesheet
text/css 52.88.130.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://j2fx.vacation.escapevacations.com/App_Themes/Intranet/editbutton.css
Requested by: Host: j2fx.vacation.escapevacations.com
URL: https://j2fx.vacation.escapevacations.com/App_Themes/Intranet/Toolbar.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.88.130.181 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-88-130-181.us-west-2.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 4823bf9e997f3e4691ce2d7eac0b7c667a5f35a0872c7b7c53402715843394c6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://j2fx.vacation.escapevacations.com/App_Themes/Intranet/Toolbar.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 22:49:53 GMT
last-modified: Fri, 18 Jan 2019 19:09:25 GMT
server: Microsoft-IIS/10.0
etag: "ac6b75361afd41:0"
x-powered-by: ASP.NET
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
access-control-allow-headers: Content-Type
content-length: 1504

GET
H2 200 css
fonts.googleapis.com/ Frame 8AA4 4 KB
921 B 100ms
40ms Stylesheet
text/css 2607:f8b0:4020:805::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:300,300i,400,400i,700,700i

Requested by

Host: skins.webtreepro.com
URL: https://skins.webtreepro.com/skins/tlgleadersedge/default.css?t=638186904604970000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:805::200a Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6b9f1135ba160e5dc694ad7977f6bf73d40d3c15742b14ca8910ea23bb3e6e79

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://skins.webtreepro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 17 May 2023 22:49:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 17 May 2023 22:26:29 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 17 May 2023 22:49:53 GMT

GET
H2 200 gen_204 Show response
maps.googleapis.com/maps/api/mapsjs/ Frame 8AA4 3 B
369 B 265ms
38ms XHR
application/json 2607:f8b0:4020:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true

Requested by

Host: maps.google.com
URL: https://maps.google.com/maps/api/js?key=AIzaSyAxuVERn-bIKl8t1fV19IpqYCrAgzZCAv0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::200a Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://j2fx.vacation.escapevacations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 22:49:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://j2fx.vacation.escapevacations.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23
x-xss-protection: 0

GET
H2 200 common.js Show response
maps.google.com/maps-api-v3/api/js/53/2/ Frame 8AA4 272 KB
60 KB 15ms
13ms Script
text/javascript 2607:f8b0:4020:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.google.com/maps-api-v3/api/js/53/2/common.js

Requested by

Host: maps.google.com
URL: https://maps.google.com/maps/api/js?key=AIzaSyAxuVERn-bIKl8t1fV19IpqYCrAgzZCAv0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::200e Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5ef97ede8fb5768a69b62bbd9a4c3c560a6fdb8d45ca3f2ac95739e4565e52a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://j2fx.vacation.escapevacations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 14:36:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29631
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61370
x-xss-protection: 0
last-modified: Wed, 03 May 2023 01:13:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 16 May 2024 14:36:02 GMT

GET
H2 200 util.js Show response
maps.google.com/maps-api-v3/api/js/53/2/ Frame 8AA4 164 KB
52 KB 27ms
26ms Script
text/javascript 2607:f8b0:4020:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.google.com/maps-api-v3/api/js/53/2/util.js

Requested by

Host: maps.google.com
URL: https://maps.google.com/maps/api/js?key=AIzaSyAxuVERn-bIKl8t1fV19IpqYCrAgzZCAv0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::200e Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

95f1569a878d15b1cbff84a4fa17273d7a1244228beb97071b227a308d4e92c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://j2fx.vacation.escapevacations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 20:31:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8302
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52844
x-xss-protection: 0
last-modified: Wed, 03 May 2023 01:13:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 16 May 2024 20:31:31 GMT

GET
H2 200 geocoder.js Show response
maps.google.com/maps-api-v3/api/js/53/2/ Frame 8AA4 5 KB
2 KB 30ms
29ms Script
text/javascript 2607:f8b0:4020:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.google.com/maps-api-v3/api/js/53/2/geocoder.js

Requested by

Host: maps.google.com
URL: https://maps.google.com/maps/api/js?key=AIzaSyAxuVERn-bIKl8t1fV19IpqYCrAgzZCAv0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::200e Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b3c7088afce43decf088e1d5f10661a71a3dd4dbc0e8826415b1f3c70141fbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://j2fx.vacation.escapevacations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 20:32:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8226
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1925
x-xss-protection: 0
last-modified: Wed, 03 May 2023 01:13:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 16 May 2024 20:32:47 GMT

GET
H2 200 Ig4Iq3rUsMg Show response
www.youtube.com/embed/ Frame 1EBB 74 KB
31 KB 118ms
82ms Document
text/html 2607:f8b0:4020:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/Ig4Iq3rUsMg?rel=0

Requested by

Host: j2fx.vacation.escapevacations.com
URL: https://j2fx.vacation.escapevacations.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::200e Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3c90b7c7f4384c2de0e8e84bfa9b0210ff94d97df517f85cb5dc6a3e44071c04

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://j2fx.vacation.escapevacations.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Wed, 17 May 2023 22:49:54 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1

200
OK

72dca8dd5a1542408b3a4faaa9c57c59.jpg
wtp-prd.s3.us-west-2.amazonaws.com/sites/9040/files/ Frame 8AA4
Redirect Chain

https://j2fx.vacation.escapevacations.com/Common/showimage.ashx/552793
https://wtp-prd.s3.us-west-2.amazonaws.com/sites/9040/files/72dca8dd5a1542408b3a4faaa9c57c59.jpg?X-Amz-Expires=86400&response-cache-control=max-age%3D86400&response-content-disposition=inline%3B%20...

3 MB
3 MB

110ms
107ms

Image
image/jpeg

52.218.168.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wtp-prd.s3.us-west-2.amazonaws.com/sites/9040/files/72dca8dd5a1542408b3a4faaa9c57c59.jpg?X-Amz-Expires=86400&response-cache-control=max-age%3D86400&response-content-disposition=inline%3B%20filename%3D%22Header-Caribbean2.jpg%22&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAZWPS3ZQLDHMNQ5J6/20230517/us-west-2/s3/aws4_request&X-Amz-Date=20230517T224726Z&X-Amz-SignedHeaders=host&X-Amz-Signature=4e9cfd6c1060546f418698cd9e99c21f75b0d43be83168dd718f7bd57d89afa3
Requested by: Host: j2fx.vacation.escapevacations.com
URL: https://j2fx.vacation.escapevacations.com/
Protocol: HTTP/1.1
Server: 52.218.168.105 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 581792b9972724d3c2bc8fcf0611c2800493d5e7d03a57b2c6e008ffc5b99853

Request headers

accept-language: en-US,en;q=0.9
Referer: https://j2fx.vacation.escapevacations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Wed, 17 May 2023 22:49:55 GMT
x-amz-version-id: .3HHj5g5hsUwr1zYTR7fTRBuS96gALAo
Last-Modified: Fri, 14 Jun 2019 20:41:42 GMT
Server: AmazonS3
x-amz-request-id: 3DDJS8XJ4HDAFMFM
ETag: "3fca0c77420d2ee43d7091cfd9ffa155"
Content-Type: image/jpeg
Cache-Control: max-age=86400
Content-Disposition: inline; filename="Header-Caribbean2.jpg"
x-amz-meta-fileid: 552793
Accept-Ranges: bytes
x-amz-meta-siteid: 9040
Content-Length: 2857244
x-amz-id-2: ywC6ZMeS7ACKqw02MWHDBE9AWchgbGCkwHjmptvLgOYvkzTvAmWeAAFMf3xNNSKX93TVSJfrB4k=

Redirect headers

date: Wed, 17 May 2023 22:49:53 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: text/html; charset=utf-8
location: https://wtp-prd.s3.us-west-2.amazonaws.com/sites/9040/files/72dca8dd5a1542408b3a4faaa9c57c59.jpg?X-Amz-Expires=86400&response-cache-control=max-age%3D86400&response-content-disposition=inline%3B%20filename%3D%22Header-Caribbean2.jpg%22&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAZWPS3ZQLDHMNQ5J6/20230517/us-west-2/s3/aws4_request&X-Amz-Date=20230517T224726Z&X-Amz-SignedHeaders=host&X-Amz-Signature=4e9cfd6c1060546f418698cd9e99c21f75b0d43be83168dd718f7bd57d89afa3
access-control-allow-origin: *
cache-control: private
access-control-allow-headers: Content-Type
content-length: 620

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ Frame 8AA4 23 KB
24 KB 163ms
4ms Font
font/woff2 2607:f8b0:4006:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,300i,400,400i,700,700i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2003 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://j2fx.vacation.escapevacations.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 16 May 2023 06:09:36 GMT
x-content-type-options: nosniff
age: 146418
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:17:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 15 May 2024 06:09:36 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ Frame 8AA4 23 KB
23 KB 168ms
10ms Font
font/woff2 2607:f8b0:4006:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,300i,400,400i,700,700i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2003 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://j2fx.vacation.escapevacations.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 16 May 2023 17:33:20 GMT
x-content-type-options: nosniff
age: 105394
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23040
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:07:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 15 May 2024 17:33:20 GMT

GET
H2 200 S6u9w4BMUTPHh7USSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ Frame 8AA4 23 KB
23 KB 170ms
12ms Font
font/woff2 2607:f8b0:4006:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh7USSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,300i,400,400i,700,700i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2003 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://j2fx.vacation.escapevacations.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 11 May 2023 00:13:29 GMT
x-content-type-options: nosniff
age: 599785
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23236
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:08:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 10 May 2024 00:13:29 GMT

GET
H2 200 fontawesome-webfont.woff2
skins.webtreepro.com/skins/common/fontawesome4/fonts/ Frame 8AA4 70 KB
71 KB 107ms
44ms Font
binary/octet-stream 2600:9000:21a2:0:16:4349:fe00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://skins.webtreepro.com/skins/common/fontawesome4/fonts/fontawesome-webfont.woff2?v=4.6.3
Requested by: Host: skins.webtreepro.com
URL: https://skins.webtreepro.com/skins/common/fontawesome4/css/font-awesome.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21a2:0:16:4349:fe00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73

Request headers

Referer: https://skins.webtreepro.com/skins/common/fontawesome4/css/font-awesome.min.css
Origin: https://j2fx.vacation.escapevacations.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 07:23:35 GMT
x-amz-version-id: null
via: 1.1 b6e7d60d529540ac03c94ffa742017e4.cloudfront.net (CloudFront)
x-amz-cf-pop: YUL62-C1
age: 55580
x-cache: Hit from cloudfront
content-length: 71896
last-modified: Tue, 10 Jul 2018 20:47:51 GMT
server: AmazonS3
etag: "e6cf7c6ec7c2d6f670ae9d762604cb0b"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: *
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
x-amz-cf-id: y-yyxEi8mlRMHu1g778MNqQQpyemqkpzgGfyUz_SSwMlYGHT4fn-1Q==

GET
H2 200 0396189001669226438 Show response
viewer.joomag.com/escape-fun-and-sun-2022/ Frame 248B 7 KB
3 KB 151ms
68ms Document
text/html 2606:4700:10::6816:179d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://viewer.joomag.com/escape-fun-and-sun-2022/0396189001669226438?short&

Requested by

Host: j2fx.vacation.escapevacations.com
URL: https://j2fx.vacation.escapevacations.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:179d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

96bfe91821ee3739eab39b67f2ec10bcc3af003827a288d2b9d4256a32e5e9ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://j2fx.vacation.escapevacations.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7c8f6a916b064398-EWR
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 17 May 2023 22:49:54 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
j-proxy: lb3-443-star
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: User-Agent,Accept-Encoding
x-content-type-options: nosniff

GET
H2 200 0692904001676562170 Show response
viewer.joomag.com/escape-insider-march-2023/ Frame 718F 6 KB
3 KB 170ms
93ms Document
text/html 2606:4700:10::6816:179d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://viewer.joomag.com/escape-insider-march-2023/0692904001676562170?short&

Requested by

Host: j2fx.vacation.escapevacations.com
URL: https://j2fx.vacation.escapevacations.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:179d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9165844847ef2381ecaf5a5c91d9addf48af3f48762c8aea31875441008efb00

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://j2fx.vacation.escapevacations.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7c8f6a916b074398-EWR
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 17 May 2023 22:49:54 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
j-proxy: lb3-443-star
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: User-Agent,Accept-Encoding
x-content-type-options: nosniff

GET
H2 200 Tracking.ashx
j2fx.vacation.escapevacations.com/Tracking/ Frame 8AA4 43 B
210 B 141ms
139ms Image
image/gif 52.88.130.181
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://j2fx.vacation.escapevacations.com/Tracking/Tracking.ashx?siteId=10866&pageId=141789&pageTitle=Home&url=https%3A%2F%2Fj2fx.vacation.escapevacations.com%2F&referrer=http%3A%2F%2Ftftravel.co%2F&track=1684363793980
Requested by: Host: j2fx.vacation.escapevacations.com
URL: https://j2fx.vacation.escapevacations.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.88.130.181 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-88-130-181.us-west-2.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://j2fx.vacation.escapevacations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 May 2023 22:49:54 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: Content-Type
content-length: 43
expires: -1

GET
H3 200 www-player.css
www.youtube.com/s/player/90a441fd/ Frame 1EBB 405 KB
48 KB 18ms
16ms Stylesheet
text/css 2607:f8b0:4020:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/90a441fd/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Ig4Iq3rUsMg?rel=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::200e Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4271487e1c6e4fe65588fe855f58dbd4005b5d1c60620487e28f009a20d69b72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/embed/Ig4Iq3rUsMg?rel=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 15 May 2023 22:48:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 172900
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48637
x-xss-protection: 0
last-modified: Mon, 15 May 2023 00:16:27 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 14 May 2024 22:48:14 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/90a441fd/www-embed-player.vflset/ Frame 1EBB 306 KB
92 KB 42ms
40ms Script
text/javascript 2607:f8b0:4020:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/90a441fd/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Ig4Iq3rUsMg?rel=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::200e Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

002cead02c391d10051d6534d57766dec9d645e09a6b59f34926b6080c9adb83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/embed/Ig4Iq3rUsMg?rel=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 17:37:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18756
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 93933
x-xss-protection: 0
last-modified: Mon, 15 May 2023 00:16:27 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 16 May 2024 17:37:18 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/90a441fd/player_ias.vflset/en_US/ Frame 1EBB 2 MB
738 KB 48ms
46ms Script
text/javascript 2607:f8b0:4020:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/90a441fd/player_ias.vflset/en_US/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Ig4Iq3rUsMg?rel=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::200e Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7053362664ab3fc9ec663f034931cb47ee26b29f01584e4fbed067a61bf6f620

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/embed/Ig4Iq3rUsMg?rel=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 15 May 2023 22:48:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 172900
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 755985
x-xss-protection: 0
last-modified: Mon, 15 May 2023 00:16:27 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 14 May 2024 22:48:14 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube.com/s/player/90a441fd/fetch-polyfill.vflset/ Frame 1EBB 9 KB
3 KB 53ms
52ms Script
text/javascript 2607:f8b0:4020:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/90a441fd/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Ig4Iq3rUsMg?rel=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::200e Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/embed/Ig4Iq3rUsMg?rel=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 15 May 2023 22:52:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 172656
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2604
x-xss-protection: 0
last-modified: Mon, 15 May 2023 00:16:27 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 14 May 2024 22:52:18 GMT

GET
H2 200 uc.js Show response
consent.cookiebot.com/ Frame 248B 107 KB
33 KB 93ms
11ms Script
application/javascript 2600:1400:b000::6872:481a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.cookiebot.com/uc.js
Requested by: Host: viewer.joomag.com
URL: https://viewer.joomag.com/escape-fun-and-sun-2022/0396189001669226438?short&
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1400:b000::6872:481a New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: f952ebf8091c4d1d48951e442b2930153d49ecbe7298b63b7b89c7042c65e46b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://viewer.joomag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

request-context: appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef
date: Wed, 17 May 2023 22:49:54 GMT
content-encoding: gzip
last-modified: Thu, 11 May 2023 11:13:19 GMT
etag: "6dc99e97f983d91:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-expose-headers: Request-Context
cache-control: public, max-age=838
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 33582
expires: Wed, 17 May 2023 23:03:52 GMT

GET
H2 200 magazine.js Show response
static.joomag.com/static/js/ Frame 248B 421 KB
129 KB 126ms
41ms Script
application/javascript 2606:4700:10::ac43:1df5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.joomag.com/static/js/magazine.js?_=5.8.0.0

Requested by

Host: viewer.joomag.com
URL: https://viewer.joomag.com/escape-fun-and-sun-2022/0396189001669226438?short&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1df5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

10c9be23280e854b2016c5bb0209416e5fdd35cd5cde8e9dda2998ef0d85d78f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://viewer.joomag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 22:49:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
cf-cache-status: HIT
age: 552033
j-proxy: lb3-443-star-static
j-srv: wa5-app1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 11 May 2023 13:17:56 GMT
server: cloudflare
etag: "693ed-5fb6ad10dc900-gzip"
vary: User-Agent,Accept-Encoding,Origin
access-control-allow-methods: POST, GET, DELETE, OPTIONS, PUT
content-type: application/javascript
cache-control: public, max-age=2592000
access-control-allow-credentials: true
cf-ray: 7c8f6a948aea0c96-EWR
access-control-allow-headers: X-Csrf-Token, X-Requested-With, X-NewRelic-ID, Content-Type, key, sub-auth, new-subscriber
expires: Sat, 10 Jun 2023 13:29:21 GMT

GET
H2 200 en.js Show response
app.joomag.com//static/locale/ Frame 248B 243 KB
73 KB 94ms
11ms Script
application/javascript 2606:4700:10::6816:169d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.joomag.com//static/locale/en.js?_=5.8.0.0

Requested by

Host: viewer.joomag.com
URL: https://viewer.joomag.com/escape-fun-and-sun-2022/0396189001669226438?short&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:169d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

309491d55e4aa4f4b8c8932d86ff32f384b7492aa0253a0cb8159e5825c3e258

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://viewer.joomag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 22:49:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
cf-cache-status: HIT
age: 552053
j-proxy: lb3-443-star-static
j-srv: wa5-app2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 11 May 2023 13:17:56 GMT
server: cloudflare
etag: "3cab5-5fb6ad10dc900-gzip"
vary: User-Agent,Accept-Encoding,Origin
access-control-allow-methods: POST, GET, DELETE, OPTIONS, PUT
content-type: application/javascript
cache-control: public, max-age=2592000
access-control-allow-credentials: true
cf-ray: 7c8f6a947d6018bc-EWR
access-control-allow-headers: X-Csrf-Token, X-Requested-With, X-NewRelic-ID, Content-Type, key, sub-auth, new-subscriber
expires: Sat, 10 Jun 2023 13:29:01 GMT

GET
H2 200 bundle.min.js Show response
browser.sentry-cdn.com/5.11.2/ Frame 248B 55 KB
55 KB 76ms
0ms Script
application/javascript 2a04:4e42:200::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://browser.sentry-cdn.com/5.11.2/bundle.min.js

Requested by

Host: viewer.joomag.com
URL: https://viewer.joomag.com/escape-fun-and-sun-2022/0396189001669226438?short&

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::729 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

85bb43dae06f4d48b885e878395e5984a2afb942ff778dfb8bda87d8eb475bc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://viewer.joomag.com/
Origin: https://viewer.joomag.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 22:49:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Wed, 29 Jan 2020 12:51:19 GMT
server: Fastly
age: 2549342
etag: W/"be72f03d284d5611594822cfecaf34c6"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-guploader-response-body-transformations: gunzipped
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 55880
expires: Wed, 17 Apr 2024 10:40:53 GMT

GET
H2 200 joomag-pixel.d98493bd8849d9c333b2.js Show response
www.joomag.com/Frontend/pixel/ Frame 248B 314 KB
95 KB 118ms
34ms Script
application/javascript 209.95.50.27
HOSTINGSERVICES-INC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.joomag.com/Frontend/pixel/joomag-pixel.d98493bd8849d9c333b2.js

Requested by

Host: viewer.joomag.com
URL: https://viewer.joomag.com/escape-fun-and-sun-2022/0396189001669226438?short&

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

209.95.50.27 New York, United States, ASN32780 (HOSTINGSERVICES-INC, US),

Reverse DNS

www.joomag.com

Software

nginx/1.18.0 /

Resource Hash

ff5acd78e31d15a76cc419734a0c7b8ecd95e110721a0a85c914992ddfb7636a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://viewer.joomag.com/
Origin: https://viewer.joomag.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 22:49:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
j-proxy: lb3-443-www-static
j-srv: wa4-app2
last-modified: Thu, 30 Mar 2023 14:00:08 GMT
server: nginx/1.18.0
etag: "4e612-5f81e82a34a00-gzip"
vary: User-Agent,Accept-Encoding,Origin
access-control-allow-methods: POST, GET, DELETE, OPTIONS, PUT
content-type: application/javascript
access-control-allow-origin: https://viewer.joomag.com
cache-control: max-age=2592000, public
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: X-Csrf-Token, X-Requested-With, X-NewRelic-ID, Content-Type, key, sub-auth, new-subscriber
expires: Fri, 16 Jun 2023 22:49:54 GMT

GET
H2 200 main.f88b03912e94c9679b1d75778b1b970e.css
app.joomag.com/Frontend/mobile/viewer/styles/ Frame 248B 331 KB
43 KB 107ms
25ms Stylesheet
text/css 2606:4700:10::6816:169d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.joomag.com/Frontend/mobile/viewer/styles/main.f88b03912e94c9679b1d75778b1b970e.css

Requested by

Host: viewer.joomag.com
URL: https://viewer.joomag.com/escape-fun-and-sun-2022/0396189001669226438?short&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:169d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3d5f26d5f868f53e87905d59ecbca36390e4d7bb01ba566dc7abbfbc232b43cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://viewer.joomag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 22:49:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
cf-cache-status: HIT
age: 1764736
j-proxy: lb3-443-star-static
j-srv: wa4-app2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43577
last-modified: Thu, 27 Apr 2023 12:36:54 GMT
server: cloudflare
etag: "52a26-5fa509c876580-gzip"
vary: User-Agent,Accept-Encoding,Origin
access-control-allow-methods: POST, GET, DELETE, OPTIONS, PUT
content-type: text/css
cache-control: public, max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7c8f6a947d5a18bc-EWR
access-control-allow-headers: X-Csrf-Token, X-Requested-With, X-NewRelic-ID, Content-Type, key, sub-auth, new-subscriber
expires: Sat, 27 May 2023 12:37:38 GMT

GET
H2 200 manifest.4884b86866bffd017100.js Show response
app.joomag.com/Frontend/mobile/viewer/ Frame 248B 2 KB
1 KB 115ms
33ms Script
application/javascript 2606:4700:10::6816:169d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.joomag.com/Frontend/mobile/viewer/manifest.4884b86866bffd017100.js

Requested by

Host: viewer.joomag.com
URL: https://viewer.joomag.com/escape-fun-and-sun-2022/0396189001669226438?short&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:169d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9654e71a7e697b484e9897540de4a9df82d863a7856c274c681bcc801ed94648

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://viewer.joomag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 22:49:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
cf-cache-status: HIT
age: 1331303
j-proxy: lb3-443-star-static
j-srv: wa4-app1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1175
last-modified: Tue, 02 May 2023 12:58:41 GMT
server: cloudflare
etag: "7b7-5fab57fa38240-gzip"
vary: User-Agent,Accept-Encoding,Origin
access-control-allow-methods: POST, GET, DELETE, OPTIONS, PUT
content-type: application/javascript
cache-control: public, max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7c8f6a947d6318bc-EWR
access-control-allow-headers: X-Csrf-Token, X-Requested-With, X-NewRelic-ID, Content-Type, key, sub-auth, new-subscriber
expires: Thu, 01 Jun 2023 13:01:31 GMT

GET
H2 200 normalize.77b34462fbc80a8a268e.js Show response
app.joomag.com/Frontend/mobile/viewer/ Frame 248B 17 KB
6 KB 114ms
32ms Script
application/javascript 2606:4700:10::6816:169d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.joomag.com/Frontend/mobile/viewer/normalize.77b34462fbc80a8a268e.js

Requested by

Host: viewer.joomag.com
URL: https://viewer.joomag.com/escape-fun-and-sun-2022/0396189001669226438?short&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:169d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

733f966be407e73faa1f54490f1f6bda0a3de2e15323834467acaf43c47ad5d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://viewer.joomag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 22:49:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
cf-cache-status: HIT
age: 1143937
j-proxy: lb3-443-star-static
j-srv: wa5-app2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5972
last-modified: Tue, 02 May 2023 12:58:41 GMT
server: cloudflare
etag: "42ba-5fab57fa38240-gzip"
vary: User-Agent,Accept-Encoding,Origin
access-control-allow-methods: POST, GET, DELETE, OPTIONS, PUT
content-type: application/javascript
cache-control: public, max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7c8f6a947d6618bc-EWR
access-control-allow-headers: X-Csrf-Token, X-Requested-With, X-NewRelic-ID, Content-Type, key, sub-auth, new-subscriber
expires: Sat, 03 Jun 2023 17:04:17 GMT

GET
H2 200 vendor.8e042f937ae849c97495.js Show response
app.joomag.com/Frontend/mobile/viewer/ Frame 248B 344 KB
107 KB 106ms
25ms Script
application/javascript 2606:4700:10::6816:169d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.joomag.com/Frontend/mobile/viewer/vendor.8e042f937ae849c97495.js

Requested by

Host: viewer.joomag.com
URL: https://viewer.joomag.com/escape-fun-and-sun-2022/0396189001669226438?short&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:169d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e44e5e73addbfee1b40e2355f0e22edb7b6824a0181d7f84690f3d12d5f40896

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://viewer.joomag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 22:49:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
cf-cache-status: HIT
age: 1587556
j-proxy: lb3-443-star-static
j-srv: wa5-app2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 27 Apr 2023 12:36:54 GMT
server: cloudflare
etag: "5602b-5fa509c876580-gzip"
vary: User-Agent,Accept-Encoding,Origin
access-control-allow-methods: POST, GET, DELETE, OPTIONS, PUT
content-type: application/javascript
cache-control: public, max-age=2592000
access-control-allow-credentials: true
cf-ray: 7c8f6a947d6818bc-EWR
access-control-allow-headers: X-Csrf-Token, X-Requested-With, X-NewRelic-ID, Content-Type, key, sub-auth, new-subscriber
expires: Mon, 29 May 2023 13:50:38 GMT

GET
H2 200 main.991e603b29afb97a9d62.js Show response
app.joomag.com/Frontend/mobile/viewer/ Frame 248B 846 KB
208 KB 115ms
33ms Script
application/javascript 2606:4700:10::6816:169d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.joomag.com/Frontend/mobile/viewer/main.991e603b29afb97a9d62.js

Requested by

Host: viewer.joomag.com
URL: https://viewer.joomag.com/escape-fun-and-sun-2022/0396189001669226438?short&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:169d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4a7c4778d6a71f2af1f32a5eb3bae2208f39e442edf30334300db474925f9b8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://viewer.joomag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 22:49:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
cf-cache-status: HIT
age: 1331303
j-proxy: lb3-443-star-static
j-srv: wa4-app2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 02 May 2023 12:58:41 GMT
server: cloudflare
etag: "d38f0-5fab57fa38240-gzip"
vary: User-Agent,Accept-Encoding,Origin
access-control-allow-methods: POST, GET, DELETE, OPTIONS, PUT
content-type: application/javascript
cache-control: public, max-age=2592000
access-control-allow-credentials: true
cf-ray: 7c8f6a947d6a18bc-EWR
access-control-allow-headers: X-Csrf-Token, X-Requested-With, X-NewRelic-ID, Content-Type, key, sub-auth, new-subscriber
expires: Thu, 01 Jun 2023 13:01:31 GMT

GET
H2 200 uc.js Show response
consent.cookiebot.com/ Frame 718F 107 KB
33 KB 85ms
6ms Script
application/javascript 2600:1400:b000::6872:481a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.cookiebot.com/uc.js
Requested by: Host: viewer.joomag.com
URL: https://viewer.joomag.com/escape-insider-march-2023/0692904001676562170?short&
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1400:b000::6872:481a New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: f952ebf8091c4d1d48951e442b2930153d49ecbe7298b63b7b89c7042c65e46b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://viewer.joomag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

request-context: appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef
date: Wed, 17 May 2023 22:49:54 GMT
content-encoding: gzip
last-modified: Thu, 11 May 2023 11:13:19 GMT
etag: "6dc99e97f983d91:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-expose-headers: Request-Context
cache-control: public, max-age=838
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 33582
expires: Wed, 17 May 2023 23:03:52 GMT

GET
H2 200 magazine.js Show response
static.joomag.com/static/js/ Frame 718F 421 KB
130 KB 101ms
20ms Script
application/javascript 2606:4700:10::ac43:1df5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.joomag.com/static/js/magazine.js?_=5.8.0.0

Requested by

Host: viewer.joomag.com
URL: https://viewer.joomag.com/escape-insider-march-2023/0692904001676562170?short&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1df5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

10c9be23280e854b2016c5bb0209416e5fdd35cd5cde8e9dda2998ef0d85d78f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://viewer.joomag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 22:49:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
cf-cache-status: HIT
age: 552033
j-proxy: lb3-443-star-static
j-srv: wa5-app1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 11 May 2023 13:17:56 GMT
server: cloudflare
etag: "693ed-5fb6ad10dc900-gzip"
vary: User-Agent,Accept-Encoding,Origin
access-control-allow-methods: POST, GET, DELETE, OPTIONS, PUT
content-type: application/javascript
cache-control: public, max-age=2592000
access-control-allow-credentials: true
cf-ray: 7c8f6a948aeb0c96-EWR
access-control-allow-headers: X-Csrf-Token, X-Requested-With, X-NewRelic-ID, Content-Type, key, sub-auth, new-subscriber
expires: Sat, 10 Jun 2023 13:29:21 GMT

GET
H2 200 en.js Show response
app.joomag.com//static/locale/ Frame 718F 243 KB
73 KB 112ms
31ms Script
application/javascript 2606:4700:10::6816:169d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.joomag.com//static/locale/en.js?_=5.8.0.0

Requested by

Host: viewer.joomag.com
URL: https://viewer.joomag.com/escape-insider-march-2023/0692904001676562170?short&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:169d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

309491d55e4aa4f4b8c8932d86ff32f384b7492aa0253a0cb8159e5825c3e258

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://viewer.joomag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 22:49:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
cf-cache-status: HIT
age: 552053
j-proxy: lb3-443-star-static
j-srv: wa5-app2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 11 May 2023 13:17:56 GMT
server: cloudflare
etag: "3cab5-5fb6ad10dc900-gzip"
vary: User-Agent,Accept-Encoding,Origin
access-control-allow-methods: POST, GET, DELETE, OPTIONS, PUT
content-type: application/javascript
cache-control: public, max-age=2592000
access-control-allow-credentials: true
cf-ray: 7c8f6a948d6f18bc-EWR
access-control-allow-headers: X-Csrf-Token, X-Requested-With, X-NewRelic-ID, Content-Type, key, sub-auth, new-subscriber
expires: Sat, 10 Jun 2023 13:29:01 GMT

GET
H2 200 bundle.min.js Show response
browser.sentry-cdn.com/5.11.2/ Frame 718F 55 KB
55 KB 74ms
0ms Script
application/javascript 2a04:4e42:200::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://browser.sentry-cdn.com/5.11.2/bundle.min.js

Requested by

Host: viewer.joomag.com
URL: https://viewer.joomag.com/escape-insider-march-2023/0692904001676562170?short&

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::729 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

85bb43dae06f4d48b885e878395e5984a2afb942ff778dfb8bda87d8eb475bc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://viewer.joomag.com/
Origin: https://viewer.joomag.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 22:49:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Wed, 29 Jan 2020 12:51:19 GMT
server: Fastly
age: 2549342
etag: W/"be72f03d284d5611594822cfecaf34c6"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-guploader-response-body-transformations: gunzipped
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 55880
expires: Wed, 17 Apr 2024 10:40:53 GMT

GET
H2 200 joomag-pixel.d98493bd8849d9c333b2.js Show response
www.joomag.com/Frontend/pixel/ Frame 718F 314 KB
95 KB 102ms
22ms Script
application/javascript 209.95.50.27
HOSTINGSERVICES-INC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.joomag.com/Frontend/pixel/joomag-pixel.d98493bd8849d9c333b2.js

Requested by

Host: viewer.joomag.com
URL: https://viewer.joomag.com/escape-insider-march-2023/0692904001676562170?short&

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

209.95.50.27 New York, United States, ASN32780 (HOSTINGSERVICES-INC, US),

Reverse DNS

www.joomag.com

Software

nginx/1.18.0 /

Resource Hash

ff5acd78e31d15a76cc419734a0c7b8ecd95e110721a0a85c914992ddfb7636a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://viewer.joomag.com/
Origin: https://viewer.joomag.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 22:49:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
j-proxy: lb3-443-www-static
j-srv: wa4-app1
last-modified: Thu, 30 Mar 2023 14:00:08 GMT
server: nginx/1.18.0
etag: "4e612-5f81e82a34a00-gzip"
vary: User-Agent,Accept-Encoding,Origin
access-control-allow-methods: POST, GET, DELETE, OPTIONS, PUT
content-type: application/javascript
access-control-allow-origin: https://viewer.joomag.com
cache-control: max-age=2592000, public
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: X-Csrf-Token, X-Requested-With, X-NewRelic-ID, Content-Type, key, sub-auth, new-subscriber
expires: Fri, 16 Jun 2023 22:49:54 GMT

GET
H2 200 main.f88b03912e94c9679b1d75778b1b970e.css
app.joomag.com/Frontend/mobile/viewer/styles/ Frame 718F 331 KB
43 KB 112ms
33ms Stylesheet
text/css 2606:4700:10::6816:169d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.joomag.com/Frontend/mobile/viewer/styles/main.f88b03912e94c9679b1d75778b1b970e.css

Requested by

Host: viewer.joomag.com
URL: https://viewer.joomag.com/escape-insider-march-2023/0692904001676562170?short&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:169d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3d5f26d5f868f53e87905d59ecbca36390e4d7bb01ba566dc7abbfbc232b43cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://viewer.joomag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 22:49:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
cf-cache-status: HIT
age: 1764736
j-proxy: lb3-443-star-static
j-srv: wa4-app2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43577
last-modified: Thu, 27 Apr 2023 12:36:54 GMT
server: cloudflare
etag: "52a26-5fa509c876580-gzip"
vary: User-Agent,Accept-Encoding,Origin
access-control-allow-methods: POST, GET, DELETE, OPTIONS, PUT
content-type: text/css
cache-control: public, max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7c8f6a947d5e18bc-EWR
access-control-allow-headers: X-Csrf-Token, X-Requested-With, X-NewRelic-ID, Content-Type, key, sub-auth, new-subscriber
expires: Sat, 27 May 2023 12:37:38 GMT

GET
H2 200 manifest.4884b86866bffd017100.js Show response
app.joomag.com/Frontend/mobile/viewer/ Frame 718F 2 KB
1 KB 104ms
24ms Script
application/javascript 2606:4700:10::6816:169d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.joomag.com/Frontend/mobile/viewer/manifest.4884b86866bffd017100.js

Requested by

Host: viewer.joomag.com
URL: https://viewer.joomag.com/escape-insider-march-2023/0692904001676562170?short&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:169d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9654e71a7e697b484e9897540de4a9df82d863a7856c274c681bcc801ed94648

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://viewer.joomag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 22:49:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
cf-cache-status: HIT
age: 1331303
j-proxy: lb3-443-star-static
j-srv: wa4-app1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1175
last-modified: Tue, 02 May 2023 12:58:41 GMT
server: cloudflare
etag: "7b7-5fab57fa38240-gzip"
vary: User-Agent,Accept-Encoding,Origin
access-control-allow-methods: POST, GET, DELETE, OPTIONS, PUT
content-type: application/javascript
cache-control: public, max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7c8f6a948d6b18bc-EWR
access-control-allow-headers: X-Csrf-Token, X-Requested-With, X-NewRelic-ID, Content-Type, key, sub-auth, new-subscriber
expires: Thu, 01 Jun 2023 13:01:31 GMT

GET
H2 200 normalize.77b34462fbc80a8a268e.js Show response
app.joomag.com/Frontend/mobile/viewer/ Frame 718F 17 KB
6 KB 113ms
33ms Script
application/javascript 2606:4700:10::6816:169d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.joomag.com/Frontend/mobile/viewer/normalize.77b34462fbc80a8a268e.js

Requested by

Host: viewer.joomag.com
URL: https://viewer.joomag.com/escape-insider-march-2023/0692904001676562170?short&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:169d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

733f966be407e73faa1f54490f1f6bda0a3de2e15323834467acaf43c47ad5d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://viewer.joomag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 22:49:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
cf-cache-status: HIT
age: 1143937
j-proxy: lb3-443-star-static
j-srv: wa5-app2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5972
last-modified: Tue, 02 May 2023 12:58:41 GMT
server: cloudflare
etag: "42ba-5fab57fa38240-gzip"
vary: User-Agent,Accept-Encoding,Origin
access-control-allow-methods: POST, GET, DELETE, OPTIONS, PUT
content-type: application/javascript
cache-control: public, max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7c8f6a948d7118bc-EWR
access-control-allow-headers: X-Csrf-Token, X-Requested-With, X-NewRelic-ID, Content-Type, key, sub-auth, new-subscriber
expires: Sat, 03 Jun 2023 17:04:17 GMT

GET
H2 200 vendor.8e042f937ae849c97495.js Show response
app.joomag.com/Frontend/mobile/viewer/ Frame 718F 344 KB
106 KB 110ms
31ms Script
application/javascript 2606:4700:10::6816:169d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.joomag.com/Frontend/mobile/viewer/vendor.8e042f937ae849c97495.js

Requested by

Host: viewer.joomag.com
URL: https://viewer.joomag.com/escape-insider-march-2023/0692904001676562170?short&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:169d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e44e5e73addbfee1b40e2355f0e22edb7b6824a0181d7f84690f3d12d5f40896

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://viewer.joomag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 22:49:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
cf-cache-status: HIT
age: 1587556
j-proxy: lb3-443-star-static
j-srv: wa5-app2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 27 Apr 2023 12:36:54 GMT
server: cloudflare
etag: "5602b-5fa509c876580-gzip"
vary: User-Agent,Accept-Encoding,Origin
access-control-allow-methods: POST, GET, DELETE, OPTIONS, PUT
content-type: application/javascript
cache-control: public, max-age=2592000
access-control-allow-credentials: true
cf-ray: 7c8f6a948d6d18bc-EWR
access-control-allow-headers: X-Csrf-Token, X-Requested-With, X-NewRelic-ID, Content-Type, key, sub-auth, new-subscriber
expires: Mon, 29 May 2023 13:50:38 GMT

GET
H2 200 main.991e603b29afb97a9d62.js Show response
app.joomag.com/Frontend/mobile/viewer/ Frame 718F 846 KB
208 KB 111ms
32ms Script
application/javascript 2606:4700:10::6816:169d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.joomag.com/Frontend/mobile/viewer/main.991e603b29afb97a9d62.js

Requested by

Host: viewer.joomag.com
URL: https://viewer.joomag.com/escape-insider-march-2023/0692904001676562170?short&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:169d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4a7c4778d6a71f2af1f32a5eb3bae2208f39e442edf30334300db474925f9b8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://viewer.joomag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 22:49:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
cf-cache-status: HIT
age: 1331303
j-proxy: lb3-443-star-static
j-srv: wa4-app2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 02 May 2023 12:58:41 GMT
server: cloudflare
etag: "d38f0-5fab57fa38240-gzip"
vary: User-Agent,Accept-Encoding,Origin
access-control-allow-methods: POST, GET, DELETE, OPTIONS, PUT
content-type: application/javascript
cache-control: public, max-age=2592000
access-control-allow-credentials: true
cf-ray: 7c8f6a948d7218bc-EWR
access-control-allow-headers: X-Csrf-Token, X-Requested-With, X-NewRelic-ID, Content-Type, key, sub-auth, new-subscriber
expires: Thu, 01 Jun 2023 13:01:31 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 1EBB 15 KB
15 KB 19ms
0ms Font
font/woff2 2607:f8b0:4006:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Ig4Iq3rUsMg?rel=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2003 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 13 May 2023 16:14:59 GMT
x-content-type-options: nosniff
age: 369295
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 May 2024 16:14:59 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 1EBB 15 KB
15 KB 19ms
0ms Font
font/woff2 2607:f8b0:4006:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Ig4Iq3rUsMg?rel=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2003 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 03:13:57 GMT
x-content-type-options: nosniff
age: 70557
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 May 2024 03:13:57 GMT

POST
H2 200 SaveDevice Show response
j2fx.vacation.escapevacations.com/Common/AjaxPublishedModeHelpers.asmx/ Frame 8AA4 214 B
423 B 140ms
105ms XHR
application/json 52.88.130.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://j2fx.vacation.escapevacations.com/Common/AjaxPublishedModeHelpers.asmx/SaveDevice
Requested by: Host: j2fx.vacation.escapevacations.com
URL: https://j2fx.vacation.escapevacations.com/dynamicScriptBundle/638192051331684007/CwQAAB-LCAAAAAAABACdU8tOwzAQ_JpyIxKFH0ClQFGROBSuyIk37Sa2d7HXbfr3OCQC08cBTlnPjDe7M_JkWj-FybRuPiL4fdGEi8lvZAeleAD2lJMVUYsQRmjlVdWiW2dlLg67msoGKsnBmrwNDpnhF9wihdaShhxUjeoewTD4MCNryR3PGfG7vIyY8zvhdyaOnIOOZN9zP8v1yAnF6MIXy2k1tQY9ym6Z359VEPAvCe3vrMCyUTLUy4clKJ1Gnus1/JIBjaTBsst2aXlcSSRCvuLDoDomSujNwFDT5uMhK34H8mNxkGVpQzoKLOdWf02dDW_ALJ-DkBBti73kswzmuThuN3CwGIZvkw_JjbKkakss7pEgK2TO8KYNaCfkTM5eGqvZ1cbb5gNxqvXDp9HZ9cF2gkxqNyez78mmjnDZQKh8KH52ghcvtTXFVTP_yozzne1ASPegXT5YEyfWghtAK8X97zrvKxIBbmHfJOQRXwXHXFJpXDqTXa0wmjo4Ph_G5HL_Z/Kk2Ywj48J-EnLL-bQAsEAAA1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.88.130.181 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-88-130-181.us-west-2.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: c119baf318ff4e67f81ba5e4adcf3f259d5c032a1798ddfc01a4b726b071fa1a

Request headers

Accept: */*
Referer: https://j2fx.vacation.escapevacations.com/
X-Requested-With: XMLHttpRequest
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

date: Wed, 17 May 2023 22:49:54 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=0
access-control-allow-headers: Content-Type
content-length: 214

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ Frame 248B 122 KB
47 KB 101ms
43ms Script
application/javascript 2607:f8b0:4020:806::2008

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KDXRF52

Requested by

Host: viewer.joomag.com
URL: https://viewer.joomag.com/escape-fun-and-sun-2022/0396189001669226438?short&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::2008 -, , ASN (),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a3add30d15470dee55bc704f476b4bb6f8ef15e34c49a8d6859f3a19323ad0e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://viewer.joomag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 22:49:55 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47922
x-xss-protection: 0
last-modified: Wed, 17 May 2023 21:08:09 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 17 May 2023 22:49:55 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ Frame 718F 122 KB
47 KB 71ms
70ms Script
application/javascript 2607:f8b0:4020:806::2008

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KDXRF52

Requested by

Host: viewer.joomag.com
URL: https://viewer.joomag.com/escape-insider-march-2023/0692904001676562170?short&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::2008 -, , ASN (),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e56be369c400f1660e3c629a109172476b4b39a78f3beb8fd4a479136c43c552

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://viewer.joomag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 22:49:55 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47875
x-xss-protection: 0
last-modified: Wed, 17 May 2023 22:24:40 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 17 May 2023 22:49:55 GMT

GET
H2 200 0.84c4f9be2141a77e55b8.js Show response
app.joomag.com/Frontend/mobile/viewer/ Frame 718F 13 KB
6 KB 13ms
12ms Script
application/javascript 2606:4700:10::6816:169d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.joomag.com/Frontend/mobile/viewer/0.84c4f9be2141a77e55b8.js

Requested by

Host: app.joomag.com
URL: https://app.joomag.com/Frontend/mobile/viewer/manifest.4884b86866bffd017100.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:169d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1ccf7c24dbe51e3fe3faf8325394edb3364f4a4b8187cd543a3721e4ccf81bd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://viewer.joomag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 22:49:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
cf-cache-status: HIT
age: 554194
j-proxy: lb3-443-star-static
j-srv: wa4-app1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5521
last-modified: Tue, 02 May 2023 12:58:41 GMT
server: cloudflare
etag: "3405-5fab57fa38240-gzip"
vary: User-Agent,Accept-Encoding,Origin
access-control-allow-methods: POST, GET, DELETE, OPTIONS, PUT
content-type: application/javascript
cache-control: public, max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7c8f6a98884b18bc-EWR
access-control-allow-headers: X-Csrf-Token, X-Requested-With, X-NewRelic-ID, Content-Type, key, sub-auth, new-subscriber
expires: Sat, 10 Jun 2023 12:53:21 GMT

GET
H2

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 1EBB
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
242 B

18ms
17ms

XHR
application/json

2607:f8b0:4006:823::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Ig4Iq3rUsMg?rel=0

Protocol

Server

2607:f8b0:4006:823::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

17289e55667c08c361a9eb254e13d1d47a5fde49d543aff23eb6242cfb75a69a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 22:49:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 17 May 2023 22:49:55 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 1EBB 29 B
494 B 59ms
17ms Script
text/javascript 2607:f8b0:4020:804::2006

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/90a441fd/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:804::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 22:47:58 GMT
x-content-type-options: nosniff
age: 117
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 17 May 2023 23:02:58 GMT

GET
H3 200 0.84c4f9be2141a77e55b8.js Show response
app.joomag.com/Frontend/mobile/viewer/ Frame 248B 13 KB
6 KB 14ms
14ms Script
application/javascript 2606:4700:10::6816:169d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.joomag.com/Frontend/mobile/viewer/0.84c4f9be2141a77e55b8.js

Requested by

Host: app.joomag.com
URL: https://app.joomag.com/Frontend/mobile/viewer/manifest.4884b86866bffd017100.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:169d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1ccf7c24dbe51e3fe3faf8325394edb3364f4a4b8187cd543a3721e4ccf81bd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://viewer.joomag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 22:49:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
cf-cache-status: HIT
age: 1750967
j-proxy: lb3-443-star-static
j-srv: wa4-app2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5521
last-modified: Thu, 27 Apr 2023 12:36:54 GMT
server: cloudflare
etag: "3405-5fa509c876580-gzip"
vary: User-Agent,Accept-Encoding,Origin
access-control-allow-methods: POST, GET, DELETE, OPTIONS, PUT
content-type: application/javascript
cache-control: public, max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7c8f6a98ce35c33f-EWR
access-control-allow-headers: X-Csrf-Token, X-Requested-With, X-NewRelic-ID, Content-Type, key, sub-auth, new-subscriber
expires: Sat, 27 May 2023 16:27:08 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 34ms
31ms Preflight
text/html 2607:f8b0:4020:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::200a Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Wed, 17 May 2023 22:49:55 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 1EBB 68 KB
31 KB 37ms
36ms XHR
application/json+protobuf 2607:f8b0:4020:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/90a441fd/player_ias.vflset/en_US/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::200a Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b80a1c718b286384ca1582dfd38205ad5c1d6cb4bee1880dbe5660dd43ea01f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Wed, 17 May 2023 22:49:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31663
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/90a441fd/player_ias.vflset/en_US/ Frame 1EBB 116 KB
33 KB 12ms
12ms Script
text/javascript 2607:f8b0:4020:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/90a441fd/player_ias.vflset/en_US/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/90a441fd/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::200e Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74b61f9f2097ad401aec31fb8db0a249e005db02c957b3721fd37302dbd63002

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/embed/Ig4Iq3rUsMg?rel=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 15 May 2023 22:48:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 172901
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33404
x-xss-protection: 0
last-modified: Mon, 15 May 2023 00:16:27 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 14 May 2024 22:48:14 GMT

GET
H2 200 eee_KjLo8HjJC2kczPWeD_UvQFOi_GikGCFFwzkCqeE.js Show response
www.google.com/js/th/ Frame 1EBB 37 KB
15 KB 69ms
14ms Script
text/javascript 2607:f8b0:4020:807::2004

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/eee_KjLo8HjJC2kczPWeD_UvQFOi_GikGCFFwzkCqeE.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/90a441fd/player_ias.vflset/en_US/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2004 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

79e7bf2a32e8f078c90b691cccf59e0ff52f4053a2fc68a4182145c33902a9e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 05:06:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63802
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14670
x-xss-protection: 0
last-modified: Mon, 08 May 2023 09:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 16 May 2024 05:06:33 GMT

GET
H2 200 maxresdefault.jpg
i.ytimg.com/vi/Ig4Iq3rUsMg/ Frame 1EBB 92 KB
93 KB 127ms
45ms Image
image/jpeg 2607:f8b0:4020:805::2016

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/Ig4Iq3rUsMg/maxresdefault.jpg?sqp=-oaymwEmCIAKENAF8quKqQMa8AEB-AHUBoAC4AOKAgwIABABGHIgRCgtMA8=&rs=AOn4CLDMaZWKbGMVcT0Bseel71oqcbit1w

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Ig4Iq3rUsMg?rel=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:805::2016 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

1eef24f9d3963d079a618d936228fe399bfc53e21fc84515d824c510e7812886

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 22:49:55 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 94309
x-xss-protection: 0
server: sffe
etag: "1613750382"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 18 May 2023 00:49:55 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/90a441fd/player_ias.vflset/en_US/ Frame 1EBB 29 KB
8 KB 27ms
27ms Script
text/javascript 2607:f8b0:4020:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/90a441fd/player_ias.vflset/en_US/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/90a441fd/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::200e Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6f1ad00b9bfb43adeade458c17b26f56adea39b73420e7e8a024d5f55a163d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/embed/Ig4Iq3rUsMg?rel=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 17:21:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19686
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8245
x-xss-protection: 0
last-modified: Mon, 15 May 2023 00:16:27 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 16 May 2024 17:21:49 GMT

GET
DATA 200
OK truncated
/ Frame 1EBB 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AGIKgqOT7F5w8pUL6vgLBp95ujMflUq0UUd__iXVhXyjjA=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 1EBB 3 KB
3 KB 365ms
12ms Image
image/jpeg 2607:f8b0:4020:806::2001

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AGIKgqOT7F5w8pUL6vgLBp95ujMflUq0UUd__iXVhXyjjA=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Ig4Iq3rUsMg?rel=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::2001 -, , ASN (),

Reverse DNS

Software

fife /

Resource Hash

977a6f0aaf7956fc999a7726714637863760ec87d4413e91e386ca10930312db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 20:00:22 GMT
x-content-type-options: nosniff
age: 10173
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2699
x-xss-protection: 0
server: fife
etag: "va0"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 18 May 2023 20:00:22 GMT

GET
H3 200 get_logged_in_user_data.php Show response
app.joomag.com/Frontend/WebService/WebsiteGateway/ Frame 248B 43 B
646 B 56ms
56ms XHR
application/json 2606:4700:10::6816:169d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.joomag.com/Frontend/WebService/WebsiteGateway/get_logged_in_user_data.php?magID=2681606&fields%5B%5D=ID&fields%5B%5D=email

Requested by

Host: app.joomag.com
URL: https://app.joomag.com/Frontend/mobile/viewer/vendor.8e042f937ae849c97495.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:169d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9b74ae2df1ac535ca780a02cf74b1341e8ddf924ab02ba84c7aa772ee90ab77b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://viewer.joomag.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 22:49:55 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
j-proxy: lb3-443-star
j-srv: wa4-app2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
pragma: no-cache
server: cloudflare
vary: User-Agent,Origin
access-control-allow-methods: POST, GET, DELETE, OPTIONS, PUT
content-type: application/json
access-control-allow-origin: https://viewer.joomag.com
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 7c8f6a9b2834c33f-EWR
access-control-allow-headers: X-Csrf-Token, X-Requested-With, X-NewRelic-ID, Content-Type, key, sub-auth, new-subscriber
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 list Show response
app.joomag.com/jcsip/html5/v1/country/ Frame 248B 7 KB
3 KB 68ms
67ms XHR
application/json 2606:4700:10::6816:169d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.joomag.com/jcsip/html5/v1/country/list

Requested by

Host: app.joomag.com
URL: https://app.joomag.com/Frontend/mobile/viewer/main.991e603b29afb97a9d62.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:169d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1d9738c70be4b4dc038a773657edaed4885a8c717294dd9fef316bbc9f2573f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://viewer.joomag.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Wed, 17 May 2023 22:49:55 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
j-proxy: lb3-443-star
j-srv: wa5-app2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
server: cloudflare
vary: User-Agent,Origin
access-control-allow-methods: POST, GET, DELETE, OPTIONS, PUT
content-type: application/json;
access-control-allow-origin: https://viewer.joomag.com
cache-control: public, max-age=604800, immutable
access-control-allow-credentials: true
cf-ray: 7c8f6a9b3835c33f-EWR
access-control-allow-headers: X-Csrf-Token, X-Requested-With, X-NewRelic-ID, Content-Type, key, sub-auth, new-subscriber
expires: Wed, 24 May 2023 22:49:55 GMT

GET
H3 200 2681606 Show response
app.joomag.com/jcsip/html5/v1/magazine/ Frame 248B 19 KB
4 KB 134ms
133ms XHR
application/json 2606:4700:10::6816:169d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.joomag.com/jcsip/html5/v1/magazine/2681606?is_linked_domain=0&manuallyEmbedded=&viewMode=desktop

Requested by

Host: app.joomag.com
URL: https://app.joomag.com/Frontend/mobile/viewer/vendor.8e042f937ae849c97495.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:169d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f0528c05ccaeb66ac3ccc3534c6bba31edf1c67aa62b0e4a1a3716436febdf66

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://viewer.joomag.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 22:49:55 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
j-proxy: lb3-443-star
j-srv: wa4-app2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: no-cache
server: cloudflare
vary: User-Agent,Origin
access-control-allow-methods: POST, GET, DELETE, OPTIONS, PUT
content-type: application/json;
access-control-allow-origin: https://viewer.joomag.com
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 7c8f6a9b4843c33f-EWR
access-control-allow-headers: X-Csrf-Token, X-Requested-With, X-NewRelic-ID, Content-Type, key, sub-auth, new-subscriber
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 ybd3aoj.js Show response
use.typekit.net/ Frame 248B 16 KB
7 KB 159ms
19ms Script
text/javascript 2600:141b:9000::1725:7b88

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/ybd3aoj.js

Requested by

Host: app.joomag.com
URL: https://app.joomag.com/Frontend/mobile/viewer/main.991e603b29afb97a9d62.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:9000::1725:7b88 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

5bc5a95f2c1345b234b97d40564f2ace4a68876123eae6bf800c1942341d7aae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://viewer.joomag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
date: Wed, 17 May 2023 22:49:55 GMT
server: nginx
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 6678

GET
H3 200 logo.png
app.joomag.com/static/flash/gui/themes/common_files/ Frame 248B 5 KB
6 KB 39ms
38ms Image
image/png 2606:4700:10::6816:169d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app.joomag.com/static/flash/gui/themes/common_files/logo.png?1684363794

Requested by

Host: viewer.joomag.com
URL: https://viewer.joomag.com/escape-fun-and-sun-2022/0396189001669226438?short&

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:169d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9588dcb72ac03f9d7386f8a602d75126751e22b8504fe4b9e19f3b62ebba0524

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://viewer.joomag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 22:49:55 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
j-proxy: lb3-443-star-static
j-srv: wa4-app1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5254
last-modified: Fri, 12 May 2023 09:06:18 GMT
server: cloudflare
etag: "1486-5fb7b6afbf680"
vary: User-Agent,Origin, Accept-Encoding
access-control-allow-methods: POST, GET, DELETE, OPTIONS, PUT
content-type: image/png
cache-control: public, max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7c8f6a9b4845c33f-EWR
access-control-allow-headers: X-Csrf-Token, X-Requested-With, X-NewRelic-ID, Content-Type, key, sub-auth, new-subscriber
expires: Fri, 16 Jun 2023 22:49:55 GMT

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 1EBB 90 B
134 B 33ms
31ms XHR
application/json+protobuf 2607:f8b0:4020:804::200a

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/90a441fd/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:804::200a -, , ASN (),

Reverse DNS

Software

ESF /

Resource Hash

eafc487182beb18fb0d7e9fe4d03e9857ff7dc1ca395338f6882885c9b107461

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Wed, 17 May 2023 22:49:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110
x-xss-protection: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 32ms
29ms Preflight
text/html 2607:f8b0:4020:804::200a

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:804::200a -, , ASN (),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Wed, 17 May 2023 22:49:55 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H3 200 get_logged_in_user_data.php Show response
app.joomag.com/Frontend/WebService/WebsiteGateway/ Frame 718F 43 B
646 B 59ms
41ms XHR
application/json 2606:4700:10::6816:169d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.joomag.com/Frontend/WebService/WebsiteGateway/get_logged_in_user_data.php?magID=2693874&fields%5B%5D=ID&fields%5B%5D=email

Requested by

Host: app.joomag.com
URL: https://app.joomag.com/Frontend/mobile/viewer/vendor.8e042f937ae849c97495.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:169d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9b74ae2df1ac535ca780a02cf74b1341e8ddf924ab02ba84c7aa772ee90ab77b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://viewer.joomag.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 22:49:55 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
j-proxy: lb3-443-star
j-srv: wa4-app1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
pragma: no-cache
server: cloudflare
vary: User-Agent,Origin
access-control-allow-methods: POST, GET, DELETE, OPTIONS, PUT
content-type: application/json
access-control-allow-origin: https://viewer.joomag.com
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 7c8f6a9c2903c33f-EWR
access-control-allow-headers: X-Csrf-Token, X-Requested-With, X-NewRelic-ID, Content-Type, key, sub-auth, new-subscriber
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 list Show response
app.joomag.com/jcsip/html5/v1/country/ Frame 718F 7 KB
3 KB 91ms
73ms XHR
application/json 2606:4700:10::6816:169d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.joomag.com/jcsip/html5/v1/country/list

Requested by

Host: app.joomag.com
URL: https://app.joomag.com/Frontend/mobile/viewer/main.991e603b29afb97a9d62.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:169d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1d9738c70be4b4dc038a773657edaed4885a8c717294dd9fef316bbc9f2573f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://viewer.joomag.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Wed, 17 May 2023 22:49:55 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
j-proxy: lb3-443-star
j-srv: wa4-app2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
server: cloudflare
vary: User-Agent,Origin
access-control-allow-methods: POST, GET, DELETE, OPTIONS, PUT
content-type: application/json;
access-control-allow-origin: https://viewer.joomag.com
cache-control: public, max-age=604800, immutable
access-control-allow-credentials: true
cf-ray: 7c8f6a9c2905c33f-EWR
access-control-allow-headers: X-Csrf-Token, X-Requested-With, X-NewRelic-ID, Content-Type, key, sub-auth, new-subscriber
expires: Wed, 24 May 2023 22:49:55 GMT

GET
H3 200 logo.png
app.joomag.com/static/flash/gui/themes/common_files/ Frame 718F 5 KB
6 KB 31ms
14ms Image
image/png 2606:4700:10::6816:169d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app.joomag.com/static/flash/gui/themes/common_files/logo.png?1684363794

Requested by

Host: app.joomag.com
URL: https://app.joomag.com/Frontend/mobile/viewer/vendor.8e042f937ae849c97495.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:169d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9588dcb72ac03f9d7386f8a602d75126751e22b8504fe4b9e19f3b62ebba0524

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://viewer.joomag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 22:49:55 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 0
j-proxy: lb3-443-star-static
j-srv: wa4-app1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5254
last-modified: Fri, 12 May 2023 09:06:18 GMT
server: cloudflare
etag: "1486-5fb7b6afbf680"
vary: User-Agent,Origin, Accept-Encoding
access-control-allow-methods: POST, GET, DELETE, OPTIONS, PUT
content-type: image/png
cache-control: public, max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7c8f6a9c2906c33f-EWR
access-control-allow-headers: X-Csrf-Token, X-Requested-With, X-NewRelic-ID, Content-Type, key, sub-auth, new-subscriber
expires: Fri, 16 Jun 2023 22:49:55 GMT

GET
H3 200 2693874 Show response
app.joomag.com/jcsip/html5/v1/magazine/ Frame 718F 15 KB
3 KB 126ms
115ms XHR
application/json 2606:4700:10::6816:169d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.joomag.com/jcsip/html5/v1/magazine/2693874?is_linked_domain=0&manuallyEmbedded=&viewMode=desktop

Requested by

Host: app.joomag.com
URL: https://app.joomag.com/Frontend/mobile/viewer/vendor.8e042f937ae849c97495.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:169d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3d7e1b032865fffb36385be457b7b03d582745bb8dd09e5fcf2af8a4bc27b7eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://viewer.joomag.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 22:49:55 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
j-proxy: lb3-443-star
j-srv: wa4-app1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: no-cache
server: cloudflare
vary: User-Agent,Origin
access-control-allow-methods: POST, GET, DELETE, OPTIONS, PUT
content-type: application/json;
access-control-allow-origin: https://viewer.joomag.com
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 7c8f6a9c2907c33f-EWR
access-control-allow-headers: X-Csrf-Token, X-Requested-With, X-NewRelic-ID, Content-Type, key, sub-auth, new-subscriber
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 ybd3aoj.js Show response
use.typekit.net/ Frame 718F 16 KB
7 KB 25ms
13ms Script
text/javascript 2600:141b:9000::1725:7b88

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/ybd3aoj.js

Requested by

Host: app.joomag.com
URL: https://app.joomag.com/Frontend/mobile/viewer/main.991e603b29afb97a9d62.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:9000::1725:7b88 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

5bc5a95f2c1345b234b97d40564f2ace4a68876123eae6bf800c1942341d7aae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://viewer.joomag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
date: Wed, 17 May 2023 22:49:55 GMT
server: nginx
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 6678

GET
H3 200 generateQR.php Show response
app.joomag.com/Frontend/WebService/WebsiteGateway/ Frame 248B 13 KB
2 KB 93ms
85ms XHR
image/svg+xml 2606:4700:10::6816:169d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.joomag.com/Frontend/WebService/WebsiteGateway/generateQR.php?data=https%3A%2F%2Fjoom.ag%2FDS3d%3Fref%3Dqr&size=1&color=%23ffffff&background=%23ffffff00&extension=svg&margin=0

Requested by

Host: app.joomag.com
URL: https://app.joomag.com/Frontend/mobile/viewer/vendor.8e042f937ae849c97495.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:169d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1cc3bcecde8a8f9e00c00c600ac9ef21dee786a313175e48093ece3da644890d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://viewer.joomag.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 22:49:55 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
j-proxy: lb3-443-star
j-srv: wa5-app2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
server: cloudflare
vary: User-Agent,Origin
access-control-allow-methods: POST, GET, DELETE, OPTIONS, PUT
content-type: image/svg+xml
access-control-allow-origin: https://viewer.joomag.com
cache-control: public, max-age=2592000, immutable
access-control-allow-credentials: true
cf-ray: 7c8f6a9c69f8443e-EWR
access-control-allow-headers: X-Csrf-Token, X-Requested-With, X-NewRelic-ID, Content-Type, key, sub-auth, new-subscriber
expires: Fri, 16 Jun 2023 22:49:55 GMT

GET
H3 200 main.svg
app.joomag.com/Frontend/mobile/viewer/ Frame 248B 191 KB
79 KB 29ms
29ms Image
image/svg+xml 2606:4700:10::6816:169d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app.joomag.com/Frontend/mobile/viewer/main.svg?_=1664880815149

Requested by

Host: app.joomag.com
URL: https://app.joomag.com/Frontend/mobile/viewer/styles/main.f88b03912e94c9679b1d75778b1b970e.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:169d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6403cce693c72247ae0e9b47e957b79469eced82d065946aa256429232efd3e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://app.joomag.com/Frontend/mobile/viewer/styles/main.f88b03912e94c9679b1d75778b1b970e.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 22:49:55 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 1223426
j-proxy: lb3-443-star-static
j-srv: wa4-app2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 02 May 2023 12:58:41 GMT
server: cloudflare
etag: W/"2fbda-5fab57fa38240"
vary: User-Agent,Origin, Accept-Encoding
access-control-allow-methods: POST, GET, DELETE, OPTIONS, PUT
content-type: image/svg+xml
cache-control: public, max-age=2592000
access-control-allow-credentials: true
cf-ray: 7c8f6a9cd988c33f-EWR
access-control-allow-headers: X-Csrf-Token, X-Requested-With, X-NewRelic-ID, Content-Type, key, sub-auth, new-subscriber
expires: Fri, 02 Jun 2023 18:59:29 GMT

GET
H3 200 logo.png
app.joomag.com/static/flash/gui/themes/common_files/ Frame 248B 5 KB
6 KB 17ms
15ms Image
image/png 2606:4700:10::6816:169d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app.joomag.com/static/flash/gui/themes/common_files/logo.png?1684363794

Requested by

Host: app.joomag.com
URL: https://app.joomag.com/Frontend/mobile/viewer/vendor.8e042f937ae849c97495.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:169d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9588dcb72ac03f9d7386f8a602d75126751e22b8504fe4b9e19f3b62ebba0524

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://viewer.joomag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 22:49:56 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 0
j-proxy: lb3-443-star-static
j-srv: wa4-app1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5254
last-modified: Fri, 12 May 2023 09:06:18 GMT
server: cloudflare
etag: "1486-5fb7b6afbf680"
vary: User-Agent,Origin, Accept-Encoding
access-control-allow-methods: POST, GET, DELETE, OPTIONS, PUT
content-type: image/png
cache-control: public, max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7c8f6a9cf9a2c33f-EWR
access-control-allow-headers: X-Csrf-Token, X-Requested-With, X-NewRelic-ID, Content-Type, key, sub-auth, new-subscriber
expires: Fri, 16 Jun 2023 22:49:55 GMT

GET
H3 200 generateQR.php
app.joomag.com/Frontend/WebService/WebsiteGateway/ Frame 248B 13 KB
2 KB 49ms
49ms Image
image/svg+xml 2606:4700:10::6816:169d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app.joomag.com/Frontend/WebService/WebsiteGateway/generateQR.php?data=https%3A%2F%2Fjoom.ag%2FDS3d%3Fref%3Dqr&size=1&color=%23ffffff&background=%23ffffff00&extension=svg&margin=0

Requested by

Host: viewer.joomag.com
URL: https://viewer.joomag.com/escape-fun-and-sun-2022/0396189001669226438?short&

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:169d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1cc3bcecde8a8f9e00c00c600ac9ef21dee786a313175e48093ece3da644890d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://viewer.joomag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 22:49:56 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
j-proxy: lb3-443-star
j-srv: wa5-app1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
server: cloudflare
vary: User-Agent,Origin
access-control-allow-methods: POST, GET, DELETE, OPTIONS, PUT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
access-control-allow-credentials: true
cf-ray: 7c8f6a9cf9abc33f-EWR
access-control-allow-headers: X-Csrf-Token, X-Requested-With, X-NewRelic-ID, Content-Type, key, sub-auth, new-subscriber
expires: Fri, 16 Jun 2023 22:49:56 GMT

GET
H3 200 loader.gif
app.joomag.com/Frontend/mobile/viewer/images/ Frame 248B 38 KB
38 KB 17ms
16ms Image
image/gif 2606:4700:10::6816:169d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app.joomag.com/Frontend/mobile/viewer/images/loader.gif

Requested by

Host: viewer.joomag.com
URL: https://viewer.joomag.com/escape-fun-and-sun-2022/0396189001669226438?short&

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:169d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3cddf3fcb8717496f1d00ec6ab00cf6023c7e62f54b682d14ba0b9f0828892f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://viewer.joomag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 22:49:56 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1227557
j-proxy: lb3-443-star-static
j-srv: wa5-app1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 38703
last-modified: Tue, 02 May 2023 12:58:41 GMT
server: cloudflare
etag: "972f-5fab57fa38240"
vary: User-Agent,Origin, Accept-Encoding
access-control-allow-methods: POST, GET, DELETE, OPTIONS, PUT
content-type: image/gif
cache-control: public, max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7c8f6a9d09acc33f-EWR
access-control-allow-headers: X-Csrf-Token, X-Requested-With, X-NewRelic-ID, Content-Type, key, sub-auth, new-subscriber
expires: Fri, 02 Jun 2023 17:50:39 GMT

GET
H2 200 0_3-0.SVG
s8cdn.joomag.com/mobile/2/2681/2681606/ Frame 248B 422 KB
278 KB 166ms
88ms Image
image/svg+xml 2606:4700:10::ac43:1df5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s8cdn.joomag.com/mobile/2/2681/2681606/0_3-0.SVG?_=1774428788&v=1681754333

Requested by

Host: viewer.joomag.com
URL: https://viewer.joomag.com/escape-fun-and-sun-2022/0396189001669226438?short&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1df5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9d0f24ee88296e4015151e466f5c435729994364ec36cc0588464c88ec41ee4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://viewer.joomag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 22:49:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Wed, 23 Nov 2022 18:03:12 GMT
server: cloudflare
etag: W/"637e6060-6996a"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
cf-ray: 7c8f6a9d781223a1-EWR
access-control-allow-headers: X-Csrf-Token, X-Requested-With, X-NewRelic-ID, Content-Type, key, sub-auth, new-subscriber
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 16 Jun 2023 22:49:56 GMT

GET
H2 404 undefined
viewer.joomag.com/escape-fun-and-sun-2022/ Frame 248B 295 B
350 B 19ms
18ms Media
text/html 2606:4700:10::6816:179d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://viewer.joomag.com/escape-fun-and-sun-2022/undefined

Requested by

Host: viewer.joomag.com
URL: https://viewer.joomag.com/escape-fun-and-sun-2022/0396189001669226438?short&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:179d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b4f11d2e1a68d946f6d481155ac263601cdd08ea20f601e59b854fa677ebc986

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://viewer.joomag.com/escape-fun-and-sun-2022/0396189001669226438?short&
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Range: bytes=0-

Response headers

date: Wed, 17 May 2023 22:49:56 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
j-proxy: lb3-443-star
content-type: text/html; charset=iso-8859-1
access-control-allow-origin: *
cf-ray: 7c8f6a9e4fc44398-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 404 undefined
viewer.joomag.com/escape-fun-and-sun-2022/ Frame 248B 295 B
395 B 17ms
16ms Media
text/html 2606:4700:10::6816:179d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://viewer.joomag.com/escape-fun-and-sun-2022/undefined

Requested by

Host: viewer.joomag.com
URL: https://viewer.joomag.com/escape-fun-and-sun-2022/0396189001669226438?short&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:179d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b4f11d2e1a68d946f6d481155ac263601cdd08ea20f601e59b854fa677ebc986

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://viewer.joomag.com/escape-fun-and-sun-2022/0396189001669226438?short&
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Range: bytes=0-

Response headers

date: Wed, 17 May 2023 22:49:56 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
j-proxy: lb3-443-star
content-type: text/html; charset=iso-8859-1
access-control-allow-origin: *
cf-ray: 7c8f6a9e5fc54398-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 generateQR.php Show response
app.joomag.com/Frontend/WebService/WebsiteGateway/ Frame 718F 12 KB
2 KB 61ms
61ms XHR
image/svg+xml 2606:4700:10::6816:169d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.joomag.com/Frontend/WebService/WebsiteGateway/generateQR.php?data=https%3A%2F%2Fjoom.ag%2Fufld%3Fref%3Dqr&size=1&color=%23ffffff&background=%23ffffff00&extension=svg&margin=0

Requested by

Host: app.joomag.com
URL: https://app.joomag.com/Frontend/mobile/viewer/vendor.8e042f937ae849c97495.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:169d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b1857dec963f09afa56829102b738bec9b31749007d9c252c1a0d9328ca4efaf

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://viewer.joomag.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 22:49:56 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
j-proxy: lb3-443-star
j-srv: wa4-app2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
server: cloudflare
vary: User-Agent,Origin
access-control-allow-methods: POST, GET, DELETE, OPTIONS, PUT
content-type: image/svg+xml
access-control-allow-origin: https://viewer.joomag.com
cache-control: public, max-age=2592000, immutable
access-control-allow-credentials: true
cf-ray: 7c8f6a9e7c4d443e-EWR
access-control-allow-headers: X-Csrf-Token, X-Requested-With, X-NewRelic-ID, Content-Type, key, sub-auth, new-subscriber
expires: Fri, 16 Jun 2023 22:49:56 GMT

GET
H3 200 main.svg
app.joomag.com/Frontend/mobile/viewer/ Frame 718F 191 KB
79 KB 26ms
25ms Image
image/svg+xml 2606:4700:10::6816:169d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app.joomag.com/Frontend/mobile/viewer/main.svg?_=1664880815149

Requested by

Host: app.joomag.com
URL: https://app.joomag.com/Frontend/mobile/viewer/styles/main.f88b03912e94c9679b1d75778b1b970e.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:169d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6403cce693c72247ae0e9b47e957b79469eced82d065946aa256429232efd3e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://app.joomag.com/Frontend/mobile/viewer/styles/main.f88b03912e94c9679b1d75778b1b970e.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 22:49:56 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 1223427
j-proxy: lb3-443-star-static
j-srv: wa4-app2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 02 May 2023 12:58:41 GMT
server: cloudflare
etag: W/"2fbda-5fab57fa38240"
vary: User-Agent,Origin, Accept-Encoding
access-control-allow-methods: POST, GET, DELETE, OPTIONS, PUT
content-type: image/svg+xml
cache-control: public, max-age=2592000
access-control-allow-credentials: true
cf-ray: 7c8f6a9e8ae5c33f-EWR
access-control-allow-headers: X-Csrf-Token, X-Requested-With, X-NewRelic-ID, Content-Type, key, sub-auth, new-subscriber
expires: Fri, 02 Jun 2023 18:59:29 GMT

GET
H3 200 loader.gif
app.joomag.com/Frontend/mobile/viewer/images/ Frame 718F 38 KB
38 KB 25ms
25ms Image
image/gif 2606:4700:10::6816:169d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app.joomag.com/Frontend/mobile/viewer/images/loader.gif

Requested by

Host: app.joomag.com
URL: https://app.joomag.com/Frontend/mobile/viewer/vendor.8e042f937ae849c97495.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:169d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3cddf3fcb8717496f1d00ec6ab00cf6023c7e62f54b682d14ba0b9f0828892f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://viewer.joomag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 22:49:56 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1227557
j-proxy: lb3-443-star-static
j-srv: wa5-app1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 38703
last-modified: Tue, 02 May 2023 12:58:41 GMT
server: cloudflare
etag: "972f-5fab57fa38240"
vary: User-Agent,Origin, Accept-Encoding
access-control-allow-methods: POST, GET, DELETE, OPTIONS, PUT
content-type: image/gif
cache-control: public, max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7c8f6a9e9ae9c33f-EWR
access-control-allow-headers: X-Csrf-Token, X-Requested-With, X-NewRelic-ID, Content-Type, key, sub-auth, new-subscriber
expires: Fri, 02 Jun 2023 17:50:39 GMT

GET
H3 200 logo.png
app.joomag.com/static/flash/gui/themes/common_files/ Frame 718F 5 KB
6 KB 20ms
20ms Image
image/png 2606:4700:10::6816:169d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app.joomag.com/static/flash/gui/themes/common_files/logo.png?1684363794

Requested by

Host: app.joomag.com
URL: https://app.joomag.com/Frontend/mobile/viewer/vendor.8e042f937ae849c97495.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:169d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9588dcb72ac03f9d7386f8a602d75126751e22b8504fe4b9e19f3b62ebba0524

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://viewer.joomag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 22:49:56 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1
j-proxy: lb3-443-star-static
j-srv: wa4-app1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5254
last-modified: Fri, 12 May 2023 09:06:18 GMT
server: cloudflare
etag: "1486-5fb7b6afbf680"
vary: User-Agent,Origin, Accept-Encoding
access-control-allow-methods: POST, GET, DELETE, OPTIONS, PUT
content-type: image/png
cache-control: public, max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7c8f6a9ebb08c33f-EWR
access-control-allow-headers: X-Csrf-Token, X-Requested-With, X-NewRelic-ID, Content-Type, key, sub-auth, new-subscriber
expires: Fri, 16 Jun 2023 22:49:55 GMT

GET
H3 200 generateQR.php
app.joomag.com/Frontend/WebService/WebsiteGateway/ Frame 718F 12 KB
2 KB 41ms
40ms Image
image/svg+xml 2606:4700:10::6816:169d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app.joomag.com/Frontend/WebService/WebsiteGateway/generateQR.php?data=https%3A%2F%2Fjoom.ag%2Fufld%3Fref%3Dqr&size=1&color=%23ffffff&background=%23ffffff00&extension=svg&margin=0

Requested by

Host: viewer.joomag.com
URL: https://viewer.joomag.com/escape-insider-march-2023/0692904001676562170?short&

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:169d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b1857dec963f09afa56829102b738bec9b31749007d9c252c1a0d9328ca4efaf

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://viewer.joomag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 22:49:56 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
j-proxy: lb3-443-star
j-srv: wa5-app2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
server: cloudflare
vary: User-Agent,Origin
access-control-allow-methods: POST, GET, DELETE, OPTIONS, PUT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
access-control-allow-credentials: true
cf-ray: 7c8f6a9ebb09c33f-EWR
access-control-allow-headers: X-Csrf-Token, X-Requested-With, X-NewRelic-ID, Content-Type, key, sub-auth, new-subscriber
expires: Fri, 16 Jun 2023 22:49:56 GMT

GET
H2 200 0_3-0.SVG
s8cdn.joomag.com/mobile/2/2693/2693874/ Frame 718F 711 KB
498 KB 52ms
50ms Image
image/svg+xml 2606:4700:10::ac43:1df5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s8cdn.joomag.com/mobile/2/2693/2693874/0_3-0.SVG?_=1163914779&v=1676562538

Requested by

Host: viewer.joomag.com
URL: https://viewer.joomag.com/escape-insider-march-2023/0692904001676562170?short&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1df5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7d615de1a125b8cdbda47d1ae45b295520886b2785635658033148e29dd42b48

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://viewer.joomag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 22:49:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Thu, 16 Feb 2023 15:42:54 GMT
server: cloudflare
age: 801313
etag: W/"63ee4efe-b1af8"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
cf-ray: 7c8f6a9eb89423a1-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 07 Jun 2023 16:14:43 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame 1EBB 0
10 B 15ms
15ms Image
text/plain 2607:f8b0:4020:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?hS4eoA
Requested by: Host: j2fx.vacation.escapevacations.com
URL: https://j2fx.vacation.escapevacations.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4020:807::200e Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/embed/Ig4Iq3rUsMg?rel=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 22:49:56 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 1EBB 4 KB
2 KB 144ms
55ms Script
text/javascript 2607:f8b0:4020:807::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/90a441fd/player_ias.vflset/en_US/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2003 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 22:49:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 17 May 2023 22:49:56 GMT

GET
H3 404 undefined
viewer.joomag.com/escape-insider-march-2023/ Frame 718F 295 B
533 B 23ms
22ms Media
text/html 2606:4700:10::6816:179d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://viewer.joomag.com/escape-insider-march-2023/undefined

Requested by

Host: viewer.joomag.com
URL: https://viewer.joomag.com/escape-insider-march-2023/0692904001676562170?short&

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:179d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b4f11d2e1a68d946f6d481155ac263601cdd08ea20f601e59b854fa677ebc986

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://viewer.joomag.com/escape-insider-march-2023/0692904001676562170?short&
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Range: bytes=0-

Response headers

date: Wed, 17 May 2023 22:49:56 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
j-proxy: lb3-443-star
content-type: text/html; charset=iso-8859-1
access-control-allow-origin: *
cf-ray: 7c8f6a9ffbdf43e0-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 404 undefined
viewer.joomag.com/escape-insider-march-2023/ Frame 718F 295 B
497 B 25ms
24ms Media
text/html 2606:4700:10::6816:179d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://viewer.joomag.com/escape-insider-march-2023/undefined

Requested by

Host: viewer.joomag.com
URL: https://viewer.joomag.com/escape-insider-march-2023/0692904001676562170?short&

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:179d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b4f11d2e1a68d946f6d481155ac263601cdd08ea20f601e59b854fa677ebc986

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://viewer.joomag.com/escape-insider-march-2023/0692904001676562170?short&
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Range: bytes=0-

Response headers

date: Wed, 17 May 2023 22:49:56 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
j-proxy: lb3-443-star
content-type: text/html; charset=iso-8859-1
access-control-allow-origin: *
cf-ray: 7c8f6a9ffbe143e0-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 l
use.typekit.net/af/78aca8/00000000000000007735e60d/30/ Frame 718F 74 KB
74 KB 31ms
6ms Font
application/font-woff2 2600:141b:9000::1725:7b88

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/78aca8/00000000000000007735e60d/30/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=n6&v=3
Requested by: Host: viewer.joomag.com
URL: https://viewer.joomag.com/escape-insider-march-2023/0692904001676562170?short&
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:9000::1725:7b88 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 5677923124b6c0744a5a286c84c8ed54532ea7b4a002d8124cdc69107c400a53

Request headers

Referer: https://viewer.joomag.com/
Origin: https://viewer.joomag.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 22:49:56 GMT
server: nginx
etag: "773dde840fd03eb0ce996c6a5578200eb700577d"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 75728

GET
H2 200 l
use.typekit.net/af/efe4a5/00000000000000007735e609/30/ Frame 718F 74 KB
74 KB 45ms
20ms Font
application/font-woff2 2600:141b:9000::1725:7b88

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/efe4a5/00000000000000007735e609/30/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=n4&v=3
Requested by: Host: viewer.joomag.com
URL: https://viewer.joomag.com/escape-insider-march-2023/0692904001676562170?short&
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:9000::1725:7b88 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 324474ff12691ad8154450cb63a421b3a43877085c7163f541a02819aeca99f8

Request headers

Referer: https://viewer.joomag.com/
Origin: https://viewer.joomag.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 22:49:56 GMT
server: nginx
etag: "df3243d3c759de78b3798be9b3d13ba4e81d0d86"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 75868

GET
H2 200 l
use.typekit.net/af/78aca8/00000000000000007735e60d/30/ Frame 248B 74 KB
74 KB 48ms
25ms Font
application/font-woff2 2600:141b:9000::1725:7b88

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/78aca8/00000000000000007735e60d/30/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=n6&v=3
Requested by: Host: viewer.joomag.com
URL: https://viewer.joomag.com/escape-fun-and-sun-2022/0396189001669226438?short&
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:9000::1725:7b88 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 5677923124b6c0744a5a286c84c8ed54532ea7b4a002d8124cdc69107c400a53

Request headers

Referer: https://viewer.joomag.com/
Origin: https://viewer.joomag.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 22:49:56 GMT
server: nginx
etag: "773dde840fd03eb0ce996c6a5578200eb700577d"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 75728

GET
H2 200 l
use.typekit.net/af/efe4a5/00000000000000007735e609/30/ Frame 248B 74 KB
74 KB 27ms
5ms Font
application/font-woff2 2600:141b:9000::1725:7b88

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/efe4a5/00000000000000007735e609/30/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=n4&v=3
Requested by: Host: viewer.joomag.com
URL: https://viewer.joomag.com/escape-fun-and-sun-2022/0396189001669226438?short&
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:9000::1725:7b88 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 324474ff12691ad8154450cb63a421b3a43877085c7163f541a02819aeca99f8

Request headers

Referer: https://viewer.joomag.com/
Origin: https://viewer.joomag.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 22:49:56 GMT
server: nginx
etag: "df3243d3c759de78b3798be9b3d13ba4e81d0d86"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 75868

GET
H3 200 1_3-0.SVG
s8cdn.joomag.com/mobile/2/2681/2681606/ Frame 248B 346 KB
177 KB 39ms
38ms Image
image/svg+xml 2606:4700:10::ac43:1df5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s8cdn.joomag.com/mobile/2/2681/2681606/1_3-0.SVG?_=1774428788&v=1681754333

Requested by

Host: viewer.joomag.com
URL: https://viewer.joomag.com/escape-fun-and-sun-2022/0396189001669226438?short&

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:1df5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b9d231141030c2154f55f753a11454ed367367ae3335d2dd8779eab7446bb32

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://viewer.joomag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 22:49:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Wed, 23 Nov 2022 18:03:14 GMT
server: cloudflare
etag: W/"637e6062-5678d"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
cf-ray: 7c8f6aa13e8f41bd-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 16 Jun 2023 22:49:56 GMT

GET
H3 200 2_3-0.SVG
s8cdn.joomag.com/mobile/2/2681/2681606/ Frame 248B 610 KB
292 KB 47ms
45ms Image
image/svg+xml 2606:4700:10::ac43:1df5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s8cdn.joomag.com/mobile/2/2681/2681606/2_3-0.SVG?_=1774428788&v=1681754333

Requested by

Host: viewer.joomag.com
URL: https://viewer.joomag.com/escape-fun-and-sun-2022/0396189001669226438?short&

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:1df5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d6bf94d3df17a0845d4a99c1416190fac1fc8e74a8e5f3e5fe9876cf91db73dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://viewer.joomag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 22:49:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Wed, 23 Nov 2022 18:03:16 GMT
server: cloudflare
etag: W/"637e6064-98880"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
cf-ray: 7c8f6aa13e9741bd-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 16 Jun 2023 22:49:56 GMT

GET
H3 200 1_3-0.SVG
s8cdn.joomag.com/mobile/2/2693/2693874/ Frame 718F 603 KB
313 KB 39ms
37ms Image
image/svg+xml 2606:4700:10::ac43:1df5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s8cdn.joomag.com/mobile/2/2693/2693874/1_3-0.SVG?_=1163914779&v=1676562538

Requested by

Host: viewer.joomag.com
URL: https://viewer.joomag.com/escape-insider-march-2023/0692904001676562170?short&

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:1df5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ac194d214e7a8d4b0af1150432dcb19331598e26c04ce6043d5c953046eb1edd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://viewer.joomag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 22:49:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Thu, 16 Feb 2023 15:43:01 GMT
server: cloudflare
age: 364563
etag: W/"63ee4f05-96a7f"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
cf-ray: 7c8f6aa16eba41bd-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 12 Jun 2023 17:33:53 GMT

GET
H3 200 2_3-0.SVG
s8cdn.joomag.com/mobile/2/2693/2693874/ Frame 718F 791 KB
579 KB 62ms
60ms Image
image/svg+xml 2606:4700:10::ac43:1df5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s8cdn.joomag.com/mobile/2/2693/2693874/2_3-0.SVG?_=1163914779&v=1676562538

Requested by

Host: viewer.joomag.com
URL: https://viewer.joomag.com/escape-insider-march-2023/0692904001676562170?short&

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:1df5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f169d277e9771a1f31c35eb43cfef5ea7a2ba1346383218f0438ae524dd3351e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://viewer.joomag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 22:49:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Thu, 16 Feb 2023 15:43:06 GMT
server: cloudflare
age: 351513
etag: W/"63ee4f0a-c5a7c"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
cf-ray: 7c8f6aa16ebb41bd-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 12 Jun 2023 21:11:23 GMT

GET
H2 200 p.gif
p.typekit.net/ Frame 718F 35 B
214 B 95ms
6ms Image
image/gif 2600:141b:13::17d7:82a8

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.typekit.net/p.gif?s=1&k=ybd3aoj&ht=tk&h=viewer.joomag.com&f=173.175&a=1029652&js=1.21.0&app=typekit&e=js&_=1684363796721
Requested by: Host: viewer.joomag.com
URL: https://viewer.joomag.com/escape-insider-march-2023/0692904001676562170?short&
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:13::17d7:82a8 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39

Request headers

accept-language: en-US,en;q=0.9
Referer: https://viewer.joomag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 22:49:56 GMT
last-modified: Sat, 09 Oct 2021 06:42:30 GMT
server: nginx
etag: "616139d6-23"
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 35

GET
H2 200 p.gif
p.typekit.net/ Frame 248B 35 B
214 B 92ms
3ms Image
image/gif 2600:141b:13::17d7:82a8

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.typekit.net/p.gif?s=1&k=ybd3aoj&ht=tk&h=viewer.joomag.com&f=173.175&a=1029652&js=1.21.0&app=typekit&e=js&_=1684363796723
Requested by: Host: viewer.joomag.com
URL: https://viewer.joomag.com/escape-fun-and-sun-2022/0396189001669226438?short&
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:13::17d7:82a8 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39

Request headers

accept-language: en-US,en;q=0.9
Referer: https://viewer.joomag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 22:49:56 GMT
last-modified: Sat, 09 Oct 2021 06:42:30 GMT
server: nginx
etag: "616139d6-23"
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 35

GET
H2 200 ping Show response
an3.joomag.com/ Frame 718F 4 B
382 B 65ms
4ms XHR
text/html 209.95.50.25

General

Check archive.org

Show headers Download Go to

Full URL

https://an3.joomag.com/ping?build_version=1.1.26

Requested by

Host: www.joomag.com
URL: https://www.joomag.com/Frontend/pixel/joomag-pixel.d98493bd8849d9c333b2.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

209.95.50.25 -, , ASN (),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

9795c5ff8937f23526ccb207a5684c1fc94a7854e19c021b39d944e51f5baef2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://viewer.joomag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-server-time: 1684363797320
date: Wed, 17 May 2023 22:49:57 GMT
strict-transport-security: max-age=63072000; includeSubDomains
server: nginx/1.18.0
x-server-response-time: 1684363797320
j-proxy: an3-443
content-type: text/html
access-control-allow-origin: *
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-expose-headers: x-server-response-time, x-server-time
access-control-allow-credentials: true
x-robots-tag: noindex
access-control-allow-headers: *

GET
H2 200 ping Show response
an3.joomag.com/ Frame 248B 4 B
381 B 47ms
5ms XHR
text/html 209.95.50.25

General

Check archive.org

Show headers Download Go to

Full URL

https://an3.joomag.com/ping?build_version=1.1.26

Requested by

Host: www.joomag.com
URL: https://www.joomag.com/Frontend/pixel/joomag-pixel.d98493bd8849d9c333b2.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

209.95.50.25 -, , ASN (),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

9795c5ff8937f23526ccb207a5684c1fc94a7854e19c021b39d944e51f5baef2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://viewer.joomag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-server-time: 1684363797321
date: Wed, 17 May 2023 22:49:57 GMT
strict-transport-security: max-age=63072000; includeSubDomains
server: nginx/1.18.0
x-server-response-time: 1684363797321
j-proxy: an3-443
content-type: text/html
access-control-allow-origin: *
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-expose-headers: x-server-response-time, x-server-time
access-control-allow-credentials: true
x-robots-tag: noindex
access-control-allow-headers: *

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 1EBB 28 B
50 B 44ms
43ms XHR
application/json 2607:f8b0:4020:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/90a441fd/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::200e Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
X-Goog-Request-Time: 1684363797310
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/Ig4Iq3rUsMg?rel=0
X-YouTube-Client-Version: 1.20230514.00.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtJRXdSak55M3FTMCiStJWjBg%3D%3D
X-YouTube-Ad-Signals: dt=1684363794804&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=23&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C892%2C533&vis=1&wgl=true&ca_type=image

Response headers

date: Wed, 17 May 2023 22:49:57 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0

GET
H3 200 3_3-0.SVG
s8cdn.joomag.com/mobile/2/2681/2681606/ Frame 248B 358 KB
229 KB 22ms
21ms Image
image/svg+xml 2606:4700:10::ac43:1df5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s8cdn.joomag.com/mobile/2/2681/2681606/3_3-0.SVG?_=1774428788&v=1681754333

Requested by

Host: viewer.joomag.com
URL: https://viewer.joomag.com/escape-fun-and-sun-2022/0396189001669226438?short&

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:1df5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

07b43fa880c1a25b5ffcf847bc635e743c390e4b6603de70344b65eb1e010d34

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://viewer.joomag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 22:49:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Wed, 23 Nov 2022 18:03:17 GMT
server: cloudflare
age: 394088
etag: W/"637e6065-5997e"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
cf-ray: 7c8f6aa54ab541bd-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 12 Jun 2023 09:21:49 GMT

GET
H3 200 4_3-0.SVG
s8cdn.joomag.com/mobile/2/2681/2681606/ Frame 248B 480 KB
205 KB 33ms
30ms Image
image/svg+xml 2606:4700:10::ac43:1df5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s8cdn.joomag.com/mobile/2/2681/2681606/4_3-0.SVG?_=1774428788&v=1681754333

Requested by

Host: viewer.joomag.com
URL: https://viewer.joomag.com/escape-fun-and-sun-2022/0396189001669226438?short&

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:1df5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb909fddf518cc673ecd7fd4f71323d7711c7699c52865fa0dac8471fd09faa1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://viewer.joomag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 22:49:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 19306
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 23 Nov 2022 18:03:19 GMT
server: cloudflare
etag: W/"637e6067-78190"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
cf-ray: 7c8f6aa54abb41bd-EWR
access-control-allow-headers: X-Csrf-Token, X-Requested-With, X-NewRelic-ID, Content-Type, key, sub-auth, new-subscriber
expires: Fri, 16 Jun 2023 17:28:11 GMT

GET
H3 200 3_3-0.SVG
s8cdn.joomag.com/mobile/2/2693/2693874/ Frame 718F 746 KB
547 KB 41ms
40ms Image
image/svg+xml 2606:4700:10::ac43:1df5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s8cdn.joomag.com/mobile/2/2693/2693874/3_3-0.SVG?_=1163914779&v=1676562538

Requested by

Host: viewer.joomag.com
URL: https://viewer.joomag.com/escape-insider-march-2023/0692904001676562170?short&

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:1df5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

48bf6e9c9deb6a4e39436681e891c6dae7486c8718c563db93f9351d72d1bc48

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://viewer.joomag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 22:49:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Thu, 16 Feb 2023 15:43:12 GMT
server: cloudflare
age: 364563
etag: W/"63ee4f10-ba82e"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
cf-ray: 7c8f6aa54abc41bd-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 12 Jun 2023 17:33:54 GMT

GET
H3 200 4_3-0.SVG
s8cdn.joomag.com/mobile/2/2693/2693874/ Frame 718F 370 KB
115 KB 74ms
73ms Image
image/svg+xml 2606:4700:10::ac43:1df5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s8cdn.joomag.com/mobile/2/2693/2693874/4_3-0.SVG?_=1163914779&v=1676562538

Requested by

Host: viewer.joomag.com
URL: https://viewer.joomag.com/escape-insider-march-2023/0692904001676562170?short&

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:1df5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

46be4754cd657791c78e4cb6e5b757295909bae55c526f3b8f6880e0f965d042

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://viewer.joomag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 22:49:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Thu, 16 Feb 2023 15:43:19 GMT
server: cloudflare
age: 394088
etag: W/"63ee4f17-5c6b3"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
cf-ray: 7c8f6aa54abd41bd-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 12 Jun 2023 09:21:49 GMT

POST
H2 200 70074464-f2a2-4e86-a0fb-6867aa7f465f Show response
an3.joomag.com/reader/ Frame 718F 52 B
350 B 1145ms
1143ms XHR
text/html 209.95.50.25

General

Check archive.org

Show headers Download Go to

Full URL

https://an3.joomag.com/reader/70074464-f2a2-4e86-a0fb-6867aa7f465f?build_version=1.1.26

Requested by

Host: www.joomag.com
URL: https://www.joomag.com/Frontend/pixel/joomag-pixel.d98493bd8849d9c333b2.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

209.95.50.25 -, , ASN (),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

4da077d398140db64ccef2d1eee9f73df6628bec31215be5eabcc2c595d0a6eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

Referer: https://viewer.joomag.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/json

Response headers

x-server-time: 1684363797343
date: Wed, 17 May 2023 22:49:58 GMT
strict-transport-security: max-age=63072000; includeSubDomains
server: nginx/1.18.0
j-proxy: an3-443
content-type: text/html
access-control-allow-origin: *
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-credentials: true
x-robots-tag: noindex
access-control-allow-headers: *

OPTIONS
H2 204 70074464-f2a2-4e86-a0fb-6867aa7f465f
an3.joomag.com/reader/ Frame 0
0 5ms
5ms Preflight
text/plain 209.95.50.25

General

Check archive.org

Show headers Download Go to

Full URL: https://an3.joomag.com/reader/70074464-f2a2-4e86-a0fb-6867aa7f465f?build_version=1.1.26
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 209.95.50.25 -, , ASN (),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://viewer.joomag.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type, Accept
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
content-length: 0
content-type: text/plain
date: Wed, 17 May 2023 22:49:57 GMT
server: nginx/1.18.0

POST
H2 200 928369dd-cb61-4812-8b1b-4b4612f7ed6c Show response
an3.joomag.com/reader/ Frame 248B 52 B
350 B 1174ms
1173ms XHR
text/html 209.95.50.25

General

Check archive.org

Show headers Download Go to

Full URL

https://an3.joomag.com/reader/928369dd-cb61-4812-8b1b-4b4612f7ed6c?build_version=1.1.26

Requested by

Host: www.joomag.com
URL: https://www.joomag.com/Frontend/pixel/joomag-pixel.d98493bd8849d9c333b2.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

209.95.50.25 -, , ASN (),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

167cf77f993170ec594c75d4d927f66bfa98376bd9cfb5e828dc55ab06480391

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

Referer: https://viewer.joomag.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/json

Response headers

x-server-time: 1684363797343
date: Wed, 17 May 2023 22:49:58 GMT
strict-transport-security: max-age=63072000; includeSubDomains
server: nginx/1.18.0
j-proxy: an3-443
content-type: text/html
access-control-allow-origin: *
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-credentials: true
x-robots-tag: noindex
access-control-allow-headers: *

OPTIONS
H2 204 928369dd-cb61-4812-8b1b-4b4612f7ed6c
an3.joomag.com/reader/ Frame 0
0 4ms
3ms Preflight
text/plain 209.95.50.25

General

Check archive.org

Show headers Download Go to

Full URL: https://an3.joomag.com/reader/928369dd-cb61-4812-8b1b-4b4612f7ed6c?build_version=1.1.26
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 209.95.50.25 -, , ASN (),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://viewer.joomag.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type, Accept
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
content-length: 0
content-type: text/plain
date: Wed, 17 May 2023 22:49:57 GMT
server: nginx/1.18.0

GET
H3 200 map.js Show response
maps.google.com/maps-api-v3/api/js/53/2/ Frame 8AA4 74 KB
23 KB 13ms
13ms Script
text/javascript 2607:f8b0:4020:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.google.com/maps-api-v3/api/js/53/2/map.js

Requested by

Host: maps.google.com
URL: https://maps.google.com/maps/api/js?key=AIzaSyAxuVERn-bIKl8t1fV19IpqYCrAgzZCAv0

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::200e Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aa8277d6e88e672dd2a915ad9af8d97f2b5523334484bfd08b45188c3cc4093c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://j2fx.vacation.escapevacations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 14:36:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29638
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23703
x-xss-protection: 0
last-modified: Wed, 03 May 2023 01:13:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 16 May 2024 14:36:00 GMT

GET
H3 200 marker.js Show response
maps.google.com/maps-api-v3/api/js/53/2/ Frame 8AA4 73 KB
22 KB 14ms
14ms Script
text/javascript 2607:f8b0:4020:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.google.com/maps-api-v3/api/js/53/2/marker.js

Requested by

Host: maps.google.com
URL: https://maps.google.com/maps/api/js?key=AIzaSyAxuVERn-bIKl8t1fV19IpqYCrAgzZCAv0

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::200e Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bde025ba7949fad35f99fd307cf830757f5cfd11b3b6d8cfed89b3a1c4938244

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://j2fx.vacation.escapevacations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 20:32:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8273
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22263
x-xss-protection: 0
last-modified: Wed, 03 May 2023 01:13:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 16 May 2024 20:32:05 GMT

GET
H2 200 collect Show response
an3.joomag.com/ Frame 718F 0
280 B 12ms
12ms XHR
text/plain 209.95.50.25

General

Check archive.org

Show headers Download Go to

Full URL

https://an3.joomag.com/collect?v=1.0&ct=html5-viewer&oai=682707&t=1684363798&a=6c9068f0-43be-43a9-9ed0-51b227dcda3e&se=1c2ed770-02a7-48fd-93e1-ce48e2076678&ri=70074464-f2a2-4e86-a0fb-6867aa7f465f&iqcr=false&pu=https%3A%2F%2Fviewer.joomag.com%2Fescape-insider-march-2023%2F0692904001676562170%3Fshort%26&rl=https%3A%2F%2Fj2fx.vacation.escapevacations.com%2F&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F113.0.5672.126%20Safari%2F537.36&b=Chrome&bv=113.0.5672.126&os=Windows&osv=10&ctn=Africa%2FAbidjan&cl=en-US&cso=landscape-primary&csw=1600&csh=1200&csaw=1600&csah=1200&cww=900&cwh=511&cdpr=1&dbv=1.1.26&msi=1137411&mai=2693874&pn=1&evn=mag_view&build_version=1.1.26

Requested by

Host: www.joomag.com
URL: https://www.joomag.com/Frontend/pixel/joomag-pixel.d98493bd8849d9c333b2.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

209.95.50.25 -, , ASN (),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://viewer.joomag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-server-time: 1684363798498
date: Wed, 17 May 2023 22:49:58 GMT
strict-transport-security: max-age=63072000; includeSubDomains
server: nginx/1.18.0
j-proxy: an3-443
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
access-control-allow-credentials: true
x-robots-tag: noindex
access-control-allow-headers: *

GET
H2 200 collect Show response
an3.joomag.com/ Frame 718F 0
280 B 12ms
11ms XHR
text/plain 209.95.50.25

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.joomag.com
URL: https://www.joomag.com/Frontend/pixel/joomag-pixel.d98493bd8849d9c333b2.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

209.95.50.25 -, , ASN (),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://viewer.joomag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-server-time: 1684363798516
date: Wed, 17 May 2023 22:49:58 GMT
strict-transport-security: max-age=63072000; includeSubDomains
server: nginx/1.18.0
j-proxy: an3-443
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
access-control-allow-credentials: true
x-robots-tag: noindex
access-control-allow-headers: *

GET
H2 200 collect Show response
an3.joomag.com/ Frame 248B 0
280 B 13ms
13ms XHR
text/plain 209.95.50.25

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.joomag.com
URL: https://www.joomag.com/Frontend/pixel/joomag-pixel.d98493bd8849d9c333b2.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

209.95.50.25 -, , ASN (),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://viewer.joomag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-server-time: 1684363798525
date: Wed, 17 May 2023 22:49:58 GMT
strict-transport-security: max-age=63072000; includeSubDomains
server: nginx/1.18.0
j-proxy: an3-443
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
access-control-allow-credentials: true
x-robots-tag: noindex
access-control-allow-headers: *

OPTIONS
H2 204 70074464-f2a2-4e86-a0fb-6867aa7f465f
an3.joomag.com/reader/928369dd-cb61-4812-8b1b-4b4612f7ed6c/merge-into/ Frame 0
0 3ms
3ms Preflight
text/plain 209.95.50.25

General

Check archive.org

Show headers Download Go to

Full URL: https://an3.joomag.com/reader/928369dd-cb61-4812-8b1b-4b4612f7ed6c/merge-into/70074464-f2a2-4e86-a0fb-6867aa7f465f?build_version=1.1.26
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 209.95.50.25 -, , ASN (),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://viewer.joomag.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type, Accept
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
content-length: 0
content-type: text/plain
date: Wed, 17 May 2023 22:49:58 GMT
server: nginx/1.18.0

POST
H2 200 70074464-f2a2-4e86-a0fb-6867aa7f465f Show response
an3.joomag.com/reader/928369dd-cb61-4812-8b1b-4b4612f7ed6c/merge-into/ Frame 718F 52 B
350 B 69ms
68ms XHR
text/html 209.95.50.25

General

Check archive.org

Show headers Download Go to

Full URL

https://an3.joomag.com/reader/928369dd-cb61-4812-8b1b-4b4612f7ed6c/merge-into/70074464-f2a2-4e86-a0fb-6867aa7f465f?build_version=1.1.26

Requested by

Host: www.joomag.com
URL: https://www.joomag.com/Frontend/pixel/joomag-pixel.d98493bd8849d9c333b2.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

209.95.50.25 -, , ASN (),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

4da077d398140db64ccef2d1eee9f73df6628bec31215be5eabcc2c595d0a6eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

Referer: https://viewer.joomag.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/json

Response headers

x-server-time: 1684363798535
date: Wed, 17 May 2023 22:49:58 GMT
strict-transport-security: max-age=63072000; includeSubDomains
server: nginx/1.18.0
j-proxy: an3-443
content-type: text/html
access-control-allow-origin: *
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-credentials: true
x-robots-tag: noindex
access-control-allow-headers: *

GET
H2 200 collect Show response
an3.joomag.com/ Frame 718F 0
280 B 10ms
10ms XHR
text/plain 209.95.50.25

General

Check archive.org

Show headers Download Go to

Full URL

https://an3.joomag.com/collect?v=1.0&ct=html5-viewer&oai=682707&t=1684363798&a=6c9068f0-43be-43a9-9ed0-51b227dcda3e&se=f7b64815-9191-4dee-b1df-3b2ad58611bd&ri=70074464-f2a2-4e86-a0fb-6867aa7f465f&iqcr=false&pu=https%3A%2F%2Fviewer.joomag.com%2Fescape-fun-and-sun-2022%2F0396189001669226438%3Fshort%26&rl=https%3A%2F%2Fj2fx.vacation.escapevacations.com%2F&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F113.0.5672.126%20Safari%2F537.36&b=Chrome&bv=113.0.5672.126&os=Windows&osv=10&ctn=Africa%2FAbidjan&cl=en-US&cso=landscape-primary&csw=1600&csh=1200&csaw=1600&csah=1200&cww=900&cwh=511&cdpr=1&dbv=1.1.26&msi=1010380&mai=2681606&pn=1&evn=mag_view&build_version=1.1.26

Requested by

Host: www.joomag.com
URL: https://www.joomag.com/Frontend/pixel/joomag-pixel.d98493bd8849d9c333b2.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

209.95.50.25 -, , ASN (),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://viewer.joomag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-server-time: 1684363798535
date: Wed, 17 May 2023 22:49:58 GMT
strict-transport-security: max-age=63072000; includeSubDomains
server: nginx/1.18.0
j-proxy: an3-443
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
access-control-allow-credentials: true
x-robots-tag: noindex
access-control-allow-headers: *

OPTIONS
H2 204 70074464-f2a2-4e86-a0fb-6867aa7f465f
an3.joomag.com/reader/928369dd-cb61-4812-8b1b-4b4612f7ed6c/merge-into/ Frame 0
0 3ms
3ms Preflight
text/plain 209.95.50.25

General

Check archive.org

Show headers Download Go to

Full URL: https://an3.joomag.com/reader/928369dd-cb61-4812-8b1b-4b4612f7ed6c/merge-into/70074464-f2a2-4e86-a0fb-6867aa7f465f?build_version=1.1.26
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 209.95.50.25 -, , ASN (),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://viewer.joomag.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type, Accept
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
content-length: 0
content-type: text/plain
date: Wed, 17 May 2023 22:49:58 GMT
server: nginx/1.18.0

POST
H2 200 70074464-f2a2-4e86-a0fb-6867aa7f465f Show response
an3.joomag.com/reader/928369dd-cb61-4812-8b1b-4b4612f7ed6c/merge-into/ Frame 248B 52 B
350 B 62ms
62ms XHR
text/html 209.95.50.25

General

Check archive.org

Show headers Download Go to

Full URL

https://an3.joomag.com/reader/928369dd-cb61-4812-8b1b-4b4612f7ed6c/merge-into/70074464-f2a2-4e86-a0fb-6867aa7f465f?build_version=1.1.26

Requested by

Host: www.joomag.com
URL: https://www.joomag.com/Frontend/pixel/joomag-pixel.d98493bd8849d9c333b2.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

209.95.50.25 -, , ASN (),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

4da077d398140db64ccef2d1eee9f73df6628bec31215be5eabcc2c595d0a6eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

Referer: https://viewer.joomag.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/json

Response headers

x-server-time: 1684363798543
date: Wed, 17 May 2023 22:49:58 GMT
strict-transport-security: max-age=63072000; includeSubDomains
server: nginx/1.18.0
j-proxy: an3-443
content-type: text/html
access-control-allow-origin: *
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-credentials: true
x-robots-tag: noindex
access-control-allow-headers: *

GET
H2 200 collect Show response
an3.joomag.com/ Frame 248B 0
280 B 11ms
10ms XHR
text/plain 209.95.50.25

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.joomag.com
URL: https://www.joomag.com/Frontend/pixel/joomag-pixel.d98493bd8849d9c333b2.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

209.95.50.25 -, , ASN (),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://viewer.joomag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-server-time: 1684363798541
date: Wed, 17 May 2023 22:49:58 GMT
strict-transport-security: max-age=63072000; includeSubDomains
server: nginx/1.18.0
j-proxy: an3-443
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
access-control-allow-credentials: true
x-robots-tag: noindex
access-control-allow-headers: *

GET
H2 200 collect Show response
an3.joomag.com/ Frame 718F 0
280 B 12ms
12ms XHR
text/plain 209.95.50.25

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.joomag.com
URL: https://www.joomag.com/Frontend/pixel/joomag-pixel.d98493bd8849d9c333b2.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

209.95.50.25 -, , ASN (),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://viewer.joomag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-server-time: 1684363798553
date: Wed, 17 May 2023 22:49:58 GMT
strict-transport-security: max-age=63072000; includeSubDomains
server: nginx/1.18.0
j-proxy: an3-443
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
access-control-allow-credentials: true
x-robots-tag: noindex
access-control-allow-headers: *

PUT
H2 204 70074464-f2a2-4e86-a0fb-6867aa7f465f Show response
an3.joomag.com/reader/ Frame 248B 0
271 B 8ms
7ms XHR
text/plain 209.95.50.25

General

Check archive.org

Show headers Download Go to

Full URL

https://an3.joomag.com/reader/70074464-f2a2-4e86-a0fb-6867aa7f465f?build_version=1.1.26

Requested by

Host: www.joomag.com
URL: https://www.joomag.com/Frontend/pixel/joomag-pixel.d98493bd8849d9c333b2.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

209.95.50.25 -, , ASN (),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

Referer: https://viewer.joomag.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/json

Response headers

x-server-time: 1684363798564
date: Wed, 17 May 2023 22:49:58 GMT
strict-transport-security: max-age=63072000; includeSubDomains
server: nginx/1.18.0
j-proxy: an3-443
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
access-control-allow-credentials: true
x-robots-tag: noindex
access-control-allow-headers: *

OPTIONS
H2 204 70074464-f2a2-4e86-a0fb-6867aa7f465f
an3.joomag.com/reader/ Frame 0
0 4ms
3ms Preflight
text/plain 209.95.50.25

General

Check archive.org

Show headers Download Go to

Full URL: https://an3.joomag.com/reader/70074464-f2a2-4e86-a0fb-6867aa7f465f?build_version=1.1.26
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 209.95.50.25 -, , ASN (),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: PUT
Origin: https://viewer.joomag.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type, Accept
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
content-length: 0
content-type: text/plain
date: Wed, 17 May 2023 22:49:58 GMT
server: nginx/1.18.0

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: CGIhrAbnApc
.youtube.com/	1970-01-20 16:11:55	Name: VISITOR_INFO1_LIVE Value: IEwRjNy3qS0
.joomag.com/	1969-12-31 23:59:59	Name: PHP_JOOMAG_SESSION Value: 4d58a7c3e88fa7767b14a32747ebe29a
.joomag.com/	1969-12-31 23:59:59	Name: __csrf_token Value: gw03_Kc2QwRQolchPe6JBiDPeLV_jrLihU-fGQpPisFlJmpbGLOC7ToG84BWioPPo9lhQEzxhqNzppzFvfqSBg

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://i.imgur.com/43puBan.png Message: Failed to load resource: the server responded with a status of 429 ()
network	error	URL: https://i.imgur.com/OGn61rg.png Message: Failed to load resource: the server responded with a status of 429 ()
network	error	URL: https://i.imgur.com/bG1rN6i.png Message: Failed to load resource: the server responded with a status of 429 ()
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ch-ua-form-factor'.
network	error	URL: https://viewer.joomag.com/escape-fun-and-sun-2022/undefined Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://viewer.joomag.com/escape-fun-and-sun-2022/undefined Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://viewer.joomag.com/escape-insider-march-2023/undefined Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://viewer.joomag.com/escape-insider-march-2023/undefined Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

agentprofiler.travelleaders.com
an3.joomag.com
app.joomag.com
browser.sentry-cdn.com
consent.cookiebot.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.imgur.com
i.ytimg.com
j2fx.vacation.escapevacations.com
jnn-pa.googleapis.com
maps.google.com
maps.googleapis.com
p.typekit.net
s8cdn.joomag.com
skins.webtreepro.com
static.doubleclick.net
static.joomag.com
tftravel.co
use.typekit.net
viewer.joomag.com
wtp-prd.s3.us-west-2.amazonaws.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.joomag.com
www.travelleaders.com
www.youtube.com
yt3.ggpht.com
146.75.32.193
15.197.142.173
209.95.50.25
209.95.50.27
2600:1400:b000::6872:481a
2600:141b:13::17d7:82a8
2600:141b:9000::1725:7b88
2600:9000:21a2:0:16:4349:fe00:93a1
2606:4700:10::6816:169d
2606:4700:10::6816:179d
2606:4700:10::ac43:1df5
2606:4700::6812:a92
2607:f8b0:4006:80c::2003
2607:f8b0:4006:823::2002
2607:f8b0:4020:804::2006
2607:f8b0:4020:804::200a
2607:f8b0:4020:805::200a
2607:f8b0:4020:805::2016
2607:f8b0:4020:806::2001
2607:f8b0:4020:806::2008
2607:f8b0:4020:806::200a
2607:f8b0:4020:807::2003
2607:f8b0:4020:807::2004
2607:f8b0:4020:807::200e
2a04:4e42:200::729
52.218.168.105
52.33.8.180
52.88.130.181
002cead02c391d10051d6534d57766dec9d645e09a6b59f34926b6080c9adb83
0130a8dceb8fc8165defe555fb6311120ce66f1ee2a51abe20990eb2bffc6f66
0702a0cb8bcb18643cddddab91747225c50bb00e71f0529f61a2bd558a003cdb
07b43fa880c1a25b5ffcf847bc635e743c390e4b6603de70344b65eb1e010d34
0918e596789e5b798e852663d3dcb263f7d46dafcb17abac081577a1259c23b0
0b3c7088afce43decf088e1d5f10661a71a3dd4dbc0e8826415b1f3c70141fbc
0b5ccf8ec360d4ce45730aac1718af91e431ee6379282eebc3f44476363a52c7
0ca722bc1c654b88f46c7ffce0d76198c73b049d901481bcbf2a2326f07d0116
10c9be23280e854b2016c5bb0209416e5fdd35cd5cde8e9dda2998ef0d85d78f
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
167cf77f993170ec594c75d4d927f66bfa98376bd9cfb5e828dc55ab06480391
17289e55667c08c361a9eb254e13d1d47a5fde49d543aff23eb6242cfb75a69a
1b9d231141030c2154f55f753a11454ed367367ae3335d2dd8779eab7446bb32
1cc3bcecde8a8f9e00c00c600ac9ef21dee786a313175e48093ece3da644890d
1ccf7c24dbe51e3fe3faf8325394edb3364f4a4b8187cd543a3721e4ccf81bd9
1d9738c70be4b4dc038a773657edaed4885a8c717294dd9fef316bbc9f2573f7
1eef24f9d3963d079a618d936228fe399bfc53e21fc84515d824c510e7812886
228e7abc6f0b491c177be9ee528856caf19ea3135c014713cc67ad64f2ae50b6
2f828220b9dd6c92f5c9c096bfa3bb3fbc579380e2b0ec1e4733d850e116a7f1
309491d55e4aa4f4b8c8932d86ff32f384b7492aa0253a0cb8159e5825c3e258
324474ff12691ad8154450cb63a421b3a43877085c7163f541a02819aeca99f8
3733a6662cc8c565b969f26de3998142efcc30de64a3fb4fb5b06a7ed593ebfd
38e16f15e0f3294a97b254a8332d9f7823dece3e40744a293b4334b9dd7845d2
3b5afc192e2228c0a155212d6ea8af359ec4501cfbd048da60a2da36bbef46a1
3c90b7c7f4384c2de0e8e84bfa9b0210ff94d97df517f85cb5dc6a3e44071c04
3cddf3fcb8717496f1d00ec6ab00cf6023c7e62f54b682d14ba0b9f0828892f3
3d5f26d5f868f53e87905d59ecbca36390e4d7bb01ba566dc7abbfbc232b43cc
3d7e1b032865fffb36385be457b7b03d582745bb8dd09e5fcf2af8a4bc27b7eb
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
4271487e1c6e4fe65588fe855f58dbd4005b5d1c60620487e28f009a20d69b72
46be4754cd657791c78e4cb6e5b757295909bae55c526f3b8f6880e0f965d042
4823bf9e997f3e4691ce2d7eac0b7c667a5f35a0872c7b7c53402715843394c6
48bf6e9c9deb6a4e39436681e891c6dae7486c8718c563db93f9351d72d1bc48
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
4a7c4778d6a71f2af1f32a5eb3bae2208f39e442edf30334300db474925f9b8d
4da077d398140db64ccef2d1eee9f73df6628bec31215be5eabcc2c595d0a6eb
5677923124b6c0744a5a286c84c8ed54532ea7b4a002d8124cdc69107c400a53
571fd23b11b71198cc794d4dadf4bfd6b8cbe6ccfd75fd051cfca4a9b724c5f1
581792b9972724d3c2bc8fcf0611c2800493d5e7d03a57b2c6e008ffc5b99853
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5bc5a95f2c1345b234b97d40564f2ace4a68876123eae6bf800c1942341d7aae
5ef97ede8fb5768a69b62bbd9a4c3c560a6fdb8d45ca3f2ac95739e4565e52a4
6403cce693c72247ae0e9b47e957b79469eced82d065946aa256429232efd3e8
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6b9f1135ba160e5dc694ad7977f6bf73d40d3c15742b14ca8910ea23bb3e6e79
7053362664ab3fc9ec663f034931cb47ee26b29f01584e4fbed067a61bf6f620
733f966be407e73faa1f54490f1f6bda0a3de2e15323834467acaf43c47ad5d8
74b61f9f2097ad401aec31fb8db0a249e005db02c957b3721fd37302dbd63002
79e7bf2a32e8f078c90b691cccf59e0ff52f4053a2fc68a4182145c33902a9e1
7d615de1a125b8cdbda47d1ae45b295520886b2785635658033148e29dd42b48
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
7e4561f346177138f2e6b048577ea5df1e1253f489935bb21341f19593e725f2
8250d7e9fc2cfadd8e9a3022bb66c06a16a2cede04b5ac9f4c83872f7f903cde
85bb43dae06f4d48b885e878395e5984a2afb942ff778dfb8bda87d8eb475bc8
896dab9e181bd9f1bf4eba720b92ae23647bec7770bab1b6733f0c4f0c37164e
904f63842105f4bc8cf46cc7a080b96f54eb7aa9de1d9ddfcbabe7a6a9419ce6
9165844847ef2381ecaf5a5c91d9addf48af3f48762c8aea31875441008efb00
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
9588dcb72ac03f9d7386f8a602d75126751e22b8504fe4b9e19f3b62ebba0524
95f1569a878d15b1cbff84a4fa17273d7a1244228beb97071b227a308d4e92c8
9654e71a7e697b484e9897540de4a9df82d863a7856c274c681bcc801ed94648
96bfe91821ee3739eab39b67f2ec10bcc3af003827a288d2b9d4256a32e5e9ed
977a6f0aaf7956fc999a7726714637863760ec87d4413e91e386ca10930312db
9795c5ff8937f23526ccb207a5684c1fc94a7854e19c021b39d944e51f5baef2
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9b74ae2df1ac535ca780a02cf74b1341e8ddf924ab02ba84c7aa772ee90ab77b
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39
9d0f24ee88296e4015151e466f5c435729994364ec36cc0588464c88ec41ee4d
a3add30d15470dee55bc704f476b4bb6f8ef15e34c49a8d6859f3a19323ad0e2
a78e9e80a951a4a1c522745ee893c891a91d429dc6b66c5901b79d5ee4715e5c
a85d0ce7db7aa91abc2aa3d6d73e7b77c1cedb2d7340c5b2813c8f57e949bf84
aa8277d6e88e672dd2a915ad9af8d97f2b5523334484bfd08b45188c3cc4093c
ac194d214e7a8d4b0af1150432dcb19331598e26c04ce6043d5c953046eb1edd
ac7e983629cc7e54599642979b3e68791326a7ae5e3f49e659def46ffd7870f9
b1857dec963f09afa56829102b738bec9b31749007d9c252c1a0d9328ca4efaf
b4f11d2e1a68d946f6d481155ac263601cdd08ea20f601e59b854fa677ebc986
b80a1c718b286384ca1582dfd38205ad5c1d6cb4bee1880dbe5660dd43ea01f3
bde025ba7949fad35f99fd307cf830757f5cfd11b3b6d8cfed89b3a1c4938244
c119baf318ff4e67f81ba5e4adcf3f259d5c032a1798ddfc01a4b726b071fa1a
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
d4cc4241b70d13698b24914888bd646e5407236e30469154680718c0fe9f4a3c
d6bf94d3df17a0845d4a99c1416190fac1fc8e74a8e5f3e5fe9876cf91db73dc
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
db108a435cc382203c1258d77693c7ab892ce10e22c5e156075d2128d2ee8403
ddc36e73252a9b70a6719668bd527e32d7c5d68799bec161fde176141bfd539f
df178a76e5527927a54a4ee4b0d9f28c40a1925cc7e5aa5db16a8ba9fdf0b3ce
dfbf5b584d442b984225b38ac999fa488f6157b2bf6dd015afc7d3d3d1f98c29
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e44e5e73addbfee1b40e2355f0e22edb7b6824a0181d7f84690f3d12d5f40896
e56be369c400f1660e3c629a109172476b4b39a78f3beb8fd4a479136c43c552
e69abd7e0cc82f336e61fea889e406ecbbeb7ece1df960231b7a9ba0d1dd1676
eafc487182beb18fb0d7e9fe4d03e9857ff7dc1ca395338f6882885c9b107461
eb909fddf518cc673ecd7fd4f71323d7711c7699c52865fa0dac8471fd09faa1
ed0f05101d480726c58bcd4956a1e7b02f12b538d02058f1b0ebfdabe8a7ef42
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
f0528c05ccaeb66ac3ccc3534c6bba31edf1c67aa62b0e4a1a3716436febdf66
f169d277e9771a1f31c35eb43cfef5ea7a2ba1346383218f0438ae524dd3351e
f6f1ad00b9bfb43adeade458c17b26f56adea39b73420e7e8a024d5f55a163d3
f952ebf8091c4d1d48951e442b2930153d49ecbe7298b63b7b89c7042c65e46b
ff5acd78e31d15a76cc419734a0c7b8ecd95e110721a0a85c914992ddfb7636a

tftravel.co Open in urlscan Pro 15.197.142.173 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

149 Requests

97 %HTTPS

75 %IPv6

18 Domains

30 Subdomains

28 IPs

2 Countries

11045 kBTransfer

20964 kBSize

4 Cookies

0 Outgoing links

Redirected requests

149 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

tftravel.co Open in urlscan Pro
15.197.142.173 Public Scan

Screenshot
Live screenshot

Full Image

149
Requests

97 %
HTTPS

75 %
IPv6

18
Domains

30
Subdomains

28
IPs

2
Countries

11045 kB
Transfer

20964 kB
Size

4
Cookies

149 HTTP transactions
1 data transactions