avisodeprivacidad.uvcleisuretravel.com Open in urlscan Pro
52.73.234.197  Public Scan

3 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

29 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response avisodeprivacidad.uvcleisuretravel.com/	66 KB 23 KB	611ms 237ms	Document text/html	52.73.234.197 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://avisodeprivacidad.uvcleisuretravel.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.73.234.197 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-73-234-197.compute-1.amazonaws.com Software openresty/1.15.8.2 / Resource Hash e95adf185163da2a5de0c7b86bede911851ce891c2808d11dc9bb5d64addca95 Request headers Host avisodeprivacidad.uvcleisuretravel.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site none Sec-Fetch-Mode navigate Sec-Fetch-User ?1 Sec-Fetch-Dest document Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Server openresty/1.15.8.2 Date Tue, 25 May 2021 04:07:04 GMT Content-Type text/html; charset=utf-8 Transfer-Encoding chunked Connection keep-alive Vary Accept-Encoding P3P CP="NON" X-Wishpond-Host wishpondv1-server-5c9bf7c88c-xn7qr X-Wishpond-Prefix PagesV2r/308dbc/1 X-Wishpond-Version 20200910000001 X-Wishpond-Queries 0 X-Wishpond-Guard 1621642772.7975965 X-Wishpond-Generated 2021-05-22 00:19:33 +0000 Content-Language en-US X-Request-Id f64bdc55-b1cb-4f6f-8491-3b7dac94846e X-Runtime 0.039294 Content-Encoding gzip
GET H2	200	connect.js Show response cdn.wishpond.net/	157 KB 40 KB	77ms 16ms	Script application/javascript	13.225.74.116 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.wishpond.net/connect.js?merchantId=1435522&socialCampaignId=2596591&writeKey=6d3328b0b29e Requested by Host: avisodeprivacidad.uvcleisuretravel.com URL: https://avisodeprivacidad.uvcleisuretravel.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.74.116 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-74-116.fra2.r.cloudfront.net Software nginx/1.17.5 / Resource Hash 6e07e34bbd68097186902a70c18447371bfaa2be1338b6b4be90adbe3fc134fc Request headers Referer https://avisodeprivacidad.uvcleisuretravel.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 19 May 2021 17:06:51 GMT content-encoding gzip last-modified Mon, 17 May 2021 21:42:15 GMT server nginx/1.17.5 age 471613 etag W/"60a2e337-272c9" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript via 1.1 182ef5a8d12abb5df1553676864737b1.cloudfront.net (CloudFront) cache-control public, stale-if-error, max-age=3600, s-max-age=172800 x-amz-cf-pop FRA2-C2 x-amz-cf-id dsrXgI6GqLw_66mSU2nVAoGy5GU2l5m3nUcemjCF3-K3cENx39y6HQ==
GET H/1.1	200 OK	pages_v2r-e7147435a9b04de628d3c0a85c0660d02b744005f38a9c80e5fd683997dedd52.js Show response d30itml3t0pwpf.cloudfront.net/assets/	203 KB 48 KB	72ms 17ms	Script application/javascript	13.225.84.85 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d30itml3t0pwpf.cloudfront.net/assets/pages_v2r-e7147435a9b04de628d3c0a85c0660d02b744005f38a9c80e5fd683997dedd52.js Requested by Host: avisodeprivacidad.uvcleisuretravel.com URL: https://avisodeprivacidad.uvcleisuretravel.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 13.225.84.85 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-84-85.fra2.r.cloudfront.net Software nginx/1.17.5 / Resource Hash e7147435a9b04de628d3c0a85c0660d02b744005f38a9c80e5fd683997dedd52 Request headers Referer https://avisodeprivacidad.uvcleisuretravel.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 20 Apr 2021 00:36:10 GMT Content-Encoding gzip Age 3036654 X-Cache Hit from cloudfront Connection keep-alive Content-Length 49074 Access-Control-Allow-Origin * Last-Modified Mon, 19 Apr 2021 19:48:10 GMT Server nginx/1.17.5 ETag "607dde7a-bfb2" Vary Accept-Encoding Content-Type application/javascript Via 1.1 56fad5a50ef67bd961b9722ed0931839.cloudfront.net (CloudFront) Cache-Control public, max-age=315360000 X-Amz-Cf-Pop FRA2-C2 X-Amz-Cf-Id kaq1TY9kcd003BrQ4hzMUgOzKpevQNajPZkMt_41UsuSkPrkg6-5wg==
GET H/1.1	200 OK	pages_v4_default-23a6efa6ec905bab24aad1ee10a385d256732033d43f872aa660cdecb23ee573.css d30itml3t0pwpf.cloudfront.net/assets/	35 KB 8 KB	70ms 15ms	Stylesheet text/css	13.225.84.85 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d30itml3t0pwpf.cloudfront.net/assets/pages_v4_default-23a6efa6ec905bab24aad1ee10a385d256732033d43f872aa660cdecb23ee573.css Requested by Host: avisodeprivacidad.uvcleisuretravel.com URL: https://avisodeprivacidad.uvcleisuretravel.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 13.225.84.85 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-84-85.fra2.r.cloudfront.net Software nginx/1.17.5 / Resource Hash 23a6efa6ec905bab24aad1ee10a385d256732033d43f872aa660cdecb23ee573 Request headers Referer https://avisodeprivacidad.uvcleisuretravel.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Mon, 03 May 2021 01:07:16 GMT Content-Encoding gzip Age 1911588 X-Cache Hit from cloudfront Connection keep-alive Content-Length 7842 Access-Control-Allow-Origin * Last-Modified Thu, 22 Apr 2021 19:02:26 GMT Server nginx/1.17.5 ETag "6081c842-1ea2" Vary Accept-Encoding Content-Type text/css Via 1.1 2f194b62c8c43859cbf5af8e53a8d2a7.cloudfront.net (CloudFront) Cache-Control public, max-age=315360000 X-Amz-Cf-Pop FRA2-C2 X-Amz-Cf-Id fJ90HgmqtlK0o24TnSptUvqOSi8WDq1biVZ8mviFEDVJumuJZTjeDw==
GET H2	200	css fonts.googleapis.com/	11 KB 982 B	16ms 16ms	Stylesheet text/css	2a00:1450:4001:801::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Montserrat%7CRaleway%7CRoboto%3A300%2C400%2C500%2C700 Requested by Host: avisodeprivacidad.uvcleisuretravel.com URL: https://avisodeprivacidad.uvcleisuretravel.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash eef3e88d5897d30d6e8b70a1c8697ff65634eda9acf2a7ddb9b9159a3e5eab3c Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://avisodeprivacidad.uvcleisuretravel.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Tue, 25 May 2021 04:07:04 GMT server ESF date Tue, 25 May 2021 04:07:04 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 25 May 2021 04:07:04 GMT
GET H/1.1	200 OK	1606329185-ba42f9b9 d30itml3t0pwpf.cloudfront.net/api/v3/medias/15174771/image/opt/1600x688%3E/	32 KB 33 KB	2862ms 2813ms	Image image/png	13.225.84.85 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d30itml3t0pwpf.cloudfront.net/api/v3/medias/15174771/image/opt/1600x688%3E/1606329185-ba42f9b9 Requested by Host: avisodeprivacidad.uvcleisuretravel.com URL: https://avisodeprivacidad.uvcleisuretravel.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 13.225.84.85 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-84-85.fra2.r.cloudfront.net Software nginx/1.17.5 / Resource Hash 81729315d7bc0b84233d582fd65b1a1fda0ddab9da76d7cdcb6ba1d3552ac561 Security Headers Name Value Content-Security-Policy default-src 'none' Strict-Transport-Security max-age=300 Request headers Referer https://avisodeprivacidad.uvcleisuretravel.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 25 May 2021 04:07:07 GMT Via 1.1 27f665df26bde4a7226480b4a2890ff9.cloudfront.net (CloudFront) X-Amz-Cf-Pop FRA2-C2 Transfer-Encoding chunked X-Cache Miss from cloudfront Content-Transfer-Encoding binary Content-Disposition inline; filename="uvcleisure_travel-logo_vert1.png" Connection keep-alive X-Request-Id 32a5d236-4208-4db8-af88-3be9a32a0d36 X-Runtime 2.420683 Last-Modified Wed, 25 Nov 2020 18:33:05 GMT Server nginx/1.17.5 ETag "96673be7c7d5f0428f17b9fc6dc7f70d" X-Download-Options noopen Strict-Transport-Security max-age=300 Content-Language en Cache-Control max-age=2592000, public Content-Security-Policy default-src 'none' Content-Type image/png X-Amz-Cf-Id tYuHwWJzOBjNdeNSuaxg1YT1OomCMxYsfFP5do_SnmXO_7K88uy63g== Expires Thu, 24 Jun 2021 04:07:07 GMT
GET H/1.1	200 OK	1606348404-b9784b25 d30itml3t0pwpf.cloudfront.net/api/v3/medias/15177065/image/opt/1600x429%3E/	50 KB 51 KB	2556ms 2506ms	Image image/png	13.225.84.85 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d30itml3t0pwpf.cloudfront.net/api/v3/medias/15177065/image/opt/1600x429%3E/1606348404-b9784b25 Requested by Host: avisodeprivacidad.uvcleisuretravel.com URL: https://avisodeprivacidad.uvcleisuretravel.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 13.225.84.85 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-84-85.fra2.r.cloudfront.net Software nginx/1.17.5 / Resource Hash 1935a282db8642a7a0ec75c44abddaba852464774e90da5dc56e6ee4b8d2ef44 Security Headers Name Value Content-Security-Policy default-src 'none' Strict-Transport-Security max-age=300 Request headers Referer https://avisodeprivacidad.uvcleisuretravel.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 25 May 2021 04:07:07 GMT Via 1.1 182ef5a8d12abb5df1553676864737b1.cloudfront.net (CloudFront) X-Amz-Cf-Pop FRA2-C2 Transfer-Encoding chunked X-Cache Miss from cloudfront Content-Transfer-Encoding binary Content-Disposition inline; filename="unlimitedbyAMR-01.png" Connection keep-alive X-Request-Id 31b3d5ab-afa0-41c2-90af-6dfd15eb08e9 X-Runtime 2.096216 Last-Modified Wed, 25 Nov 2020 23:53:24 GMT Server nginx/1.17.5 ETag "4cd3f03a8d3823990a821873f8fffff5" X-Download-Options noopen Strict-Transport-Security max-age=300 Content-Language en Cache-Control max-age=2592000, public Content-Security-Policy default-src 'none' Content-Type image/png X-Amz-Cf-Id TiZnEvTsa3ySMvocr5tw7mUkffJq0f6GD-6nOiGyh3hJuVnP8d0Alg== Expires Thu, 24 Jun 2021 04:07:07 GMT
GET H/1.1	200 OK	1606396765-aca3fb3f d30itml3t0pwpf.cloudfront.net/api/v3/medias/15178292/image/opt/1600x688%3E/	32 KB 33 KB	2737ms 2687ms	Image image/png	13.225.84.85 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d30itml3t0pwpf.cloudfront.net/api/v3/medias/15178292/image/opt/1600x688%3E/1606396765-aca3fb3f Requested by Host: avisodeprivacidad.uvcleisuretravel.com URL: https://avisodeprivacidad.uvcleisuretravel.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 13.225.84.85 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-84-85.fra2.r.cloudfront.net Software nginx/1.17.5 / Resource Hash fbcc13a662067a16e58a328d3081bbf2c350e48a3d2568597cada7d741fe8f7d Security Headers Name Value Content-Security-Policy default-src 'none' Strict-Transport-Security max-age=300 Request headers Referer https://avisodeprivacidad.uvcleisuretravel.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 25 May 2021 04:07:07 GMT Via 1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront) X-Amz-Cf-Pop FRA2-C2 Transfer-Encoding chunked X-Cache Miss from cloudfront Content-Transfer-Encoding binary Content-Disposition inline; filename="uvcleisure_travel-logo_vert3.png" Connection keep-alive X-Request-Id 871565d5-45aa-472e-a096-d5cd1edc1171 X-Runtime 2.295316 Last-Modified Thu, 26 Nov 2020 13:19:25 GMT Server nginx/1.17.5 ETag "a50301aba5e5e20001d00134dc522ee9" X-Download-Options noopen Strict-Transport-Security max-age=300 Content-Language en Cache-Control max-age=2592000, public Content-Security-Policy default-src 'none' Content-Type image/png X-Amz-Cf-Id mPaaT_zp2k8_e_fAlo66L7RG_XHi0V7HXb9u70oMve1sNALRBItTVA== Expires Thu, 24 Jun 2021 04:07:07 GMT
GET H/1.1	200 OK	UVCLeisureTravel011921 amruvcchat.secure.force.com/liveAgentSetupFlow/resource/1611086258000/	35 KB 36 KB	892ms 205ms	Image image/png	13.108.249.111 SALESFORCE
General Check archive.org Show headers Download Go to Show image Full URL https://amruvcchat.secure.force.com/liveAgentSetupFlow/resource/1611086258000/UVCLeisureTravel011921 Requested by Host: avisodeprivacidad.uvcleisuretravel.com URL: https://avisodeprivacidad.uvcleisuretravel.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 13.108.249.111 , United States, ASN14340 (SALESFORCE, US), Reverse DNS dcl3-ord.na73-ord.force.com Software / Resource Hash f061bc341f0b5e35ceb948b49239c6030ad9526c8b467f553625c5177593391c Security Headers Name Value Strict-Transport-Security max-age=31536004; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://avisodeprivacidad.uvcleisuretravel.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 25 May 2021 04:07:05 GMT Referrer-Policy origin-when-cross-origin Last-Modified Tue, 19 Jan 2021 19:57:38 GMT X-FRAME-OPTIONS SAMEORIGIN P3P CP="CUR OTR STA" Cache-Control public,max-age=3888000,immutable X-Content-Type-Options nosniff Strict-Transport-Security max-age=31536004; includeSubDomains Content-Type image/png Content-Length 35642 X-XSS-Protection 1; mode=block Expires Fri, 09 Jul 2021 04:07:05 GMT
GET H/1.1	200 OK	1606244659-a0cd172a d30itml3t0pwpf.cloudfront.net/api/v3/medias/15172118/image/opt/1600x429%3E/	45 KB 46 KB	568ms 519ms	Image image/png	13.225.84.85 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d30itml3t0pwpf.cloudfront.net/api/v3/medias/15172118/image/opt/1600x429%3E/1606244659-a0cd172a Requested by Host: avisodeprivacidad.uvcleisuretravel.com URL: https://avisodeprivacidad.uvcleisuretravel.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 13.225.84.85 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-84-85.fra2.r.cloudfront.net Software nginx/1.17.5 / Resource Hash 72b8de3f8058e9ea7ae5a4701b256c8c28054b87edb69016403f8162dcccf114 Security Headers Name Value Content-Security-Policy default-src 'none' Strict-Transport-Security max-age=300 Request headers Referer https://avisodeprivacidad.uvcleisuretravel.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 25 May 2021 04:07:05 GMT Via 1.1 03d509e8374e9f42668961b5e0201349.cloudfront.net (CloudFront) X-Amz-Cf-Pop FRA2-C2 Transfer-Encoding chunked X-Cache Miss from cloudfront Content-Transfer-Encoding binary Content-Disposition inline; filename="unlimitedbyAMR-02.png" Connection keep-alive X-Request-Id 0fe89584-bc5b-4241-b22f-f509c37b0f28 X-Runtime 0.104383 Last-Modified Tue, 24 Nov 2020 19:04:19 GMT Server nginx/1.17.5 ETag "c03532ccfe4e04a967a9838784130a34" X-Download-Options noopen Strict-Transport-Security max-age=300 Content-Language en Cache-Control max-age=2592000, public Content-Security-Policy default-src 'none' Content-Type image/png X-Amz-Cf-Id cajLNbamF7rhDVvjZtMhfSLK-vmQQZWAtKvJruEaxeKCRO1oyjv2fw== Expires Thu, 24 Jun 2021 04:07:05 GMT
GET H2	200	JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 fonts.gstatic.com/s/montserrat/v15/	19 KB 19 KB	8ms 7ms	Font font/woff2	2a00:1450:4001:810::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/montserrat/v15/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Montserrat%7CRaleway%7CRoboto%3A300%2C400%2C500%2C700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8767f01caa430c5bd4e3b008a8e9dfe022156a4e91a23c394fdcb05c267f1b94 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://avisodeprivacidad.uvcleisuretravel.com Referer https://fonts.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 23 May 2021 10:03:38 GMT x-content-type-options nosniff last-modified Tue, 15 Sep 2020 18:11:52 GMT server sffe age 151406 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 19172 x-xss-protection 0 expires Mon, 23 May 2022 10:03:38 GMT
GET H2	200	KFOlCnqEu92Fr1MmWUlfBBc4.woff2 fonts.gstatic.com/s/roboto/v27/	15 KB 16 KB	7ms 6ms	Font font/woff2	2a00:1450:4001:810::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Montserrat%7CRaleway%7CRoboto%3A300%2C400%2C500%2C700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://avisodeprivacidad.uvcleisuretravel.com Referer https://fonts.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 10:13:28 GMT x-content-type-options nosniff last-modified Mon, 05 Apr 2021 21:10:46 GMT server sffe age 323616 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15828 x-xss-protection 0 expires Sat, 21 May 2022 10:13:28 GMT
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v27/	15 KB 15 KB	8ms 7ms	Font font/woff2	2a00:1450:4001:810::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Montserrat%7CRaleway%7CRoboto%3A300%2C400%2C500%2C700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://avisodeprivacidad.uvcleisuretravel.com Referer https://fonts.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 24 May 2021 21:15:20 GMT x-content-type-options nosniff last-modified Mon, 05 Apr 2021 21:10:35 GMT server sffe age 24704 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15688 x-xss-protection 0 expires Tue, 24 May 2022 21:15:20 GMT
GET H2	200	1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvaorCIPrE.woff2 fonts.gstatic.com/s/raleway/v19/	21 KB 21 KB	8ms 8ms	Font font/woff2	2a00:1450:4001:810::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/raleway/v19/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvaorCIPrE.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Montserrat%7CRaleway%7CRoboto%3A300%2C400%2C500%2C700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1d94fd1a3793df0abe10fb36e59825864e1ec9623496e1e04c9cca624be01394 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://avisodeprivacidad.uvcleisuretravel.com Referer https://fonts.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 23 May 2021 10:03:38 GMT x-content-type-options nosniff last-modified Thu, 28 Jan 2021 23:35:07 GMT server sffe age 151406 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 21028 x-xss-protection 0 expires Mon, 23 May 2022 10:03:38 GMT
OPTIONS H2	200	popups.json www.wishpond.com/ Frame	0 0	341ms 111ms	Preflight text/plain	3.212.224.10 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://www.wishpond.com/popups.json?merchant_id=1435522&url=https%3A%2F%2Favisodeprivacidad.uvcleisuretravel.com%2F&social_campaign_id=2596591 Protocol H2 Server 3.212.224.10 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-212-224-10.compute-1.amazonaws.com Software nginx/1.17.5 / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=300 Request headers Accept */* Access-Control-Request-Method GET Access-Control-Request-Headers x-requested-with Origin https://avisodeprivacidad.uvcleisuretravel.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode cors Response headers date Tue, 25 May 2021 04:07:05 GMT content-type text/plain server nginx/1.17.5 vary Accept-Encoding strict-transport-security max-age=300 access-control-allow-origin https://avisodeprivacidad.uvcleisuretravel.com access-control-allow-methods GET, POST, PATCH, PUT, DELETE, OPTIONS access-control-expose-headers access-control-max-age 600 access-control-allow-credentials true access-control-allow-headers x-requested-with x-request-id fdba68a0-dd08-4a50-95f4-d39c96a804b4 x-runtime 0.001135 x-download-options noopen content-encoding gzip
GET H2	200	popups.json Show response www.wishpond.com/	13 B 1 KB	129ms 128ms	XHR application/json	3.212.224.10 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://www.wishpond.com/popups.json?merchant_id=1435522&url=https%3A%2F%2Favisodeprivacidad.uvcleisuretravel.com%2F&social_campaign_id=2596591 Requested by Host: cdn.wishpond.net URL: https://cdn.wishpond.net/connect.js?merchantId=1435522&socialCampaignId=2596591&writeKey=6d3328b0b29e Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.212.224.10 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-212-224-10.compute-1.amazonaws.com Software nginx/1.17.5 / Resource Hash 96ddd38efe76ec82a9f2b4ecb8c151aa7b202d792823131a8936fc9bd616b22a Security Headers Name Value Content-Security-Policy default-src 'self'; base-uri 'self'; child-src 'self'; connect-src wss: *.wishpond.com; font-src 'self' data: https:; frame-ancestors 'self'; frame-src 'self' cdn.wishpond.net evergenius-webframes.wishpond.com; img-src 'self' blob: data: https:; object-src 'none'; script-src 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https: d30itml3t0pwpf.cloudfront.net cdn.wishpond.net ajax.googleapis.com; style-src 'self' 'unsafe-inline' https:; worker-src 'self' Strict-Transport-Security max-age=300 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer https://avisodeprivacidad.uvcleisuretravel.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 X-Requested-With XMLHttpRequest Response headers date Tue, 25 May 2021 04:07:05 GMT content-encoding gzip x-content-type-options nosniff p3p CP="NON" strict-transport-security max-age=300 vary Accept-Encoding, Origin x-xss-protection 1; mode=block x-request-id 14e66655-13f8-4927-a15c-7692ccb81aa4 x-runtime 0.018097 server nginx/1.17.5 x-frame-options DENY x-download-options noopen access-control-max-age 600 access-control-allow-methods GET, POST, PATCH, PUT, DELETE, OPTIONS content-language en-US access-control-allow-origin https://avisodeprivacidad.uvcleisuretravel.com access-control-expose-headers access-control-allow-credentials true content-security-policy default-src 'self'; base-uri 'self'; child-src 'self'; connect-src wss: *.wishpond.com; font-src 'self' data: https:; frame-ancestors 'self'; frame-src 'self' cdn.wishpond.net evergenius-webframes.wishpond.com; img-src 'self' blob: data: https:; object-src 'none'; script-src 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https: d30itml3t0pwpf.cloudfront.net cdn.wishpond.net ajax.googleapis.com; style-src 'self' 'unsafe-inline' https:; worker-src 'self' content-type application/json; charset=utf-8
OPTIONS H2	200	pages.json www.wishpond.com/pages/v2r/2596591/ Frame	0 0	333ms 113ms	Preflight text/plain	3.212.224.10 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://www.wishpond.com/pages/v2r/2596591/pages.json?variation_id=2843883 Protocol H2 Server 3.212.224.10 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-212-224-10.compute-1.amazonaws.com Software nginx/1.17.5 / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=300 Request headers Accept */* Access-Control-Request-Method GET Access-Control-Request-Headers x-requested-with Origin https://avisodeprivacidad.uvcleisuretravel.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode cors Response headers date Tue, 25 May 2021 04:07:05 GMT content-type text/plain server nginx/1.17.5 vary Accept-Encoding strict-transport-security max-age=300 access-control-allow-origin https://avisodeprivacidad.uvcleisuretravel.com access-control-allow-methods GET, POST, PATCH, PUT, DELETE, OPTIONS access-control-expose-headers access-control-max-age 600 access-control-allow-credentials true access-control-allow-headers x-requested-with x-request-id d85246cb-8370-4003-9b48-1fd970f0c37f x-runtime 0.000958 x-download-options noopen content-encoding gzip
GET H2	200	pages.json Show response www.wishpond.com/pages/v2r/2596591/	59 KB 18 KB	126ms 126ms	XHR application/json	3.212.224.10 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://www.wishpond.com/pages/v2r/2596591/pages.json?variation_id=2843883 Requested by Host: d30itml3t0pwpf.cloudfront.net URL: https://d30itml3t0pwpf.cloudfront.net/assets/pages_v2r-e7147435a9b04de628d3c0a85c0660d02b744005f38a9c80e5fd683997dedd52.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.212.224.10 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-212-224-10.compute-1.amazonaws.com Software nginx/1.17.5 / Resource Hash e41fb1bf921cdf54e615705211d615f94a1f14c97e68c5beb06c859470882868 Security Headers Name Value Strict-Transport-Security max-age=300 Request headers Accept application/json Referer https://avisodeprivacidad.uvcleisuretravel.com/ X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-wishpond-prefix PagesV2r/308dbc/1 date Tue, 25 May 2021 04:07:05 GMT content-encoding gzip x-wishpond-queries 0 x-wishpond-version 20200910000001 x-wishpond-generated 2021-05-22 00:19:33 +0000 p3p CP="NON" strict-transport-security max-age=300 vary Accept-Encoding, Origin x-request-id fc60eef9-68cf-4974-a8df-0929ac0cf46e x-runtime 0.015231 server nginx/1.17.5 x-wishpond-host wishpondv1-server-5c9bf7c88c-gkn26 access-control-max-age 600 access-control-allow-methods GET, POST, PATCH, PUT, DELETE, OPTIONS content-language en-US access-control-allow-origin https://avisodeprivacidad.uvcleisuretravel.com access-control-expose-headers access-control-allow-credentials true x-wishpond-guard 1621642772.7975965 content-type application/json; charset=utf-8
GET H/1.1	200 OK	esw.min.js Show response service.force.com/embeddedservice/5.0/	29 KB 8 KB	86ms 21ms	Script application/x-javascript	161.71.10.41 SALESFORCE
General Check archive.org Show headers Download Go to Full URL https://service.force.com/embeddedservice/5.0/esw.min.js Requested by Host: avisodeprivacidad.uvcleisuretravel.com URL: https://avisodeprivacidad.uvcleisuretravel.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 161.71.10.41 London, United Kingdom, ASN14340 (SALESFORCE, US), Reverse DNS dcl5-ncg0-lhr4.um1-lo3.force.com Software / Resource Hash dd575925971e9d0bbfdd4cfecfbd110fd6d1d098c57836707cbabe035fe92779 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://avisodeprivacidad.uvcleisuretravel.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Mon, 24 May 2021 23:25:47 GMT Content-Encoding gzip Referrer-Policy origin-when-cross-origin Last-Modified Thu, 25 Feb 2021 23:50:58 GMT Age 16877 Vary Accept-Encoding Content-Type application/x-javascript Cache-Control public,max-age=86400 X-Content-Type-Options nosniff Accept-Ranges bytes X-Robots-Tag none Content-Length 8189 X-XSS-Protection 1; mode=block Expires Tue, 25 May 2021 23:25:47 GMT
OPTIONS H2	200	view bookie.wishpond.com/v1/social_campaigns/2596591/variations/2843883/ Frame	0 0	366ms 144ms	Preflight text/plain	54.197.231.60 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://bookie.wishpond.com/v1/social_campaigns/2596591/variations/2843883/view Protocol H2 Server 54.197.231.60 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-197-231-60.compute-1.amazonaws.com Software nginx/1.14.2 / Resource Hash Request headers Accept */* Access-Control-Request-Method POST Access-Control-Request-Headers x-requested-with Origin https://avisodeprivacidad.uvcleisuretravel.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode cors Response headers date Tue, 25 May 2021 04:07:05 GMT content-type text/plain server nginx/1.14.2 access-control-allow-origin * access-control-allow-methods GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD access-control-expose-headers Link access-control-max-age 600 access-control-allow-headers x-requested-with
POST H2	201	view Show response bookie.wishpond.com/v1/social_campaigns/2596591/variations/2843883/	0 289 B	131ms 131ms	XHR text/plain	54.197.231.60 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://bookie.wishpond.com/v1/social_campaigns/2596591/variations/2843883/view Requested by Host: d30itml3t0pwpf.cloudfront.net URL: https://d30itml3t0pwpf.cloudfront.net/assets/pages_v2r-e7147435a9b04de628d3c0a85c0660d02b744005f38a9c80e5fd683997dedd52.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.197.231.60 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-197-231-60.compute-1.amazonaws.com Software nginx/1.14.2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://avisodeprivacidad.uvcleisuretravel.com/ X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers x-runtime 0.027791 date Tue, 25 May 2021 04:07:05 GMT server nginx/1.14.2 vary Origin access-control-allow-methods GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD content-type text/plain access-control-allow-origin * access-control-max-age 600 cache-control no-cache x-request-id 38d12135-d20b-47ff-9ba5-39179f8f722b access-control-expose-headers Link
GET H/1.1	200 OK	common.min.js Show response service.force.com/embeddedservice/5.0/utils/	3 KB 2 KB	21ms 21ms	Script application/x-javascript	161.71.10.41 SALESFORCE
General Check archive.org Show headers Download Go to Full URL https://service.force.com/embeddedservice/5.0/utils/common.min.js Requested by Host: service.force.com URL: https://service.force.com/embeddedservice/5.0/esw.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 161.71.10.41 London, United Kingdom, ASN14340 (SALESFORCE, US), Reverse DNS dcl5-ncg0-lhr4.um1-lo3.force.com Software / Resource Hash 0cc3efdca077ec2c251c53542bc32fd18394b5eff8a8814756c04d725ac1f071 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://avisodeprivacidad.uvcleisuretravel.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Mon, 24 May 2021 23:20:24 GMT Content-Encoding gzip Referrer-Policy origin-when-cross-origin Last-Modified Mon, 12 Oct 2020 17:50:42 GMT Age 17200 Vary Accept-Encoding Content-Type application/x-javascript Cache-Control public,max-age=86400 X-Content-Type-Options nosniff Accept-Ranges bytes X-Robots-Tag none Content-Length 1254 X-XSS-Protection 1; mode=block Expires Tue, 25 May 2021 23:20:24 GMT
GET H/1.1	200 OK	esw.min.css service.force.com/embeddedservice/5.0/	8 KB 4 KB	21ms 20ms	Stylesheet text/css	161.71.10.41 SALESFORCE
General Check archive.org Show headers Download Go to Full URL https://service.force.com/embeddedservice/5.0/esw.min.css Requested by Host: service.force.com URL: https://service.force.com/embeddedservice/5.0/esw.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 161.71.10.41 London, United Kingdom, ASN14340 (SALESFORCE, US), Reverse DNS dcl5-ncg0-lhr4.um1-lo3.force.com Software / Resource Hash f33990d4691a89cd87e4d4e0bde1ac8f5dfcf32fbd8d838ec206d790f24531e1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://avisodeprivacidad.uvcleisuretravel.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Mon, 24 May 2021 23:27:40 GMT Content-Encoding gzip Referrer-Policy origin-when-cross-origin Last-Modified Tue, 18 Aug 2020 17:12:46 GMT Age 16764 Vary Accept-Encoding Content-Type text/css Cache-Control public,max-age=86400 X-Content-Type-Options nosniff Accept-Ranges bytes X-Robots-Tag none Content-Length 3946 X-XSS-Protection 1; mode=block Expires Tue, 25 May 2021 23:27:40 GMT
GET H/1.1	200 OK	liveagent.esw.min.js Show response service.force.com/embeddedservice/5.0/client/	19 KB 6 KB	42ms 21ms	Script application/x-javascript	161.71.10.41 SALESFORCE
General Check archive.org Show headers Download Go to Full URL https://service.force.com/embeddedservice/5.0/client/liveagent.esw.min.js Requested by Host: service.force.com URL: https://service.force.com/embeddedservice/5.0/esw.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 161.71.10.41 London, United Kingdom, ASN14340 (SALESFORCE, US), Reverse DNS dcl5-ncg0-lhr4.um1-lo3.force.com Software / Resource Hash 6fe83329c21c4114bda6fbd591f60d0d962c35086e1c0ad8439756f2fb6c3462 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://avisodeprivacidad.uvcleisuretravel.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Mon, 24 May 2021 23:23:58 GMT Content-Encoding gzip X-Content-Type-Options nosniff Last-Modified Wed, 16 Dec 2020 22:24:06 GMT Age 16986 Vary Accept-Encoding Content-Type application/x-javascript Cache-Control public,max-age=86400 Accept-Ranges bytes X-Robots-Tag none Content-Length 5560 X-XSS-Protection 1; mode=block Expires Tue, 25 May 2021 23:23:58 GMT
GET H/1.1	200 OK	esw.html Show response service.force.com/embeddedservice/5.0/ Frame 5C51	194 B 672 B	23ms 22ms	Document text/html	161.71.10.41 SALESFORCE
General Check archive.org Show headers Download Go to Full URL https://service.force.com/embeddedservice/5.0/esw.html?parent=https://avisodeprivacidad.uvcleisuretravel.com/ Requested by Host: service.force.com URL: https://service.force.com/embeddedservice/5.0/esw.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 161.71.10.41 London, United Kingdom, ASN14340 (SALESFORCE, US), Reverse DNS dcl5-ncg0-lhr4.um1-lo3.force.com Software / Resource Hash 01f5a67caa33661cd1698afb1a912b91d9eddc962c2d78307b3b32a5453214e4 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Host service.force.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Sec-Fetch-Dest iframe Referer https://avisodeprivacidad.uvcleisuretravel.com/ Accept-Encoding gzip, deflate, br Accept-Language en-US Cookie BrowserId_sec=qpa_UL0OEeuqKJnkojPdeA Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://avisodeprivacidad.uvcleisuretravel.com/ Response headers Date Tue, 25 May 2021 04:07:07 GMT X-Content-Type-Options nosniff X-XSS-Protection 1; mode=block Content-Security-Policy upgrade-insecure-requests X-Robots-Tag none Referrer-Policy origin-when-cross-origin Cache-Control public,max-age=86400 Expires Wed, 26 May 2021 04:07:07 GMT Last-Modified Fri, 02 Aug 2019 08:43:42 GMT Content-Type text/html;charset=UTF-8 Accept-Ranges bytes Vary Accept-Encoding Content-Encoding gzip Transfer-Encoding chunked
GET H/1.1	200 OK	eswFrame.min.js Show response service.force.com/embeddedservice/5.0/ Frame 5C51	4 KB 2 KB	20ms 20ms	Script application/x-javascript	161.71.10.41 SALESFORCE
General Check archive.org Show headers Download Go to Full URL https://service.force.com/embeddedservice/5.0/eswFrame.min.js Requested by Host: service.force.com URL: https://service.force.com/embeddedservice/5.0/esw.html?parent=https://avisodeprivacidad.uvcleisuretravel.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 161.71.10.41 London, United Kingdom, ASN14340 (SALESFORCE, US), Reverse DNS dcl5-ncg0-lhr4.um1-lo3.force.com Software / Resource Hash 06b5a49abdb9153bc58047c864e170aca81b21df27b7bad58bc988832f2df878 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://service.force.com/embeddedservice/5.0/esw.html?parent=https://avisodeprivacidad.uvcleisuretravel.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Mon, 24 May 2021 23:11:53 GMT Content-Encoding gzip Referrer-Policy origin-when-cross-origin Last-Modified Tue, 18 Aug 2020 17:12:46 GMT Age 17714 Vary Accept-Encoding Content-Type application/x-javascript Cache-Control public,max-age=86400 X-Content-Type-Options nosniff Accept-Ranges bytes X-Robots-Tag none Content-Length 1706 X-XSS-Protection 1; mode=block Expires Tue, 25 May 2021 23:11:53 GMT
GET H/1.1	200 OK	session.esw.min.js Show response service.force.com/embeddedservice/5.0/frame/ Frame 5C51	2 KB 1 KB	22ms 21ms	Script application/x-javascript	161.71.10.41 SALESFORCE
General Check archive.org Show headers Download Go to Full URL https://service.force.com/embeddedservice/5.0/frame/session.esw.min.js Requested by Host: service.force.com URL: https://service.force.com/embeddedservice/5.0/eswFrame.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 161.71.10.41 London, United Kingdom, ASN14340 (SALESFORCE, US), Reverse DNS dcl5-ncg0-lhr4.um1-lo3.force.com Software / Resource Hash 316a1f04e09cfaf1bd5c40e6f9ae51b8ffb893c9850e2f6d62d06075c1c56abf Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://service.force.com/embeddedservice/5.0/esw.html?parent=https://avisodeprivacidad.uvcleisuretravel.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Mon, 24 May 2021 23:23:54 GMT Content-Encoding gzip Referrer-Policy origin-when-cross-origin Last-Modified Tue, 18 Aug 2020 17:12:46 GMT Age 16993 Vary Accept-Encoding Content-Type application/x-javascript Cache-Control public,max-age=86400 X-Content-Type-Options nosniff Accept-Ranges bytes X-Robots-Tag none Content-Length 743 X-XSS-Protection 1; mode=block Expires Tue, 25 May 2021 23:23:54 GMT
GET H/1.1	200 OK	broadcast.esw.min.js Show response service.force.com/embeddedservice/5.0/frame/ Frame 5C51	2 KB 1 KB	21ms 21ms	Script application/x-javascript	161.71.10.41 SALESFORCE
General Check archive.org Show headers Download Go to Full URL https://service.force.com/embeddedservice/5.0/frame/broadcast.esw.min.js Requested by Host: service.force.com URL: https://service.force.com/embeddedservice/5.0/eswFrame.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 161.71.10.41 London, United Kingdom, ASN14340 (SALESFORCE, US), Reverse DNS dcl5-ncg0-lhr4.um1-lo3.force.com Software / Resource Hash e6bd0a3ccc9351f05bacc94f4761067e0fcf44b84421b3801cc3245e6698f9af Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://service.force.com/embeddedservice/5.0/esw.html?parent=https://avisodeprivacidad.uvcleisuretravel.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Mon, 24 May 2021 23:11:54 GMT Content-Encoding gzip Referrer-Policy origin-when-cross-origin Last-Modified Tue, 18 Aug 2020 17:12:46 GMT Age 17713 Vary Accept-Encoding Content-Type application/x-javascript Cache-Control public,max-age=86400 X-Content-Type-Options nosniff Accept-Ranges bytes X-Robots-Tag none Content-Length 795 X-XSS-Protection 1; mode=block Expires Tue, 25 May 2021 23:11:54 GMT
GET H/1.1	200 OK	chasitor.esw.min.js Show response service.force.com/embeddedservice/5.0/frame/ Frame 5C51	22 KB 5 KB	21ms 20ms	Script application/x-javascript	161.71.10.41 SALESFORCE
General Check archive.org Show headers Download Go to Full URL https://service.force.com/embeddedservice/5.0/frame/chasitor.esw.min.js Requested by Host: service.force.com URL: https://service.force.com/embeddedservice/5.0/eswFrame.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 161.71.10.41 London, United Kingdom, ASN14340 (SALESFORCE, US), Reverse DNS dcl5-ncg0-lhr4.um1-lo3.force.com Software / Resource Hash 5a2a2f956d69194b53632eec961f3af53cb71a736264a3cfece092e1041f59bd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://service.force.com/embeddedservice/5.0/esw.html?parent=https://avisodeprivacidad.uvcleisuretravel.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Mon, 24 May 2021 23:13:00 GMT Content-Encoding gzip Referrer-Policy origin-when-cross-origin Last-Modified Thu, 28 Jan 2021 03:59:54 GMT Age 17647 Vary Accept-Encoding Content-Type application/x-javascript Cache-Control public,max-age=86400 X-Content-Type-Options nosniff Accept-Ranges bytes X-Robots-Tag none Content-Length 4993 X-XSS-Protection 1; mode=block Expires Tue, 25 May 2021 23:13:00 GMT

39 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| ES6Promise function| _s object| Base64 object| XD object| fastdom object| Wishpond function| CrossStorageClient number| len object| prototype string| k object| Honeybadger function| jqlite function| strftime function| strftimeTZ function| strftimeUTC function| localizedStrftime function| Tooltip function| SelectDropdown function| Calendar function| _wp object| wishpondApp object| $$jqListeners object| embedded_svc object| _laq function| initESW undefined| s

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			avisodeprivacidad.uvcleisuretravel.com/	1970-01-20 03:17:31	Name: userTracker Value: "wkuk7zy3l0b5oehn"

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://cdn.wishpond.net/connect.js?merchantId=1435522&socialCampaignId=2596591&writeKey=6d3328b0b29e(Line 5) Message: get userTracker SyntaxError: Unexpected end of JSON input
console-api	warning	URL: https://cdn.wishpond.net/connect.js?merchantId=1435522&socialCampaignId=2596591&writeKey=6d3328b0b29e(Line 5) Message: get participation:2843883 SyntaxError: Unexpected end of JSON input
console-api	warning	URL: https://service.force.com/embeddedservice/5.0/esw.min.js(Line 15) Message: [Snap-ins] Warning: Embedded Service Chat may not function correctly with this native JS function modified: document.addEventListener
console-api	warning	URL: https://service.force.com/embeddedservice/5.0/esw.min.js(Line 15) Message: [Snap-ins] Warning: Embedded Service Chat may not function correctly with this native JS function modified: document.removeEventListener
console-api	warning	URL: https://service.force.com/embeddedservice/5.0/esw.min.js(Line 15) Message: [Snap-ins] Warning: Embedded Service Chat may not function correctly with this native JS function modified: window.addEventListener
console-api	warning	URL: https://service.force.com/embeddedservice/5.0/esw.min.js(Line 15) Message: [Snap-ins] Warning: Embedded Service Chat may not function correctly with this native JS function modified: window.removeEventListener
console-api	warning	URL: https://service.force.com/embeddedservice/5.0/esw.min.js(Line 15) Message: [Snap-ins] Warning: Embedded Service Chat may not function correctly with this native JS function modified: window.setInterval
console-api	warning	URL: https://service.force.com/embeddedservice/5.0/esw.min.js(Line 15) Message: [Snap-ins] Warning: Embedded Service Chat may not function correctly with this native JS function modified: window.setTimeout

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

amruvcchat.secure.force.com
avisodeprivacidad.uvcleisuretravel.com
bookie.wishpond.com
cdn.wishpond.net
d30itml3t0pwpf.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
service.force.com
www.wishpond.com
13.108.249.111
13.225.74.116
13.225.84.85
161.71.10.41
2a00:1450:4001:801::200a
2a00:1450:4001:810::2003
3.212.224.10
52.73.234.197
54.197.231.60
01f5a67caa33661cd1698afb1a912b91d9eddc962c2d78307b3b32a5453214e4
06b5a49abdb9153bc58047c864e170aca81b21df27b7bad58bc988832f2df878
0cc3efdca077ec2c251c53542bc32fd18394b5eff8a8814756c04d725ac1f071
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
1935a282db8642a7a0ec75c44abddaba852464774e90da5dc56e6ee4b8d2ef44
1d94fd1a3793df0abe10fb36e59825864e1ec9623496e1e04c9cca624be01394
23a6efa6ec905bab24aad1ee10a385d256732033d43f872aa660cdecb23ee573
316a1f04e09cfaf1bd5c40e6f9ae51b8ffb893c9850e2f6d62d06075c1c56abf
5a2a2f956d69194b53632eec961f3af53cb71a736264a3cfece092e1041f59bd
6e07e34bbd68097186902a70c18447371bfaa2be1338b6b4be90adbe3fc134fc
6fe83329c21c4114bda6fbd591f60d0d962c35086e1c0ad8439756f2fb6c3462
72b8de3f8058e9ea7ae5a4701b256c8c28054b87edb69016403f8162dcccf114
81729315d7bc0b84233d582fd65b1a1fda0ddab9da76d7cdcb6ba1d3552ac561
8767f01caa430c5bd4e3b008a8e9dfe022156a4e91a23c394fdcb05c267f1b94
96ddd38efe76ec82a9f2b4ecb8c151aa7b202d792823131a8936fc9bd616b22a
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
dd575925971e9d0bbfdd4cfecfbd110fd6d1d098c57836707cbabe035fe92779
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41fb1bf921cdf54e615705211d615f94a1f14c97e68c5beb06c859470882868
e6bd0a3ccc9351f05bacc94f4761067e0fcf44b84421b3801cc3245e6698f9af
e7147435a9b04de628d3c0a85c0660d02b744005f38a9c80e5fd683997dedd52
e95adf185163da2a5de0c7b86bede911851ce891c2808d11dc9bb5d64addca95
eef3e88d5897d30d6e8b70a1c8697ff65634eda9acf2a7ddb9b9159a3e5eab3c
f061bc341f0b5e35ceb948b49239c6030ad9526c8b467f553625c5177593391c
f33990d4691a89cd87e4d4e0bde1ac8f5dfcf32fbd8d838ec206d790f24531e1
fbcc13a662067a16e58a328d3081bbf2c350e48a3d2568597cada7d741fe8f7d