www.excellentravel.com Open in urlscan Pro
2606:4700:3034::6818:7dd6 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://excellentravel.com/
Effective URL:
https://www.excellentravel.com/
Submission: On July 19 via manual (July 19th 2020, 6:28:15 pm UTC) from MX

Summary HTTP 53 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 26 IPs in 6 countries across 26 domains to perform 53 HTTP transactions. The main IP is 2606:4700:3034::6818:7dd6, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.excellentravel.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 18th 2020. Valid for: a year.

This is the only time www.excellentravel.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 13	2606:4700:303... 2606:4700:3034::6818:7dd6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2001:4de0:ac1... 2001:4de0:ac19::1:b:3b	20446 (HIGHWINDS3) (HIGHWINDS3)
3	2606:4700::68... 2606:4700::6810:85e5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	192.0.77.2 192.0.77.2	2635 (AUTOMATTIC) (AUTOMATTIC)
1	143.204.201.119 143.204.201.119	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700::68... 2606:4700::6810:8ee7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	35.244.219.136 35.244.219.136	15169 (GOOGLE) (GOOGLE)
1	216.243.201.224 216.243.201.224	11320 (LIGHTEDGE...) (LIGHTEDGE-AS-02)
1	2a04:4e42:1b:... 2a04:4e42:1b::720	54113 (FASTLY) (FASTLY)
1	108.179.234.145 108.179.234.145	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
1	68.232.34.114 68.232.34.114	15133 (EDGECAST) (EDGECAST)
1	151.101.114.38 151.101.114.38	54113 (FASTLY) (FASTLY)
1	189.139.98.117 189.139.98.117	8151 (Uninet S....) (Uninet S.A. de C.V.)
1	50.31.174.56 50.31.174.56	23352 (SERVERCEN...) (SERVERCENTRAL)
1	2620:0:862:ed... 2620:0:862:ed1a::2:b	14907 (WIKIMEDIA) (WIKIMEDIA)
1	66.33.208.154 66.33.208.154	26347 (DREAMHOST-AS) (DREAMHOST-AS)
1	38.68.51.227 38.68.51.227	396073 (MAJESTIC-...) (MAJESTIC-HOSTING-01)
1	192.200.117.92 192.200.117.92	53850 (GORILLASE...) (GORILLASERVERS)
7	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	104.111.228.123 104.111.228.123	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:814::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:815::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:825::2001	15169 (GOOGLE) (GOOGLE)
1	23.8.7.81 23.8.7.81	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
53	26

13 2606:4700:3034::6818:7dd6 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

excellentravel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.excellentravel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4de0:ac19::1:b:3b (Netherlands)

ASN20446 (HIGHWINDS3, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:85e5 (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ajax.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i0.wp.com

i0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.201.119 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-201-119.fra53.r.cloudfront.net

img.gruporeforma.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:8ee7 (United States)

ASN13335 (CLOUDFLARENET, US)

www.eluniversal.com.mx	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.219.136 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 136.219.244.35.bc.googleusercontent.com

cdn.mexicodestinos.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.243.201.224 (United States)

ASN11320 (LIGHTEDGE-AS-02, US)
PTR: network.royalbfp.com

blog.expedia.mx	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:1b::720 (Ascension Island)

ASN54113 (FASTLY, US)

afar-production.imgix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.179.234.145 (Houston, United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: 108-179-234-145.unifiedlayer.com

www.csttravels.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 68.232.34.114 (United States)

ASN15133 (EDGECAST, US)

cdn.civitatis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.114.38 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

media.tacdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 189.139.98.117 (Ecatepec de Morelos, Mexico)

ASN8151 (Uninet S.A. de C.V., MX)
PTR: dsl-189-139-98-117-dyn.prod-infinitum.com.mx

www.skyballoons.mx	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 50.31.174.56 (Elk Grove Village, United States)

ASN23352 (SERVERCENTRAL, US)
PTR: single-4788.banahosting.com

www.volarenglobo.com.mx	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:0:862:ed1a::2:b (United States)

ASN14907 (WIKIMEDIA, US)

upload.wikimedia.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.33.208.154 (Brea, United States)

ASN26347 (DREAMHOST-AS, US)
PTR: apache2-rank.richard-dobbs.dreamhost.com

www.museosdemexico.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 38.68.51.227 (United States)

ASN396073 (MAJESTIC-HOSTING-01, US)

www.zuritour.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.200.117.92 (Los Angeles, United States)

ASN53850 (GORILLASERVERS, US)

www.yocurvilinea.com.mx	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.111.228.123 (Netherlands)

ASN16625 (AKAMAI-AS, US)

www.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:814::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:815::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:825::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.8.7.81 (Netherlands)

ASN20940 (AKAMAI-ASN1, EU)

t.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	excellentravel.com 1 redirects excellentravel.com www.excellentravel.com	1 MB
7	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	179 KB
4	paypal.com www.paypal.com t.paypal.com	91 KB
3	doubleclick.net googleads.g.doubleclick.net
3	cloudflare.com cdnjs.cloudflare.com ajax.cloudflare.com	18 KB
2	facebook.net connect.facebook.net	62 KB
2	eluniversal.com.mx www.eluniversal.com.mx	351 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com	38 KB
1	googletagservices.com www.googletagservices.com	27 KB
1	google.com adservice.google.com	887 B
1	google.de adservice.google.de	887 B
1	googleapis.com ajax.googleapis.com	30 KB
1	yocurvilinea.com.mx www.yocurvilinea.com.mx	438 KB
1	zuritour.com www.zuritour.com	38 KB
1	museosdemexico.com www.museosdemexico.com	161 KB
1	wikimedia.org upload.wikimedia.org	76 KB
1	volarenglobo.com.mx www.volarenglobo.com.mx	209 KB
1	skyballoons.mx www.skyballoons.mx	170 KB
1	tacdn.com media.tacdn.com	22 KB
1	civitatis.com cdn.civitatis.com	177 KB
1	csttravels.com www.csttravels.com	20 KB
1	imgix.net afar-production.imgix.net	215 KB
1	expedia.mx blog.expedia.mx	86 KB
1	mexicodestinos.com cdn.mexicodestinos.com	78 KB
1	gruporeforma.com img.gruporeforma.com	124 KB
1	wp.com i0.wp.com	130 KB
53	26

	Domain	Requested by
8	excellentravel.com	1 redirects www.excellentravel.com
5	pagead2.googlesyndication.com	ajax.cloudflare.com pagead2.googlesyndication.com
5	www.excellentravel.com	www.excellentravel.com
3	googleads.g.doubleclick.net	pagead2.googlesyndication.com
3	www.paypal.com	ajax.cloudflare.com www.paypal.com
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	connect.facebook.net	ajax.cloudflare.com connect.facebook.net
2	www.eluniversal.com.mx	www.excellentravel.com
2	cdnjs.cloudflare.com	www.excellentravel.com ajax.cloudflare.com
2	maxcdn.bootstrapcdn.com	www.excellentravel.com ajax.cloudflare.com
1	t.paypal.com
1	www.googletagservices.com	pagead2.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	ajax.googleapis.com	ajax.cloudflare.com
1	ajax.cloudflare.com	www.excellentravel.com
1	www.yocurvilinea.com.mx	www.excellentravel.com
1	www.zuritour.com	www.excellentravel.com
1	www.museosdemexico.com	www.excellentravel.com
1	upload.wikimedia.org	www.excellentravel.com
1	www.volarenglobo.com.mx	www.excellentravel.com
1	www.skyballoons.mx	www.excellentravel.com
1	media.tacdn.com	www.excellentravel.com
1	cdn.civitatis.com	www.excellentravel.com
1	www.csttravels.com	www.excellentravel.com
1	afar-production.imgix.net	www.excellentravel.com
1	blog.expedia.mx	www.excellentravel.com
1	cdn.mexicodestinos.com	www.excellentravel.com
1	img.gruporeforma.com	www.excellentravel.com
1	i0.wp.com	www.excellentravel.com
53	30

This site contains links to these domains. Also see Links.

Domain
api.whatsapp.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-18` - `2021-07-18`	a year	crt.sh
*.bootstrapcdn.com Sectigo RSA Domain Validation Secure Server CA	`2019-09-14` - `2020-10-13`	a year	crt.sh
cloudflare.com Cloudflare Inc ECC CA-3	`2020-07-04` - `2021-07-04`	a year	crt.sh
*.wp.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-02` - `2022-07-05`	2 years	crt.sh
*.gruporeforma.com Amazon	`2020-02-11` - `2021-03-11`	a year	crt.sh
*.eluniversal.com.mx Go Daddy Secure Certificate Authority - G2	`2020-06-10` - `2021-06-14`	a year	crt.sh
*.mexicodestinos.com Go Daddy Secure Certificate Authority - G2	`2020-02-20` - `2021-03-03`	a year	crt.sh
blog.expedia.mx Entrust Certification Authority - L1K	`2018-06-25` - `2020-09-23`	2 years	crt.sh
imgix.map.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2019-08-20` - `2020-08-20`	a year	crt.sh
csttravels.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-28` - `2021-06-28`	a year	crt.sh
*.civitatis.com GeoTrust RSA CA 2018	`2020-05-04` - `2022-05-05`	2 years	crt.sh
media.tacdn.com DigiCert SHA2 Secure Server CA	`2020-03-23` - `2021-04-19`	a year	crt.sh
skyballoons.mx Sectigo RSA Domain Validation Secure Server CA	`2020-04-28` - `2021-04-28`	a year	crt.sh
volarenglobo.com.mx Let's Encrypt Authority X3	`2020-07-05` - `2020-10-03`	3 months	crt.sh
*.wikipedia.org DigiCert SHA2 High Assurance Server CA	`2019-11-12` - `2020-10-06`	a year	crt.sh
museosdemexico.com Sectigo RSA Domain Validation Secure Server CA	`2020-05-16` - `2021-05-16`	a year	crt.sh
*.zuritour.com Let's Encrypt Authority X3	`2020-06-01` - `2020-08-30`	3 months	crt.sh
yocurvilinea.com.mx Let's Encrypt Authority X3	`2020-05-31` - `2020-08-29`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-06-30` - `2020-09-22`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-05-14` - `2020-08-05`	3 months	crt.sh
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2020-01-09` - `2022-01-12`	2 years	crt.sh
upload.video.google.com GTS CA 1O1	`2020-06-30` - `2020-09-22`	3 months	crt.sh
*.google.de GTS CA 1O1	`2020-06-30` - `2020-09-22`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-06-30` - `2020-09-22`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-06-30` - `2020-09-22`	3 months	crt.sh
t.paypal.com DigiCert SHA2 Extended Validation Server CA	`2020-01-09` - `2022-01-12`	2 years	crt.sh

This page contains 5 frames:

Primary Page: https://www.excellentravel.com/
Frame ID: 9E17F0BEC44D984E6B38A69447EEA478
Requests: 51 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20200715/r20190131/zrt_lookup.html
Frame ID: 928E574ED4103F77E0AF704B88E4F346
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5416819712408858&output=html&adk=1812271804&adf=3025194257&lmt=1595183278&plat=1%3A32776%2C2%3A16809992%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fwww.excellentravel.com%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1595183278172&bpp=12&bdt=2657&idt=88&shv=r20200715&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=611797150624&frm=20&pv=2&ga_vid=1853632907.1595183278&ga_sid=1595183278&ga_hid=2123000682&ga_fc=0&iag=0&icsg=197141130&dssz=18&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066392%2C21066532&oid=3&pvsid=2225903990785209&pem=823&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=9232&bc=31&ifi=0&uci=a!0&fsb=1&dtd=104
Frame ID: 10FB75F4374D8CBD14E5B1CC50C6BE38
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5416819712408858&output=html&h=90&slotname=7062134934&adk=282718226&adf=533964676&w=970&lmt=1595183278&rafmt=12&psa=0&guci=1.2.0.0.2.2.0.0&format=970x90&url=https%3A%2F%2Fwww.excellentravel.com%2F&flash=0&wgl=1&adsid=NT&dt=1595183278184&bpp=4&bdt=2669&idt=97&shv=r20200715&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=611797150624&frm=20&pv=1&ga_vid=1853632907.1595183278&ga_sid=1595183278&ga_hid=2123000682&ga_fc=0&iag=0&icsg=2344624778&dssz=19&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=266&ady=428&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066392%2C21066532&oid=3&pvsid=2225903990785209&pem=823&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=9488&bc=31&ifi=1&uci=a!1&fsb=1&xpc=c8kQdQRjYZ&p=https%3A//www.excellentravel.com&dtd=102
Frame ID: 5A504D567A6D5C2B0410898D5814126C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html
Frame ID: A589A8069E705FA9C2842F980366E7E5
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://excellentravel.com/ HTTP 302
https://www.excellentravel.com/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

53
Requests

100 %
HTTPS

44 %
IPv6

26
Domains

30
Subdomains

26
IPs

6
Countries

3937 kB
Transfer

4935 kB
Size

2
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://api.whatsapp.com/send?phone=525546995151&text=Hola,%20tengo%20una%20duda
Title:

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://excellentravel.com/ HTTP 302
https://www.excellentravel.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

53 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.excellentravel.com/
Redirect Chain

http://excellentravel.com/
https://www.excellentravel.com/

45 KB
10 KB

919ms
878ms

Document
text/html

2606:4700:3034::6818:7dd6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.excellentravel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6818:7dd6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.3.17

Resource Hash

b35f30e38f3060886051b18f6c4ad16c6755d71e1f3c7e51cd2254c6c5e268ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.excellentravel.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: __cfduid=dba5e0cac7e9ad51f8f4d86746d1e70ac1595183274
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Sun, 19 Jul 2020 18:27:55 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.3.17
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-frame-options: sameorigin
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: strict-origin-when-cross-origin
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
set-cookie: PHPSESSID=cf5239ed6b5aedf2a1892247646c87c4; path=/; secure; HttpOnly
vary: Accept-Encoding,User-Agent
cf-cache-status: DYNAMIC
cf-request-id: 0409ee328a0000969e6dba5200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5b567fca7cf3969e-FRA
content-encoding: br

Redirect headers

Date: Sun, 19 Jul 2020 18:27:54 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=dba5e0cac7e9ad51f8f4d86746d1e70ac1595183274; expires=Tue, 18-Aug-20 18:27:54 GMT; path=/; domain=.excellentravel.com; HttpOnly; SameSite=Lax
Location: https://www.excellentravel.com/
CF-Cache-Status: DYNAMIC
cf-request-id: 0409ee318900001f3937985200000001
Server: cloudflare
CF-RAY: 5b567fc8df271f39-FRA

GET
H2 200 ibqGyNknIh-1t0ybguMSSP9OsH8.js Show response
www.excellentravel.com/cdn-cgi/apps/head/ 26 KB
8 KB 395ms
394ms Script
application/javascript 2606:4700:3034::6818:7dd6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.excellentravel.com/cdn-cgi/apps/head/ibqGyNknIh-1t0ybguMSSP9OsH8.js
Requested by: Host: www.excellentravel.com
URL: https://www.excellentravel.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6818:7dd6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c52ea4b46ef0fed5af6068c0b3aee579e4c6172f1a9a8cda18c452dee3fb0b2a

Request headers

Referer: https://www.excellentravel.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 19 Jul 2020 18:27:55 GMT
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: 18D54175FB8C0966
status: 200
x-amz-version-id: lh97K3bPYF_PRGw305H9Fc1Gl4X5Jwgf
x-amz-id-2: MoId/Sb8l9zaV7EiuKeVc+Dj114nbx+ON9K8uESP3sSK5SPN6evhOT4LWUO7NKKKi4ZqCBfkUPk=
last-modified: Sat, 04 Jul 2020 01:21:41 GMT
server: cloudflare
etag: W/"062b2f231de14b8f43cbc80dd70dcb6d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-request-id: 0409ee35ff0000969e6dbc4200000001
cf-ray: 5b567fcffa1b969e-FRA

GET
H2 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/4.3.1/css/ 152 KB
23 KB 26ms
9ms Stylesheet
text/css 2001:4de0:ac19::1:b:3b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/4.3.1/css/bootstrap.min.css

Requested by

Host: www.excellentravel.com
URL: https://www.excellentravel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Resource Hash

60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.excellentravel.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 19 Jul 2020 18:27:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Feb 2019 16:40:50 GMT
status: 200
etag: "1550076050"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 23237

GET
H2 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 30 KB
7 KB 36ms
18ms Stylesheet
text/css 2606:4700::6810:85e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: www.excellentravel.com
URL: https://www.excellentravel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:85e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://www.excellentravel.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 19 Jul 2020 18:27:55 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 851369
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0409ee361000001f3574922200000001
timing-allow-origin: *
last-modified: Thu, 17 May 2018 09:19:12 GMT
server: cloudflare
etag: W/"5afd4910-7918"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
content-type: text/css
access-control-allow-origin: *
expires: Fri, 09 Jul 2021 18:27:55 GMT
cache-control: public, max-age=30672000
cf-ray: 5b567fd01c6d1f35-FRA
served-in-seconds: 0.001

GET
H2 200 dynamic.css.php
excellentravel.com/core/static/css/ 3 KB
830 B 430ms
430ms Stylesheet
text/css 2606:4700:3034::6818:7dd6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://excellentravel.com/core/static/css/dynamic.css.php?s=common
Requested by: Host: www.excellentravel.com
URL: https://www.excellentravel.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6818:7dd6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.3.17
Resource Hash: 0d61bc397025bed02196782fcb6edef2f458d87bd9d089ccd98acf31ddd10dab

Request headers

Referer: https://www.excellentravel.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Jul 2020 18:27:55 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: PHP/7.3.17
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
content-type: text/css; charset=utf-8
status: 200
cache-control: no-store, no-cache, must-revalidate
cf-ray: 5b567fcffa19969e-FRA
cf-request-id: 0409ee35ff0000969e6dbc3200000001
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 logo.png
www.excellentravel.com/core/static/images/logos/ 72 KB
72 KB 558ms
558ms Image
image/png 2606:4700:3034::6818:7dd6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.excellentravel.com/core/static/images/logos/logo.png
Requested by: Host: www.excellentravel.com
URL: https://www.excellentravel.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6818:7dd6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe16c5f5569d0b1d897cfaba0c648a11cdf95e1da9ea971d21a0f05dc352d9f6

Request headers

Referer: https://www.excellentravel.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 19 Jul 2020 18:27:56 GMT
cf-cache-status: MISS
last-modified: Wed, 04 Dec 2019 19:41:53 GMT
server: cloudflare
etag: "3420acd-12045-598e60135d64a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5b567fd27c2c969e-FRA
content-length: 73797
cf-request-id: 0409ee378b0000969e6dbd6200000001

GET
H2 200 2-1.jpg
i0.wp.com/noticieros.televisa.com/wp-content/uploads/2017/04/ 130 KB
130 KB 69ms
26ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/noticieros.televisa.com/wp-content/uploads/2017/04/2-1.jpg?w=943&ssl=1

Requested by

Host: www.excellentravel.com
URL: https://www.excellentravel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

1eb3ea12f99f04cdf6f9b2b694e1b9f71e9a4aeeb542d20f449a4d1f55bdf8e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.excellentravel.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT ams 3
date: Sun, 19 Jul 2020 18:27:55 GMT
x-content-type-options: nosniff
x-bytes-saved: 15875
last-modified: Tue, 14 Jul 2020 23:40:00 GMT
server: nginx
etag: "af789057eb94cc7c"
vary: Accept
content-type: image/webp
status: 200
cache-control: public, max-age=63115200
link: <https://noticieros.televisa.com/wp-content/uploads/2017/04/2-1.jpg>; rel="canonical"
content-length: 132788
expires: Fri, 15 Jul 2022 11:40:00 GMT

GET
H2 200 logo.png
excellentravel.com/core/static/images/logos/ 72 KB
72 KB 643ms
639ms Image
image/png 2606:4700:3034::6818:7dd6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://excellentravel.com/core/static/images/logos/logo.png
Requested by: Host: www.excellentravel.com
URL: https://www.excellentravel.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6818:7dd6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe16c5f5569d0b1d897cfaba0c648a11cdf95e1da9ea971d21a0f05dc352d9f6

Request headers

Referer: https://www.excellentravel.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 19 Jul 2020 18:27:56 GMT
cf-cache-status: MISS
last-modified: Wed, 04 Dec 2019 19:41:53 GMT
server: cloudflare
etag: "3420acd-12045-598e60135d64a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5b567fd28c3d969e-FRA
content-length: 73797
cf-request-id: 0409ee37990000969e6dbd8200000001

GET
H2 200 4216199.jpg
img.gruporeforma.com/imagenes/960x640/5/217/ 124 KB
124 KB 125ms
30ms Image
image/jpeg 143.204.201.119
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.gruporeforma.com/imagenes/960x640/5/217/4216199.jpg

Requested by

Host: www.excellentravel.com
URL: https://www.excellentravel.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

143.204.201.119 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-201-119.fra53.r.cloudfront.net

Software

Microsoft-IIS/8.5 /

Resource Hash

83be94f02cd7e4c22e2f2a0a9e65884dca516ae0baf8c2f633af67b118c30928

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=15638400

Request headers

Referer: https://www.excellentravel.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
etag: "10389c6285dd41:0"
age: 14942
x-cache: Hit from cloudfront
status: 200
cheac-control: max-age=86400
cteonnt-length: 127231
last-modified: Sat, 06 Oct 2018 03:58:01 GMT
server: Microsoft-IIS/8.5
date: Sun, 19 Jul 2020 14:18:39 GMT
strict-transport-security: max-age=15638400
content-type: image/jpeg
via: 1.1 86ef89199388021c33b079c598103b12.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
x-amz-cf-id: 4n6HNFdyVzKDWBpXJztJTVbcXo7m5ygiBjY6r-o51kN-VKpdVEey5A==
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 monarca.jpeg
excellentravel.com/core/static/images/servicios/tours/ 325 KB
326 KB 663ms
660ms Image
image/jpeg 2606:4700:3034::6818:7dd6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://excellentravel.com/core/static/images/servicios/tours/monarca.jpeg
Requested by: Host: www.excellentravel.com
URL: https://www.excellentravel.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6818:7dd6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a3d777769b96915629920610c41e6d15867b5c684547ee89de888ab4c535e98

Request headers

Referer: https://www.excellentravel.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 19 Jul 2020 18:27:56 GMT
cf-cache-status: MISS
last-modified: Wed, 15 Jan 2020 15:40:38 GMT
server: cloudflare
etag: "3420bdd-51498-59c2f87c097b7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5b567fd28c40969e-FRA
content-length: 332952
cf-request-id: 0409ee37990000969e6dbd9200000001

GET
H2 200 1.jpeg
excellentravel.com/core/static/images/slides/ 161 KB
162 KB 686ms
683ms Image
image/jpeg 2606:4700:3034::6818:7dd6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://excellentravel.com/core/static/images/slides/1.jpeg
Requested by: Host: www.excellentravel.com
URL: https://www.excellentravel.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6818:7dd6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c9b0117edbd9cf82101184da5dfd5ab2ca6be157bbc32eca0e69adf04890a54

Request headers

Referer: https://www.excellentravel.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 19 Jul 2020 18:27:56 GMT
cf-cache-status: MISS
last-modified: Sun, 22 Dec 2019 00:43:56 GMT
server: cloudflare
etag: "3420c31-28485-59a4034b40df6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5b567fd28c43969e-FRA
content-length: 164997
cf-request-id: 0409ee37990000969e6dbda200000001

GET
H2 200 quehacer_penabernal_pueblomagico_queretaro_actividades.jpg
www.eluniversal.com.mx/sites/default/files/styles/f03-651x400/public/2017/10/25/ 285 KB
286 KB 440ms
416ms Image
image/jpeg 2606:4700::6810:8ee7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.eluniversal.com.mx/sites/default/files/styles/f03-651x400/public/2017/10/25/quehacer_penabernal_pueblomagico_queretaro_actividades.jpg?itok=uX3nsLPc&c=7824324254261df61c9ba52273a769da

Requested by

Host: www.excellentravel.com
URL: https://www.excellentravel.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6810:8ee7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c6d599a5540d466ee1b060d005b1d688d722cf9db38bc8ac6d96ca813639a8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.excellentravel.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 19 Jul 2020 18:27:56 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
status: 200
level: 5A
content-length: 292241
cf-request-id: 0409ee37ae000005f9fc820200000001
last-modified: Fri, 22 Nov 2019 18:20:58 GMT
server: cloudflare
etag: "47591-597f379b4a49c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 5b567fd2bcf905f9-FRA
expires: Thu, 21 Jan 2021 18:27:56 GMT

GET
H2 200 vacaciones_2mil_pesos_san_miguel_de_allende_guanajuato.jpg
www.eluniversal.com.mx/sites/default/files/styles/f03-651x400/public/2017/09/13/ 65 KB
65 KB 433ms
410ms Image
image/jpeg 2606:4700::6810:8ee7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.eluniversal.com.mx/sites/default/files/styles/f03-651x400/public/2017/09/13/vacaciones_2mil_pesos_san_miguel_de_allende_guanajuato.jpg?itok=F7l_pU-c&c=7116027b9f8832a33800da6e6b01f8c1

Requested by

Host: www.excellentravel.com
URL: https://www.excellentravel.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6810:8ee7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8b44e7649bb13b666c5d7f5c6c517475662d835460924b73c4e39db09ac61709

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.excellentravel.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 19 Jul 2020 18:27:56 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
status: 200
level: 2A
content-length: 66509
cf-request-id: 0409ee37ae000005f9fc821200000001
last-modified: Fri, 15 Sep 2017 16:47:53 GMT
server: cloudflare
etag: "103cd-5593d276ec040"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 5b567fd2bcfb05f9-FRA
expires: Thu, 21 Jan 2021 18:27:56 GMT

GET
H2 200 basilica.jpg
excellentravel.com/core/static/images/servicios/tours/ 116 KB
116 KB 579ms
577ms Image
image/jpeg 2606:4700:3034::6818:7dd6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://excellentravel.com/core/static/images/servicios/tours/basilica.jpg
Requested by: Host: www.excellentravel.com
URL: https://www.excellentravel.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6818:7dd6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1cc5838ce2c9c7a29953bfff7102ce55016f57f013584a310b58574dcbb07e26

Request headers

Referer: https://www.excellentravel.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 19 Jul 2020 18:27:56 GMT
cf-cache-status: MISS
last-modified: Tue, 07 Jan 2020 05:34:29 GMT
server: cloudflare
etag: "3420c32-1cf75-59b8621435e87"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5b567fd28c44969e-FRA
content-length: 118645
cf-request-id: 0409ee37990000969e6dbdb200000001

GET
H2 200 amoles.jpeg
excellentravel.com/core/static/images/servicios/tours/ 138 KB
139 KB 650ms
647ms Image
image/jpeg 2606:4700:3034::6818:7dd6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://excellentravel.com/core/static/images/servicios/tours/amoles.jpeg
Requested by: Host: www.excellentravel.com
URL: https://www.excellentravel.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6818:7dd6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aef81cecd337dae75e64ec22e694966e144017d08ad7a3e255c96c8dd6158d8d

Request headers

Referer: https://www.excellentravel.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 19 Jul 2020 18:27:56 GMT
cf-cache-status: MISS
last-modified: Sat, 04 Jan 2020 19:33:14 GMT
server: cloudflare
etag: "3420c43-229f0-59b557f55b895"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5b567fd28c45969e-FRA
content-length: 141808
cf-request-id: 0409ee37990000969e6dbdc200000001

GET
H2 200 tour-cuernavaca-y-taxco-princ-min.jpg
cdn.mexicodestinos.com/tours/ 78 KB
78 KB 399ms
299ms Image
image/jpeg 35.244.219.136
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mexicodestinos.com/tours/tour-cuernavaca-y-taxco-princ-min.jpg
Requested by: Host: www.excellentravel.com
URL: https://www.excellentravel.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.219.136 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 136.219.244.35.bc.googleusercontent.com
Software: AmazonS3 /
Resource Hash: 48b659d13283f13dcdcd825b918478d18066530d3546ce82cbf087a4672bc250

Request headers

Referer: https://www.excellentravel.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 19 Jul 2020 18:27:57 GMT
via: 1.1 google
last-modified: Fri, 29 May 2020 14:13:45 GMT
server: AmazonS3
x-amz-request-id: 5BBFD576536074C9
etag: "4b2be6b6cbeb6b006d242c98cddc4845"
content-type: image/jpeg
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: clear
content-length: 79858
x-amz-id-2: 2Vb5Tm6jyA+UcQDR8mNJkJTx0COGwQZzS4LRZDbKyBqeMG7xfB1v2hItl/V7zr8i1ZfW3quIkmM=

GET
H/1.1 200
OK Arcos-de-Guadalajara.jpg
blog.expedia.mx/wp-content/uploads/2015/11/ 86 KB
86 KB 575ms
239ms Image
image/jpeg 216.243.201.224
LIGHTEDGE-AS-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.expedia.mx/wp-content/uploads/2015/11/Arcos-de-Guadalajara.jpg
Requested by: Host: www.excellentravel.com
URL: https://www.excellentravel.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 216.243.201.224 , United States, ASN11320 (LIGHTEDGE-AS-02, US),
Reverse DNS: network.royalbfp.com
Software: nginx/1.17.0 /
Resource Hash: 509d0f0d58482171ea2f044821f92c6e345c31a70851f8780488d4a4b4880e55

Request headers

Referer: https://www.excellentravel.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 19 Jul 2020 18:27:56 GMT
Last-Modified: Sat, 04 Aug 2018 19:21:49 GMT
X-Server-Name: Wave-PPL-Web-13
ETag: "1584f-572a0f4af0d40"
X-Cache-Status: HIT
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 88143
Server: nginx/1.17.0

GET
H2 200 original_open-uri20140103-31637-16aa6k2
afar-production.imgix.net/uploads/images/post_images/images/aclmaitsEY/ 214 KB
215 KB 189ms
174ms Image
image/webp 2a04:4e42:1b::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://afar-production.imgix.net/uploads/images/post_images/images/aclmaitsEY/original_open-uri20140103-31637-16aa6k2?1388785714?ixlib=rails-0.3.0&auto=format%2Ccompress&crop=entropy&fit=crop&h=719&q=80&w=954

Requested by

Host: www.excellentravel.com
URL: https://www.excellentravel.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::720 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

0852460bc1bda2a0ad0557f0ccbe3e5e6f431b3c45fe6dafa030e1e45626aa73

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.excellentravel.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 19 Jul 2020 18:27:56 GMT
x-content-type-options: nosniff
last-modified: Mon, 13 Jul 2020 01:02:04 GMT
server: imgix
age: 581150
vary: Accept, User-Agent
x-cache: HIT, MISS
content-type: image/webp
status: 200
cache-control: public, max-age=315576000
x-imgix-id: 145254d58f4a5aaffd625de26d63e0102cf176d3
accept-ranges: bytes
access-control-allow-origin: *
content-length: 219354
x-served-by: cache-lax8634-LAX, cache-hhn4037-HHN

GET
H2 200 puebla-cholula-tonantzintla-28093.jpg
www.csttravels.com/img/thumbnail/medium/ 20 KB
20 KB 1144ms
489ms Image
image/jpeg 108.179.234.145
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.csttravels.com/img/thumbnail/medium/puebla-cholula-tonantzintla-28093.jpg
Requested by: Host: www.excellentravel.com
URL: https://www.excellentravel.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 108.179.234.145 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 108-179-234-145.unifiedlayer.com
Software: Apache /
Resource Hash: a9b3630dbac3886122584a1243fd60b2b736cee26bc1a2f8704185503bda771f

Request headers

Referer: https://www.excellentravel.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Sun, 19 Jul 2020 18:27:56 GMT
cache-control: max-age=2592000, public
server: Apache
content-encoding: gzip
vary: Accept-Encoding
content-type: image/jpeg

GET
H2 200 teotihuacan-globo-mexico.jpg
cdn.civitatis.com/mexico/ciudad-de-mexico/galeria/ 176 KB
177 KB 176ms
24ms Image
image/webp 68.232.34.114
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.civitatis.com/mexico/ciudad-de-mexico/galeria/teotihuacan-globo-mexico.jpg
Requested by: Host: www.excellentravel.com
URL: https://www.excellentravel.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 68.232.34.114 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (amb/6B57) /
Resource Hash: 65132af33a99b8f3b973517048db668e95030b2367c01db7440bc2b5afd9eb54

Request headers

Referer: https://www.excellentravel.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 19 Jul 2020 18:27:56 GMT
via: 1.1 half.ams.liquifire.com/w (RenderCache/3.4.7)
x-cache-lookup: MISS from half.ams.liquifire.com/w:81
age: 5041186
lf-nocache: true
x-cache: HIT
status: 200
lf-candidates-2: base1/_original_:183247
alt-svc: quic=":443"; ma=2592123; v="50,49,48,46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 180232
access-control-allow-origin: *
last-modified: Fri, 22 May 2020 10:08:11 GMT
server: ECAcc (amb/6B57)
content-type: image/webp
lf-candidates-1: base1/WEBP:180232
lf-jobid: 9e5b963a/llo/651
accept-ranges: bytes
lf-smallest: base1/WEBP:180232
expires: Sat, 17 Oct 2020 18:27:57 GMT

GET
H2 200 b0.jpg
media.tacdn.com/media/attractions-splice-spp-360x240/07/b0/f1/ 22 KB
22 KB 83ms
22ms Image
image/jpeg 151.101.114.38
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.tacdn.com/media/attractions-splice-spp-360x240/07/b0/f1/b0.jpg
Requested by: Host: www.excellentravel.com
URL: https://www.excellentravel.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.38 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 43e9d2fec1da95583edc97ae47a006d75b0a3038396e7a8017de9aa349d96467

Request headers

Referer: https://www.excellentravel.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 19 Jul 2020 18:27:56 GMT
via: 1.1 varnish, 1.1 varnish
etag: "556a30e6e1114d13e0bf0402b53ea73a"
x-media-cdn: 44690177
age: 2294539
x-cache: HIT, HIT
status: 200
content-length: 22441
x-served-by: cache-bwi5134-BWI, cache-hhn4038-HHN
timing-allow-origin: https://www.tripadvisor.com
last-modified: Wed, 03 Jul 2019 23:51:17 GMT
x-timer: S1595183276.208996,VS0,VE1
x-media-cdn-cache-hits: 0
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
x-media-cdn-cache: PASS
x-cache-hits: 1, 1

GET
H/1.1 200
OK gallery-skyballoons-1.jpg
www.skyballoons.mx/assets/images/gallery/ 170 KB
170 KB 1224ms
188ms Image
image/jpeg 189.139.98.117
Uninet S.A. de C.V.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.skyballoons.mx/assets/images/gallery/gallery-skyballoons-1.jpg
Requested by: Host: www.excellentravel.com
URL: https://www.excellentravel.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 189.139.98.117 Ecatepec de Morelos, Mexico, ASN8151 (Uninet S.A. de C.V., MX),
Reverse DNS: dsl-189-139-98-117-dyn.prod-infinitum.com.mx
Software: Apache/2.4.29 /
Resource Hash: 172e067d70e508fab61c8196bcabc076fc5af03bb1a684a2c58f45357f8c95d8

Request headers

Referer: https://www.excellentravel.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 19 Jul 2020 18:27:57 GMT
Last-Modified: Wed, 29 Jan 2020 14:25:23 GMT
Server: Apache/2.4.29
ETag: "2a66b-59d481c6353f7"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 173675

GET
H2 200 entrega-anillo-globo.jpg
www.volarenglobo.com.mx/images/vuelo-privado/ 209 KB
209 KB 837ms
116ms Image
image/jpeg 50.31.174.56
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.volarenglobo.com.mx/images/vuelo-privado/entrega-anillo-globo.jpg
Requested by: Host: www.excellentravel.com
URL: https://www.excellentravel.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 50.31.174.56 Elk Grove Village, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: single-4788.banahosting.com
Software: /
Resource Hash: 9abcccbed94d0d0e340c68a89fee7a6f6987d279cb3e68baadcdb3a40414a744

Request headers

Referer: https://www.excellentravel.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 19 Jul 2020 18:27:56 GMT
last-modified: Mon, 11 May 2020 19:38:37 GMT
vary: User-Agent
content-type: image/jpeg
status: 200
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
content-length: 213607
expires: Sun, 26 Jul 2020 18:27:56 GMT

GET
H2 200 640px-SSA41434.JPG
upload.wikimedia.org/wikipedia/commons/thumb/2/2f/SSA41434.JPG/ 75 KB
76 KB 42ms
14ms Image
image/jpeg 2620:0:862:ed1a::2:b
WIKIMEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://upload.wikimedia.org/wikipedia/commons/thumb/2/2f/SSA41434.JPG/640px-SSA41434.JPG

Requested by

Host: www.excellentravel.com
URL: https://www.excellentravel.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:0:862:ed1a::2:b , United States, ASN14907 (WIKIMEDIA, US),

Reverse DNS

Software

ATS/8.0.8 /

Resource Hash

fb48b2c51979f7fa4ebb30a2669d3d523e277e791914a41563fefa0bb87686f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=106384710; includeSubDomains; preload

Request headers

Referer: https://www.excellentravel.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 19 Jul 2020 08:13:52 GMT
age: 36844
x-cache-status: hit-local
x-cache: cp3051 hit, cp3063 miss
status: 200
content-disposition: inline;filename*=UTF-8''SSA41434.JPG
server-timing: cache;desc="hit-local"
content-length: 77023
x-client-ip: 2a01:4f8:192:5414::2
x-object-meta-sha1base36: 6o1qzrihf5ibub9my8xgv7wivcjspkh
last-modified: Thu, 30 Mar 2017 21:34:04 GMT
server: ATS/8.0.8
etag: 034ab88148a7898084a2d7ef5a2aed66
strict-transport-security: max-age=106384710; includeSubDomains; preload
content-type: image/jpeg
access-control-allow-origin: *
x-timestamp: 1490909643.47518
accept-ranges: bytes
timing-allow-origin: *
access-control-expose-headers: Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache

GET
H/1.1 200
OK tours-museo-nacional-de-historia-mexico.jpg
www.museosdemexico.com/_uploads/ 161 KB
161 KB 616ms
142ms Image
image/jpeg 66.33.208.154
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.museosdemexico.com/_uploads/tours-museo-nacional-de-historia-mexico.jpg
Requested by: Host: www.excellentravel.com
URL: https://www.excellentravel.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 66.33.208.154 Brea, United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS: apache2-rank.richard-dobbs.dreamhost.com
Software: Apache /
Resource Hash: ce3e4db33b4f23345df9cdacf67d60c0e9a066d514cc70a02faae3e70bc2c6da

Request headers

Referer: https://www.excellentravel.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 19 Jul 2020 18:27:56 GMT
Last-Modified: Mon, 23 May 2016 16:05:41 GMT
Server: Apache
ETag: "283d2-533849cbcbb74"
Vary: User-Agent
Upgrade: h2
Cache-Control: max-age=2592000
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Content-Type: image/jpeg
Keep-Alive: timeout=2, max=100
Content-Length: 164818
Expires: Tue, 18 Aug 2020 18:27:56 GMT

GET
H2 200 xochimilco.jpg
excellentravel.com/core/static/images/servicios/tours/ 266 KB
266 KB 579ms
578ms Image
image/jpeg 2606:4700:3034::6818:7dd6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://excellentravel.com/core/static/images/servicios/tours/xochimilco.jpg
Requested by: Host: www.excellentravel.com
URL: https://www.excellentravel.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6818:7dd6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8ad3394bc7b19bb942bc5d045ae5e73c94373873b031b87d4c224e0ab1d04677

Request headers

Referer: https://www.excellentravel.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 19 Jul 2020 18:27:56 GMT
cf-cache-status: MISS
last-modified: Sun, 05 Jan 2020 07:13:45 GMT
server: cloudflare
etag: "3420c55-4277b-59b5f489b55a7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5b567fd4de29969e-FRA
content-length: 272251
cf-request-id: 0409ee39090000969e6dbe8200000001

GET
H/1.1 200
OK 1084b7b1-6e4b-4a5f-ae90-fd6d3fa90e77.jpg
www.zuritour.com/wp-content/uploads/2019/09/ 37 KB
38 KB 694ms
143ms Image
image/jpeg 38.68.51.227
MAJESTIC-HOSTING-01

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.zuritour.com/wp-content/uploads/2019/09/1084b7b1-6e4b-4a5f-ae90-fd6d3fa90e77.jpg
Requested by: Host: www.excellentravel.com
URL: https://www.excellentravel.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 38.68.51.227 , United States, ASN396073 (MAJESTIC-HOSTING-01, US),
Reverse DNS
Software: Apache /
Resource Hash: c61e055ebc37cda2be75aecced2c2c78d7e698a5e55bdf48ea3bb255024734d9

Request headers

Referer: https://www.excellentravel.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 19 Jul 2020 18:27:56 GMT
Last-Modified: Wed, 26 Feb 2020 17:23:45 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 38317

GET
H2 200 073119_disfruta_del_amanercer_en_la_ciudad_de_los_dioses_Teotihuacan_A.jpg
www.yocurvilinea.com.mx/wp-content/uploads/2019/07/ 435 KB
438 KB 962ms
150ms Image
image/jpeg 192.200.117.92
GORILLASERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.yocurvilinea.com.mx/wp-content/uploads/2019/07/073119_disfruta_del_amanercer_en_la_ciudad_de_los_dioses_Teotihuacan_A.jpg
Requested by: Host: www.excellentravel.com
URL: https://www.excellentravel.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.200.117.92 Los Angeles, United States, ASN53850 (GORILLASERVERS, US),
Reverse DNS
Software: Apache/2 / W3 Total Cache/0.13.1
Resource Hash: 51080213d1357f671fbc5b9b2b1b7f59c7bedadad801aed1ab55f45627c574f4

Request headers

Referer: https://www.excellentravel.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Sun, 19 Jul 2020 18:27:57 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 01 Aug 2019 03:13:44 GMT
server: Apache/2
x-powered-by: W3 Total Cache/0.13.1
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 444964
etag: "6ca24-58f05a11a0a00"
expires: Mon, 19 Jul 2021 18:27:57 GMT

GET
H2 200 whatsapp.png
www.excellentravel.com/core/static/images/sociales/ 14 KB
14 KB 467ms
465ms Image
image/png 2606:4700:3034::6818:7dd6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.excellentravel.com/core/static/images/sociales/whatsapp.png
Requested by: Host: www.excellentravel.com
URL: https://www.excellentravel.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6818:7dd6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dad645b91702f43bdff9462cac1f0c62809417c176d53840cf6703dca48f3d33

Request headers

Referer: https://www.excellentravel.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 19 Jul 2020 18:27:56 GMT
cf-cache-status: MISS
last-modified: Wed, 20 Nov 2019 00:11:39 GMT
server: cloudflare
etag: "3420aab-38d9-597bc065cba29"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5b567fd28c46969e-FRA
content-length: 14553
cf-request-id: 0409ee37990000969e6dbdd200000001

GET
H2 200 rocket-loader.min.js Show response
ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/ 12 KB
4 KB 173ms
11ms Script
application/javascript 2606:4700::6810:85e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Requested by

Host: www.excellentravel.com
URL: https://www.excellentravel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:85e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.excellentravel.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 19 Jul 2020 18:27:56 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Tue, 14 Jul 2020 09:42:50 GMT
server: cloudflare
etag: W/"5f0d7e1a-3016"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: application/javascript
status: 200
cache-control: max-age=172800, public
strict-transport-security: max-age=15780000; includeSubDomains
cf-ray: 5b567fd64af31f35-FRA
cf-request-id: 0409ee39f100001f3574969200000001
expires: Tue, 21 Jul 2020 18:27:56 GMT

GET
DATA 200
OK truncated
/ 2 KB
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8f3c415c0594964e2d62c49b79581044dc628225b523d9c4e2072f1f97eb4f3c

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: text/css;charset=utf-8

GET
H2 200 jTCheVoF3kDb33lbKsCFGNYi4K4.js Show response
www.excellentravel.com/cdn-cgi/apps/body/ 27 KB
8 KB 428ms
427ms Script
application/javascript 2606:4700:3034::6818:7dd6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.excellentravel.com/cdn-cgi/apps/body/jTCheVoF3kDb33lbKsCFGNYi4K4.js
Requested by: Host: www.excellentravel.com
URL: https://www.excellentravel.com/cdn-cgi/apps/head/ibqGyNknIh-1t0ybguMSSP9OsH8.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6818:7dd6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ebb992e6b8bf0c5eb463de1705535872aff16f9bd675a9fff33ac25e050e18da

Request headers

Referer: https://www.excellentravel.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 19 Jul 2020 18:27:56 GMT
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: BT1WCTFV9QDPDQCJ
status: 200
x-amz-version-id: kn4LLcLFk7KWHyrkwd0PHh4AF5Ce5_wU
x-amz-id-2: 1fUiFq9eHWslZyaceUrpC/rd0DOprZNWlIstaxyKHQ5w/T8lFavxET70DN0KXKWSnR19HUHdErI=
last-modified: Sat, 04 Jul 2020 01:21:40 GMT
server: cloudflare
etag: W/"03a85264bbe7f165f0112c18cfd0cd39"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-request-id: 0409ee37990000969e6dbde200000001
cf-ray: 5b567fd28c47969e-FRA

GET
DATA 200
OK truncated
/ 2 KB
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0be5ab7a9de5e2340f137739809e35971b7825bc769ab138e6045544a5b37259

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: text/css;charset=utf-8

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 117 KB
42 KB 45ms
22ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9d45ceeab7b570e1d2bc653f4b6c66b41192e3c42ec4491c2a725547db042261

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.excellentravel.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 19 Jul 2020 18:27:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42344
x-xss-protection: 0
server: cafe
etag: 17287300223616214041
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 19 Jul 2020 18:27:56 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/es_ES/ 3 KB
2 KB 20ms
5ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/es_ES/sdk.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7ee175934abc1a85718ce2629a82199ff8c7cc424691a3043063caa44786c624

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.excellentravel.com/
Origin: https://www.excellentravel.com

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: PwPtJv9F+QkB1swtlzfqhQ==
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1779
etag: "6bbf3fa7cb7d47991321957bc590e6e4"
x-fb-debug: IIJEJ1ZZBx3qNVGgXbXlT21Dy2dPeBVKtD/1UK/VORr0Lo98nEQg4x8B6FLOZmC+CvctqDyL+HqJRHl7JOVtvQ==
x-fb-trip-id: 664085054
x-fb-content-md5: 12f947c816f3ead768f592a832867bb2
x-frame-options: DENY
date: Sun, 19 Jul 2020 18:27:56 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 19 Jul 2020 18:37:41 GMT

GET
H2 200 js Show response
www.paypal.com/sdk/ 260 KB
83 KB 749ms
747ms Script
application/javascript 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/sdk/js?client-id=AQePWR3MP_cIlHL0oM2nGk41p2plltpqJW-SPK-geug1EeoVXefciyz7keVrnbSHFcr8G2_eDW1knI6T

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

Resource Hash

735eed904f74b138c019534246a33d84fabf8105a9c877c73272fe30f7f4ed43

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; script-src 'nonce-vB6VdU+YX3jW6KuiGbzS4uIJ0xFtjk6RfCmWRWMjmavBM0Z4' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'nonce-vB6VdU+YX3jW6KuiGbzS4uIJ0xFtjk6RfCmWRWMjmavBM0Z4' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; block-all-mixed-content; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.excellentravel.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency: 356
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-vB6VdU+YX3jW6KuiGbzS4uIJ0xFtjk6RfCmWRWMjmavBM0Z4' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-vB6VdU+YX3jW6KuiGbzS4uIJ0xFtjk6RfCmWRWMjmavBM0Z4' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding: gzip
x-content-type-options: nosniff
x-edgeconnect-midmile-rtt: 0
p3p: true
status: 200
paypal-debug-id: fe6ebc19231fc
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 82800
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
date: Sun, 19 Jul 2020 18:27:57 GMT
strict-transport-security: max-age=63072000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=21600
etag: W/"14370-JYmg9r4WjE+wY2EClB9YNAqfDDw"
expires: Mon, 20 Jul 2020 00:27:57 GMT

GET
H2 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/4.3.1/js/ 57 KB
15 KB 9ms
8ms Script
text/javascript 2001:4de0:ac19::1:b:3b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Resource Hash

0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.excellentravel.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 19 Jul 2020 18:27:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Feb 2019 16:40:57 GMT
status: 200
etag: "1550076057"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 15434

GET
H2 200 popper.min.js Show response
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/ 21 KB
7 KB 16ms
15ms Script
application/javascript 2606:4700::6810:85e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/popper.min.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:85e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

66f3a07e1fa9b64a686b66381e4458dbc8abf3dbbff954720c4eec07b84411c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://www.excellentravel.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 19 Jul 2020 18:27:56 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 9145217
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0409ee3a0400001f3574971200000001
served-in-seconds: 0.002
timing-allow-origin: *
last-modified: Tue, 29 Jan 2019 12:15:56 GMT
server: cloudflare
etag: W/"5c5043fc-520c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
cf-ray: 5b567fd66b411f35-FRA
expires: Fri, 09 Jul 2021 18:27:56 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.4.1/ 86 KB
30 KB 28ms
6ms Script
text/javascript 2a00:1450:4001:814::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.excellentravel.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Jun 2020 13:11:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3215766
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30774
x-xss-protection: 0
last-modified: Mon, 13 May 2019 14:37:17 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 12 Jun 2021 13:11:50 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 117 KB
41 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9d45ceeab7b570e1d2bc653f4b6c66b41192e3c42ec4491c2a725547db042261

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.excellentravel.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 19 Jul 2020 18:27:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42344
x-xss-protection: 0
server: cafe
etag: 17287300223616214041
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 19 Jul 2020 18:27:58 GMT

GET
H2 200 pptm.js Show response
www.paypal.com/tagmanager/ 12 KB
6 KB 393ms
393ms Script
application/x-javascript 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/tagmanager/pptm.js?id=www.excellentravel.com&t=xo&v=5.0.138&source=payments_sdk&client_id=AQePWR3MP_cIlHL0oM2nGk41p2plltpqJW-SPK-geug1EeoVXefciyz7keVrnbSHFcr8G2_eDW1knI6T&vault=false

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AQePWR3MP_cIlHL0oM2nGk41p2plltpqJW-SPK-geug1EeoVXefciyz7keVrnbSHFcr8G2_eDW1knI6T

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

Resource Hash

7d42fd2cf7adef6e2ca9b9b706eef67e44e0f120c1435ea233807b8eda62fc55

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; script-src 'nonce-EV1ZSoQcw2wHSVKDmVps4scdyL1wFkPQ3SNGuCIBGdek3bcw' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://.paypalobjects.com https://.paypal.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://nexus.ensighten.com https://.google-analytics.com 'unsafe-inline'; form-action 'self' https://.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.excellentravel.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency: 319, 319
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-EV1ZSoQcw2wHSVKDmVps4scdyL1wFkPQ3SNGuCIBGdek3bcw' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline'; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding: gzip
x-content-type-options: nosniff
x-edgeconnect-midmile-rtt: 0, 0
status: 200
paypal-debug-id: 11854236befa8
dc: slc-b-origin-www-2.paypal.com
vary: Accept-Encoding
content-length: 4456
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
date: Sun, 19 Jul 2020 18:27:58 GMT
strict-transport-security: max-age=63072000
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=3600
etag: W/"310f-FGviSVLWgsmjFEfYfieMcNrYi0M"

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
887 B 36ms
15ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.excellentravel.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.excellentravel.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 19 Jul 2020 18:27:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
887 B 37ms
15ms Script
application/javascript 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.excellentravel.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.excellentravel.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 19 Jul 2020 18:27:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20200715/r20190131/ 220 KB
83 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20200715/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8e98d84da2424bc7e75d8816697cb36062860d91b3cfdcba1d5a3083d076e931

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.excellentravel.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 19 Jul 2020 18:27:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 84780
x-xss-protection: 0
server: cafe
etag: 2308157152436191864
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Jul 2020 18:27:58 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20200715/r20190131/ Frame 928E 0
0 27ms
6ms Document
text/html 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20200715/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20200715/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.excellentravel.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.excellentravel.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Sat, 18 Jul 2020 13:36:08 GMT
expires: Sat, 01 Aug 2020 13:36:08 GMT
content-type: text/html; charset=UTF-8
etag: 1809543571055990350
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4277
x-xss-protection: 0
cache-control: public, max-age=1209600
age: 103910
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 sdk.js Show response
connect.facebook.net/es_ES/ 198 KB
60 KB 7ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/es_ES/sdk.js?hash=445ffc72d9c7a364b6cc00f24afa506a&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/es_ES/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

484fc1112098340eacf0322ddbede33122c828cc62bffb0120287c97b3fceb44

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.excellentravel.com/
Origin: https://www.excellentravel.com

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: edIsuKUeEBznG2ZclamyaQ==
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 61086
etag: "3cb8b021494b1d9c125b2456db9a2e52"
x-fb-debug: 6zNcNZu4wNdqh6ITmaenPRFFnLsuqmdRU0sojoqQvN4mBPD1qX9BRPpjuDf5Ji+Bq/2zhTAWvVb6PDa8T3vn6A==
x-fb-trip-id: 664085054
x-fb-content-md5: 72ae8f0c5bf3cbe3a468aa11c5af392a
x-frame-options: DENY
date: Sun, 19 Jul 2020 18:27:58 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
expires: Mon, 19 Jul 2021 17:08:10 GMT

POST
H2 200 logger Show response
www.paypal.com/xoplatform/logger/api/ 2 B
1 KB 226ms
225ms XHR
application/json 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AQePWR3MP_cIlHL0oM2nGk41p2plltpqJW-SPK-geug1EeoVXefciyz7keVrnbSHFcr8G2_eDW1knI6T

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

/ Express

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

accept: application/json
Referer: https://www.excellentravel.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
content-type: application/json

Response headers

x-edgeconnect-origin-mex-latency: 52
date: Sun, 19 Jul 2020 18:27:58 GMT
x-content-type-options: nosniff
status: 200
x-powered-by: Express
strict-transport-security: max-age=63072000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.excellentravel.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-edgeconnect-midmile-rtt: 139
paypal-debug-id: 73d24bc86250d
dc: slc-b-origin-www-2.paypal.com
content-length: 2
etag: W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 10FB 0
0 53ms
52ms Document
text/html 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5416819712408858&output=html&adk=1812271804&adf=3025194257&lmt=1595183278&plat=1%3A32776%2C2%3A16809992%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fwww.excellentravel.com%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1595183278172&bpp=12&bdt=2657&idt=88&shv=r20200715&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=611797150624&frm=20&pv=2&ga_vid=1853632907.1595183278&ga_sid=1595183278&ga_hid=2123000682&ga_fc=0&iag=0&icsg=197141130&dssz=18&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066392%2C21066532&oid=3&pvsid=2225903990785209&pem=823&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=9232&bc=31&ifi=0&uci=a!0&fsb=1&dtd=104

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200715/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-5416819712408858&output=html&adk=1812271804&adf=3025194257&lmt=1595183278&plat=1%3A32776%2C2%3A16809992%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fwww.excellentravel.com%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1595183278172&bpp=12&bdt=2657&idt=88&shv=r20200715&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=611797150624&frm=20&pv=2&ga_vid=1853632907.1595183278&ga_sid=1595183278&ga_hid=2123000682&ga_fc=0&iag=0&icsg=197141130&dssz=18&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066392%2C21066532&oid=3&pvsid=2225903990785209&pem=823&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=9232&bc=31&ifi=0&uci=a!0&fsb=1&dtd=104
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.excellentravel.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.excellentravel.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 19 Jul 2020 18:27:58 GMT
server: cafe
content-length: 34
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 19-Jul-2020 18:42:58 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Sun, 19 Jul 2020 18:27:58 GMT
cache-control: private

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 7 KB
6 KB 35ms
17ms XHR
application/json 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20200715&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200715/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

97a59e5340377557941e29b9ad1936a298a40d0d1587f4b0832f91171cd501fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.excellentravel.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 19 Jul 2020 18:27:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 5694
x-xss-protection: 0

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
27 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200715/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c454e1fabc3c1f69a23adddf6731d3601848e1e0fbf7fe5ad91716c1ec88b79c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.excellentravel.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 19 Jul 2020 18:27:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1594985941960796"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 27217
x-xss-protection: 0
expires: Sun, 19 Jul 2020 18:27:58 GMT

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 5A50 0
0 518ms
517ms Document
text/html 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5416819712408858&output=html&h=90&slotname=7062134934&adk=282718226&adf=533964676&w=970&lmt=1595183278&rafmt=12&psa=0&guci=1.2.0.0.2.2.0.0&format=970x90&url=https%3A%2F%2Fwww.excellentravel.com%2F&flash=0&wgl=1&adsid=NT&dt=1595183278184&bpp=4&bdt=2669&idt=97&shv=r20200715&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=611797150624&frm=20&pv=1&ga_vid=1853632907.1595183278&ga_sid=1595183278&ga_hid=2123000682&ga_fc=0&iag=0&icsg=2344624778&dssz=19&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=266&ady=428&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066392%2C21066532&oid=3&pvsid=2225903990785209&pem=823&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=9488&bc=31&ifi=1&uci=a!1&fsb=1&xpc=c8kQdQRjYZ&p=https%3A//www.excellentravel.com&dtd=102

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200715/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-5416819712408858&output=html&h=90&slotname=7062134934&adk=282718226&adf=533964676&w=970&lmt=1595183278&rafmt=12&psa=0&guci=1.2.0.0.2.2.0.0&format=970x90&url=https%3A%2F%2Fwww.excellentravel.com%2F&flash=0&wgl=1&adsid=NT&dt=1595183278184&bpp=4&bdt=2669&idt=97&shv=r20200715&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=611797150624&frm=20&pv=1&ga_vid=1853632907.1595183278&ga_sid=1595183278&ga_hid=2123000682&ga_fc=0&iag=0&icsg=2344624778&dssz=19&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=266&ady=428&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066392%2C21066532&oid=3&pvsid=2225903990785209&pem=823&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=9488&bc=31&ifi=1&uci=a!1&fsb=1&xpc=c8kQdQRjYZ&p=https%3A//www.excellentravel.com&dtd=102
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.excellentravel.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.excellentravel.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 19 Jul 2020 18:27:58 GMT
server: cafe
content-length: 21829
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 19-Jul-2020 18:42:58 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Sun, 19 Jul 2020 18:27:58 GMT
cache-control: private

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 14 KB
6 KB 33ms
14ms Script
text/javascript 2a00:1450:4001:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200715/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.excellentravel.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 19 Jul 2020 18:27:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1591403518460474"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5540
x-xss-protection: 0
expires: Sun, 19 Jul 2020 18:27:58 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/210/ Frame A589 0
0 6ms
6ms Document
text/html 2a00:1450:4001:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/210/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.excellentravel.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.excellentravel.com/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4590
date: Sun, 19 Jul 2020 17:39:27 GMT
expires: Mon, 19 Jul 2021 17:39:27 GMT
last-modified: Wed, 26 Feb 2020 19:47:50 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 2911
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
120 B 40ms
40ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=210&t=2&li=gda_r20200715&jk=2225903990785209&bg=!QEOlQ1tYYkX8ynobOxUCAAAAQVIAAAAMCgAobeoStHIeQOAoBtttmVXz2ACr1GEyQ_lAx7AJdjEIo-Z1g3NMTMKIvpkBh-FkNK0qdbFv9J0G9Glas5ZbiycdlWrzrJ_vlXa59c9HV7adC3Q30val29rI2GiZb8c5SOCxWs6607_GNR-dxs-jNGr6LZujB77Pc2qAeV6gkkinT7vErFuy9FyChqonePMCC8QA-ojc73O0_AMrFnay7FAeVU0VYt-fSYwt21da6vVPt9LtysSB9Aa0Wj95ZXRm52EDLwgok48dSyc-BX7PLnTF3WgMP8qzPCzMlmF4U8Tg_CtoTIERq72iT-Ls5Z8gFBh7VU5f0JGnouP6Iy0_vcAdyd-L2cf6dOgcLfWNf-jfQ259cz9g-YSxKgd9qQAPlrayFHKQcmVzKsNJTs3UDXCe6el-h-hW7FqQVPP2HqJd4c70kgvC-WoR90uPzKX2WBlehYU7GBsELNqhyNHvkUdRik035CgDYiBzjnN22Rb1DcY8EX1f7YE_nJnlx1rkXBrqriRtUi9rZWKNVLStZCEmx0UZLPQpCv1r_YWuM4_XlOLCS-VHfkD-J5KDmuKnsLDen8s

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.excellentravel.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Jul 2020 18:27:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK ts
t.paypal.com/ 42 B
859 B 538ms
538ms Image
image/gif 23.8.7.81
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.paypal.com/ts?pgrp=muse%3Ageneric%3Aanalytics%3A%3Amerchant&page=muse%3Ageneric%3Aanalytics%3A%3Amerchant%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&fltp=analytics-generic&pt=ExcellenTravel&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&rosetta_language=en-US&e=im&t=1595183278557&g=-120&completeurl=https%3A%2F%2Fwww.excellentravel.com%2F&sinfo=%7B%22partners%22%3A%7B%22ecwid%22%3A%7B%7D%2C%22bigCommerce%22%3A%7B%7D%2C%22shopify%22%3A%7B%7D%2C%22wix%22%3A%7B%7D%2C%22bigCartel%22%3A%7B%7D%7D%7D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.8.7.81 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: akka-http/10.1.11 /
Resource Hash: 6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Request headers

Referer: https://www.excellentravel.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 19 Jul 2020 18:27:59 GMT
Server: akka-http/10.1.11
P3P: policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
HTTP_X_PP_AZ_LOCATOR: slcb.slc
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Sun, 19 Jul 2020 18:27:59 GMT

Verdicts & Comments Add Verdict or Comment

54 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.excellentravel.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: cf5239ed6b5aedf2a1892247646c87c4
			.excellentravel.com/	1970-01-19 11:49:35	Name: __cfduid Value: dba5e0cac7e9ad51f8f4d86746d1e70ac1595183274

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
afar-production.imgix.net
ajax.cloudflare.com
ajax.googleapis.com
blog.expedia.mx
cdn.civitatis.com
cdn.mexicodestinos.com
cdnjs.cloudflare.com
connect.facebook.net
excellentravel.com
googleads.g.doubleclick.net
i0.wp.com
img.gruporeforma.com
maxcdn.bootstrapcdn.com
media.tacdn.com
pagead2.googlesyndication.com
t.paypal.com
tpc.googlesyndication.com
upload.wikimedia.org
www.csttravels.com
www.eluniversal.com.mx
www.excellentravel.com
www.googletagservices.com
www.museosdemexico.com
www.paypal.com
www.skyballoons.mx
www.volarenglobo.com.mx
www.yocurvilinea.com.mx
www.zuritour.com
104.111.228.123
108.179.234.145
143.204.201.119
151.101.114.38
189.139.98.117
192.0.77.2
192.200.117.92
2001:4de0:ac19::1:b:3b
216.243.201.224
23.8.7.81
2606:4700:3034::6818:7dd6
2606:4700::6810:85e5
2606:4700::6810:8ee7
2620:0:862:ed1a::2:b
2a00:1450:4001:808::2002
2a00:1450:4001:814::200a
2a00:1450:4001:815::2002
2a00:1450:4001:825::2001
2a03:2880:f01c:8012:face:b00c:0:3
2a04:4e42:1b::720
35.244.219.136
38.68.51.227
50.31.174.56
66.33.208.154
68.232.34.114
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0852460bc1bda2a0ad0557f0ccbe3e5e6f431b3c45fe6dafa030e1e45626aa73
08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b
0be5ab7a9de5e2340f137739809e35971b7825bc769ab138e6045544a5b37259
0c6d599a5540d466ee1b060d005b1d688d722cf9db38bc8ac6d96ca813639a8f
0d61bc397025bed02196782fcb6edef2f458d87bd9d089ccd98acf31ddd10dab
172e067d70e508fab61c8196bcabc076fc5af03bb1a684a2c58f45357f8c95d8
1cc5838ce2c9c7a29953bfff7102ce55016f57f013584a310b58574dcbb07e26
1eb3ea12f99f04cdf6f9b2b694e1b9f71e9a4aeeb542d20f449a4d1f55bdf8e2
43e9d2fec1da95583edc97ae47a006d75b0a3038396e7a8017de9aa349d96467
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
484fc1112098340eacf0322ddbede33122c828cc62bffb0120287c97b3fceb44
48b659d13283f13dcdcd825b918478d18066530d3546ce82cbf087a4672bc250
4c9b0117edbd9cf82101184da5dfd5ab2ca6be157bbc32eca0e69adf04890a54
509d0f0d58482171ea2f044821f92c6e345c31a70851f8780488d4a4b4880e55
51080213d1357f671fbc5b9b2b1b7f59c7bedadad801aed1ab55f45627c574f4
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
65132af33a99b8f3b973517048db668e95030b2367c01db7440bc2b5afd9eb54
66f3a07e1fa9b64a686b66381e4458dbc8abf3dbbff954720c4eec07b84411c2
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
735eed904f74b138c019534246a33d84fabf8105a9c877c73272fe30f7f4ed43
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7d42fd2cf7adef6e2ca9b9b706eef67e44e0f120c1435ea233807b8eda62fc55
7ee175934abc1a85718ce2629a82199ff8c7cc424691a3043063caa44786c624
83be94f02cd7e4c22e2f2a0a9e65884dca516ae0baf8c2f633af67b118c30928
8a3d777769b96915629920610c41e6d15867b5c684547ee89de888ab4c535e98
8ad3394bc7b19bb942bc5d045ae5e73c94373873b031b87d4c224e0ab1d04677
8b44e7649bb13b666c5d7f5c6c517475662d835460924b73c4e39db09ac61709
8e98d84da2424bc7e75d8816697cb36062860d91b3cfdcba1d5a3083d076e931
8f3c415c0594964e2d62c49b79581044dc628225b523d9c4e2072f1f97eb4f3c
97a59e5340377557941e29b9ad1936a298a40d0d1587f4b0832f91171cd501fc
9abcccbed94d0d0e340c68a89fee7a6f6987d279cb3e68baadcdb3a40414a744
9d45ceeab7b570e1d2bc653f4b6c66b41192e3c42ec4491c2a725547db042261
a9b3630dbac3886122584a1243fd60b2b736cee26bc1a2f8704185503bda771f
aef81cecd337dae75e64ec22e694966e144017d08ad7a3e255c96c8dd6158d8d
b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e
b35f30e38f3060886051b18f6c4ad16c6755d71e1f3c7e51cd2254c6c5e268ec
c454e1fabc3c1f69a23adddf6731d3601848e1e0fbf7fe5ad91716c1ec88b79c
c52ea4b46ef0fed5af6068c0b3aee579e4c6172f1a9a8cda18c452dee3fb0b2a
c61e055ebc37cda2be75aecced2c2c78d7e698a5e55bdf48ea3bb255024734d9
ce3e4db33b4f23345df9cdacf67d60c0e9a066d514cc70a02faae3e70bc2c6da
dad645b91702f43bdff9462cac1f0c62809417c176d53840cf6703dca48f3d33
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ebb992e6b8bf0c5eb463de1705535872aff16f9bd675a9fff33ac25e050e18da
fb48b2c51979f7fa4ebb30a2669d3d523e277e791914a41563fefa0bb87686f0
fe16c5f5569d0b1d897cfaba0c648a11cdf95e1da9ea971d21a0f05dc352d9f6

www.excellentravel.com Open in urlscan Pro 2606:4700:3034::6818:7dd6 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

53 Requests

100 %HTTPS

44 %IPv6

26 Domains

30 Subdomains

26 IPs

6 Countries

3937 kBTransfer

4935 kBSize

2 Cookies

1 Outgoing links

Page URL History

Redirected requests

53 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.excellentravel.com Open in urlscan Pro
2606:4700:3034::6818:7dd6 Public Scan

Screenshot
Live screenshot

Full Image

53
Requests

100 %
HTTPS

44 %
IPv6

26
Domains

30
Subdomains

26
IPs

6
Countries

3937 kB
Transfer

4935 kB
Size

2
Cookies

53 HTTP transactions
2 data transactions