Submitted URL: https://newsletter.lturpost.com/m/200/2?c=1338&m=AT&u=d31bbc8AB12ABCDEFGHIJKLMNOPQ7e06cc6a18c704b7b18cd04aea428a215386&ca=61f921...
Effective URL: https://www.ltur.com/at/urlaub/hotel-h10-ocean-dreams-432627?adults=2&airports=VIE&dclid=CI2vuKzzvvgCFbaQ_Qcd0GsGHw&d...
Submission: On June 21 via api from CH — Scanned from DE

Summary

This website contacted 9 IPs in 2 countries across 7 domains to perform 46 HTTP transactions. The main IP is 3.66.60.183, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is www.ltur.com.
TLS certificate: Issued by Thawte EV RSA CA G2 on April 8th 2022. Valid for: a year.
This is the only time www.ltur.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
21 iadvize.com
halc.iadvize.com — Cisco Umbrella Rank: 29344
api.iadvize.com — Cisco Umbrella Rank: 29976
152 KB
17 ltur.com
www.ltur.com
gips.ltur.com
sgtm.ltur.com
images.ltur.com
695 KB
8 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 489
133 KB
3 google.com
maps.google.com — Cisco Umbrella Rank: 1788
175 KB
1 googleapis.com
maps.googleapis.com — Cisco Umbrella Rank: 356
448 B
1 doubleclick.net
ad.doubleclick.net — Cisco Umbrella Rank: 203
1005 B
1 lturpost.com
newsletter.lturpost.com
1 KB
46 7
Domain Requested by
19 halc.iadvize.com 1 redirects halc.iadvize.com
12 www.ltur.com 3 redirects www.ltur.com
8 cdn.cookielaw.org www.ltur.com
cdn.cookielaw.org
3 sgtm.ltur.com www.ltur.com
3 maps.google.com www.ltur.com
maps.google.com
2 api.iadvize.com halc.iadvize.com
1 images.ltur.com www.ltur.com
1 maps.googleapis.com maps.google.com
1 gips.ltur.com www.ltur.com
1 ad.doubleclick.net 1 redirects
1 newsletter.lturpost.com 1 redirects
46 11
Subject Issuer Validity Valid
www.ltur.com
Thawte EV RSA CA G2
2022-04-08 -
2023-04-11
a year crt.sh
cookielaw.org
Cloudflare Inc ECC CA-3
2022-05-01 -
2023-05-01
a year crt.sh
*.google.com
GTS CA 1C3
2022-05-30 -
2022-08-22
3 months crt.sh
sgtm.ltur.com
GTS CA 1D4
2022-05-12 -
2022-08-10
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2022-06-06 -
2022-08-29
3 months crt.sh
*.iadvize.com
Amazon
2022-01-19 -
2023-02-17
a year crt.sh

This page contains 3 frames:

Primary Page: https://www.ltur.com/at/urlaub/hotel-h10-ocean-dreams-432627?adults=2&airports=VIE&dclid=CI2vuKzzvvgCFbaQ_Qcd0GsGHw&departureDate=2022-06-28&duration=10707&language=de&noOpenJaw=true&options=1402&returnDate=2022-07-05&tourOperatorCodes=TUR3&utm_campaign=reisepost_at&utm_content=product-bestprice-regional&utm_medium=email_intern&utm_source=ltur&utm_term=FUE_432627
Frame ID: 28D81BE24D778DE22BA68C18C4084FAB
Requests: 41 HTTP requests in this frame

Frame: https://halc.iadvize.com/storage.php?type=local&n=1&o=https://www.ltur.com
Frame ID: D8175E9476354B4129A4DD05FD7B6698
Requests: 1 HTTP requests in this frame

Frame: https://halc.iadvize.com/static/livechat/f88065ae4ecf2bb20b073f000b1f6b64458fd6f3/orchestrator.js
Frame ID: FAA098B241A32E3BC6A1BB4C7F0B9C74
Requests: 3 HTTP requests in this frame

Screenshot

Page Title

Hotel H10 Ocean Dreams Corralejo Urlaub inkl. Flug » lturBack ButtonSearch IconFilter Icon

Page URL History Show full URLs

  1. https://newsletter.lturpost.com/m/200/2?c=1338&m=AT&u=d31bbc8AB12ABCDEFGHIJKLMNOPQ7e06cc6a18c704b7b18cd04aea... HTTP 302
    https://ad.doubleclick.net/ddm/clk/462846241;268095490;p?http://www.ltur.com/at/last-minute/--432627?bo... HTTP 302
    http://www.ltur.com/at/last-minute/--432627?bookingType=package&offerType=classic&language=de&to... HTTP 301
    https://www.ltur.com/at/last-minute/--432627?bookingType=package&offerType=classic&language=de&to... HTTP 308
    https://www.ltur.com/at/urlaub/--432627?language=de&tourOperatorCodes=TUR3&adults=2&departureDate... HTTP 301
    https://www.ltur.com/at/urlaub/hotel-h10-ocean-dreams-432627?adults=2&airports=VIE&dclid=CI2vuKzz... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //maps\.google(?:apis)?\.com/maps/api/js

Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->

Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js

Page Statistics

46
Requests

98 %
HTTPS

55 %
IPv6

7
Domains

11
Subdomains

9
IPs

2
Countries

1154 kB
Transfer

4465 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://newsletter.lturpost.com/m/200/2?c=1338&m=AT&u=d31bbc8AB12ABCDEFGHIJKLMNOPQ7e06cc6a18c704b7b18cd04aea428a215386&ca=61f921752100d22eefccbda5&cc=62a9e8cf8dfd261f86b85a4f&l=product-bestprice-regional&pp=0x1*TUR3*2**2022-06-28*2022-07-05*7*VIE*FUE*432627*FUE24030*4.0*AT04-BRO1+ST04-DO*GT13-COVI_AT13-DIRE+GT13-GASI+GT13-GAVI_AT13-DIRE+GT13-STSI*GT06-BB*GT07-TUI2+TR*EUR*1994.0*997.0&h=2f51f09b6c&r=https%3A%2F%2Fad.doubleclick.net%2Fddm%2Fclk%2F462846241%3B268095490%3Bp%3Fhttp%3A%2F%2Fwww.ltur.com%2Fat%2Flast-minute%2F--432627%3FbookingType%3Dpackage%26offerType%3Dclassic%26language%3Dde%26tourOperators%3DTUR3%26travellers%5Badults%5D%3D2%26departureDate%3D2022-06-28%26exactDepartureDate%3Dtrue%26returnDate%3D2022-07-05%26exactReturnDate%3Dtrue%26duration%3D7%26departureAirports%3DVIE%26board%3DGT06-BB%26ignoreOpenJaw%3D1%26utm_campaign%3Dreisepost_at%26utm_source%3Dltur%26utm_medium%3Demail_intern%26utm_term%3DFUE_432627%26utm_content%3Dproduct-bestprice-regional HTTP 302
    https://ad.doubleclick.net/ddm/clk/462846241;268095490;p?http://www.ltur.com/at/last-minute/--432627?bookingType=package&offerType=classic&language=de&tourOperators=TUR3&travellers[adults]=2&departureDate=2022-06-28&exactDepartureDate=true&returnDate=2022-07-05&exactReturnDate=true&duration=7&departureAirports=VIE&board=GT06-BB&ignoreOpenJaw=1&utm_campaign=reisepost_at&utm_source=ltur&utm_medium=email_intern&utm_term=FUE_432627&utm_content=product-bestprice-regional HTTP 302
    http://www.ltur.com/at/last-minute/--432627?bookingType=package&offerType=classic&language=de&tourOperators=TUR3&travellers[adults]=2&departureDate=2022-06-28&exactDepartureDate=true&returnDate=2022-07-05&exactReturnDate=true&duration=7&departureAirports=VIE&board=GT06-BB&ignoreOpenJaw=1&utm_campaign=reisepost_at&utm_source=ltur&utm_medium=email_intern&utm_term=FUE_432627&utm_content=product-bestprice-regional&dclid=CI2vuKzzvvgCFbaQ_Qcd0GsGHw HTTP 301
    https://www.ltur.com/at/last-minute/--432627?bookingType=package&offerType=classic&language=de&tourOperators=TUR3&travellers[adults]=2&departureDate=2022-06-28&exactDepartureDate=true&returnDate=2022-07-05&exactReturnDate=true&duration=7&departureAirports=VIE&board=GT06-BB&ignoreOpenJaw=1&utm_campaign=reisepost_at&utm_source=ltur&utm_medium=email_intern&utm_term=FUE_432627&utm_content=product-bestprice-regional&dclid=CI2vuKzzvvgCFbaQ_Qcd0GsGHw HTTP 308
    https://www.ltur.com/at/urlaub/--432627?language=de&tourOperatorCodes=TUR3&adults=2&departureDate=2022-06-28&returnDate=2022-07-05&duration=10707&airports=VIE&options=1402&noOpenJaw=true&utm_campaign=reisepost_at&utm_source=ltur&utm_medium=email_intern&utm_term=FUE_432627&utm_content=product-bestprice-regional&dclid=CI2vuKzzvvgCFbaQ_Qcd0GsGHw HTTP 301
    https://www.ltur.com/at/urlaub/hotel-h10-ocean-dreams-432627?adults=2&airports=VIE&dclid=CI2vuKzzvvgCFbaQ_Qcd0GsGHw&departureDate=2022-06-28&duration=10707&language=de&noOpenJaw=true&options=1402&returnDate=2022-07-05&tourOperatorCodes=TUR3&utm_campaign=reisepost_at&utm_content=product-bestprice-regional&utm_medium=email_intern&utm_source=ltur&utm_term=FUE_432627 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 21
  • https://halc.iadvize.com/iadvize.js?sid=6273 HTTP 302
  • https://halc.iadvize.com/static/livechat/f88065ae4ecf2bb20b073f000b1f6b64458fd6f3/live.js

46 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request hotel-h10-ocean-dreams-432627
www.ltur.com/at/urlaub/
Redirect Chain
  • https://newsletter.lturpost.com/m/200/2?c=1338&m=AT&u=d31bbc8AB12ABCDEFGHIJKLMNOPQ7e06cc6a18c704b7b18cd04aea428a215386&ca=61f921752100d22eefccbda5&cc=62a9e8cf8dfd261f86b85a4f&l=product-bestprice-re...
  • https://ad.doubleclick.net/ddm/clk/462846241;268095490;p?http://www.ltur.com/at/last-minute/--432627?bookingType=package&offerType=classic&language=de&tourOperators=TUR3&travellers[adults]=2&depart...
  • http://www.ltur.com/at/last-minute/--432627?bookingType=package&offerType=classic&language=de&tourOperators=TUR3&travellers[adults]=2&departureDate=2022-06-28&exactDepartureDate=true&returnDate=202...
  • https://www.ltur.com/at/last-minute/--432627?bookingType=package&offerType=classic&language=de&tourOperators=TUR3&travellers[adults]=2&departureDate=2022-06-28&exactDepartureDate=true&returnDate=20...
  • https://www.ltur.com/at/urlaub/--432627?language=de&tourOperatorCodes=TUR3&adults=2&departureDate=2022-06-28&returnDate=2022-07-05&duration=10707&airports=VIE&options=1402&noOpenJaw=true&utm_campai...
  • https://www.ltur.com/at/urlaub/hotel-h10-ocean-dreams-432627?adults=2&airports=VIE&dclid=CI2vuKzzvvgCFbaQ_Qcd0GsGHw&departureDate=2022-06-28&duration=10707&language=de&noOpenJaw=true&options=1402&r...
552 KB
30 KB
Document
General
Full URL
https://www.ltur.com/at/urlaub/hotel-h10-ocean-dreams-432627?adults=2&airports=VIE&dclid=CI2vuKzzvvgCFbaQ_Qcd0GsGHw&departureDate=2022-06-28&duration=10707&language=de&noOpenJaw=true&options=1402&returnDate=2022-07-05&tourOperatorCodes=TUR3&utm_campaign=reisepost_at&utm_content=product-bestprice-regional&utm_medium=email_intern&utm_source=ltur&utm_term=FUE_432627
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.66.60.183 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-60-183.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
d59c50f800fa0ab265ee2d7bf8a154785b11bc6380adee5058882134d52555e2

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
public, max-age=3600
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 21 Jun 2022 15:52:35 GMT
server
nginx
vary
Accept-Encoding
x-cache-status
STALE
x-profile
srv:1

Redirect headers

cache-control
public, max-age=3600
content-type
text/html; charset=UTF-8
date
Tue, 21 Jun 2022 15:52:35 GMT
location
https://www.ltur.com/at/urlaub/hotel-h10-ocean-dreams-432627?adults=2&airports=VIE&dclid=CI2vuKzzvvgCFbaQ_Qcd0GsGHw&departureDate=2022-06-28&duration=10707&language=de&noOpenJaw=true&options=1402&returnDate=2022-07-05&tourOperatorCodes=TUR3&utm_campaign=reisepost_at&utm_content=product-bestprice-regional&utm_medium=email_intern&utm_source=ltur&utm_term=FUE_432627
server
nginx
x-cache-status
MISS
x-profile
srv:1
otSDKStub.js
cdn.cookielaw.org/scripttemplates/
20 KB
7 KB
Script
General
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: www.ltur.com
URL: https://www.ltur.com/at/urlaub/hotel-h10-ocean-dreams-432627?adults=2&airports=VIE&dclid=CI2vuKzzvvgCFbaQ_Qcd0GsGHw&departureDate=2022-06-28&duration=10707&language=de&noOpenJaw=true&options=1402&returnDate=2022-07-05&tourOperatorCodes=TUR3&utm_campaign=reisepost_at&utm_content=product-bestprice-regional&utm_medium=email_intern&utm_source=ltur&utm_term=FUE_432627
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a6622bbfd2f4017f391cae1040e22f99a923116427a0ccb25543581f5d92257
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ltur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 21 Jun 2022 15:52:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
jaQOgzI9+ZkWZRPB/GIusQ==
age
12507
vary
Accept-Encoding
content-length
6921
x-ms-lease-status
unlocked
last-modified
Mon, 20 Jun 2022 02:30:24 GMT
server
cloudflare
etag
0x8DA5264D4970233
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
5bc800a0-c01e-002d-3450-845b26000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
71ede9890cbfcc62-ZRH
hoteldetail.js
www.ltur.com/assets/2019/bundles/lturapp/js/layout2019/
1 MB
269 KB
Script
General
Full URL
https://www.ltur.com/assets/2019/bundles/lturapp/js/layout2019/hoteldetail.js?v=feb9bc45db
Requested by
Host: www.ltur.com
URL: https://www.ltur.com/at/urlaub/hotel-h10-ocean-dreams-432627?adults=2&airports=VIE&dclid=CI2vuKzzvvgCFbaQ_Qcd0GsGHw&departureDate=2022-06-28&duration=10707&language=de&noOpenJaw=true&options=1402&returnDate=2022-07-05&tourOperatorCodes=TUR3&utm_campaign=reisepost_at&utm_content=product-bestprice-regional&utm_medium=email_intern&utm_source=ltur&utm_term=FUE_432627
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.66.60.183 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-60-183.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
da247006356fd6d32101f3fe197aad6851e6d7a45f093e515555ab358a71c254
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ltur.com/at/urlaub/hotel-h10-ocean-dreams-432627?adults=2&airports=VIE&dclid=CI2vuKzzvvgCFbaQ_Qcd0GsGHw&departureDate=2022-06-28&duration=10707&language=de&noOpenJaw=true&options=1402&returnDate=2022-07-05&tourOperatorCodes=TUR3&utm_campaign=reisepost_at&utm_content=product-bestprice-regional&utm_medium=email_intern&utm_source=ltur&utm_term=FUE_432627
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 15:52:35 GMT
content-encoding
gzip
last-modified
Wed, 15 Jun 2022 08:55:08 GMT
server
nginx
etag
W/"11f314-5e178ad937300"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=300
strict-transport-security
max-age=31536000; preload
x-xss-protection
1; mode=block
expires
Tue, 21 Jun 2022 15:57:35 GMT
js
maps.google.com/maps/api/
159 KB
53 KB
Script
General
Full URL
https://maps.google.com/maps/api/js?v=3&key=AIzaSyCkDQ-asOCYCAuVDIrfKjqHJrH0yM_K82w&channel=ltur.com
Requested by
Host: www.ltur.com
URL: https://www.ltur.com/at/urlaub/hotel-h10-ocean-dreams-432627?adults=2&airports=VIE&dclid=CI2vuKzzvvgCFbaQ_Qcd0GsGHw&departureDate=2022-06-28&duration=10707&language=de&noOpenJaw=true&options=1402&returnDate=2022-07-05&tourOperatorCodes=TUR3&utm_campaign=reisepost_at&utm_content=product-bestprice-regional&utm_medium=email_intern&utm_source=ltur&utm_term=FUE_432627
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
mafe /
Resource Hash
741f3b322a7fe55924aa16c33994812067970422f874a5d21b413e5721d038ea
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ltur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 15:52:36 GMT
content-encoding
gzip
vary
Accept-Language
server
mafe
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1800
cross-origin-resource-policy
cross-origin
server-timing
gfet4t7; dur=15
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53370
x-xss-protection
0
expires
Tue, 21 Jun 2022 16:22:36 GMT
hotel-detail-critical.css
www.ltur.com/assets/2019/bundles/lturapp/css/layout2019/
574 B
571 B
Stylesheet
General
Full URL
https://www.ltur.com/assets/2019/bundles/lturapp/css/layout2019/hotel-detail-critical.css?v=feb9bc45db
Requested by
Host: www.ltur.com
URL: https://www.ltur.com/at/urlaub/hotel-h10-ocean-dreams-432627?adults=2&airports=VIE&dclid=CI2vuKzzvvgCFbaQ_Qcd0GsGHw&departureDate=2022-06-28&duration=10707&language=de&noOpenJaw=true&options=1402&returnDate=2022-07-05&tourOperatorCodes=TUR3&utm_campaign=reisepost_at&utm_content=product-bestprice-regional&utm_medium=email_intern&utm_source=ltur&utm_term=FUE_432627
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.66.60.183 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-60-183.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
219dab75a9f779877d4bbd49dc6fa501fe85c5957238d9cca84cdb55a7f9bbdd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ltur.com/at/urlaub/hotel-h10-ocean-dreams-432627?adults=2&airports=VIE&dclid=CI2vuKzzvvgCFbaQ_Qcd0GsGHw&departureDate=2022-06-28&duration=10707&language=de&noOpenJaw=true&options=1402&returnDate=2022-07-05&tourOperatorCodes=TUR3&utm_campaign=reisepost_at&utm_content=product-bestprice-regional&utm_medium=email_intern&utm_source=ltur&utm_term=FUE_432627
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 15:52:35 GMT
content-encoding
gzip
last-modified
Wed, 15 Jun 2022 08:53:23 GMT
server
nginx
etag
W/"23e-5e178a75146c0"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=300
strict-transport-security
max-age=31536000; preload
x-xss-protection
1; mode=block
expires
Tue, 21 Jun 2022 15:57:35 GMT
hotel-detail-uncritical.css
www.ltur.com/assets/2019/bundles/lturapp/css/layout2019/
378 KB
50 KB
Stylesheet
General
Full URL
https://www.ltur.com/assets/2019/bundles/lturapp/css/layout2019/hotel-detail-uncritical.css?v=feb9bc45db
Requested by
Host: www.ltur.com
URL: https://www.ltur.com/at/urlaub/hotel-h10-ocean-dreams-432627?adults=2&airports=VIE&dclid=CI2vuKzzvvgCFbaQ_Qcd0GsGHw&departureDate=2022-06-28&duration=10707&language=de&noOpenJaw=true&options=1402&returnDate=2022-07-05&tourOperatorCodes=TUR3&utm_campaign=reisepost_at&utm_content=product-bestprice-regional&utm_medium=email_intern&utm_source=ltur&utm_term=FUE_432627
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.66.60.183 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-60-183.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
18d3ee40aa93a40cda7b0072a97aeeed739083b3e1d8e4260e9437089a698e3a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ltur.com/at/urlaub/hotel-h10-ocean-dreams-432627?adults=2&airports=VIE&dclid=CI2vuKzzvvgCFbaQ_Qcd0GsGHw&departureDate=2022-06-28&duration=10707&language=de&noOpenJaw=true&options=1402&returnDate=2022-07-05&tourOperatorCodes=TUR3&utm_campaign=reisepost_at&utm_content=product-bestprice-regional&utm_medium=email_intern&utm_source=ltur&utm_term=FUE_432627
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 15:52:35 GMT
content-encoding
gzip
last-modified
Wed, 15 Jun 2022 08:53:26 GMT
server
nginx
etag
W/"5e89e-5e178a77f0d80"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=300
strict-transport-security
max-age=31536000; preload
x-xss-protection
1; mode=block
expires
Tue, 21 Jun 2022 15:57:35 GMT
hoteldetail.css
www.ltur.com/assets/2019/bundles/lturapp/js/layout2019/
73 KB
21 KB
Stylesheet
General
Full URL
https://www.ltur.com/assets/2019/bundles/lturapp/js/layout2019/hoteldetail.css?v=feb9bc45db
Requested by
Host: www.ltur.com
URL: https://www.ltur.com/at/urlaub/hotel-h10-ocean-dreams-432627?adults=2&airports=VIE&dclid=CI2vuKzzvvgCFbaQ_Qcd0GsGHw&departureDate=2022-06-28&duration=10707&language=de&noOpenJaw=true&options=1402&returnDate=2022-07-05&tourOperatorCodes=TUR3&utm_campaign=reisepost_at&utm_content=product-bestprice-regional&utm_medium=email_intern&utm_source=ltur&utm_term=FUE_432627
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.66.60.183 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-60-183.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
db6db642e3272db409d2ff4b82ed52c8e2114a9093a383ad33825f7b1672f719
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ltur.com/at/urlaub/hotel-h10-ocean-dreams-432627?adults=2&airports=VIE&dclid=CI2vuKzzvvgCFbaQ_Qcd0GsGHw&departureDate=2022-06-28&duration=10707&language=de&noOpenJaw=true&options=1402&returnDate=2022-07-05&tourOperatorCodes=TUR3&utm_campaign=reisepost_at&utm_content=product-bestprice-regional&utm_medium=email_intern&utm_source=ltur&utm_term=FUE_432627
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 15:52:35 GMT
content-encoding
gzip
last-modified
Wed, 15 Jun 2022 08:55:08 GMT
server
nginx
etag
W/"125bc-5e178ad937300"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=300
strict-transport-security
max-age=31536000; preload
x-xss-protection
1; mode=block
expires
Tue, 21 Jun 2022 15:57:35 GMT
dcf0dc3e-3501-4c1d-9141-a1a01728d627.jpg
gips.ltur.com/gips/scalr/671x380/pics.tui.com/pics/pics1600x1200/tui/d/
44 KB
44 KB
Image
General
Full URL
https://gips.ltur.com/gips/scalr/671x380/pics.tui.com/pics/pics1600x1200/tui/d/dcf0dc3e-3501-4c1d-9141-a1a01728d627.jpg
Requested by
Host: www.ltur.com
URL: https://www.ltur.com/at/urlaub/hotel-h10-ocean-dreams-432627?adults=2&airports=VIE&dclid=CI2vuKzzvvgCFbaQ_Qcd0GsGHw&departureDate=2022-06-28&duration=10707&language=de&noOpenJaw=true&options=1402&returnDate=2022-07-05&tourOperatorCodes=TUR3&utm_campaign=reisepost_at&utm_content=product-bestprice-regional&utm_medium=email_intern&utm_source=ltur&utm_term=FUE_432627
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:1a00:6:f45f:8400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
b1fb902ac6e68a8f6d9fa5590d0e95e95b3f7d0d0f09c87cf0e2ff256515c529
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ltur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 05:29:03 GMT
via
1.1 632ee301c4920b52f2463aa9e978c57e.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
37413
x-cache
Hit from cloudfront
vary
Origin
content-length
44938
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 21 Jun 2022 05:29:03 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
content-type
image/jpeg
cache-control
max-age=86400, must-revalidate
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
pC5TLrO9DGzcgVx3epwRvDXtlY35ICiOfCVdC2el6Nd5PyBJZBdUIQ==
expires
Wed, 22 Jun 2022 05:29:03 GMT
20854f10-7ad6-4569-a5bd-ffe938cec6b8.json
cdn.cookielaw.org/consent/20854f10-7ad6-4569-a5bd-ffe938cec6b8/
3 KB
2 KB
XHR
General
Full URL
https://cdn.cookielaw.org/consent/20854f10-7ad6-4569-a5bd-ffe938cec6b8/20854f10-7ad6-4569-a5bd-ffe938cec6b8.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2edf1c8604593b5a05d40e15b83fe775f4e15df4f546a8e87757b9b3c7759320
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ltur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 21 Jun 2022 15:52:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
TZd0Szv+UddSvUl4Ak/Eug==
age
11376
vary
Accept-Encoding
content-length
1305
x-ms-lease-status
unlocked
last-modified
Wed, 16 Feb 2022 11:32:06 GMT
server
cloudflare
etag
0x8D9F13FF63724B9
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
2b44f0f8-901e-00d0-6628-236444000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
71ede9895e7fcc56-ZRH
expires
Tue, 21 Jun 2022 19:52:36 GMT
gtm.js
sgtm.ltur.com/
366 KB
113 KB
Script
General
Full URL
https://sgtm.ltur.com/gtm.js?id=GTM-MWCRQ4
Requested by
Host: www.ltur.com
URL: https://www.ltur.com/at/urlaub/hotel-h10-ocean-dreams-432627?adults=2&airports=VIE&dclid=CI2vuKzzvvgCFbaQ_Qcd0GsGHw&departureDate=2022-06-28&duration=10707&language=de&noOpenJaw=true&options=1402&returnDate=2022-07-05&tourOperatorCodes=TUR3&utm_campaign=reisepost_at&utm_content=product-bestprice-regional&utm_medium=email_intern&utm_source=ltur&utm_term=FUE_432627
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.21 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
any-in-2015.1e100.net
Software
/
Resource Hash
84a51baa8e3815d0e9ce52c05f2866efb8108bfc038983b3ddc65cecd5a31973

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ltur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 15:52:36 GMT
via
1.1 google
last-modified
Tue, 21 Jun 2022 15:00:00 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
private, max-age=450
content-encoding
gzip
expires
Tue, 21 Jun 2022 15:54:26 GMT
icons.svg
www.ltur.com/img/
119 KB
42 KB
Other
General
Full URL
https://www.ltur.com/img/icons.svg
Requested by
Host: www.ltur.com
URL: https://www.ltur.com/at/urlaub/hotel-h10-ocean-dreams-432627?adults=2&airports=VIE&dclid=CI2vuKzzvvgCFbaQ_Qcd0GsGHw&departureDate=2022-06-28&duration=10707&language=de&noOpenJaw=true&options=1402&returnDate=2022-07-05&tourOperatorCodes=TUR3&utm_campaign=reisepost_at&utm_content=product-bestprice-regional&utm_medium=email_intern&utm_source=ltur&utm_term=FUE_432627
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.66.60.183 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-60-183.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1a6a1c082772e0600388e060f3a011ca2fc8922d44ae2247415700ad9f9426e0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ltur.com/at/urlaub/hotel-h10-ocean-dreams-432627?adults=2&airports=VIE&dclid=CI2vuKzzvvgCFbaQ_Qcd0GsGHw&departureDate=2022-06-28&duration=10707&language=de&noOpenJaw=true&options=1402&returnDate=2022-07-05&tourOperatorCodes=TUR3&utm_campaign=reisepost_at&utm_content=product-bestprice-regional&utm_medium=email_intern&utm_source=ltur&utm_term=FUE_432627
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 15:52:36 GMT
content-encoding
gzip
last-modified
Wed, 15 Jun 2022 08:53:12 GMT
server
nginx
etag
W/"1dcc8-5e178a6a96e00"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000, public
expires
Wed, 21 Jun 2023 15:52:36 GMT
dinnextltpro-regular.woff2
www.ltur.com/bundles/lturapp/css/fonts/
46 KB
46 KB
Font
General
Full URL
https://www.ltur.com/bundles/lturapp/css/fonts/dinnextltpro-regular.woff2
Requested by
Host: www.ltur.com
URL: https://www.ltur.com/assets/2019/bundles/lturapp/css/layout2019/hotel-detail-uncritical.css?v=feb9bc45db
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.66.60.183 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-60-183.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
5659bc9aef68a211ef993489359c1385d427f0b78f9e512f85d4510af361ed38

Request headers

Referer
https://www.ltur.com/assets/2019/bundles/lturapp/css/layout2019/hotel-detail-uncritical.css?v=feb9bc45db
Origin
https://www.ltur.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 15:52:36 GMT
last-modified
Wed, 15 Jun 2022 08:51:36 GMT
server
nginx
etag
"b712-5e178a0f09600"
access-control-allow-origin
*
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
46866
expires
Wed, 21 Jun 2023 15:52:36 GMT
dinnextltpro-bold.woff2
www.ltur.com/bundles/lturapp/css/fonts/
36 KB
36 KB
Font
General
Full URL
https://www.ltur.com/bundles/lturapp/css/fonts/dinnextltpro-bold.woff2
Requested by
Host: www.ltur.com
URL: https://www.ltur.com/assets/2019/bundles/lturapp/css/layout2019/hotel-detail-uncritical.css?v=feb9bc45db
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.66.60.183 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-60-183.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
cad0f15cc22f606b7346f0273f672ec76a55ad94bdaaffb80696cc7b5e56daf9

Request headers

Referer
https://www.ltur.com/assets/2019/bundles/lturapp/css/layout2019/hotel-detail-uncritical.css?v=feb9bc45db
Origin
https://www.ltur.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 15:52:36 GMT
last-modified
Wed, 15 Jun 2022 08:51:36 GMT
server
nginx
etag
"8ed6-5e178a0f09600"
access-control-allow-origin
*
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
36566
expires
Wed, 21 Jun 2023 15:52:36 GMT
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/6.25.0/
318 KB
76 KB
Script
General
Full URL
https://cdn.cookielaw.org/scripttemplates/6.25.0/otBannerSdk.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe035b6ff2394b9fc9b4dad0acc9050d633269a5efa7cfeac7e6b8fdc12b7065
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ltur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 21 Jun 2022 15:52:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
wv3c0qnkBhaWE//T4i2BGA==
age
21224672
vary
Accept-Encoding
content-length
77456
x-ms-lease-status
unlocked
last-modified
Thu, 14 Oct 2021 05:25:45 GMT
server
cloudflare
etag
0x8D98ED3130CF4D8
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
a5aa8ace-101e-006b-076c-c485b0000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
71ede989ad72cc62-ZRH
dinnextltpro-heavy.woff2
www.ltur.com/bundles/lturapp/css/fonts/
36 KB
36 KB
Font
General
Full URL
https://www.ltur.com/bundles/lturapp/css/fonts/dinnextltpro-heavy.woff2
Requested by
Host: www.ltur.com
URL: https://www.ltur.com/assets/2019/bundles/lturapp/css/layout2019/hotel-detail-uncritical.css?v=feb9bc45db
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.66.60.183 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-60-183.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
77251e7d5b56c35762e30b30401fb65d3490996d990abf253359753edded14da

Request headers

Referer
https://www.ltur.com/assets/2019/bundles/lturapp/css/layout2019/hotel-detail-uncritical.css?v=feb9bc45db
Origin
https://www.ltur.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 15:52:36 GMT
last-modified
Wed, 15 Jun 2022 08:51:36 GMT
server
nginx
etag
"8e4a-5e178a0f09600"
access-control-allow-origin
*
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
36426
expires
Wed, 21 Jun 2023 15:52:36 GMT
gen_204
maps.googleapis.com/maps/api/mapsjs/
3 B
448 B
XHR
General
Full URL
https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
Requested by
Host: maps.google.com
URL: https://maps.google.com/maps/api/js?v=3&key=AIzaSyCkDQ-asOCYCAuVDIrfKjqHJrH0yM_K82w&channel=ltur.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ltur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 15:52:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.ltur.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
vary
Origin, X-Origin, Referer
content-length
23
x-xss-protection
0
SSL.png
images.ltur.com/images/logos/
4 KB
4 KB
Image
General
Full URL
https://images.ltur.com/images/logos/SSL.png
Requested by
Host: www.ltur.com
URL: https://www.ltur.com/at/urlaub/hotel-h10-ocean-dreams-432627?adults=2&airports=VIE&dclid=CI2vuKzzvvgCFbaQ_Qcd0GsGHw&departureDate=2022-06-28&duration=10707&language=de&noOpenJaw=true&options=1402&returnDate=2022-07-05&tourOperatorCodes=TUR3&utm_campaign=reisepost_at&utm_content=product-bestprice-regional&utm_medium=email_intern&utm_source=ltur&utm_term=FUE_432627
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:c800:10:b451:79c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
adb008a3226f019ba3aa52ff37d53b98a589dee1f97f07002e9b108bf629a69a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ltur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 00:29:56 GMT
via
1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
55361
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
vary
Origin
content-length
3699
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 23 Feb 2022 21:59:26 GMT
server
AmazonS3
x-frame-options
SAMEORIGIN
etag
"5ffe9ae0c046245ac402e773874df378"
strict-transport-security
max-age=31536000
x-amz-version-id
aspcgXX_qjxkUF3Y3u9kcDDNRqTcfY33
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
image/png
x-amz-cf-id
v88gXsU8aRIdKQkDnsd_8xxwM2EQfKM1AS5ORCmlSucRi_E7FTmsAQ==
de-at.json
cdn.cookielaw.org/consent/20854f10-7ad6-4569-a5bd-ffe938cec6b8/9f417743-3639-4bb4-a7de-5a479877b875/
139 KB
27 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/consent/20854f10-7ad6-4569-a5bd-ffe938cec6b8/9f417743-3639-4bb4-a7de-5a479877b875/de-at.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.25.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
69e8ddbdccfb7d6da8f189f4bfcae22da111881d815f53860c4eeac9fcd8bf82
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ltur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 21 Jun 2022 15:52:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
ory98HhMyZbDycLpuCXkuA==
age
7568
vary
Accept-Encoding
content-length
27655
x-ms-lease-status
unlocked
last-modified
Wed, 16 Feb 2022 11:32:08 GMT
server
cloudflare
etag
0x8D9F13FF758E57A
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
59ee5117-301e-00bb-142a-233912000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
71ede98a9fc7cc56-ZRH
expires
Tue, 21 Jun 2022 19:52:36 GMT
otCenterRounded.json
cdn.cookielaw.org/scripttemplates/6.25.0/assets/
9 KB
3 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/scripttemplates/6.25.0/assets/otCenterRounded.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.25.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b26a37736a1c5a3e268b492a0b89a278c88208bdf6ea88543c0720c0317854c8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ltur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 21 Jun 2022 15:52:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
GusGKeZw4BFJM/nj45byyg==
age
20589736
vary
Accept-Encoding
content-length
2584
x-ms-lease-status
unlocked
last-modified
Fri, 22 Oct 2021 16:52:37 GMT
server
cloudflare
etag
0x8D9957C5AAAE362
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
de8362fa-901e-0157-2f43-ca773e000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
71ede98af826cc56-ZRH
otPcCenter.json
cdn.cookielaw.org/scripttemplates/6.25.0/assets/v2/
47 KB
11 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/scripttemplates/6.25.0/assets/v2/otPcCenter.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.25.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4f02e9d367192c2c79c674f41b7eae83bcfe93c4e6fcfc5e7d1e34cfa2b7d00
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ltur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 21 Jun 2022 15:52:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
9E3lVDuBS011aFtnS8Lptg==
age
20589736
vary
Accept-Encoding
content-length
11581
x-ms-lease-status
unlocked
last-modified
Fri, 22 Oct 2021 16:52:38 GMT
server
cloudflare
etag
0x8D9957C5B1359BC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
f44f2ff5-001e-005d-5743-ca28e2000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
71ede98af82dcc56-ZRH
otCookieSettingsButton.json
cdn.cookielaw.org/scripttemplates/6.25.0/assets/
5 KB
2 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/scripttemplates/6.25.0/assets/otCookieSettingsButton.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.25.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c592c34b2e4a372219ac6d33bda6828183ee534a0219d221ece5be22d80e29f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ltur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 21 Jun 2022 15:52:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
faMrXPz5JqfF3CH105XLtA==
age
20589736
vary
Accept-Encoding
content-length
2144
x-ms-lease-status
unlocked
last-modified
Fri, 22 Oct 2021 16:52:35 GMT
server
cloudflare
etag
0x8D9957C59807238
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
44a578fa-c01e-00c8-5343-ca49d1000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
71ede98af82fcc56-ZRH
otCommonStyles.css
cdn.cookielaw.org/scripttemplates/6.25.0/assets/
20 KB
4 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/scripttemplates/6.25.0/assets/otCommonStyles.css
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.25.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ee6fdf3d0f4d826380054030e5a9fd6fc8c451d9fe28123f1d76e632332e659
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ltur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 21 Jun 2022 15:52:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
Ye6OeZcNyuFoWog7CYs00A==
age
20589736
vary
Accept-Encoding
x-ms-lease-status
unlocked
last-modified
Fri, 22 Oct 2021 16:52:54 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
d7e6bbc5-b01e-00e5-7c43-caca11000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
cf-ray
71ede98af831cc56-ZRH
live.js
halc.iadvize.com/static/livechat/f88065ae4ecf2bb20b073f000b1f6b64458fd6f3/
Redirect Chain
  • https://halc.iadvize.com/iadvize.js?sid=6273
  • https://halc.iadvize.com/static/livechat/f88065ae4ecf2bb20b073f000b1f6b64458fd6f3/live.js
11 KB
5 KB
Script
General
Full URL
https://halc.iadvize.com/static/livechat/f88065ae4ecf2bb20b073f000b1f6b64458fd6f3/live.js
Protocol
H2
Server
2600:9000:2156:3a00:15:e09:8a80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
55876fe4-29a2-4c24-5bde-49ea4614532d, AmazonS3 /
Resource Hash
e4032dd7a104898f0f2742ece7fc049ca59cdcc7ee677ed2ad1c0079257a268b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ltur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Mon, 20 Jun 2022 15:30:27 GMT
content-encoding
gzip
vary
Accept-Encoding,Accept-Encoding
age
87729
cross-origin-embedder-policy
require-corp
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
last-modified
Mon, 20 Jun 2022 07:58:24 GMT
server
55876fe4-29a2-4c24-5bde-49ea4614532d, AmazonS3
etag
W/"ec0d9eb7f0d303d094669340b391dafc"
strict-transport-security
max-age=31536000;
x-amz-version-id
null
via
1.1 a09186728c1bcdf0a561aedd92656804.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
61aaJZxAOgEltplrQZpVUAwsLR9LbzT8cSZLR-iFuTtqrfcz6uM2BQ==

Redirect headers

date
Tue, 21 Jun 2022 15:52:36 GMT
content-encoding
gzip
location
https://halc.iadvize.com/static/livechat/f88065ae4ecf2bb20b073f000b1f6b64458fd6f3/live.js
server
df61a1e2-989e-34c9-ffca-f13d2ec142ee
x-amz-cf-pop
FRA50-C1
cross-origin-embedder-policy
require-corp
vary
Accept-Encoding, Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000;
content-length
127
via
1.1 a09186728c1bcdf0a561aedd92656804.cloudfront.net (CloudFront)
x-amz-cf-id
bHqExgcO7fugrO6-ay9HHMaVdBedaOVkdshm2mD7ZpHbx7tO03ns3Q==
btnt.js
sgtm.ltur.com/
1 KB
803 B
Script
General
Full URL
https://sgtm.ltur.com/btnt.js
Requested by
Host: www.ltur.com
URL: https://www.ltur.com/at/urlaub/hotel-h10-ocean-dreams-432627?adults=2&airports=VIE&dclid=CI2vuKzzvvgCFbaQ_Qcd0GsGHw&departureDate=2022-06-28&duration=10707&language=de&noOpenJaw=true&options=1402&returnDate=2022-07-05&tourOperatorCodes=TUR3&utm_campaign=reisepost_at&utm_content=product-bestprice-regional&utm_medium=email_intern&utm_source=ltur&utm_term=FUE_432627
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.21 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
any-in-2015.1e100.net
Software
/
Resource Hash
ece550fe33ec76675be7383619c4498db0c90187159b82314a9bf0834ba093c2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ltur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 15:52:36 GMT
via
1.1 google
x-content-type-options
nosniff
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
server-timing
validation;dur=1, serve;dur=1
content-encoding
gzip
live.1.php
halc.iadvize.com/rpc/
5 KB
2 KB
Fetch
General
Full URL
https://halc.iadvize.com/rpc/live.1.php?deviceHeight=1200&deviceWidth=1600&previousUrl=&registerNavigation=false&url=https%3A%2F%2Fwww.ltur.com%2Fat%2Furlaub%2Fhotel-h10-ocean-dreams-432627%3Fadults%3D2%26airports%3DVIE%26dclid%3DCI2vuKzzvvgCFbaQ_Qcd0GsGHw%26departureDate%3D2022-06-28%26duration%3D10707%26language%3Dde%26noOpenJaw%3Dtrue%26options%3D1402%26returnDate%3D2022-07-05%26tourOperatorCodes%3DTUR3%26utm_campaign%3Dreisepost_at%26utm_content%3Dproduct-bestprice-regional%26utm_medium%3Demail_intern%26utm_source%3Dltur%26utm_term%3DFUE_432627&customData=%7B%22cart_amount%22%3A%22360.00%22%2C%22product_price%22%3A%22%22%2C%22page_type%22%3A%22AT%3ASearch%3APAV%3Aurlaub%3AHotelDetail%22%2C%22booking_error%22%3A%22%22%7D&sid=6273
Requested by
Host: halc.iadvize.com
URL: https://halc.iadvize.com/iadvize.js?sid=6273
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:3a00:15:e09:8a80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
a9d769c4-18e7-f743-b567-53759b496bad /
Resource Hash
280044594f5811e0e3b5dc20592fa6606393df687202d5269e820ff2a4d74d97
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ltur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 15:52:36 GMT
content-encoding
gzip
vary
Accept-Encoding, Origin, Accept-Encoding
x-amz-cf-pop
FRA50-C1
cross-origin-embedder-policy
require-corp
x-cache
Miss from cloudfront
cross-origin-resource-policy
cross-origin
content-length
1416
pragma
no-cache
access-control-allow-origin
*
server
a9d769c4-18e7-f743-b567-53759b496bad
etag
W/60db73fabb1cb8b87347319b3cf1f470
strict-transport-security
max-age=31536000;
content-type
application/json; charset=utf-8
via
1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
cache-control
no-cache
access-control-allow-credentials
true
x-amz-cf-id
Nwx93ZD0SFHH2wh4D5zxP8DoYXMQrA6ALJcuqUOP82Uhy1Fa3tvPjA==
expires
Mon, 26 Jul 1997 05:00:00 GMT
node_modules_babel_runtime_helpers_defineProperty_js-node_modules_babel_runtime_helpers_inter-8d68f2.chunk.js
halc.iadvize.com/static/livechat/f88065ae4ecf2bb20b073f000b1f6b64458fd6f3/
26 KB
7 KB
Script
General
Full URL
https://halc.iadvize.com/static/livechat/f88065ae4ecf2bb20b073f000b1f6b64458fd6f3/node_modules_babel_runtime_helpers_defineProperty_js-node_modules_babel_runtime_helpers_inter-8d68f2.chunk.js
Requested by
Host: halc.iadvize.com
URL: https://halc.iadvize.com/iadvize.js?sid=6273
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:3a00:15:e09:8a80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
524c8de0-c98c-14b9-b66c-1f40246c60cc, AmazonS3 /
Resource Hash
eb5ceb9ba598d20f07a9ac5ccac7eb1304df0d89705ce8fd31812b23de8279b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ltur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Mon, 20 Jun 2022 08:59:20 GMT
content-encoding
gzip
vary
Accept-Encoding,Accept-Encoding
age
111196
cross-origin-embedder-policy
require-corp
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
last-modified
Mon, 20 Jun 2022 07:58:24 GMT
server
524c8de0-c98c-14b9-b66c-1f40246c60cc, AmazonS3
etag
W/"4ddee91e775e0044900b712cf30ca5e6"
strict-transport-security
max-age=31536000;
x-amz-version-id
null
via
1.1 a09186728c1bcdf0a561aedd92656804.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
aMnATyJJZbqE8Gyqhip14aeGJvni-1PRNUVhl1K20qEqPkkNnzCPfg==
full-mode.chunk.js
halc.iadvize.com/static/livechat/f88065ae4ecf2bb20b073f000b1f6b64458fd6f3/
111 KB
28 KB
Script
General
Full URL
https://halc.iadvize.com/static/livechat/f88065ae4ecf2bb20b073f000b1f6b64458fd6f3/full-mode.chunk.js
Requested by
Host: halc.iadvize.com
URL: https://halc.iadvize.com/iadvize.js?sid=6273
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:3a00:15:e09:8a80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
471a61d6-19e4-01a2-1af8-12b22897ba0a, AmazonS3 /
Resource Hash
479939ffb3552b7db8eb5ae67193ca431287ca185ecb828f84021e0c833e789c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ltur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Mon, 20 Jun 2022 08:59:20 GMT
content-encoding
gzip
vary
Accept-Encoding,Accept-Encoding
age
111196
cross-origin-embedder-policy
require-corp
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
last-modified
Mon, 20 Jun 2022 07:58:24 GMT
server
471a61d6-19e4-01a2-1af8-12b22897ba0a, AmazonS3
etag
W/"29ee0afeb61550e4d69ba1804337fcb2"
strict-transport-security
max-age=31536000;
x-amz-version-id
null
via
1.1 a09186728c1bcdf0a561aedd92656804.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
gnqZOY7NK5PQrb_BqpHt8U1l71Gj17j0sF_tXly7SU3BDV3QStm0Bg==
storage.php
halc.iadvize.com/ Frame D817
17 KB
5 KB
Document
General
Full URL
https://halc.iadvize.com/storage.php?type=local&n=1&o=https://www.ltur.com
Requested by
Host: halc.iadvize.com
URL: https://halc.iadvize.com/static/livechat/f88065ae4ecf2bb20b073f000b1f6b64458fd6f3/full-mode.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:3a00:15:e09:8a80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
3da2b530-2d95-c564-45a0-7161b79d01fc /
Resource Hash
7c7ceaba798e2851f1968db72f4f8137a08a8d3d052ff15587ac2919cd09014c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Referer
https://www.ltur.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
content-encoding
gzip
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 21 Jun 2022 15:52:36 GMT
server
3da2b530-2d95-c564-45a0-7161b79d01fc
strict-transport-security
max-age=31536000;
vary
Accept-Encoding Accept-Encoding
via
1.1 a09186728c1bcdf0a561aedd92656804.cloudfront.net (CloudFront)
x-amz-cf-id
5bMl2AqjbhbLArtpHaroGtIITJOXSBOTeml3Wd_2I7L0EH3ApNOS2A==
x-amz-cf-pop
FRA50-C1
x-cache
Miss from cloudfront
targeting.chunk.js
halc.iadvize.com/static/livechat/f88065ae4ecf2bb20b073f000b1f6b64458fd6f3/
75 KB
18 KB
Script
General
Full URL
https://halc.iadvize.com/static/livechat/f88065ae4ecf2bb20b073f000b1f6b64458fd6f3/targeting.chunk.js
Requested by
Host: halc.iadvize.com
URL: https://halc.iadvize.com/iadvize.js?sid=6273
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:3a00:15:e09:8a80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
06c8974a-7ce7-fa45-8ddf-0e91e7b639d4, AmazonS3 /
Resource Hash
0c6dbe984be799717548d3ea01c09c0ac529c3f4c805cbc887246c042a311838
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ltur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Mon, 20 Jun 2022 08:59:20 GMT
content-encoding
gzip
vary
Accept-Encoding,Accept-Encoding
age
111196
cross-origin-embedder-policy
require-corp
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
last-modified
Mon, 20 Jun 2022 07:58:25 GMT
server
06c8974a-7ce7-fa45-8ddf-0e91e7b639d4, AmazonS3
etag
W/"3c4022e64ff4500b53e4b5841822bf79"
strict-transport-security
max-age=31536000;
x-amz-version-id
null
via
1.1 a09186728c1bcdf0a561aedd92656804.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
wy10Y70UXdWs0QDeHCcsJ5YBEMUFqQiFHIo5siOuwgv-sQ22wPf3Xw==
notificationOrchestrator.chunk.js
halc.iadvize.com/static/livechat/f88065ae4ecf2bb20b073f000b1f6b64458fd6f3/
32 KB
10 KB
Script
General
Full URL
https://halc.iadvize.com/static/livechat/f88065ae4ecf2bb20b073f000b1f6b64458fd6f3/notificationOrchestrator.chunk.js
Requested by
Host: halc.iadvize.com
URL: https://halc.iadvize.com/iadvize.js?sid=6273
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:3a00:15:e09:8a80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
dd40b114-fcbb-8ce4-4366-538c1ebb37b8, AmazonS3 /
Resource Hash
b624d57842ed4d533a7b8a65f90c9e577185d4eb8f098abec992f4909b8067cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ltur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Mon, 20 Jun 2022 08:59:20 GMT
content-encoding
gzip
vary
Accept-Encoding,Accept-Encoding
age
111196
cross-origin-embedder-policy
require-corp
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
last-modified
Mon, 20 Jun 2022 07:58:25 GMT
server
dd40b114-fcbb-8ce4-4366-538c1ebb37b8, AmazonS3
etag
W/"d0e9da2817bf850a5531cd4a242b878f"
strict-transport-security
max-age=31536000;
x-amz-version-id
null
via
1.1 a09186728c1bcdf0a561aedd92656804.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
FBjb6LvOi0fXPBsxAfypF1Q93iBEtMuGx8bbBy-5F3ZVUkexDKqbvw==
btnt
sgtm.ltur.com/
35 B
324 B
Image
General
Full URL
https://sgtm.ltur.com/btnt?page_referrer=&page_title=AT%3ASearch%3APAV%3Aurlaub%3AHotelDetail&page_location=https%3A%2F%2Fwww.ltur.com%2Fat%2Furlaub%2Fhotel-h10-ocean-dreams-432627%3Fadults%3D2%26airports%3DVIE%26dclid%3DCI2vuKzzvvgCFbaQ_Qcd0GsGHw%26departureDate%3D2022-06-28%26duration%3D10707%26language%3Dde%26noOpenJaw%3Dtrue%26options%3D1402%26returnDate%3D2022-07-05%26tourOperatorCodes%3DTUR3%26utm_campaign%3Dreisepost_at%26utm_content%3Dproduct-bestprice-regional%26utm_medium%3Demail_intern%26utm_source%3Dltur%26utm_term%3DFUE_432627&event_name=page_view&z=47569902
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.21 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
any-in-2015.1e100.net
Software
/
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ltur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 21 Jun 2022 15:52:36 GMT
via
1.1 google
expires
Thu, 01 Jan 1970 00:00:00 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
de.json
halc.iadvize.com/static/translations/livechat/0.1.473/
40 KB
11 KB
Fetch
General
Full URL
https://halc.iadvize.com/static/translations/livechat/0.1.473/de.json
Requested by
Host: halc.iadvize.com
URL: https://halc.iadvize.com/static/livechat/f88065ae4ecf2bb20b073f000b1f6b64458fd6f3/full-mode.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:3a00:15:e09:8a80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
f87c51a4-6c72-6cbe-6f6d-6fd63e8a1330, AmazonS3 /
Resource Hash
c5c299560a7ced730faa971302a10494078e7c8ed9826bde456a45ffca9d21bc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ltur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 10 Jun 2022 07:07:45 GMT
content-encoding
gzip
vary
Accept-Encoding,Origin,Accept-Encoding
age
981891
cross-origin-embedder-policy
require-corp
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
last-modified
Tue, 22 Mar 2022 11:47:23 GMT
server
f87c51a4-6c72-6cbe-6f6d-6fd63e8a1330, AmazonS3
etag
W/"cdb6e1244a4cead4e0dcde652ead25df"
strict-transport-security
max-age=31536000;
x-amz-version-id
null
via
1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
access-control-allow-credentials
true
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
application/json
x-amz-cf-id
7Y0PH8zW_FxWpCdMxkEcyrkW5BJHLyAcqS-TBXMMZGEwoxPf3OUNng==
live.2.php
halc.iadvize.com/rpc/
80 KB
18 KB
Fetch
General
Full URL
https://halc.iadvize.com/rpc/live.2.php?sid=6273&dep=0&tpl=ltur2&lang=de&version=f88065ae4ecf2bb20b073f000b1f6b64458fd6f3&registerNavigation=true
Requested by
Host: halc.iadvize.com
URL: https://halc.iadvize.com/static/livechat/f88065ae4ecf2bb20b073f000b1f6b64458fd6f3/full-mode.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:3a00:15:e09:8a80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
b6f70bb0-3d29-d372-9060-1f01476691c2 /
Resource Hash
a23cd1552698db2eb35bfa902e6120e7425366dd017059d8ec67b2dc8f679aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ltur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 15:52:36 GMT
content-encoding
gzip
vary
Accept-Encoding, Origin, Accept-Encoding
x-amz-cf-pop
FRA50-C1
cross-origin-embedder-policy
require-corp
x-cache
Miss from cloudfront
cross-origin-resource-policy
cross-origin
pragma
no-cache
access-control-allow-origin
*
server
b6f70bb0-3d29-d372-9060-1f01476691c2
strict-transport-security
max-age=31536000;
content-type
application/json; charset=utf-8
via
1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
cache-control
no-cache
access-control-allow-credentials
true
x-amz-cf-id
vdRDbE_DsFDkRrFCSiC4S2lbiGWiR9xhVyf-oG3jQPyUGPFAGWw9SA==
expires
Mon, 26 Jul 1997 05:00:00 GMT
dataPipeline.chunk.js
halc.iadvize.com/static/livechat/f88065ae4ecf2bb20b073f000b1f6b64458fd6f3/
27 KB
8 KB
Script
General
Full URL
https://halc.iadvize.com/static/livechat/f88065ae4ecf2bb20b073f000b1f6b64458fd6f3/dataPipeline.chunk.js
Requested by
Host: halc.iadvize.com
URL: https://halc.iadvize.com/iadvize.js?sid=6273
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:3a00:15:e09:8a80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
de7afe5f-a574-7d9c-50ee-cfc290d99d38, AmazonS3 /
Resource Hash
88d8388cfa7ce8765759142b8e229b02efac5401534ef61133b14bea2f3a1bef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ltur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Mon, 20 Jun 2022 08:59:20 GMT
content-encoding
gzip
vary
Accept-Encoding,Accept-Encoding
age
111196
cross-origin-embedder-policy
require-corp
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
last-modified
Mon, 20 Jun 2022 07:58:24 GMT
server
de7afe5f-a574-7d9c-50ee-cfc290d99d38, AmazonS3
etag
W/"5782f2fc42a020035a8b535e9bc13fc4"
strict-transport-security
max-age=31536000;
x-amz-version-id
null
via
1.1 a09186728c1bcdf0a561aedd92656804.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
0C8D9h1V9xpRNWBGm2w39mENAkQwnhQOUfh3vwUVYMBsSlTbjll9kg==
GDPRMiddleware.chunk.js
halc.iadvize.com/static/livechat/f88065ae4ecf2bb20b073f000b1f6b64458fd6f3/
4 KB
2 KB
Script
General
Full URL
https://halc.iadvize.com/static/livechat/f88065ae4ecf2bb20b073f000b1f6b64458fd6f3/GDPRMiddleware.chunk.js
Requested by
Host: halc.iadvize.com
URL: https://halc.iadvize.com/iadvize.js?sid=6273
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:3a00:15:e09:8a80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
76e05d8a-abf9-9bc7-0540-0cb91d847b6a, AmazonS3 /
Resource Hash
031d92c36c40ded954963bc45c3c053b4bf15d26832a389e035660dfe1f3aa7b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ltur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Mon, 20 Jun 2022 08:59:20 GMT
content-encoding
gzip
vary
Accept-Encoding,Accept-Encoding
age
111196
cross-origin-embedder-policy
require-corp
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
1289
access-control-allow-origin
*
last-modified
Mon, 20 Jun 2022 07:58:24 GMT
server
76e05d8a-abf9-9bc7-0540-0cb91d847b6a, AmazonS3
etag
W/"194ba378ae6972c34f20466ae36abe75"
strict-transport-security
max-age=31536000;
x-amz-version-id
null
via
1.1 a09186728c1bcdf0a561aedd92656804.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
37-FfwEA2EmrmBAGmOx_AG2HH7OurA0dINbLjdlE5Xx5XxkDE1nNFQ==
events
api.iadvize.com/collector/ha/live/
0
284 B
XHR
General
Full URL
https://api.iadvize.com/collector/ha/live/events
Requested by
Host: halc.iadvize.com
URL: https://halc.iadvize.com/static/livechat/f88065ae4ecf2bb20b073f000b1f6b64458fd6f3/full-mode.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.196.52.197 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-52-197.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.ltur.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 21 Jun 2022 15:52:37 GMT
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-permitted-cross-domain-policies
master-only
x-frame-options
DENY
access-control-allow-origin
https://www.ltur.com
access-control-allow-credentials
true
x-content-type-options
nosniff
vary
Accept-Encoding, Origin
x-xss-protection
1; mode=block
events
api.iadvize.com/collector/ha/live/ Frame
0
0
Preflight
General
Full URL
https://api.iadvize.com/collector/ha/live/events
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.196.52.197 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-52-197.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.ltur.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://www.ltur.com
access-control-max-age
3600
content-length
0
date
Tue, 21 Jun 2022 15:52:36 GMT
vary
Accept-Encoding Origin
www_js_modules_livechat_src_conversations_events_ts-www_js_modules_livechat_src_events_ts-www-956d22.chunk.js
halc.iadvize.com/static/livechat/f88065ae4ecf2bb20b073f000b1f6b64458fd6f3/
15 KB
5 KB
Script
General
Full URL
https://halc.iadvize.com/static/livechat/f88065ae4ecf2bb20b073f000b1f6b64458fd6f3/www_js_modules_livechat_src_conversations_events_ts-www_js_modules_livechat_src_events_ts-www-956d22.chunk.js
Requested by
Host: halc.iadvize.com
URL: https://halc.iadvize.com/iadvize.js?sid=6273
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:3a00:15:e09:8a80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
06c8974a-7ce7-fa45-8ddf-0e91e7b639d4, AmazonS3 /
Resource Hash
32080eee2c9b9dab6a04516aa30f878aa18b0be12d42d9eae84898f29339de98
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ltur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Mon, 20 Jun 2022 15:30:28 GMT
content-encoding
gzip
vary
Accept-Encoding,Accept-Encoding
age
87728
cross-origin-embedder-policy
require-corp
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
last-modified
Mon, 20 Jun 2022 07:58:25 GMT
server
06c8974a-7ce7-fa45-8ddf-0e91e7b639d4, AmazonS3
etag
W/"8c34915312c42f907fa07fc7bea87594"
strict-transport-security
max-age=31536000;
x-amz-version-id
null
via
1.1 a09186728c1bcdf0a561aedd92656804.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
mMC2lP6PUXMJhEDextgleusP68EayXZyoBg8_HFBtJ3p_bFYrqTt5g==
orchestratorLoader.chunk.js
halc.iadvize.com/static/livechat/f88065ae4ecf2bb20b073f000b1f6b64458fd6f3/
24 KB
8 KB
Script
General
Full URL
https://halc.iadvize.com/static/livechat/f88065ae4ecf2bb20b073f000b1f6b64458fd6f3/orchestratorLoader.chunk.js
Requested by
Host: halc.iadvize.com
URL: https://halc.iadvize.com/iadvize.js?sid=6273
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:3a00:15:e09:8a80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
9783ce34-d735-9945-4df4-227a5dcb9dcc, AmazonS3 /
Resource Hash
27e9334b842a9a967e7771aeb1479ba11783a09d4207c6cf04fe06898f1d4349
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ltur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Mon, 20 Jun 2022 15:30:28 GMT
content-encoding
gzip
vary
Accept-Encoding,Accept-Encoding
age
87728
cross-origin-embedder-policy
require-corp
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
last-modified
Mon, 20 Jun 2022 07:58:25 GMT
server
9783ce34-d735-9945-4df4-227a5dcb9dcc, AmazonS3
etag
W/"8e04274d780bf6f9521a687e54a71739"
strict-transport-security
max-age=31536000;
x-amz-version-id
null
via
1.1 a09186728c1bcdf0a561aedd92656804.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
LLVxfaI9FR7Ks6SrJMzDCPsb3fKRn9HfhequAPb7s5_p7Jiy2G4Tww==
orchestrator.js
halc.iadvize.com/static/livechat/f88065ae4ecf2bb20b073f000b1f6b64458fd6f3/ Frame FAA0
13 KB
6 KB
Script
General
Full URL
https://halc.iadvize.com/static/livechat/f88065ae4ecf2bb20b073f000b1f6b64458fd6f3/orchestrator.js
Requested by
Host: halc.iadvize.com
URL: https://halc.iadvize.com/static/livechat/f88065ae4ecf2bb20b073f000b1f6b64458fd6f3/notificationOrchestrator.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:3a00:15:e09:8a80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
5e65ff87-f8c4-bd65-a4e6-684215bf0f93, AmazonS3 /
Resource Hash
c32ab738cd32c4ca97515712e2f3e7022c429aab33ef9e8a94f706e602942b61
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Mon, 20 Jun 2022 15:30:28 GMT
content-encoding
gzip
vary
Accept-Encoding,Accept-Encoding
age
87729
cross-origin-embedder-policy
require-corp
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
last-modified
Mon, 20 Jun 2022 07:58:25 GMT
server
5e65ff87-f8c4-bd65-a4e6-684215bf0f93, AmazonS3
etag
W/"90617d5afa3f8c0060ae83404e790cc0"
strict-transport-security
max-age=31536000;
x-amz-version-id
null
via
1.1 a09186728c1bcdf0a561aedd92656804.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
NcjM9qaenCJiEcveSGmM4nV2odljgc7JnF8i_q6ocKM2hE-3t8Takw==
node_modules_iadvize_redux-types_dist_index_js-node_modules_redux-saga_dist_redux-saga-core-n-fc08ef.chunk.js
halc.iadvize.com/static/livechat/f88065ae4ecf2bb20b073f000b1f6b64458fd6f3/ Frame FAA0
35 KB
12 KB
Script
General
Full URL
https://halc.iadvize.com/static/livechat/f88065ae4ecf2bb20b073f000b1f6b64458fd6f3/node_modules_iadvize_redux-types_dist_index_js-node_modules_redux-saga_dist_redux-saga-core-n-fc08ef.chunk.js
Requested by
Host: halc.iadvize.com
URL: https://halc.iadvize.com/static/livechat/f88065ae4ecf2bb20b073f000b1f6b64458fd6f3/orchestrator.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:3a00:15:e09:8a80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
dd40b114-fcbb-8ce4-4366-538c1ebb37b8, AmazonS3 /
Resource Hash
a25d1b4dd0047ce7edfc88ea1164f6d1c59b7b2dc193dd2c93ab52d2f7660c00
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Mon, 20 Jun 2022 15:30:28 GMT
content-encoding
gzip
vary
Accept-Encoding,Accept-Encoding
age
87729
cross-origin-embedder-policy
require-corp
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
last-modified
Mon, 20 Jun 2022 07:58:24 GMT
server
dd40b114-fcbb-8ce4-4366-538c1ebb37b8, AmazonS3
etag
W/"25c86f39904b97c14ac0513a34b61572"
strict-transport-security
max-age=31536000;
x-amz-version-id
null
via
1.1 a09186728c1bcdf0a561aedd92656804.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
lI1olwn4qHkJwUD7y8n3wwe7VP6ZY-dlWwfaU8dLue1iR9YSHeTbSw==
orchestratorStore.chunk.js
halc.iadvize.com/static/livechat/f88065ae4ecf2bb20b073f000b1f6b64458fd6f3/ Frame FAA0
33 KB
7 KB
Script
General
Full URL
https://halc.iadvize.com/static/livechat/f88065ae4ecf2bb20b073f000b1f6b64458fd6f3/orchestratorStore.chunk.js
Requested by
Host: halc.iadvize.com
URL: https://halc.iadvize.com/static/livechat/f88065ae4ecf2bb20b073f000b1f6b64458fd6f3/orchestrator.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:3a00:15:e09:8a80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
e9a830a9-46bc-22d6-f736-30aaaa960551, AmazonS3 /
Resource Hash
a8c1b984683cc1ae16de4262d638913fde7583eaf8b9c3655009ac4c03a0eee7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Mon, 20 Jun 2022 15:30:28 GMT
content-encoding
gzip
vary
Accept-Encoding,Accept-Encoding
age
87729
cross-origin-embedder-policy
require-corp
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
last-modified
Mon, 20 Jun 2022 07:58:25 GMT
server
e9a830a9-46bc-22d6-f736-30aaaa960551, AmazonS3
etag
W/"4e305a82cb223eeb3bb2fa03a220d662"
strict-transport-security
max-age=31536000;
x-amz-version-id
null
via
1.1 a09186728c1bcdf0a561aedd92656804.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
6hwdOrAhtSfW5Mw1KzdFRt-NR7WlUvBL7Hvaw9xt2N-bVqk-nyIaHA==
referrer.php
halc.iadvize.com/rpc/
181 B
632 B
Script
General
Full URL
https://halc.iadvize.com/rpc/referrer.php?s=6273&u=ca2e95cf61f24ab121ed5d9b2c41881e62b1e944c9afb&get=&random=1655826757077
Requested by
Host: halc.iadvize.com
URL: https://halc.iadvize.com/static/livechat/f88065ae4ecf2bb20b073f000b1f6b64458fd6f3/targeting.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:3a00:15:e09:8a80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
563fb6b0-9af9-f0a2-ad6d-d373708e7021 /
Resource Hash
18d6c2c596bc978cb7561ffe3fecbc732edbd342f6abe78e345e01629a7f890b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ltur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 15:52:37 GMT
content-encoding
gzip
vary
Accept-Encoding, Accept-Encoding
x-amz-cf-pop
FRA50-C1
cross-origin-embedder-policy
require-corp
x-cache
Miss from cloudfront
cross-origin-resource-policy
cross-origin
content-length
125
pragma
no-cache
access-control-allow-origin
*
server
563fb6b0-9af9-f0a2-ad6d-d373708e7021
strict-transport-security
max-age=31536000;
content-type
text/javascript; charset=utf-8
via
1.1 a09186728c1bcdf0a561aedd92656804.cloudfront.net (CloudFront)
cache-control
no-cache
x-amz-cf-id
shGaLr3jKvgB-5E9lcdZQrKHAvM7Bs0lJtgIBQzOHXE0Z3FC8ZA3qw==
expires
Mon, 26 Jul 1997 05:00:00 GMT
jsonstore.php
halc.iadvize.com/rpc/
3 B
571 B
XHR
General
Full URL
https://halc.iadvize.com/rpc/jsonstore.php?sid=6273&u=ca2e95cf61f24ab121ed5d9b2c41881e62b1e944c9afb&data=%7B%22va_funnel%22%3Afalse%2C%22va_kundenserviceon%22%3Atrue%2C%22va_derbesucherwarschoninbs%22%3A%22Nein%22%7D&callback=?
Requested by
Host: halc.iadvize.com
URL: https://halc.iadvize.com/static/livechat/f88065ae4ecf2bb20b073f000b1f6b64458fd6f3/full-mode.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:3a00:15:e09:8a80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
97bb6403-334a-250d-b852-af0a5cb29e81 /
Resource Hash
a8c56870eb5156e0de212c6db839661283cdc9d2f6fcae8a0732776fabac7961
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ltur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 15:52:38 GMT
content-encoding
gzip
vary
Accept-Encoding, Origin, Accept-Encoding
x-amz-cf-pop
FRA50-C1
cross-origin-embedder-policy
require-corp
x-cache
Miss from cloudfront
cross-origin-resource-policy
cross-origin
content-length
27
pragma
no-cache
access-control-allow-origin
*
server
97bb6403-334a-250d-b852-af0a5cb29e81
strict-transport-security
max-age=31536000;
content-type
text/javascript; charset=utf-8
via
1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
cache-control
no-cache
access-control-allow-credentials
true
x-amz-cf-id
GZZ9hG33BtvOHdIh6196UjRGrt79ze7oIaklcl0cNpRoEnC2IP2Cdw==
expires
Mon, 26 Jul 1997 05:00:00 GMT
common.js
maps.google.com/maps-api-v3/api/js/48/12/intl/de_ALL/
82 KB
30 KB
Script
General
Full URL
https://maps.google.com/maps-api-v3/api/js/48/12/intl/de_ALL/common.js
Requested by
Host: maps.google.com
URL: https://maps.google.com/maps/api/js?v=3&key=AIzaSyCkDQ-asOCYCAuVDIrfKjqHJrH0yM_K82w&channel=ltur.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a3c37a7de38b1accd911e9cfd5465837ec19602fa51821b791ad4e786b6446c9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ltur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Mon, 20 Jun 2022 15:04:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
89266
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30523
x-xss-protection
0
last-modified
Tue, 03 May 2022 20:33:15 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 20 Jun 2023 15:04:55 GMT
util.js
maps.google.com/maps-api-v3/api/js/48/12/intl/de_ALL/
308 KB
92 KB
Script
General
Full URL
https://maps.google.com/maps-api-v3/api/js/48/12/intl/de_ALL/util.js
Requested by
Host: maps.google.com
URL: https://maps.google.com/maps/api/js?v=3&key=AIzaSyCkDQ-asOCYCAuVDIrfKjqHJrH0yM_K82w&channel=ltur.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc461e3171326cfa312e38abed61dbd0af213d50d4c3a2a20958b28dad7a7b98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ltur.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 21:56:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
237397
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
93823
x-xss-protection
0
last-modified
Tue, 03 May 2022 20:33:15 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 18 Jun 2023 21:56:04 GMT

Verdicts & Comments Add Verdict or Comment

47 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails object| navigation object| OneTrustStub function| setCookiePrevious function| setCookieChanges function| getCookiePrevious function| getChanges function| CookiesChanged function| OptanonWrapper object| searchBlockConfig object| dataLayer object| backendConfig object| hotelBaseData string| OnetrustActiveGroups string| OptanonActiveGroups object| otStubData function| trustedShops boolean| initialized object| webpackJsonp object| __core-js_shared__ object| core object| google object| module$exports$mapsapi$util$event object| module$contents$mapsapi$overlay$overlayView_OverlayView object| Optanon object| OneTrust object| google_tag_manager function| postscribe object| google_tag_manager_external object| idzCustomData string| formerVal object| btntConfig function| btnt object| btntQueue object| webpackChunk_iadvize_core_livechat_app object| regeneratorRuntime object| iAdvize object| iAdvizeInterface function| _typeof

11 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: IDE
Value: AHWqTUkw3RkuDvFeybT-b11FYUc6XKfYUYhgIE9uPfvpjWDQw8W1IkA5dIE4RvyC_fo
.doubleclick.net/ Name: FLC
Value: CIyP6AIQgqDrfxih8tncASiskJIDMMPSx5UG
www.ltur.com/ Name: device_view
Value: full
www.ltur.com/ Name: PreviousOptanonConsent
Value: ,1,
.ltur.com/ Name: OptanonConsent
Value: isGpcEnabled=0&datestamp=Tue+Jun+21+2022+15%3A52%3A36+GMT%2B0000+(GMT)&version=6.25.0&isIABGlobal=false&hosts=&consentId=0d39b25e-046b-4fbf-9991-e2dbe5e655b5&interactionCount=0&landingPath=https%3A%2F%2Fwww.ltur.com%2Fat%2Furlaub%2Fhotel-h10-ocean-dreams-432627%3Fadults%3D2%26airports%3DVIE%26dclid%3DCI2vuKzzvvgCFbaQ_Qcd0GsGHw%26departureDate%3D2022-06-28%26duration%3D10707%26language%3Dde%26noOpenJaw%3Dtrue%26options%3D1402%26returnDate%3D2022-07-05%26tourOperatorCodes%3DTUR3%26utm_campaign%3Dreisepost_at%26utm_content%3Dproduct-bestprice-regional%26utm_medium%3Demail_intern%26utm_source%3Dltur%26utm_term%3DFUE_432627&groups=1%3A1%2C2%3A0%2C3%3A0%2C4%3A0%2C5%3A0
.ltur.com/ Name: OMps
Value: email_intern
.ltur.com/ Name: OMlps
Value: email_intern
.ltur.com/ Name: BTNT_I_WAS_HERE
Value: or%20was%20I%3F
.ltur.com/ Name: BTNT_SOURCE
Value: ltur
.ltur.com/ Name: BTNT_MEDIUM
Value: email_intern
halc.iadvize.com/ Name: iadvize-6273-vuid
Value: ca2e95cf61f24ab121ed5d9b2c41881e62b1e944c9afb

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
api.iadvize.com
cdn.cookielaw.org
gips.ltur.com
halc.iadvize.com
images.ltur.com
maps.google.com
maps.googleapis.com
newsletter.lturpost.com
sgtm.ltur.com
www.ltur.com
142.250.185.134
159.69.225.151
18.196.52.197
216.239.32.21
2600:9000:2156:1a00:6:f45f:8400:93a1
2600:9000:2156:3a00:15:e09:8a80:93a1
2600:9000:2156:c800:10:b451:79c0:93a1
2606:4700::6810:9440
2a00:1450:4001:812::200e
2a00:1450:4001:831::200a
3.66.60.183
031d92c36c40ded954963bc45c3c053b4bf15d26832a389e035660dfe1f3aa7b
0c6dbe984be799717548d3ea01c09c0ac529c3f4c805cbc887246c042a311838
18d3ee40aa93a40cda7b0072a97aeeed739083b3e1d8e4260e9437089a698e3a
18d6c2c596bc978cb7561ffe3fecbc732edbd342f6abe78e345e01629a7f890b
1a6622bbfd2f4017f391cae1040e22f99a923116427a0ccb25543581f5d92257
1a6a1c082772e0600388e060f3a011ca2fc8922d44ae2247415700ad9f9426e0
219dab75a9f779877d4bbd49dc6fa501fe85c5957238d9cca84cdb55a7f9bbdd
27e9334b842a9a967e7771aeb1479ba11783a09d4207c6cf04fe06898f1d4349
280044594f5811e0e3b5dc20592fa6606393df687202d5269e820ff2a4d74d97
2c592c34b2e4a372219ac6d33bda6828183ee534a0219d221ece5be22d80e29f
2edf1c8604593b5a05d40e15b83fe775f4e15df4f546a8e87757b9b3c7759320
2ee6fdf3d0f4d826380054030e5a9fd6fc8c451d9fe28123f1d76e632332e659
32080eee2c9b9dab6a04516aa30f878aa18b0be12d42d9eae84898f29339de98
479939ffb3552b7db8eb5ae67193ca431287ca185ecb828f84021e0c833e789c
5659bc9aef68a211ef993489359c1385d427f0b78f9e512f85d4510af361ed38
69e8ddbdccfb7d6da8f189f4bfcae22da111881d815f53860c4eeac9fcd8bf82
741f3b322a7fe55924aa16c33994812067970422f874a5d21b413e5721d038ea
77251e7d5b56c35762e30b30401fb65d3490996d990abf253359753edded14da
7c7ceaba798e2851f1968db72f4f8137a08a8d3d052ff15587ac2919cd09014c
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84a51baa8e3815d0e9ce52c05f2866efb8108bfc038983b3ddc65cecd5a31973
88d8388cfa7ce8765759142b8e229b02efac5401534ef61133b14bea2f3a1bef
a23cd1552698db2eb35bfa902e6120e7425366dd017059d8ec67b2dc8f679aa4
a25d1b4dd0047ce7edfc88ea1164f6d1c59b7b2dc193dd2c93ab52d2f7660c00
a3c37a7de38b1accd911e9cfd5465837ec19602fa51821b791ad4e786b6446c9
a8c1b984683cc1ae16de4262d638913fde7583eaf8b9c3655009ac4c03a0eee7
a8c56870eb5156e0de212c6db839661283cdc9d2f6fcae8a0732776fabac7961
adb008a3226f019ba3aa52ff37d53b98a589dee1f97f07002e9b108bf629a69a
b1fb902ac6e68a8f6d9fa5590d0e95e95b3f7d0d0f09c87cf0e2ff256515c529
b26a37736a1c5a3e268b492a0b89a278c88208bdf6ea88543c0720c0317854c8
b624d57842ed4d533a7b8a65f90c9e577185d4eb8f098abec992f4909b8067cb
bc461e3171326cfa312e38abed61dbd0af213d50d4c3a2a20958b28dad7a7b98
c32ab738cd32c4ca97515712e2f3e7022c429aab33ef9e8a94f706e602942b61
c5c299560a7ced730faa971302a10494078e7c8ed9826bde456a45ffca9d21bc
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cad0f15cc22f606b7346f0273f672ec76a55ad94bdaaffb80696cc7b5e56daf9
d59c50f800fa0ab265ee2d7bf8a154785b11bc6380adee5058882134d52555e2
da247006356fd6d32101f3fe197aad6851e6d7a45f093e515555ab358a71c254
db6db642e3272db409d2ff4b82ed52c8e2114a9093a383ad33825f7b1672f719
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4032dd7a104898f0f2742ece7fc049ca59cdcc7ee677ed2ad1c0079257a268b
e4f02e9d367192c2c79c674f41b7eae83bcfe93c4e6fcfc5e7d1e34cfa2b7d00
eb5ceb9ba598d20f07a9ac5ccac7eb1304df0d89705ce8fd31812b23de8279b7
ece550fe33ec76675be7383619c4498db0c90187159b82314a9bf0834ba093c2
fe035b6ff2394b9fc9b4dad0acc9050d633269a5efa7cfeac7e6b8fdc12b7065