urlscan.io logo urlscan.io
SecurityTrails logo

www.travel2haven.com Open in urlscan Pro
52.25.132.181  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://8l6b.vacation.escapevacations.com/
Effective URL: https://www.travel2haven.com/
Submission: On December 15 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 18 IPs in 1 countries across 13 domains to perform 70 HTTP transactions. The main IP is 52.25.132.181, located in Boardman, United States and belongs to AMAZON-02, US. The main domain is www.travel2haven.com.
TLS certificate: Issued by R3 on November 16th 2023. Valid for: 3 months.
This is the only time www.travel2haven.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    52.88.130.181 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-88-130-181.us-west-2.compute.amazonaws.com
8l6b.vacation.escapevacations.com
19    52.25.132.181 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-25-132-181.us-west-2.compute.amazonaws.com
www.travel2haven.com
5    2600:9000:210b:c000:16:4349:fe00:93a1 (United States)

ASN16509 (AMAZON-02, US)
skins.webtreepro.com
6    2607:f8b0:4006:81e::200e (United States)

ASN15169 (GOOGLE, US)
maps.google.com
5    52.92.210.42 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2-r-w.amazonaws.com
wtp-prd.s3.us-west-2.amazonaws.com
3    146.75.32.193 (Ashburn, United States)

ASN54113 (FASTLY, US)
i.imgur.com
11    2606:4700::6812:b92 (United States)

ASN13335 (CLOUDFLARENET, US)
agentprofiler.travelleaders.com
www.travelleaders.com
1    2607:f8b0:4006:822::200a (United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2607:f8b0:4006:81e::200a (United States)

ASN15169 (GOOGLE, US)
maps.googleapis.com
jnn-pa.googleapis.com
8    2607:f8b0:4006:80b::200e (United States)

ASN15169 (GOOGLE, US)
www.youtube.com
5    2607:f8b0:4006:81d::2003 (United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2607:f8b0:4006:822::2002 (United States)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2607:f8b0:4006:816::2006 (United States)

ASN15169 (GOOGLE, US)
static.doubleclick.net
1    2607:f8b0:4006:80f::2004 (United States)

ASN15169 (GOOGLE, US)
www.google.com
1    2607:f8b0:4006:808::2016 (United States)

ASN15169 (GOOGLE, US)
i.ytimg.com
1    2607:f8b0:4006:821::2001 (United States)

ASN15169 (GOOGLE, US)
yt3.ggpht.com
2    2607:f8b0:4006:80f::2003 (United States)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    2607:f8b0:4006:824::200a (United States)

ASN15169 (GOOGLE, US)
jnn-pa.googleapis.com
Apex Domain
Subdomains		 Transfer
19 travel2haven.com
www.travel2haven.com
405 KB
11 travelleaders.com
agentprofiler.travelleaders.com
www.travelleaders.com — Cisco Umbrella Rank: 909806
451 KB
8 youtube.com
www.youtube.com — Cisco Umbrella Rank: 71
1002 KB
7 gstatic.com
fonts.gstatic.com
www.gstatic.com
117 KB
7 google.com
maps.google.com — Cisco Umbrella Rank: 2444
www.google.com — Cisco Umbrella Rank: 2
237 KB
6 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
maps.googleapis.com — Cisco Umbrella Rank: 357
jnn-pa.googleapis.com — Cisco Umbrella Rank: 203
41 KB
5 amazonaws.com
wtp-prd.s3.us-west-2.amazonaws.com — Cisco Umbrella Rank: 705891
2 MB
5 webtreepro.com
skins.webtreepro.com — Cisco Umbrella Rank: 901955
549 KB
3 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
static.doubleclick.net — Cisco Umbrella Rank: 248
1 KB
3 imgur.com
i.imgur.com — Cisco Umbrella Rank: 7364
10 KB
1 ggpht.com
yt3.ggpht.com — Cisco Umbrella Rank: 226
3 KB
1 ytimg.com
i.ytimg.com — Cisco Umbrella Rank: 89
93 KB
1 escapevacations.com
8l6b.vacation.escapevacations.com
293 B
70 13
Domain Requested by
19 www.travel2haven.com 5 redirects www.travel2haven.com
10 www.travelleaders.com www.travel2haven.com
8 www.youtube.com www.travel2haven.com
www.youtube.com
6 maps.google.com www.travel2haven.com
maps.google.com
5 fonts.gstatic.com fonts.googleapis.com
www.youtube.com
5 wtp-prd.s3.us-west-2.amazonaws.com www.travel2haven.com
5 skins.webtreepro.com www.travel2haven.com
skins.webtreepro.com
4 jnn-pa.googleapis.com www.youtube.com
3 i.imgur.com www.travel2haven.com
2 www.gstatic.com www.youtube.com
www.gstatic.com
2 googleads.g.doubleclick.net 1 redirects www.youtube.com
1 yt3.ggpht.com www.youtube.com
1 i.ytimg.com www.youtube.com
1 www.google.com www.youtube.com
1 static.doubleclick.net www.youtube.com
1 maps.googleapis.com maps.google.com
1 fonts.googleapis.com skins.webtreepro.com
1 agentprofiler.travelleaders.com www.travel2haven.com
1 8l6b.vacation.escapevacations.com 1 redirects
70 19

This site contains links to these domains. Also see Links.

Domain
www.travelleadersgroup.com
internova.com
Subject Issuer Validity Valid
www.travel2haven.com
R3		 2023-11-16 -
2024-02-14		 3 months crt.sh
skins.webtreepro.com
Amazon RSA 2048 M01		 2023-03-24 -
2024-04-21		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.imgur.com
Sectigo RSA Domain Validation Secure Server CA		 2023-03-13 -
2024-03-12		 a year crt.sh
travelleaders.com
Cloudflare Inc ECC CA-3		 2023-07-04 -
2024-07-03		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
edgestatic.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://www.travel2haven.com/
Frame ID: CE747B9A3C6762E57BDBEF43F5412E5B
Requests: 50 HTTP requests in this frame

Frame: https://www.youtube.com/embed/Ig4Iq3rUsMg?rel=0
Frame ID: 2DCB02E3897081C898BFEB58D1DD801D
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Home TRAVEL 2 HAVEN

Page URL History Show full URLs

  1. https://8l6b.vacation.escapevacations.com/ HTTP 302
    https://www.travel2haven.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //maps\.google(?:apis)?\.com/maps/api/js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <(?:param|embed|iframe)[^>]+youtube(?:-nocookie)?\.com/(?:v|embed)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • swfobject.*\.js

Page Statistics

70
Requests

91 %
HTTPS

78 %
IPv6

13
Domains

19
Subdomains

18
IPs

1
Countries

5297 kB
Transfer

8804 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://8l6b.vacation.escapevacations.com/ HTTP 302
    https://www.travel2haven.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13
  • https://www.travel2haven.com/Common/Showimage.ashx/604858 HTTP 302
  • https://wtp-prd.s3.us-west-2.amazonaws.com/sites/11018/files/cdc80ece152b46d09ca22d7290411d59.jpg?X-Amz-Expires=86400&response-cache-control=max-age%3D86400&response-content-disposition=inline%3B%20filename%3D%22travel-logo-design.jpg%22&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAZWPS3ZQLCKPNIRCY/20231214/us-west-2/s3/aws4_request&X-Amz-Date=20231214T192141Z&X-Amz-SignedHeaders=host&X-Amz-Signature=9365e600c4b5666dc1d659d4dc29ff656b4c02f564678f36fa0114ea12166eb1
Request Chain 19
  • https://www.travel2haven.com/common/showimage.ashx/604726/tpom-2.png HTTP 302
  • https://wtp-prd.s3.us-west-2.amazonaws.com/sites/9040/files/2f324319b6074d8b985d707dc1fdb3a3.png?X-Amz-Expires=86400&response-cache-control=max-age%3D86400&response-content-disposition=inline%3B%20filename%3D%22tpom-2.png%22&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAZWPS3ZQLCKPNIRCY/20231215/us-west-2/s3/aws4_request&X-Amz-Date=20231215T133842Z&X-Amz-SignedHeaders=host&X-Amz-Signature=88ae397864648cb8bb4320ddf5ea72efd4f05e0644a2a45b158eb526f40e3c12
Request Chain 25
  • https://www.travel2haven.com/common/showimage.ashx/567904/306x120.png HTTP 302
  • https://wtp-prd.s3.us-west-2.amazonaws.com/sites/9040/files/49bc823434fc4f48ad2c1dc52eae12e5.png?X-Amz-Expires=86400&response-cache-control=max-age%3D86400&response-content-disposition=inline%3B%20filename%3D%22Nexion-Independent%20Affiliate.png%22&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAZWPS3ZQLCKPNIRCY/20231215/us-west-2/s3/aws4_request&X-Amz-Date=20231215T135033Z&X-Amz-SignedHeaders=host&X-Amz-Signature=7f0bdd884792020ff983c5076d693ed2d6173ad6609332a1c54a7e15e68d5b59
Request Chain 33
  • https://www.travel2haven.com/Common/showimage.ashx/552788 HTTP 302
  • https://wtp-prd.s3.us-west-2.amazonaws.com/sites/9040/files/5832abef6ca44e90a003b16e1ba1ba96.jpg?X-Amz-Expires=86400&response-cache-control=max-age%3D86400&response-content-disposition=inline%3B%20filename%3D%22Header-Africa3.jpg%22&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAZWPS3ZQLCKPNIRCY/20231214/us-west-2/s3/aws4_request&X-Amz-Date=20231214T174539Z&X-Amz-SignedHeaders=host&X-Amz-Signature=0fb78dcb11e3d1b479abe9024cf502838334a8aed8cbc22f3411f59121c7e079
Request Chain 39
  • https://www.travel2haven.com/Common/Showimage.ashx/604858 HTTP 302
  • https://wtp-prd.s3.us-west-2.amazonaws.com/sites/11018/files/cdc80ece152b46d09ca22d7290411d59.jpg?X-Amz-Expires=86400&response-cache-control=max-age%3D86400&response-content-disposition=inline%3B%20filename%3D%22travel-logo-design.jpg%22&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAZWPS3ZQLCKPNIRCY/20231214/us-west-2/s3/aws4_request&X-Amz-Date=20231214T192141Z&X-Amz-SignedHeaders=host&X-Amz-Signature=9365e600c4b5666dc1d659d4dc29ff656b4c02f564678f36fa0114ea12166eb1
Request Chain 54
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

70 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.travel2haven.com/
Redirect Chain
  • https://8l6b.vacation.escapevacations.com/
  • https://www.travel2haven.com/
44 KB
44 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.travel2haven.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.25.132.181 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-25-132-181.us-west-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
5d568d9b55dd75f83b3bd73267d08b84815b207864b5dc00eb38c18eb98b192e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
access-control-allow-origin
*
cache-control
private
content-length
44930
content-type
text/html; charset=utf-8
date
Fri, 15 Dec 2023 17:22:26 GMT
server
Microsoft-IIS/10.0
vary
User-Agent
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET

Redirect headers

access-control-allow-headers
Content-Type
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
access-control-allow-origin
*
cache-control
private
content-length
146
content-type
text/html; charset=utf-8
date
Fri, 15 Dec 2023 17:22:24 GMT
location
https://www.Travel2haven.com/
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
JJ1yhvMWXH189FCjVMZ4AjXEjsn_bczxYQ7dvAq-UEFm_k_Rv4LiFEA_BLLESO4_ZLzsa5Mi7mHZy9xRsr7RB1m5oBzwoNcoK5D3ZTycP7Xiz1hLhrKql2cR_gJglExBcQUAAA2
www.travel2haven.com/dynamicScriptBundle/638363111863879268/cQUAAB-LCAAAAAAABACtVNtu2zAM_ZrsrQGW7QeCLNsypECBtnktZIt2GEuiJlGJ8_ejY2FVLi2wy5Opcw4p3uTJrPkRJ7Nm9zNBOE538cPkHDlAxQHAByrJmqhDiBl6Cqru0LWFW... 		601 KB
156 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.travel2haven.com/dynamicScriptBundle/638363111863879268/cQUAAB-LCAAAAAAABACtVNtu2zAM_ZrsrQGW7QeCLNsypECBtnktZIt2GEuiJlGJ8_ejY2FVLi2wy5Opcw4p3uTJrPkRJ7Nm9zNBOE538cPkHDlAxQHAByrJmqhDiBl6Cqru0LWFWYrjoaFqBzWXYEPBRofewxncIcXOkoYSVDvVfwfjIcQFWUvuOs-Ev827hCV_YP_iySdfgo74OHCvxQ3IDUXuwon1UppqQWfZbpBVRBw5KD-16G4Te2VQK6ZwSVfU/X3rl6ypDdfe8ysyaWnT3EKNcPojm0o4z7DlC2GDECg3yMXfqDed3HLPH3PuXexUZwkP2eQLrjeLRXn9bg9JywVK3IIBPlcG4LWZWFpgYTdlW9Ep_AX5dhrJsC8pZcKmkhrN8trSHsHIMjm-wMQ0Vpyq-xTWSYeYWKTJZkY_F5PUSa-xbGUFWZ8pHD5uLCV6HGJG51isnp82ni8IYem7QmGLcp25U_aNEhlBMvo8npFRtldMGKiUzDckxWrjbf55-nM7-/JJ1yhvMWXH189FCjVMZ4AjXEjsn_bczxYQ7dvAq-UEFm_k_Rv4LiFEA_BLLESO4_ZLzsa5Mi7mHZy9xRsr7RB1m5oBzwoNcoK5D3ZTycP7Xiz1hLhrKql2cR_gJglExBcQUAAA2
Requested by
Host: www.travel2haven.com
URL: https://www.travel2haven.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.25.132.181 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-25-132-181.us-west-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
27c88a44dd992612a5b57ac22fd869898b2e8b513f75155f4f91e79050f2a255

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.travel2haven.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 17:22:26 GMT
content-encoding
gzip
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
text/javascript
access-control-allow-origin
*
cache-control
public
access-control-allow-headers
Content-Type
content-length
159438
expires
Sat, 14 Dec 2024 17:22:27 GMT
font-awesome.min.css
skins.webtreepro.com/skins/common/fontawesome4/css/ 		28 KB
29 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://skins.webtreepro.com/skins/common/fontawesome4/css/font-awesome.min.css
Requested by
Host: www.travel2haven.com
URL: https://www.travel2haven.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:210b:c000:16:4349:fe00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ed0f05101d480726c58bcd4956a1e7b02f12b538d02058f1b0ebfdabe8a7ef42

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.travel2haven.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
8PUmXFVqs.JwTP3qjK1RRHrzD6hPPXMr
date
Fri, 15 Dec 2023 08:02:43 GMT
via
1.1 2363b636adbc739d5f9806cb41e6d226.cloudfront.net (CloudFront)
last-modified
Thu, 23 Nov 2023 12:13:01 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-C3
age
34509
x-amz-server-side-encryption
AES256
etag
"fea395db9a5c8eaba924d98161324597"
x-cache
Hit from cloudfront
content-type
text/css
accept-ranges
bytes
content-length
29067
x-amz-cf-id
-y5R5wDUfTvNr_KuLb_rzG2jksoq6TCowGfeZPP1PVs9K5W6Lp9q2Q==
CAIAAB-LCAAAAAAABACVjEEKwjAQRU8Tl0WLIC5tBVeu4gXSdGqjmUnJJOLxnYKKm4LZDI_hva_qoQ2IgZSA1nKbTL0HFjrCYLJPQp0P18oyr9RfeiP6IdrRPYALMjG78CwI3lRe6LujguoUXV-gn4FygX4BnLxJsJC0Hgz9Tt7mHOXxVThPEAfH47KCMoKfEUecD...
www.travel2haven.com/dynamicStyleBundle/638363121014900286/ 		21 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.travel2haven.com/dynamicStyleBundle/638363121014900286/CAIAAB-LCAAAAAAABACVjEEKwjAQRU8Tl0WLIC5tBVeu4gXSdGqjmUnJJOLxnYKKm4LZDI_hva_qoQ2IgZSA1nKbTL0HFjrCYLJPQp0P18oyr9RfeiP6IdrRPYALMjG78CwI3lRe6LujguoUXV-gn4FygX4BnLxJsJC0Hgz9Tt7mHOXxVThPEAfH47KCMoKfEUecDFmotutNvdvPvxfn4WhqCAIAAA2
Requested by
Host: www.travel2haven.com
URL: https://www.travel2haven.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.25.132.181 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-25-132-181.us-west-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
c74de294d62dc2dd72dfe867e68e831c8651d4d9b266bb023ee8eee1f1a831f1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.travel2haven.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 17:22:26 GMT
content-encoding
gzip
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
text/css
access-control-allow-origin
*
cache-control
public
access-control-allow-headers
Content-Type
content-length
4590
expires
Sat, 14 Dec 2024 17:22:27 GMT
jquery-ui-1.10.2.custom.css
www.travel2haven.com/App_Themes/intranet/jquery-ui/ 		34 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.travel2haven.com/App_Themes/intranet/jquery-ui/jquery-ui-1.10.2.custom.css
Requested by
Host: www.travel2haven.com
URL: https://www.travel2haven.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.25.132.181 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-25-132-181.us-west-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
0130a8dceb8fc8165defe555fb6311120ce66f1ee2a51abe20990eb2bffc6f66

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.travel2haven.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 17:22:26 GMT
content-encoding
gzip
last-modified
Thu, 23 Nov 2023 10:58:42 GMT
server
Microsoft-IIS/10.0
etag
"01d605fc1dda1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
access-control-allow-headers
Content-Type
content-length
6056
bootstrap.min.css
skins.webtreepro.com/skins/common/bootstrap3/css/ 		118 KB
119 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://skins.webtreepro.com/skins/common/bootstrap3/css/bootstrap.min.css
Requested by
Host: www.travel2haven.com
URL: https://www.travel2haven.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:210b:c000:16:4349:fe00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5a3d8c05785485d36ee5c94d4681e5b1d9e4b94c5be8b5bd7b0f3168fff1bd9a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.travel2haven.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
qSslaE.r.eszmY_Kg0kdNekTtzO1hvym
date
Fri, 15 Dec 2023 07:31:44 GMT
via
1.1 2363b636adbc739d5f9806cb41e6d226.cloudfront.net (CloudFront)
last-modified
Thu, 23 Nov 2023 12:13:01 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-C3
age
35854
x-amz-server-side-encryption
AES256
etag
"5057f321f0dc85cd8da94a0c5f67a8f4"
x-cache
Hit from cloudfront
content-type
text/css
accept-ranges
bytes
content-length
121205
x-amz-cf-id
gmFhY19fLnm8YPnj1RAL4r9jBkeNteiiBG5DrgKVTZzDDFrx1YIs-A==
Toolbar.css
www.travel2haven.com/App_Themes/Intranet/ 		11 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.travel2haven.com/App_Themes/Intranet/Toolbar.css
Requested by
Host: www.travel2haven.com
URL: https://www.travel2haven.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.25.132.181 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-25-132-181.us-west-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
df178a76e5527927a54a4ee4b0d9f28c40a1925cc7e5aa5db16a8ba9fdf0b3ce

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.travel2haven.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 17:22:26 GMT
content-encoding
gzip
last-modified
Thu, 23 Nov 2023 10:58:42 GMT
server
Microsoft-IIS/10.0
etag
"01d605fc1dda1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
access-control-allow-headers
Content-Type
content-length
2270
cookieconsent.min.css
www.travel2haven.com/Js/cookieconsent/css/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.travel2haven.com/Js/cookieconsent/css/cookieconsent.min.css
Requested by
Host: www.travel2haven.com
URL: https://www.travel2haven.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.25.132.181 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-25-132-181.us-west-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
2f828220b9dd6c92f5c9c096bfa3bb3fbc579380e2b0ec1e4733d850e116a7f1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.travel2haven.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 17:22:26 GMT
content-encoding
gzip
last-modified
Thu, 23 Nov 2023 10:58:44 GMT
server
Microsoft-IIS/10.0
etag
"04a916fc1dda1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
access-control-allow-headers
Content-Type
content-length
1195
default.css
skins.webtreepro.com/skins/tlgleadersedge/ 		321 KB
322 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://skins.webtreepro.com/skins/tlgleadersedge/default.css?t=638186904604970000
Requested by
Host: www.travel2haven.com
URL: https://www.travel2haven.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:210b:c000:16:4349:fe00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0ca722bc1c654b88f46c7ffce0d76198c73b049d901481bcbf2a2326f07d0116

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.travel2haven.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
3m5BAuRU_lemtvVq9cA2_gVN2eH2p3nw
date
Fri, 15 Dec 2023 11:11:08 GMT
via
1.1 2363b636adbc739d5f9806cb41e6d226.cloudfront.net (CloudFront)
last-modified
Thu, 23 Nov 2023 12:13:17 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-C3
age
22359
x-amz-server-side-encryption
AES256
etag
"43ea8cfc542b0c061859f7c236e3b9df"
x-cache
Hit from cloudfront
content-type
text/css
accept-ranges
bytes
content-length
329213
x-amz-cf-id
oqccwdwhVcAd_sMjy6SmL1Ujw6sKresR4dUtEVA54PrMovSE17ml3A==
swfobject.js
www.travel2haven.com/Js/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.travel2haven.com/Js/swfobject.js
Requested by
Host: www.travel2haven.com
URL: https://www.travel2haven.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.25.132.181 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-25-132-181.us-west-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
228e7abc6f0b491c177be9ee528856caf19ea3135c014713cc67ad64f2ae50b6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.travel2haven.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 17:22:26 GMT
content-encoding
gzip
last-modified
Thu, 23 Nov 2023 10:58:44 GMT
server
Microsoft-IIS/10.0
etag
"04a916fc1dda1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
access-control-allow-headers
Content-Type
content-length
2251
js
maps.google.com/maps/api/ 		176 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.google.com/maps/api/js?key=AIzaSyAxuVERn-bIKl8t1fV19IpqYCrAgzZCAv0
Requested by
Host: www.travel2haven.com
URL: https://www.travel2haven.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
0de19020d8e42a75fedde6e42e68785ef2af78c0c53f01c45e15fd3ed0215563
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.travel2haven.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 17:22:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
vary
Accept-Language, Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61527
x-xss-protection
0
map.js
www.travel2haven.com/Customers/TLG/CustomAddIn/V3/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.travel2haven.com/Customers/TLG/CustomAddIn/V3/js/map.js
Requested by
Host: www.travel2haven.com
URL: https://www.travel2haven.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.25.132.181 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-25-132-181.us-west-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
38e16f15e0f3294a97b254a8332d9f7823dece3e40744a293b4334b9dd7845d2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.travel2haven.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 17:22:26 GMT
last-modified
Thu, 23 Nov 2023 10:58:42 GMT
server
Microsoft-IIS/10.0
etag
"01d605fc1dda1:0"
x-powered-by
ASP.NET
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
access-control-allow-headers
Content-Type
content-length
1353
MsAjaxJs
www.travel2haven.com/bundles/ 		131 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.travel2haven.com/bundles/MsAjaxJs?v=FKpG-smDBfGNUdgJeZvfEIGvJ6cYQEn3X0F5sU-GCEA1
Requested by
Host: www.travel2haven.com
URL: https://www.travel2haven.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.25.132.181 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-25-132-181.us-west-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
0b5ccf8ec360d4ce45730aac1718af91e431ee6379282eebc3f44476363a52c7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.travel2haven.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 17:22:26 GMT
last-modified
Fri, 15 Dec 2023 17:22:27 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
vary
User-Agent
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public
access-control-allow-headers
Content-Type
content-length
134643
expires
Sat, 14 Dec 2024 17:22:27 GMT
WebFormsJs
www.travel2haven.com/bundles/ 		45 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.travel2haven.com/bundles/WebFormsJs?v=zi3b_79ovDvaSGwa114ouQNXKwAavyGdBw6Yku1697w1
Requested by
Host: www.travel2haven.com
URL: https://www.travel2haven.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.25.132.181 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-25-132-181.us-west-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
a78e9e80a951a4a1c522745ee893c891a91d429dc6b66c5901b79d5ee4715e5c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.travel2haven.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 17:22:26 GMT
last-modified
Fri, 15 Dec 2023 17:22:27 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
vary
User-Agent
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public
access-control-allow-headers
Content-Type
content-length
46189
expires
Sat, 14 Dec 2024 17:22:27 GMT
cdc80ece152b46d09ca22d7290411d59.jpg
wtp-prd.s3.us-west-2.amazonaws.com/sites/11018/files/
Redirect Chain
  • https://www.travel2haven.com/Common/Showimage.ashx/604858
  • https://wtp-prd.s3.us-west-2.amazonaws.com/sites/11018/files/cdc80ece152b46d09ca22d7290411d59.jpg?X-Amz-Expires=86400&response-cache-control=max-age%3D86400&response-content-disposition=inline%3B%2...
185 KB
185 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wtp-prd.s3.us-west-2.amazonaws.com/sites/11018/files/cdc80ece152b46d09ca22d7290411d59.jpg?X-Amz-Expires=86400&response-cache-control=max-age%3D86400&response-content-disposition=inline%3B%20filename%3D%22travel-logo-design.jpg%22&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAZWPS3ZQLCKPNIRCY/20231214/us-west-2/s3/aws4_request&X-Amz-Date=20231214T192141Z&X-Amz-SignedHeaders=host&X-Amz-Signature=9365e600c4b5666dc1d659d4dc29ff656b4c02f564678f36fa0114ea12166eb1
Requested by
Host: www.travel2haven.com
URL: https://www.travel2haven.com/
Protocol
HTTP/1.1
Server
52.92.210.42 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-2-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
ff0950c68e981f92bc4c53e50b5120750f1ec2cae7b4c16b4880e6f2c4c67df2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.travel2haven.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Fri, 15 Dec 2023 17:22:28 GMT
x-amz-version-id
yVtCSp4xUnWkiCRbGiDh4N97azH27rbg
x-amz-request-id
PBRB8WG5K2R7TEYC
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
Content-Disposition
inline; filename="travel-logo-design.jpg"
x-amz-meta-fileid
604858
x-amz-meta-siteid
11018
Content-Length
189019
x-amz-id-2
ktjp4fGdVa+R2fSxQvbEDanFW4gNx2QKjkHi7udBbWC0IyjAw5zbP7EgiMzPNd52PQFVMqLmGa8=
Last-Modified
Sat, 18 Nov 2023 00:24:11 GMT
Server
AmazonS3
ETag
"2ecf7364cd78b7222311518159a72179"
Content-Type
image/jpeg
Cache-Control
max-age=86400
Accept-Ranges
bytes

Redirect headers

date
Fri, 15 Dec 2023 17:22:26 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
text/html; charset=utf-8
location
https://wtp-prd.s3.us-west-2.amazonaws.com/sites/11018/files/cdc80ece152b46d09ca22d7290411d59.jpg?X-Amz-Expires=86400&response-cache-control=max-age%3D86400&response-content-disposition=inline%3B%20filename%3D%22travel-logo-design.jpg%22&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAZWPS3ZQLCKPNIRCY/20231214/us-west-2/s3/aws4_request&X-Amz-Date=20231214T192141Z&X-Amz-SignedHeaders=host&X-Amz-Signature=9365e600c4b5666dc1d659d4dc29ff656b4c02f564678f36fa0114ea12166eb1
access-control-allow-origin
*
cache-control
private
access-control-allow-headers
Content-Type
content-length
622
43puBan.png
i.imgur.com/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/43puBan.png
Requested by
Host: www.travel2haven.com
URL: https://www.travel2haven.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.32.193 Ashburn, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
20383d22a70c230ed85c59040fa6586bc8beb7dc4353ea59a6670cb609100d12
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.travel2haven.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 17:22:27 GMT
strict-transport-security
max-age=300
x-content-type-options
nosniff
x-amz-cf-pop
IAD12-P2
age
813404
x-cache
Miss from cloudfront, HIT
content-length
2897
x-served-by
cache-iad-kjyo7100090-IAD
last-modified
Tue, 16 Apr 2019 17:37:19 GMT
server
cat factory 1.0
x-timer
S1702660947.250468,VS0,VE1
etag
"f38762f9da0c01594ee3805dfab5dce8"
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
dTJOLbA5pdZ-I9oz9kNRJdApSPLiaKQMoZeiTxqgmRK-ULJQroXohQ==
x-cache-hits
1
OGn61rg.png
i.imgur.com/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/OGn61rg.png
Requested by
Host: www.travel2haven.com
URL: https://www.travel2haven.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.32.193 Ashburn, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
4392b66d78b176d805a564911c8edd0689998491d6ab8377ffb39cddd042b083
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.travel2haven.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 17:22:27 GMT
strict-transport-security
max-age=300
x-content-type-options
nosniff
x-amz-cf-pop
IAD12-P2
age
44212
x-cache
Miss from cloudfront, HIT
content-length
4025
x-served-by
cache-iad-kjyo7100090-IAD
last-modified
Tue, 16 Apr 2019 17:37:19 GMT
server
cat factory 1.0
x-timer
S1702660947.314356,VS0,VE1
etag
"b2a41c7eb9abe02108b176bf268e6d4a"
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
GaWC-DK7W1WtfXFGboR4kZ0HeKJTPZFt8ZGeexdJraxdHXVA_H6VXw==
x-cache-hits
1
bG1rN6i.png
i.imgur.com/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/bG1rN6i.png
Requested by
Host: www.travel2haven.com
URL: https://www.travel2haven.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.32.193 Ashburn, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
9d698116307e36bcfc8bf63bb76c0ce742f65c605b7482453218d48735485663
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.travel2haven.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 17:22:27 GMT
strict-transport-security
max-age=300
x-content-type-options
nosniff
x-amz-cf-pop
IAD55-P2
age
1243422
x-cache
Miss from cloudfront, HIT
content-length
2857
x-served-by
cache-iad-kjyo7100090-IAD
last-modified
Tue, 16 Apr 2019 17:37:19 GMT
server
cat factory 1.0
x-timer
S1702660947.379393,VS0,VE2
etag
"894d9652993d68a10e6218e478e4d7ac"
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
6PT4lDXGm8GNU9yRmkCKIGyl1Xg-LWlJ5US5ksyLRXgOeGYHN7YLig==
x-cache-hits
1
loadingAnimation.gif
www.travel2haven.com/Images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.travel2haven.com/Images/loadingAnimation.gif
Requested by
Host: www.travel2haven.com
URL: https://www.travel2haven.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.25.132.181 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-25-132-181.us-west-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e69abd7e0cc82f336e61fea889e406ecbbeb7ece1df960231b7a9ba0d1dd1676

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.travel2haven.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 17:22:26 GMT
last-modified
Thu, 23 Nov 2023 10:58:44 GMT
server
Microsoft-IIS/10.0
etag
"04a916fc1dda1:0"
x-powered-by
ASP.NET
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
access-control-allow-headers
Content-Type
content-length
5886
img_handler.ashx
agentprofiler.travelleaders.com/Common/Handlers/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://agentprofiler.travelleaders.com/Common/Handlers/img_handler.ashx?type=agt&id=307204
Requested by
Host: www.travel2haven.com
URL: https://www.travel2haven.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:b92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
de42d8cbc7c07a7bc2f982160df5a12165645e5d5cb73eb99ba6dd280894ac37
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'
Public-Key-Pins pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.travel2haven.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 17:22:27 GMT
content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
ASP.NET
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
private
cf-ray
83605e6a2c52747a-MIA
content-length
18271
x-xss-protection
1; mode=block
public-key-pins
pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
2f324319b6074d8b985d707dc1fdb3a3.png
wtp-prd.s3.us-west-2.amazonaws.com/sites/9040/files/
Redirect Chain
  • https://www.travel2haven.com/common/showimage.ashx/604726/tpom-2.png
  • https://wtp-prd.s3.us-west-2.amazonaws.com/sites/9040/files/2f324319b6074d8b985d707dc1fdb3a3.png?X-Amz-Expires=86400&response-cache-control=max-age%3D86400&response-content-disposition=inline%3B%20...
501 KB
502 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wtp-prd.s3.us-west-2.amazonaws.com/sites/9040/files/2f324319b6074d8b985d707dc1fdb3a3.png?X-Amz-Expires=86400&response-cache-control=max-age%3D86400&response-content-disposition=inline%3B%20filename%3D%22tpom-2.png%22&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAZWPS3ZQLCKPNIRCY/20231215/us-west-2/s3/aws4_request&X-Amz-Date=20231215T133842Z&X-Amz-SignedHeaders=host&X-Amz-Signature=88ae397864648cb8bb4320ddf5ea72efd4f05e0644a2a45b158eb526f40e3c12
Requested by
Host: www.travel2haven.com
URL: https://www.travel2haven.com/
Protocol
HTTP/1.1
Server
52.92.210.42 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-2-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
62111d547566facf1f3b8022f6c468b4554d7d3e5e6d68ca514112709219cdef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.travel2haven.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Fri, 15 Dec 2023 17:22:28 GMT
x-amz-version-id
jclw0DIyZPjGj3RRktDD9czNS5Zt_6XG
x-amz-request-id
PBR2N1PE1A39KJJV
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
Content-Disposition
inline; filename="tpom-2.png"
x-amz-meta-fileid
604726
x-amz-meta-siteid
9040
Content-Length
513326
x-amz-id-2
kgQqva2otaIJUwBbSS9E2fr6qp4GbH3i2vBDaYYPqXCtWi249Q7rghJHhRn/pQAy/31vFQmJPWQ=
Last-Modified
Mon, 13 Nov 2023 14:02:54 GMT
Server
AmazonS3
ETag
"56d34158050fd923d16f6221b1f95123"
Content-Type
image/png
Cache-Control
max-age=86400
Accept-Ranges
bytes

Redirect headers

date
Fri, 15 Dec 2023 17:22:26 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
text/html; charset=utf-8
location
https://wtp-prd.s3.us-west-2.amazonaws.com/sites/9040/files/2f324319b6074d8b985d707dc1fdb3a3.png?X-Amz-Expires=86400&response-cache-control=max-age%3D86400&response-content-disposition=inline%3B%20filename%3D%22tpom-2.png%22&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAZWPS3ZQLCKPNIRCY/20231215/us-west-2/s3/aws4_request&X-Amz-Date=20231215T133842Z&X-Amz-SignedHeaders=host&X-Amz-Signature=88ae397864648cb8bb4320ddf5ea72efd4f05e0644a2a45b158eb526f40e3c12
access-control-allow-origin
*
cache-control
private
access-control-allow-headers
Content-Type
content-length
609
Globus.png
www.travelleaders.com/images/supplierLogos/Tour/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.travelleaders.com/images/supplierLogos/Tour/Globus.png?ver=11.10
Requested by
Host: www.travel2haven.com
URL: https://www.travel2haven.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:b92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
db108a435cc382203c1258d77693c7ab892ce10e22c5e156075d2128d2ee8403
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'
Public-Key-Pins pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.travel2haven.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 17:22:27 GMT
content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'
x-content-type-options
nosniff
cf-cache-status
HIT
age
1373
x-powered-by
ASP.NET
content-length
5647
x-xss-protection
1; mode=block
public-key-pins
pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 10 Nov 2021 15:53:12 GMT
server
cloudflare
etag
"1d7d64b1097f20f"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
83605e6a8d1c747a-MIA
expires
Fri, 15 Dec 2023 21:22:27 GMT
Funjet.png
www.travelleaders.com/images/supplierLogos/Tour/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.travelleaders.com/images/supplierLogos/Tour/Funjet.png
Requested by
Host: www.travel2haven.com
URL: https://www.travel2haven.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:b92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
904f63842105f4bc8cf46cc7a080b96f54eb7aa9de1d9ddfcbabe7a6a9419ce6
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'
Public-Key-Pins pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.travel2haven.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 17:22:27 GMT
content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'
x-content-type-options
nosniff
cf-cache-status
HIT
age
1373
x-powered-by
ASP.NET
content-length
4384
x-xss-protection
1; mode=block
public-key-pins
pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 11 Feb 2019 12:58:42 GMT
server
cloudflare
etag
"1d4c20983a97c20"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
83605e6a8d18747a-MIA
expires
Fri, 15 Dec 2023 21:22:27 GMT
NCL_logo_176x84_C.png
www.travelleaders.com/images/supplierLogos/Cruise/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.travelleaders.com/images/supplierLogos/Cruise/NCL_logo_176x84_C.png
Requested by
Host: www.travel2haven.com
URL: https://www.travel2haven.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:b92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
8250d7e9fc2cfadd8e9a3022bb66c06a16a2cede04b5ac9f4c83872f7f903cde
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'
Public-Key-Pins pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.travel2haven.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 17:22:27 GMT
content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'
x-content-type-options
nosniff
cf-cache-status
HIT
x-powered-by
ASP.NET
content-length
6058
x-xss-protection
1; mode=block
public-key-pins
pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 14 Sep 2011 14:31:35 GMT
server
cloudflare
etag
"1cc72eb01346a2a"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
83605e6a8d10747a-MIA
expires
Fri, 15 Dec 2023 21:22:27 GMT
HAL_logo_176x84_C.png
www.travelleaders.com/images/supplierLogos/Cruise/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.travelleaders.com/images/supplierLogos/Cruise/HAL_logo_176x84_C.png
Requested by
Host: www.travel2haven.com
URL: https://www.travel2haven.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:b92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
ac7e983629cc7e54599642979b3e68791326a7ae5e3f49e659def46ffd7870f9
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'
Public-Key-Pins pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.travel2haven.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 17:22:27 GMT
content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'
x-content-type-options
nosniff
cf-cache-status
HIT
age
91
x-powered-by
ASP.NET
content-length
19978
x-xss-protection
1; mode=block
public-key-pins
pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 09 Feb 2017 16:16:39 GMT
server
cloudflare
etag
"1d282efe486838a"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
83605e6a8d13747a-MIA
expires
Fri, 15 Dec 2023 21:22:27 GMT
Princess_logo_176x84_C.png
www.travelleaders.com/images/supplierLogos/Cruise/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.travelleaders.com/images/supplierLogos/Cruise/Princess_logo_176x84_C.png?ver=5.05
Requested by
Host: www.travel2haven.com
URL: https://www.travel2haven.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:b92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
0702a0cb8bcb18643cddddab91747225c50bb00e71f0529f61a2bd558a003cdb
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'
Public-Key-Pins pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.travel2haven.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 17:22:27 GMT
content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'
x-content-type-options
nosniff
cf-cache-status
HIT
x-powered-by
ASP.NET
content-length
5777
x-xss-protection
1; mode=block
public-key-pins
pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 05 May 2023 17:40:40 GMT
server
cloudflare
etag
"1d97f78b5614a91"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
83605e6a8d16747a-MIA
expires
Fri, 15 Dec 2023 21:22:27 GMT
49bc823434fc4f48ad2c1dc52eae12e5.png
wtp-prd.s3.us-west-2.amazonaws.com/sites/9040/files/
Redirect Chain
  • https://www.travel2haven.com/common/showimage.ashx/567904/306x120.png
  • https://wtp-prd.s3.us-west-2.amazonaws.com/sites/9040/files/49bc823434fc4f48ad2c1dc52eae12e5.png?X-Amz-Expires=86400&response-cache-control=max-age%3D86400&response-content-disposition=inline%3B%20...
122 KB
123 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wtp-prd.s3.us-west-2.amazonaws.com/sites/9040/files/49bc823434fc4f48ad2c1dc52eae12e5.png?X-Amz-Expires=86400&response-cache-control=max-age%3D86400&response-content-disposition=inline%3B%20filename%3D%22Nexion-Independent%20Affiliate.png%22&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAZWPS3ZQLCKPNIRCY/20231215/us-west-2/s3/aws4_request&X-Amz-Date=20231215T135033Z&X-Amz-SignedHeaders=host&X-Amz-Signature=7f0bdd884792020ff983c5076d693ed2d6173ad6609332a1c54a7e15e68d5b59
Requested by
Host: www.travel2haven.com
URL: https://www.travel2haven.com/
Protocol
HTTP/1.1
Server
52.92.210.42 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-2-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
dfbf5b584d442b984225b38ac999fa488f6157b2bf6dd015afc7d3d3d1f98c29

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.travel2haven.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Fri, 15 Dec 2023 17:22:28 GMT
x-amz-version-id
czoBIptvqnaP1Gf0cOf8h4njTdaLjNXZ
Last-Modified
Tue, 05 May 2020 18:20:15 GMT
Server
AmazonS3
x-amz-request-id
PBR5F5JZYKYJ8FPB
ETag
"24a55d4643937809db6888936cce1dee"
Content-Type
image/png
Cache-Control
max-age=86400
x-amz-replication-status
COMPLETED
Content-Disposition
inline; filename="Nexion-Independent Affiliate.png"
x-amz-meta-fileid
567904
Accept-Ranges
bytes
x-amz-meta-siteid
9040
Content-Length
124884
x-amz-id-2
eOxX6qMuIsrOktMMVELwBMaanyKS366xwNxzun5GD9SwKIT4/mAloGqXFbBT5L6bfsmOtqjTm8Y=

Redirect headers

date
Fri, 15 Dec 2023 17:22:26 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
text/html; charset=utf-8
location
https://wtp-prd.s3.us-west-2.amazonaws.com/sites/9040/files/49bc823434fc4f48ad2c1dc52eae12e5.png?X-Amz-Expires=86400&response-cache-control=max-age%3D86400&response-content-disposition=inline%3B%20filename%3D%22Nexion-Independent%20Affiliate.png%22&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAZWPS3ZQLCKPNIRCY/20231215/us-west-2/s3/aws4_request&X-Amz-Date=20231215T135033Z&X-Amz-SignedHeaders=host&X-Amz-Signature=7f0bdd884792020ff983c5076d693ed2d6173ad6609332a1c54a7e15e68d5b59
access-control-allow-origin
*
cache-control
private
access-control-allow-headers
Content-Type
content-length
633
editbutton.css
www.travel2haven.com/App_Themes/Intranet/ 		1 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.travel2haven.com/App_Themes/Intranet/editbutton.css
Requested by
Host: www.travel2haven.com
URL: https://www.travel2haven.com/App_Themes/Intranet/Toolbar.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.25.132.181 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-25-132-181.us-west-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
4823bf9e997f3e4691ce2d7eac0b7c667a5f35a0872c7b7c53402715843394c6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.travel2haven.com/App_Themes/Intranet/Toolbar.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 17:22:26 GMT
last-modified
Thu, 23 Nov 2023 10:58:42 GMT
server
Microsoft-IIS/10.0
etag
"01d605fc1dda1:0"
x-powered-by
ASP.NET
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
access-control-allow-headers
Content-Type
content-length
1504
css
fonts.googleapis.com/ 		4 KB
921 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:300,300i,400,400i,700,700i
Requested by
Host: skins.webtreepro.com
URL: https://skins.webtreepro.com/skins/tlgleadersedge/default.css?t=638186904604970000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6b9f1135ba160e5dc694ad7977f6bf73d40d3c15742b14ca8910ea23bb3e6e79
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://skins.webtreepro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 15 Dec 2023 17:22:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 15 Dec 2023 16:11:57 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 15 Dec 2023 17:22:27 GMT
gen_204
maps.googleapis.com/maps/api/mapsjs/ 		3 B
361 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
Requested by
Host: maps.google.com
URL: https://maps.google.com/maps/api/js?key=AIzaSyAxuVERn-bIKl8t1fV19IpqYCrAgzZCAv0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.travel2haven.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 17:22:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.travel2haven.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23
x-xss-protection
0
common.js
maps.google.com/maps-api-v3/api/js/55/4/ 		256 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.google.com/maps-api-v3/api/js/55/4/common.js
Requested by
Host: maps.google.com
URL: https://maps.google.com/maps/api/js?key=AIzaSyAxuVERn-bIKl8t1fV19IpqYCrAgzZCAv0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
969dace001ef24f99f38bd00c5578b85ba9368e77a5667cfcaeaa29d2f57657b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.travel2haven.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 02:52:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
52221
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57512
x-xss-protection
0
last-modified
Mon, 04 Dec 2023 22:55:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 14 Dec 2024 02:52:06 GMT
util.js
maps.google.com/maps-api-v3/api/js/55/4/ 		173 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.google.com/maps-api-v3/api/js/55/4/util.js
Requested by
Host: maps.google.com
URL: https://maps.google.com/maps/api/js?key=AIzaSyAxuVERn-bIKl8t1fV19IpqYCrAgzZCAv0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e759dc710ec6d9f9438d5a77f834b247254512fb90cf520764ab591db32cf5cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.travel2haven.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 07:04:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
37062
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
55175
x-xss-protection
0
last-modified
Mon, 04 Dec 2023 22:55:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 14 Dec 2024 07:04:45 GMT
geocoder.js
maps.google.com/maps-api-v3/api/js/55/4/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.google.com/maps-api-v3/api/js/55/4/geocoder.js
Requested by
Host: maps.google.com
URL: https://maps.google.com/maps/api/js?key=AIzaSyAxuVERn-bIKl8t1fV19IpqYCrAgzZCAv0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
947ad21d2c112e6019868a89f666d37aaee3a8e937a8c5ee12a0ce8d0d9c7210
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.travel2haven.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 06:19:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
39781
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1819
x-xss-protection
0
last-modified
Mon, 04 Dec 2023 22:55:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 14 Dec 2024 06:19:26 GMT
Ig4Iq3rUsMg
www.youtube.com/embed/ Frame 2DCB 		93 KB
40 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/Ig4Iq3rUsMg?rel=0
Requested by
Host: www.travel2haven.com
URL: https://www.travel2haven.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0cccace15b68ecf20dd2605e1ccd4122a26ae233c69a1a8ecbcf2a95669ca525
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.travel2haven.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
cross-origin-resource-policy
cross-origin
date
Fri, 15 Dec 2023 17:22:28 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
5832abef6ca44e90a003b16e1ba1ba96.jpg
wtp-prd.s3.us-west-2.amazonaws.com/sites/9040/files/
Redirect Chain
  • https://www.travel2haven.com/Common/showimage.ashx/552788
  • https://wtp-prd.s3.us-west-2.amazonaws.com/sites/9040/files/5832abef6ca44e90a003b16e1ba1ba96.jpg?X-Amz-Expires=86400&response-cache-control=max-age%3D86400&response-content-disposition=inline%3B%20...
1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wtp-prd.s3.us-west-2.amazonaws.com/sites/9040/files/5832abef6ca44e90a003b16e1ba1ba96.jpg?X-Amz-Expires=86400&response-cache-control=max-age%3D86400&response-content-disposition=inline%3B%20filename%3D%22Header-Africa3.jpg%22&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAZWPS3ZQLCKPNIRCY/20231214/us-west-2/s3/aws4_request&X-Amz-Date=20231214T174539Z&X-Amz-SignedHeaders=host&X-Amz-Signature=0fb78dcb11e3d1b479abe9024cf502838334a8aed8cbc22f3411f59121c7e079
Requested by
Host: www.travel2haven.com
URL: https://www.travel2haven.com/
Protocol
HTTP/1.1
Server
52.92.210.42 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-2-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
40757bd22493baa7bea89422d561bfb6c352cb4b6a776c2802bd664b9247ca33

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.travel2haven.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Fri, 15 Dec 2023 17:22:29 GMT
x-amz-version-id
kMnJWPatREx0xteF4tEVlufjybdmFsM8
Last-Modified
Fri, 14 Jun 2019 20:41:25 GMT
Server
AmazonS3
x-amz-request-id
25ANN140JW2948AC
ETag
"54649addade20ecc86861f6018b78cbd"
Content-Type
image/jpeg
Cache-Control
max-age=86400
Content-Disposition
inline; filename="Header-Africa3.jpg"
x-amz-meta-fileid
552788
Accept-Ranges
bytes
x-amz-meta-siteid
9040
Content-Length
1428148
x-amz-id-2
nFHXTGDD4kbo83I/Jnl1grKxg5qg+7w+yJLhFFvakPJ7IC5cwrRgjguRitzY/TgkoX+pbjnBeek=

Redirect headers

date
Fri, 15 Dec 2023 17:22:27 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
text/html; charset=utf-8
location
https://wtp-prd.s3.us-west-2.amazonaws.com/sites/9040/files/5832abef6ca44e90a003b16e1ba1ba96.jpg?X-Amz-Expires=86400&response-cache-control=max-age%3D86400&response-content-disposition=inline%3B%20filename%3D%22Header-Africa3.jpg%22&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAZWPS3ZQLCKPNIRCY/20231214/us-west-2/s3/aws4_request&X-Amz-Date=20231214T174539Z&X-Amz-SignedHeaders=host&X-Amz-Signature=0fb78dcb11e3d1b479abe9024cf502838334a8aed8cbc22f3411f59121c7e079
access-control-allow-origin
*
cache-control
private
access-control-allow-headers
Content-Type
content-length
617
truncated
/ 		555 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2d1b9577b81c87a4694d8ce5032b291d598e81598f8d221a1385e4fdf559bb44

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/svg+xml
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,300i,400,400i,700,700i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.travel2haven.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 01:57:35 GMT
x-content-type-options
nosniff
age
55493
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23580
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:17:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 14 Dec 2024 01:57:35 GMT
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,300i,400,400i,700,700i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.travel2haven.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 06:37:59 GMT
x-content-type-options
nosniff
age
38669
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23040
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:07:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 14 Dec 2024 06:37:59 GMT
S6u9w4BMUTPHh7USSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh7USSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,300i,400,400i,700,700i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.travel2haven.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 01:28:37 GMT
x-content-type-options
nosniff
age
57231
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23236
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:08:26 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 14 Dec 2024 01:28:37 GMT
fontawesome-webfont.woff2
skins.webtreepro.com/skins/common/fontawesome4/fonts/ 		70 KB
71 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://skins.webtreepro.com/skins/common/fontawesome4/fonts/fontawesome-webfont.woff2?v=4.6.3
Requested by
Host: skins.webtreepro.com
URL: https://skins.webtreepro.com/skins/common/fontawesome4/css/font-awesome.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:210b:c000:16:4349:fe00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73

Request headers

Referer
https://skins.webtreepro.com/skins/common/fontawesome4/css/font-awesome.min.css
Origin
https://www.travel2haven.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 19:21:43 GMT
x-amz-version-id
rfdpZTIcTbkKH2CE3H3dy4GMKODJ38TI
via
1.1 1391cb3b815aa63859ec0cff5767737c.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C3
age
79245
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
71896
last-modified
Thu, 23 Nov 2023 12:13:01 GMT
server
AmazonS3
etag
"e6cf7c6ec7c2d6f670ae9d762604cb0b"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
*
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges
bytes
x-amz-cf-id
g18BzWDdQzxMVstVr17RxNw9JqQptZCWzlbwtPZhIMv5_-RKoLqPAg==
cdc80ece152b46d09ca22d7290411d59.jpg
wtp-prd.s3.us-west-2.amazonaws.com/sites/11018/files/
Redirect Chain
  • https://www.travel2haven.com/Common/Showimage.ashx/604858
  • https://wtp-prd.s3.us-west-2.amazonaws.com/sites/11018/files/cdc80ece152b46d09ca22d7290411d59.jpg?X-Amz-Expires=86400&response-cache-control=max-age%3D86400&response-content-disposition=inline%3B%2...
185 KB
185 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wtp-prd.s3.us-west-2.amazonaws.com/sites/11018/files/cdc80ece152b46d09ca22d7290411d59.jpg?X-Amz-Expires=86400&response-cache-control=max-age%3D86400&response-content-disposition=inline%3B%20filename%3D%22travel-logo-design.jpg%22&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAZWPS3ZQLCKPNIRCY/20231214/us-west-2/s3/aws4_request&X-Amz-Date=20231214T192141Z&X-Amz-SignedHeaders=host&X-Amz-Signature=9365e600c4b5666dc1d659d4dc29ff656b4c02f564678f36fa0114ea12166eb1
Requested by
Host: www.travel2haven.com
URL: https://www.travel2haven.com/
Protocol
HTTP/1.1
Server
52.92.210.42 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-2-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
ff0950c68e981f92bc4c53e50b5120750f1ec2cae7b4c16b4880e6f2c4c67df2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.travel2haven.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Fri, 15 Dec 2023 17:22:29 GMT
x-amz-version-id
yVtCSp4xUnWkiCRbGiDh4N97azH27rbg
x-amz-request-id
25ATEPRXZBCW0ZYB
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
Content-Disposition
inline; filename="travel-logo-design.jpg"
x-amz-meta-fileid
604858
x-amz-meta-siteid
11018
Content-Length
189019
x-amz-id-2
cmz62j9Zna0bb5KqK7Oc41NxvX9SJ2TXQks9QgXPEW6NqGvGAo8zfm4yA4gn6zHc8Wfg+uJuAE8=
Last-Modified
Sat, 18 Nov 2023 00:24:11 GMT
Server
AmazonS3
ETag
"2ecf7364cd78b7222311518159a72179"
Content-Type
image/jpeg
Cache-Control
max-age=86400
Accept-Ranges
bytes

Redirect headers

date
Fri, 15 Dec 2023 17:22:27 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
text/html; charset=utf-8
location
https://wtp-prd.s3.us-west-2.amazonaws.com/sites/11018/files/cdc80ece152b46d09ca22d7290411d59.jpg?X-Amz-Expires=86400&response-cache-control=max-age%3D86400&response-content-disposition=inline%3B%20filename%3D%22travel-logo-design.jpg%22&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAZWPS3ZQLCKPNIRCY/20231214/us-west-2/s3/aws4_request&X-Amz-Date=20231214T192141Z&X-Amz-SignedHeaders=host&X-Amz-Signature=9365e600c4b5666dc1d659d4dc29ff656b4c02f564678f36fa0114ea12166eb1
access-control-allow-origin
*
cache-control
private
access-control-allow-headers
Content-Type
content-length
622
Tracking.ashx
www.travel2haven.com/Tracking/ 		43 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.travel2haven.com/Tracking/Tracking.ashx?siteId=11018&pageId=142664&pageTitle=Home%20TRAVEL%202%20HAVEN&url=https%3A%2F%2Fwww.travel2haven.com%2F&referrer=&track=1702660947900
Requested by
Host: www.travel2haven.com
URL: https://www.travel2haven.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.25.132.181 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-25-132-181.us-west-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.travel2haven.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Dec 2023 17:22:27 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
Content-Type
content-length
43
expires
-1
www-player.css
www.youtube.com/s/player/d23221b6/ Frame 2DCB 		366 KB
47 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/d23221b6/www-player.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/Ig4Iq3rUsMg?rel=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee11928e9a31b92c22b88f0c49dae1f791043fe071dacf46b848efe85254c003
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.youtube.com/embed/Ig4Iq3rUsMg?rel=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 18:14:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
169686
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48218
x-xss-protection
0
last-modified
Wed, 13 Dec 2023 02:47:51 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 12 Dec 2024 18:14:22 GMT
embed.js
www.youtube.com/s/player/d23221b6/player_ias.vflset/en_US/ Frame 2DCB 		52 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/d23221b6/player_ias.vflset/en_US/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/Ig4Iq3rUsMg?rel=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
423e4d25aa44ebb87acf362a69dc084449650df8fd4f7d325d2f4a136075726c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.youtube.com/embed/Ig4Iq3rUsMg?rel=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 00:04:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
62262
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16627
x-xss-protection
0
last-modified
Wed, 13 Dec 2023 02:47:51 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 14 Dec 2024 00:04:46 GMT
www-embed-player.js
www.youtube.com/s/player/d23221b6/www-embed-player.vflset/ Frame 2DCB 		322 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/d23221b6/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/Ig4Iq3rUsMg?rel=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0c71106628b235959659a80caca8df6f9e8dfc9eac825605e79d2738726f287d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.youtube.com/embed/Ig4Iq3rUsMg?rel=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 05:14:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
43676
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
98540
x-xss-protection
0
last-modified
Wed, 13 Dec 2023 02:47:51 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 14 Dec 2024 05:14:32 GMT
base.js
www.youtube.com/s/player/d23221b6/player_ias.vflset/en_US/ Frame 2DCB 		2 MB
768 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/d23221b6/player_ias.vflset/en_US/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/Ig4Iq3rUsMg?rel=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7f19936a920a8171fd23d2e11b15228bf208b542066e72f8689afd2e2f2ce934
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.youtube.com/embed/Ig4Iq3rUsMg?rel=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 02:35:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
53236
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
786314
x-xss-protection
0
last-modified
Wed, 13 Dec 2023 02:47:51 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 14 Dec 2024 02:35:12 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 2DCB 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/Ig4Iq3rUsMg?rel=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 10:08:34 GMT
x-content-type-options
nosniff
age
26034
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 14 Dec 2024 10:08:34 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 2DCB 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/Ig4Iq3rUsMg?rel=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 01:09:07 GMT
x-content-type-options
nosniff
age
58401
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 14 Dec 2024 01:09:07 GMT
SaveDevice
www.travel2haven.com/Common/AjaxPublishedModeHelpers.asmx/ 		201 B
374 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.travel2haven.com/Common/AjaxPublishedModeHelpers.asmx/SaveDevice
Requested by
Host: www.travel2haven.com
URL: https://www.travel2haven.com/dynamicScriptBundle/638363111863879268/cQUAAB-LCAAAAAAABACtVNtu2zAM_ZrsrQGW7QeCLNsypECBtnktZIt2GEuiJlGJ8_ejY2FVLi2wy5Opcw4p3uTJrPkRJ7Nm9zNBOE538cPkHDlAxQHAByrJmqhDiBl6Cqru0LWFWYrjoaFqBzWXYEPBRofewxncIcXOkoYSVDvVfwfjIcQFWUvuOs-Ev827hCV_YP_iySdfgo74OHCvxQ3IDUXuwon1UppqQWfZbpBVRBw5KD-16G4Te2VQK6ZwSVfU/X3rl6ypDdfe8ysyaWnT3EKNcPojm0o4z7DlC2GDECg3yMXfqDed3HLPH3PuXexUZwkP2eQLrjeLRXn9bg9JywVK3IIBPlcG4LWZWFpgYTdlW9Ep_AX5dhrJsC8pZcKmkhrN8trSHsHIMjm-wMQ0Vpyq-xTWSYeYWKTJZkY_F5PUSa-xbGUFWZ8pHD5uLCV6HGJG51isnp82ni8IYem7QmGLcp25U_aNEhlBMvo8npFRtldMGKiUzDckxWrjbf55-nM7-/JJ1yhvMWXH189FCjVMZ4AjXEjsn_bczxYQ7dvAq-UEFm_k_Rv4LiFEA_BLLESO4_ZLzsa5Mi7mHZy9xRsr7RB1m5oBzwoNcoK5D3ZTycP7Xiz1hLhrKql2cR_gJglExBcQUAAA2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.25.132.181 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-25-132-181.us-west-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3380129eceeb93fca297ec9712ab4cc282625f12201fee7b2866ab353217fbf

Request headers

Accept
*/*
Referer
https://www.travel2haven.com/
X-Requested-With
XMLHttpRequest
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

date
Fri, 15 Dec 2023 17:22:27 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=0
access-control-allow-headers
Content-Type
content-length
201
679_SmallHeader.jpg
www.travelleaders.com/PromoImage/ 		81 KB
81 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.travelleaders.com/PromoImage/679_SmallHeader.jpg
Requested by
Host: www.travel2haven.com
URL: https://www.travel2haven.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:b92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
e7fe43eaec95020ea5557ff0a349cfb6bb799572c9325492982243da8c65b04d
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'
Public-Key-Pins pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.travel2haven.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 17:22:28 GMT
content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'
x-content-type-options
nosniff
cf-cache-status
HIT
age
1372
x-powered-by
ASP.NET
content-length
82808
x-xss-protection
1; mode=block
public-key-pins
pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
referrer-policy
no-referrer-when-downgrade
cf-bgj
h2pri
last-modified
Tue, 06 Jun 2017 14:15:10 GMT
server
cloudflare
etag
"fa9b804ecfded21:0"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
83605e700861747a-MIA
expires
Fri, 15 Dec 2023 21:22:28 GMT
680_SmallHeader.jpg
www.travelleaders.com/PromoImage/ 		105 KB
105 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.travelleaders.com/PromoImage/680_SmallHeader.jpg
Requested by
Host: www.travel2haven.com
URL: https://www.travel2haven.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:b92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
e19dddb0cf13166029cfb2bfeb9be94396dfe00b9a4888b61301ad0715bec25d
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'
Public-Key-Pins pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.travel2haven.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 17:22:28 GMT
content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'
x-content-type-options
nosniff
cf-cache-status
HIT
age
1372
x-powered-by
ASP.NET
content-length
107427
x-xss-protection
1; mode=block
public-key-pins
pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
referrer-policy
no-referrer-when-downgrade
cf-bgj
h2pri
last-modified
Fri, 05 Jul 2019 17:14:34 GMT
server
cloudflare
etag
"f21dc31d5533d51:0"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
83605e700865747a-MIA
expires
Fri, 15 Dec 2023 21:22:28 GMT
775_SmallHeader.jpg
www.travelleaders.com/PromoImage/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.travelleaders.com/PromoImage/775_SmallHeader.jpg
Requested by
Host: www.travel2haven.com
URL: https://www.travel2haven.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:b92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
925b37e3b6fb662999f0620712ae14f315c271342f398797b926c47bcd295795
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'
Public-Key-Pins pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.travel2haven.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 17:22:28 GMT
content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'
x-content-type-options
nosniff
cf-cache-status
HIT
age
1372
x-powered-by
ASP.NET
content-length
29914
x-xss-protection
1; mode=block
public-key-pins
pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
referrer-policy
no-referrer-when-downgrade
cf-bgj
h2pri
last-modified
Mon, 11 Apr 2016 18:00:37 GMT
server
cloudflare
etag
"1445aed1c94d11:0"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
83605e70086b747a-MIA
expires
Fri, 15 Dec 2023 21:22:28 GMT
662_SmallHeader.jpg
www.travelleaders.com/PromoImage/ 		146 KB
146 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.travelleaders.com/PromoImage/662_SmallHeader.jpg
Requested by
Host: www.travel2haven.com
URL: https://www.travel2haven.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:b92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
626fcb051d2ee2312e3bc95031bcc3b5ea59358acc5c43aab2fef0315c4f1588
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'
Public-Key-Pins pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.travel2haven.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 17:22:28 GMT
content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'
x-content-type-options
nosniff
cf-cache-status
HIT
age
1372
x-powered-by
ASP.NET
content-length
149642
x-xss-protection
1; mode=block
public-key-pins
pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
referrer-policy
no-referrer-when-downgrade
cf-bgj
h2pri
last-modified
Fri, 28 Jul 2017 20:16:46 GMT
server
cloudflare
etag
"bdc8e36fde7d31:0"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
83605e70086f747a-MIA
expires
Fri, 15 Dec 2023 21:22:28 GMT
15267_SmallHeader.jpg
www.travelleaders.com/PromoImage/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.travelleaders.com/PromoImage/15267_SmallHeader.jpg
Requested by
Host: www.travel2haven.com
URL: https://www.travel2haven.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:b92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
c2441b4e9133f13f2967cc50cdb5f304dffbc893074251f25980b459cc65d99a
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'
Public-Key-Pins pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.travel2haven.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 17:22:28 GMT
content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'
x-content-type-options
nosniff
cf-cache-status
HIT
age
1372
x-powered-by
ASP.NET
content-length
29378
x-xss-protection
1; mode=block
public-key-pins
pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000
referrer-policy
no-referrer-when-downgrade
cf-bgj
h2pri
last-modified
Tue, 10 Oct 2023 12:38:19 GMT
server
cloudflare
etag
"ebc624a676fbd91:0"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
83605e700871747a-MIA
expires
Fri, 15 Dec 2023 21:22:28 GMT
bx_loader.gif
skins.webtreepro.com/skins/tlgleadersedge/images/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://skins.webtreepro.com/skins/tlgleadersedge/images/bx_loader.gif
Requested by
Host: skins.webtreepro.com
URL: https://skins.webtreepro.com/skins/tlgleadersedge/default.css?t=638186904604970000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:210b:c000:16:4349:fe00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6d46e2cf165a5a0584afba7bc9663da292ee08c97cfc7613de6013ed05be892a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://skins.webtreepro.com/skins/tlgleadersedge/default.css?t=638186904604970000
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
qH4raoxuFn.NXuy9MmbMwztenlC8TAim
date
Fri, 15 Dec 2023 08:24:26 GMT
via
1.1 2363b636adbc739d5f9806cb41e6d226.cloudfront.net (CloudFront)
last-modified
Thu, 23 Nov 2023 12:13:17 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-C3
age
37935
x-amz-server-side-encryption
AES256
etag
"931bdb6b50816b03206c66921760b246"
x-cache
Hit from cloudfront
content-type
image/gif
accept-ranges
bytes
content-length
8581
x-amz-cf-id
WXmPDWrk-Lebun1dmE4IjPWK7gS6EFD5Lmn7RppPgZgHto12ci0oag==
id
googleads.g.doubleclick.net/pagead/ Frame 2DCB
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
100 B
242 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/Ig4Iq3rUsMg?rel=0
Protocol
H2
Server
2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6bdf9b1cf9aa00f817027dcf989f0ca5b0021c614d81570ae53b56f0ceca5f58
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 17:22:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
120
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 15 Dec 2023 17:22:29 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame 2DCB 		29 B
494 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/d23221b6/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 17:21:57 GMT
x-content-type-options
nosniff
age
32
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29
x-xss-protection
0
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 15 Dec 2023 17:36:57 GMT
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Fri, 15 Dec 2023 17:22:28 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 2DCB 		86 KB
40 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/d23221b6/player_ias.vflset/en_US/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
bd578b43e569730cfd769c27990b6c78c418d73cbdbf22d4de9a0f723be7886a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Fri, 15 Dec 2023 17:22:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
40675
x-xss-protection
0
remote.js
www.youtube.com/s/player/d23221b6/player_ias.vflset/en_US/ Frame 2DCB 		116 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/d23221b6/player_ias.vflset/en_US/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/d23221b6/player_ias.vflset/en_US/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d065099ccf0a0a61ade77c45457a9064ce7566f1bd58306608e3caad1ba15c9e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.youtube.com/embed/Ig4Iq3rUsMg?rel=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 15:16:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
7580
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33540
x-xss-protection
0
last-modified
Wed, 13 Dec 2023 02:47:51 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 14 Dec 2024 15:16:09 GMT
Tsw0Yn1BA_u41wm3FNlInuFvbxWhU_qzb8oN8tyvKnc.js
www.google.com/js/th/ Frame 2DCB 		51 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/th/Tsw0Yn1BA_u41wm3FNlInuFvbxWhU_qzb8oN8tyvKnc.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/d23221b6/player_ias.vflset/en_US/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4ecc34627d4103fbb8d709b714d9489ee16f6f15a153fab36fca0df2dcaf2a77
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 00:18:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
61433
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19777
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:30:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 14 Dec 2024 00:18:36 GMT
maxresdefault.jpg
i.ytimg.com/vi/Ig4Iq3rUsMg/ Frame 2DCB 		92 KB
93 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/Ig4Iq3rUsMg/maxresdefault.jpg?sqp=-oaymwEmCIAKENAF8quKqQMa8AEB-AHUBoAC4AOKAgwIABABGHIgRCgtMA8=&rs=AOn4CLDMaZWKbGMVcT0Bseel71oqcbit1w
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/Ig4Iq3rUsMg?rel=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:808::2016 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1eef24f9d3963d079a618d936228fe399bfc53e21fc84515d824c510e7812886
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 16:36:55 GMT
x-content-type-options
nosniff
age
2734
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
94309
x-xss-protection
0
server
sffe
etag
"1613750382"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 15 Dec 2023 18:36:55 GMT
truncated
/ Frame 2DCB 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/png
AIf8zZS5IzQDPV504TT0cKoyKIjdi0q-qD0d9p5RprMhbg=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 2DCB 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/ytc/AIf8zZS5IzQDPV504TT0cKoyKIjdi0q-qD0d9p5RprMhbg=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/Ig4Iq3rUsMg?rel=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
977a6f0aaf7956fc999a7726714637863760ec87d4413e91e386ca10930312db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 15:12:42 GMT
x-content-type-options
nosniff
age
7787
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2699
x-xss-protection
0
server
fife
etag
"va0"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sat, 16 Dec 2023 15:12:42 GMT
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame 2DCB 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/d23221b6/player_ias.vflset/en_US/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 17:22:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 15 Dec 2023 17:22:29 GMT
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Fri, 15 Dec 2023 17:22:29 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 2DCB 		90 B
134 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/d23221b6/player_ias.vflset/en_US/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c9d3848274248c0db2a953f269abac0ce7d2ee558803507b00bb3f8e879f481f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Fri, 15 Dec 2023 17:22:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
110
x-xss-protection
0
generate_204
www.youtube.com/ Frame 2DCB 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/generate_204?xcOwwg
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/Ig4Iq3rUsMg?rel=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.youtube.com/embed/Ig4Iq3rUsMg?rel=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 17:22:29 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cast_sender.js
www.gstatic.com/eureka/clank/120/ Frame 2DCB 		50 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/eureka/clank/120/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 14:16:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
11156
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14705
x-xss-protection
0
last-modified
Mon, 23 Oct 2023 15:04:43 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview-release"
vary
Accept-Encoding
report-to
{"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Sat, 16 Dec 2023 14:16:33 GMT
map.js
maps.google.com/maps-api-v3/api/js/55/4/ 		71 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.google.com/maps-api-v3/api/js/55/4/map.js
Requested by
Host: maps.google.com
URL: https://maps.google.com/maps/api/js?key=AIzaSyAxuVERn-bIKl8t1fV19IpqYCrAgzZCAv0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0cf6d91acfbd231daa3ccf96e67596a75ea04458209786b2814f13a7f14fbf6c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.travel2haven.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 15:19:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
7364
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23771
x-xss-protection
0
last-modified
Mon, 04 Dec 2023 22:55:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 14 Dec 2024 15:19:45 GMT
marker.js
maps.google.com/maps-api-v3/api/js/55/4/ 		69 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.google.com/maps-api-v3/api/js/55/4/marker.js
Requested by
Host: maps.google.com
URL: https://maps.google.com/maps/api/js?key=AIzaSyAxuVERn-bIKl8t1fV19IpqYCrAgzZCAv0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f0ba34bf0fbc8ccaa9a597672fb01eca50badae22dbe66abb07e29b18beeea13
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.travel2haven.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 16:46:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
2187
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21956
x-xss-protection
0
last-modified
Mon, 04 Dec 2023 22:55:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 14 Dec 2024 16:46:02 GMT
log_event
www.youtube.com/youtubei/v1/ Frame 2DCB 		28 B
50 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/d23221b6/www-embed-player.vflset/www-embed-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
X-Goog-Request-Time
1702660951009
Content-Type
application/json
X-YouTube-Utc-Offset
-600
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/Ig4Iq3rUsMg?rel=0
X-YouTube-Client-Version
1.20231212.01.00
X-YouTube-Time-Zone
Pacific/Honolulu
X-Goog-Visitor-Id
Cgs1SjN1VkFKYXVtSSjUlvKrBjIKCgJVUxIEGgAgIA%3D%3D
X-YouTube-Ad-Signals
dt=1702660948665&flash=0&frm=2&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C892%2C533&vis=1&wgl=true&ca_type=image

Response headers

date
Fri, 15 Dec 2023 17:22:31 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31
x-xss-protection
0

Verdicts & Comments Add Verdict or Comment

198 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| documentPictureInPicture string| tb_pathToImage string| tb_pathToImageBlock object| image string| _waitMessage string| m_virtualDirectory string| m_environment function| createCookie function| readCookie function| eraseCookie function| doTracking function| doClick function| _uriEncode function| _uriDecode object| deconcept function| getQueryParamValue function| FlashObject function| SWFObject function| setHookOnSubmit function| autoCalcHeight function| _bindKioskMode function| _isSizeClass function| _parseRawParams function| _parseSize function| ajaxHelperCall function| WTP_Popup object| wtpPopup function| wtp_popup function| wtp_popupCenter function| wtp_closePopup function| wtpMessage function| wtpMessageModal function| wtpMessageWarning function| wtpMessageSuccess function| wtpMessageError function| wtpMessageAlert object| ajaxLoginMessagesUserVisibilityHelpers undefined| loginMessages undefined| currentPosition undefined| currentMessage string| txtMessageContent function| saveLoginMessagesUserVisibility function| showLoginMessages function| showMessage function| getDecodedMessaggeContent function| showRow function| onClosePopup function| clearFields function| onSaveMessageSuccessfully function| onSaveMessageError function| openBootboxIframe function| openBootbox object| ipadDetection object| ajaxTLGHelpers function| isValidEmailAddress object| ajaxEditorHelpers function| $ function| jQuery number| isNode object| cache number| id function| DP_jQuery_1702660947522 object| jQuery112409997977372759459 function| noty object| bootbox object| Handlebars object| cookieconsent object| theForm function| __doPostBack object| pageData object| google object| module$exports$mapsapi$geometry$spherical object| reactiveElementVersions object| module$contents$mapsapi$overlay$overlayView_OverlayView function| setMap function| codeAddress object| geocoder function| Sys$Enum$parse function| Sys$Enum$toString function| Sys$Component$_setProperties function| Sys$Component$_setReferences function| $create function| $removeHandler function| $get function| $find function| $addHandler function| $addHandlers function| $clearHandlers function| Type object| Sys object| _events function| WebForm_PostBackOptions function| WebForm_DoPostBackWithOptions function| WebForm_DoCallback function| WebForm_CallbackComplete function| WebForm_ExecuteCallback function| WebForm_FillFirstAvailableSlot function| WebForm_InitCallback function| WebForm_InitCallbackAddField function| WebForm_EncodeCallback function| WebForm_ReEnableControls function| WebForm_ReDisableControls function| WebForm_SimulateClick function| WebForm_FireDefaultButton function| WebForm_GetScrollX function| WebForm_GetScrollY function| WebForm_SaveScrollPositionSubmit function| WebForm_SaveScrollPositionOnSubmit function| WebForm_RestoreScrollPosition function| WebForm_TextBoxKeyHandler function| WebForm_TrimString function| WebForm_AppendToClassName function| WebForm_RemoveClassName function| WebForm_GetElementById function| WebForm_GetElementByTagName function| WebForm_GetElementsByTagName function| WebForm_GetElementDir function| WebForm_GetElementPosition function| WebForm_GetParentByTagName function| WebForm_SetElementHeight function| WebForm_SetElementWidth function| WebForm_SetElementX function| WebForm_SetElementY function| ValidatorUpdateDisplay function| ValidatorUpdateIsValid function| AllValidatorsValid function| ValidatorHookupControlID function| ValidatorHookupControl function| ValidatorHookupEvent function| ValidatorGetValue function| ValidatorGetValueRecursive function| Page_ClientValidate function| ValidatorCommonOnSubmit function| ValidatorEnable function| ValidatorOnChange function| ValidatedTextBoxOnKeyPress function| ValidatedControlOnBlur function| ValidatorValidate function| ValidatorSetFocus function| IsInVisibleContainer function| IsValidationGroupMatch function| ValidatorOnLoad function| ValidatorConvert function| ValidatorCompare function| CompareValidatorEvaluateIsValid function| CustomValidatorEvaluateIsValid function| RegularExpressionValidatorEvaluateIsValid function| ValidatorTrim function| RequiredFieldValidatorEvaluateIsValid function| RangeValidatorEvaluateIsValid function| ValidationSummaryOnSubmit function| WebForm_FindFirstFocusableChild function| WebForm_AutoFocus function| WebForm_CanFocus function| WebForm_IsFocusableTag function| WebForm_IsInVisibleContainer function| GridView function| GridView_createPropertyString function| GridView_setStateValue function| GridView_OnCallback function| GridView_getHiddenFieldContents function| createPropertyStringFromValues_GridView function| DetailsView function| DetailsView_createPropertyString function| DetailsView_setStateValue function| DetailsView_OnCallback function| DetailsView_getHiddenFieldContents function| createPropertyStringFromValues_DetailsView function| TreeView_HoverNode function| TreeView_GetNodeText function| TreeView_PopulateNode function| TreeView_ProcessNodeData function| TreeView_SelectNode function| TreeView_ToggleNode function| TreeView_UnhoverNode object| __pendingCallbacks number| __synchronousCallBackIndex boolean| __nonMSDOMBrowser string| __theFormPostData object| __theFormPostCollection object| __callbackTextTypes object| __disabledControlArray string| Page_ValidationVer boolean| Page_IsValid boolean| Page_BlockSubmit object| Page_InvalidControlToBeFocused object| Page_TextTypes object| _toolbarSetup object| iMeanScreenWidth number| oldMeanScreenWidth function| getScreenWidth object| Page_Validators object| Page_ValidationSummaries boolean| Page_ValidationActive object| $ULs function| onorientationchange

7 Cookies

Domain/Path Name / Value
8l6b.vacation.escapevacations.com/ Name: ASP.NET_SessionId
Value: 1aeglntes0ybwn1he0kq3spl
www.travel2haven.com/ Name: ASP.NET_SessionId
Value: vshvrsnt5t4gpykjca5lkta0
.youtube.com/ Name: YSC
Value: yiisXtHVTJA
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: 5J3uVAJaumI
www.travel2haven.com/ Name: WTP_Tracking_11018
Value: 46fe36df-62d2-41e0-b4cb-fd88113ef2b6
www.travel2haven.com/ Name: screen_width
Value: 1600
www.travel2haven.com/ Name: device_type
Value: Unknown

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8l6b.vacation.escapevacations.com
agentprofiler.travelleaders.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.imgur.com
i.ytimg.com
jnn-pa.googleapis.com
maps.google.com
maps.googleapis.com
skins.webtreepro.com
static.doubleclick.net
wtp-prd.s3.us-west-2.amazonaws.com
www.google.com
www.gstatic.com
www.travel2haven.com
www.travelleaders.com
www.youtube.com
yt3.ggpht.com
146.75.32.193
2600:9000:210b:c000:16:4349:fe00:93a1
2606:4700::6812:b92
2607:f8b0:4006:808::2016
2607:f8b0:4006:80b::200e
2607:f8b0:4006:80f::2003
2607:f8b0:4006:80f::2004
2607:f8b0:4006:816::2006
2607:f8b0:4006:81d::2003
2607:f8b0:4006:81e::200a
2607:f8b0:4006:81e::200e
2607:f8b0:4006:821::2001
2607:f8b0:4006:822::2002
2607:f8b0:4006:822::200a
2607:f8b0:4006:824::200a
52.25.132.181
52.88.130.181
52.92.210.42
0130a8dceb8fc8165defe555fb6311120ce66f1ee2a51abe20990eb2bffc6f66
0702a0cb8bcb18643cddddab91747225c50bb00e71f0529f61a2bd558a003cdb
0b5ccf8ec360d4ce45730aac1718af91e431ee6379282eebc3f44476363a52c7
0c71106628b235959659a80caca8df6f9e8dfc9eac825605e79d2738726f287d
0ca722bc1c654b88f46c7ffce0d76198c73b049d901481bcbf2a2326f07d0116
0cccace15b68ecf20dd2605e1ccd4122a26ae233c69a1a8ecbcf2a95669ca525
0cf6d91acfbd231daa3ccf96e67596a75ea04458209786b2814f13a7f14fbf6c
0de19020d8e42a75fedde6e42e68785ef2af78c0c53f01c45e15fd3ed0215563
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
1eef24f9d3963d079a618d936228fe399bfc53e21fc84515d824c510e7812886
20383d22a70c230ed85c59040fa6586bc8beb7dc4353ea59a6670cb609100d12
228e7abc6f0b491c177be9ee528856caf19ea3135c014713cc67ad64f2ae50b6
27c88a44dd992612a5b57ac22fd869898b2e8b513f75155f4f91e79050f2a255
2d1b9577b81c87a4694d8ce5032b291d598e81598f8d221a1385e4fdf559bb44
2f828220b9dd6c92f5c9c096bfa3bb3fbc579380e2b0ec1e4733d850e116a7f1
38e16f15e0f3294a97b254a8332d9f7823dece3e40744a293b4334b9dd7845d2
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
40757bd22493baa7bea89422d561bfb6c352cb4b6a776c2802bd664b9247ca33
423e4d25aa44ebb87acf362a69dc084449650df8fd4f7d325d2f4a136075726c
4392b66d78b176d805a564911c8edd0689998491d6ab8377ffb39cddd042b083
4823bf9e997f3e4691ce2d7eac0b7c667a5f35a0872c7b7c53402715843394c6
4ecc34627d4103fbb8d709b714d9489ee16f6f15a153fab36fca0df2dcaf2a77
5a3d8c05785485d36ee5c94d4681e5b1d9e4b94c5be8b5bd7b0f3168fff1bd9a
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5d568d9b55dd75f83b3bd73267d08b84815b207864b5dc00eb38c18eb98b192e
62111d547566facf1f3b8022f6c468b4554d7d3e5e6d68ca514112709219cdef
626fcb051d2ee2312e3bc95031bcc3b5ea59358acc5c43aab2fef0315c4f1588
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6b9f1135ba160e5dc694ad7977f6bf73d40d3c15742b14ca8910ea23bb3e6e79
6bdf9b1cf9aa00f817027dcf989f0ca5b0021c614d81570ae53b56f0ceca5f58
6d46e2cf165a5a0584afba7bc9663da292ee08c97cfc7613de6013ed05be892a
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
7f19936a920a8171fd23d2e11b15228bf208b542066e72f8689afd2e2f2ce934
8250d7e9fc2cfadd8e9a3022bb66c06a16a2cede04b5ac9f4c83872f7f903cde
904f63842105f4bc8cf46cc7a080b96f54eb7aa9de1d9ddfcbabe7a6a9419ce6
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
925b37e3b6fb662999f0620712ae14f315c271342f398797b926c47bcd295795
947ad21d2c112e6019868a89f666d37aaee3a8e937a8c5ee12a0ce8d0d9c7210
969dace001ef24f99f38bd00c5578b85ba9368e77a5667cfcaeaa29d2f57657b
977a6f0aaf7956fc999a7726714637863760ec87d4413e91e386ca10930312db
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9d698116307e36bcfc8bf63bb76c0ce742f65c605b7482453218d48735485663
a78e9e80a951a4a1c522745ee893c891a91d429dc6b66c5901b79d5ee4715e5c
ac7e983629cc7e54599642979b3e68791326a7ae5e3f49e659def46ffd7870f9
bd578b43e569730cfd769c27990b6c78c418d73cbdbf22d4de9a0f723be7886a
c2441b4e9133f13f2967cc50cdb5f304dffbc893074251f25980b459cc65d99a
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c74de294d62dc2dd72dfe867e68e831c8651d4d9b266bb023ee8eee1f1a831f1
c9d3848274248c0db2a953f269abac0ce7d2ee558803507b00bb3f8e879f481f
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
d065099ccf0a0a61ade77c45457a9064ce7566f1bd58306608e3caad1ba15c9e
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
db108a435cc382203c1258d77693c7ab892ce10e22c5e156075d2128d2ee8403
de42d8cbc7c07a7bc2f982160df5a12165645e5d5cb73eb99ba6dd280894ac37
df178a76e5527927a54a4ee4b0d9f28c40a1925cc7e5aa5db16a8ba9fdf0b3ce
dfbf5b584d442b984225b38ac999fa488f6157b2bf6dd015afc7d3d3d1f98c29
e19dddb0cf13166029cfb2bfeb9be94396dfe00b9a4888b61301ad0715bec25d
e3380129eceeb93fca297ec9712ab4cc282625f12201fee7b2866ab353217fbf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e69abd7e0cc82f336e61fea889e406ecbbeb7ece1df960231b7a9ba0d1dd1676
e759dc710ec6d9f9438d5a77f834b247254512fb90cf520764ab591db32cf5cb
e7fe43eaec95020ea5557ff0a349cfb6bb799572c9325492982243da8c65b04d
ed0f05101d480726c58bcd4956a1e7b02f12b538d02058f1b0ebfdabe8a7ef42
ee11928e9a31b92c22b88f0c49dae1f791043fe071dacf46b848efe85254c003
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
f0ba34bf0fbc8ccaa9a597672fb01eca50badae22dbe66abb07e29b18beeea13
f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660
ff0950c68e981f92bc4c53e50b5120750f1ec2cae7b4c16b4880e6f2c4c67df2