click.deals.shermanstravel.com Open in urlscan Pro
52.55.116.184 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://click.deals.shermanstravel.com/1742090/326/4-nt-bahamas-cruise-incl-new-private-island-w-free-balcony-upgrade-onboard-credit-more
Submission: On October 20 via api (October 20th 2022, 7:07:25 pm UTC) from CA — Scanned from CA

Summary HTTP 67 Redirects Behaviour Indicators

Summary

This website contacted 30 IPs in 1 countries across 28 domains to perform 67 HTTP transactions. The main IP is 52.55.116.184, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is click.deals.shermanstravel.com.
TLS certificate: Issued by Amazon on May 17th 2022. Valid for: a year.

This is the only time click.deals.shermanstravel.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
7	52.55.116.184 52.55.116.184	14618 (AMAZON-AES) (AMAZON-AES)
1	2607:f8b0:400... 2607:f8b0:4006:81c::200a	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:822::200a	15169 (GOOGLE) (GOOGLE)
1	54.159.19.58 54.159.19.58	14618 (AMAZON-AES) (AMAZON-AES)
4	2607:f8b0:400... 2607:f8b0:4006:80b::200e	15169 (GOOGLE) (GOOGLE)
2	2620:116:800b... 2620:116:800b:21:a021:b886:81cc:55cf	14618 (AMAZON-AES) (AMAZON-AES)
1	2607:f8b0:400... 2607:f8b0:4006:81d::2008	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:81e::2003	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c17::9b	15169 (GOOGLE) (GOOGLE)
1	142.251.40.194 142.251.40.194	15169 (GOOGLE) (GOOGLE)
2	2a04:4e42:77::84 2a04:4e42:77::84	54113 (FASTLY) (FASTLY)
2	2a03:2880:f01... 2a03:2880:f012:10c:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
10	2606:4700:20:... 2606:4700:20::681a:316	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.92.161.48 52.92.161.48	16509 (AMAZON-02) (AMAZON-02)
4	99.84.108.72 99.84.108.72	16509 (AMAZON-02) (AMAZON-02)
4	2606:4700::68... 2606:4700::6810:50a5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:208... 2600:9000:208f:b000:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2607:f8b0:400... 2607:f8b0:4006:821::2004	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:816::2003	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:820::2002	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f11... 2a03:2880:f112:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
3	104.77.220.247 104.77.220.247	16625 (AKAMAI-AS) (AKAMAI-AS)
1	20.40.202.0 20.40.202.0	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
6 6	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
5 5	3.212.202.167 3.212.202.167	14618 (AMAZON-AES) (AMAZON-AES)
1 1	23.217.56.119 23.217.56.119	16625 (AKAMAI-AS) (AKAMAI-AS)
2 3	35.190.60.146 35.190.60.146	15169 (GOOGLE) (GOOGLE)
2 2	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	44.238.244.110 44.238.244.110	16509 (AMAZON-02) (AMAZON-02)
1	52.85.130.144 52.85.130.144	16509 (AMAZON-02) (AMAZON-02)
2 2	52.6.87.15 52.6.87.15	14618 (AMAZON-AES) (AMAZON-AES)
1 1	52.73.242.246 52.73.242.246	14618 (AMAZON-AES) (AMAZON-AES)
1	52.203.237.12 52.203.237.12	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:9000:23c... 2600:9000:23cb:de00:11:b97d:c600:21	16509 (AMAZON-02) (AMAZON-02)
1	172.253.62.157 172.253.62.157	15169 (GOOGLE) (GOOGLE)
1	142.250.176.198 142.250.176.198	15169 (GOOGLE) (GOOGLE)
67	30

7 52.55.116.184 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-55-116-184.compute-1.amazonaws.com

click.deals.shermanstravel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81c::200a (United States)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:822::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.159.19.58 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-159-19-58.compute-1.amazonaws.com

landscape.shermanstravel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:80b::200e (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800b:21:a021:b886:81cc:55cf (United States)

ASN14618 (AMAZON-AES, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81d::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:81e::2003 (United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c17::9b (Washington, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.40.194 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s38-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:77::84 (United States)

ASN54113 (FASTLY, US)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f012:10c:face:b00c:0:3 (Secaucus, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700:20::681a:316 (United States)

ASN13335 (CLOUDFLARENET, US)

c.lytics.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.92.161.48 (Boardman, United States)

ASN16509 (AMAZON-02, US)

s3-us-west-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 99.84.108.72 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-108-72.iad79.r.cloudfront.net

nexus.ensighten.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6810:50a5 (United States)

ASN13335 (CLOUDFLARENET, US)

www.lightboxcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:208f:b000:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:821::2004 (United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:816::2003 (United States)

ASN15169 (GOOGLE, US)

www.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:820::2002 (United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f112:83:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.77.220.247 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-77-220-247.deploy.static.akamaitechnologies.com

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.40.202.0 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

lightboxapi.azurewebsites.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 15.197.193.217 (United States) 6 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 3.212.202.167 (Ashburn, United States) 5 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-212-202-167.compute-1.amazonaws.com

cs.choozle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.217.56.119 (New York, United States) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-217-56-119.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.190.60.146 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.64.218 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.238.244.110 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-238-244-110.us-west-2.compute.amazonaws.com

0fknmj8f9h.execute-api.us-west-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.85.130.144 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-130-144.iad50.r.cloudfront.net

d1eoo1tco6rr5e.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.6.87.15 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-6-87-15.compute-1.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.73.242.246 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-73-242-246.compute-1.amazonaws.com

usermatch.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.203.237.12 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-203-237-12.compute-1.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:23cb:de00:11:b97d:c600:21 (United States)

ASN16509 (AMAZON-02, US)

d2r8ootic371nc.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.253.62.157 (United States)

ASN15169 (GOOGLE, US)
PTR: bc-in-f157.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.176.198 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s37-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	lytics.io c.lytics.io — Cisco Umbrella Rank: 5921	52 KB
8	shermanstravel.com click.deals.shermanstravel.com landscape.shermanstravel.com	32 KB
6	adsrvr.org 6 redirects match.adsrvr.org — Cisco Umbrella Rank: 356 insight.adsrvr.org — Cisco Umbrella Rank: 632	3 KB
5	choozle.com 5 redirects cs.choozle.com — Cisco Umbrella Rank: 7252	3 KB
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	233 B
4	lightboxcdn.com www.lightboxcdn.com — Cisco Umbrella Rank: 6296	162 KB
4	ensighten.com nexus.ensighten.com — Cisco Umbrella Rank: 2866	12 KB
4	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 84 googleads.g.doubleclick.net — Cisco Umbrella Rank: 43 bid.g.doubleclick.net — Cisco Umbrella Rank: 444 ad.doubleclick.net — Cisco Umbrella Rank: 185	3 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 32	20 KB
3	rlcdn.com 2 redirects idsync.rlcdn.com — Cisco Umbrella Rank: 344	571 B
3	pinterest.com ct.pinterest.com — Cisco Umbrella Rank: 847	2 KB
3	gstatic.com fonts.gstatic.com	62 KB
3	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 306 fonts.googleapis.com — Cisco Umbrella Rank: 44	35 KB
2	krxd.net 1 redirects usermatch.krxd.net — Cisco Umbrella Rank: 1251 beacon.krxd.net — Cisco Umbrella Rank: 528	558 B
2	demdex.net 2 redirects dpm.demdex.net — Cisco Umbrella Rank: 214	2 KB
2	cloudfront.net d1eoo1tco6rr5e.cloudfront.net d2r8ootic371nc.cloudfront.net	21 KB
2	openx.net 2 redirects us-u.openx.net — Cisco Umbrella Rank: 409	402 B
2	google.ca www.google.ca — Cisco Umbrella Rank: 9257	565 B
2	google.com www.google.com — Cisco Umbrella Rank: 2	565 B
2	amazonaws.com s3-us-west-2.amazonaws.com 0fknmj8f9h.execute-api.us-west-2.amazonaws.com	1 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 151	111 KB
2	pinimg.com s.pinimg.com — Cisco Umbrella Rank: 798	21 KB
2	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 948 pixel.quantserve.com — Cisco Umbrella Rank: 516	10 KB
1	bluekai.com 1 redirects tags.bluekai.com — Cisco Umbrella Rank: 539	509 B
1	azurewebsites.net lightboxapi.azurewebsites.net — Cisco Umbrella Rank: 7110	794 B
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 876	429 B
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 131	15 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 61	70 KB
67	28

	Domain	Requested by
10	c.lytics.io	click.deals.shermanstravel.com c.lytics.io
7	click.deals.shermanstravel.com	click.deals.shermanstravel.com ajax.googleapis.com
5	cs.choozle.com	5 redirects
4	match.adsrvr.org	4 redirects
4	www.facebook.com	click.deals.shermanstravel.com
4	www.lightboxcdn.com	click.deals.shermanstravel.com www.lightboxcdn.com
4	nexus.ensighten.com	www.googletagmanager.com nexus.ensighten.com
4	www.google-analytics.com	click.deals.shermanstravel.com www.google-analytics.com
3	idsync.rlcdn.com	2 redirects click.deals.shermanstravel.com
3	ct.pinterest.com	s.pinimg.com click.deals.shermanstravel.com
3	fonts.gstatic.com	fonts.googleapis.com
2	dpm.demdex.net	2 redirects
2	insight.adsrvr.org	2 redirects
2	us-u.openx.net	2 redirects
2	www.google.ca	click.deals.shermanstravel.com
2	www.google.com	click.deals.shermanstravel.com
2	connect.facebook.net	click.deals.shermanstravel.com connect.facebook.net
2	s.pinimg.com	www.googletagmanager.com s.pinimg.com
2	fonts.googleapis.com	click.deals.shermanstravel.com
1	ad.doubleclick.net	click.deals.shermanstravel.com
1	bid.g.doubleclick.net	www.googleadservices.com
1	d2r8ootic371nc.cloudfront.net	c.lytics.io
1	beacon.krxd.net	d1eoo1tco6rr5e.cloudfront.net
1	usermatch.krxd.net	1 redirects
1	d1eoo1tco6rr5e.cloudfront.net	nexus.ensighten.com
1	0fknmj8f9h.execute-api.us-west-2.amazonaws.com	s3-us-west-2.amazonaws.com
1	tags.bluekai.com	1 redirects
1	lightboxapi.azurewebsites.net	www.lightboxcdn.com
1	pixel.quantserve.com	click.deals.shermanstravel.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	rules.quantcount.com	secure.quantserve.com
1	s3-us-west-2.amazonaws.com	www.googletagmanager.com
1	www.googleadservices.com	www.googletagmanager.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	www.googletagmanager.com	click.deals.shermanstravel.com
1	secure.quantserve.com	click.deals.shermanstravel.com
1	landscape.shermanstravel.com	click.deals.shermanstravel.com
1	ajax.googleapis.com	click.deals.shermanstravel.com
67	38

This site contains no links.

Subject Issuer	Validity	Valid
*.shermanstravel.com Amazon	`2022-05-17` - `2023-06-15`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.pinterest.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-28` - `2023-08-08`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-07-30` - `2022-10-28`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-16` - `2023-05-16`	a year	crt.sh
*.s3-us-west-2.amazonaws.com Amazon	`2021-12-17` - `2022-11-29`	a year	crt.sh
nexus.ensighten.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-07` - `2023-10-14`	a year	crt.sh
ssl1029400.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2022-06-01` - `2022-12-08`	6 months	crt.sh
www.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.google.ca GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.azurewebsites.net Microsoft Azure TLS Issuing CA 01	`2022-03-14` - `2023-03-09`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.execute-api.us-west-2.amazonaws.com Amazon	`2022-07-02` - `2023-07-31`	a year	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh

This page contains 5 frames:

Frame: https://ad.doubleclick.net/ddm/trackclk/N347203.147748SHERMANSTRAVEL/B27042567.324293325;dc_trk_aid=516746308;dc_trk_cid=163719133;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;ltd=
Frame ID: 4EC6704791A5AB6421DD637F5E7C07E1
Requests: 61 HTTP requests in this frame

Frame: https://www.lightboxcdn.com/vendor/065b2c2b-90bd-4ccd-884c-8e621eb02162/lightbox.js?mb=1666292840495&lv=1
Frame ID: EB337579087AF1EEB7AE70EAA17A200D
Requests: 2 HTTP requests in this frame

Frame: https://d1eoo1tco6rr5e.cloudfront.net/ilucn8a/z4a47p5/iframe
Frame ID: 336C7531F688EEC88164C3014FAA32B0
Requests: 2 HTTP requests in this frame

Frame: https://bid.g.doubleclick.net/xbbe/pixel?d=KAE
Frame ID: 764AE4093CE6718B58C592333C02F827
Requests: 1 HTTP requests in this frame

Frame: https://ct.pinterest.com/ct.html
Frame ID: 1C1045B9643ACB3CB4A0A803BCF173C3
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Redirecting you to your deal...

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Ensighten (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

//nexus\.ensighten\.com/

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js

Lightbox (JavaScript Libraries) Expand

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

67
Requests

96 %
HTTPS

47 %
IPv6

28
Domains

38
Subdomains

30
IPs

1
Countries

634 kB
Transfer

2025 kB
Size

23
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 46

https://match.adsrvr.org/track/cmf/generic/?ttd_pid=f4i7a6a&ttd_puid=b88d80fc-7835-4284-bbb5-48a3200fba36&ttd_puid=2033ac07a2eae34026d3189da90d18b6&ttd_tpi=1&gpdr=0 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=f4i7a6a&ttd_puid=b88d80fc-7835-4284-bbb5-48a3200fba36&ttd_puid=2033ac07a2eae34026d3189da90d18b6&ttd_tpi=1&gpdr=0 HTTP 302
https://c.lytics.io/c/provider/thetradedesk?ttd_id=fa9af5c5-6609-4567-8b97-a56478c87def&ttd_puid=b88d80fc-7835-4284-bbb5-48a3200fba36,2033ac07a2eae34026d3189da90d18b6

Request Chain 53

https://cs.choozle.com/dp/chz/26781?d=click.deals.shermanstravel.com&cb=9663790431 HTTP 302
https://cs.choozle.com/sync HTTP 302
https://cs.choozle.com/sync?v=true&cid=a57e0ea1-6ec8-4071-a322-e8b124ad9a3b HTTP 302
https://tags.bluekai.com/site/48443?id=a57e0ea1-6ec8-4071-a322-e8b124ad9a3b&limit=1&redir=https%3A%2F%2Fcs.choozle.com%2Fsync%3Fpid%3D%24_BK_UUID%26dpsync%3Dbk%26cid%3Da57e0ea1-6ec8-4071-a322-e8b124ad9a3b HTTP 302
https://cs.choozle.com/sync?pid=$_BK_UUID&dpsync=bk&cid=a57e0ea1-6ec8-4071-a322-e8b124ad9a3b HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_puid=a57e0ea1-6ec8-4071-a322-e8b124ad9a3b&ttd_pid=gdmv7qs&ttd_tpi=1 HTTP 302
https://cs.choozle.com/sync?pid=fa9af5c5-6609-4567-8b97-a56478c87def&dpsync=ttd&cid=a57e0ea1-6ec8-4071-a322-e8b124ad9a3b HTTP 302
https://idsync.rlcdn.com/459489.gif?partner_uid=a57e0ea1-6ec8-4071-a322-e8b124ad9a3b HTTP 307
https://idsync.rlcdn.com/1000.gif?memo=COGFHBIwCiwIARCp7AEaJGE1N2UwZWExLTZlYzgtNDA3MS1hMzIyLWU4YjEyNGFkOWEzYhAAGg0I6bjGmgYSBQjoBxAAQgBKAA HTTP 307
https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D HTTP 302
https://us-u.openx.net/w/1.0/cm?cc=1&id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D HTTP 302
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=8598928b-b875-4bec-a9bd-e6c6c23a1a8d

Request Chain 56

https://insight.adsrvr.org/tags/ilucn8a/z4a47p5/iframe HTTP 303
https://d1eoo1tco6rr5e.cloudfront.net/ilucn8a/z4a47p5/iframe

Request Chain 57

https://insight.adsrvr.org/track/pxl/?adv=ilucn8a&ct=0:z4a47p5&fmt=3 HTTP 302
https://dpm.demdex.net/ibs:dpid=903&dpuuid=fa9af5c5-6609-4567-8b97-a56478c87def&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Daam HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=903&dpuuid=fa9af5c5-6609-4567-8b97-a56478c87def&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Daam HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam HTTP 302
https://usermatch.krxd.net/um/v2?partner=ttd&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=fa9af5c5-6609-4567-8b97-a56478c87def HTTP 302
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=ttd&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=fa9af5c5-6609-4567-8b97-a56478c87def

67 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request 4-nt-bahamas-cruise-incl-new-private-island-w-free-balcony-upgrade-onboard-credit-more Show response
click.deals.shermanstravel.com/1742090/326/ 15 KB
5 KB 125ms
26ms Document
text/html 52.55.116.184
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://click.deals.shermanstravel.com/1742090/326/4-nt-bahamas-cruise-incl-new-private-island-w-free-balcony-upgrade-onboard-credit-more
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.55.116.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-55-116-184.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 5246c1351922b3cb2b238400e4b80678680f40577d2995fc5f29b8368aa25750

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

content-encoding: gzip
content-type: text/html
date: Thu, 20 Oct 2022 19:07:20 GMT
last-modified: Thu, 13 Aug 2020 18:26:13 GMT
server: nginx

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.8.2/ 91 KB
34 KB 69ms
20ms Script
text/javascript 2607:f8b0:4006:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.8.2/jquery.min.js

Requested by

Host: click.deals.shermanstravel.com
URL: https://click.deals.shermanstravel.com/1742090/326/4-nt-bahamas-cruise-incl-new-private-island-w-free-balcony-upgrade-onboard-credit-more

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://click.deals.shermanstravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 04:19:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 53275
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33621
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 20 Oct 2023 04:19:25 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
532 B 84ms
35ms Stylesheet
text/css 2607:f8b0:4006:822::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:400,400i,700,700i

Requested by

Host: click.deals.shermanstravel.com
URL: https://click.deals.shermanstravel.com/1742090/326/4-nt-bahamas-cruise-incl-new-private-island-w-free-balcony-upgrade-onboard-credit-more

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aed5ccd9a1464ec082338fd88b0b73b810af66c72b4adffe270607212d4693a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://click.deals.shermanstravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 20 Oct 2022 19:07:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 18:31:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 20 Oct 2022 19:07:20 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
1 KB 83ms
34ms Stylesheet
text/css 2607:f8b0:4006:822::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Condensed

Requested by

Host: click.deals.shermanstravel.com
URL: https://click.deals.shermanstravel.com/1742090/326/4-nt-bahamas-cruise-incl-new-private-island-w-free-balcony-upgrade-onboard-credit-more

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

80efbfcfad67fc0fa5a9d8cc84eb35951eea2d2e179a6fc51c82463c9e70a5dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://click.deals.shermanstravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 20 Oct 2022 19:07:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 17:50:58 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 20 Oct 2022 19:07:20 GMT

GET
H2 200 interstitial-18b4490c67debd584ae96942f161a42c.css
click.deals.shermanstravel.com/assets/ 1 KB
745 B 27ms
26ms Stylesheet
text/css 52.55.116.184
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://click.deals.shermanstravel.com/assets/interstitial-18b4490c67debd584ae96942f161a42c.css
Requested by: Host: click.deals.shermanstravel.com
URL: https://click.deals.shermanstravel.com/1742090/326/4-nt-bahamas-cruise-incl-new-private-island-w-free-balcony-upgrade-onboard-credit-more
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.55.116.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-55-116-184.compute-1.amazonaws.com
Software: nginx /
Resource Hash: d4f4be14ec90c84952052c340e8a18f447de2f305eab176bf70dc04e4b32e818

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://click.deals.shermanstravel.com/1742090/326/4-nt-bahamas-cruise-incl-new-private-island-w-free-balcony-upgrade-onboard-credit-more
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

expires: Fri, 20 Oct 2023 19:07:20 GMT
date: Thu, 20 Oct 2022 19:07:20 GMT
cache-control: max-age=31536000, public
content-encoding: gzip
server: nginx
content-type: text/css

GET
H2 200 interstitial_external-280e77248e226b071b4a84b58d622434.css
click.deals.shermanstravel.com/assets/ 1 KB
682 B 28ms
27ms Stylesheet
text/css 52.55.116.184
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://click.deals.shermanstravel.com/assets/interstitial_external-280e77248e226b071b4a84b58d622434.css
Requested by: Host: click.deals.shermanstravel.com
URL: https://click.deals.shermanstravel.com/1742090/326/4-nt-bahamas-cruise-incl-new-private-island-w-free-balcony-upgrade-onboard-credit-more
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.55.116.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-55-116-184.compute-1.amazonaws.com
Software: nginx /
Resource Hash: ef60e5fe54f75b0825bc3a51830b26709a96843762ae26a45f4439a749df039f

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://click.deals.shermanstravel.com/1742090/326/4-nt-bahamas-cruise-incl-new-private-island-w-free-balcony-upgrade-onboard-credit-more
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

expires: Fri, 20 Oct 2023 19:07:20 GMT
date: Thu, 20 Oct 2022 19:07:20 GMT
cache-control: max-age=31536000, public
content-encoding: gzip
server: nginx
content-type: text/css

GET
H2 200 st_landscape.js Show response
landscape.shermanstravel.com/ 1 KB
947 B 100ms
24ms Script
application/javascript 54.159.19.58
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://landscape.shermanstravel.com/st_landscape.js?v=20190528
Requested by: Host: click.deals.shermanstravel.com
URL: https://click.deals.shermanstravel.com/1742090/326/4-nt-bahamas-cruise-incl-new-private-island-w-free-balcony-upgrade-onboard-credit-more
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.159.19.58 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-159-19-58.compute-1.amazonaws.com
Software: nginx /
Resource Hash: ec71478763d59753bb1931f8cc7f3ce6584d5a60fa15dfe00eaf52c4458fe695

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://click.deals.shermanstravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: public
date: Thu, 20 Oct 2022 19:07:20 GMT
content-encoding: gzip
last-modified: Tue, 29 Oct 2019 16:58:55 GMT
server: nginx
etag: W/"5db86fcf-524"
content-type: application/javascript
cache-control: max-age=315360000, public
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 sht_logo_desktop-cbea7eafa6612ce39709903a4388d300.png
click.deals.shermanstravel.com/assets/logos/ 12 KB
12 KB 26ms
26ms Image
image/png 52.55.116.184
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://click.deals.shermanstravel.com/assets/logos/sht_logo_desktop-cbea7eafa6612ce39709903a4388d300.png
Requested by: Host: click.deals.shermanstravel.com
URL: https://click.deals.shermanstravel.com/1742090/326/4-nt-bahamas-cruise-incl-new-private-island-w-free-balcony-upgrade-onboard-credit-more
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.55.116.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-55-116-184.compute-1.amazonaws.com
Software: nginx /
Resource Hash: a82d5d6368f34a1384c667f859540aebb8eb4f071d80de35c861f4919b5a209d

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://click.deals.shermanstravel.com/1742090/326/4-nt-bahamas-cruise-incl-new-private-island-w-free-balcony-upgrade-onboard-credit-more
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type: image/png
date: Thu, 20 Oct 2022 19:07:20 GMT
cache-control: max-age=31536000, public
server: nginx
accept-ranges: bytes
content-length: 12484
expires: Fri, 20 Oct 2023 19:07:20 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 69ms
20ms Script
text/javascript 2607:f8b0:4006:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: click.deals.shermanstravel.com
URL: https://click.deals.shermanstravel.com/1742090/326/4-nt-bahamas-cruise-incl-new-private-island-w-free-balcony-upgrade-onboard-credit-more

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://click.deals.shermanstravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 20 Oct 2022 19:02:20 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 300
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Thu, 20 Oct 2022 21:02:20 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ 26 KB
10 KB 178ms
27ms Script
application/javascript 2620:116:800b:21:a021:b886:81cc:55cf
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: click.deals.shermanstravel.com
URL: https://click.deals.shermanstravel.com/1742090/326/4-nt-bahamas-cruise-incl-new-private-island-w-free-balcony-upgrade-onboard-credit-more
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800b:21:a021:b886:81cc:55cf , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e7aaa31aec9d6a9f88c0af5d361aff3e7828ace0fb0c55ab35922025e12700b1

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://click.deals.shermanstravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 19:07:20 GMT
content-encoding: gzip
etag: "cbFpuah7ilcpMTJLYeCgng=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Thu, 27 Oct 2022 19:07:20 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 188 KB
70 KB 92ms
43ms Script
application/javascript 2607:f8b0:4006:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KN9BH7X

Requested by

Host: click.deals.shermanstravel.com
URL: https://click.deals.shermanstravel.com/1742090/326/4-nt-bahamas-cruise-incl-new-private-island-w-free-balcony-upgrade-onboard-credit-more

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7f5bd3c2db4b2770208fde0ece64ceea917e3fc3e07b06087502ae1c5ef710fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://click.deals.shermanstravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 19:07:20 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 71270
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 20 Oct 2022 19:07:20 GMT

POST
H2 200 4-nt-bahamas-cruise-incl-new-private-island-w-free-balcony-upgrade-onboard-credit-more Show response
click.deals.shermanstravel.com/1742090/326/ 759 B
939 B 62ms
61ms XHR
application/json 52.55.116.184
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://click.deals.shermanstravel.com/1742090/326/4-nt-bahamas-cruise-incl-new-private-island-w-free-balcony-upgrade-onboard-credit-more

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.8.2/jquery.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.55.116.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-55-116-184.compute-1.amazonaws.com

Software

nginx /

Resource Hash

9d92761d41436306ea309e21fe391416f1e85e3cc61a021d6d78bc0989cd1b7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://click.deals.shermanstravel.com/1742090/326/4-nt-bahamas-cruise-incl-new-private-island-w-free-balcony-upgrade-onboard-credit-more
X-Requested-With: XMLHttpRequest
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

x-runtime: 0.034171
date: Thu, 20 Oct 2022 19:07:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: max-age=0, private, must-revalidate
x-xss-protection: 1; mode=block
x-request-id: a8c7eb2c-7877-43a0-bb0f-24c69357d2d4

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/ 23 KB
24 KB 67ms
19ms Font
font/woff2 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,400i,700,700i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://click.deals.shermanstravel.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 23:16:08 GMT
x-content-type-options: nosniff
age: 244272
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 17 Oct 2023 23:16:08 GMT

GET
H2 200 sht_logo_desktop_external-4d3e24203927fcefe8237d75b0fcc93b.png
click.deals.shermanstravel.com/assets/logos/ 8 KB
9 KB 28ms
26ms Image
image/png 52.55.116.184
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://click.deals.shermanstravel.com/assets/logos/sht_logo_desktop_external-4d3e24203927fcefe8237d75b0fcc93b.png
Requested by: Host: click.deals.shermanstravel.com
URL: https://click.deals.shermanstravel.com/1742090/326/4-nt-bahamas-cruise-incl-new-private-island-w-free-balcony-upgrade-onboard-credit-more
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.55.116.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-55-116-184.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 363e30beb9afe4a368061173b2a840f64412a2b1a0c76e6ee0a11fd20fe91603

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://click.deals.shermanstravel.com/1742090/326/4-nt-bahamas-cruise-incl-new-private-island-w-free-balcony-upgrade-onboard-credit-more
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type: image/png
date: Thu, 20 Oct 2022 19:07:20 GMT
cache-control: max-age=31536000, public
server: nginx
accept-ranges: bytes
content-length: 8638
expires: Fri, 20 Oct 2023 19:07:20 GMT

GET
H2 200 arrows-8d8e8b955e27d8c6747cc06635e44272.gif
click.deals.shermanstravel.com/assets/ 3 KB
3 KB 28ms
27ms Image
image/gif 52.55.116.184
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://click.deals.shermanstravel.com/assets/arrows-8d8e8b955e27d8c6747cc06635e44272.gif
Requested by: Host: click.deals.shermanstravel.com
URL: https://click.deals.shermanstravel.com/assets/interstitial_external-280e77248e226b071b4a84b58d622434.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.55.116.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-55-116-184.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 3287d19fb549ad1443377c8490fe1cf95b9ef35cb8473747b54662c1f1add459

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://click.deals.shermanstravel.com/assets/interstitial_external-280e77248e226b071b4a84b58d622434.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type: image/gif
date: Thu, 20 Oct 2022 19:07:20 GMT
cache-control: max-age=31536000, public
server: nginx
accept-ranges: bytes
content-length: 2899
expires: Fri, 20 Oct 2023 19:07:20 GMT

GET
H2 200 ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v25/ 15 KB
15 KB 30ms
29ms Font
font/woff2 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://click.deals.shermanstravel.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 22:16:21 GMT
x-content-type-options: nosniff
age: 161459
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15700
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:51:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Oct 2023 22:16:21 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ 23 KB
23 KB 21ms
20ms Font
font/woff2 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,400i,700,700i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://click.deals.shermanstravel.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 09:13:59 GMT
x-content-type-options: nosniff
age: 208401
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23040
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:56:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Oct 2023 09:13:59 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
219 B 35ms
31ms XHR
text/plain 2607:f8b0:4006:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=650649390&t=pageview&_s=1&dl=https%3A%2F%2Fclick.deals.shermanstravel.com%2F1742090%2F326%2F4-nt-bahamas-cruise-incl-new-private-island-w-free-balcony-upgrade-onboard-credit-more&ul=en-us&de=windows-1252&dt=Redirecting%20you%20to%20your%20deal...&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=1769062981&gjid=1360615997&cid=1431434549.1666292840&tid=UA-13162027-3&_gid=1701744225.1666292840&_r=1&_slc=1&cd6=pmin-100%20pmax-199&cd7=cruise&cd8=nassau%2C%20miami%2C%20miami&cd10=deal%20click&z=1637220463

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://click.deals.shermanstravel.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 20 Oct 2022 19:07:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://click.deals.shermanstravel.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
452 B 83ms
32ms XHR
text/plain 2607:f8b0:4004:c17::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-13162027-3&cid=1431434549.1666292840&jid=1769062981&gjid=1360615997&_gid=1701744225.1666292840&_u=YEBAAEAAAAAAACAAI~&z=1812346536

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://click.deals.shermanstravel.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 20 Oct 2022 19:07:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://click.deals.shermanstravel.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 41 KB
15 KB 110ms
53ms Script
text/javascript 142.251.40.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KN9BH7X

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s38-in-f2.1e100.net

Software

cafe /

Resource Hash

6eb1a85c484ea6b5692b2846247099262ca28243d78e5ee99077f3f7a0ecc77a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://click.deals.shermanstravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 19:07:20 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15180
x-xss-protection: 0
server: cafe
etag: 6306170824501671363
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 20 Oct 2022 19:07:20 GMT

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 1 KB
1 KB 89ms
23ms Script
application/javascript 2a04:4e42:77::84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KN9BH7X
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:77::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 79843949edcce85d9ad2d6ec233fa21623a9cf6f35653957dcfd03e7ebafb6f8

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://click.deals.shermanstravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 19:07:20 GMT
x-cdn: fastly
etag: "a0662353c581ca0b1715b6ef00d69a68"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: X-CDN
vary: Accept-Encoding, Origin
cache-control: max-age=7200
alt-svc: h3=":443";ma=600,h3-29=":443";ma=600,h3-27=":443";ma=600
fastly-restarts: 1
content-length: 1146

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 102 KB
27 KB 60ms
21ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: click.deals.shermanstravel.com
URL: https://click.deals.shermanstravel.com/1742090/326/4-nt-bahamas-cruise-incl-new-private-island-w-free-balcony-upgrade-onboard-credit-more

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f8486cf55c57486f26236be045e02ada380d1ee0378008375cf54295c23954c8

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://click.deals.shermanstravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 20 Oct 2022 19:07:20 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27027
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: spKKLvdPgb0iPRm6tFoNePaBnbYxoiGv94jlnyHb5rZskdk1NOth27pPAu47kVDcRMAls+WMViH60K4KCKQkgg==
x-fb-trip-id: 1512268381
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 latest.min.js Show response
c.lytics.io/api/tag/2033ac07a2eae34026d3189da90d18b6/ 64 KB
22 KB 82ms
42ms Script
application/javascript 2606:4700:20::681a:316
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.lytics.io/api/tag/2033ac07a2eae34026d3189da90d18b6/latest.min.js

Requested by

Host: click.deals.shermanstravel.com
URL: https://click.deals.shermanstravel.com/1742090/326/4-nt-bahamas-cruise-incl-new-private-island-w-free-balcony-upgrade-onboard-credit-more

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:316 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

752f2103db64216b5123b5065405c37d2fe03718dc7fd36108ca9e205c1b50f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://click.deals.shermanstravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 19:07:20 GMT
strict-transport-security: max-age=63072000;
via: 1.1 google
cf-cache-status: HIT
last-modified: Thu, 20 Oct 2022 18:56:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 674
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eZMjxDBtek8WGhaSVNOej8kUIeX4N%2Bw9lq6Gsi4Qi9PR%2FRxNmQNO%2BlHlw%2BYdkSiDSho1HQXpw1jSGFuIkVO8AbqK8uF40YpFTmpSZANYwkXPuHieRLxSTBz%2FBrxrugYJnXlsalcFZPi%2F"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
content-encoding: br
cache-control: max-age=7200
cf-ray: 75d4092d5a3a7145-YUL

GET
H/1.1 200
OK deals-lytics.js Show response
s3-us-west-2.amazonaws.com/s.leveragelab.com/release/config/sites/stm/stm/ 843 B
1 KB 320ms
118ms Script
application/javascript 52.92.161.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3-us-west-2.amazonaws.com/s.leveragelab.com/release/config/sites/stm/stm/deals-lytics.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KN9BH7X
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.92.161.48 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 38c85d71653183951f4deae1d9d8c7da2efc57005ccc4d0fc5c40feba4d4b8aa

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://click.deals.shermanstravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Thu, 20 Oct 2022 19:07:21 GMT
x-amz-version-id: NXQSE1ADPVN9uDo.aIq2YgCFlXN9bLH.
Last-Modified: Wed, 20 Jul 2022 23:26:05 GMT
Server: AmazonS3
x-amz-request-id: N3XF9DXPHS6ZB6P2
ETag: "9ebcf42235eba04af88d8dee25ac710e"
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 843
x-amz-id-2: nAseWZrLG7dvvZpK3Jpw/TqEDy72eHkQpGa2EBRcTPnhfSSixr61mpCez67WI+1uv0nkGBm7B7I=

GET
H2 200 Bootstrap.js Show response
nexus.ensighten.com/choozle/16346/ 28 KB
10 KB 97ms
24ms Script
application/javascript 99.84.108.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/choozle/16346/Bootstrap.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KN9BH7X
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.108.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-108-72.iad79.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: acc99a0b70afad5ab53c8c1fb2be18189342e873e7b1e07327f044773c5edba0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://click.deals.shermanstravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sun, 16 Oct 2022 12:32:17 GMT
x-amz-version-id: 9_TUWlpX6wYz_WOuzflP9eUr.qb7DcGT
content-encoding: gzip
via: 1.1 0570243541aa4edb51d3f1e60aee5a32.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD79-C2
age: 369304
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Wed, 23 Mar 2022 19:45:31 GMT
server: AmazonS3
etag: W/"8986979ee3998c977b5ce044351d0576"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=300
x-amz-cf-id: uWRmo1_86pjFChaY7RIyR3kdkfWPmNd5cZXiclOLEt00w5OoeB-13g==

GET
H2 200 lightbox.js Show response
www.lightboxcdn.com/vendor/065b2c2b-90bd-4ccd-884c-8e621eb02162/ Frame EB33 391 B
455 B 65ms
22ms Script
application/javascript 2606:4700::6810:50a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lightboxcdn.com/vendor/065b2c2b-90bd-4ccd-884c-8e621eb02162/lightbox.js?mb=1666292840495&lv=1
Requested by: Host: click.deals.shermanstravel.com
URL: https://click.deals.shermanstravel.com/1742090/326/4-nt-bahamas-cruise-incl-new-private-island-w-free-balcony-upgrade-onboard-credit-more
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:50a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: b050eef19e88e97861dfa4a77bc3beb5178ae7c835a311c847274c315f488882

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://click.deals.shermanstravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 19:07:20 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 20 Oct 2022 18:51:45 GMT
server: cloudflare
age: 494
cf-polished: origSize=399
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
cf-ray: 75d4092d8cceca53-YUL

GET
H2 200 rules-p-y7jhK3PrFbS21.js Show response
rules.quantcount.com/ 3 B
429 B 98ms
23ms Script
application/javascript 2600:9000:208f:b000:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-y7jhK3PrFbS21.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:208f:b000:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://click.deals.shermanstravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 09:04:21 GMT
via: 1.1 3072c658bb2e308b174aea92028efcd6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD79-C3
age: 36180
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 3
last-modified: Sat, 04 Mar 2017 21:24:26 GMT
server: AmazonS3
etag: "8a80554c91d9fca8acb82f023de02f11"
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: KSqSN72uDHD4yHFhnIANzv_80DdGeALI5YTtAq5ZMi7gs5ndRQTu6w==

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 92ms
41ms Image
image/gif 2607:f8b0:4006:821::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-13162027-3&cid=1431434549.1666292840&jid=1769062981&_u=YEBAAEAAAAAAACAAI~&z=1113499390

Requested by

Host: click.deals.shermanstravel.com
URL: https://click.deals.shermanstravel.com/1742090/326/4-nt-bahamas-cruise-incl-new-private-island-w-free-balcony-upgrade-onboard-credit-more

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://click.deals.shermanstravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Oct 2022 19:07:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.ca/ads/ 42 B
501 B 88ms
38ms Image
image/gif 2607:f8b0:4006:816::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-13162027-3&cid=1431434549.1666292840&jid=1769062981&_u=YEBAAEAAAAAAACAAI~&z=1113499390

Requested by

Host: click.deals.shermanstravel.com
URL: https://click.deals.shermanstravel.com/1742090/326/4-nt-bahamas-cruise-incl-new-private-island-w-free-balcony-upgrade-onboard-credit-more

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://click.deals.shermanstravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Oct 2022 19:07:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 1030893760286070 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 43ms
21ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1030893760286070?v=2.9.87&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7f10e552a691e3025d19a772710d8eeffde83235517d4e7e8e016d8adf372186

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://click.deals.shermanstravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 20 Oct 2022 19:07:20 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 85945
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: K6OhyjX9YIFPE9COPy9GlztzgEWbraZHS5Lrxgpg1Zq3VeNc1aYPtHvopQbgIt8B5JTVPZJSmM7LGcxokrin6g==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 2033ac07a2eae34026d3189da90d18b6 Show response
c.lytics.io/cid/ 24 B
456 B 60ms
59ms Script
text/javascript 2606:4700:20::681a:316
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.lytics.io/cid/2033ac07a2eae34026d3189da90d18b6?assign=false&callback=u_136024031320575400

Requested by

Host: c.lytics.io
URL: https://c.lytics.io/api/tag/2033ac07a2eae34026d3189da90d18b6/latest.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:316 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

06d72f18353ddbe49811b5d80d6c0357edda40a49783cdd0e2c4cd33533f2261

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://click.deals.shermanstravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 19:07:20 GMT
strict-transport-security: max-age=63072000;
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length: 24
pragma: no-cache
server: cloudflare
access-control-allow-methods: GET, POST
content-type: text/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ba7k1U26%2FBw%2FiJLTqVcjDen9lh9UTe0bjttaywk0Tu00VjoS1V42B4ipcgzMBPKrF2aq0IPLc0DXbiwea6qaHcOHEamysproQ0x7k3f6Qyl8jRuGv3ml%2Fh6Lco8FjKBAXFJRD6VOlmrD"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache, no-store, must-revalidate
cf-ray: 75d4092dcb387145-YUL
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
expires: 0

GET
H3 200 main.0e6a432f.js Show response
s.pinimg.com/ct/lib/ 56 KB
20 KB 51ms
23ms Script
application/javascript 2a04:4e42:77::84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.0e6a432f.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a04:4e42:77::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: c0bf467e1fdff29fa489168b1978d7f13950b98d6121b42f0802e1cc334c488f

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://click.deals.shermanstravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 19:07:20 GMT
content-encoding: gzip
x-cdn: fastly
etag: "dd08a2133d2073663cfe60d5aa295cd5"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: X-CDN
vary: Accept-Encoding, Origin
cache-control: max-age=1209600
alt-svc: h3=":443";ma=600,h3-29=":443";ma=600,h3-27=":443";ma=600
content-length: 19950
fastly-restarts: 1

GET
H2 200 user.js Show response
www.lightboxcdn.com/vendor/065b2c2b-90bd-4ccd-884c-8e621eb02162/ Frame EB33 816 KB
160 KB 41ms
41ms Script
application/javascript 2606:4700::6810:50a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lightboxcdn.com/vendor/065b2c2b-90bd-4ccd-884c-8e621eb02162/user.js?cb=638015219210198664
Requested by: Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/065b2c2b-90bd-4ccd-884c-8e621eb02162/lightbox.js?mb=1666292840495&lv=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:50a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c2563d943cfdec20d795d1f70ee7c4e29e4eccdea932b51e7e39cf7a782c745

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://click.deals.shermanstravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 20 Oct 2022 19:07:20 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: APjlzmx/DfumHgz16QPYHw==
age: 291939
cf-polished: origSize=1361366
x-ms-lease-status: unlocked
cf-bgj: minify
last-modified: Wed, 28 Sep 2022 18:44:10 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
x-ms-request-id: 65d4f695-101e-0070-0360-e16bf4000000
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
cf-ray: 75d4092ddd30ca53-YUL
expires: Fri, 20 Oct 2023 19:07:20 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1011597705/ 2 KB
2 KB 121ms
71ms Script
text/javascript 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1011597705/?random=1666292840606&cv=9&fst=1666292840606&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=376635471&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgaj0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fclick.deals.shermanstravel.com%2F1742090%2F326%2F4-nt-bahamas-cruise-incl-new-private-island-w-free-balcony-upgrade-onboard-credit-more&tiba=Redirecting%20you%20to%20your%20deal...&auid=1823832925.1666292840&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09ff4c9f9adb0a8260c9b81b54f27847a67b651f795bad612651d9c9eb04f497

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://click.deals.shermanstravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Oct 2022 19:07:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1112
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel;r=1557395972;labels=ShermansTravel%20Deals%20Network;rf=0;a=p-y7jhK3PrFbS21;url=https%3A%2F%2Fclick.deals.shermanstravel.com%2F1742090%2F326%2F4-nt-bahamas-cruise-incl-new-private-island-w-fr...
pixel.quantserve.com/ 35 B
371 B 77ms
26ms Image
image/gif 2620:116:800b:21:a021:b886:81cc:55cf
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1557395972;labels=ShermansTravel%20Deals%20Network;rf=0;a=p-y7jhK3PrFbS21;url=https%3A%2F%2Fclick.deals.shermanstravel.com%2F1742090%2F326%2F4-nt-bahamas-cruise-incl-new-private-island-w-free-balcony-upgrade-onboard-credit-more;uht=2;fpan=1;fpa=P0-1341752235-1666292840620;pbc=;ns=0;ce=1;qjs=1;qv=7a1cba14-20221011131736;cm=;gdpr=0;ref=;d=shermanstravel.com;dst=0;et=1666292840620;tzo=0;ogl=;ses=b8fe54dc-29e0-4e92-9424-95d4e83f0a07

Requested by

Host: click.deals.shermanstravel.com
URL: https://click.deals.shermanstravel.com/1742090/326/4-nt-bahamas-cruise-incl-new-private-island-w-free-balcony-upgrade-onboard-credit-more

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800b:21:a021:b886:81cc:55cf , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://click.deals.shermanstravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Oct 2022 19:07:20 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 60ms
19ms Image
text/plain 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1030893760286070&ev=PageView&dl=https%3A%2F%2Fclick.deals.shermanstravel.com%2F1742090%2F326%2F4-nt-bahamas-cruise-incl-new-private-island-w-free-balcony-upgrade-onboard-credit-more&rl=&if=false&ts=1666292840669&sw=1600&sh=1200&v=2.9.87&r=stable&ec=0&o=30&fbp=fb.1.1666292840667.68319082&it=1666292840568&coo=false&rqm=GET

Requested by

Host: click.deals.shermanstravel.com
URL: https://click.deals.shermanstravel.com/1742090/326/4-nt-bahamas-cruise-incl-new-private-island-w-free-balcony-upgrade-onboard-credit-more

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://click.deals.shermanstravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 20 Oct 2022 19:07:20 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 / Show response
ct.pinterest.com/user/ 539 B
874 B 185ms
32ms XHR
application/json 104.77.220.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/user/?tid=2612859057726&pd=%7B%22np%22%3A%22gtm%22%2C%22aem_enabled%22%3Afalse%2C%22gtm_aem_configs%22%3A%5B%5D%7D&cb=1666292840676&dep=page_load

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.0e6a432f.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.77.220.247 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-77-220-247.deploy.static.akamaitechnologies.com

Software

Resource Hash

501294284b0917449730c3743be6e3610c15b15904d7e502e8d1523a83d6aafb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://click.deals.shermanstravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 19:07:20 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
x-cdn: akamai
akamai-grn: 0.a6794668.1666292840.ad0e355
x-envoy-upstream-service-time: 1
content-length: 382
x-pinterest-rid: 6554204416661731
pin-unauth: dWlkPU9EaGxNRFJsT1RVdE4yUm1OQzAwTURKbUxUZ3hZemd0T1dWbU5XWTJPVGxtTldVMA
pragma: no-cache
referrer-policy: origin
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://click.deals.shermanstravel.com
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
333 B 184ms
37ms Image
image/gif 104.77.220.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?tid=2612859057726&pd=%7B%22np%22%3A%22gtm%22%2C%22aem_enabled%22%3Afalse%2C%22gtm_aem_configs%22%3A%5B%5D%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fclick.deals.shermanstravel.com%2F1742090%2F326%2F4-nt-bahamas-cruise-incl-new-private-island-w-free-balcony-upgrade-onboard-credit-more%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%220e6a432f%22%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1666292840682

Requested by

Host: click.deals.shermanstravel.com
URL: https://click.deals.shermanstravel.com/1742090/326/4-nt-bahamas-cruise-incl-new-private-island-w-free-balcony-upgrade-onboard-credit-more

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.77.220.247 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-77-220-247.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://click.deals.shermanstravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Oct 2022 19:07:20 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
referrer-policy: origin
x-cdn: akamai
akamai-grn: 0.a6794668.1666292840.ad0e359
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 3
content-length: 35
x-pinterest-rid: 2461519381999530
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 2033ac07a2eae34026d3189da90d18b6
c.lytics.io/c/ 35 B
314 B 73ms
72ms Image
image/gif 2606:4700:20::681a:316
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.lytics.io/c/2033ac07a2eae34026d3189da90d18b6?gtm.start=1666292840329&event=gtm.js&gtm.uniqueEventId=1&_ts=1666292840601&_nmob=t&_device=desktop&url=click.deals.shermanstravel.com%2F1742090%2F326%2F4-nt-bahamas-cruise-incl-new-private-island-w-free-balcony-upgrade-onboard-credit-more&_v=3.0.28&_uid=b88d80fc-7835-4284-bbb5-48a3200fba36&_getid=t

Requested by

Host: click.deals.shermanstravel.com
URL: https://click.deals.shermanstravel.com/1742090/326/4-nt-bahamas-cruise-incl-new-private-island-w-free-balcony-upgrade-onboard-credit-more

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:316 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://click.deals.shermanstravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 19:07:20 GMT
strict-transport-security: max-age=63072000;
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length: 35
pragma: no-cache
server: cloudflare
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t%2FEqYXI%2Fr8xsEerdMuLUNmTXmdlrc%2BfgYnSy52yE33T06A8zBhMk7wkv8NbGX9PvmOsEm7JF2nCxkZyq1jtEYIuzdeFQSQPaJOXCZNd%2BAuscEJh0VHqeGkdh14BF04QbSKDCzpzNoioI"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache, no-store, must-revalidate
cf-ray: 75d4092e5c197145-YUL
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
expires: 0

GET
H2 200 2033ac07a2eae34026d3189da90d18b6
c.lytics.io/c/ 35 B
406 B 58ms
58ms Image
image/gif 2606:4700:20::681a:316
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.lytics.io/c/2033ac07a2eae34026d3189da90d18b6?event=lytics.data&data.dealId=1742090&data.publisherId=326&gtm.uniqueEventId=2&_ts=1666292840602&_nmob=t&_device=desktop&url=click.deals.shermanstravel.com%2F1742090%2F326%2F4-nt-bahamas-cruise-incl-new-private-island-w-free-balcony-upgrade-onboard-credit-more&_v=3.0.28&_uid=b88d80fc-7835-4284-bbb5-48a3200fba36&_getid=t

Requested by

Host: click.deals.shermanstravel.com
URL: https://click.deals.shermanstravel.com/1742090/326/4-nt-bahamas-cruise-incl-new-private-island-w-free-balcony-upgrade-onboard-credit-more

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:316 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://click.deals.shermanstravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 19:07:20 GMT
strict-transport-security: max-age=63072000;
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length: 35
pragma: no-cache
server: cloudflare
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7b5VQhtWNMvejD86EZreb4rT4r6I5YihXNsP8A5hwbFgZwpGUO4dXXI9GaNs6LfIwS7axCM2WbkWdvSizskToKNp5eug%2B8cJmH%2F8GQcB%2FmUhysX%2FU4qh5dfDtvrOXPIvoUH8HFu8NEZP"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache, no-store, must-revalidate
cf-ray: 75d4092e5c1a7145-YUL
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
expires: 0

GET
H2 200 fb_lightbox.2.1.5.css
www.lightboxcdn.com/static/ 4 KB
1 KB 29ms
29ms Stylesheet
text/css 2606:4700::6810:50a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lightboxcdn.com/static/fb_lightbox.2.1.5.css?cb=637999874506931290
Requested by: Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/065b2c2b-90bd-4ccd-884c-8e621eb02162/user.js?cb=638015219210198664
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:50a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b9028c7ecccf4f31fafcfca176cd6ed38197d7b3d6ea4c107b98af8eecc525b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://click.deals.shermanstravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 20 Oct 2022 19:07:20 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: q4B4xYJoZwx9ikt94o1nCA==
age: 79731
cf-polished: origSize=6016
x-ms-meta-cbmodifiedtime: Wed, 10 Apr 2019 18:50:43 GMT
x-ms-lease-status: unlocked
cf-bgj: minify
last-modified: Wed, 10 Apr 2019 19:06:17 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
x-ms-request-id: 9ed92040-d01e-006d-4f6a-d3b21e000000
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
cf-ray: 75d4092e6dd1ca53-YUL
expires: Fri, 20 Oct 2023 19:07:20 GMT

GET
H/1.1 200
OK z Show response
lightboxapi.azurewebsites.net/z9gd/42332/click.deals.shermanstravel.com/jsonp/ 545 B
794 B 236ms
64ms Script
application/javascript 20.40.202.0
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://lightboxapi.azurewebsites.net/z9gd/42332/click.deals.shermanstravel.com/jsonp/z?cb=1666292840709&callback=jQuery1710005346367583591416_1666292840691&_=1666292840710
Requested by: Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/065b2c2b-90bd-4ccd-884c-8e621eb02162/user.js?cb=638015219210198664
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.40.202.0 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 763eee8e0261412cbf0ca0ea49209627ec0dfc1a6218364393f9cbfc45b3d56c

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://click.deals.shermanstravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Thu, 20 Oct 2022 19:07:20 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript

GET
H2 200 t.gif
www.lightboxcdn.com/z9g/ 35 B
258 B 23ms
23ms Image
image/gif 2606:4700::6810:50a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.lightboxcdn.com/z9g/t.gif?c=1666292840698&h=click.deals.shermanstravel.com&e=p&u=42332
Requested by: Host: click.deals.shermanstravel.com
URL: https://click.deals.shermanstravel.com/1742090/326/4-nt-bahamas-cruise-incl-new-private-island-w-free-balcony-upgrade-onboard-credit-more
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:50a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://click.deals.shermanstravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 20 Oct 2022 19:07:20 GMT
cf-cache-status: HIT
content-md5: KNaBTzCeoon4R8ac+RGUxg==
age: 1154607
cf-polished: status=not_needed
x-ms-meta-cbmodifiedtime: Tue, 26 Feb 2019 00:59:40 GMT
content-length: 35
x-ms-lease-status: unlocked
cf-bgj: imgq:85,h2pri
last-modified: Tue, 26 Feb 2019 01:15:02 GMT
server: cloudflare
etag: 0x8D69B87D5A1B25F
vary: Accept-Encoding
content-type: image/gif
x-ms-request-id: 6e769913-901e-004e-1d3c-0b9024000000
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 75d4092e7debca53-YUL

GET
H2 200 b88d80fc-7835-4284-bbb5-48a3200fba36 Show response
c.lytics.io/api/personalize/2033ac07a2eae34026d3189da90d18b6/user/_uid/ 2 KB
1 KB 77ms
77ms Script
application/json 2606:4700:20::681a:316
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.lytics.io/api/personalize/2033ac07a2eae34026d3189da90d18b6/user/_uid/b88d80fc-7835-4284-bbb5-48a3200fba36?segments=true&mergestate=true&state=%7B%22_uid%22%3A%22b88d80fc-7835-4284-bbb5-48a3200fba36%22%2C%22_sesstart%22%3A%221%22%2C%22_tz%22%3A0%2C%22_ul%22%3A%22en-US%22%2C%22_sz%22%3A%221600x1200%22%2C%22_nmob%22%3A%22t%22%2C%22_device%22%3A%22desktop%22%2C%22url%22%3A%22click.deals.shermanstravel.com%2F1742090%2F326%2F4-nt-bahamas-cruise-incl-new-private-island-w-free-balcony-upgrade-onboard-credit-more%22%2C%22_v%22%3A%223.0.28%22%7D&ts=1666292840717&callback=u_298614588650645060

Requested by

Host: c.lytics.io
URL: https://c.lytics.io/api/tag/2033ac07a2eae34026d3189da90d18b6/latest.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:316 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5f7b922141c0a8db02521ed3de10f5b865a92bdb07c20abeb3dd6719d6d2d577

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://click.deals.shermanstravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 19:07:20 GMT
strict-transport-security: max-age=63072000;
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N0h5iJtrOvTEVunC3niupSjeCG%2BVjfH6AdjgDvkSJEpsvcRAp%2FCYh5%2BS%2BNmqFDQC3PTi4Ma8gWf55QLll3Qc6u8VeQdXHVSOxea3y2NKsxKFqt%2FFh5QbAaTYV0jccAzgBId26iN7j4c3"}],"group":"cf-nel","max_age":604800}
cf-ray: 75d4092e8c6c7145-YUL
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Cookie, *

GET
H2 200 2033ac07a2eae34026d3189da90d18b6
c.lytics.io/c/ 35 B
313 B 65ms
65ms Image
image/gif 2606:4700:20::681a:316
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.lytics.io/c/2033ac07a2eae34026d3189da90d18b6?_e=pv&_sesstart=1&_tz=0&_ul=en-US&_sz=1600x1200&_ts=1666292840714&_nmob=t&_device=desktop&url=click.deals.shermanstravel.com%2F1742090%2F326%2F4-nt-bahamas-cruise-incl-new-private-island-w-free-balcony-upgrade-onboard-credit-more&_uid=b88d80fc-7835-4284-bbb5-48a3200fba36&_v=3.0.28

Requested by

Host: click.deals.shermanstravel.com
URL: https://click.deals.shermanstravel.com/1742090/326/4-nt-bahamas-cruise-incl-new-private-island-w-free-balcony-upgrade-onboard-credit-more

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:316 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://click.deals.shermanstravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 19:07:20 GMT
strict-transport-security: max-age=63072000;
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length: 35
pragma: no-cache
server: cloudflare
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hppnzpIk89fBADkhp6Ji6Ugc%2BpfJyAi4Ih4Aw%2Bqcts3ix4guX%2FkIen0xufbrVDodk6Un0Ee79SVT%2BXY7h3NX2lv3zoBeRR8OIE6vWNvgVbcY36DkGEHjE3vDKLCOakhNvct6knzcX6qF"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache, no-store, must-revalidate
cf-ray: 75d4092e8c6f7145-YUL
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
expires: 0

GET
H3 200 /
www.google.com/pagead/1p-user-list/1011597705/ 42 B
64 B 85ms
40ms Image
image/gif 2607:f8b0:4006:821::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1011597705/?random=1666292840606&cv=9&fst=1666292400000&num=1&bg=ffffff&guid=ON&eid=376635471&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgaj0&sendb=1&frm=0&url=https%3A%2F%2Fclick.deals.shermanstravel.com%2F1742090%2F326%2F4-nt-bahamas-cruise-incl-new-private-island-w-free-balcony-upgrade-onboard-credit-more&tiba=Redirecting%20you%20to%20your%20deal...&async=1&fmt=3&is_vtc=1&random=2873290638&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: click.deals.shermanstravel.com
URL: https://click.deals.shermanstravel.com/1742090/326/4-nt-bahamas-cruise-incl-new-private-island-w-free-balcony-upgrade-onboard-credit-more

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://click.deals.shermanstravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Oct 2022 19:07:20 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.ca/pagead/1p-user-list/1011597705/ 42 B
64 B 88ms
46ms Image
image/gif 2607:f8b0:4006:816::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/pagead/1p-user-list/1011597705/?random=1666292840606&cv=9&fst=1666292400000&num=1&bg=ffffff&guid=ON&eid=376635471&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgaj0&sendb=1&frm=0&url=https%3A%2F%2Fclick.deals.shermanstravel.com%2F1742090%2F326%2F4-nt-bahamas-cruise-incl-new-private-island-w-free-balcony-upgrade-onboard-credit-more&tiba=Redirecting%20you%20to%20your%20deal...&async=1&fmt=3&is_vtc=1&random=2873290638&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: click.deals.shermanstravel.com
URL: https://click.deals.shermanstravel.com/1742090/326/4-nt-bahamas-cruise-incl-new-private-island-w-free-balcony-upgrade-onboard-credit-more

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://click.deals.shermanstravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Oct 2022 19:07:20 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

thetradedesk
c.lytics.io/c/provider/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic/?ttd_pid=f4i7a6a&ttd_puid=b88d80fc-7835-4284-bbb5-48a3200fba36&ttd_puid=2033ac07a2eae34026d3189da90d18b6&ttd_tpi=1&gpdr=0
https://match.adsrvr.org/track/cmb/generic?ttd_pid=f4i7a6a&ttd_puid=b88d80fc-7835-4284-bbb5-48a3200fba36&ttd_puid=2033ac07a2eae34026d3189da90d18b6&ttd_tpi=1&gpdr=0
https://c.lytics.io/c/provider/thetradedesk?ttd_id=fa9af5c5-6609-4567-8b97-a56478c87def&ttd_puid=b88d80fc-7835-4284-bbb5-48a3200fba36,2033ac07a2eae34026d3189da90d18b6

35 B
311 B

58ms
58ms

Image
image/gif

2606:4700:20::681a:316
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.lytics.io/c/provider/thetradedesk?ttd_id=fa9af5c5-6609-4567-8b97-a56478c87def&ttd_puid=b88d80fc-7835-4284-bbb5-48a3200fba36,2033ac07a2eae34026d3189da90d18b6

Requested by

Host: click.deals.shermanstravel.com
URL: https://click.deals.shermanstravel.com/1742090/326/4-nt-bahamas-cruise-incl-new-private-island-w-free-balcony-upgrade-onboard-credit-more

Protocol

Server

2606:4700:20::681a:316 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://click.deals.shermanstravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 19:07:20 GMT
strict-transport-security: max-age=63072000;
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length: 35
pragma: no-cache
server: cloudflare
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P3SLb60tNMMqK9JWJ4B84t5EQwsAxm%2Btx8T3xdzl4MiRuZAtoCbMxx3xxYom9alH6if1InxuvKbUb5eyfuA2MdaMOZY8%2FqpQm2I94awVAIdSxSb9NQs6j2Ey%2FjVztiJeiRZkZGlU7XDW"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache, no-store, must-revalidate
cf-ray: 75d4092fcf9d7145-YUL
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 20 Oct 2022 19:07:20 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://c.lytics.io/c/provider/thetradedesk?ttd_id=fa9af5c5-6609-4567-8b97-a56478c87def&ttd_puid=b88d80fc-7835-4284-bbb5-48a3200fba36,2033ac07a2eae34026d3189da90d18b6
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 363

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 42ms
20ms Image
text/plain 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1030893760286070&ev=Lytics%20Audiences&dl=https%3A%2F%2Fclick.deals.shermanstravel.com%2F1742090%2F326%2F4-nt-bahamas-cruise-incl-new-private-island-w-free-balcony-upgrade-onboard-credit-more&rl=&if=false&ts=1666292840801&cd[external_id]=b88d80fc-7835-4284-bbb5-48a3200fba36&sw=1600&sh=1200&v=2.9.87&r=stable&ec=1&o=30&fbp=fb.1.1666292840667.68319082&it=1666292840568&coo=false&rqm=GET

Requested by

Host: click.deals.shermanstravel.com
URL: https://click.deals.shermanstravel.com/1742090/326/4-nt-bahamas-cruise-incl-new-private-island-w-free-balcony-upgrade-onboard-credit-more

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://click.deals.shermanstravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 20 Oct 2022 19:07:20 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
18 B 41ms
20ms Image
text/plain 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1030893760286070&ev=Lytics%20Audiences&dl=https%3A%2F%2Fclick.deals.shermanstravel.com%2F1742090%2F326%2F4-nt-bahamas-cruise-incl-new-private-island-w-free-balcony-upgrade-onboard-credit-more&rl=&if=false&ts=1666292840802&cd[aud_network_only_users]=true&cd[aud_anonymous_users]=true&cd[smt_new]=true&cd[all]=true&cd[default_anon_seg]=true&sw=1600&sh=1200&v=2.9.87&r=stable&ec=2&o=30&fbp=fb.1.1666292840667.68319082&it=1666292840568&coo=false&rqm=GET

Requested by

Host: click.deals.shermanstravel.com
URL: https://click.deals.shermanstravel.com/1742090/326/4-nt-bahamas-cruise-incl-new-private-island-w-free-balcony-upgrade-onboard-credit-more

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://click.deals.shermanstravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 20 Oct 2022 19:07:20 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 20ms
19ms Image
image/gif 2607:f8b0:4006:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=650649390&t=event&ni=1&_s=2&dl=https%3A%2F%2Fclick.deals.shermanstravel.com%2F1742090%2F326%2F4-nt-bahamas-cruise-incl-new-private-island-w-free-balcony-upgrade-onboard-credit-more&ul=en-us&de=windows-1252&dt=Redirecting%20you%20to%20your%20deal...&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=lytics&ea=lytics_google_integration&_u=aHBAAEABAAAAACAAI~&jid=&gjid=&cid=1431434549.1666292840&uid=b88d80fc-7835-4284-bbb5-48a3200fba36&tid=UA-13162027-3&_gid=1701744225.1666292840&cd6=pmin-100%20pmax-199&cd7=cruise&cd8=nassau%2C%20miami%2C%20miami&cd10=deal%20click&cd18=b88d80fc-7835-4284-bbb5-48a3200fba36&cd19=aud_network_only_users%2Caud_anonymous_users%2Csmt_new%2Call%2Cdefault_anon_seg&z=239555235

Requested by

Host: click.deals.shermanstravel.com
URL: https://click.deals.shermanstravel.com/1742090/326/4-nt-bahamas-cruise-incl-new-private-island-w-free-balcony-upgrade-onboard-credit-more

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://click.deals.shermanstravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Oct 2022 20:08:27 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 82733
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 serverComponent.php Show response
nexus.ensighten.com/choozle/16346/ 408 B
710 B 45ms
44ms Script
text/javascript 99.84.108.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/choozle/16346/serverComponent.php?namespace=Bootstrapper&staticJsPath=nexus.ensighten.com/choozle/16346/code/&publishedOn=Wed%20Mar%2023%2019:45:24%20GMT%202022&ClientID=923&PageID=https%3A%2F%2Fclick.deals.shermanstravel.com%2F1742090%2F326%2F4-nt-bahamas-cruise-incl-new-private-island-w-free-balcony-upgrade-onboard-credit-more
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/choozle/16346/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.108.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-108-72.iad79.r.cloudfront.net
Software: nginx /
Resource Hash: 975beafc13539c22ec4225ad7f0641971584863885aea523d53302d3e7a8f604

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://click.deals.shermanstravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 19:07:20 GMT
via: 1.1 0570243541aa4edb51d3f1e60aee5a32.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: IAD79-C2
x-cache: Miss from cloudfront
content-type: text/javascript
cache-control: no-cache, no-store
content-length: 408
x-amz-cf-id: 8mFy2i4BXz3h6qxiS-Eq9a9sm7o2pOC1CbF4EWaMtJSFMEE172X3rA==
expires: Thu, 20 Oct 2022 19:07:19 GMT

GET
H2 200 b91deb381a983463890df766160d0db7.js Show response
nexus.ensighten.com/choozle/16346/code/ 2 KB
823 B 25ms
25ms Script
application/javascript 99.84.108.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/choozle/16346/code/b91deb381a983463890df766160d0db7.js?conditionId0=421905
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/choozle/16346/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.108.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-108-72.iad79.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d9b18edccc6d6cdd3eb64d1835d42046cc84cdd8681ec26da7b6b3e7e3ab8875

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://click.deals.shermanstravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 11:24:51 GMT
x-amz-version-id: B4hviE30_G2ytMIaGg4oU6cobYrNKdWb
content-encoding: gzip
via: 1.1 0570243541aa4edb51d3f1e60aee5a32.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD79-C2
age: 114150
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 15 Mar 2022 19:01:03 GMT
server: AmazonS3
etag: W/"2ca037140d800c8ae9bee955e7637c28"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
x-amz-cf-id: sGBcOJZn_iNU1mFs2BkBCwjlqg5EWFHeC8OgsvcOv32GomWOIMA37g==

GET
H2 200 daf02a36827736997cd92656653dd1c9.js Show response
nexus.ensighten.com/choozle/16346/code/ 1 KB
1 KB 24ms
24ms Script
application/javascript 99.84.108.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/choozle/16346/code/daf02a36827736997cd92656653dd1c9.js?conditionId0=4923361&conditionId1=4923360
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/choozle/16346/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.108.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-108-72.iad79.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ea626c9d7ce9f6bb3096ce20d10f55ee60ee8b8cfd17c2907e7829a2291b08df

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://click.deals.shermanstravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 13:14:17 GMT
x-amz-version-id: xtm6ojxeQ7vmmepryIyFa5ahjPZV_7mQ
content-encoding: gzip
via: 1.1 0570243541aa4edb51d3f1e60aee5a32.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD79-C2
age: 193984
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 15 Mar 2022 19:03:25 GMT
server: AmazonS3
etag: W/"18ba69654723190632cd8282fba3adc6"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
x-amz-cf-id: cPt6jSuJa1g_mxAEwvTHdeGS6iCLZexuIMhuBs9ybs-Aq2EJPwJEyg==

GET
H3

200

396846.gif
idsync.rlcdn.com/
Redirect Chain

https://cs.choozle.com/dp/chz/26781?d=click.deals.shermanstravel.com&cb=9663790431
https://cs.choozle.com/sync
https://cs.choozle.com/sync?v=true&cid=a57e0ea1-6ec8-4071-a322-e8b124ad9a3b
https://tags.bluekai.com/site/48443?id=a57e0ea1-6ec8-4071-a322-e8b124ad9a3b&limit=1&redir=https%3A%2F%2Fcs.choozle.com%2Fsync%3Fpid%3D%24_BK_UUID%26dpsync%3Dbk%26cid%3Da57e0ea1-6ec8-4071-a322-e8b12...
https://cs.choozle.com/sync?pid=$_BK_UUID&dpsync=bk&cid=a57e0ea1-6ec8-4071-a322-e8b124ad9a3b
https://match.adsrvr.org/track/cmf/generic?ttd_puid=a57e0ea1-6ec8-4071-a322-e8b124ad9a3b&ttd_pid=gdmv7qs&ttd_tpi=1
https://cs.choozle.com/sync?pid=fa9af5c5-6609-4567-8b97-a56478c87def&dpsync=ttd&cid=a57e0ea1-6ec8-4071-a322-e8b124ad9a3b
https://idsync.rlcdn.com/459489.gif?partner_uid=a57e0ea1-6ec8-4071-a322-e8b124ad9a3b
https://idsync.rlcdn.com/1000.gif?memo=COGFHBIwCiwIARCp7AEaJGE1N2UwZWExLTZlYzgtNDA3MS1hMzIyLWU4YjEyNGFkOWEzYhAAGg0I6bjGmgYSBQjoBxAAQgBKAA
https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D
https://us-u.openx.net/w/1.0/cm?cc=1&id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=8598928b-b875-4bec-a9bd-e6c6c23a1a8d

42 B
60 B

42ms
41ms

Image
image/gif

35.190.60.146
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=8598928b-b875-4bec-a9bd-e6c6c23a1a8d
Requested by: Host: click.deals.shermanstravel.com
URL: https://click.deals.shermanstravel.com/1742090/326/4-nt-bahamas-cruise-incl-new-private-island-w-free-balcony-upgrade-onboard-credit-more
Protocol: H3
Server: 35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 146.60.190.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://click.deals.shermanstravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 19:07:21 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

date: Thu, 20 Oct 2022 19:07:21 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
location: https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=8598928b-b875-4bec-a9bd-e6c6c23a1a8d
p3p: CP="CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 prod
0fknmj8f9h.execute-api.us-west-2.amazonaws.com/ 0
0 2106ms
1922ms Fetch
application/json 44.238.244.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://0fknmj8f9h.execute-api.us-west-2.amazonaws.com/prod?deal_id=1742090&uid=b88d80fc-7835-4284-bbb5-48a3200fba36
Requested by: Host: s3-us-west-2.amazonaws.com
URL: https://s3-us-west-2.amazonaws.com/s.leveragelab.com/release/config/sites/stm/stm/deals-lytics.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.238.244.110 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-238-244-110.us-west-2.compute.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://click.deals.shermanstravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 19:07:22 GMT
x-amzn-trace-id: Root=1-63519c69-72e01c0c657e834d221b3540
x-amzn-requestid: 2d824dd0-b82a-449a-8863-a9c5f3d6e5de
content-length: 0
x-amz-apigw-id: aUVgdF5cPHcFX8A=
content-type: application/json

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 20ms
19ms Image
image/gif 2607:f8b0:4006:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=650649390&t=event&ni=1&_s=3&dl=https%3A%2F%2Fclick.deals.shermanstravel.com%2F1742090%2F326%2F4-nt-bahamas-cruise-incl-new-private-island-w-free-balcony-upgrade-onboard-credit-more&ul=en-us&de=windows-1252&dt=Redirecting%20you%20to%20your%20deal...&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=PostUp&ea=PostUp%20Loaded&el=%2F1742090%2F326%2F4-nt-bahamas-cruise-incl-new-private-island-w-free-balcony-upgrade-onboard-credit-more&ev=1&_u=aHBAAEABAAAAACAAI~&jid=&gjid=&cid=1431434549.1666292840&uid=b88d80fc-7835-4284-bbb5-48a3200fba36&tid=UA-13162027-3&_gid=1701744225.1666292840&cd6=pmin-100%20pmax-199&cd7=cruise&cd8=nassau%2C%20miami%2C%20miami&cd10=deal%20click&cd18=b88d80fc-7835-4284-bbb5-48a3200fba36&cd19=aud_network_only_users%2Caud_anonymous_users%2Csmt_new%2Call%2Cdefault_anon_seg&z=1708384903

Requested by

Host: click.deals.shermanstravel.com
URL: https://click.deals.shermanstravel.com/1742090/326/4-nt-bahamas-cruise-incl-new-private-island-w-free-balcony-upgrade-onboard-credit-more

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://click.deals.shermanstravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Oct 2022 20:08:27 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 82734
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

iframe Show response
d1eoo1tco6rr5e.cloudfront.net/ilucn8a/z4a47p5/ Frame 336C
Redirect Chain

https://insight.adsrvr.org/tags/ilucn8a/z4a47p5/iframe
https://d1eoo1tco6rr5e.cloudfront.net/ilucn8a/z4a47p5/iframe

138 B
668 B

99ms
24ms

Document
text/html

52.85.130.144
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1eoo1tco6rr5e.cloudfront.net/ilucn8a/z4a47p5/iframe
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/choozle/16346/code/daf02a36827736997cd92656653dd1c9.js?conditionId0=4923361&conditionId1=4923360
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.130.144 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-130-144.iad50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6cdec4e3c51e8632f4f07fc071477493f519187d39821841e57fad12594a1662

Request headers

Referer: https://click.deals.shermanstravel.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Accept-Ranges: bytes
Age: 52194
Cache-Control: max-age=86400
Connection: keep-alive
Content-Length: 138
Content-Type: text/html
Date: Thu, 20 Oct 2022 04:37:28 GMT
ETag: "0a8f6304cfb8400aa158460b59ede905"
Last-Modified: Tue, 15 Mar 2022 18:59:25 GMT
Server: AmazonS3
Via: 1.1 5451b84324d9bca0bdd03e4c4009ae10.cloudfront.net (CloudFront)
X-Amz-Cf-Id: 3IsAdXuHwRmo8EHJAE_Id-5NKIx7MqvZ95lUMJLx6B0buzbaU1p16w==
X-Amz-Cf-Pop: IAD50-C2
X-Cache: Hit from cloudfront
x-amz-server-side-encryption: AES256

Redirect headers

content-length: 183
content-type: text/html; charset=UTF-8
date: Thu, 20 Oct 2022 19:07:21 GMT
location: https://d1eoo1tco6rr5e.cloudfront.net/ilucn8a/z4a47p5/iframe
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 336C
Redirect Chain

https://insight.adsrvr.org/track/pxl/?adv=ilucn8a&ct=0:z4a47p5&fmt=3
https://dpm.demdex.net/ibs:dpid=903&dpuuid=fa9af5c5-6609-4567-8b97-a56478c87def&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Daam
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=903&dpuuid=fa9af5c5-6609-4567-8b97-a56478c87def&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Daam
https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam
https://usermatch.krxd.net/um/v2?partner=ttd&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=fa9af5c5-6609-4567-8b97-a56478c87def
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=ttd&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=fa9af5c5-6609-4567-8b97-a56478c87def

0
338 B

101ms
24ms

Image
text/plain

52.203.237.12
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=ttd&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=fa9af5c5-6609-4567-8b97-a56478c87def
Requested by: Host: d1eoo1tco6rr5e.cloudfront.net
URL: https://d1eoo1tco6rr5e.cloudfront.net/ilucn8a/z4a47p5/iframe
Protocol: H2
Server: 52.203.237.12 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-203-237-12.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://d1eoo1tco6rr5e.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-served-by: beacon-n010-ash-prod.krxd.net
date: Thu, 20 Oct 2022 19:07:21 GMT
cache-control: private, no-cache, no-store
x-request-time: D=36 t=1666292841
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=ttd&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=fa9af5c5-6609-4567-8b97-a56478c87def
date: Thu, 20 Oct 2022 19:07:21 GMT
x-cache-hits: 0
x-age: 0
content-length: 0
x-cache: MISS
x-served-by: usermatch-a017-ash-prod.krxd.net

GET
H2 200 pathfora.min.js Show response
c.lytics.io/static/ 101 KB
22 KB 24ms
23ms Script
text/javascript 2606:4700:20::681a:316
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.lytics.io/static/pathfora.min.js

Requested by

Host: c.lytics.io
URL: https://c.lytics.io/api/tag/2033ac07a2eae34026d3189da90d18b6/latest.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:316 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

09c2785ae9cea8dfc6146d0c226eee07480335f63de40f6eeb4c906bc342603d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://click.deals.shermanstravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 19:07:21 GMT
strict-transport-security: max-age=63072000;
via: 1.1 google
cf-cache-status: HIT
last-modified: Thu, 20 Oct 2022 17:37:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5368
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Al0V7yHRWeKcYYrGj%2FJk09NY%2FXOg1AAA%2F7xEWYR4GjzAB5p5qCJpp%2BJZ45qeEEBJa%2FDjmeBtRznI3%2F8EaoutmO%2FNUgD8S6RSLcBupj%2BzESl0EFuYSl60LjtTRq9dFiEAN9tONgkONIIn"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
content-encoding: br
cache-control: max-age=7200
cf-ray: 75d409322bd47145-YUL

GET
H2 200 pathfora.min.css
c.lytics.io/static/ 20 KB
4 KB 20ms
20ms Stylesheet
text/css 2606:4700:20::681a:316
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.lytics.io/static/pathfora.min.css

Requested by

Host: c.lytics.io
URL: https://c.lytics.io/static/pathfora.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:316 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea99bd3fb4ae5d61320b918295829a784d4cef63b321451db06a6bbe4314f0d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://click.deals.shermanstravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 19:07:21 GMT
strict-transport-security: max-age=63072000;
via: 1.1 google
cf-cache-status: HIT
last-modified: Thu, 20 Oct 2022 17:37:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5365
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YzQfUN%2BUrDHwuP7i3ymQ8pqafWSXT1eoxk9CtT%2BKhQXAODw3Oh8BaYrIFzSu210gJ5RbIY1FPd63S47zBhpswHZtqXKyUTcCXbSMHxOTHzyV0OLalZzOe2VfDZXes5TqOYJ1nOvP81UW"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
content-encoding: br
cache-control: max-age=7200
cf-ray: 75d409326c147145-YUL

GET
H2 200 shermans-overrides.css
d2r8ootic371nc.cloudfront.net/lytics-shermanstravel/ 20 KB
20 KB 79ms
24ms Stylesheet
text/css 2600:9000:23cb:de00:11:b97d:c600:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2r8ootic371nc.cloudfront.net/lytics-shermanstravel/shermans-overrides.css
Requested by: Host: c.lytics.io
URL: https://c.lytics.io/api/tag/2033ac07a2eae34026d3189da90d18b6/latest.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:23cb:de00:11:b97d:c600:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 146a03175b402672121859534d41746101351d328deefd13753eb40bad5c2448

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://click.deals.shermanstravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id: W5BQjQDOklI8jwkHa_NzIAQeLJeG1dk6
date: Thu, 20 Oct 2022 06:11:49 GMT
via: 1.1 043cf9310ff19c0e58a0b6e76877f570.cloudfront.net (CloudFront)
last-modified: Thu, 02 Jul 2020 12:01:22 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P1
age: 46584
etag: "60a398c2a147529d7d1cfe6a25af4d33"
x-cache: Hit from cloudfront
content-type: text/css
accept-ranges: bytes
content-length: 20458
x-amz-cf-id: IjBI9Fbfze9suymZNfKhuctJiO42S_iN07LiOKqrM92fojo5WKiZyg==

GET
H2 200 config.js Show response
c.lytics.io/api/experience/candidate/2033ac07a2eae34026d3189da90d18b6/ 4 KB
2 KB 22ms
22ms Script
application/javascript 2606:4700:20::681a:316
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.lytics.io/api/experience/candidate/2033ac07a2eae34026d3189da90d18b6/config.js

Requested by

Host: c.lytics.io
URL: https://c.lytics.io/api/tag/2033ac07a2eae34026d3189da90d18b6/latest.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:316 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2b4ca7aa89dfb265a98ef65e7aefd947c0a66698df698d8de65c71ea8fd4a3f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://click.deals.shermanstravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 19:07:21 GMT
strict-transport-security: max-age=63072000;
via: 1.1 google
cf-cache-status: HIT
last-modified: Thu, 20 Oct 2022 18:56:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 672
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1kgTcivKaHLi%2BViOsyUHPbETE5%2BxlfYuxsxKE8Hm8DJl4n5fsn9avZ0OGqZiG3OJDocHU3QKG6PPZ%2FooNORk8iVX8m3Fv6vKOcI11gyH5Hmrsf42Q3rQ%2FMkctRzMA%2FFqJVEYEMM75O9r"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
content-encoding: br
cache-control: max-age=7200
cf-ray: 75d40932ece17145-YUL

GET
H2 200 pixel Show response
bid.g.doubleclick.net/xbbe/ Frame 764A 0
682 B 101ms
38ms Document
text/html 172.253.62.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/xbbe/pixel?d=KAE

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.62.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f157.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://click.deals.shermanstravel.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 20 Oct 2022 19:07:21 GMT
expires: Thu, 20 Oct 2022 19:07:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ct.html Show response
ct.pinterest.com/ Frame 1C10 565 B
590 B 215ms
215ms Document
text/html 104.77.220.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/ct.html

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.0e6a432f.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.77.220.247 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-77-220-247.deploy.static.akamaitechnologies.com

Software

Resource Hash

f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Referer: https://click.deals.shermanstravel.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

akamai-grn: 0.a6794668.1666292841.ad0e6b0
cache-control: max-age=86400
content-encoding: gzip
content-length: 323
content-type: text/html; charset=utf-8
date: Thu, 20 Oct 2022 19:07:21 GMT
referrer-policy: origin
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-cdn: akamai
x-envoy-upstream-service-time: 1
x-pinterest-rid: 1151824346671276

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 19ms
19ms Image
text/plain 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1030893760286070&ev=Microdata&dl=https%3A%2F%2Fclick.deals.shermanstravel.com%2F1742090%2F326%2F4-nt-bahamas-cruise-incl-new-private-island-w-free-balcony-upgrade-onboard-credit-more&rl=&if=false&ts=1666292842172&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Redirecting%20you%20to%20your%20deal...%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.87&r=stable&ec=3&o=30&fbp=fb.1.1666292840667.68319082&it=1666292840568&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://click.deals.shermanstravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 20 Oct 2022 19:07:22 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H2 204 B27042567.324293325;dc_trk_aid=516746308;dc_trk_cid=163719133;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;ltd=
ad.doubleclick.net/ddm/trackclk/N347203.147748SHERMANSTRAVEL/ 0
0 116ms
48ms Document
text/html 142.250.176.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/trackclk/N347203.147748SHERMANSTRAVEL/B27042567.324293325;dc_trk_aid=516746308;dc_trk_cid=163719133;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;ltd=

Requested by

Host: click.deals.shermanstravel.com
URL: https://click.deals.shermanstravel.com/1742090/326/4-nt-bahamas-cruise-incl-new-private-island-w-free-balcony-upgrade-onboard-credit-more

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.176.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://click.deals.shermanstravel.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 20 Oct 2022 19:07:22 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Verdicts & Comments Add Verdict or Comment

63 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

23 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
click.deals.shermanstravel.com/	1970-01-20 06:57:18	Name: conv-15 Value: yDOK1I2XukRDRqo
.shermanstravel.com/	1970-01-20 06:51:34	Name: usrsess Value: %7B%22e%22%3A1666294640%2C%22v%22%3A%7B%22cord%22%3A1%7D%7D
.shermanstravel.com/	1970-01-20 16:27:32	Name: _ga Value: GA1.2.1431434549.1666292840
.shermanstravel.com/	1970-01-20 06:52:59	Name: _gid Value: GA1.2.1701744225.1666292840
.shermanstravel.com/	1970-01-20 06:51:32	Name: _gat Value: 1
.shermanstravel.com/	1970-01-20 09:01:08	Name: _gcl_au Value: 1.1.1823832925.1666292840
.click.deals.shermanstravel.com/	1970-01-20 06:51:34	Name: seerses Value: e
.shermanstravel.com/	1970-01-20 09:01:08	Name: _fbp Value: fb.1.1666292840667.68319082
.click.deals.shermanstravel.com/	1970-01-20 16:27:32	Name: seerid Value: b88d80fc-7835-4284-bbb5-48a3200fba36
.quantserve.com/	1970-01-20 16:21:47	Name: mc Value: 63519c68-a7b9b-b7af8-e504e
.shermanstravel.com/	1970-01-20 16:16:01	Name: __qca Value: P0-1341752235-1666292840620
.lytics.io/	1970-01-20 16:27:32	Name: seerid Value: b88d80fc-7835-4284-bbb5-48a3200fba36
.click.deals.shermanstravel.com/	1970-01-20 15:37:08	Name: _pin_unauth Value: dWlkPU9EaGxNRFJsT1RVdE4yUm1OQzAwTURKbUxUZ3hZemd0T1dWbU5XWTJPVGxtTldVMA
.adsrvr.org/	1970-01-20 15:37:08	Name: TDID Value: fa9af5c5-6609-4567-8b97-a56478c87def
.choozle.com/	1970-01-20 07:34:44	Name: chzdpsync Value: eyJjaG9vemxlQ29va2llSWQiOiJhNTdlMGVhMS02ZWM4LTQwNzEtYTMyMi1lOGIxMjRhZDlhM2IiLCJwcm92aWRlckNvb2tpZU1ldGEiOnsiT1JBQ0xFIjp7InByb3ZpZGVyIjoiT1JBQ0xFIiwicHJvdmlkZXJDb29raWVJZCI6IiRfQktfVVVJRCIsInByb3ZpZGVyUmVkaXJlY3RSZXF1ZXN0ZWQiOmZhbHNlLCJwcm92aWRlclJlZGlyZWN0U2VudCI6ZmFsc2V9LCJUVEQiOnsicHJvdmlkZXIiOiJUVEQiLCJwcm92aWRlckNvb2tpZUlkIjoiZmE5YWY1YzUtNjYwOS00NTY3LThiOTctYTU2NDc4Yzg3ZGVmIiwicHJvdmlkZXJSZWRpcmVjdFJlcXVlc3RlZCI6ZmFsc2UsInByb3ZpZGVyUmVkaXJlY3RTZW50IjpmYWxzZX19LCJ2ZXJpZmllZCI6dHJ1ZSwic3BlY2lmaWNQcm92aWRlcnMiOltdfQ==
.rlcdn.com/	1970-01-20 15:37:08	Name: rlas3 Value: JTptDMuu278X7zWio+6mVhQ78e0ygcCyfY+dIcbBYJw=
.demdex.net/	1970-01-20 11:10:44	Name: demdex Value: 31295453801810005484586277679879006279
.dpm.demdex.net/	1970-01-20 11:10:44	Name: dpm Value: 31295453801810005484586277679879006279
.rlcdn.com/	1970-01-20 08:17:56	Name: pxrc Value: COm4xpoGEgUI6AcQABIGCLjrARAA
.adsrvr.org/	1970-01-20 15:37:08	Name: TDCPM Value: CAESEgoDYWFtEgsIwtHcr9GDjjsQBRITCgRrcnV4EgsIqvbOsdGDjjsQBRgFIAEoATILCMLJtbyhtpk7EAU4AUIEIgIIAVoHaWx1Y244YWABcgRrcnV4
.openx.net/	1970-01-20 15:37:08	Name: i Value: 03f2d2b4-dcb5-427b-ac12-aedd9f8648a8\|1666292841
.krxd.net/	1970-01-20 11:10:44	Name: _kuid_ Value: PJlW0HpS
.doubleclick.net/	1970-01-20 16:27:32	Name: IDE Value: AHWqTUkMAqpIKZR3UUSGptKhWJB-OpY1WJe7FnKz0eHnis_l2BRyOVAAcsanhje_

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0fknmj8f9h.execute-api.us-west-2.amazonaws.com
ad.doubleclick.net
ajax.googleapis.com
beacon.krxd.net
bid.g.doubleclick.net
c.lytics.io
click.deals.shermanstravel.com
connect.facebook.net
cs.choozle.com
ct.pinterest.com
d1eoo1tco6rr5e.cloudfront.net
d2r8ootic371nc.cloudfront.net
dpm.demdex.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
idsync.rlcdn.com
insight.adsrvr.org
landscape.shermanstravel.com
lightboxapi.azurewebsites.net
match.adsrvr.org
nexus.ensighten.com
pixel.quantserve.com
rules.quantcount.com
s.pinimg.com
s3-us-west-2.amazonaws.com
secure.quantserve.com
stats.g.doubleclick.net
tags.bluekai.com
us-u.openx.net
usermatch.krxd.net
www.facebook.com
www.google-analytics.com
www.google.ca
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.lightboxcdn.com
104.77.220.247
142.250.176.198
142.251.40.194
15.197.193.217
172.253.62.157
20.40.202.0
23.217.56.119
2600:9000:208f:b000:6:44e3:f8c0:93a1
2600:9000:23cb:de00:11:b97d:c600:21
2606:4700:20::681a:316
2606:4700::6810:50a5
2607:f8b0:4004:c17::9b
2607:f8b0:4006:80b::200e
2607:f8b0:4006:816::2003
2607:f8b0:4006:81c::200a
2607:f8b0:4006:81d::2008
2607:f8b0:4006:81e::2003
2607:f8b0:4006:820::2002
2607:f8b0:4006:821::2004
2607:f8b0:4006:822::200a
2620:116:800b:21:a021:b886:81cc:55cf
2a03:2880:f012:10c:face:b00c:0:3
2a03:2880:f112:83:face:b00c:0:25de
2a04:4e42:77::84
3.212.202.167
34.98.64.218
35.190.60.146
44.238.244.110
52.203.237.12
52.55.116.184
52.6.87.15
52.73.242.246
52.85.130.144
52.92.161.48
54.159.19.58
99.84.108.72
06d72f18353ddbe49811b5d80d6c0357edda40a49783cdd0e2c4cd33533f2261
09c2785ae9cea8dfc6146d0c226eee07480335f63de40f6eeb4c906bc342603d
09ff4c9f9adb0a8260c9b81b54f27847a67b651f795bad612651d9c9eb04f497
0b9028c7ecccf4f31fafcfca176cd6ed38197d7b3d6ea4c107b98af8eecc525b
146a03175b402672121859534d41746101351d328deefd13753eb40bad5c2448
2b4ca7aa89dfb265a98ef65e7aefd947c0a66698df698d8de65c71ea8fd4a3f5
3287d19fb549ad1443377c8490fe1cf95b9ef35cb8473747b54662c1f1add459
363e30beb9afe4a368061173b2a840f64412a2b1a0c76e6ee0a11fd20fe91603
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
38c85d71653183951f4deae1d9d8c7da2efc57005ccc4d0fc5c40feba4d4b8aa
501294284b0917449730c3743be6e3610c15b15904d7e502e8d1523a83d6aafb
5246c1351922b3cb2b238400e4b80678680f40577d2995fc5f29b8368aa25750
5c2563d943cfdec20d795d1f70ee7c4e29e4eccdea932b51e7e39cf7a782c745
5f7b922141c0a8db02521ed3de10f5b865a92bdb07c20abeb3dd6719d6d2d577
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36
6cdec4e3c51e8632f4f07fc071477493f519187d39821841e57fad12594a1662
6eb1a85c484ea6b5692b2846247099262ca28243d78e5ee99077f3f7a0ecc77a
752f2103db64216b5123b5065405c37d2fe03718dc7fd36108ca9e205c1b50f2
763eee8e0261412cbf0ca0ea49209627ec0dfc1a6218364393f9cbfc45b3d56c
79843949edcce85d9ad2d6ec233fa21623a9cf6f35653957dcfd03e7ebafb6f8
7f10e552a691e3025d19a772710d8eeffde83235517d4e7e8e016d8adf372186
7f5bd3c2db4b2770208fde0ece64ceea917e3fc3e07b06087502ae1c5ef710fb
80efbfcfad67fc0fa5a9d8cc84eb35951eea2d2e179a6fc51c82463c9e70a5dc
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
975beafc13539c22ec4225ad7f0641971584863885aea523d53302d3e7a8f604
9d92761d41436306ea309e21fe391416f1e85e3cc61a021d6d78bc0989cd1b7b
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a82d5d6368f34a1384c667f859540aebb8eb4f071d80de35c861f4919b5a209d
acc99a0b70afad5ab53c8c1fb2be18189342e873e7b1e07327f044773c5edba0
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aed5ccd9a1464ec082338fd88b0b73b810af66c72b4adffe270607212d4693a2
b050eef19e88e97861dfa4a77bc3beb5178ae7c835a311c847274c315f488882
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
c0bf467e1fdff29fa489168b1978d7f13950b98d6121b42f0802e1cc334c488f
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
d4f4be14ec90c84952052c340e8a18f447de2f305eab176bf70dc04e4b32e818
d9b18edccc6d6cdd3eb64d1835d42046cc84cdd8681ec26da7b6b3e7e3ab8875
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7aaa31aec9d6a9f88c0af5d361aff3e7828ace0fb0c55ab35922025e12700b1
ea626c9d7ce9f6bb3096ce20d10f55ee60ee8b8cfd17c2907e7829a2291b08df
ea99bd3fb4ae5d61320b918295829a784d4cef63b321451db06a6bbe4314f0d4
ec71478763d59753bb1931f8cc7f3ce6584d5a60fa15dfe00eaf52c4458fe695
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef60e5fe54f75b0825bc3a51830b26709a96843762ae26a45f4439a749df039f
f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729
f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3
f8486cf55c57486f26236be045e02ada380d1ee0378008375cf54295c23954c8

click.deals.shermanstravel.com Open in urlscan Pro 52.55.116.184 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

67 Requests

96 %HTTPS

47 %IPv6

28 Domains

38 Subdomains

30 IPs

1 Countries

634 kBTransfer

2025 kBSize

23 Cookies

0 Outgoing links

Redirected requests

67 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

click.deals.shermanstravel.com Open in urlscan Pro
52.55.116.184 Public Scan

Screenshot
Live screenshot

Full Image

67
Requests

96 %
HTTPS

47 %
IPv6

28
Domains

38
Subdomains

30
IPs

1
Countries

634 kB
Transfer

2025 kB
Size

23
Cookies

67 HTTP transactions
0 data transactions