navitour.com Open in urlscan Pro
104.19.240.93 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://navitour.com/
Effective URL:
https://navitour.com/
Submission: On January 21 via api (January 21st 2023, 10:37:14 pm UTC) from US — Scanned from DE

Summary HTTP 61 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 16 IPs in 4 countries across 13 domains to perform 61 HTTP transactions. The main IP is 104.19.240.93, located in and belongs to CLOUDFLARENET, US. The main domain is navitour.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 25th 2022. Valid for: a year.

This is the only time navitour.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	104.19.241.93 104.19.241.93	13335 (CLOUDFLAR...) (CLOUDFLARENET)
18	104.19.240.93 104.19.240.93	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	99.86.4.99 99.86.4.99	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6811:d3cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700::68... 2606:4700::6811:ba49	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:400d:806::2003	15169 (GOOGLE) (GOOGLE)
5	2606:4700::68... 2606:4700::6810:5505	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2600:9000:211... 2600:9000:211e:5c00:1c:37e5:3f40:21	16509 (AMAZON-02) (AMAZON-02)
3	54.187.159.182 54.187.159.182	16509 (AMAZON-02) (AMAZON-02)
2	65.9.66.30 65.9.66.30	16509 (AMAZON-02) (AMAZON-02)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	34.217.162.9 34.217.162.9	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:5605	13335 (CLOUDFLAR...) (CLOUDFLARENET)
61	16

1 104.19.241.93 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

navitour.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 104.19.240.93 (None, )

ASN13335 (CLOUDFLARENET, US)

navitour.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
navitour2.cdn.bubble.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 99.86.4.99 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-99.fra6.r.cloudfront.net

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:d3cc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:ba49 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:400d:806::2003 (Ireland)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6810:5505 (United States)

ASN13335 (CLOUDFLARENET, US)

forms.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forms-na1.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2600:9000:211e:5c00:1c:37e5:3f40:21 (United States)

ASN16509 (AMAZON-02, US)

d1muf25xaso8hp.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.187.159.182 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-159-182.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 65.9.66.30 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-30.fra56.r.cloudfront.net

m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.217.162.9 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-217-162-9.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5605 (United States)

ASN13335 (CLOUDFLARENET, US)

forms-na1.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	navitour.com 1 redirects navitour.com	1 MB
9	cloudfront.net d1muf25xaso8hp.cloudfront.net	161 KB
8	gstatic.com fonts.gstatic.com	174 KB
7	stripe.com js.stripe.com — Cisco Umbrella Rank: 995 q.stripe.com — Cisco Umbrella Rank: 5906 m.stripe.com — Cisco Umbrella Rank: 991	107 KB
6	hsforms.com forms.hsforms.com — Cisco Umbrella Rank: 3863 forms-na1.hsforms.com — Cisco Umbrella Rank: 6115	8 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 41	227 KB
3	hsforms.net js.hsforms.net — Cisco Umbrella Rank: 5881	476 KB
2	stripe.network m.stripe.network — Cisco Umbrella Rank: 1108	16 KB
2	bubble.io navitour2.cdn.bubble.io	15 KB
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2439	345 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	1 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 199	1 KB
1	hs-scripts.com js.hs-scripts.com — Cisco Umbrella Rank: 2025
61	13

	Domain	Requested by
17	navitour.com	1 redirects navitour.com
9	d1muf25xaso8hp.cloudfront.net	navitour.com
8	fonts.gstatic.com	fonts.googleapis.com
4	forms.hsforms.com	js.hsforms.net navitour.com
4	www.googletagmanager.com	navitour.com www.googletagmanager.com
3	q.stripe.com	navitour.com
3	js.hsforms.net	navitour.com js.hsforms.net
3	js.stripe.com	navitour.com js.stripe.com
2	forms-na1.hsforms.com	navitour.com js.hsforms.net
2	m.stripe.network	js.stripe.com m.stripe.network
2	navitour2.cdn.bubble.io	navitour.com
1	m.stripe.com	m.stripe.network
1	region1.google-analytics.com	www.googletagmanager.com
1	fonts.googleapis.com	navitour.com
1	cdnjs.cloudflare.com	navitour.com
1	js.hs-scripts.com	navitour.com
61	16

This site contains links to these domains. Also see Links.

Domain
travelcampfire.com
blog.navitour.com

Subject Issuer	Validity	Valid
navitour.com Cloudflare Inc ECC CA-3	`2022-05-25` - `2023-05-24`	a year	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2023-01-10` - `2023-05-10`	4 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-03` - `2023-06-02`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-01-02` - `2023-03-27`	3 months	crt.sh
bubble.io Cloudflare Inc ECC CA-3	`2022-12-17` - `2023-12-16`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-01-02` - `2023-03-27`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-01-02` - `2023-03-27`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-11-12` - `2023-03-09`	4 months	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-08` - `2023-04-08`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://navitour.com/
Frame ID: 97CFD8EB1D8C5B89A90C5FCDC8ADE3DA
Requests: 52 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Frame ID: E540FADC3FD36998FEA8F566B247594E
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 0951940F30EACB034FB6D2CDF060A81F
Requests: 4 HTTP requests in this frame

Frame: https://js.hsforms.net/forms/v2.js
Frame ID: 71D4EBAB627FEF78A74F9AC0FFF8EB38
Requests: 1 HTTP requests in this frame

Frame: https://js.hsforms.net/forms/v2.js
Frame ID: 9A1DAA1D39DCA42485EE5067AE8DED6D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Navitour

Page URL History Show full URLs

http://navitour.com/ HTTP 301
https://navitour.com/ Page URL

Detected technologies

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

61
Requests

100 %
HTTPS

63 %
IPv6

13
Domains

16
Subdomains

16
IPs

4
Countries

2257 kB
Transfer

7962 kB
Size

8
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://travelcampfire.com/join/
Title: Campfire

Search URL Search Domain Scan URL

URL: https://blog.navitour.com/
Title: Blog

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://navitour.com/ HTTP 301
https://navitour.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

61 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
navitour.com/
Redirect Chain

http://navitour.com/
https://navitour.com/

14 KB
6 KB

531ms
512ms

Document
text/html

104.19.240.93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://navitour.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

104.19.240.93 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

ddc793272e89ff65e961ea03b80b8d14780201485b57c2c85368b05ca77fb97b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none';
X-Frame-Options	DENY

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

CF-Cache-Status: DYNAMIC
CF-RAY: 78d3885798c59a21-FRA
Connection: keep-alive
Content-Encoding: br
Content-Type: text/html
Date: Sat, 21 Jan 2023 22:37:07 GMT
Server: cloudflare
Transfer-Encoding: chunked
cache-control: no-store
content-security-policy: frame-ancestors 'none';
referrer-policy: origin
vary: Accept-Encoding
x-bubble-capacity-limit: 0 ms slower
x-bubble-capacity-used: 0.253 unit-seconds used
x-bubble-perf: {"total":306.1,"percents":{"top":{"bubble_cpu":35.8,"block":64.2,"capacity_rl":0,"other_pause":0,"pre_fiber":0.2},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":31.7,"appserver_cache_misses_time":0,"redis":59.6,"fiber_queue":3.9,"capacity_wait":1}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"derived_cache_attempts":15,"derived_cache_memory_misses":15,"serverjson":71,"appserver_cache_attempts":2,"appserver_mem_cache_hits":0,"appserver_cache_hits":2,"appserver_cache_misses":0,"redis":103,"fiber_queue":108,"blocks":107},"misc":{"userdb_results":1,"userdb_data":692,"spent_time":16454438,"derived_build_time_spent":0}}
x-frame-options: DENY
x-powered-by: Express

Redirect headers

CF-Cache-Status: DYNAMIC
CF-RAY: 78d388554be16928-FRA
Connection: keep-alive
Content-Length: 0
Date: Sat, 21 Jan 2023 22:37:07 GMT
Location: https://navitour.com/
Server: cloudflare

GET
H/1.1 200
OK early.js Show response
navitour.com/package/early_js/c5bcb2b703c12cc31e5a643f3beafacd0fd83738d617fb5a9a2b524326bd2d5b/xfalse/ 23 KB
10 KB 241ms
240ms Script
application/javascript 104.19.240.93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://navitour.com/package/early_js/c5bcb2b703c12cc31e5a643f3beafacd0fd83738d617fb5a9a2b524326bd2d5b/xfalse/early.js
Requested by: Host: navitour.com
URL: https://navitour.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.240.93 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 5e99240e0f704678d97c9bfdd715672b2dd5d6c507a1f2197babeec2577039bf

Request headers

Referer: https://navitour.com/
Origin: https://navitour.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Sat, 21 Jan 2023 22:37:07 GMT
Content-Encoding: br
CF-Cache-Status: MISS
x-bubble-perf: {"total":37.3,"percents":{"top":{"bubble_cpu":27.5,"block":71.2,"capacity_rl":0,"other_pause":0,"pre_fiber":1.3},"sub":{"pp_userdb":8.1,"pp_wait_userdb":0,"http_request":0,"serverjson":6.6,"appserver_cache_misses_time":0,"redis":46,"fiber_queue":9.7,"capacity_wait":8.4}},"counts":{"pp_userdb":1,"http_request":0,"derived_build":0,"derived_cache_attempts":1,"derived_cache_memory_misses":1,"serverjson":3,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":21,"fiber_queue":28,"blocks":27},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":7536232,"derived_build_time_spent":0}}
x-powered-by: Express
Transfer-Encoding: chunked
Connection: keep-alive
x-bubble-capacity-used: 0.116 unit-seconds used
Server: cloudflare
vary: Accept-Encoding
Content-Type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
CF-RAY: 78d3885adccf9a21-FRA
x-bubble-capacity-limit: 0 ms slower

GET
H/1.1 200
OK run.css
navitour.com/package/run_css/4493c93c68c4d4d6b5045e8fe585439c276a990bd9991e78320aef234cfd5400/navitour2/live/index/xfalse/xfalse/xtrue/ 245 KB
24 KB 273ms
256ms Stylesheet
text/css 104.19.240.93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://navitour.com/package/run_css/4493c93c68c4d4d6b5045e8fe585439c276a990bd9991e78320aef234cfd5400/navitour2/live/index/xfalse/xfalse/xtrue/run.css
Requested by: Host: navitour.com
URL: https://navitour.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.240.93 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 41a725b05cd66b48b293b9b78d354307dfeb7419606336f9492860e95d37ba14

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://navitour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Sat, 21 Jan 2023 22:37:07 GMT
Content-Encoding: br
CF-Cache-Status: MISS
x-bubble-perf: {"total":40.6,"percents":{"top":{"bubble_cpu":34.3,"block":63.2,"capacity_rl":0,"other_pause":0,"pre_fiber":1.2},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":21.6,"appserver_cache_misses_time":0,"redis":61,"fiber_queue":10.4,"capacity_wait":7.3}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"derived_cache_attempts":2,"derived_cache_memory_misses":2,"serverjson":13,"appserver_cache_attempts":1,"appserver_mem_cache_hits":0,"appserver_cache_hits":1,"appserver_cache_misses":0,"redis":26,"fiber_queue":27,"blocks":26},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":2093277,"derived_build_time_spent":0}}
x-powered-by: Express
Transfer-Encoding: chunked
Connection: keep-alive
x-bubble-capacity-used: 0.032 unit-seconds used
Server: cloudflare
vary: Accept-Encoding
Content-Type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
CF-RAY: 78d3885ae94490ee-FRA
x-bubble-capacity-limit: 0 ms slower

GET
H/1.1 200
OK run.js Show response
navitour.com/package/run_js/c923e7f3a5c984a3f5271821c60b4a3ccdd25797ba2e562431d3cac1b94b87f0/xfalse/x20/ 3 MB
681 KB 438ms
421ms Script
application/javascript 104.19.240.93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://navitour.com/package/run_js/c923e7f3a5c984a3f5271821c60b4a3ccdd25797ba2e562431d3cac1b94b87f0/xfalse/x20/run.js
Requested by: Host: navitour.com
URL: https://navitour.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.240.93 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: aa74494ba1fd1b0ba238a18b810a0e2e2769c695de9ce986b13c208d3ef82e80

Request headers

Referer: https://navitour.com/
Origin: https://navitour.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Sat, 21 Jan 2023 22:37:08 GMT
Content-Encoding: br
CF-Cache-Status: MISS
x-bubble-perf: {"total":13.9,"percents":{"top":{"bubble_cpu":36.4,"block":47.4,"capacity_rl":0,"other_pause":0,"pre_fiber":4.5},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":0,"appserver_cache_misses_time":0,"redis":40.7,"fiber_queue":3.6,"capacity_wait":0}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":0,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":8,"fiber_queue":11,"blocks":10},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":757137,"derived_build_time_spent":0}}
x-powered-by: Express
Transfer-Encoding: chunked
Connection: keep-alive
x-bubble-capacity-used: 0.012 unit-seconds used
Server: cloudflare
vary: Accept-Encoding
Content-Type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
CF-RAY: 78d3885aeff76943-FRA
x-bubble-capacity-limit: 0 ms slower

GET
H/1.1 200
OK static.js Show response
navitour.com/package/static_js/68a7fa7b4297b2d291e56a36a084c72a7253ed408180bcc61f33708f7b24708d/navitour2/live/index/xnull/xfalse/xfalse/xfalse/xtrue/ 1 MB
202 KB 573ms
554ms Script
application/javascript 104.19.240.93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://navitour.com/package/static_js/68a7fa7b4297b2d291e56a36a084c72a7253ed408180bcc61f33708f7b24708d/navitour2/live/index/xnull/xfalse/xfalse/xfalse/xtrue/static.js
Requested by: Host: navitour.com
URL: https://navitour.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.240.93 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 6672b3376358ca97381da679140538aa2e7a13241e3f8c536c0b004d4d8a69e2

Request headers

Referer: https://navitour.com/
Origin: https://navitour.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Sat, 21 Jan 2023 22:37:08 GMT
Content-Encoding: br
CF-Cache-Status: MISS
x-bubble-perf: {"total":216.2,"percents":{"top":{"bubble_cpu":15.3,"block":84.7,"capacity_rl":0,"other_pause":0,"pre_fiber":0.2},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":29,"appserver_cache_misses_time":0,"redis":36,"fiber_queue":3.2,"capacity_wait":1}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"derived_cache_attempts":8,"derived_cache_memory_misses":8,"serverjson":47,"appserver_cache_attempts":2,"appserver_mem_cache_hits":0,"appserver_cache_hits":2,"appserver_cache_misses":0,"redis":67,"fiber_queue":64,"blocks":63},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":4957894,"derived_build_time_spent":0}}
x-powered-by: Express
Transfer-Encoding: chunked
Connection: keep-alive
x-bubble-capacity-used: 0.076 unit-seconds used
Server: cloudflare
vary: Accept-Encoding
Content-Type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
CF-RAY: 78d3885afb349b74-FRA
x-bubble-capacity-limit: 0 ms slower

GET
H/1.1 200
OK dynamic.js Show response
navitour.com/package/dynamic_js/e5c7305ab0038709c5592f156a3467317f1623f5d604d17b7cc653462dcc2940/navitour2/live/index/xnull/xfalse/xfalse/en_us/xfalse/xfalse/ 357 KB
59 KB 317ms
298ms Script
application/javascript 104.19.240.93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://navitour.com/package/dynamic_js/e5c7305ab0038709c5592f156a3467317f1623f5d604d17b7cc653462dcc2940/navitour2/live/index/xnull/xfalse/xfalse/en_us/xfalse/xfalse/dynamic.js
Requested by: Host: navitour.com
URL: https://navitour.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.240.93 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: dbe095c1fb3a0df67243c9dc4115a7b83a27aaefe8ba248350a78f552e9c38a9

Request headers

Referer: https://navitour.com/
Origin: https://navitour.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Sat, 21 Jan 2023 22:37:07 GMT
Content-Encoding: br
CF-Cache-Status: MISS
x-bubble-perf: {"total":35.8,"percents":{"top":{"bubble_cpu":41.2,"block":56.6,"capacity_rl":0,"other_pause":0,"pre_fiber":1.7},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":11.2,"appserver_cache_misses_time":0,"redis":49.4,"fiber_queue":11.5,"capacity_wait":12.7}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"derived_cache_attempts":3,"derived_cache_memory_misses":3,"serverjson":9,"appserver_cache_attempts":1,"appserver_mem_cache_hits":0,"appserver_cache_hits":1,"appserver_cache_misses":0,"redis":21,"fiber_queue":19,"blocks":18},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":2209839,"derived_build_time_spent":0}}
x-powered-by: Express
Transfer-Encoding: chunked
Connection: keep-alive
x-bubble-capacity-used: 0.034 unit-seconds used
Server: cloudflare
vary: Accept-Encoding
Content-Type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
CF-RAY: 78d3885afc909131-FRA
x-bubble-capacity-limit: 0 ms slower

GET
H2 200 / Show response
js.stripe.com/v3/ 424 KB
102 KB 43ms
8ms Script
text/javascript 99.86.4.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: navitour.com
URL: https://navitour.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-99.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

6019856b015413b6d3621f287c253f07882d15c61122ef73fc6c50904b91b587

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://navitour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Sat, 21 Jan 2023 22:36:49 GMT
via: 1.1 b0954612f115b3d0a0db0a669e45ae8e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 18
x-cache: Hit from cloudfront
last-modified: Fri, 20 Jan 2023 20:18:17 GMT
server: Cloudfront
etag: W/"4d9ee149b04fe346bd553602e4ac11d0"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
timing-allow-origin: *
x-amz-cf-id: 4o51Y7atSdbxPBpA0X-FP-JWwoHCK09twetDlnyehUDVNNnLKcBgiQ==

GET
H2 404 .js
js.hs-scripts.com/ 0
0 134ms
116ms Script
text/html 2606:4700::6811:d3cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-scripts.com/.js
Requested by: Host: navitour.com
URL: https://navitour.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:d3cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://navitour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 94 KB
37 KB 37ms
15ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=

Requested by

Host: navitour.com
URL: https://navitour.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

444554acab0343cc4d2f5e4e6c270f5c7268807cef594a50a5e758f68dc43826

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://navitour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 22:37:08 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37857
x-xss-protection: 0
last-modified: Sat, 21 Jan 2023 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 21 Jan 2023 22:37:08 GMT

GET
H2 200 croppie.min.css
cdnjs.cloudflare.com/ajax/libs/croppie/2.4.0/ 2 KB
1 KB 31ms
14ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/croppie/2.4.0/croppie.min.css

Requested by

Host: navitour.com
URL: https://navitour.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7d94621c23e99f7b86f592bb9f39fbbc5d6faf4f512412973bc70fa12cdb092c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://navitour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 22:37:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 28209754
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 595
last-modified: Mon, 04 May 2020 16:09:17 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e2d-982"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a9VLL1bNJgJhr62Mb90syEqePOKdOjNF7o914jgfGL%2B1ahWaWshKbU%2Bwazi6kXbgQZU7r6dOcx0%2BOsBiZNFqgJcZDKpH5tp6qHA%2B1siM0%2BFVQwS4WTF0God7W45uz68%2FZ%2FKYzgoJzE%2FrwbpmKpH%2F022f"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 78d3885aff509bc2-FRA
expires: Thu, 11 Jan 2024 22:37:07 GMT

GET
H2 200 exif_2.3.0.min.js Show response
navitour2.cdn.bubble.io/f1530602571601x711735609918832800/ 14 KB
6 KB 196ms
170ms Script
application/javascript 104.19.240.93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://navitour2.cdn.bubble.io/f1530602571601x711735609918832800/exif_2.3.0.min.js
Requested by: Host: navitour.com
URL: https://navitour.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.240.93 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7619bd478a6018074496dfd9f019ca93d7ec684b6a4b3d75bb4f85c022171f2e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://navitour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 22:37:07 GMT
x-amz-meta-appname: meta
content-encoding: br
x-amz-version-id: e1kLN.DZ8BDiuk6_YLUAkCyyWaaDMr8U
last-modified: Tue, 03 Jul 2018 07:22:52 GMT
server: cloudflare
cf-cache-status: MISS
x-amz-request-id: P8D7HTQMHG7THB7G
etag: W/"48814126e2cd29ac30e68e012934c6d8"
x-amz-meta-app-version: live
vary: Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=290304000
cf-ray: 78d3885afcc2920b-FRA
x-amz-id-2: S7+Iu57JFTHt5iSgwFPxNyw1GH2daKnJTqqLqG8vZDxCMDmfrhKxh/eGCP7FaLWXyFBuVCVGn74=

GET
H2 200 croppie.2.4.0.whitearea.flip.min.js Show response
navitour2.cdn.bubble.io/f1530613964116x134027369320392600/ 30 KB
9 KB 197ms
171ms Script
application/javascript 104.19.240.93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://navitour2.cdn.bubble.io/f1530613964116x134027369320392600/croppie.2.4.0.whitearea.flip.min.js
Requested by: Host: navitour.com
URL: https://navitour.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.240.93 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 67066dcb9b628d2e57ddb81eb7846598e9fdc4821dd0a8679a17f5d0b28e48c5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://navitour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 22:37:07 GMT
x-amz-meta-appname: meta
content-encoding: br
x-amz-version-id: rOU7AheaSpNOzUIrAZd5BWVQ46cM9yjS
last-modified: Tue, 03 Jul 2018 10:32:45 GMT
server: cloudflare
cf-cache-status: MISS
x-amz-request-id: P8D6RAM3XSWBMAQ9
etag: W/"14ddc3016c91f82f91c536a4d514d536"
x-amz-meta-app-version: live
vary: Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=290304000
cf-ray: 78d3885afcc4920b-FRA
x-amz-id-2: AVLY94+rcc4eOkUnN6IJi9k0Sz2m8wp3UvatlmX+nCwafyQI6+3Qs1fH1lQP33/KP62p21BjUrs=

GET
H2 200 v2.js Show response
js.hsforms.net/forms/ 507 KB
159 KB 62ms
28ms Script
application/javascript 2606:4700::6811:ba49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsforms.net/forms/v2.js

Requested by

Host: navitour.com
URL: https://navitour.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:ba49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3f8ab92da8dd94680196795fcc3018ef6169c1a4744be0b110b32d42e57394d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://navitour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 22:37:07 GMT
x-amz-version-id: pDblZ7ePNOkvsyo2COGg.CQbR8iX0Q1g
via: 1.1 c0b0d7167cc2eb52d8d154aa7fc03a0a.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: IAD12-P3
age: 455
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=forms-embed/static-1.2581/bundles/project-v2.js&cfRay=78d37d3caf689a2d-IAD
x-cache: Hit from cloudfront
cache-tag: staticjsapp-forms-embed-v2-web-prod,staticjsapp-prod
content-encoding: br
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 20 Jan 2023 09:38:01 UTC
server: cloudflare
etag: W/"3d5b1adfa186f3d88635eb8b15759930"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=niA3Yb3EyLBPg9sb2tE1giqnxVuWYteMNjtWJwUIEme0fwaW%2FU%2F3SU%2B7BwoKnY7MaT%2BWQ1WnJ%2B0YrrZhEbdTPI5Pwc2021YjUZQ1E143uSBokb50xd7IqFkX46yaVI%2BT2nov7s8HK%2BW5vGfc"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-hs-cache-status: HIT
cache-control: s-maxage=600, max-age=300
cf-ray: 78d3885b0cc96907-FRA
x-amz-cf-id: -JPSVxYtVqYB1b-Exe1XbhKUFeTn2pYKa-9bRP0_vxadjAGYTMO5sw==
x-hs-target-asset: forms-embed/static-1.2581/bundles/project-v2.js

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 219 KB
76 KB 23ms
23ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-4Z4SN42BY5

Requested by

Host: navitour.com
URL: https://navitour.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1546b9b3b81ca6f61292c18da3a7d4979b8b2b8955e8e56c23fecaf47db286da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://navitour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 22:37:08 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 78125
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 21 Jan 2023 22:37:08 GMT

GET
H2 200 css
fonts.googleapis.com/ 7 KB
1 KB 54ms
18ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Barlow:regular%7CBarlow:500%7CBarlow:600%7CBarlow:700%7CBarlow:800%7CBarlow:900%7CBarlow:italic%7CBarlow:regular%7CLato:regular%7CLato:regular

Requested by

Host: navitour.com
URL: https://navitour.com/package/early_js/c5bcb2b703c12cc31e5a643f3beafacd0fd83738d617fb5a9a2b524326bd2d5b/xfalse/early.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e248f14e45b99729af09bf2621131c31622ad176ec4eefb2398b3eb4694f5d04

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://navitour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 21 Jan 2023 22:37:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 21 Jan 2023 22:37:07 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 21 Jan 2023 22:37:07 GMT

GET
H/1.1 200
OK data Show response
navitour.com/api/1.1/init/ 474 B
1 KB 248ms
247ms XHR
text/plain 104.19.240.93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://navitour.com/api/1.1/init/data?location=https%3A%2F%2Fnavitour.com%2F
Requested by: Host: navitour.com
URL: https://navitour.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.240.93 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 0455f8cd5a5e0499218884c711776dae714f4df65440fad0a5a856400bc481fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://navitour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Sat, 21 Jan 2023 22:37:08 GMT
CF-Cache-Status: DYNAMIC
x-bubble-perf: {"total":42.3,"percents":{"top":{"bubble_cpu":22.2,"block":73,"capacity_rl":0,"other_pause":0,"pre_fiber":1.1},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":6.8,"appserver_cache_misses_time":0,"redis":60.6,"fiber_queue":10.5,"capacity_wait":1.8}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"derived_cache_attempts":1,"derived_cache_memory_misses":1,"serverjson":3,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":16,"fiber_queue":21,"blocks":20},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":1412639,"derived_build_time_spent":0}}
Server: cloudflare
x-powered-by: Express
Transfer-Encoding: chunked
Connection: keep-alive
x-bubble-capacity-used: 0.022 unit-seconds used
CF-RAY: 78d3885c6ef89a21-FRA
x-bubble-capacity-limit: 0 ms slower

GET
H2 200 7cHpv4kjgoGqM7E_DMs5.woff2
fonts.gstatic.com/s/barlow/v12/ 21 KB
21 KB 85ms
22ms Font
font/woff2 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlow/v12/7cHpv4kjgoGqM7E_DMs5.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Barlow:regular%7CBarlow:500%7CBarlow:600%7CBarlow:700%7CBarlow:800%7CBarlow:900%7CBarlow:italic%7CBarlow:regular%7CLato:regular%7CLato:regular

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c9c80a6c32c0619d61c28f28723e68c5f8f75163e77ee5cf64c39e640e0d71e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://navitour.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 02:31:02 GMT
x-content-type-options: nosniff
age: 72366
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21144
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:43:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Jan 2024 02:31:02 GMT

GET
H2 200 7cHqv4kjgoGqM7E3_-gs51os.woff2
fonts.gstatic.com/s/barlow/v12/ 20 KB
21 KB 141ms
78ms Font
font/woff2 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlow/v12/7cHqv4kjgoGqM7E3_-gs51os.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c0597b1b0c771139c958982210f05b275993037f0f3ba20d7a9300a0741dc80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://navitour.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 17 Jan 2023 17:27:47 GMT
x-content-type-options: nosniff
age: 364161
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20960
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:18:28 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Jan 2024 17:27:47 GMT

GET
H2 200 7cHqv4kjgoGqM7E30-8s51os.woff2
fonts.gstatic.com/s/barlow/v12/ 21 KB
21 KB 136ms
74ms Font
font/woff2 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlow/v12/7cHqv4kjgoGqM7E30-8s51os.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b14e8397d552f351a4396dec25ec5da1348865683100e94c4ab0faea4a9a254

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://navitour.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 16 Jan 2023 16:03:24 GMT
x-content-type-options: nosniff
age: 455624
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21796
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:35:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 Jan 2024 16:03:24 GMT

GET
H2 200 7cHqv4kjgoGqM7E3t-4s51os.woff2
fonts.gstatic.com/s/barlow/v12/ 21 KB
21 KB 131ms
69ms Font
font/woff2 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlow/v12/7cHqv4kjgoGqM7E3t-4s51os.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65a47caa5183b035bf78d0f93adbe5cea500333410259c54abf2de356740df7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://navitour.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 17 Jan 2023 15:21:47 GMT
x-content-type-options: nosniff
age: 371721
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21724
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:29:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Jan 2024 15:21:47 GMT

GET
H2 200 7cHqv4kjgoGqM7E3q-0s51os.woff2
fonts.gstatic.com/s/barlow/v12/ 22 KB
22 KB 119ms
57ms Font
font/woff2 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlow/v12/7cHqv4kjgoGqM7E3q-0s51os.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f132510bc7b665bbe5fb9227b0d2daafa5513296a72f88f88d38179eded9277

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://navitour.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 18:01:52 GMT
x-content-type-options: nosniff
age: 189316
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22052
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:05:17 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 19 Jan 2024 18:01:52 GMT

GET
H2 200 7cHqv4kjgoGqM7E3j-ws51os.woff2
fonts.gstatic.com/s/barlow/v12/ 21 KB
21 KB 124ms
63ms Font
font/woff2 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlow/v12/7cHqv4kjgoGqM7E3j-ws51os.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f9bfb04a18c8be687fadacd7f67647b65113ee8d1aabcb0f410eac21681fa7ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://navitour.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 07:09:03 GMT
x-content-type-options: nosniff
age: 142085
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21416
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:56:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 20 Jan 2024 07:09:03 GMT

GET
H2 200 7cHrv4kjgoGqM7E_Cfs7wH8.woff2
fonts.gstatic.com/s/barlow/v12/ 23 KB
23 KB 98ms
37ms Font
font/woff2 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlow/v12/7cHrv4kjgoGqM7E_Cfs7wH8.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

51d0115090b2cfd0cb581cbf62ee79bb94fdcb3f9c2432d39d3adacd8888ccef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://navitour.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sun, 15 Jan 2023 18:35:08 GMT
x-content-type-options: nosniff
age: 532920
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23564
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:09:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 15 Jan 2024 18:35:08 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/ 23 KB
23 KB 108ms
48ms Font
font/woff2 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://navitour.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 17 Jan 2023 15:21:12 GMT
x-content-type-options: nosniff
age: 371756
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Jan 2024 15:21:12 GMT

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://navitour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 m-outer-93afeeb17bc37e711759584dbfc50d47.html Show response
js.stripe.com/v3/ Frame E540 200 B
1 KB 8ms
7ms Document
text/html 99.86.4.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-99.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://navitour.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 3278
cache-control: max-age=31536000
content-length: 200
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Sat, 21 Jan 2023 21:42:58 GMT
etag: "93afeeb17bc37e711759584dbfc50d47"
last-modified: Fri, 13 Jan 2023 19:40:57 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 b0954612f115b3d0a0db0a669e45ae8e.cloudfront.net (CloudFront)
x-amz-cf-id: Q9y2TR6B-VKI7J2ZC9l7aMnZJj9X52DXN5CmlmGuhqcnQVotnn7Bag==
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 json Show response
forms.hsforms.com/embed/v3/form/20853686/dba851bf-a21b-4917-891b-16bc22c8e2ea/ 11 KB
3 KB 166ms
148ms XHR
application/json 2606:4700::6810:5505
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hsforms.com/embed/v3/form/20853686/dba851bf-a21b-4917-891b-16bc22c8e2ea/json?hs_static_app=forms-embed&hs_static_app_version=1.2581&X-HubSpot-Static-App-Info=forms-embed-1.2581

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/v2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5505 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

31266d122b42b7b78aeb27569ec51151529e8cd14e32ed117d88c9bc91cbb3cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: application/json, text/plain, */*
Referer: https://navitour.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-origin-hublet: na1
date: Sat, 21 Jan 2023 22:37:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
x-hubspot-correlation-id: 9795e1ec-e994-46e0-9bcb-7fc2d588ab7f
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
x-trace: 2B81B7FE435D9CE2367B8F3426C9DA50CF7E2C40EE000000000000000000
vary: origin
access-control-allow-methods: OPTIONS, GET
content-type: application/json;charset=utf-8
access-control-allow-origin: https://navitour.com
access-control-expose-headers: X-Origin-Hublet
access-control-max-age: 180
access-control-allow-credentials: false
cache-control: max-age=0, no-cache, no-store
x-robots-tag: none
access-control-allow-headers: *
cf-ray: 78d38861c9589a03-FRA

GET
H2 200 json Show response
forms.hsforms.com/embed/v3/form/20853686/dba851bf-a21b-4917-891b-16bc22c8e2ea/ 11 KB
3 KB 441ms
426ms XHR
application/json 2606:4700::6810:5505
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hsforms.com/embed/v3/form/20853686/dba851bf-a21b-4917-891b-16bc22c8e2ea/json?hs_static_app=forms-embed&hs_static_app_version=1.2581&X-HubSpot-Static-App-Info=forms-embed-1.2581

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/v2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5505 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

529a82f3709edbf2a709b4f42548ed4c6a162d60fb38bdae0b98fd18cd7b0351

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: application/json, text/plain, */*
Referer: https://navitour.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-origin-hublet: na1
date: Sat, 21 Jan 2023 22:37:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
x-hubspot-correlation-id: 89329a4e-b31f-435b-ada2-c2a28627094d
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
x-trace: 2BC89E5A1B3E826BC135639F2B608EBE097ABF5217000000000000000000
vary: origin
access-control-allow-methods: OPTIONS, GET
content-type: application/json;charset=utf-8
access-control-allow-origin: https://navitour.com
access-control-expose-headers: X-Origin-Hublet
access-control-max-age: 180
access-control-allow-credentials: false
cache-control: max-age=0, no-cache, no-store
x-robots-tag: none
access-control-allow-headers: *
cf-ray: 78d38861c95b9a03-FRA

POST
H/1.1 200
OK hi Show response
navitour.com/user/ 57 B
1 KB 221ms
220ms XHR
application/json 104.19.240.93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://navitour.com/user/hi
Requested by: Host: navitour.com
URL: https://navitour.com/package/run_js/c923e7f3a5c984a3f5271821c60b4a3ccdd25797ba2e562431d3cac1b94b87f0/xfalse/x20/run.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.240.93 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: ae73bb945e1b71bb897426b502e779f3c826207455fc664b5dceb0b57be89f77

Request headers

X-Bubble-Epoch-Name: Epoch: Runmode page fully loaded
X-Bubble-Epoch-ID: 1674340628551x648784479031717000
X-Bubble-UTM-Data: {}
X-Bubble-Fiber-ID: 1674340628752x934335521727018000
X-Bubble-PL: 1674340628752x2929
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/json
Accept: application/json, text/javascript, */*; q=0.01
X-Bubble-R: https://navitour.com/
cache-control: no-cache
Referer: https://navitour.com/
X-Requested-With: XMLHttpRequest
X-Bubble-Breaking-Revision: 5

Response headers

Date: Sat, 21 Jan 2023 22:37:08 GMT
Content-Encoding: br
CF-Cache-Status: DYNAMIC
x-bubble-perf: {"total":23,"percents":{"top":{"bubble_cpu":21.3,"block":75.6,"capacity_rl":0,"other_pause":0,"pre_fiber":3.2},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":25.8,"appserver_cache_misses_time":0,"redis":43.9,"fiber_queue":22.2,"capacity_wait":11.3}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":2,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":10,"fiber_queue":11,"blocks":10},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":736149,"derived_build_time_spent":0}}
x-bubble-appname: navitour2
x-powered-by: Express
Transfer-Encoding: chunked
Connection: keep-alive
x-bubble-capacity-used: 0.011 unit-seconds used
Server: cloudflare
x-bubble-request-took: 23
vary: Accept-Encoding
Content-Type: application/json
cache-control: no-cache
CF-RAY: 78d38861be529b74-FRA
x-bubble-capacity-limit: 0 ms slower

GET
H/1.1 200
OK fontawesome-webfont.woff2
navitour.com/static/fonts/ 75 KB
77 KB 235ms
235ms Font
application/octet-stream 104.19.240.93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://navitour.com/static/fonts/fontawesome-webfont.woff2

Requested by

Host: navitour.com
URL: https://navitour.com/package/run_css/4493c93c68c4d4d6b5045e8fe585439c276a990bd9991e78320aef234cfd5400/navitour2/live/index/xfalse/xfalse/xtrue/run.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

104.19.240.93 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://navitour.com/package/run_css/4493c93c68c4d4d6b5045e8fe585439c276a990bd9991e78320aef234cfd5400/navitour2/live/index/xfalse/xfalse/xtrue/run.css
Origin: https://navitour.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Sat, 21 Jan 2023 22:37:08 GMT
x-content-type-options: nosniff
CF-Cache-Status: MISS
x-bubble-perf: {"total":19.7,"percents":{"top":{"bubble_cpu":17.5,"block":79.7,"capacity_rl":0,"other_pause":0,"pre_fiber":1.9},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":0,"appserver_cache_misses_time":0,"redis":28.7,"fiber_queue":3.6,"capacity_wait":47}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":0,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":6,"fiber_queue":8,"blocks":7},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":518410,"derived_build_time_spent":0}}
x-powered-by: Express
Connection: keep-alive
x-bubble-capacity-used: 0.008 unit-seconds used
Content-Length: 77160
Server: cloudflare
etag: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
Content-Type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000
Accept-Ranges: bytes
timing-allow-origin: *
CF-RAY: 78d38861b9ce6943-FRA
x-bubble-capacity-limit: 0 ms slower

POST
H/1.1 200
OK client_log Show response
navitour.com/bug/ 4 B
1 KB 232ms
232ms XHR
application/json 104.19.240.93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://navitour.com/bug/client_log
Requested by: Host: navitour.com
URL: https://navitour.com/package/run_js/c923e7f3a5c984a3f5271821c60b4a3ccdd25797ba2e562431d3cac1b94b87f0/xfalse/x20/run.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.240.93 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b

Request headers

X-Bubble-Epoch-Name: Epoch: Runmode page fully loaded
X-Bubble-Epoch-ID: 1674340628551x648784479031717000
X-Bubble-UTM-Data: {}
X-Bubble-Fiber-ID: 1674340628789x116708963823886740
X-Bubble-PL: 1674340628752x2929
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/json
Accept: application/json, text/javascript, */*; q=0.01
X-Bubble-R: https://navitour.com/
cache-control: no-cache
Referer: https://navitour.com/
X-Requested-With: XMLHttpRequest
X-Bubble-Breaking-Revision: 5

Response headers

Date: Sat, 21 Jan 2023 22:37:09 GMT
Content-Encoding: br
CF-Cache-Status: DYNAMIC
x-bubble-perf: {"total":18.1,"percents":{"top":{"bubble_cpu":16,"block":73.5,"capacity_rl":0,"other_pause":0,"pre_fiber":3.2},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":0,"appserver_cache_misses_time":0,"redis":41.7,"fiber_queue":20.2,"capacity_wait":12.3}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":0,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":8,"fiber_queue":9,"blocks":8},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":435907,"derived_build_time_spent":0}}
x-bubble-appname: navitour2
x-powered-by: Express
Transfer-Encoding: chunked
Connection: keep-alive
x-bubble-capacity-used: 0.007 unit-seconds used
Server: cloudflare
x-bubble-request-took: 18
vary: Accept-Encoding
Content-Type: application/json
cache-control: no-cache
CF-RAY: 78d38861ff239a21-FRA
x-bubble-capacity-limit: 0 ms slower

GET
H2 200 https%3A%2F%2Fs3.amazonaws.com%2Fappforest_uf%2Ff1673278513302x492880449854179650%2FAll%2520maine.jpg
d1muf25xaso8hp.cloudfront.net/ 55 KB
56 KB 193ms
165ms Image
image/jpeg 2600:9000:211e:5c00:1c:37e5:3f40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1muf25xaso8hp.cloudfront.net/https%3A%2F%2Fs3.amazonaws.com%2Fappforest_uf%2Ff1673278513302x492880449854179650%2FAll%2520maine.jpg?w=1536&h=497&auto=compress&dpr=1&fit=max

Requested by

Host: navitour.com
URL: https://navitour.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211e:5c00:1c:37e5:3f40:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

imgix /

Resource Hash

2ccb0349c8c64eb3ab7cefd86f6cf034db7ee0571665d8cbf56df6ba9aaa8c61

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://navitour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 22:37:08 GMT
via: 1.1 0a4e8f7c3d348e526848328c55dd452a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-C2
age: 36050
x-cache: Miss from cloudfront
x-imgix-id: ede925366962917eead38bb354907659a82c8174
cross-origin-resource-policy: cross-origin
content-length: 56456
x-served-by: cache-sjc10038-SJC, cache-fra-eddf8230021-FRA
x-imgix-render-farm: 01.584
last-modified: Sat, 21 Jan 2023 12:36:18 GMT
server: imgix
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
x-amz-cf-id: RYOKW9ZtCgaYEuksXUvnUUsNz4ANl_LVWmcGr4KEOCAys9ctWx7lyg==

GET
H2 200 https%3A%2F%2Fs3.amazonaws.com%2Fappforest_uf%2Ff1649778508843x167076696008548130%2FTikTok%2520Icon%2520%25282%2529.png
d1muf25xaso8hp.cloudfront.net/ 2 KB
3 KB 316ms
288ms Image
image/png 2600:9000:211e:5c00:1c:37e5:3f40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1muf25xaso8hp.cloudfront.net/https%3A%2F%2Fs3.amazonaws.com%2Fappforest_uf%2Ff1649778508843x167076696008548130%2FTikTok%2520Icon%2520%25282%2529.png?w=96&h=50&auto=compress&dpr=1&fit=max

Requested by

Host: navitour.com
URL: https://navitour.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211e:5c00:1c:37e5:3f40:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

imgix /

Resource Hash

347429110f775e5254a03afd2471a95a6ae90a15c0a2ab4aa90a81e0afde5eb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://navitour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 22:37:09 GMT
via: 1.1 0a4e8f7c3d348e526848328c55dd452a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-C2
age: 0
x-cache: Miss from cloudfront
x-imgix-id: 791e7201fb685bccbaaa395a1a2a72890511fe1a
cross-origin-resource-policy: cross-origin
content-length: 2069
x-served-by: cache-sjc10083-SJC, cache-hhn-etou8220060-HHN
x-imgix-render-farm: 01.1096
last-modified: Sat, 21 Jan 2023 22:37:09 GMT
server: imgix
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
x-amz-cf-id: rB1gk35GHmfA0oy1Axn51upZHQqMEH1U67BOrp3PeoVnxEt9H4ryCQ==

GET
H2 200 https%3A%2F%2Fs3.amazonaws.com%2Fappforest_uf%2Ff1649167445411x992700716679172100%2FLogo.png
d1muf25xaso8hp.cloudfront.net/ 5 KB
6 KB 272ms
244ms Image
image/png 2600:9000:211e:5c00:1c:37e5:3f40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1muf25xaso8hp.cloudfront.net/https%3A%2F%2Fs3.amazonaws.com%2Fappforest_uf%2Ff1649167445411x992700716679172100%2FLogo.png?w=192&h=56&auto=compress&dpr=1&fit=max

Requested by

Host: navitour.com
URL: https://navitour.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211e:5c00:1c:37e5:3f40:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

imgix /

Resource Hash

9886bbffac41055eba891fab2928c8c9700fafba0f28f0e6914b088ad7163d7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://navitour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 22:37:09 GMT
via: 1.1 0a4e8f7c3d348e526848328c55dd452a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-C2
age: 0
x-cache: Miss from cloudfront
x-imgix-id: f78d381981159061f684673df8b9a4200874b7b6
cross-origin-resource-policy: cross-origin
content-length: 5265
x-served-by: cache-sjc10026-SJC, cache-hhn-etou8220066-HHN
x-imgix-render-farm: 01.1096
last-modified: Sat, 21 Jan 2023 22:37:08 GMT
server: imgix
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
x-amz-cf-id: rsTSu9hDSYLJXRhybBEj-q32GLSzTVPevMoGBZ-Tlds1PDrRayjKDg==

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 94 KB
37 KB 15ms
15ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=null

Requested by

Host: navitour.com
URL: https://navitour.com/package/run_js/c923e7f3a5c984a3f5271821c60b4a3ccdd25797ba2e562431d3cac1b94b87f0/xfalse/x20/run.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

64ec75a4d36af01cce397bd7c624ea143b4e1c55b8daeb26bcaad9a5b52b3f56

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://navitour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 22:37:08 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37879
x-xss-protection: 0
last-modified: Sat, 21 Jan 2023 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 21 Jan 2023 22:37:08 GMT

POST
H2 200 csp-report
q.stripe.com/ Frame E540 0
601 B 526ms
169ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: navitour.com
URL: https://navitour.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sat, 21 Jan 2023 22:37:09 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame E540 0
600 B 527ms
170ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: navitour.com
URL: https://navitour.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sat, 21 Jan 2023 22:37:09 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 m-outer-8cb24ab2d649fd36a488d04d8c457933.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame E540 631 B
1 KB 8ms
7ms Script
text/javascript 99.86.4.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-99.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
date: Sat, 21 Jan 2023 21:42:59 GMT
x-content-type-options: nosniff
via: 1.1 b0954612f115b3d0a0db0a669e45ae8e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 3270
x-cache: Hit from cloudfront
content-length: 631
last-modified: Wed, 11 Jan 2023 17:29:23 GMT
server: Cloudfront
etag: "f8f6a4584135f737b26927596ce6e0a7"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: qoNs6K6bqB_PyM8WOW_OrEB80qSesQdxo0eIqFjvZ69kZTAigWKr3g==

POST
H/1.1 200
OK msearch Show response
navitour.com/elasticsearch/ 10 KB
5 KB 261ms
261ms XHR
application/json 104.19.240.93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://navitour.com/elasticsearch/msearch
Requested by: Host: navitour.com
URL: https://navitour.com/package/run_js/c923e7f3a5c984a3f5271821c60b4a3ccdd25797ba2e562431d3cac1b94b87f0/xfalse/x20/run.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.240.93 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 75363b32836fe7426b12f6dc3d700ce38a5059ac9c74b6e6c77c49096ad5b7ae

Request headers

X-Bubble-Epoch-Name: Epoch: Runmode page fully loaded
X-Bubble-Epoch-ID: 1674340628551x648784479031717000
X-Bubble-UTM-Data: {}
X-Bubble-Fiber-ID: 1674340628861x975729837094401900
X-Bubble-PL: 1674340628752x2929
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/json
Accept: application/json, text/javascript, */*; q=0.01
X-Bubble-R: https://navitour.com/
cache-control: no-cache
Referer: https://navitour.com/
X-Requested-With: XMLHttpRequest
X-Bubble-Breaking-Revision: 5

Response headers

Date: Sat, 21 Jan 2023 22:37:09 GMT
Content-Encoding: br
CF-Cache-Status: DYNAMIC
x-bubble-perf: {"total":62.3,"percents":{"top":{"bubble_cpu":14.9,"block":81.9,"capacity_rl":0,"other_pause":0,"pre_fiber":0.9},"sub":{"pp_userdb":40.1,"pp_wait_userdb":0,"http_request":0,"serverjson":5.1,"appserver_cache_misses_time":0,"redis":28.2,"fiber_queue":10.3,"capacity_wait":5.3}},"counts":{"pp_userdb":1,"http_request":0,"derived_build":0,"derived_cache_attempts":1,"derived_cache_memory_misses":1,"serverjson":4,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":18,"fiber_queue":23,"blocks":22},"misc":{"userdb_results":8,"userdb_data":23611,"spent_time":7396655,"derived_build_time_spent":0}}
x-bubble-appname: navitour2
x-powered-by: Express
Transfer-Encoding: chunked
Connection: keep-alive
x-bubble-capacity-used: 0.114 unit-seconds used
Server: cloudflare
x-bubble-request-took: 62
vary: Accept-Encoding
Content-Type: application/json
cache-control: no-cache
CF-RAY: 78d3886268e49131-FRA
x-bubble-capacity-limit: 0 ms slower

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 219 KB
76 KB 30ms
29ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-4Z4SN42BY5&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4f3571c8c609dd24a30399ce0fbc862d8ed5ff961cc51fcf96b082ca06e2eb51

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://navitour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 22:37:08 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 78088
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 21 Jan 2023 22:37:08 GMT

GET
H2 200 inner.html Show response
m.stripe.network/ Frame 0951 930 B
2 KB 41ms
8ms Document
text/html 65.9.66.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.30 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-66-30.fra56.r.cloudfront.net

Software

Cloudfront /

Resource Hash

a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 282
cache-control: max-age=300, public
content-length: 930
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Sat, 21 Jan 2023 22:32:46 GMT
etag: "fc2e029628f163bb59adc6fa5a31161c"
last-modified: Thu, 17 Mar 2022 19:03:12 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 a618edcb8ddcdae59a3a61a6c82ff54c.cloudfront.net (CloudFront)
x-amz-cf-id: rgq0kOVBmCCi06-_V53kru_nU0qLvApEfVH0YHspfAEalVVv_20UKA==
x-amz-cf-pop: FRA56-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

POST
H2 204 collect
region1.google-analytics.com/g/ 0
345 B 35ms
13ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-4Z4SN42BY5&gtm=2oe1i0&_p=953552934&cid=342346000.1674340629&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1674340628&sct=1&seg=0&dl=https%3A%2F%2Fnavitour.com%2F&dt=Navitour&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4Z4SN42BY5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://navitour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Jan 2023 22:37:08 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://navitour.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 v2.js Show response
js.hsforms.net/forms/ Frame 71D4 507 KB
158 KB 29ms
28ms Script
application/javascript 2606:4700::6811:ba49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsforms.net/forms/v2.js

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/v2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:ba49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3f8ab92da8dd94680196795fcc3018ef6169c1a4744be0b110b32d42e57394d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 22:37:08 GMT
x-amz-version-id: pDblZ7ePNOkvsyo2COGg.CQbR8iX0Q1g
via: 1.1 c0b0d7167cc2eb52d8d154aa7fc03a0a.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: IAD12-P3
age: 456
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=forms-embed/static-1.2581/bundles/project-v2.js&cfRay=78d37d3caf689a2d-IAD
x-cache: Hit from cloudfront
cache-tag: staticjsapp-forms-embed-v2-web-prod,staticjsapp-prod
content-encoding: br
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 20 Jan 2023 09:38:01 UTC
server: cloudflare
etag: W/"3d5b1adfa186f3d88635eb8b15759930"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ThdCepMPU7TGAYvUMN7nNN8OQy%2FLw64ZPtyKyOZ%2BApCNBBhUaTHjfM2itq2RUM%2FlcQWnIrvoS2ImlZxdTx90A2HGK6fSjRVjK4x46xi3KOlCrgee3pgxASnaxlQVHizKH%2B1u4m951%2F5vLlmI"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-hs-cache-status: HIT
cache-control: s-maxage=600, max-age=300
cf-ray: 78d38862dd946907-FRA
x-amz-cf-id: -JPSVxYtVqYB1b-Exe1XbhKUFeTn2pYKa-9bRP0_vxadjAGYTMO5sw==
x-hs-target-asset: forms-embed/static-1.2581/bundles/project-v2.js

POST
H2 200 csp-report
q.stripe.com/ Frame 0951 0
374 B 398ms
170ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: navitour.com
URL: https://navitour.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/csp-report

Response headers

x-stripe-bg-intended-route-color: green
pragma: no-cache
date: Sat, 21 Jan 2023 22:37:09 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
server: nginx
cross-origin-opener-policy: same-origin
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 1
x-robots-tag: none
content-length: 0
expires: 0

GET
H2 200 out-4.5.42.js Show response
m.stripe.network/ Frame 0951 86 KB
15 KB 8ms
7ms Script
text/javascript 65.9.66.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.42.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.30 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-66-30.fra56.r.cloudfront.net

Software

Cloudfront /

Resource Hash

f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Sat, 21 Jan 2023 22:36:18 GMT
last-modified: Thu, 17 Mar 2022 19:03:12 GMT
server: Cloudfront
via: 1.1 a618edcb8ddcdae59a3a61a6c82ff54c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
etag: W/"21df7244385e5c0bdf32da01d0dad6c0"
age: 56
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: max-age=300, public
x-amz-cf-id: O6VG6spSBrYKzT0Tqu3iEhzMapBs3eGNXjQ_acCectkI98jB5tOPzg==

POST
H/1.1 200
OK m Show response
navitour.com/user/ 4 B
1 KB 224ms
223ms XHR
application/json 104.19.240.93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://navitour.com/user/m
Requested by: Host: navitour.com
URL: https://navitour.com/package/run_js/c923e7f3a5c984a3f5271821c60b4a3ccdd25797ba2e562431d3cac1b94b87f0/xfalse/x20/run.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.240.93 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b

Request headers

X-Bubble-UTM-Data: {}
X-Bubble-Fiber-ID: 1674340628950x766105443332716300
X-Bubble-PL: 1674340628752x2929
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/json
Accept: application/json, text/javascript, */*; q=0.01
X-Bubble-R: https://navitour.com/
cache-control: no-cache
Referer: https://navitour.com/
X-Requested-With: XMLHttpRequest
X-Bubble-Breaking-Revision: 5

Response headers

Date: Sat, 21 Jan 2023 22:37:09 GMT
Content-Encoding: br
CF-Cache-Status: DYNAMIC
x-bubble-perf: {"total":19.6,"percents":{"top":{"bubble_cpu":16.5,"block":77.4,"capacity_rl":0,"other_pause":0,"pre_fiber":3.9},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":0,"appserver_cache_misses_time":0,"redis":39.6,"fiber_queue":19.7,"capacity_wait":19.2}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":0,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":8,"fiber_queue":9,"blocks":8},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":485715,"derived_build_time_spent":0}}
x-bubble-appname: navitour2
x-powered-by: Express
Transfer-Encoding: chunked
Connection: keep-alive
x-bubble-capacity-used: 0.007 unit-seconds used
Server: cloudflare
x-bubble-request-took: 19
vary: Accept-Encoding
Content-Type: application/json
cache-control: no-cache
CF-RAY: 78d38862f8ce90ee-FRA
x-bubble-capacity-limit: 0 ms slower

POST
H2 200 6 Show response
m.stripe.com/ Frame 0951 156 B
552 B 543ms
179ms XHR
application/json 34.217.162.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.42.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.217.162.9 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-217-162-9.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

77a880c2b0e8cbe41c681c9563092d09baa8b358ee0c5f1f0b93ce53db0b36e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: blue
date: Sat, 21 Jan 2023 22:37:09 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
server: nginx
content-type: application/json;charset=utf-8
access-control-allow-origin: https://m.stripe.network
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

GET
H3 200 counters.gif
forms.hsforms.com/embed/v3/ 35 B
393 B 132ms
122ms Image
image/gif 2606:4700::6810:5505
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-DEFINITION_SUCCESS&count=1

Requested by

Host: navitour.com
URL: https://navitour.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5505 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://navitour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 22:37:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
x-hubspot-correlation-id: 43816ecc-4a70-4ca5-82c8-ff8f6b9d4285
x-trace: 2BF28B5C40641356BE6D1C5800A437A76848B8CFC0000000000000000000
vary: origin
content-type: image/gif
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-robots-tag: none
cf-ray: 78d38863ed492c47-FRA
content-length: 35
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 counters.gif
forms-na1.hsforms.com/embed/v3/ 35 B
438 B 143ms
117ms Image
image/gif 2606:4700::6810:5605
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms-na1.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-RENDER_SUCCESS&count=1

Requested by

Host: navitour.com
URL: https://navitour.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5605 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://navitour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 22:37:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
x-hubspot-correlation-id: 00196b01-d5cb-4892-bb03-8f775dbbc189
x-trace: 2B765BFC26CF5DDE5536ECD3030FA875821494C360000000000000000000
vary: origin
content-type: image/gif
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-robots-tag: none
cf-ray: 78d388643fc52c43-FRA
content-length: 35
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 https%3A%2F%2Fs3.amazonaws.com%2Fappforest_uf%2Ff1653592355576x714888650445197000%2F220521_Navitour_Seth_0112.jpg
d1muf25xaso8hp.cloudfront.net/ 64 KB
65 KB 197ms
196ms Image
image/jpeg 2600:9000:211e:5c00:1c:37e5:3f40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1muf25xaso8hp.cloudfront.net/https%3A%2F%2Fs3.amazonaws.com%2Fappforest_uf%2Ff1653592355576x714888650445197000%2F220521_Navitour_Seth_0112.jpg?w=&h=&auto=compress&dpr=1&fit=max

Requested by

Host: navitour.com
URL: https://navitour.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211e:5c00:1c:37e5:3f40:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

imgix /

Resource Hash

0a89308ff758458c75092fad5c4f0651d3289a1114a4debcdaca8848bf028ce5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://navitour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 22:37:09 GMT
via: 1.1 0a4e8f7c3d348e526848328c55dd452a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-C2
age: 28971
x-cache: Miss from cloudfront
x-imgix-id: d3866d78ae4b78ef2f4a2b314d645d489fccfc88
cross-origin-resource-policy: cross-origin
content-length: 65729
x-served-by: cache-sjc10078-SJC, cache-fra-eddf8230120-FRA
x-imgix-render-farm: 01.584
last-modified: Sat, 21 Jan 2023 14:34:17 GMT
server: imgix
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
x-amz-cf-id: KaC69LBtPU8sc8XHxURAZG6LQqp9sJhTWij6p1uSumbXfXXaWYIjXQ==

GET
H2 200 https%3A%2F%2Fs3.amazonaws.com%2Fappforest_uf%2Ff1653580718485x213875643625775170%2F7775F53F-E9E4-42C0-B283-2EA73E8C2D1F_1_201_a.jpeg
d1muf25xaso8hp.cloudfront.net/ 8 KB
9 KB 189ms
189ms Image
image/jpeg 2600:9000:211e:5c00:1c:37e5:3f40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1muf25xaso8hp.cloudfront.net/https%3A%2F%2Fs3.amazonaws.com%2Fappforest_uf%2Ff1653580718485x213875643625775170%2F7775F53F-E9E4-42C0-B283-2EA73E8C2D1F_1_201_a.jpeg?w=192&h=192&auto=compress&dpr=1&fit=max

Requested by

Host: navitour.com
URL: https://navitour.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211e:5c00:1c:37e5:3f40:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

imgix /

Resource Hash

075c61e9ab53ee18454d4a5c97919dd68eb97a816b76ea6817fb4b9e8cfc5935

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://navitour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 22:37:09 GMT
via: 1.1 0a4e8f7c3d348e526848328c55dd452a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-C2
age: 28971
x-cache: Miss from cloudfront
x-imgix-id: 535f2fc4c80d23d1807dec954f622ff6e87deb0e
cross-origin-resource-policy: cross-origin
content-length: 8387
x-served-by: cache-sjc10035-SJC, cache-hhn-etou8220060-HHN
x-imgix-render-farm: 01.1096
last-modified: Sat, 21 Jan 2023 14:34:18 GMT
server: imgix
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
x-amz-cf-id: M8ROuHsToEaAs1F_W-MVI1jJfaL1gMjX1lEDqNU2_3quSHNf5VQltQ==

GET
H2 200 https%3A%2F%2Fs3.amazonaws.com%2Fappforest_uf%2Ff1654188331246x181261989774351940%2FAlice%2520headshot%2520by%2520Alba%2520Adventures.jpg
d1muf25xaso8hp.cloudfront.net/ 6 KB
6 KB 169ms
168ms Image
image/jpeg 2600:9000:211e:5c00:1c:37e5:3f40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1muf25xaso8hp.cloudfront.net/https%3A%2F%2Fs3.amazonaws.com%2Fappforest_uf%2Ff1654188331246x181261989774351940%2FAlice%2520headshot%2520by%2520Alba%2520Adventures.jpg?w=192&h=192&auto=compress&dpr=1&fit=max

Requested by

Host: navitour.com
URL: https://navitour.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211e:5c00:1c:37e5:3f40:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

imgix /

Resource Hash

e0ef64ba89fcf8010b461a95f3b96d1d5cb8c7ddb2b32e81be9bb82c6f3b6d89

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://navitour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 22:37:09 GMT
via: 1.1 0a4e8f7c3d348e526848328c55dd452a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-C2
age: 28971
x-cache: Miss from cloudfront
x-imgix-id: cbacc6fb0aa198f7c46c1942264f75eeafc98a61
cross-origin-resource-policy: cross-origin
content-length: 5780
x-served-by: cache-sjc10033-SJC, cache-hhn-etou8220039-HHN
x-imgix-render-farm: 01.1096
last-modified: Sat, 21 Jan 2023 14:34:18 GMT
server: imgix
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
x-amz-cf-id: zK8t9Lams3jwWQ754IvdrmQ3KZOQhrW_7VMNxjPDKiLFbIujVRjCvA==

GET
H2 200 https%3A%2F%2Fs3.amazonaws.com%2Fappforest_uf%2Ff1654283998105x425380457005293950%2FPolly%2520Mahoney%2520%2526%2520Kevin%2520Slater.jpg
d1muf25xaso8hp.cloudfront.net/ 8 KB
8 KB 200ms
200ms Image
image/jpeg 2600:9000:211e:5c00:1c:37e5:3f40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1muf25xaso8hp.cloudfront.net/https%3A%2F%2Fs3.amazonaws.com%2Fappforest_uf%2Ff1654283998105x425380457005293950%2FPolly%2520Mahoney%2520%2526%2520Kevin%2520Slater.jpg?w=192&h=192&auto=compress&dpr=1&fit=max

Requested by

Host: navitour.com
URL: https://navitour.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211e:5c00:1c:37e5:3f40:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

imgix /

Resource Hash

5d24ed5fa72a5d1d99a087f7cc5098a711ef0defd1377b7556125160014e916b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://navitour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 22:37:09 GMT
via: 1.1 0a4e8f7c3d348e526848328c55dd452a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-C2
age: 28971
x-cache: Miss from cloudfront
x-imgix-id: 0f5320a5699df37c2a10997a5d7db6e8903ae2c3
cross-origin-resource-policy: cross-origin
content-length: 7826
x-served-by: cache-sjc10045-SJC, cache-hhn-etou8220061-HHN
x-imgix-render-farm: 01.584
last-modified: Sat, 21 Jan 2023 14:34:18 GMT
server: imgix
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
x-amz-cf-id: bLpMs8_m5VlqnGiZiioH2ZoZX4gtByqrxlT8fFnqH2gvLXYM7874pA==

GET
H3 200 v2.js Show response
js.hsforms.net/forms/ Frame 9A1D 507 KB
159 KB 15ms
15ms Script
application/javascript 2606:4700::6811:ba49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsforms.net/forms/v2.js

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/v2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:ba49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3f8ab92da8dd94680196795fcc3018ef6169c1a4744be0b110b32d42e57394d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 22:37:09 GMT
x-amz-version-id: pDblZ7ePNOkvsyo2COGg.CQbR8iX0Q1g
via: 1.1 f01dafb3bec9893b47152910d47900a4.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: IAD12-P3
age: 556
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=forms-embed/static-1.2581/bundles/project-v2.js&cfRay=78d37ad07b9bbb3b-IAD
x-cache: Hit from cloudfront
cache-tag: staticjsapp-forms-embed-v2-web-prod,staticjsapp-prod
content-encoding: br
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 20 Jan 2023 09:38:01 UTC
server: cloudflare
etag: W/"3d5b1adfa186f3d88635eb8b15759930"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YgWmY16ZNxDgswMUsJZpyw9qyA%2F40VxqK4zC9pv8YdPjW4VszjsP3%2FNCJUQnzWY%2BnGXHr0n3U3LQXhCWjC5vc1VWQbRTIQLomw0SFN5Sv%2BQrFyVfzqaW6w%2FQ1hNAXrl91NkmUrtRtbK0w7JI"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-hs-cache-status: HIT
cache-control: s-maxage=600, max-age=300
cf-ray: 78d388647cf5bb5c-FRA
x-amz-cf-id: Sf-wxwqIs6Bsf_adJXhZUBeIP6CM4QuGf1v1mG0dHxRnIsUMg-nTFA==
x-hs-target-asset: forms-embed/static-1.2581/bundles/project-v2.js

GET
H3 200 counters.gif
forms.hsforms.com/embed/v3/ 35 B
357 B 123ms
123ms Image
image/gif 2606:4700::6810:5505
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-DEFINITION_SUCCESS&count=1

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/v2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5505 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://navitour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 22:37:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
x-hubspot-correlation-id: 43ed44a9-5313-46ca-aaf9-b4943168d79a
x-trace: 2BE01EEE3C62B9EEA66183D1A9A22BCB50A49E8837000000000000000000
vary: origin
content-type: image/gif
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-robots-tag: none
cf-ray: 78d38864ee5f2c47-FRA
content-length: 35
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 counters.gif
forms-na1.hsforms.com/embed/v3/ 35 B
356 B 126ms
126ms Image
image/gif 2606:4700::6810:5505
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms-na1.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-RENDER_SUCCESS&count=1

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/v2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5505 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://navitour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 22:37:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
x-hubspot-correlation-id: 6a2ce4a9-31a9-4272-9a21-0dd910d87e21
x-trace: 2BCA2A740CA4D1D8A05833BCDBEC8B70D1E3BC6FF1000000000000000000
vary: origin
content-type: image/gif
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-robots-tag: none
cf-ray: 78d388650e852c47-FRA
content-length: 35
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H/1.1 200
OK bulk_watch Show response
navitour.com/elasticsearch/ 77 B
1 KB 239ms
239ms XHR
application/json 104.19.240.93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://navitour.com/elasticsearch/bulk_watch
Requested by: Host: navitour.com
URL: https://navitour.com/package/run_js/c923e7f3a5c984a3f5271821c60b4a3ccdd25797ba2e562431d3cac1b94b87f0/xfalse/x20/run.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.240.93 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 9d78515050085088859ddb409a2d268eae5fcd254de39c63af24eb4c3396ca4e

Request headers

X-Bubble-UTM-Data: {}
X-Bubble-Fiber-ID: 1674340629342x260921928647719360
X-Bubble-PL: 1674340628752x2929
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/json
Accept: application/json, text/javascript, */*; q=0.01
X-Bubble-R: https://navitour.com/
cache-control: no-cache
Referer: https://navitour.com/
X-Requested-With: XMLHttpRequest
X-Bubble-Breaking-Revision: 5

Response headers

Date: Sat, 21 Jan 2023 22:37:09 GMT
Content-Encoding: br
CF-Cache-Status: DYNAMIC
x-bubble-perf: {"total":38.4,"percents":{"top":{"bubble_cpu":29.2,"block":70.1,"capacity_rl":0,"other_pause":0,"pre_fiber":1.8},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":7.1,"appserver_cache_misses_time":0,"redis":43.1,"fiber_queue":10.9,"capacity_wait":1.9}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"derived_cache_attempts":1,"derived_cache_memory_misses":1,"serverjson":4,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":20,"fiber_queue":25,"blocks":24},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":1679900,"derived_build_time_spent":0}}
x-bubble-appname: navitour2
x-powered-by: Express
Transfer-Encoding: chunked
Connection: keep-alive
x-bubble-capacity-used: 0.026 unit-seconds used
Server: cloudflare
x-bubble-request-took: 38
vary: Accept-Encoding
Content-Type: application/json
cache-control: no-cache
CF-RAY: 78d388656b3790ee-FRA
x-bubble-capacity-limit: 0 ms slower

GET
H2 200 https%3A%2F%2Fs3.amazonaws.com%2Fappforest_uf%2Ff1653592355576x714888650445197000%2F220521_Navitour_Seth_0112.jpg
d1muf25xaso8hp.cloudfront.net/ 4 KB
5 KB 177ms
177ms Image
image/jpeg 2600:9000:211e:5c00:1c:37e5:3f40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1muf25xaso8hp.cloudfront.net/https%3A%2F%2Fs3.amazonaws.com%2Fappforest_uf%2Ff1653592355576x714888650445197000%2F220521_Navitour_Seth_0112.jpg?w=192&h=192&auto=compress&dpr=1&fit=max

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211e:5c00:1c:37e5:3f40:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

imgix /

Resource Hash

14c35e55b5c3180816acea9d8154697174d867e382545b42275f41674a6af944

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://navitour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 22:37:09 GMT
via: 1.1 0a4e8f7c3d348e526848328c55dd452a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-C2
age: 28972
x-cache: Miss from cloudfront
x-imgix-id: 2a79c8cd4d536cda7ca8cacae232d023935d1f92
cross-origin-resource-policy: cross-origin
content-length: 4140
x-served-by: cache-sjc10072-SJC, cache-hhn-etou8220060-HHN
x-imgix-render-farm: 01.584
last-modified: Sat, 21 Jan 2023 14:34:17 GMT
server: imgix
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
x-amz-cf-id: 7-KTZJ52LCA1zMfWVyZ_XA7UKv4wPbpM7u0Fv1r2Hz7vRjjaFHDOaQ==

GET
H2 200 https%3A%2F%2Fs3.amazonaws.com%2Fappforest_uf%2Ff1653592355576x714888650445197000%2F220521_Navitour_Seth_0112.jpg
d1muf25xaso8hp.cloudfront.net/ 4 KB
5 KB 10ms
9ms Image
image/jpeg 2600:9000:211e:5c00:1c:37e5:3f40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1muf25xaso8hp.cloudfront.net/https%3A%2F%2Fs3.amazonaws.com%2Fappforest_uf%2Ff1653592355576x714888650445197000%2F220521_Navitour_Seth_0112.jpg?w=192&h=192&auto=compress&dpr=1&fit=max

Requested by

Host: navitour.com
URL: https://navitour.com/package/run_js/c923e7f3a5c984a3f5271821c60b4a3ccdd25797ba2e562431d3cac1b94b87f0/xfalse/x20/run.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211e:5c00:1c:37e5:3f40:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

imgix /

Resource Hash

14c35e55b5c3180816acea9d8154697174d867e382545b42275f41674a6af944

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://navitour.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 22:37:09 GMT
via: 1.1 0a4e8f7c3d348e526848328c55dd452a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-C2
x-cache: Hit from cloudfront
x-imgix-id: 2a79c8cd4d536cda7ca8cacae232d023935d1f92
cross-origin-resource-policy: cross-origin
content-length: 4140
x-served-by: cache-sjc10072-SJC, cache-hhn-etou8220060-HHN
x-imgix-render-farm: 01.584
last-modified: Sat, 21 Jan 2023 14:34:17 GMT
server: imgix
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
x-amz-cf-id: GN45oCoB4L2WHZZnfRH4blUE1s40f8aNm1ABxz_dP6Q5HGaQsmdycw==

POST
H/1.1 200
OK apm Show response
navitour.com/user/ 4 B
1 KB 342ms
341ms XHR
application/json 104.19.240.93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://navitour.com/user/apm
Requested by: Host: navitour.com
URL: https://navitour.com/package/run_js/c923e7f3a5c984a3f5271821c60b4a3ccdd25797ba2e562431d3cac1b94b87f0/xfalse/x20/run.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.240.93 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b

Request headers

X-Bubble-UTM-Data: {}
X-Bubble-Fiber-ID: 1674340630386x992689770528561000
X-Bubble-PL: 1674340628752x2929
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/json
Accept: application/json, text/javascript, */*; q=0.01
X-Bubble-R: https://navitour.com/
cache-control: no-cache
Referer: https://navitour.com/
X-Requested-With: XMLHttpRequest
X-Bubble-Breaking-Revision: 5

Response headers

Date: Sat, 21 Jan 2023 22:37:10 GMT
Content-Encoding: br
CF-Cache-Status: DYNAMIC
x-bubble-perf: {"total":120.8,"percents":{"top":{"bubble_cpu":4.4,"block":90.1,"capacity_rl":0,"other_pause":0,"pre_fiber":5.3},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":0,"appserver_cache_misses_time":0,"redis":53.9,"fiber_queue":29.1,"capacity_wait":7.6}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":0,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":8,"fiber_queue":9,"blocks":8},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":794383,"derived_build_time_spent":0}}
x-bubble-appname: navitour2
x-powered-by: Express
Transfer-Encoding: chunked
Connection: keep-alive
x-bubble-capacity-used: 0.012 unit-seconds used
Server: cloudflare
x-bubble-request-took: 120
vary: Accept-Encoding
Content-Type: application/json
cache-control: no-cache
CF-RAY: 78d3886bf94390ee-FRA
x-bubble-capacity-limit: 0 ms slower

POST
H/1.1 200
OK frg Show response
navitour.com/ 4 B
1 KB 289ms
289ms XHR
application/json 104.19.240.93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://navitour.com/frg
Requested by: Host: navitour.com
URL: https://navitour.com/package/run_js/c923e7f3a5c984a3f5271821c60b4a3ccdd25797ba2e562431d3cac1b94b87f0/xfalse/x20/run.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.240.93 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

X-Bubble-UTM-Data: {}
X-Bubble-Fiber-ID: 1674340631952x893778492978262800
X-Bubble-PL: 1674340628752x2929
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/json
Accept: application/json, text/javascript, */*; q=0.01
X-Bubble-R: https://navitour.com/
cache-control: no-cache
Referer: https://navitour.com/
X-Requested-With: XMLHttpRequest
X-Bubble-Breaking-Revision: 5

Response headers

Date: Sat, 21 Jan 2023 22:37:12 GMT
Content-Encoding: br
CF-Cache-Status: DYNAMIC
x-bubble-perf: {"total":84.3,"percents":{"top":{"bubble_cpu":5.1,"block":94.2,"capacity_rl":0,"other_pause":0,"pre_fiber":1},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":0,"appserver_cache_misses_time":0,"redis":42.2,"fiber_queue":44.2,"capacity_wait":8.6}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":0,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":9,"fiber_queue":10,"blocks":9},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":640997,"derived_build_time_spent":0}}
x-bubble-appname: navitour2
x-powered-by: Express
Transfer-Encoding: chunked
Connection: keep-alive
x-bubble-capacity-used: 0.01 unit-seconds used
Server: cloudflare
x-bubble-request-took: 84
vary: Accept-Encoding
Content-Type: application/json
cache-control: no-cache
CF-RAY: 78d38875bb0a90ee-FRA
x-bubble-capacity-limit: 0 ms slower

POST
H/1.1 200
OK frg Show response
navitour.com/ 4 B
1 KB 1120ms
1119ms XHR
application/json 104.19.240.93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://navitour.com/frg
Requested by: Host: navitour.com
URL: https://navitour.com/package/run_js/c923e7f3a5c984a3f5271821c60b4a3ccdd25797ba2e562431d3cac1b94b87f0/xfalse/x20/run.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.240.93 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b

Request headers

X-Bubble-UTM-Data: {}
X-Bubble-Fiber-ID: 1674340632249x659708301197962800
X-Bubble-PL: 1674340628752x2929
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/json
Accept: application/json, text/javascript, */*; q=0.01
X-Bubble-R: https://navitour.com/
cache-control: no-cache
Referer: https://navitour.com/
X-Requested-With: XMLHttpRequest
X-Bubble-Breaking-Revision: 5

Response headers

Date: Sat, 21 Jan 2023 22:37:13 GMT
Content-Encoding: br
CF-Cache-Status: DYNAMIC
x-bubble-perf: {"total":607,"percents":{"top":{"bubble_cpu":1.7,"block":69.6,"capacity_rl":0,"other_pause":0,"pre_fiber":28.8},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":0.5,"appserver_cache_misses_time":0,"redis":2,"fiber_queue":1,"capacity_wait":0.4}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"derived_cache_attempts":1,"derived_cache_memory_misses":1,"serverjson":3,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":16,"fiber_queue":21,"blocks":20},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":1506035,"derived_build_time_spent":0}}
x-bubble-appname: navitour2
x-powered-by: Express
Transfer-Encoding: chunked
Connection: keep-alive
x-bubble-capacity-used: 0.023 unit-seconds used
Server: cloudflare
x-bubble-request-took: 607
vary: Accept-Encoding
Content-Type: application/json
cache-control: no-cache
CF-RAY: 78d388779cd990ee-FRA
x-bubble-capacity-limit: 0 ms slower

Verdicts & Comments Add Verdict or Comment

76 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.navitour.com/	1970-01-20 09:09:59	Name: navitour2_live_u2main Value: 1674340627301x900789847228368000
.navitour.com/	1970-01-20 09:09:59	Name: navitour2_live_u2main.sig Value: ki1yziGN-2fwTI_BKzweR3FTLJ8
.navitour.com/	1969-12-31 23:59:59	Name: navitour2_u1main Value: 1674340627277x671071144183209700
.navitour.com/	1970-01-20 18:41:40	Name: _ga_4Z4SN42BY5 Value: GS1.1.1674340628.1.0.1674340628.0.0.0
.navitour.com/	1970-01-20 18:41:40	Name: _ga Value: GA1.1.342346000.1674340629
m.stripe.com/	1970-01-20 18:41:40	Name: m Value: 94adf1f5-904a-4af5-8837-271380b48a4cf7f8f3
.navitour.com/	1970-01-20 17:51:16	Name: __stripe_mid Value: 82497803-2e8a-4c68-8fe3-e9ea7f987a25278526
.navitour.com/	1970-01-20 09:05:42	Name: __stripe_sid Value: bcdac83b-8da0-4c84-9ed5-3ed4a4d0a91b650ed5

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://js.hs-scripts.com/.js Message: Failed to load resource: the server responded with a status of 404 ()
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'none';
X-Frame-Options	DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
d1muf25xaso8hp.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
forms-na1.hsforms.com
forms.hsforms.com
js.hs-scripts.com
js.hsforms.net
js.stripe.com
m.stripe.com
m.stripe.network
navitour.com
navitour2.cdn.bubble.io
q.stripe.com
region1.google-analytics.com
www.googletagmanager.com
104.19.240.93
104.19.241.93
2001:4860:4802:32::36
2600:9000:211e:5c00:1c:37e5:3f40:21
2606:4700::6810:5505
2606:4700::6810:5605
2606:4700::6811:180e
2606:4700::6811:ba49
2606:4700::6811:d3cc
2a00:1450:4001:80e::200a
2a00:1450:4001:813::2008
2a00:1450:400d:806::2003
34.217.162.9
54.187.159.182
65.9.66.30
99.86.4.99
0455f8cd5a5e0499218884c711776dae714f4df65440fad0a5a856400bc481fd
075c61e9ab53ee18454d4a5c97919dd68eb97a816b76ea6817fb4b9e8cfc5935
0a89308ff758458c75092fad5c4f0651d3289a1114a4debcdaca8848bf028ce5
14c35e55b5c3180816acea9d8154697174d867e382545b42275f41674a6af944
1546b9b3b81ca6f61292c18da3a7d4979b8b2b8955e8e56c23fecaf47db286da
1f132510bc7b665bbe5fb9227b0d2daafa5513296a72f88f88d38179eded9277
250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b14e8397d552f351a4396dec25ec5da1348865683100e94c4ab0faea4a9a254
2ccb0349c8c64eb3ab7cefd86f6cf034db7ee0571665d8cbf56df6ba9aaa8c61
31266d122b42b7b78aeb27569ec51151529e8cd14e32ed117d88c9bc91cbb3cc
347429110f775e5254a03afd2471a95a6ae90a15c0a2ab4aa90a81e0afde5eb9
3f8ab92da8dd94680196795fcc3018ef6169c1a4744be0b110b32d42e57394d2
41a725b05cd66b48b293b9b78d354307dfeb7419606336f9492860e95d37ba14
444554acab0343cc4d2f5e4e6c270f5c7268807cef594a50a5e758f68dc43826
4f3571c8c609dd24a30399ce0fbc862d8ed5ff961cc51fcf96b082ca06e2eb51
51d0115090b2cfd0cb581cbf62ee79bb94fdcb3f9c2432d39d3adacd8888ccef
529a82f3709edbf2a709b4f42548ed4c6a162d60fb38bdae0b98fd18cd7b0351
5d24ed5fa72a5d1d99a087f7cc5098a711ef0defd1377b7556125160014e916b
5e99240e0f704678d97c9bfdd715672b2dd5d6c507a1f2197babeec2577039bf
6019856b015413b6d3621f287c253f07882d15c61122ef73fc6c50904b91b587
64ec75a4d36af01cce397bd7c624ea143b4e1c55b8daeb26bcaad9a5b52b3f56
65a47caa5183b035bf78d0f93adbe5cea500333410259c54abf2de356740df7e
6672b3376358ca97381da679140538aa2e7a13241e3f8c536c0b004d4d8a69e2
67066dcb9b628d2e57ddb81eb7846598e9fdc4821dd0a8679a17f5d0b28e48c5
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b
75363b32836fe7426b12f6dc3d700ce38a5059ac9c74b6e6c77c49096ad5b7ae
7619bd478a6018074496dfd9f019ca93d7ec684b6a4b3d75bb4f85c022171f2e
77a880c2b0e8cbe41c681c9563092d09baa8b358ee0c5f1f0b93ce53db0b36e4
7c0597b1b0c771139c958982210f05b275993037f0f3ba20d7a9300a0741dc80
7c9c80a6c32c0619d61c28f28723e68c5f8f75163e77ee5cf64c39e640e0d71e
7d94621c23e99f7b86f592bb9f39fbbc5d6faf4f512412973bc70fa12cdb092c
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
9886bbffac41055eba891fab2928c8c9700fafba0f28f0e6914b088ad7163d7e
9d78515050085088859ddb409a2d268eae5fcd254de39c63af24eb4c3396ca4e
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
aa74494ba1fd1b0ba238a18b810a0e2e2769c695de9ce986b13c208d3ef82e80
ae73bb945e1b71bb897426b502e779f3c826207455fc664b5dceb0b57be89f77
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
dbe095c1fb3a0df67243c9dc4115a7b83a27aaefe8ba248350a78f552e9c38a9
ddc793272e89ff65e961ea03b80b8d14780201485b57c2c85368b05ca77fb97b
e0ef64ba89fcf8010b461a95f3b96d1d5cb8c7ddb2b32e81be9bb82c6f3b6d89
e248f14e45b99729af09bf2621131c31622ad176ec4eefb2398b3eb4694f5d04
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
f9bfb04a18c8be687fadacd7f67647b65113ee8d1aabcb0f410eac21681fa7ef

navitour.com Open in urlscan Pro 104.19.240.93 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

61 Requests

100 %HTTPS

63 %IPv6

13 Domains

16 Subdomains

16 IPs

4 Countries

2257 kBTransfer

7962 kBSize

8 Cookies

2 Outgoing links

Page URL History

Redirected requests

61 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

navitour.com Open in urlscan Pro
104.19.240.93 Public Scan

Screenshot
Live screenshot

Full Image

61
Requests

100 %
HTTPS

63 %
IPv6

13
Domains

16
Subdomains

16
IPs

4
Countries

2257 kB
Transfer

7962 kB
Size

8
Cookies

61 HTTP transactions
1 data transactions