www.goaheadtours.com Open in urlscan Pro
2606:4700::6812:7059 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.goaheadtours.com/
Submission: On December 11 via api (December 11th 2023, 2:11:28 am UTC) from US — Scanned from DE

Summary HTTP 265 Redirects Links 18 Behaviour Indicators

Summary

This website contacted 68 IPs in 6 countries across 54 domains to perform 265 HTTP transactions. The main IP is 2606:4700::6812:7059, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.goaheadtours.com. The Cisco Umbrella rank of the primary domain is 342559.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 27th 2023. Valid for: a year.

This is the only time www.goaheadtours.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
32	2606:4700::68... 2606:4700::6812:7059	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2600:9000:20a... 2600:9000:20a0:6c00:13:b371:9a00:21	16509 (AMAZON-02) (AMAZON-02)
2	18.239.83.104 18.239.83.104	16509 (AMAZON-02) (AMAZON-02)
22	2400:52e0:1e0... 2400:52e0:1e00::1081:1	200325 (BUNNYCDN) (BUNNYCDN)
2	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE)
18	18.238.243.69 18.238.243.69	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:21a... 2600:9000:21a8:f400:12:66da:ca00:21	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:480... 2a02:26f0:480:5b0::13b8	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
10	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
1 3	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 4	216.58.206.38 216.58.206.38	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:5914	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:209... 2600:9000:2090:c200:f:8ce2:fb80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
5	184.86.103.203 184.86.103.203	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	52.7.151.245 52.7.151.245	14618 (AMAZON-AES) (AMAZON-AES)
2	3.17.53.221 3.17.53.221	16509 (AMAZON-02) (AMAZON-02)
1 4	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
1	65.9.86.45 65.9.86.45	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
2	18.239.36.27 18.239.36.27	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:400c:c00::9a	15169 (GOOGLE) (GOOGLE)
4	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
4 6	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	184.30.133.160 184.30.133.160	16625 (AKAMAI-AS) (AKAMAI-AS)
1	3.212.39.155 3.212.39.155	14618 (AMAZON-AES) (AMAZON-AES)
1 3	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	74.119.119.150 74.119.119.150	19750 (AS-CRITEO) (AS-CRITEO)
1	2a03:2880:f17... 2a03:2880:f177:185:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
3	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1 1	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
1	3.124.69.248 3.124.69.248	16509 (AMAZON-02) (AMAZON-02)
2 3	37.252.173.215 37.252.173.215	29990 (ASN-APPNEX) (ASN-APPNEX)
1	104.79.88.129 104.79.88.129	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1	185.86.138.153 185.86.138.153	201081 (SMARTADSE...) (SMARTADSERVER)
1	2.19.104.4 2.19.104.4	16625 (AKAMAI-AS) (AKAMAI-AS)
1	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
2	3.75.62.37 3.75.62.37	16509 (AMAZON-02) (AMAZON-02)
1	37.157.5.132 37.157.5.132	198622 (ADFORM) (ADFORM)
1	63.33.18.223 63.33.18.223	16509 (AMAZON-02) (AMAZON-02)
1 2	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	54.220.4.214 54.220.4.214	16509 (AMAZON-02) (AMAZON-02)
1	141.95.98.64 141.95.98.64	16276 (OVH) (OVH)
1	54.228.143.85 54.228.143.85	16509 (AMAZON-02) (AMAZON-02)
1	34.117.157.22 34.117.157.22	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	3.124.39.171 3.124.39.171	16509 (AMAZON-02) (AMAZON-02)
1	99.80.129.181 99.80.129.181	16509 (AMAZON-02) (AMAZON-02)
1	70.42.32.31 70.42.32.31	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1	198.47.127.205 198.47.127.205	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	3.68.0.8 3.68.0.8	16509 (AMAZON-02) (AMAZON-02)
1	2600:1f18:612... 2600:1f18:612b:4216:9670:1560:e7cd:376a	14618 (AMAZON-AES) (AMAZON-AES)
1	85.215.5.31 85.215.5.31	6786 (CRONON-BE...) (CRONON-BERLIN-AS)
1	2.19.105.55 2.19.105.55	16625 (AKAMAI-AS) (AKAMAI-AS)
1	34.241.3.33 34.241.3.33	16509 (AMAZON-02) (AMAZON-02)
1	35.158.30.42 35.158.30.42	16509 (AMAZON-02) (AMAZON-02)
2	34.210.219.79 34.210.219.79	16509 (AMAZON-02) (AMAZON-02)
69	18.245.86.77 18.245.86.77	16509 (AMAZON-02) (AMAZON-02)
1	34.241.154.142 34.241.154.142	16509 (AMAZON-02) (AMAZON-02)
2	178.128.135.232 178.128.135.232	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	18.224.227.143 18.224.227.143	16509 (AMAZON-02) (AMAZON-02)
1	3.232.124.103 3.232.124.103	14618 (AMAZON-AES) (AMAZON-AES)
14	50.16.7.188 50.16.7.188	14618 (AMAZON-AES) (AMAZON-AES)
1	52.12.117.226 52.12.117.226	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42:8d:... 2a04:4e42:8d::720	54113 (FASTLY) (FASTLY)
265	68

32 2606:4700::6812:7059 (United States)

ASN13335 (CLOUDFLARENET, US)

www.goaheadtours.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.goaheadtours.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:20a0:6c00:13:b371:9a00:21 (United States)

ASN16509 (AMAZON-02, US)

d1nldbz8jmu82w.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.239.83.104 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-83-104.ams58.r.cloudfront.net

img2.storyblok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2400:52e0:1e00::1081:1 (Germany)

ASN200325 (BUNNYCDN, SI)

a.opmnstr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a.omappapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 18.238.243.69 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-243-69.ams58.r.cloudfront.net

a.storyblok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21a8:f400:12:66da:ca00:21 (United States)

ASN16509 (AMAZON-02, US)

d3oig6rspwnkfc.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:480:5b0::13b8 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 216.58.206.38 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: lhr35s10-in-f6.1e100.net

6384424.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
10100557.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5914 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2090:c200:f:8ce2:fb80:93a1 (United States)

ASN16509 (AMAZON-02, US)

www.dwin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 184.86.103.203 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-86-103-203.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.7.151.245 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-7-151-245.compute-1.amazonaws.com

dx.mountain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.17.53.221 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-17-53-221.us-east-2.compute.amazonaws.com

collector-30678.us.tvsquared.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.86.45 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-86-45.ams1.r.cloudfront.net

api.omappapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.239.36.27 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-36-27.ams58.r.cloudfront.net

solutions.invocacdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:2638:3::c (France) 4 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.133.160 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-133-160.deploy.static.akamaitechnologies.com

a24099230963.cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.212.39.155 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-212-39-155.compute-1.amazonaws.com

3.212.39.155	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.1.9 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

sslwidget.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)

widget.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.226 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.124.69.248 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-69-248.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.173.215 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.79.88.129 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-79-88-129.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.138.153 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.19.104.4 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-104-4.deploy.static.akamaitechnologies.com

criteo-sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.75.62.37 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.5.132 (Denmark)

ASN198622 (ADFORM, DK)

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.33.18.223 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-33-18-223.eu-west-1.compute.amazonaws.com

visitor.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.64.151.101 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

r.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.220.4.214 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-220-4-214.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.98.64 (France)

ASN16276 (OVH, FR)
PTR: ns3216658.ip-141-95-98.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.228.143.85 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-228-143-85.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.157.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.157.117.34.bc.googleusercontent.com

matching.ivitrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.124.39.171 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-39-171.eu-central-1.compute.amazonaws.com

exchange.mediavine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.80.129.181 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-80-129-181.eu-west-1.compute.amazonaws.com

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 70.42.32.31 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.205 (United States)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.68.0.8 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-68-0-8.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4216:9670:1560:e7cd:376a (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

criteo-partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.215.5.31 (Berlin, Germany)

ASN6786 (CRONON-BERLIN-AS, DE)

a.twiago.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.19.105.55 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-105-55.deploy.static.akamaitechnologies.com

ad.yieldlab.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.241.3.33 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-241-3-33.eu-west-1.compute.amazonaws.com

sync-criteo.ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.158.30.42 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-30-42.eu-central-1.compute.amazonaws.com

e1.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.210.219.79 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-210-219-79.us-west-2.compute.amazonaws.com

px.mountain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

69 18.245.86.77 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-86-77.fra60.r.cloudfront.net

js.driftt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.241.154.142 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-241-154-142.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.128.135.232 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

z.omappapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.224.227.143 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-224-227-143.us-east-2.compute.amazonaws.com

s.thebrighttag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.232.124.103 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-232-124-103.compute-1.amazonaws.com

logx.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 50.16.7.188 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-16-7-188.compute-1.amazonaws.com

bootstrap.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
metrics.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
event.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
targeting.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
flow.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.12.117.226 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-12-117-226.us-west-2.compute.amazonaws.com

gs.mountain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:8d::720 (United States)

ASN54113 (FASTLY, US)

driftt.imgix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
69	driftt.com js.driftt.com — Cisco Umbrella Rank: 5827	852 KB
32	goaheadtours.com www.goaheadtours.com — Cisco Umbrella Rank: 342559 assets.goaheadtours.com — Cisco Umbrella Rank: 290130	522 KB
20	storyblok.com img2.storyblok.com — Cisco Umbrella Rank: 72936 a.storyblok.com — Cisco Umbrella Rank: 25961	954 KB
19	opmnstr.com a.opmnstr.com — Cisco Umbrella Rank: 23212	83 KB
14	drift.com bootstrap.api.drift.com — Cisco Umbrella Rank: 6652 metrics.api.drift.com — Cisco Umbrella Rank: 6556 event.api.drift.com — Cisco Umbrella Rank: 7169 targeting.api.drift.com — Cisco Umbrella Rank: 6868 flow.api.drift.com — Cisco Umbrella Rank: 11636	12 KB
10	criteo.com 5 redirects gum.criteo.com — Cisco Umbrella Rank: 424 mug.criteo.com — Cisco Umbrella Rank: 2811 sslwidget.criteo.com — Cisco Umbrella Rank: 1761 widget.us.criteo.com — Cisco Umbrella Rank: 17950 dis.criteo.com — Cisco Umbrella Rank: 550	14 KB
10	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 93 region1.analytics.google.com — Cisco Umbrella Rank: 2693	2 KB
10	doubleclick.net 4 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 6384424.fls.doubleclick.net — Cisco Umbrella Rank: 389645 10100557.fls.doubleclick.net — Cisco Umbrella Rank: 388144 stats.g.doubleclick.net — Cisco Umbrella Rank: 75 cm.g.doubleclick.net — Cisco Umbrella Rank: 219	7 KB
10	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	23 KB
7	cloudfront.net d1nldbz8jmu82w.cloudfront.net d3oig6rspwnkfc.cloudfront.net	238 KB
6	omappapi.com a.omappapi.com — Cisco Umbrella Rank: 5231 api.omappapi.com — Cisco Umbrella Rank: 5432 z.omappapi.com — Cisco Umbrella Rank: 12557	54 KB
5	google.de www.google.de — Cisco Umbrella Rank: 6765	841 B
5	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 617	149 KB
4	mountain.com dx.mountain.com — Cisco Umbrella Rank: 4769 px.mountain.com — Cisco Umbrella Rank: 4815 gs.mountain.com — Cisco Umbrella Rank: 10035	10 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 229	2 KB
3	gstatic.com fonts.gstatic.com	99 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	2 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 329	14 KB
3	optimizely.com cdn.optimizely.com — Cisco Umbrella Rank: 774 a24099230963.cdn.optimizely.com — Cisco Umbrella Rank: 361385 logx.optimizely.com — Cisco Umbrella Rank: 1439	91 KB
2	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 208	1 KB
2	casalemedia.com 1 redirects r.casalemedia.com — Cisco Umbrella Rank: 1462	1 KB
2	yahoo.com ups.analytics.yahoo.com — Cisco Umbrella Rank: 307	140 B
2	invocacdn.com solutions.invocacdn.com — Cisco Umbrella Rank: 6922	28 KB
2	tvsquared.com collector-30678.us.tvsquared.com — Cisco Umbrella Rank: 400337	9 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 168	89 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	212 KB
1	imgix.net driftt.imgix.net — Cisco Umbrella Rank: 15778	6 KB
1	thebrighttag.com s.thebrighttag.com — Cisco Umbrella Rank: 2253	268 B
1	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 699	337 B
1	emxdgt.com e1.emxdgt.com — Cisco Umbrella Rank: 1855	44 B
1	yieldmo.com sync-criteo.ads.yieldmo.com — Cisco Umbrella Rank: 2331	38 B
1	yieldlab.net ad.yieldlab.net — Cisco Umbrella Rank: 4166	235 B
1	twiago.com a.twiago.com — Cisco Umbrella Rank: 33110	153 B
1	tremorhub.com criteo-partners.tremorhub.com — Cisco Umbrella Rank: 2462	398 B
1	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 495	35 B
1	pubmatic.com simage2.pubmatic.com — Cisco Umbrella Rank: 723	225 B
1	outbrain.com sync.outbrain.com — Cisco Umbrella Rank: 689	145 B
1	postrelease.com jadserve.postrelease.com — Cisco Umbrella Rank: 936	422 B
1	mediavine.com exchange.mediavine.com — Cisco Umbrella Rank: 1074	879 B
1	ivitrack.com matching.ivitrack.com — Cisco Umbrella Rank: 10023	265 B
1	360yield.com ad.360yield.com — Cisco Umbrella Rank: 666	199 B
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 425	921 B
1	omnitagjs.com visitor.omnitagjs.com — Cisco Umbrella Rank: 656	385 B
1	adform.net cm.adform.net — Cisco Umbrella Rank: 1211	162 B
1	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 372	140 B
1	teads.tv criteo-sync.teads.tv — Cisco Umbrella Rank: 2120	163 B
1	smartadserver.com rtb-csync.smartadserver.com — Cisco Umbrella Rank: 622	163 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 339	239 B
1	media.net contextual.media.net — Cisco Umbrella Rank: 665	783 B
1	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 336	146 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 98	185 B
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 631	15 KB
1	dwin1.com www.dwin1.com — Cisco Umbrella Rank: 3662	13 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 313	3 KB
265	54

	Domain	Requested by
69	js.driftt.com	www.goaheadtours.com js.driftt.com
31	assets.goaheadtours.com	www.goaheadtours.com
19	a.opmnstr.com	www.goaheadtours.com a.opmnstr.com
18	a.storyblok.com	www.goaheadtours.com
10	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.goaheadtours.com
6	d1nldbz8jmu82w.cloudfront.net	www.goaheadtours.com
5	gum.criteo.com	4 redirects static.criteo.net
5	www.google.de	www.goaheadtours.com
5	analytics.tiktok.com	www.goaheadtours.com analytics.tiktok.com
4	targeting.api.drift.com	js.driftt.com
4	event.api.drift.com	js.driftt.com
4	region1.analytics.google.com	www.googletagmanager.com
4	www.google.com	1 redirects www.goaheadtours.com
3	ib.adnxs.com	2 redirects
3	fonts.gstatic.com	fonts.googleapis.com
3	fonts.googleapis.com	a.opmnstr.com
3	a.omappapi.com	a.opmnstr.com
3	bat.bing.com	www.googletagmanager.com bat.bing.com www.goaheadtours.com
3	googleads.g.doubleclick.net	1 redirects www.googletagmanager.com
2	flow.api.drift.com	js.driftt.com
2	metrics.api.drift.com	js.driftt.com
2	bootstrap.api.drift.com	js.driftt.com
2	z.omappapi.com	a.opmnstr.com
2	px.mountain.com	dx.mountain.com www.goaheadtours.com
2	dpm.demdex.net	1 redirects
2	r.casalemedia.com	1 redirects
2	ups.analytics.yahoo.com
2	dis.criteo.com
2	stats.g.doubleclick.net	www.google-analytics.com www.googletagmanager.com
2	solutions.invocacdn.com	www.goaheadtours.com solutions.invocacdn.com
2	adservice.google.com	10100557.fls.doubleclick.net 6384424.fls.doubleclick.net
2	collector-30678.us.tvsquared.com	www.goaheadtours.com
2	connect.facebook.net	www.goaheadtours.com connect.facebook.net
2	10100557.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	6384424.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	www.googletagmanager.com	www.goaheadtours.com www.googletagmanager.com
2	img2.storyblok.com	www.goaheadtours.com
1	driftt.imgix.net
1	gs.mountain.com	www.goaheadtours.com
1	logx.optimizely.com	cdn.optimizely.com
1	s.thebrighttag.com
1	beacon.krxd.net
1	e1.emxdgt.com
1	sync-criteo.ads.yieldmo.com
1	ad.yieldlab.net
1	a.twiago.com
1	criteo-partners.tremorhub.com
1	match.sharethrough.com
1	simage2.pubmatic.com
1	sync.outbrain.com
1	jadserve.postrelease.com
1	exchange.mediavine.com
1	matching.ivitrack.com
1	ad.360yield.com
1	id5-sync.com
1	visitor.omnitagjs.com
1	cm.adform.net
1	eb2.3lift.com
1	criteo-sync.teads.tv
1	rtb-csync.smartadserver.com
1	pixel.rubiconproject.com
1	contextual.media.net
1	x.bidswitch.net
1	cm.g.doubleclick.net	1 redirects
1	www.facebook.com	www.goaheadtours.com
1	widget.us.criteo.com	www.goaheadtours.com
1	sslwidget.criteo.com	1 redirects
1	mug.criteo.com	www.goaheadtours.com
1	a24099230963.cdn.optimizely.com	cdn.optimizely.com
1	api.omappapi.com	a.opmnstr.com
1	dx.mountain.com	www.goaheadtours.com
1	static.criteo.net	www.googletagmanager.com
1	www.dwin1.com	www.googletagmanager.com
1	cdn.jsdelivr.net	www.googletagmanager.com
1	cdn.optimizely.com	www.googletagmanager.com
1	d3oig6rspwnkfc.cloudfront.net	www.goaheadtours.com
1	www.goaheadtours.com
265	77

This site contains links to these domains. Also see Links.

Domain
www.bbb.org
www.ustoa.com
app.monstercampaigns.com
www.efstudyabroad.com
www.efexploreamerica.com
girltrips.eftours.com
www.eftours.com
www.efultimatebreak.com
www.efgapyear.com
www.goaheadtours.ca
www.facebook.com
www.x.com
www.instagram.com
www.pinterest.com
www.youtube.com
www.tiktok.com
www.ef.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-27` - `2024-04-26`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
*.storyblok.com Amazon RSA 2048 M02	`2023-08-17` - `2024-09-14`	a year	crt.sh
a.opmnstr.com R3	`2023-11-18` - `2024-02-16`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
cdn.optimizely.com DigiCert TLS RSA SHA256 2020 CA1	`2023-09-01` - `2024-09-04`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 01	`2023-10-24` - `2024-04-21`	6 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.dwin1.com Amazon RSA 2048 M03	`2023-10-18` - `2024-11-15`	a year	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-09` - `2024-01-06`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-09-19` - `2023-12-18`	3 months	crt.sh
*.tiktok.com RapidSSL ECC CA 2018	`2023-07-14` - `2024-08-13`	a year	crt.sh
*.mountain.com Go Daddy Secure Certificate Authority - G2	`2023-06-12` - `2024-06-23`	a year	crt.sh
*.us.tvsquared.com Amazon RSA 2048 M02	`2023-05-29` - `2024-06-26`	a year	crt.sh
a.omappapi.com R3	`2023-11-18` - `2024-02-16`	3 months	crt.sh
api.opmnstr.com Amazon RSA 2048 M01	`2023-03-01` - `2024-02-08`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
invocacdn.com Amazon RSA 2048 M02	`2023-09-24` - `2024-10-21`	a year	crt.sh
www.google.de GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-03-01`	3 months	crt.sh
*.cdn.optimizely.com GeoTrust RSA CA 2018	`2023-02-26` - `2024-02-28`	a year	crt.sh
*.google.de GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
3.212.39.155 Sectigo RSA Domain Validation Secure Server CA	`2023-02-15` - `2024-02-15`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
*.media.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-10` - `2024-02-18`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
teads.tv R3	`2023-11-03` - `2024-02-01`	3 months	crt.sh
*.3lift.com Amazon RSA 2048 M02	`2023-04-13` - `2024-05-11`	a year	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-08-03` - `2024-01-24`	6 months	crt.sh
*.adform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-25` - `2024-06-18`	a year	crt.sh
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA	`2023-06-23` - `2024-07-22`	a year	crt.sh
*.id5-sync.com R3	`2023-11-01` - `2024-01-30`	3 months	crt.sh
*.360yield.com Amazon RSA 2048 M01	`2023-05-29` - `2024-06-26`	a year	crt.sh
itm.ivitrack.com R3	`2023-10-15` - `2024-01-13`	3 months	crt.sh
exchange.mediavine.com Amazon RSA 2048 M02	`2023-06-06` - `2024-07-04`	a year	crt.sh
*.postrelease.com Amazon RSA 2048 M01	`2023-02-09` - `2024-02-16`	a year	crt.sh
*.outbrain.com Thawte TLS RSA CA G1	`2023-11-20` - `2024-11-27`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2023-04-20` - `2024-05-20`	a year	crt.sh
*.sharethrough.com Amazon RSA 2048 M01	`2023-06-14` - `2024-07-12`	a year	crt.sh
*.tremorhub.com Amazon RSA 2048 M01	`2023-02-22` - `2024-03-23`	a year	crt.sh
*.twiago.com Sectigo RSA Domain Validation Secure Server CA	`2022-11-28` - `2023-12-29`	a year	crt.sh
*.yieldlab.net DigiCert TLS RSA SHA256 2020 CA1	`2023-09-17` - `2024-09-17`	a year	crt.sh
*.ads.yieldmo.com Amazon RSA 2048 M01	`2023-04-04` - `2024-05-02`	a year	crt.sh
*.emxdgt.com Amazon RSA 2048 M01	`2023-05-03` - `2024-05-31`	a year	crt.sh
drift.com Amazon RSA 2048 M02	`2023-08-15` - `2024-09-11`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
z.omappapi.com R3	`2023-11-02` - `2024-01-31`	3 months	crt.sh
logx.optimizely.com Amazon RSA 2048 M01	`2023-06-24` - `2024-07-22`	a year	crt.sh
*.imgix.com GlobalSign Atlas R3 DV TLS CA 2023 Q4	`2023-12-07` - `2025-01-07`	a year	crt.sh

This page contains 8 frames:

Primary Page: https://www.goaheadtours.com/
Frame ID: AB04EB2E961585BB92EC2E0A9146E5E8
Requests: 145 HTTP requests in this frame

Frame: https://6384424.fls.doubleclick.net/activityi;dc_pre=CKb_ppqnhoMDFUndOwIdBJAFrA;src=6384424;type=us_sa001;cat=us_sa0;ord=6971591685512;auiddc=1476295756.1702260682;u10=https%3A%2F%2Fwww.goaheadtours.com%2F;gtm=45He3bt0v811745238;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.goaheadtours.com%2F
Frame ID: A60ABB71994CE636D96292E7C97B9698
Requests: 2 HTTP requests in this frame

Frame: https://10100557.fls.doubleclick.net/activityi;dc_pre=CPzTp5qnhoMDFcLVOwIdhNIG2Q;src=10100557;type=sa001;cat=gat_s0;ord=5777833139904;auiddc=1476295756.1702260682;u3=https%3A%2F%2Fwww.goaheadtours.com%2F;gtm=45He3bt0v811745238;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.goaheadtours.com%2F
Frame ID: 966138332656D56BB7D360C59642E09E
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=www.goaheadtours.com&origin=onetag
Frame ID: 0835AD8144033155840537B253DCBD03
Requests: 2 HTTP requests in this frame

Frame: https://a24099230963.cdn.optimizely.com/client_storage/a24099230963.html
Frame ID: F65C51D3110D85CF3C270F921187F969
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-mbeshQXrZvJXwT5Qjfzual_OtauOX7LtmkAomw&google_gid=CAESEBnz2-5A0fyRi6QGnCA1jio&google_cver=1&google_ula=913071,0
Frame ID: 851C617685D36B2E3A097F6B4A79DCF5
Requests: 30 HTTP requests in this frame

Frame: https://js.driftt.com/core?d=1&embedId=m5k7y7ds347b&eId=m5k7y7ds347b&region=US&forceShow=false&skipCampaigns=false&sessionId=3ec4e7b8-e9b5-461a-b049-2967fb88ba46&sessionStarted=1702260683.6&campaignRefreshToken=f563119f-1403-4b88-97fe-a8341eb03557&hideController=false&pageLoadStartTime=1702260682086&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.goaheadtours.com%2F
Frame ID: F0F21C00263A253F22FCFB3DE586B600
Requests: 42 HTTP requests in this frame

Frame: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1702260682086
Frame ID: 1E69C74509B620875C9B180975CEB14E
Requests: 36 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Guided Tours & Group Travel Tours | EF Go Ahead ToursSearch

Detected technologies

AWIN (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

dwin1\.com

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Criteo (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

//static\.criteo\.net/js/ld/ld\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Optimizely (Analytics) Expand

Overall confidence: 100%
Detected patterns

optimizely\.com.*\.js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

265
Requests

97 %
HTTPS

35 %
IPv6

54
Domains

77
Subdomains

68
IPs

6
Countries

3505 kB
Transfer

8760 kB
Size

50
Cookies

18 Outgoing links

These are links going to different origins than the main page.

URL: https://www.bbb.org/us/ma/cambridge/profile/tour-operators/ef-go-ahead-tours-0021-61902/accreditation-information

Search URL Search Domain Scan URL

URL: https://www.ustoa.com/ef-go-ahead-tours

Search URL Search Domain Scan URL

URL: https://app.monstercampaigns.com/c/ea0lij4kne9fvbjrqfjn
Title: Request a catalog

Search URL Search Domain Scan URL

URL: https://www.efstudyabroad.com/
Title: EF Study Abroad

Search URL Search Domain Scan URL

URL: https://www.efexploreamerica.com/
Title: EF Explore America

Search URL Search Domain Scan URL

URL: https://girltrips.eftours.com/
Title: EF Tours for Girls

Search URL Search Domain Scan URL

URL: https://www.eftours.com/
Title: EF Educational Tours US

Search URL Search Domain Scan URL

URL: https://www.efultimatebreak.com/
Title: EF Ultimate Break

Search URL Search Domain Scan URL

URL: https://www.efgapyear.com/
Title: EF Gap Year

Search URL Search Domain Scan URL

URL: https://www.goaheadtours.ca/
Title: goaheadtours.ca

Search URL Search Domain Scan URL

URL: https://www.facebook.com/goaheadtours

Search URL Search Domain Scan URL

URL: https://www.x.com/goaheadtours

Search URL Search Domain Scan URL

URL: https://www.instagram.com/goaheadtours

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/goaheadtours

Search URL Search Domain Scan URL

URL: https://www.youtube.com/goaheadtours

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@goaheadtours

Search URL Search Domain Scan URL

URL: https://www.ef.com/careers
Title: Careers

Search URL Search Domain Scan URL

URL: https://app.monstercampaigns.com/c/w8bmijovdmcpkbdofhm7/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 66

https://6384424.fls.doubleclick.net/activityi;src=6384424;type=us_sa001;cat=us_sa0;ord=6971591685512;auiddc=1476295756.1702260682;u10=https%3A%2F%2Fwww.goaheadtours.com%2F;gtm=45He3bt0v811745238;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.goaheadtours.com%2F HTTP 302
https://6384424.fls.doubleclick.net/activityi;dc_pre=CKb_ppqnhoMDFUndOwIdBJAFrA;src=6384424;type=us_sa001;cat=us_sa0;ord=6971591685512;auiddc=1476295756.1702260682;u10=https%3A%2F%2Fwww.goaheadtours.com%2F;gtm=45He3bt0v811745238;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.goaheadtours.com%2F

Request Chain 67

https://10100557.fls.doubleclick.net/activityi;src=10100557;type=sa001;cat=gat_s0;ord=5777833139904;auiddc=1476295756.1702260682;u3=https%3A%2F%2Fwww.goaheadtours.com%2F;gtm=45He3bt0v811745238;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.goaheadtours.com%2F HTTP 302
https://10100557.fls.doubleclick.net/activityi;dc_pre=CPzTp5qnhoMDFcLVOwIdhNIG2Q;src=10100557;type=sa001;cat=gat_s0;ord=5777833139904;auiddc=1476295756.1702260682;u3=https%3A%2F%2Fwww.goaheadtours.com%2F;gtm=45He3bt0v811745238;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.goaheadtours.com%2F

Request Chain 75

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1071918522/?random=1702260682288&cv=11&fst=1702260682288&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v811745238&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.goaheadtours.com%2F&hn=www.googleadservices.com&frm=0&tiba=Guided%20Tours%20%26%20Group%20Travel%20Tours%20%7C%20EF%20Go%20Ahead%20Tours&auid=1476295756.1702260682&uamb=0&uaw=0 HTTP 302
https://www.google.com/pagead/1p-user-list/1071918522/?random=1702260682288&cv=11&fst=1702260000000&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v811745238&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.goaheadtours.com%2F&frm=0&tiba=Guided%20Tours%20%26%20Group%20Travel%20Tours%20%7C%20EF%20Go%20Ahead%20Tours&is_vtc=1&cid=CAQSKQDICaaN0RstYHtYipbR8WN-kF1AiQrKcfomjWRDKjavjb_ewspTMgoz&random=3512805322 HTTP 302
https://www.google.de/pagead/1p-user-list/1071918522/?random=1702260682288&cv=11&fst=1702260000000&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v811745238&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.goaheadtours.com%2F&frm=0&tiba=Guided%20Tours%20%26%20Group%20Travel%20Tours%20%7C%20EF%20Go%20Ahead%20Tours&is_vtc=1&cid=CAQSKQDICaaN0RstYHtYipbR8WN-kF1AiQrKcfomjWRDKjavjb_ewspTMgoz&random=3512805322&ipr=y

Request Chain 104

https://gum.criteo.com/sid/json?origin=onetag&domain=goaheadtours.com&sn=ChromeSyncframe&so=0&topUrl=www.goaheadtours.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=rOirjHxSZDB5Z2cxalh4SG5qc0JRalk4djlLYnJXNkltWWRrK1dvS2xLWVQvTm0wOVJnTkNWL0hSbTdIbHJ4WUJUYmNaeHZja2hHRXdHeWswTkZqaExRU29xV0QwZHpQeE9pUUxnSGtLSmgzeFkvS0R4MUV5bXFFVTNZb1RCdmEzbjNJSnlZd1QxSXZWVVV6K1pqUkJ4U3QzRlZxNVZrdzQ4SXJOd0FrVGVjajcrckxTQ0FQUEVFU1gvT0tMckhGcmpNVDdncTVqa1FqUGxvT3dtN2QxcEt5MjJYL2hZV3p0OWNYTjVkYktOeTRXem93cjl2cUpDTEVVTWVYVTkwbE93bGRYa3hxRmQvYTdyUFRYc3dySEIrQ2VtNitkYVVWcUIybzFLSUwyUTR1RUtQVT18&cppv=2

Request Chain 109

https://sslwidget.criteo.com/event?a=95679&v=5.20.0&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=j_Ooz19maHpCWDZtOU50RzUlMkYlMkZ1bTFRNHdmU0x3R243aXY3dkZLYUgzSWZ1OWxNSWozam1pMFB1MllIOUpHRm9vZ0pBSkJHSjZQQThmdWVyZVJpYyUyRlp0N1F6MDFCT0lmUGhjUjB5QiUyRmJZZ0s3YXQ3dzRhb3BQWFl3R3lTd3lmazlYSGl2V3kwSmtQUyUyQnBZbFZpR2xVZ2VyY0lweG9xYnJBSjlQNUFoc3BuRVhJJTJCQkUlM0Q&tld=goaheadtours.com&fu=https%253A%252F%252Fwww.goaheadtours.com%252F&ceid=4c082d1d-312c-4c65-992b-02d0f95f24a8&dtycbr=38358 HTTP 302
https://widget.us.criteo.com/event?a=95679&v=5.20.0&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=j_Ooz19maHpCWDZtOU50RzUlMkYlMkZ1bTFRNHdmU0x3R243aXY3dkZLYUgzSWZ1OWxNSWozam1pMFB1MllIOUpHRm9vZ0pBSkJHSjZQQThmdWVyZVJpYyUyRlp0N1F6MDFCT0lmUGhjUjB5QiUyRmJZZ0s3YXQ3dzRhb3BQWFl3R3lTd3lmazlYSGl2V3kwSmtQUyUyQnBZbFZpR2xVZ2VyY0lweG9xYnJBSjlQNUFoc3BuRVhJJTJCQkUlM0Q&tld=goaheadtours.com&fu=https%253A%252F%252Fwww.goaheadtours.com%252F&ceid=4c082d1d-312c-4c65-992b-02d0f95f24a8&dtycbr=38358

Request Chain 137

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-mbeshQXrZvJXwT5Qjfzual_OtauOX7LtmkAomw&google_cm&google_hm=ay1tYmVzaFFYclp2Slh3VDVRamZ6dWFsX090YXVPWDdMdG1rQW9tdw HTTP 302
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-mbeshQXrZvJXwT5Qjfzual_OtauOX7LtmkAomw&google_gid=CAESEBnz2-5A0fyRi6QGnCA1jio&google_cver=1&google_ula=913071,0

Request Chain 139

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=6214389574145634159

Request Chain 148

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-ZfbKrwXrZvJXwT5Qjfzual_Otav9AOT3wBaL5A HTTP 302
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-ZfbKrwXrZvJXwT5Qjfzual_Otav9AOT3wBaL5A&C=1

Request Chain 149

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=daJjXPnUAE5br-VERr51U5lL_GKOgM-p HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=daJjXPnUAE5br-VERr51U5lL_GKOgM-p

Request Chain 169

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP 302
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=daAK88qV7_Qg5dEToovA2rB1kFVj2GIC

Request Chain 172

https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40 HTTP 302
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=0Gt4rWdKNIQl8d4MPz8qzxDLu4ElVDJ0

265 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.goaheadtours.com/ 370 KB
44 KB 59ms
24ms Document
text/html 2606:4700::6812:7059
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.goaheadtours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7059 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Next.js

Resource Hash

ae8ee359ff01f447cf2b5353e0dfb9329c8282d9c419f0ca9feb418e5ed4a4e2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://app.storyblok.com http://app.storyblok.com/
Strict-Transport-Security	max-age=0
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1550
cache-control: public, max-age=10, s-maxage=1800, stale-while-revalidate=86400
cf-cache-status: HIT
cf-ray: 833a324eee7068f8-FRA
content-encoding: br
content-security-policy: frame-ancestors https://app.storyblok.com http://app.storyblok.com/
content-type: text/html; charset=utf-8
date: Mon, 11 Dec 2023 02:11:22 GMT
etag: W/"jbgv5uy54i849c"
server: cloudflare
strict-transport-security: max-age=0
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-powered-by: Next.js

GET
H2 200 EFCircularSub-Black.woff2
d1nldbz8jmu82w.cloudfront.net/ 38 KB
39 KB 100ms
35ms Font
binary/octet-stream 2600:9000:20a0:6c00:13:b371:9a00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1nldbz8jmu82w.cloudfront.net/EFCircularSub-Black.woff2
Requested by: Host: www.goaheadtours.com
URL: https://www.goaheadtours.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20a0:6c00:13:b371:9a00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 318b3811fff78b9d51b1385ccafe830b1b731407f73d12aba87704ce4c8c478c

Request headers

Referer: https://www.goaheadtours.com/
Origin: https://www.goaheadtours.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 23:34:17 GMT
via: 1.1 8e6f6d7e57b70cc43be20c132da08b18.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P2
age: 8908626
x-cache: Hit from cloudfront
content-length: 38924
last-modified: Sat, 04 May 2019 23:15:47 GMT
server: AmazonS3
etag: "c7b73a297e6834c2d8a28ed7443489db"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: kMqdGpumBoQdK1kRF0UwniloQZ_HWmFV_46b8kcsId3Eb86ir26Bxw==

GET
H2 200 EFCircularSub-Bold.woff2
d1nldbz8jmu82w.cloudfront.net/ 39 KB
39 KB 96ms
31ms Font
binary/octet-stream 2600:9000:20a0:6c00:13:b371:9a00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1nldbz8jmu82w.cloudfront.net/EFCircularSub-Bold.woff2
Requested by: Host: www.goaheadtours.com
URL: https://www.goaheadtours.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20a0:6c00:13:b371:9a00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 419e9ceec0f42d8d507ffd2bc953430abeb29bd2612358428d7b217deb284c5d

Request headers

Referer: https://www.goaheadtours.com/
Origin: https://www.goaheadtours.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 23:34:17 GMT
via: 1.1 8e6f6d7e57b70cc43be20c132da08b18.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P2
age: 8908626
x-cache: Hit from cloudfront
content-length: 39500
last-modified: Sat, 04 May 2019 23:15:47 GMT
server: AmazonS3
etag: "7cf902110636eb8fd0bb0e6f9603ecff"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: Sjb1_x63U06XnLH_JK5CCUga2ugjm3GjzNgKuiHo7VEACJo8kuzWxg==

GET
H2 200 EFCircularSub-Book.woff2
d1nldbz8jmu82w.cloudfront.net/ 36 KB
36 KB 116ms
51ms Font
binary/octet-stream 2600:9000:20a0:6c00:13:b371:9a00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1nldbz8jmu82w.cloudfront.net/EFCircularSub-Book.woff2
Requested by: Host: www.goaheadtours.com
URL: https://www.goaheadtours.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20a0:6c00:13:b371:9a00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 569f041ebf1517bc89897ddeb38835b9d93afed9d870742c4e8b967464617b54

Request headers

Referer: https://www.goaheadtours.com/
Origin: https://www.goaheadtours.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 04:07:25 GMT
via: 1.1 8e6f6d7e57b70cc43be20c132da08b18.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P2
age: 8805838
x-cache: Hit from cloudfront
content-length: 36584
last-modified: Sat, 04 May 2019 23:15:47 GMT
server: AmazonS3
etag: "c2ee49959adcc23fac3d4f89f0b45956"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: q-KVoSF-omFjrvYkM6M4kV-_9hYpT0_QWilqOTuPjxjF0H2T8qhh4g==

GET
H2 200 EFCircularSub-Light.woff2
d1nldbz8jmu82w.cloudfront.net/ 38 KB
38 KB 109ms
44ms Font
binary/octet-stream 2600:9000:20a0:6c00:13:b371:9a00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1nldbz8jmu82w.cloudfront.net/EFCircularSub-Light.woff2
Requested by: Host: www.goaheadtours.com
URL: https://www.goaheadtours.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20a0:6c00:13:b371:9a00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a7261c03942fe3aeae6c21a5e0d467a14b728a707eaf7e1d294a93683032d761

Request headers

Referer: https://www.goaheadtours.com/
Origin: https://www.goaheadtours.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 23:34:17 GMT
via: 1.1 8e6f6d7e57b70cc43be20c132da08b18.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P2
age: 8908626
x-cache: Hit from cloudfront
content-length: 38708
last-modified: Sat, 04 May 2019 23:15:47 GMT
server: AmazonS3
etag: "50d1fc1f8a1df6e37643b398421a8cb9"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: ur7NNZNtLyIX1WNIckV4-KpjCNQsLYS9R9dsB5Mr-SYPE-CZV4vNBw==

GET
H2 200 EFCircularSub-Medium.woff2
d1nldbz8jmu82w.cloudfront.net/ 37 KB
38 KB 113ms
48ms Font
binary/octet-stream 2600:9000:20a0:6c00:13:b371:9a00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1nldbz8jmu82w.cloudfront.net/EFCircularSub-Medium.woff2
Requested by: Host: www.goaheadtours.com
URL: https://www.goaheadtours.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20a0:6c00:13:b371:9a00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ade30ddbc83c165140e004aa0bbe5f843cb479538451cdc208cb47e718e1593d

Request headers

Referer: https://www.goaheadtours.com/
Origin: https://www.goaheadtours.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 23:34:17 GMT
via: 1.1 8e6f6d7e57b70cc43be20c132da08b18.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P2
age: 8908626
x-cache: Hit from cloudfront
content-length: 38168
last-modified: Sat, 04 May 2019 23:15:47 GMT
server: AmazonS3
etag: "bd219c26b950d61cbb1b9b69737f331d"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 6ZSDU83Y5M6uLuIyaPhsb_-1yFr6zc8K-u7xMSWio8siri2VmgAw1g==

GET
H2 200 2ead4924aca04952.css
assets.goaheadtours.com/web-ui-service/1701431924/_next/static/css/ 4 KB
2 KB 38ms
21ms Stylesheet
text/css 2606:4700::6812:7059
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.goaheadtours.com/web-ui-service/1701431924/_next/static/css/2ead4924aca04952.css

Requested by

Host: www.goaheadtours.com
URL: https://www.goaheadtours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7059 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4be2d9b5ed0447bf7d2b372d988938d87dab3d063e2252aa32dafc5cbb47f2d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.goaheadtours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 02:11:22 GMT
via: 1.1 6b85d8725dd6471c3db1f65d4096afc4.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=0
x-amz-cf-pop: FRA56-P6
age: 827790
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Fri, 01 Dec 2023 12:01:17 GMT
server: cloudflare
etag: W/"2d8a3a7ba8d59e8110c122ff81c433d9"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000, immutable
cf-ray: 833a324f2e8768f8-FRA
x-amz-cf-id: 1IJvr3sYFk26TLhzKY-BUH1CHmcxlPpWxD65yZ68KEpP1loRFJEEtg==

GET
H2 200 1bfc9850-4b57e76805abe88c.js Show response
assets.goaheadtours.com/web-ui-service/1701431924/_next/static/chunks/ 8 KB
3 KB 24ms
20ms Script
text/javascript 2606:4700::6812:7059
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.goaheadtours.com/web-ui-service/1701431924/_next/static/chunks/1bfc9850-4b57e76805abe88c.js

Requested by

Host: www.goaheadtours.com
URL: https://www.goaheadtours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7059 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b8be0a62ea1bd67705eb6c3b863546763f3f27f8200274bc526a6703ca0d224d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.goaheadtours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 02:11:22 GMT
via: 1.1 20a87151baa74b57c01624c82e244c6a.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=0
x-amz-cf-pop: FRA56-P6
age: 827790
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Fri, 01 Dec 2023 12:01:13 GMT
server: cloudflare
etag: W/"752df9f2ca119e698878bac42871f32b"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000, immutable
cf-ray: 833a324f2e8868f8-FRA
x-amz-cf-id: COG3RmE7d3QkqVtdpJAUzLmGvf_dp7qAlpDivNTWHXHp7bI1VdSqMA==

GET
H2 200 78e521c3-351c9775ed12c558.js Show response
assets.goaheadtours.com/web-ui-service/1701431924/_next/static/chunks/ 1 KB
910 B 28ms
24ms Script
text/javascript 2606:4700::6812:7059
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.goaheadtours.com/web-ui-service/1701431924/_next/static/chunks/78e521c3-351c9775ed12c558.js

Requested by

Host: www.goaheadtours.com
URL: https://www.goaheadtours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7059 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b3270ed405782208fad71fdada8fd19c55e6042dbcf3a6390cb12f359f93f8fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.goaheadtours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 02:11:22 GMT
via: 1.1 ab68583a58d574d6a9e5fca1fb1e6316.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=0
x-amz-cf-pop: FRA56-P6
age: 772479
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Fri, 01 Dec 2023 12:01:15 GMT
server: cloudflare
etag: W/"00e055a2186bac3b14b78d542e3fe8ad"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000, immutable
cf-ray: 833a324f2e8a68f8-FRA
x-amz-cf-id: Tdj0HMluR3pZFCcyOqpZVcF6lmK4oHtw1KWDe5Hx0T0mzYLEHRwUNw==

GET
H2 200 3962-865a320c8f58da2e.js Show response
assets.goaheadtours.com/web-ui-service/1701431924/_next/static/chunks/ 15 KB
5 KB 26ms
22ms Script
text/javascript 2606:4700::6812:7059
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.goaheadtours.com/web-ui-service/1701431924/_next/static/chunks/3962-865a320c8f58da2e.js

Requested by

Host: www.goaheadtours.com
URL: https://www.goaheadtours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7059 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f3b1aff8338b23e10e71666f6257898fc6d37fb5192acdf4879ff752fd83b365

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.goaheadtours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 02:11:22 GMT
via: 1.1 57eb57a4c7d431365ab5b2e18c495bf4.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=0
x-amz-cf-pop: FRA56-P6
age: 827790
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Fri, 01 Dec 2023 12:01:14 GMT
server: cloudflare
etag: W/"402f18a0c3c82618b34d3451a98fea2f"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000, immutable
cf-ray: 833a324f2e8b68f8-FRA
x-amz-cf-id: 8ATVMd02G6QAqNyykZgFmW86tLLJJW3-LjiqV12FYdP8dsgXy_467A==

GET
H2 200 2622.871879df0a505eb7.js Show response
assets.goaheadtours.com/web-ui-service/1701431924/_next/static/chunks/ 9 KB
4 KB 28ms
24ms Script
text/javascript 2606:4700::6812:7059
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.goaheadtours.com/web-ui-service/1701431924/_next/static/chunks/2622.871879df0a505eb7.js

Requested by

Host: www.goaheadtours.com
URL: https://www.goaheadtours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7059 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

582c863de4df81180468a0bf44b8f18a60803dc85528d00534935fd4d7ded404

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.goaheadtours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 02:11:22 GMT
via: 1.1 0a93e5f50864322b5cd49038d9c83154.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=0
x-amz-cf-pop: MUC50-P4
age: 825764
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Fri, 01 Dec 2023 12:01:13 GMT
server: cloudflare
etag: W/"6a7868146fac20a94e80eeba436bbf3a"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000, immutable
cf-ray: 833a324f2e8c68f8-FRA
x-amz-cf-id: v8i37hI1mtPE4_fSEfI638gRB5ZNxXyRpxBCCL7XYR0VLIgHnKs8Ew==

GET
H2 200 8394.b3cae23c688cedcf.js Show response
assets.goaheadtours.com/web-ui-service/1701431924/_next/static/chunks/ 2 KB
908 B 27ms
23ms Script
text/javascript 2606:4700::6812:7059
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.goaheadtours.com/web-ui-service/1701431924/_next/static/chunks/8394.b3cae23c688cedcf.js

Requested by

Host: www.goaheadtours.com
URL: https://www.goaheadtours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7059 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

673e457023ac61d43f651a944cc0b1d9948beff615aafc6aa7ae328e2ea0b43d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.goaheadtours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 02:11:22 GMT
via: 1.1 6c2674fb15c38f5458794dd680986b8e.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=0
x-amz-cf-pop: FRA56-P6
age: 179392
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Fri, 01 Dec 2023 12:01:15 GMT
server: cloudflare
etag: W/"e0bf95d12efa2fc8780c776e883e0d26"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000, immutable
cf-ray: 833a324f2e8d68f8-FRA
x-amz-cf-id: JHfqb2hkMM54pr4ci0QVwxTlzYwMJTpZFRICIY8q0PNzVOHGDlMFkw==

GET
H2 200 3296.38dac0c5fe8413c0.js Show response
assets.goaheadtours.com/web-ui-service/1701431924/_next/static/chunks/ 2 KB
936 B 19ms
19ms Script
text/javascript 2606:4700::6812:7059
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.goaheadtours.com/web-ui-service/1701431924/_next/static/chunks/3296.38dac0c5fe8413c0.js

Requested by

Host: www.goaheadtours.com
URL: https://www.goaheadtours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7059 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4c843cf07186cb3b96ce97cc635ff2331db3fe4162012c771c5009c64aecade9

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.goaheadtours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 02:11:22 GMT
via: 1.1 2cbf148f6c14a1a6f56400dc9dc76f2a.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=0
x-amz-cf-pop: ARN56-P2
age: 630842
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Fri, 01 Dec 2023 12:01:14 GMT
server: cloudflare
etag: W/"03b557be2a0cf0f293f2a780c5892e27"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000, immutable
cf-ray: 833a324f4e9868f8-FRA
x-amz-cf-id: pEwEE6Tq82MqGg8LRWUY7mvFd4y32cyQHosnV1sHr13SON9Mj2qZ1w==

GET
H2 200 9008.5ea0695c89b4c683.js Show response
assets.goaheadtours.com/web-ui-service/1701431924/_next/static/chunks/ 359 B
462 B 18ms
18ms Script
text/javascript 2606:4700::6812:7059
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.goaheadtours.com/web-ui-service/1701431924/_next/static/chunks/9008.5ea0695c89b4c683.js

Requested by

Host: www.goaheadtours.com
URL: https://www.goaheadtours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7059 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

852bd0cacc917cf120c13a24ce9082d7cbbd0c20f8f74aadc5cc3f0863a3a0b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.goaheadtours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 02:11:22 GMT
via: 1.1 fb5610ec56d3f427bcbcfdd851770614.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=0
x-amz-cf-pop: FRA56-P6
age: 193055
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Fri, 01 Dec 2023 12:01:15 GMT
server: cloudflare
etag: W/"7cfb9534a2c464d8caf50ad569f1086e"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000, immutable
cf-ray: 833a324f4e9968f8-FRA
x-amz-cf-id: r_wn0q3PHXG0lLvowKxirupnJKEuFUbvWJkMl05KCiYS1LpOUbABgA==

GET
H2 200 7698.2140e5e10b9ea19a.js Show response
assets.goaheadtours.com/web-ui-service/1701431924/_next/static/chunks/ 3 KB
2 KB 19ms
19ms Script
text/javascript 2606:4700::6812:7059
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.goaheadtours.com/web-ui-service/1701431924/_next/static/chunks/7698.2140e5e10b9ea19a.js

Requested by

Host: www.goaheadtours.com
URL: https://www.goaheadtours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7059 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b4e955ffc5c5f7aeba5e91a9d7b86dbd8f64a5a61fe816ac9ed81933f107e7f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.goaheadtours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 02:11:22 GMT
via: 1.1 5c0a79476717d213b9c559bafee1c65e.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=0
x-amz-cf-pop: FRA56-P6
age: 827790
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Fri, 01 Dec 2023 12:01:15 GMT
server: cloudflare
etag: W/"7e0554c08e81c87095b75910ebefafa7"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000, immutable
cf-ray: 833a324f5e9e68f8-FRA
x-amz-cf-id: 7aCEoJ9vylvthqlJejU66EQPrIhnUE7kNWfzCIuHagl0Hh2bUxotFQ==

GET
H2 200 9191.be1918ed75cd6dea.js Show response
assets.goaheadtours.com/web-ui-service/1701431924/_next/static/chunks/ 4 KB
2 KB 18ms
18ms Script
text/javascript 2606:4700::6812:7059
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.goaheadtours.com/web-ui-service/1701431924/_next/static/chunks/9191.be1918ed75cd6dea.js

Requested by

Host: www.goaheadtours.com
URL: https://www.goaheadtours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7059 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

47b3cdf62af98b2557c88d5052927d9491b3bdadb29eb2bc4156ee32a581d608

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.goaheadtours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 02:11:22 GMT
via: 1.1 bfb5bffe90e3b0e760933a7a07d850ba.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=0
x-amz-cf-pop: FRA56-P6
age: 827790
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Fri, 01 Dec 2023 12:01:16 GMT
server: cloudflare
etag: W/"b4f2fb78483137c7566b0a8496f2e8bf"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000, immutable
cf-ray: 833a324f5e9f68f8-FRA
x-amz-cf-id: RrdYeBgXgB1x6HtNF3TNcajSoyFIJGtd73Eo2KlxhF5pJ7xMmRYpiQ==

GET
H2 200 6553.a0638fc0942c51e2.js Show response
assets.goaheadtours.com/web-ui-service/1701431924/_next/static/chunks/ 10 KB
4 KB 21ms
21ms Script
text/javascript 2606:4700::6812:7059
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.goaheadtours.com/web-ui-service/1701431924/_next/static/chunks/6553.a0638fc0942c51e2.js

Requested by

Host: www.goaheadtours.com
URL: https://www.goaheadtours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7059 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aff3f080ca81726de6f6af5f1fc204edc7efed19b2141b53db9f589832bd5123

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.goaheadtours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 02:11:22 GMT
via: 1.1 833cf3734f11e96b0710bcbbca86e60a.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=0
x-amz-cf-pop: VIE50-P2
age: 825764
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Fri, 01 Dec 2023 12:01:15 GMT
server: cloudflare
etag: W/"06de178fd7d3566424ff767ac9d6b8ff"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000, immutable
cf-ray: 833a324f5ea068f8-FRA
x-amz-cf-id: oPCJgys-DZJmKXFfD57_tXgxkIB9I-f78wdcJKUILfxHLP-fUD5QLQ==

GET
H2 200 7039.98c462ee438cd1c3.js Show response
assets.goaheadtours.com/web-ui-service/1701431924/_next/static/chunks/ 10 KB
4 KB 20ms
20ms Script
text/javascript 2606:4700::6812:7059
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.goaheadtours.com/web-ui-service/1701431924/_next/static/chunks/7039.98c462ee438cd1c3.js

Requested by

Host: www.goaheadtours.com
URL: https://www.goaheadtours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7059 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4d65180699598cc634c94568f2d0575cd2271276f0258f809c7dcd257a849372

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.goaheadtours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 02:11:22 GMT
via: 1.1 3a31afbebc94940fbd5e1e63050bb58a.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=0
x-amz-cf-pop: MUC50-P4
age: 825764
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Fri, 01 Dec 2023 12:01:15 GMT
server: cloudflare
etag: W/"0a46a278e9c67a2ca64f3832a39e5bbf"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000, immutable
cf-ray: 833a324f5ea168f8-FRA
x-amz-cf-id: fiocIVe6ZMnp2_kurVsCxGlRMPkReBOQgHlcftUvcKQaEoNDUSHBbQ==

GET
H2 200 6743.1f145378ab33ae98.js Show response
assets.goaheadtours.com/web-ui-service/1701431924/_next/static/chunks/ 11 KB
4 KB 21ms
21ms Script
text/javascript 2606:4700::6812:7059
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.goaheadtours.com/web-ui-service/1701431924/_next/static/chunks/6743.1f145378ab33ae98.js

Requested by

Host: www.goaheadtours.com
URL: https://www.goaheadtours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7059 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ca576224eadf33d00539fd0d7f912861526ff0b99b38994c169587737def7288

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.goaheadtours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 02:11:22 GMT
via: 1.1 0c9e9d172625986c065b7bb9836e5d08.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=0
x-amz-cf-pop: MUC50-P4
age: 825764
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Fri, 01 Dec 2023 12:01:15 GMT
server: cloudflare
etag: W/"b1327e44b8a398e8f86ba59293c3f872"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000, immutable
cf-ray: 833a324f7eae68f8-FRA
x-amz-cf-id: Y-Drv418V_5gBb31Cb5gmj5an_-VPG0KARgOhDiwgbKzfSv0RgnCpA==

GET
H2 200 9077.49faf05e525914ff.js Show response
assets.goaheadtours.com/web-ui-service/1701431924/_next/static/chunks/ 5 KB
2 KB 19ms
19ms Script
text/javascript 2606:4700::6812:7059
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.goaheadtours.com/web-ui-service/1701431924/_next/static/chunks/9077.49faf05e525914ff.js

Requested by

Host: www.goaheadtours.com
URL: https://www.goaheadtours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7059 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0ff11e71dc336096127eacb0484ade7bd0c3b63b528bc9e8cee6a94537c4ccba

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.goaheadtours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 02:11:22 GMT
via: 1.1 b26b931354407da013ac53d2c1c55034.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=0
x-amz-cf-pop: FRA56-P6
age: 188716
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Fri, 01 Dec 2023 12:01:16 GMT
server: cloudflare
etag: W/"245763587908ccf2248a79591fa8f7ee"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000, immutable
cf-ray: 833a324f7eaf68f8-FRA
x-amz-cf-id: CocP15ExiUtPN2zAXVORIX3HPefZT0mimcUCn2W5rlLm2PxzEFKZng==

GET
H2 200 1737.7c83986cf9c76219.js Show response
assets.goaheadtours.com/web-ui-service/1701431924/_next/static/chunks/ 3 KB
2 KB 18ms
18ms Script
text/javascript 2606:4700::6812:7059
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.goaheadtours.com/web-ui-service/1701431924/_next/static/chunks/1737.7c83986cf9c76219.js

Requested by

Host: www.goaheadtours.com
URL: https://www.goaheadtours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7059 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8be54f9df63756f7a72ca5721de8d3ed6fd99dc2d4c8dbe09b5439515028ab48

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.goaheadtours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 02:11:22 GMT
via: 1.1 e75bff6012758ccb55ff41b176b32342.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=0
x-amz-cf-pop: FRA56-P6
age: 827790
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Fri, 01 Dec 2023 12:01:13 GMT
server: cloudflare
etag: W/"c39ecb079b7822d042fed1c3acfccbe9"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000, immutable
cf-ray: 833a324f7eb068f8-FRA
x-amz-cf-id: eVecF7tV2mtROHNie8epS8FI3y0W47nv2oB3hdwuTzHBHpxOjEQLeQ==

GET
H2 200 1947-bece24b97a236c26.js Show response
assets.goaheadtours.com/web-ui-service/1701431924/_next/static/chunks/ 4 KB
2 KB 25ms
25ms Script
text/javascript 2606:4700::6812:7059
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.goaheadtours.com/web-ui-service/1701431924/_next/static/chunks/1947-bece24b97a236c26.js

Requested by

Host: www.goaheadtours.com
URL: https://www.goaheadtours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7059 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

37ad809409817f7139138e19f5116f85889b390b19fa3883bc96379b50ada1b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.goaheadtours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 02:11:22 GMT
via: 1.1 409b27093eb36cec367cdee5f3ecf8b2.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=0
x-amz-cf-pop: FRA56-P6
age: 827790
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Fri, 01 Dec 2023 12:01:13 GMT
server: cloudflare
etag: W/"00a92f072ca8e37631b45c71a646cbfe"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000, immutable
cf-ray: 833a324f7eb168f8-FRA
x-amz-cf-id: 9JmNivT6WobjUH1KhpnQ3ebPvwjSvUp0rDws81YOkUyFR0xmwTJHqA==

GET
H2 200 9908.1e84428f4865ddeb.js Show response
assets.goaheadtours.com/web-ui-service/1701431924/_next/static/chunks/ 3 KB
1 KB 19ms
19ms Script
text/javascript 2606:4700::6812:7059
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.goaheadtours.com/web-ui-service/1701431924/_next/static/chunks/9908.1e84428f4865ddeb.js

Requested by

Host: www.goaheadtours.com
URL: https://www.goaheadtours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7059 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed66405827a21a72b4df472a08b2978ab6e47405d80f6097a9a8f0d045d3f38f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.goaheadtours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 02:11:22 GMT
via: 1.1 bb5a1c03f2335d92378a3e68542733da.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=0
x-amz-cf-pop: FRA56-P6
age: 820442
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Fri, 01 Dec 2023 12:01:16 GMT
server: cloudflare
etag: W/"402a889422590974475e8cb3d88c5ae1"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000, immutable
cf-ray: 833a324f7eb268f8-FRA
x-amz-cf-id: 0_exbb3z4crlPESCr5goS38AJph9SNdO_zHr1s8udlMNShJbqkQhYg==

GET
H2 200 ea88be26-2052e29ca5f3f12f.js Show response
assets.goaheadtours.com/web-ui-service/1701431924/_next/static/chunks/ 289 KB
74 KB 26ms
26ms Script
text/javascript 2606:4700::6812:7059
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.goaheadtours.com/web-ui-service/1701431924/_next/static/chunks/ea88be26-2052e29ca5f3f12f.js

Requested by

Host: www.goaheadtours.com
URL: https://www.goaheadtours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7059 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9c12008459a92eaee91d2044d61926c8128c1fd573337f9b6a829af7394af259

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.goaheadtours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 02:11:22 GMT
via: 1.1 d05d62f18b6532eb36f4d53b3337857c.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=0
x-amz-cf-pop: FRA56-P6
age: 827790
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Fri, 01 Dec 2023 12:01:16 GMT
server: cloudflare
etag: W/"c258d593a5248cbec5fbeab35e4b5ecb"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000, immutable
cf-ray: 833a324f7eb368f8-FRA
x-amz-cf-id: fpQ8qXACoIezyx_Dn0Rh3Vdg9eSR-4KYvQvJBOJqtUe79hbpvAEPiA==

GET
H2 200 2304-0eed472b840adb86.js Show response
assets.goaheadtours.com/web-ui-service/1701431924/_next/static/chunks/ 10 KB
5 KB 19ms
19ms Script
text/javascript 2606:4700::6812:7059
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.goaheadtours.com/web-ui-service/1701431924/_next/static/chunks/2304-0eed472b840adb86.js

Requested by

Host: www.goaheadtours.com
URL: https://www.goaheadtours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7059 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f262b7ab4bc7ac9bff363b4dcc6a68420dc195850d6218a1d66764639db5a8d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.goaheadtours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 02:11:22 GMT
via: 1.1 5c0a79476717d213b9c559bafee1c65e.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=0
x-amz-cf-pop: FRA56-P6
age: 827790
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Fri, 01 Dec 2023 12:01:13 GMT
server: cloudflare
etag: W/"5fe40817ba977279d4a6427932996af9"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000, immutable
cf-ray: 833a324f9eb968f8-FRA
x-amz-cf-id: NGk9vIalpMg1SdVEq2b8L3IBJ_F4gG5gzWvW4xXkKypbcEN91XjpOw==

GET
H2 200 8240-34fc6a9d0905a451.js Show response
assets.goaheadtours.com/web-ui-service/1701431924/_next/static/chunks/ 4 KB
2 KB 18ms
18ms Script
text/javascript 2606:4700::6812:7059
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.goaheadtours.com/web-ui-service/1701431924/_next/static/chunks/8240-34fc6a9d0905a451.js

Requested by

Host: www.goaheadtours.com
URL: https://www.goaheadtours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7059 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9bf37c357401c10712eb17dbd6433130c058d399d0b15a52cad8cb853c35db71

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.goaheadtours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 02:11:22 GMT
via: 1.1 ecb3ea567a6c6095a23354fbdc938128.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=0
x-amz-cf-pop: FRA56-P6
age: 827790
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Fri, 01 Dec 2023 12:01:15 GMT
server: cloudflare
etag: W/"724a8f9085c08db0b925f1b32abd54ab"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000, immutable
cf-ray: 833a324f9ebb68f8-FRA
x-amz-cf-id: IGhyj8hngjTLXiMaMPrJGSTDAriRX3JsaNNhHQ6t1rej0rjUwFIsVg==

GET
H2 200 7395-c0088786452e63da.js Show response
assets.goaheadtours.com/web-ui-service/1701431924/_next/static/chunks/ 22 KB
5 KB 21ms
19ms Script
text/javascript 2606:4700::6812:7059
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.goaheadtours.com/web-ui-service/1701431924/_next/static/chunks/7395-c0088786452e63da.js

Requested by

Host: www.goaheadtours.com
URL: https://www.goaheadtours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7059 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

25b2b402f5fb926c7f00bbce9664055f10729221d98fc2b90a311027acd8ee3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.goaheadtours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 02:11:22 GMT
via: 1.1 e1f996a9009532eeea33edfd32ef3240.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=0
x-amz-cf-pop: FRA56-P6
age: 827790
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Fri, 01 Dec 2023 12:01:15 GMT
server: cloudflare
etag: W/"939e3d8b74a21185cf2ec5ae45d737d5"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000, immutable
cf-ray: 833a324f9ebe68f8-FRA
x-amz-cf-id: KL_tuxZ5JQwcMqzV4sPRRCNAut7VJnYH1ysAbODJosUqpeSkhV_eGw==

GET
H2 200 4203-dc2be08cb90d5a3b.js Show response
assets.goaheadtours.com/web-ui-service/1701431924/_next/static/chunks/ 6 KB
3 KB 21ms
21ms Script
text/javascript 2606:4700::6812:7059
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.goaheadtours.com/web-ui-service/1701431924/_next/static/chunks/4203-dc2be08cb90d5a3b.js

Requested by

Host: www.goaheadtours.com
URL: https://www.goaheadtours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7059 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e934015e6fca5ce9e8ef1cde72d07561e55d8eb90cc6a8ba078b4aac7f595b62

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.goaheadtours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 02:11:22 GMT
via: 1.1 bfb5bffe90e3b0e760933a7a07d850ba.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=0
x-amz-cf-pop: FRA56-P6
age: 827790
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Fri, 01 Dec 2023 12:01:14 GMT
server: cloudflare
etag: W/"6f6a24e7ccbd67dd6a7f155aeb0baf52"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000, immutable
cf-ray: 833a324f9ebf68f8-FRA
x-amz-cf-id: jpdFNo9RJ8WhL_Z_FUGEFq7V71I9Q6sjJByIjpNgAEpFIajeCEnGxw==

GET
H2 200 2194.cacd6acac50e7b95.js Show response
assets.goaheadtours.com/web-ui-service/1701431924/_next/static/chunks/ 6 KB
3 KB 19ms
19ms Script
text/javascript 2606:4700::6812:7059
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.goaheadtours.com/web-ui-service/1701431924/_next/static/chunks/2194.cacd6acac50e7b95.js

Requested by

Host: www.goaheadtours.com
URL: https://www.goaheadtours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7059 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

40d4e90cbd08177f2a5a82d8afad079be9761510684dd0516a979b9ff1629035

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.goaheadtours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 02:11:22 GMT
via: 1.1 6c2674fb15c38f5458794dd680986b8e.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=0
x-amz-cf-pop: FRA56-P6
age: 827790
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Fri, 01 Dec 2023 12:01:13 GMT
server: cloudflare
etag: W/"60c572e9adcfb59da1bf4252024330a9"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000, immutable
cf-ray: 833a324faec168f8-FRA
x-amz-cf-id: f7su-0rMRgyvx1EduIKLABvaMqX5rn-JKgaoyBPfxzlaA8Il0IA7Fg==

GET
H2 200 6577.c4f6611b3ce7da0d.js Show response
assets.goaheadtours.com/web-ui-service/1701431924/_next/static/chunks/ 7 KB
3 KB 17ms
17ms Script
text/javascript 2606:4700::6812:7059
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.goaheadtours.com/web-ui-service/1701431924/_next/static/chunks/6577.c4f6611b3ce7da0d.js

Requested by

Host: www.goaheadtours.com
URL: https://www.goaheadtours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7059 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4701b2e1ec76dd19d170df197631b535d8f317e6432314e54ff420ea61ec5001

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.goaheadtours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 02:11:22 GMT
via: 1.1 25a522e44c88aba621285693935f1eaa.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=0
x-amz-cf-pop: MUC50-P4
age: 825764
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Fri, 01 Dec 2023 12:01:15 GMT
server: cloudflare
etag: W/"9c81e5a85c47b0459adac4e5df6a1a03"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000, immutable
cf-ray: 833a324faec368f8-FRA
x-amz-cf-id: 5PqbtX6KnOyevUEPmgoTTOzXcp8XMFbDC9DztVx9d1kv71rMchEvxA==

GET
H2 200 webpack-296965e94272b2ac.js Show response
assets.goaheadtours.com/web-ui-service/1701431924/_next/static/chunks/ 8 KB
4 KB 20ms
19ms Script
text/javascript 2606:4700::6812:7059
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.goaheadtours.com/web-ui-service/1701431924/_next/static/chunks/webpack-296965e94272b2ac.js

Requested by

Host: www.goaheadtours.com
URL: https://www.goaheadtours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7059 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4ec540661e312366140129bc71b3666c95c5722882c5e17cf254f499e8fecd65

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.goaheadtours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 02:11:22 GMT
via: 1.1 6278ee254a7d35c23aae5e936b5a56ee.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=0
x-amz-cf-pop: FRA56-P6
age: 827790
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Fri, 01 Dec 2023 12:01:17 GMT
server: cloudflare
etag: W/"49b8f5ffd26f5c41985e7b1f32ba3b0e"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000, immutable
cf-ray: 833a324fbec768f8-FRA
x-amz-cf-id: 7oa85d-xI74yElcWwu6YTvJBMZuN8AV6knDg7Depgq95RztiM5w8EQ==

GET
H2 200 framework-7588ad2408db5ed0.js Show response
assets.goaheadtours.com/web-ui-service/1701431924/_next/static/chunks/ 206 KB
58 KB 22ms
22ms Script
text/javascript 2606:4700::6812:7059
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.goaheadtours.com/web-ui-service/1701431924/_next/static/chunks/framework-7588ad2408db5ed0.js

Requested by

Host: www.goaheadtours.com
URL: https://www.goaheadtours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7059 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e9a6d909dc9c70587affdefea54ba839f8c9c539a0663db465b76d5968397eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.goaheadtours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 02:11:22 GMT
via: 1.1 002af2e4f72157b8b4bd2de012b5b57c.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=0
x-amz-cf-pop: FRA56-P6
age: 827790
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Fri, 01 Dec 2023 12:01:16 GMT
server: cloudflare
etag: W/"625309de35695215d4dbb306641ffb4f"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000, immutable
cf-ray: 833a324fbec868f8-FRA
x-amz-cf-id: jKmt_vW9Xwr1X7tNGoaDVGgjUtN1TQN4Vd4BLY_zz0ZtB5ghHWrkyw==

GET
H2 200 main-c8310c53559c39d0.js Show response
assets.goaheadtours.com/web-ui-service/1701431924/_next/static/chunks/ 88 KB
27 KB 22ms
20ms Script
text/javascript 2606:4700::6812:7059
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.goaheadtours.com/web-ui-service/1701431924/_next/static/chunks/main-c8310c53559c39d0.js

Requested by

Host: www.goaheadtours.com
URL: https://www.goaheadtours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7059 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

43acd90d3c65e3d6e25c372cb71c739f16379a7f18f64f28a6774b19a83bb559

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.goaheadtours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 02:11:22 GMT
via: 1.1 f61953901038b0c4b4c82c311140f1b8.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=0
x-amz-cf-pop: FRA56-P6
age: 827790
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Fri, 01 Dec 2023 12:01:16 GMT
server: cloudflare
etag: W/"c9a0de5850adc552ea00041c449c68bc"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000, immutable
cf-ray: 833a324fbeca68f8-FRA
x-amz-cf-id: fBStOQ8adzOfwbg2_TsGspOcrNpQGW0xorF5VkFGjaKMHB-OJWQvbQ==

GET
H2 200 _app-665ebb4d7a7da169.js Show response
assets.goaheadtours.com/web-ui-service/1701431924/_next/static/chunks/pages/ 913 KB
251 KB 32ms
32ms Script
text/javascript 2606:4700::6812:7059
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.goaheadtours.com/web-ui-service/1701431924/_next/static/chunks/pages/_app-665ebb4d7a7da169.js

Requested by

Host: www.goaheadtours.com
URL: https://www.goaheadtours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7059 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a7c1a06c4d212374f6b12504afe290c122a72e0caf1b8f07ba87ae874fe7042c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.goaheadtours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 02:11:22 GMT
via: 1.1 6b85d8725dd6471c3db1f65d4096afc4.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=0
x-amz-cf-pop: FRA56-P6
age: 827790
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Fri, 01 Dec 2023 12:01:16 GMT
server: cloudflare
etag: W/"510d77bbc392b10ad05ba052d22060a0"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000, immutable
cf-ray: 833a324fbecc68f8-FRA
x-amz-cf-id: 1QtwkaC0WzTqxjRWgm8JJazhZe4eJp_OOmXdW0nwJyZZLZVegM-meA==

GET
H2 200 index-315c0e08f5efceeb.js Show response
assets.goaheadtours.com/web-ui-service/1701431924/_next/static/chunks/pages/ 4 KB
2 KB 23ms
23ms Script
text/javascript 2606:4700::6812:7059
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.goaheadtours.com/web-ui-service/1701431924/_next/static/chunks/pages/index-315c0e08f5efceeb.js

Requested by

Host: www.goaheadtours.com
URL: https://www.goaheadtours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7059 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5b6f59384f6cb9627be4fa5b63e6a093cb39970d9369f49062dd2e3dde6a5c38

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.goaheadtours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 02:11:22 GMT
via: 1.1 22ec86e3f4ec676e17ef8eea76eefba2.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=0
x-amz-cf-pop: FRA56-P6
age: 151583
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Fri, 01 Dec 2023 12:01:16 GMT
server: cloudflare
etag: W/"1bf3a6a9389b419b85bd82f0e32172af"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000, immutable
cf-ray: 833a324fcecd68f8-FRA
x-amz-cf-id: vlsL50r9ZKaF47Igg21l9SaO0G9j3oYfJomhKbh9kFMu-lUJPLFmyw==

GET
H2 200 _buildManifest.js Show response
assets.goaheadtours.com/web-ui-service/1701431924/_next/static/XQuL0c2qsQxkWzDlh58se/ 11 KB
3 KB 18ms
18ms Script
text/javascript 2606:4700::6812:7059
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.goaheadtours.com/web-ui-service/1701431924/_next/static/XQuL0c2qsQxkWzDlh58se/_buildManifest.js

Requested by

Host: www.goaheadtours.com
URL: https://www.goaheadtours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7059 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e426b2e0d9fc29869aacce20dddb12bc82753cc91f8d1447b2ba178f0f042eb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.goaheadtours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 02:11:22 GMT
via: 1.1 22ec86e3f4ec676e17ef8eea76eefba2.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=0
x-amz-cf-pop: FRA56-P6
age: 827790
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Fri, 01 Dec 2023 12:01:13 GMT
server: cloudflare
etag: W/"6f529110f8c658c8433563c9348ec474"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000, immutable
cf-ray: 833a324fcece68f8-FRA
x-amz-cf-id: Iaq0qQDuqQ3_GNFPpG5K9UIGP0H4gx_oCbkdLuSWDdLdL6bcWfui6g==

GET
H2 200 _ssgManifest.js Show response
assets.goaheadtours.com/web-ui-service/1701431924/_next/static/XQuL0c2qsQxkWzDlh58se/ 77 B
243 B 21ms
21ms Script
text/javascript 2606:4700::6812:7059
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.goaheadtours.com/web-ui-service/1701431924/_next/static/XQuL0c2qsQxkWzDlh58se/_ssgManifest.js

Requested by

Host: www.goaheadtours.com
URL: https://www.goaheadtours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7059 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.goaheadtours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 02:11:22 GMT
via: 1.1 e016ea20838aeed1d878a5244c9e2552.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=0
x-amz-cf-pop: FRA56-P6
age: 827789
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Fri, 01 Dec 2023 12:01:13 GMT
server: cloudflare
etag: W/"b6652df95db52feb4daf4eca35380933"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000, immutable
cf-ray: 833a324fded268f8-FRA
x-amz-cf-id: 0rapA5mkCGmVGiFKPw7Zb_cJySJHc0LuxGhNBKM9RkcnkH6bed0qwQ==

GET
H2 200 logo-gat-desktop-us-2x.png
img2.storyblok.com/f/53624/450x98/f800456b5c/ 20 KB
20 KB 59ms
16ms Image
image/png 18.239.83.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2.storyblok.com/f/53624/450x98/f800456b5c/logo-gat-desktop-us-2x.png
Requested by: Host: www.goaheadtours.com
URL: https://www.goaheadtours.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.83.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-83-104.ams58.r.cloudfront.net
Software: CloudFront /
Resource Hash: ebcabaeaf48094ef947db06d5e531ea5837df7878afff31e07aa5b32ad08dae0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.goaheadtours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 23:38:10 GMT
via: 1.1 a44309111e5e1050ff485adaa4681ad0.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: AMS58-P5
age: 1305192
etag: "258395b987fab26ff9939a34ea2bc559f8c117fb"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000,public
content-length: 20035
x-amz-cf-id: 5iJkPMZOeWu7mAeFSXQQNafKrDq1FdkRxqMmsfZgR2jMWZWG3e-9FQ==
expires: Sun, 24 Nov 2024 23:38:10 GMT

GET
H2 200 logo-gat-mobile-us-2x.png
img2.storyblok.com/f/53624/318x50/aa6b54c461/ 10 KB
10 KB 59ms
16ms Image
image/png 18.239.83.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2.storyblok.com/f/53624/318x50/aa6b54c461/logo-gat-mobile-us-2x.png
Requested by: Host: www.goaheadtours.com
URL: https://www.goaheadtours.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.83.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-83-104.ams58.r.cloudfront.net
Software: CloudFront /
Resource Hash: e563b4b6b27709874bb9d43e78e666705ac388159b8be03517fd00f6a934a224

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.goaheadtours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 18:50:57 GMT
via: 1.1 a44309111e5e1050ff485adaa4681ad0.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: AMS58-P5
age: 6074425
etag: "ee5c2527aaf8cfbb66514964e2b46a9c8b52e247"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000,public
content-length: 9938
x-amz-cf-id: Bcx_p2laIDdp2FqdTF8nhIOi5VB_0fdFXqS8OfL24mqNyZ-E0YdoeA==
expires: Mon, 30 Sep 2024 18:50:57 GMT

GET
H2 200 api.min.js Show response
a.opmnstr.com/app/js/ 51 KB
18 KB 39ms
6ms Script
application/javascript 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.opmnstr.com/app/js/api.min.js
Requested by: Host: www.goaheadtours.com
URL: https://www.goaheadtours.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1081 /
Resource Hash: b18b7934fcad866d7a86f35e082d61323a9417ef10ded37e30c710dae0d38df4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.goaheadtours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 02:11:22 GMT
content-encoding: br
cdn-edgestorageid: 1080
perma-cache: HIT
cdn-storageserver: DE-165
cdn-cachedat: 12/08/2023 16:04:25
cdn-pullzone: 293267
last-modified: Wed, 08 Nov 2023 17:53:19 GMT
server: BunnyCDN-DE1-1081
cdn-fileserver: 728
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"654bcb0f-cb9a"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: f9979829f09cb183cfed7532aa030a16
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 399 KB
119 KB 55ms
31ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NDTHZ2G

Requested by

Host: www.goaheadtours.com
URL: https://www.goaheadtours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d720b49553e0bb64a77896b03b22ea0df1801761d609c55d7026cedaa36e3452

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.goaheadtours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 02:11:22 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 121624
x-xss-protection: 0
last-modified: Mon, 11 Dec 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 11 Dec 2023 02:11:22 GMT

GET
H2 200 1920x0
a.storyblok.com/f/53624/5883x3447/8badd1f1af/madrid-spain_shutterstock_1921785788-2.jpg/m/ 395 KB
396 KB 61ms
18ms Image
image/webp 18.238.243.69
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.storyblok.com/f/53624/5883x3447/8badd1f1af/madrid-spain_shutterstock_1921785788-2.jpg/m/1920x0
Requested by: Host: www.goaheadtours.com
URL: https://www.goaheadtours.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.243.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-243-69.ams58.r.cloudfront.net
Software: nginx/1.14.2 /
Resource Hash: 285fe6d501fb8812827f066e71f4219dce57344ea4c69ed0ab6a7a8ca189327a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.goaheadtours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 14:43:22 GMT
via: 1.1 056d6ac2ca676a55ced60e0ac6451d22.cloudfront.net (CloudFront)
server: nginx/1.14.2
x-amz-cf-pop: AMS58-P1
age: 386880
etag: "5f9b0513c87e18738ec20d86367bc5a2b10d7a14"
vary: Accept
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=31536000,public
content-length: 404972
x-amz-cf-id: hEq_2JCyIDGW8MScUDuUTA62fHnrEjd8KxSbIsyS_xWoB0AaH62mnw==
expires: Thu, 05 Dec 2024 14:43:22 GMT

GET
H2 200 569x0
a.storyblok.com/f/53624/569x495/7ea1a3d6c4/italy_mit.jpg/m/ 57 KB
58 KB 106ms
63ms Image
image/webp 18.238.243.69
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.storyblok.com/f/53624/569x495/7ea1a3d6c4/italy_mit.jpg/m/569x0
Requested by: Host: www.goaheadtours.com
URL: https://www.goaheadtours.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.243.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-243-69.ams58.r.cloudfront.net
Software: nginx/1.14.2 /
Resource Hash: 04681ea0d011eca225e528bad1c8cdbc10c59624d02c056099c8c45bc3223bba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.goaheadtours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 14:43:20 GMT
via: 1.1 056d6ac2ca676a55ced60e0ac6451d22.cloudfront.net (CloudFront)
server: nginx/1.14.2
x-amz-cf-pop: AMS58-P1
age: 386882
etag: "22adc98e09054cee879de23deb1d021e1f2a81be"
vary: Accept
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=31536000,public
content-length: 58700
x-amz-cf-id: S41fELqA35BT3d4P2-YUTyOgpje8c_8Ti9ZZdFYumMsXcJ8e7T0XEA==
expires: Thu, 05 Dec 2024 14:43:20 GMT

GET
H2 200 640x0
a.storyblok.com/f/53624/640x523/198054f947/hp_offseasontravel_tile_costarica.jpg/m/ 47 KB
48 KB 107ms
68ms Image
image/webp 18.238.243.69
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.storyblok.com/f/53624/640x523/198054f947/hp_offseasontravel_tile_costarica.jpg/m/640x0
Requested by: Host: www.goaheadtours.com
URL: https://www.goaheadtours.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.243.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-243-69.ams58.r.cloudfront.net
Software: nginx/1.14.2 /
Resource Hash: 32a19b76e4b3f58d3736c6b1974d871210440c92a5efe0b3707695b1d543ae9b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.goaheadtours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 14:43:20 GMT
via: 1.1 056d6ac2ca676a55ced60e0ac6451d22.cloudfront.net (CloudFront)
server: nginx/1.14.2
x-amz-cf-pop: AMS58-P1
age: 386882
etag: "0320f6c89bed841c14afcf87b2f1e0e1ac19cb20"
vary: Accept
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=31536000,public
content-length: 48384
x-amz-cf-id: Z060773AhZlo0QoO6QlUg8Y9aEyXmkRfZbShOzJSN_Ihd_phwtvYkA==
expires: Thu, 05 Dec 2024 14:43:20 GMT

GET
H2 200 640x0
a.storyblok.com/f/53624/640x523/5e89bf4abd/newtrending_hp_q4.jpg/m/ 36 KB
36 KB 97ms
60ms Image
image/webp 18.238.243.69
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.storyblok.com/f/53624/640x523/5e89bf4abd/newtrending_hp_q4.jpg/m/640x0
Requested by: Host: www.goaheadtours.com
URL: https://www.goaheadtours.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.243.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-243-69.ams58.r.cloudfront.net
Software: nginx/1.14.2 /
Resource Hash: df50671350e30af789f10f002651e0cfa05d76b238f32b8463e40d7d6098abd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.goaheadtours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 14:43:20 GMT
via: 1.1 056d6ac2ca676a55ced60e0ac6451d22.cloudfront.net (CloudFront)
server: nginx/1.14.2
x-amz-cf-pop: AMS58-P1
age: 386882
etag: "79d573ab477568da3f81379383dcb78ab0a540a0"
vary: Accept
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=31536000,public
content-length: 36702
x-amz-cf-id: PfW_Phzx6KbVSMwJBJbR1t-d6ZaCPWItAD-wGAfrVj76dPw0kiiRgw==
expires: Thu, 05 Dec 2024 14:43:20 GMT

GET
H2 200 1024x0
a.storyblok.com/f/53624/1024x683/d3bb9a3eaf/hp_grouptravel_update2.jpg/m/ 154 KB
155 KB 101ms
65ms Image
image/webp 18.238.243.69
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.storyblok.com/f/53624/1024x683/d3bb9a3eaf/hp_grouptravel_update2.jpg/m/1024x0
Requested by: Host: www.goaheadtours.com
URL: https://www.goaheadtours.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.243.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-243-69.ams58.r.cloudfront.net
Software: nginx/1.14.2 /
Resource Hash: f412437549c8ba029d57d8dad26ea46a31de7d190b9f33532db17188b98d655c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.goaheadtours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 14:43:21 GMT
via: 1.1 056d6ac2ca676a55ced60e0ac6451d22.cloudfront.net (CloudFront)
server: nginx/1.14.2
x-amz-cf-pop: AMS58-P1
age: 386881
etag: "41320e77baa36ead4540445f715a8a4b65083044"
vary: Accept
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=31536000,public
content-length: 158202
x-amz-cf-id: YWKTGJ2LNZiamerdT4IwmMesSA9gudj35BsdoHGxG8qsUSY330O7SA==
expires: Thu, 05 Dec 2024 14:43:21 GMT

GET
H2 200 1024x0
a.storyblok.com/f/53624/1024x683/5f749f44a5/hp_contenthub.jpg/m/ 41 KB
42 KB 109ms
72ms Image
image/webp 18.238.243.69
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.storyblok.com/f/53624/1024x683/5f749f44a5/hp_contenthub.jpg/m/1024x0
Requested by: Host: www.goaheadtours.com
URL: https://www.goaheadtours.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.243.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-243-69.ams58.r.cloudfront.net
Software: nginx/1.14.2 /
Resource Hash: 42079be35ad0d0e2b52f090fb07cf4587863e61be8ef47293ceec97ee5560504

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.goaheadtours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 23:10:02 GMT
via: 1.1 056d6ac2ca676a55ced60e0ac6451d22.cloudfront.net (CloudFront)
server: nginx/1.14.2
x-amz-cf-pop: AMS58-P1
age: 270080
etag: "a6134473232bbf2cbbb7529db82545d87d5e1af5"
vary: Accept
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=31536000,public
content-length: 42294
x-amz-cf-id: UY8RoqeNOn-1962rZBzXlQT_Y0mmi9qGDBN7MxDa6U45VjLBlYeg-Q==
expires: Fri, 06 Dec 2024 23:10:02 GMT

GET
H2 200 EFCircularSub-LightItalic.woff2
d1nldbz8jmu82w.cloudfront.net/ 38 KB
39 KB 26ms
17ms Font
binary/octet-stream 2600:9000:20a0:6c00:13:b371:9a00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1nldbz8jmu82w.cloudfront.net/EFCircularSub-LightItalic.woff2
Requested by: Host: www.goaheadtours.com
URL: https://www.goaheadtours.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20a0:6c00:13:b371:9a00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4feda6639543cfbe6fbfc52198de2599d0b903689c96b6ce2f0a4e034ec60e59

Request headers

Referer: https://www.goaheadtours.com/
Origin: https://www.goaheadtours.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 09:13:39 GMT
via: 1.1 8e6f6d7e57b70cc43be20c132da08b18.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P2
age: 9824264
x-cache: Hit from cloudfront
content-length: 39128
last-modified: Sat, 04 May 2019 23:15:47 GMT
server: AmazonS3
etag: "41c94a11ae5142ecb39eb66b2a82ba14"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: -TAYaf7JimvfKOZdCBHLnZxP1cuZ6OMg89k7GuQ9GeBX5_xL9DcEeg==

GET
H2 200 academicons_chooseyourdestination.svg
a.storyblok.com/f/53624/x/9a735a41fd/ 732 B
1 KB 47ms
16ms Image
image/svg+xml 18.238.243.69
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.storyblok.com/f/53624/x/9a735a41fd/academicons_chooseyourdestination.svg
Requested by: Host: www.goaheadtours.com
URL: https://www.goaheadtours.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.243.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-243-69.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f43e194bad36d6d39054e1bd5da4bc4835829692ba445891bc2ff3e7da048760

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.goaheadtours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 04:12:54 GMT
x-amz-version-id: ltONzV_.xLsEuRnFZAEpBGBQoqOYEJQT
via: 1.1 056d6ac2ca676a55ced60e0ac6451d22.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P1
age: 79109
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 732
last-modified: Tue, 11 Oct 2022 15:19:24 GMT
server: AmazonS3
etag: "405364b0810c70ff5504d2a8c4d96f8d"
content-type: image/svg+xml
cache-control: public; max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 2lilzZeoTgT4_SvT_JXzD49MzZuYwcQuzQO9HQnxTs2kF-tNvBTUGg==
expires: Wed, 11 Oct 2023 15:19:23 GMT

GET
H2 200 academicon_clubgo_earncredits.svg
a.storyblok.com/f/53624/x/7976d82ab6/ 571 B
1 KB 48ms
17ms Image
image/svg+xml 18.238.243.69
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.storyblok.com/f/53624/x/7976d82ab6/academicon_clubgo_earncredits.svg
Requested by: Host: www.goaheadtours.com
URL: https://www.goaheadtours.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.243.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-243-69.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 50329428b5bb7153ccb0dd05a720dcec4dc5f3e5b28b12dafa2551f7de81ec3b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.goaheadtours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 05:15:05 GMT
x-amz-version-id: Kr7C7ClP3Yf9IsTWVe3TjW1eVe4.qhhe
via: 1.1 056d6ac2ca676a55ced60e0ac6451d22.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P1
age: 75378
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 571
last-modified: Tue, 27 Sep 2022 17:47:34 GMT
server: AmazonS3
etag: "15058c954e4a3990b3fc54058c9a15d0"
content-type: image/svg+xml
cache-control: public; max-age=31536000
accept-ranges: bytes
x-amz-cf-id: dul1UMm6OjPC2cVGf7U6PhFVDBJHp-plucOyrBZt_5y20H3bF4Fe_A==
expires: Wed, 27 Sep 2023 17:47:33 GMT

GET
H2 200 academicons_packyourbags.svg
a.storyblok.com/f/53624/x/4e941a4060/ 727 B
1 KB 47ms
17ms Image
image/svg+xml 18.238.243.69
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.storyblok.com/f/53624/x/4e941a4060/academicons_packyourbags.svg
Requested by: Host: www.goaheadtours.com
URL: https://www.goaheadtours.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.243.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-243-69.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 527a2ab93f12834cac411f2bf96d1548fa10333689c7ba8abd71e94922b41158

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.goaheadtours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 06:41:30 GMT
x-amz-version-id: Jrcoszio.qAid8z2Ot_HqdyhuHc1_oCf
via: 1.1 056d6ac2ca676a55ced60e0ac6451d22.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P1
age: 70192
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 727
last-modified: Tue, 11 Oct 2022 15:22:02 GMT
server: AmazonS3
etag: "fe64e9414bd9f7a7d65ef6f60877ad87"
content-type: image/svg+xml
cache-control: public; max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 0ctg7HASnOdwMM32OzqA_eG3ppsSZDua2zXaIWHFGiuog458nx5Ykg==
expires: Wed, 11 Oct 2023 15:22:01 GMT

GET
H2 200 568x316
a.storyblok.com/f/53624/4096x1260/ecc918f1b4/git_4096x1260.png/m/ 31 KB
32 KB 73ms
71ms Image
image/webp 18.238.243.69
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.storyblok.com/f/53624/4096x1260/ecc918f1b4/git_4096x1260.png/m/568x316
Requested by: Host: www.goaheadtours.com
URL: https://www.goaheadtours.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.243.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-243-69.ams58.r.cloudfront.net
Software: nginx/1.14.2 /
Resource Hash: ac9ed0e67f9ec3cd220ca7fd8548ff1d3ddd7c9900ce7214d8f52631b5288b1f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.goaheadtours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 16:17:51 GMT
via: 1.1 056d6ac2ca676a55ced60e0ac6451d22.cloudfront.net (CloudFront)
server: nginx/1.14.2
x-amz-cf-pop: AMS58-P1
age: 986011
etag: "b357181c02d92d39d989b03afe8e5c1323987745"
vary: Accept
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=31536000,public
content-length: 32226
x-amz-cf-id: XXHq6_1wSFDwqcMo7pFy0pT3pHZlBustKruoUCCI8aWTyslTdAv23Q==
expires: Thu, 28 Nov 2024 16:17:51 GMT

GET
H2 200 568x316
a.storyblok.com/f/53624/1600x720/418464df47/vfs_venice_italy_grand_canal.jpg/m/ 41 KB
42 KB 74ms
72ms Image
image/webp 18.238.243.69
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.storyblok.com/f/53624/1600x720/418464df47/vfs_venice_italy_grand_canal.jpg/m/568x316
Requested by: Host: www.goaheadtours.com
URL: https://www.goaheadtours.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.243.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-243-69.ams58.r.cloudfront.net
Software: nginx/1.14.2 /
Resource Hash: c551887113fed17fab1383594ce7942ac75d371c8e75304cf1d28536ac7899fc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.goaheadtours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 00:25:22 GMT
via: 1.1 056d6ac2ca676a55ced60e0ac6451d22.cloudfront.net (CloudFront)
server: nginx/1.14.2
x-amz-cf-pop: AMS58-P1
age: 956760
etag: "b3e37abb501804715fc6d0b40373d5b8900b8f2b"
vary: Accept
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=31536000,public
content-length: 42466
x-amz-cf-id: OXq1kdWXQ3CLJDHSEYkoCktS5g6pYp4tdgH2YMAIz2iZq6zkPly3Jw==
expires: Fri, 29 Nov 2024 00:25:22 GMT

GET
H2 200 568x316
a.storyblok.com/f/53624/1600x720/c30dbc1689/tgi_oia_santorini_greece_3_domes.jpg/m/ 35 KB
35 KB 74ms
73ms Image
image/webp 18.238.243.69
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.storyblok.com/f/53624/1600x720/c30dbc1689/tgi_oia_santorini_greece_3_domes.jpg/m/568x316
Requested by: Host: www.goaheadtours.com
URL: https://www.goaheadtours.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.243.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-243-69.ams58.r.cloudfront.net
Software: nginx/1.14.2 /
Resource Hash: 7ddec3a2d69247482b88edf9c09e40131252980f87f9d70000892784534c1df7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.goaheadtours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 20:53:55 GMT
via: 1.1 056d6ac2ca676a55ced60e0ac6451d22.cloudfront.net (CloudFront)
server: nginx/1.14.2
x-amz-cf-pop: AMS58-P1
age: 623847
etag: "f8aedd05b4e2ca77e2dfe48eb799b4fce88718a9"
vary: Accept
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=31536000,public
content-length: 35394
x-amz-cf-id: R6ERvBpe-fz6HszXQ7kwqkikEPE2fiCW8-3RBhjZEwGfUel4qN92sQ==
expires: Mon, 02 Dec 2024 20:53:55 GMT

GET
H2 200 568x316
a.storyblok.com/f/53624/1600x720/e24efc1c70/lpr_rome_italy_-colosseum.jpg/m/ 50 KB
50 KB 75ms
74ms Image
image/webp 18.238.243.69
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.storyblok.com/f/53624/1600x720/e24efc1c70/lpr_rome_italy_-colosseum.jpg/m/568x316
Requested by: Host: www.goaheadtours.com
URL: https://www.goaheadtours.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.243.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-243-69.ams58.r.cloudfront.net
Software: nginx/1.14.2 /
Resource Hash: 53e1fbcb6c5b16c822557569d6130c72ea739c91698d2ef44598da98d0bd6338

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.goaheadtours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 15:46:52 GMT
via: 1.1 056d6ac2ca676a55ced60e0ac6451d22.cloudfront.net (CloudFront)
server: nginx/1.14.2
x-amz-cf-pop: AMS58-P1
age: 728670
etag: "57b5b5d7ca8727bb5912ca3cc559b93859679036"
vary: Accept
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=31536000,public
content-length: 51216
x-amz-cf-id: 4AuQzyA_w2JQ8IqDNym2k0uFqNDGgGQif3u2WA_nTDmAHQNvEYjGMg==
expires: Sun, 01 Dec 2024 15:46:52 GMT

GET
H2 200 bbb-logo-2023.png
a.storyblok.com/f/53624/200x42/541ebea2a4/ 4 KB
5 KB 68ms
67ms Image
image/png 18.238.243.69
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.storyblok.com/f/53624/200x42/541ebea2a4/bbb-logo-2023.png
Requested by: Host: www.goaheadtours.com
URL: https://www.goaheadtours.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.243.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-243-69.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ad989fea9b3d9e1c7dbf7532aefe9286f36ce3b2338804c77fa7dbfeafcdfb21

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.goaheadtours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 03:32:29 GMT
x-amz-version-id: .dAuFUz4iAlvKuX_5TVmyTFjRbjWUQW.
via: 1.1 056d6ac2ca676a55ced60e0ac6451d22.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P1
age: 513534
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 4233
last-modified: Wed, 08 Feb 2023 21:31:30 GMT
server: AmazonS3
etag: "01857791b5d509fdfc43977de5d2f53e"
content-type: image/png
cache-control: public; max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 0sO6JWSZz3iZEQbniqlO6vcTxLJu0SGFmSSh6s6vdFBBvl1HPFTxkg==
expires: Thu, 08 Feb 2024 21:31:25 GMT

GET
H2 200 ustoa-retina.png
d3oig6rspwnkfc.cloudfront.net/ 9 KB
9 KB 79ms
22ms Image
image/png 2600:9000:21a8:f400:12:66da:ca00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3oig6rspwnkfc.cloudfront.net/ustoa-retina.png
Requested by: Host: www.goaheadtours.com
URL: https://www.goaheadtours.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21a8:f400:12:66da:ca00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: acb6c568434728225b997b0f1e7068cf886cbad7ba4a1bf3a711b0b3f75bbcbf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.goaheadtours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 17:14:03 GMT
via: 1.1 f79355bad214d64e02ae8e84a86f4932.cloudfront.net (CloudFront)
last-modified: Tue, 27 Nov 2018 18:39:05 GMT
server: AmazonS3
x-amz-cf-pop: LHR61-C2
age: 32240
etag: "9e21e98df8d7981434ca3a3dcc1b20d3"
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 8920
x-amz-cf-id: hxNlTZIxYr9z7VpB9ydJ0lW8RmrRZKfRIgm25V-7Ge5C10kGw11wBg==

GET
H2 200 icon-mapleleaf-ca.svg
a.storyblok.com/f/53624/x/e41902a728/ 4 KB
2 KB 69ms
68ms Image
image/svg+xml 18.238.243.69
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.storyblok.com/f/53624/x/e41902a728/icon-mapleleaf-ca.svg
Requested by: Host: www.goaheadtours.com
URL: https://www.goaheadtours.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.243.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-243-69.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 34290bcc7fffbeb7c5f213987b36ac33c167b9d1a72a2373c40bfa4be14f3c9c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.goaheadtours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 02:02:41 GMT
x-amz-version-id: tjJ.syXCCyClJUgqqTMImxHiPy23.Wm7
content-encoding: gzip
via: 1.1 056d6ac2ca676a55ced60e0ac6451d22.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P1
age: 950921
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 30 Apr 2020 19:43:02 GMT
server: AmazonS3
etag: W/"82a2e6eabd07b92b2741eba5f9cab1ce"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public; max-age=31536000
x-amz-cf-id: XnSxRQ1cXpnqSwyq6Z1IKepMqk0x8z-zD1NKu1eE6FMMd6trG-al8g==
expires: Fri, 30 Apr 2021 19:43:01 GMT

GET
H2 200 illustration-footer-clouds.svg
a.storyblok.com/f/53624/x/358f5fd246/ 21 KB
11 KB 69ms
67ms Image
image/svg+xml 18.238.243.69
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.storyblok.com/f/53624/x/358f5fd246/illustration-footer-clouds.svg
Requested by: Host: www.goaheadtours.com
URL: https://www.goaheadtours.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.243.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-243-69.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 67f3fc308975e1114ae6d9beb0c7b4eb0153f9038402fd78a354084cf2094de2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.goaheadtours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 03:34:47 GMT
x-amz-version-id: ke4qfXbMNs4mFk8m7pGmYvNjYJwuvKvn
content-encoding: gzip
via: 1.1 056d6ac2ca676a55ced60e0ac6451d22.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P1
age: 945396
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 30 Apr 2020 19:43:02 GMT
server: AmazonS3
etag: W/"a55e7bafdae3a3163aa2815e6d1b09df"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public; max-age=31536000
x-amz-cf-id: Rf0tHAnTH87Zo5tAdZzhmBOz6CDvd8vrFp0nSMtoecrlPRY5pDqf4Q==
expires: Fri, 30 Apr 2021 19:43:01 GMT

GET
H2 200 illustration-bonvoyage.svg
a.storyblok.com/f/53624/x/d19d8123b8/ 2 KB
1 KB 70ms
69ms Image
image/svg+xml 18.238.243.69
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.storyblok.com/f/53624/x/d19d8123b8/illustration-bonvoyage.svg
Requested by: Host: www.goaheadtours.com
URL: https://www.goaheadtours.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.243.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-243-69.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c418460b30462d253c0f0460ff64a45524d6c5a90ecbc6f6cb46ceddff91ca84

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.goaheadtours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 07:25:17 GMT
x-amz-version-id: MVySAqcGeCZGHp3pvczB3qa8BaywBbzd
content-encoding: gzip
via: 1.1 056d6ac2ca676a55ced60e0ac6451d22.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P1
age: 672366
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 30 Apr 2020 19:43:02 GMT
server: AmazonS3
etag: W/"28d91013c153b26022fb9d8a081241b5"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public; max-age=31536000
x-amz-cf-id: 1fDNs0dE8r2LRuPGc1lJtz54kp0o6c_JwcRnIYRaPt6IpMyJ_8Y6lg==
expires: Fri, 30 Apr 2021 19:43:00 GMT

GET
H2 200 illustration-footer-plane.svg
a.storyblok.com/f/53624/x/261fbc5836/ 14 KB
7 KB 72ms
71ms Image
image/svg+xml 18.238.243.69
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.storyblok.com/f/53624/x/261fbc5836/illustration-footer-plane.svg
Requested by: Host: www.goaheadtours.com
URL: https://www.goaheadtours.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.243.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-243-69.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d677c52b0dda864e5eb975106f53918f5e2dfb2b584ee65395b5dd0bb253989e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.goaheadtours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 03:36:19 GMT
x-amz-version-id: xSteh2lwJesm6oIgHK47boc8RJNbpiVM
content-encoding: gzip
via: 1.1 056d6ac2ca676a55ced60e0ac6451d22.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P1
age: 945304
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 30 Apr 2020 19:43:02 GMT
server: AmazonS3
etag: W/"28fdd4e4bf7c890b05ec9c2a9010c21a"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public; max-age=31536000
x-amz-cf-id: NtPYMeo1koATROr8STBpf7anoYsI2PgjjlD6jE1ZZgJ0dKWKHcPN1g==
expires: Fri, 30 Apr 2021 19:43:00 GMT

GET
H2 200 25065710806.js Show response
cdn.optimizely.com/js/ 290 KB
89 KB 158ms
119ms Script
text/javascript 2a02:26f0:480:5b0::13b8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.optimizely.com/js/25065710806.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NDTHZ2G

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:5b0::13b8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a6678baeec82870a146217be499618653e947eb3b0ca0dfc04b8ce3f03692307

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.goaheadtours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-meta-pci_enabled: False
x-amz-version-id: F55LKHcPlb0QmvMJtPYLEt1dNbh27tOz
content-encoding: gzip
date: Mon, 11 Dec 2023 02:11:22 GMT
strict-transport-security: max-age=15768000
x-amz-request-id: DCTX9CDERFF914AV
x-amz-server-side-encryption: AES256
x-amz-meta-revision: 104
x-amz-replication-status: COMPLETED
server-timing: cdn-cache; desc=REVALIDATE, edge; dur=6, origin; dur=104, cdn;desc="AkamaiION";dur=0,rtt;desc="7";dur=0,cdnip;desc="2a02:26f0:480:5b0::13b8";dur=0,cdnmap;desc="a5048.dsca.akamaiedge.net";dur=0,proto;desc="h2";dur=0, ak_p; desc="1702260682307_35115186_2309172871_10927_2440_7_9_146";dur=1
content-length: 90317
x-amz-id-2: 1uSCL1gEeVLRYGw3ZfAC49I9W8dJOZ3cA9zQrGPHu7Gg2MFuXT7nvQbwcTCpYRffSB7sOQYwUvI=
last-modified: Tue, 05 Dec 2023 15:57:26 GMT
server: AmazonS3
etag: "ec5008134ca87ecf955b0a01c3daab08"
vary: Accept-Encoding
access-control-max-age: 86400
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: x-amz-meta-revision
cache-control: max-age=120
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 283 KB
93 KB 22ms
22ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-LQM236SHEC&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NDTHZ2G

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b2bb1c9c44a6e45972049a95b3bfb9e0609bd2253251029fcab32ec08066881c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.goaheadtours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 02:11:22 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 94861
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 11 Dec 2023 02:11:22 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 28ms
7ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NDTHZ2G

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.goaheadtours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 11 Dec 2023 01:22:30 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 2932
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 11 Dec 2023 03:22:30 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/937035465/ 3 KB
2 KB 37ms
17ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/937035465/?random=1702260682286&cv=11&fst=1702260682286&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v811745238&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.goaheadtours.com%2F&hn=www.googleadservices.com&frm=0&tiba=Guided%20Tours%20%26%20Group%20Travel%20Tours%20%7C%20EF%20Go%20Ahead%20Tours&auid=1476295756.1702260682&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NDTHZ2G

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f8a3acb3478de376bfa31392508a5c19f328c262a378e93672c15e51349ee238

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.goaheadtours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 02:11:22 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1263
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/951355816/ 3 KB
1 KB 39ms
19ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/951355816/?random=1702260682288&cv=11&fst=1702260682288&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v811745238&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.goaheadtours.com%2F&hn=www.googleadservices.com&frm=0&tiba=Guided%20Tours%20%26%20Group%20Travel%20Tours%20%7C%20EF%20Go%20Ahead%20Tours&auid=1476295756.1702260682&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NDTHZ2G

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4f4a7a40796cf40a47e1befc310f0f46ecf8c22c8eef6004edc915425ffaca79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.goaheadtours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 02:11:22 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1259
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 45 KB
13 KB 53ms
31ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NDTHZ2G

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.goaheadtours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Mon, 11 Dec 2023 02:11:21 GMT
last-modified: Fri, 10 Nov 2023 20:09:55 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 2F19AA4BBBE14DAA8756528E27859F3F Ref B: FRA31EDGE0221 Ref C: 2023-12-11T02:11:22Z
etag: "80abcdf1114da1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13175

GET
H2

200

activityi;dc_pre=CKb_ppqnhoMDFUndOwIdBJAFrA;src=6384424;type=us_sa001;cat=us_sa0;ord=6971591685512;auiddc=1476295756.1702260682;u10=https%3A%2F%2Fwww.goaheadtours.com%2F;gtm=45He3bt0v811745238;gcd=... Show response
6384424.fls.doubleclick.net/ Frame A60A
Redirect Chain

https://6384424.fls.doubleclick.net/activityi;src=6384424;type=us_sa001;cat=us_sa0;ord=6971591685512;auiddc=1476295756.1702260682;u10=https%3A%2F%2Fwww.goaheadtours.com%2F;gtm=45He3bt0v811745238;gc...
https://6384424.fls.doubleclick.net/activityi;dc_pre=CKb_ppqnhoMDFUndOwIdBJAFrA;src=6384424;type=us_sa001;cat=us_sa0;ord=6971591685512;auiddc=1476295756.1702260682;u10=https%3A%2F%2Fwww.goaheadtour...

542 B
408 B

170ms
170ms

Document
text/html

216.58.206.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6384424.fls.doubleclick.net/activityi;dc_pre=CKb_ppqnhoMDFUndOwIdBJAFrA;src=6384424;type=us_sa001;cat=us_sa0;ord=6971591685512;auiddc=1476295756.1702260682;u10=https%3A%2F%2Fwww.goaheadtours.com%2F;gtm=45He3bt0v811745238;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.goaheadtours.com%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NDTHZ2G

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f6.1e100.net

Software

cafe /

Resource Hash

017fcff7c5bd0a778022ad75d94fd5cd6e82d466f3422263b77881f44d73055f

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.goaheadtours.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 298
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 11 Dec 2023 02:11:22 GMT
expires: Mon, 11 Dec 2023 02:11:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 11 Dec 2023 02:11:22 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://6384424.fls.doubleclick.net/activityi;dc_pre=CKb_ppqnhoMDFUndOwIdBJAFrA;src=6384424;type=us_sa001;cat=us_sa0;ord=6971591685512;auiddc=1476295756.1702260682;u10=https%3A%2F%2Fwww.goaheadtours.com%2F;gtm=45He3bt0v811745238;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.goaheadtours.com%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

activityi;dc_pre=CPzTp5qnhoMDFcLVOwIdhNIG2Q;src=10100557;type=sa001;cat=gat_s0;ord=5777833139904;auiddc=1476295756.1702260682;u3=https%3A%2F%2Fwww.goaheadtours.com%2F;gtm=45He3bt0v811745238;gcd=11l... Show response
10100557.fls.doubleclick.net/ Frame 9661
Redirect Chain

https://10100557.fls.doubleclick.net/activityi;src=10100557;type=sa001;cat=gat_s0;ord=5777833139904;auiddc=1476295756.1702260682;u3=https%3A%2F%2Fwww.goaheadtours.com%2F;gtm=45He3bt0v811745238;gcd=...
https://10100557.fls.doubleclick.net/activityi;dc_pre=CPzTp5qnhoMDFcLVOwIdhNIG2Q;src=10100557;type=sa001;cat=gat_s0;ord=5777833139904;auiddc=1476295756.1702260682;u3=https%3A%2F%2Fwww.goaheadtours....

539 B
405 B

46ms
45ms

Document
text/html

216.58.206.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10100557.fls.doubleclick.net/activityi;dc_pre=CPzTp5qnhoMDFcLVOwIdhNIG2Q;src=10100557;type=sa001;cat=gat_s0;ord=5777833139904;auiddc=1476295756.1702260682;u3=https%3A%2F%2Fwww.goaheadtours.com%2F;gtm=45He3bt0v811745238;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.goaheadtours.com%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NDTHZ2G

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f6.1e100.net

Software

cafe /

Resource Hash

fdeaafd230868d5f4a4f85b5db119062f6a1698dab8e318be609e79080ba27f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.goaheadtours.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 295
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 11 Dec 2023 02:11:22 GMT
expires: Mon, 11 Dec 2023 02:11:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 11 Dec 2023 02:11:22 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://10100557.fls.doubleclick.net/activityi;dc_pre=CPzTp5qnhoMDFcLVOwIdhNIG2Q;src=10100557;type=sa001;cat=gat_s0;ord=5777833139904;auiddc=1476295756.1702260682;u3=https%3A%2F%2Fwww.goaheadtours.com%2F;gtm=45He3bt0v811745238;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.goaheadtours.com%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 search-insights@2.2.1 Show response
cdn.jsdelivr.net/npm/ 7 KB
3 KB 34ms
16ms Script
application/javascript 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/search-insights@2.2.1

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NDTHZ2G

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0d2e872be145886fa21dbfb0bdd82a6dd87de09470f3b4dc8a93c9548f1d365

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.goaheadtours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 02:11:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 946047
x-jsd-version: 2.2.1
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230023-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"1ca9-LlYameQWGdStxvp0hGBoUXhf4ow"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kuXQIdCZS2Hzb77qtnmpAxw1BO2IABBu9x12ND9SCPANvCxZaAAByyTet8crWkHrcQamATifyQe8tKpxv%2BOFHWfxqdGRnB29h9z0LweTuX5Y2uZrDqdfLvnTz9dn1revCTaqw%2BIKEEtuyhEgGIg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 833a32507906690d-FRA

GET
H2 200 25957.js Show response
www.dwin1.com/ 45 KB
13 KB 65ms
21ms Script
application/javascript 2600:9000:2090:c200:f:8ce2:fb80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dwin1.com/25957.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NDTHZ2G
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2090:c200:f:8ce2:fb80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ea4cb4275f9789710ecd9b8e9e0fdd177bfeef6d501585d9251822df8da5a722

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.goaheadtours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: cMnD2NY9vSAY3v6pu73guSs8Mtp8IHAy
content-encoding: gzip
via: 1.1 f580bae666598e3f09a5ffd24b286bae.cloudfront.net (CloudFront)
date: Mon, 11 Dec 2023 02:09:57 GMT
x-amz-cf-pop: AMS58-P1
age: 86
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Wed, 06 Dec 2023 13:50:48 GMT
server: AmazonS3
etag: W/"39c11d2cd5525abd5658eed048ce4544"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600, s-maxage=600
x-amz-cf-id: DaXd4HOVswS6lu4axPQq93Wg7HypAZsIaLQr7J-z6ll1VszrAZdKQA==

GET
H2 200 ld.js Show response
static.criteo.net/js/ld/ 46 KB
15 KB 50ms
24ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/ld.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NDTHZ2G

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8d528fa7f2e49038400bc2a99cb777f3b57cb55e0b485c117957478e12b00266

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.goaheadtours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 02:11:22 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 10 Oct 2023 15:11:46 GMT
server: nginx
etag: W/"652569b2-b614"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 12 Dec 2023 02:11:22 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 202 KB
54 KB 36ms
8ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.goaheadtours.com
URL: https://www.goaheadtours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.goaheadtours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 11 Dec 2023 02:11:22 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54273
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: k3Ingm6nN6rsjRKQEkZYtLln15FmT6PxYGXNsrEuz+H7dueT0egNF9Yj7tuM8yp+mKs/Y81JeV2M8CC8m2JVVA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 7 KB
3 KB 130ms
110ms Script
application/javascript 184.86.103.203
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CCG7A9BC77UB2PF1JQKG&lib=ttq
Requested by: Host: www.goaheadtours.com
URL: https://www.goaheadtours.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.86.103.203 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-86-103-203.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 44781b67504e09f3241ef9dc8b6dacfd8757c45ed04717584ccd55f3ec9eba65

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.goaheadtours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-akamai-request-id: 9fa8a786
date: Mon, 11 Dec 2023 02:11:22 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-23121102112212DD61BE51FB87D3ACD1-3934614D2AC58ACE-00
x-cache: TCP_MISS from a184-86-102-203.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
server-timing: inner; dur=4, cdn-cache; desc=MISS, edge; dur=1, origin; dur=100
content-length: 2167
pragma: no-cache
server: nginx
x-tt-logid: 2023121102112212DD61BE51FB87D3ACD1
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 100,184.86.102.203
x-tt-trace-host: 01d6b83cef2b28e4aa36819906b33298085ef600524a6d29ecc141bf2880c09363bae1724bd19e0481597ea238ec61e2ff0fe8759993d5c0dcddae40fdb8350810def170bc4b217551bc872318b782c27264141ea3fc21ee8500b6497b7d9a0b55
expires: Mon, 11 Dec 2023 02:11:22 GMT

GET
H/1.1 200
OK spx Show response
dx.mountain.com/ 25 KB
7 KB 391ms
95ms Script
application/javascript 52.7.151.245
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://dx.mountain.com/spx?dxver=4.0.0&shaid=33640&tdr=&plh=https%3A%2F%2Fwww.goaheadtours.com%2F&cb=39946794955490424term=value
Requested by: Host: www.goaheadtours.com
URL: https://www.goaheadtours.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.7.151.245 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-7-151-245.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: f8f0055fa05b219340699b6f0fd8a9ba4633be73c12e1fe5493dc9aca44d93cb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.goaheadtours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 02:11:21 GMT
content-encoding: gzip
server: istio-envoy
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
transfer-encoding: chunked
content-type: application/javascript;charset=utf-8
x-envoy-upstream-service-time: 3
be: spx-prod
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK tv2track.js Show response
collector-30678.us.tvsquared.com/ 20 KB
9 KB 424ms
100ms Script
application/javascript 3.17.53.221
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://collector-30678.us.tvsquared.com/tv2track.js
Requested by: Host: www.goaheadtours.com
URL: https://www.goaheadtours.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.17.53.221 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-17-53-221.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: a463aa6666ce0abcabf8033013cfe881fdbfb570389aff471d400a45b3a496d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.goaheadtours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Mon, 11 Dec 2023 02:11:22 GMT
Content-Encoding: gzip
Last-Modified: Wed, 01 Nov 2023 13:50:22 GMT
Server: nginx
ETag: "6542579e-2133"
Content-Type: application/javascript
Cache-Control: max-age=600
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex
Content-Length: 8499
Expires: Mon, 11 Dec 2023 02:21:22 GMT

GET
H2

200

/
www.google.de/pagead/1p-user-list/1071918522/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1071918522/?random=1702260682288&cv=11&fst=1702260682288&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v811745238&gcd=11l1l1l1l1&dma_c...
https://www.google.com/pagead/1p-user-list/1071918522/?random=1702260682288&cv=11&fst=1702260000000&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v811745238&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.go...
https://www.google.de/pagead/1p-user-list/1071918522/?random=1702260682288&cv=11&fst=1702260000000&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v811745238&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.goa...

42 B
455 B

38ms
18ms

Image
image/gif

2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1071918522/?random=1702260682288&cv=11&fst=1702260000000&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v811745238&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.goaheadtours.com%2F&frm=0&tiba=Guided%20Tours%20%26%20Group%20Travel%20Tours%20%7C%20EF%20Go%20Ahead%20Tours&is_vtc=1&cid=CAQSKQDICaaN0RstYHtYipbR8WN-kF1AiQrKcfomjWRDKjavjb_ewspTMgoz&random=3512805322&ipr=y

Requested by

Host: www.goaheadtours.com
URL: https://www.goaheadtours.com/

Protocol

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.goaheadtours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 02:11:22 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 11 Dec 2023 02:11:22 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-user-list/1071918522/?random=1702260682288&cv=11&fst=1702260000000&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v811745238&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.goaheadtours.com%2F&frm=0&tiba=Guided%20Tours%20%26%20Group%20Travel%20Tours%20%7C%20EF%20Go%20Ahead%20Tours&is_vtc=1&cid=CAQSKQDICaaN0RstYHtYipbR8WN-kF1AiQrKcfomjWRDKjavjb_ewspTMgoz&random=3512805322&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 api.min.css
a.omappapi.com/app/js/ 10 KB
3 KB 29ms
6ms Stylesheet
text/css 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/api.min.css
Requested by: Host: a.opmnstr.com
URL: https://a.opmnstr.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1081 /
Resource Hash: 85016d81a1b51d8867123c56433b2e638844aac2e3dfe64fd79acc1f11c6f983

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.goaheadtours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 02:11:22 GMT
content-encoding: br
cdn-edgestorageid: 1082
perma-cache: HIT
cdn-storageserver: DE-164
cdn-cachedat: 12/08/2023 16:04:25
cdn-pullzone: 293267
last-modified: Wed, 08 Nov 2023 17:53:44 GMT
server: BunnyCDN-DE1-1081
cdn-fileserver: 728
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"654bcb28-2644"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: c7485a3d854d9b972ac64cd3841d76a7
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 50504 Show response
api.omappapi.com/v2/embed/ 260 KB
39 KB 400ms
347ms XHR
application/json 65.9.86.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.omappapi.com/v2/embed/50504?d=goaheadtours.com
Requested by: Host: a.opmnstr.com
URL: https://a.opmnstr.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.86.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-86-45.ams1.r.cloudfront.net
Software: Pagely Gateway/1.5.1 /
Resource Hash: 12d89f355ea2a70cceeeb47ee8d007442bef0db1d77b4c1425d8d99bdbabb33c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.goaheadtours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 02:11:22 GMT
content-encoding: gzip
via: 1.1 e328b143eb69c36369a2def78300d502.cloudfront.net (CloudFront)
x-cache-config: 0 0
x-amz-cf-pop: AMS1-C1
x-cache-status: HIT
x-cache: Miss from cloudfront
x-optinmonster-account: 56830
x-user-agent: standard--
last-modified: Fri, 01 Dec 2023 18:56:08 GMT
server: Pagely Gateway/1.5.1
etag: W/"6a28ed146c020727b1f5a2da949c9add"
vary: Accept-Encoding, User-Agent
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: X-OptinMonster-Account, X-User-Agent
cache-control: public, max-age=30, stale-while-revalidate=1800
access-control-allow-headers: X-CSRF-Token
x-amz-cf-id: Qyib7kgqaDvz_vbRPz_8zJPhXWyxInDKn3JLbCtfTHae8oZjpK-Aog==
expires: Mon, 11 Dec 2023 01:42:34 GMT

GET
H2 200 dc_pre=CPzTp5qnhoMDFcLVOwIdhNIG2Q;src=10100557;type=sa001;cat=gat_s0;ord=5777833139904;auiddc=*;u3=https%3A%2F%2Fwww.goaheadtours.com%2F;gtm=45He3bt0v811745238;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;u...
adservice.google.com/ddm/fls/z/ Frame 9661 42 B
401 B 68ms
48ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CPzTp5qnhoMDFcLVOwIdhNIG2Q;src=10100557;type=sa001;cat=gat_s0;ord=5777833139904;auiddc=*;u3=https%3A%2F%2Fwww.goaheadtours.com%2F;gtm=45He3bt0v811745238;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.goaheadtours.com%2F

Requested by

Host: 10100557.fls.doubleclick.net
URL: https://10100557.fls.doubleclick.net/activityi;dc_pre=CPzTp5qnhoMDFcLVOwIdhNIG2Q;src=10100557;type=sa001;cat=gat_s0;ord=5777833139904;auiddc=1476295756.1702260682;u3=https%3A%2F%2Fwww.goaheadtours.com%2F;gtm=45He3bt0v811745238;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.goaheadtours.com%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10100557.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 02:11:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pnapi_integration-3.6.22.min.js Show response
solutions.invocacdn.com/js/ 88 KB
27 KB 90ms
23ms Script
text/javascript 18.239.36.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://solutions.invocacdn.com/js/pnapi_integration-3.6.22.min.js
Requested by: Host: www.goaheadtours.com
URL: https://www.goaheadtours.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.36.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-36-27.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c03628d9933445974fb52e2a61530b55bfb27101c25716eb35a031a3a81151c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.goaheadtours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: b5VSbBCvyIgIGi5Q0RGVs6z9CVNIBn3w
content-encoding: br
via: 1.1 05f3f10124c24e16ce708020c976c78a.cloudfront.net (CloudFront)
date: Mon, 11 Dec 2023 02:11:22 GMT
last-modified: Sat, 14 Dec 2019 00:09:15 GMT
server: AmazonS3
x-amz-cf-pop: AMS58-P2
age: 85
etag: W/"96a7261523b2968017c7842b67ae47cf"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-replication-status: COMPLETED
x-amz-cf-id: 7pn_E4lhQvFdDueign-FlD2pxyCtcvnpztLR453vmm759TopCSwLaw==

GET
H2 200 ec.js Show response
www.google-analytics.com/plugins/ua/ 3 KB
1 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.goaheadtours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 01:45:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1532
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1129
x-xss-protection: 0
last-modified: Tue, 27 Jun 2023 17:28:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 11 Dec 2023 02:45:50 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
149 B 13ms
13ms XHR
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=507994896&t=pageview&_s=1&dl=https%3A%2F%2Fwww.goaheadtours.com%2F&ul=en-us&de=UTF-8&dt=Guided%20Tours%20%26%20Group%20Travel%20Tours%20%7C%20EF%20Go%20Ahead%20Tours&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAiEALBAAAACAEK~&jid=1191500014&gjid=312705214&cid=1895333414.1702260683&tid=UA-321712-14&_gid=482350610.1702260683&_slc=1&gtm=45He3bt0n81NDTHZ2Gv811745238&cd8=1702260682283.b5qeaaq&cd10=0&cd13=https%3A%2F%2Fwww.goaheadtours.com%2F&cd18=https%3A%2F%2Fwww.goaheadtours.com%2F&cd20=%20%20&cd22=goaheadtours.com&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cd2=1895333414.1702260683&z=1858820512

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.goaheadtours.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 02:11:22 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.goaheadtours.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
352 B 56ms
19ms XHR
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-321712-14&cid=1895333414.1702260683&jid=1191500014&gjid=312705214&_gid=482350610.1702260683&_u=YGBAiEALBAAAAGAEK~&z=809803467

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.goaheadtours.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 11 Dec 2023 02:11:22 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.goaheadtours.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 6ms
6ms Image
image/gif 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.goaheadtours.com
URL: https://www.goaheadtours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.goaheadtours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 14:22:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 42562
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
257 B 37ms
13ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-LQM236SHEC&gtm=45je3bt0v888938065z8811745238&_p=1702260682102&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1895333414.1702260683&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1702260682&sct=1&seg=0&dl=https%3A%2F%2Fwww.goaheadtours.com%2F&dt=Guided%20Tours%20%26%20Group%20Travel%20Tours%20%7C%20EF%20Go%20Ahead%20Tours&en=page_view&_fv=1&_ss=2&up.pagePath=%2F&up.pageUrl=https%3A%2F%2Fwww.goaheadtours.com%2F&tfd=537
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LQM236SHEC&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.goaheadtours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 02:11:22 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.goaheadtours.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
47 B 38ms
20ms Ping
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-LQM236SHEC&cid=1895333414.1702260683&gtm=45je3bt0v888938065z8811745238&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LQM236SHEC&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.goaheadtours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 02:11:22 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.goaheadtours.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 35ms
14ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-LQM236SHEC&gtm=45je3bt0v888938065z8811745238&_p=1702260682102&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1895333414.1702260683&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1702260682&sct=1&seg=0&dl=https%3A%2F%2Fwww.goaheadtours.com%2F&dt=Guided%20Tours%20%26%20Group%20Travel%20Tours%20%7C%20EF%20Go%20Ahead%20Tours&en=view_item_list&_c=1&_et=2&tfd=540
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LQM236SHEC&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.goaheadtours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 02:11:22 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.goaheadtours.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 34ms
14ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-LQM236SHEC&gtm=45je3bt0v888938065z8811745238&_p=1702260682102&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1895333414.1702260683&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=3&sid=1702260682&sct=1&seg=0&dl=https%3A%2F%2Fwww.goaheadtours.com%2F&dt=Guided%20Tours%20%26%20Group%20Travel%20Tours%20%7C%20EF%20Go%20Ahead%20Tours&en=view_item&_c=1&tfd=541
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LQM236SHEC&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.goaheadtours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 02:11:22 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.goaheadtours.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 21ms
21ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-LQM236SHEC&cid=1895333414.1702260683&gtm=45je3bt0v888938065z8811745238&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=529076473

Requested by

Host: www.goaheadtours.com
URL: https://www.goaheadtours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.goaheadtours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 02:11:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/937035465/ 42 B
108 B 23ms
23ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/937035465/?random=1702260682286&cv=11&fst=1702260000000&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v811745238&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.goaheadtours.com%2F&frm=0&tiba=Guided%20Tours%20%26%20Group%20Travel%20Tours%20%7C%20EF%20Go%20Ahead%20Tours&fmt=3&is_vtc=1&cid=CAQSGwDICaaN_xNgP7_qLLsdprU5IYMBBdu2Ic3MWQ&random=656726350&rmt_tld=0&ipr=y

Requested by

Host: www.goaheadtours.com
URL: https://www.goaheadtours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.goaheadtours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 02:11:22 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/937035465/ 42 B
108 B 19ms
19ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/937035465/?random=1702260682286&cv=11&fst=1702260000000&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v811745238&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.goaheadtours.com%2F&frm=0&tiba=Guided%20Tours%20%26%20Group%20Travel%20Tours%20%7C%20EF%20Go%20Ahead%20Tours&fmt=3&is_vtc=1&cid=CAQSGwDICaaN_xNgP7_qLLsdprU5IYMBBdu2Ic3MWQ&random=656726350&rmt_tld=1&ipr=y

Requested by

Host: www.goaheadtours.com
URL: https://www.goaheadtours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.goaheadtours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 02:11:22 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/951355816/ 42 B
108 B 22ms
22ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/951355816/?random=1702260682288&cv=11&fst=1702260000000&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v811745238&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.goaheadtours.com%2F&frm=0&tiba=Guided%20Tours%20%26%20Group%20Travel%20Tours%20%7C%20EF%20Go%20Ahead%20Tours&fmt=3&is_vtc=1&cid=CAQSGwDICaaNmXBo8ZZwDJKetoQXrN6vZG8_cbfe2g&random=2547717839&rmt_tld=0&ipr=y

Requested by

Host: www.goaheadtours.com
URL: https://www.goaheadtours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.goaheadtours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 02:11:22 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/951355816/ 42 B
108 B 21ms
21ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/951355816/?random=1702260682288&cv=11&fst=1702260000000&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v811745238&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.goaheadtours.com%2F&frm=0&tiba=Guided%20Tours%20%26%20Group%20Travel%20Tours%20%7C%20EF%20Go%20Ahead%20Tours&fmt=3&is_vtc=1&cid=CAQSGwDICaaNmXBo8ZZwDJKetoQXrN6vZG8_cbfe2g&random=2547717839&rmt_tld=1&ipr=y

Requested by

Host: www.goaheadtours.com
URL: https://www.goaheadtours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.goaheadtours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 02:11:22 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 643626722363066 Show response
connect.facebook.net/signals/config/ 133 KB
35 KB 169ms
168ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/643626722363066?v=2.9.138&r=stable&domain=www.goaheadtours.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5a7277a57b25689c813ee9166293fe6b1d68008b20657ad51fb198f7f76ceb38

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.goaheadtours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 11 Dec 2023 02:11:22 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: J39kYLcIKdmpQ+V/nY/oTQDp7EStIVaTYyVZeaYxEYWQL1IBz+D7xzdylO9lc5+/xMD8k21JzVUlCYT8Ovs1Lg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 204 5065967.js Show response
bat.bing.com/p/action/ 0
119 B 83ms
83ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/5065967.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.goaheadtours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Mon, 11 Dec 2023 02:11:21 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: EAFD8B8C89C8403C81AFF9E99CEA9CC1 Ref B: FRA31EDGE0221 Ref C: 2023-12-11T02:11:22Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
285 B 30ms
30ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=5065967&tm=gtm002&Ver=2&mid=ae519ea3-db14-4472-ad0f-13d7a03b8eee&sid=94861f9097ca11ee87035fff05ee259b&vid=948614e097ca11ee9d64cfb6759cc74a&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Guided%20Tours%20%26%20Group%20Travel%20Tours%20%7C%20EF%20Go%20Ahead%20Tours&p=https%3A%2F%2Fwww.goaheadtours.com%2F&r=&lt=368&evt=pageLoad&sv=1&rn=483371

Requested by

Host: www.goaheadtours.com
URL: https://www.goaheadtours.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.goaheadtours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 11 Dec 2023 02:11:21 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 711E4AB464F1412898875FE3483379AE Ref B: FRA31EDGE0221 Ref C: 2023-12-11T02:11:22Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 0835 15 KB
6 KB 40ms
13ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=www.goaheadtours.com&origin=onetag

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4563823fd629a48517c7feb8bf33640e12440e08bdde7a172ce477c2ddfc9c4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.goaheadtours.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 11 Dec 2023 02:11:21 GMT
server: Kestrel
server-processing-duration-in-ticks: 352898
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
x-robots-tag: noindex

GET
H2 200 dc_pre=CKb_ppqnhoMDFUndOwIdBJAFrA;src=6384424;type=us_sa001;cat=us_sa0;ord=6971591685512;auiddc=*;u10=https%3A%2F%2Fwww.goaheadtours.com%2F;gtm=45He3bt0v811745238;gcd=11l1l1l1l1;dma_cps=sypham;dma=...
adservice.google.com/ddm/fls/z/ Frame A60A 42 B
107 B 46ms
46ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CKb_ppqnhoMDFUndOwIdBJAFrA;src=6384424;type=us_sa001;cat=us_sa0;ord=6971591685512;auiddc=*;u10=https%3A%2F%2Fwww.goaheadtours.com%2F;gtm=45He3bt0v811745238;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.goaheadtours.com%2F

Requested by

Host: 6384424.fls.doubleclick.net
URL: https://6384424.fls.doubleclick.net/activityi;dc_pre=CKb_ppqnhoMDFUndOwIdBJAFrA;src=6384424;type=us_sa001;cat=us_sa0;ord=6971591685512;auiddc=1476295756.1702260682;u10=https%3A%2F%2Fwww.goaheadtours.com%2F;gtm=45He3bt0v811745238;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.goaheadtours.com%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6384424.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 02:11:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 main.MTdjYzNiZDU2MQ.js Show response
analytics.tiktok.com/i18n/pixel/static/ 417 KB
108 KB 18ms
18ms Script
application/javascript 184.86.103.203
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MQ.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CCG7A9BC77UB2PF1JQKG&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.86.103.203 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-86-103-203.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 899b480c61ba64c81eca25d7e37c963401ce6521586c6f42b20648597f20acbd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.goaheadtours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-akamai-request-id: 9fa8a9c2
date: Mon, 11 Dec 2023 02:11:22 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20231109073139979A123B9F38C400AA53
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a184-86-102-203.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01ad0fe3057a39a866654985d069e849f52f8394dafdcda3b3c4b02d7f31534a256a855557a0739b4dd04a5e76c4da83bf9d193103726555131a597c9f51b76036d324f01d60a22d460afd88e6308fab03f7ea9ea0be8b1666c9a9b270d5ca1bc3
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=3
content-length: 110292

GET
H2 200 a24099230963.html Show response
a24099230963.cdn.optimizely.com/client_storage/ Frame F65C 3 KB
2 KB 67ms
12ms Document
text/html 184.30.133.160
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://a24099230963.cdn.optimizely.com/client_storage/a24099230963.html

Requested by

Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/25065710806.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.30.133.160 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-133-160.deploy.static.akamaitechnologies.com

Software

AmazonS3 /

Resource Hash

63ead2aaccd136652af7839f4526e58eba88a1434f0447ce8e0e562e4b32b540

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.goaheadtours.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=120
content-encoding: gzip
content-length: 984
content-type: text/html; charset=utf-8
date: Mon, 11 Dec 2023 02:11:22 GMT
etag: "e536ae90ac9cc829d40877da98e3d4a8"
last-modified: Sat, 09 Dec 2023 18:28:03 GMT
server: AmazonS3
server-timing: cdn-cache; desc=HIT edge; dur=3 origin; dur=0 cdn;desc="AkamaiION";dur=0,rtt;desc="6";dur=0,cdnip;desc="184.30.133.160";dur=0,cdnmap;desc="a4343.a.akamaiedge.net";dur=0,proto;desc="h2";dur=0 ak_p; desc="1702260682698_1551596187_191355529_357_1401_6_9_255";dur=1
strict-transport-security: max-age=15768000
vary: Accept-Encoding
x-akamai-transformed: 9 - 0 pmb=mRUM,2
x-amz-id-2: PUhdrFIDPLWx3UwL4gIcmnhEDEz6TrgIchYoteaSj/ZKabmk97IpCqH5IarlGs4Ioqm/LSpnXUI=
x-amz-meta-pci_enabled: False
x-amz-replication-status: PENDING
x-amz-request-id: 56T3RYGNV46S2GTZ
x-amz-server-side-encryption: AES256
x-amz-version-id: wzNGZ6mP6zGp8tBGKSSBIhgHKNX99jaf

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 21ms
20ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-321712-14&cid=1895333414.1702260683&jid=1191500014&_u=YGBAiEALBAAAAGAEK~&z=1095910343

Requested by

Host: www.goaheadtours.com
URL: https://www.goaheadtours.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.goaheadtours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 02:11:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 19ms
18ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-321712-14&cid=1895333414.1702260683&jid=1191500014&_u=YGBAiEALBAAAAGAEK~&z=1095910343

Requested by

Host: www.goaheadtours.com
URL: https://www.goaheadtours.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.goaheadtours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 02:11:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
6ms Image
image/gif 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=507994896&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.goaheadtours.com%2F&ul=en-us&de=UTF-8&dt=Guided%20Tours%20%26%20Group%20Travel%20Tours%20%7C%20EF%20Go%20Ahead%20Tours&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce&ea=eeImpressions&_u=aGDAiEALBAAAAGAMK~&jid=&gjid=&cid=1895333414.1702260683&tid=UA-321712-14&_gid=482350610.1702260683&gtm=45He3bt0n81NDTHZ2Gv811745238&cd8=1702260682530.jteu6ene&cd10=0&cd13=https%3A%2F%2Fwww.goaheadtours.com%2F&cd18=https%3A%2F%2Fwww.goaheadtours.com%2F&cd20=%20%20&cd22=goaheadtours.com&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cd2=1895333414.1702260683&il1nm=slider_&il1pi1id=GIT&il1pi1nm=A%20Week%20in%20Greece%3A%20Athens%2C%20Mykonos%20%26%20Santorini&il1pi1pr=3179&il1pi1ps=0&il1pi1ca=GIT&il1pi2id=VFS&il1pi2nm=A%20Week%20in%20Italy%3A%20Venice%2C%20Florence%20%26%20Rome&il1pi2pr=2749&il1pi2ps=1&il1pi2ca=VFS&il1pi3id=TGI&il1pi3nm=The%20Greek%20Islands%3A%20Mykonos%2C%20Santorini%20%26%20Crete&il1pi3pr=4019&il1pi3ps=2&il1pi3ca=TGI&il1pi4id=LPR&il1pi4nm=London%2C%20Paris%20%26%20Rome&il1pi4pr=3199&il1pi4ps=3&il1pi4ca=LPR&il1pi5id=BES&il1pi5nm=Highlights%20of%20England%2C%20Scotland%20%26%20Ireland&il1pi5pr=3399&il1pi5ps=4&il1pi5ca=BES&il1pi6id=CRP&il1pi6nm=Costa%20Rica%3A%20Rainforests%2C%20Volcanoes%20%26%20Wildlife&il1pi6pr=3279&il1pi6ps=5&il1pi6ca=CRP&z=961302557

Requested by

Host: www.goaheadtours.com
URL: https://www.goaheadtours.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.goaheadtours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 23:04:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 11242
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 9ms
9ms Image
image/gif 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=507994896&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.goaheadtours.com%2F&ul=en-us&de=UTF-8&dt=Guided%20Tours%20%26%20Group%20Travel%20Tours%20%7C%20EF%20Go%20Ahead%20Tours&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Web%20Vitals&ea=FCP&el=148.40000009536743&_u=aGDAiEALBAAAAGAMK~&jid=&gjid=&cid=1895333414.1702260683&tid=UA-321712-14&_gid=482350610.1702260683&gtm=45He3bt0n81NDTHZ2Gv811745238&cd8=1702260682537.5jyacq3&cd10=0&cd13=https%3A%2F%2Fwww.goaheadtours.com%2F&cd18=https%3A%2F%2Fwww.goaheadtours.com%2F&cd20=%20%20&cd22=goaheadtours.com&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cd2=1895333414.1702260683&il1nm=slider_&il1pi1id=GIT&il1pi1nm=A%20Week%20in%20Greece%3A%20Athens%2C%20Mykonos%20%26%20Santorini&il1pi1pr=3179&il1pi1ps=0&il1pi1ca=GIT&il1pi2id=VFS&il1pi2nm=A%20Week%20in%20Italy%3A%20Venice%2C%20Florence%20%26%20Rome&il1pi2pr=2749&il1pi2ps=1&il1pi2ca=VFS&il1pi3id=TGI&il1pi3nm=The%20Greek%20Islands%3A%20Mykonos%2C%20Santorini%20%26%20Crete&il1pi3pr=4019&il1pi3ps=2&il1pi3ca=TGI&il1pi4id=LPR&il1pi4nm=London%2C%20Paris%20%26%20Rome&il1pi4pr=3199&il1pi4ps=3&il1pi4ca=LPR&il1pi5id=BES&il1pi5nm=Highlights%20of%20England%2C%20Scotland%20%26%20Ireland&il1pi5pr=3399&il1pi5ps=4&il1pi5ca=BES&il1pi6id=CRP&il1pi6nm=Costa%20Rica%3A%20Rainforests%2C%20Volcanoes%20%26%20Wildlife&il1pi6pr=3279&il1pi6ps=5&il1pi6ca=CRP&z=1434757081

Requested by

Host: www.goaheadtours.com
URL: https://www.goaheadtours.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.goaheadtours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 23:04:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 11242
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 0835
Redirect Chain

https://gum.criteo.com/sid/json?origin=onetag&domain=goaheadtours.com&sn=ChromeSyncframe&so=0&topUrl=www.goaheadtours.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=rOirjHxSZDB5Z2cxalh4SG5qc0JRalk4djlLYnJXNkltWWRrK1dvS2xLWVQvTm0wOVJnTkNWL0hSbTdIbHJ4WUJUYmNaeHZja2hHRXdHeWswTkZqaExRU29xV0QwZHpQeE9pUUxnSGtLSmgzeFkvS0R4MUV5bXFFVTNZb1...

462 B
679 B

15ms
15ms

Fetch
application/json

2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=rOirjHxSZDB5Z2cxalh4SG5qc0JRalk4djlLYnJXNkltWWRrK1dvS2xLWVQvTm0wOVJnTkNWL0hSbTdIbHJ4WUJUYmNaeHZja2hHRXdHeWswTkZqaExRU29xV0QwZHpQeE9pUUxnSGtLSmgzeFkvS0R4MUV5bXFFVTNZb1RCdmEzbjNJSnlZd1QxSXZWVVV6K1pqUkJ4U3QzRlZxNVZrdzQ4SXJOd0FrVGVjajcrckxTQ0FQUEVFU1gvT0tMckhGcmpNVDdncTVqa1FqUGxvT3dtN2QxcEt5MjJYL2hZV3p0OWNYTjVkYktOeTRXem93cjl2cUpDTEVVTWVYVTkwbE93bGRYa3hxRmQvYTdyUFRYc3dySEIrQ2VtNitkYVVWcUIybzFLSUwyUTR1RUtQVT18&cppv=2

Requested by

Host: www.goaheadtours.com
URL: https://www.goaheadtours.com/

Protocol

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

0b33a288581a9eab8478805d7fea9af598bc706bbe0d550fc1935994f45f0685

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 02:11:22 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1673918
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 11 Dec 2023 02:11:22 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=rOirjHxSZDB5Z2cxalh4SG5qc0JRalk4djlLYnJXNkltWWRrK1dvS2xLWVQvTm0wOVJnTkNWL0hSbTdIbHJ4WUJUYmNaeHZja2hHRXdHeWswTkZqaExRU29xV0QwZHpQeE9pUUxnSGtLSmgzeFkvS0R4MUV5bXFFVTNZb1RCdmEzbjNJSnlZd1QxSXZWVVV6K1pqUkJ4U3QzRlZxNVZrdzQ4SXJOd0FrVGVjajcrckxTQ0FQUEVFU1gvT0tMckhGcmpNVDdncTVqa1FqUGxvT3dtN2QxcEt5MjJYL2hZV3p0OWNYTjVkYktOeTRXem93cjl2cUpDTEVVTWVYVTkwbE93bGRYa3hxRmQvYTdyUFRYc3dySEIrQ2VtNitkYVVWcUIybzFLSUwyUTR1RUtQVT18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 219553
content-length: 0
expires: 0

GET
H2 200 tag-live.js Show response
solutions.invocacdn.com/js/networks/1403/0551656185/ 3 KB
1 KB 22ms
22ms Script
text/javascript 18.239.36.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://solutions.invocacdn.com/js/networks/1403/0551656185/tag-live.js
Requested by: Host: solutions.invocacdn.com
URL: https://solutions.invocacdn.com/js/pnapi_integration-3.6.22.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.36.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-36-27.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5b7cf5a2660fb33477f53ab0b83471c49b60e3c7a324f3122fc1fe88ec1440dc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.goaheadtours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: YdAJi8KFnkjmCYXujrCfIYcB_YG67gwF
content-encoding: br
via: 1.1 05f3f10124c24e16ce708020c976c78a.cloudfront.net (CloudFront)
date: Mon, 11 Dec 2023 02:11:22 GMT
last-modified: Wed, 10 Feb 2021 16:13:36 GMT
server: AmazonS3
x-amz-cf-pop: AMS58-P2
age: 82
etag: W/"565280218e7a2bba54c932f3c8dc68d8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=300
x-amz-replication-status: COMPLETED
x-amz-cf-id: xPpBd49kGhm75V8RSi1ZQrVsvUnMPmUPGc2HU73yGp449KPDpItmrA==

GET
H2 200 identify_bb163.js Show response
analytics.tiktok.com/i18n/pixel/static/ 135 KB
36 KB 9ms
9ms Script
application/javascript 184.86.103.203
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_bb163.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.86.103.203 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-86-103-203.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a1d4b01843b9dad68a10bba7ab416fb60cbe6052a223f6bd74cbad286b812b2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.goaheadtours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-akamai-request-id: 9fa8aa54
date: Mon, 11 Dec 2023 02:11:22 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20231109073134C5E8A01497578CF78242
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a184-86-102-203.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 011f45ff8dacec6c1718e025f9ab6953549d76c6566c838906835a80ea08a84d13ae36cd6cfc72682c6e53053a106593b54114139b82a52860c456fdee9d99d595f6a60b163c55e1e19e9525769c0587b3ca6df4c0230b5bd69e913881dd40a0b0
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=3
content-length: 36081

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
845 B 177ms
177ms Ping
text/plain 184.86.103.203
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.86.103.203 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-86-103-203.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.goaheadtours.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: df756388.9fa8aa86
date: Mon, 11 Dec 2023 02:11:22 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-23121102112253682330DAF8CB8C735C-63BD6B604B0760C7-00
x-cache: TCP_MISS from a184-86-102-203.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
x-parent-response-time: 163,184.86.102.203
server-timing: cdn-cache; desc=MISS, edge; dur=89, origin; dur=79, inner; dur=75
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 2023121102112253682330DAF8CB8C735C
x-cache-remote: TCP_MISS from a23-48-100-71.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 79,23.48.100.71
x-tt-trace-host: 01d6b83cef2b28e4aa36819906b3329808560f4cbf14a9524241acd7ffda08a2c909f8df90a4738c035f68d5c2fd9f8308c517b7d1e6d83acf37a241388076cdd24932b9c28beefc78774dfb379e5f55d57e46f24d3fa13b41022b6e6a0901f41f1f34ca806ccbaf3f0bb153918b9f0d39
access-control-allow-headers: Authorization,*
expires: Mon, 11 Dec 2023 02:11:22 GMT

GET
H/1.1 200
OK is Show response
3.212.39.155/ 32 B
437 B 367ms
95ms Fetch
text/plain 3.212.39.155
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://3.212.39.155/is
Requested by: Host: dx.mountain.com
URL: https://dx.mountain.com/spx?dxver=4.0.0&shaid=33640&tdr=&plh=https%3A%2F%2Fwww.goaheadtours.com%2F&cb=39946794955490424term=value
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.212.39.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-212-39-155.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: 10063453da71e51e08622944ba9ffc770fa783c49fbb96134ebf6c5396552f3c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.goaheadtours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 02:11:23 GMT
server: istio-envoy
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain;charset=utf-8
access-control-allow-origin: *
x-envoy-upstream-service-time: 2
connection: close
access-control-allow-headers: Accept, Content-Type, x-requested-with, X-Custom-Header
content-length: 32
x-application-context: application:prod:8080

GET
H2

200

event Show response
widget.us.criteo.com/
Redirect Chain

https://sslwidget.criteo.com/event?a=95679&v=5.20.0&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=j_Ooz19maHpCWDZtOU50RzUlMkYlMkZ1bTFRNHdmU0x3R243aXY3dkZL...
https://widget.us.criteo.com/event?a=95679&v=5.20.0&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=j_Ooz19maHpCWDZtOU50RzUlMkYlMkZ1bTFRNHdmU0x3R243aXY3dkZL...

10 KB
5 KB

306ms
118ms

Script
application/x-javascript

74.119.119.150
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.us.criteo.com/event?a=95679&v=5.20.0&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=j_Ooz19maHpCWDZtOU50RzUlMkYlMkZ1bTFRNHdmU0x3R243aXY3dkZLYUgzSWZ1OWxNSWozam1pMFB1MllIOUpHRm9vZ0pBSkJHSjZQQThmdWVyZVJpYyUyRlp0N1F6MDFCT0lmUGhjUjB5QiUyRmJZZ0s3YXQ3dzRhb3BQWFl3R3lTd3lmazlYSGl2V3kwSmtQUyUyQnBZbFZpR2xVZ2VyY0lweG9xYnJBSjlQNUFoc3BuRVhJJTJCQkUlM0Q&tld=goaheadtours.com&fu=https%253A%252F%252Fwww.goaheadtours.com%252F&ceid=4c082d1d-312c-4c65-992b-02d0f95f24a8&dtycbr=38358

Requested by

Host: www.goaheadtours.com
URL: https://www.goaheadtours.com/

Protocol

Server

74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

fe7788f8afdd9dc9a0533007e8c5f173b1c753253494a03170ccd9333c6a5ce2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.goaheadtours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 02:11:22 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Kestrel
content-type: application/x-javascript
access-control-allow-origin: *
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 26607143
timing-allow-origin: *
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 11 Dec 2023 02:11:22 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Kestrel
access-control-allow-origin: *
location: https://widget.us.criteo.com/event?a=95679&v=5.20.0&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=j_Ooz19maHpCWDZtOU50RzUlMkYlMkZ1bTFRNHdmU0x3R243aXY3dkZLYUgzSWZ1OWxNSWozam1pMFB1MllIOUpHRm9vZ0pBSkJHSjZQQThmdWVyZVJpYyUyRlp0N1F6MDFCT0lmUGhjUjB5QiUyRmJZZ0s3YXQ3dzRhb3BQWFl3R3lTd3lmazlYSGl2V3kwSmtQUyUyQnBZbFZpR2xVZ2VyY0lweG9xYnJBSjlQNUFoc3BuRVhJJTJCQkUlM0Q&tld=goaheadtours.com&fu=https%253A%252F%252Fwww.goaheadtours.com%252F&ceid=4c082d1d-312c-4c65-992b-02d0f95f24a8&dtycbr=38358
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 13296359
timing-allow-origin: *
content-length: 0
expires: 0

GET
H/1.1 200
OK tv2track.php
collector-30678.us.tvsquared.com/ 42 B
276 B 100ms
100ms Image
image/gif 3.17.53.221
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://collector-30678.us.tvsquared.com/tv2track.php?action_name=Guided%20Tours%20%26%20Group%20Travel%20Tours%20%7C%20EF%20Go%20Ahead%20Tours&idsite=TV-6390362718-1&rec=1&r=742993&h=3&m=11&s=22&url=https%3A%2F%2Fwww.goaheadtours.com%2F&_id=10b20c0a935f7602&_idts=1702260683&_idvc=0&_idn=1&_viewts=&pdf=1&qt=0&realp=0&wma=0&dir=0&fla=0&java=0&gears=0&ag=0&cookie=1&res=1600x1200&gt_ms=26
Requested by: Host: www.goaheadtours.com
URL: https://www.goaheadtours.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.17.53.221 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-17-53-221.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: f0c71e3da5b3fcab3c66af1cf0cdbf262c97b9330b7b37116f1ae2ab18bdc660

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.goaheadtours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

P3p: CP='OTI DSP COR NID STP UNI OTPa OUR'
Date: Mon, 11 Dec 2023 02:11:22 GMT
Server: nginx
Connection: keep-alive
Request-Id: 9d3371f8-2583-468b-8299-8beeb447cf25
Content-Length: 42
Content-Type: image/gif

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 30ms
7ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=643626722363066&ev=PageView&dl=https%3A%2F%2Fwww.goaheadtours.com%2F&rl=&if=false&ts=1702260682760&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1702260682759.1159458134&ler=empty&it=1702260682579&coo=false&rqm=GET

Requested by

Host: www.goaheadtours.com
URL: https://www.goaheadtours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.goaheadtours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 11 Dec 2023 02:11:22 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 5.c3191d3c.min.js Show response
a.opmnstr.com/app/js/ 16 KB
6 KB 7ms
6ms Script
application/javascript 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.opmnstr.com/app/js/5.c3191d3c.min.js
Requested by: Host: a.opmnstr.com
URL: https://a.opmnstr.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1081 /
Resource Hash: 745b79544835c8ee16198c039bdde0b6ec42333c0f830df5770bd4dcd60a6ac6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.goaheadtours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 02:11:22 GMT
content-encoding: br
cdn-edgestorageid: 1081
perma-cache: HIT
cdn-storageserver: DE-677
cdn-cachedat: 12/08/2023 16:04:25
cdn-pullzone: 293267
last-modified: Wed, 25 Oct 2023 17:45:58 GMT
server: BunnyCDN-DE1-1081
cdn-fileserver: 709
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"65395456-4146"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 5728c33455b8aeb5809b717617f352ea
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 4.1dae6b4d.min.js Show response
a.opmnstr.com/app/js/ 48 KB
14 KB 6ms
6ms Script
application/javascript 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.opmnstr.com/app/js/4.1dae6b4d.min.js
Requested by: Host: a.opmnstr.com
URL: https://a.opmnstr.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1081 /
Resource Hash: 8d7293476de0d15a9417a6f896f642845e90a174c74455e095f5f9a69768b51c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.goaheadtours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 02:11:22 GMT
content-encoding: br
cdn-edgestorageid: 1081
perma-cache: HIT
cdn-storageserver: DE-662
cdn-cachedat: 12/08/2023 16:04:25
cdn-pullzone: 293267
last-modified: Wed, 01 Nov 2023 17:12:10 GMT
server: BunnyCDN-DE1-1081
cdn-fileserver: 599
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"654286ea-c029"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: df18b152a7423ff25260f1f3aeefd1a2
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 13.a43c3690.min.js Show response
a.opmnstr.com/app/js/ 3 KB
2 KB 6ms
6ms Script
application/javascript 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.opmnstr.com/app/js/13.a43c3690.min.js
Requested by: Host: a.opmnstr.com
URL: https://a.opmnstr.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1081 /
Resource Hash: e89767a717d5fa04154ca21c66d1d96e7a5d3844875f0083f6bf400f2441d297

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.goaheadtours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 02:11:22 GMT
content-encoding: br
cdn-edgestorageid: 1080
perma-cache: HIT
cdn-storageserver: DE-680
cdn-cachedat: 12/08/2023 16:04:25
cdn-pullzone: 293267
last-modified: Mon, 18 Sep 2023 16:47:35 GMT
server: BunnyCDN-DE1-1081
cdn-fileserver: 588
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"65087f27-af0"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: d54423fd7b0216d3db4fbead9e4dda9c
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 19.b93023b7.min.js Show response
a.opmnstr.com/app/js/ 4 KB
3 KB 7ms
6ms Script
application/javascript 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.opmnstr.com/app/js/19.b93023b7.min.js
Requested by: Host: a.opmnstr.com
URL: https://a.opmnstr.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1081 /
Resource Hash: 263c3a799ea39e2db3c3347bab23a9f98990d9d9633d2d8b833d8766c3dc2b36

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.goaheadtours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 02:11:22 GMT
content-encoding: br
cdn-edgestorageid: 1080
perma-cache: HIT
cdn-storageserver: DE-587
cdn-cachedat: 12/08/2023 16:04:25
cdn-pullzone: 293267
last-modified: Mon, 18 Sep 2023 16:47:40 GMT
server: BunnyCDN-DE1-1081
cdn-fileserver: 587
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"65087f2c-10b0"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: fe52ee3ee7907d3d64c6baae36761b2d
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 27.78393e5b.min.js Show response
a.opmnstr.com/app/js/ 6 KB
3 KB 7ms
7ms Script
application/javascript 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.opmnstr.com/app/js/27.78393e5b.min.js
Requested by: Host: a.opmnstr.com
URL: https://a.opmnstr.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1081 /
Resource Hash: 5405f21fd05a73a76a85b2021b366df4dcd00dd93ad956d671776622ea5e1ffc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.goaheadtours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 02:11:22 GMT
content-encoding: br
cdn-edgestorageid: 1081
perma-cache: HIT
cdn-storageserver: DE-680
cdn-cachedat: 12/08/2023 16:04:25
cdn-pullzone: 293267
last-modified: Mon, 18 Sep 2023 16:47:43 GMT
server: BunnyCDN-DE1-1081
cdn-fileserver: 587
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"65087f2f-1973"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 9de0bde8769b0b23dcd2cd799b9a0177
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 32.b9065693.min.js Show response
a.opmnstr.com/app/js/ 11 KB
5 KB 8ms
7ms Script
application/javascript 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.opmnstr.com/app/js/32.b9065693.min.js
Requested by: Host: a.opmnstr.com
URL: https://a.opmnstr.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1081 /
Resource Hash: 978277c7385002bbd8eca4f51d7bdac7424ef8c6d267066e36b018b25bf88f7a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.goaheadtours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 02:11:22 GMT
content-encoding: br
cdn-edgestorageid: 1080
perma-cache: HIT
cdn-storageserver: DE-662
cdn-cachedat: 12/08/2023 16:04:25
cdn-pullzone: 293267
last-modified: Mon, 18 Sep 2023 16:47:33 GMT
server: BunnyCDN-DE1-1081
cdn-fileserver: 587
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"65087f25-2c41"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: c86051d29235c1c411e4849b87e25651
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 10.970fc188.min.js Show response
a.opmnstr.com/app/js/ 33 KB
10 KB 8ms
8ms Script
application/javascript 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.opmnstr.com/app/js/10.970fc188.min.js
Requested by: Host: a.opmnstr.com
URL: https://a.opmnstr.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1081 /
Resource Hash: 17c637303b3f9d684a1cd953b7999c1c75dc76b644a82dccf29303710d3990af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.goaheadtours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 02:11:22 GMT
content-encoding: br
cdn-edgestorageid: 1081
perma-cache: HIT
cdn-storageserver: DE-680
cdn-cachedat: 12/08/2023 16:04:25
cdn-pullzone: 293267
last-modified: Wed, 01 Nov 2023 17:12:12 GMT
server: BunnyCDN-DE1-1081
cdn-fileserver: 587
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"654286ec-82ae"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: bc0ce19771179f19a4f577b03b0c511c
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 0.514c5def.min.js Show response
a.opmnstr.com/app/js/ 7 KB
3 KB 9ms
8ms Script
application/javascript 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.opmnstr.com/app/js/0.514c5def.min.js
Requested by: Host: a.opmnstr.com
URL: https://a.opmnstr.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1081 /
Resource Hash: a0746aee5a2b0032d3d664b8383d97bb3e1f0dce11ececfa1258072a704b1a72

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.goaheadtours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 02:11:22 GMT
content-encoding: br
cdn-edgestorageid: 1081
perma-cache: HIT
cdn-storageserver: DE-680
cdn-cachedat: 12/08/2023 16:04:25
cdn-pullzone: 293267
last-modified: Mon, 18 Sep 2023 16:47:37 GMT
server: BunnyCDN-DE1-1081
cdn-fileserver: 383
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"65087f29-1d49"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: cd1f8b46a5a36cde2e393cf3036e62e6
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 9.c66ab701.min.js Show response
a.opmnstr.com/app/js/ 2 KB
2 KB 9ms
9ms Script
application/javascript 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.opmnstr.com/app/js/9.c66ab701.min.js
Requested by: Host: a.opmnstr.com
URL: https://a.opmnstr.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1081 /
Resource Hash: 8ad9a6bcdc20b0bb29576b861332e7b11719bd11af68024d7676724574070f05

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.goaheadtours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 02:11:22 GMT
content-encoding: br
cdn-edgestorageid: 1080
perma-cache: HIT
cdn-storageserver: DE-661
cdn-cachedat: 12/08/2023 16:04:25
cdn-pullzone: 293267
last-modified: Mon, 18 Sep 2023 18:28:00 GMT
server: BunnyCDN-DE1-1081
cdn-fileserver: 599
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"650896b0-879"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: bc006f6328524d06f09685621f30ad8b
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 11.38e902ad.min.js Show response
a.opmnstr.com/app/js/ 3 KB
2 KB 10ms
9ms Script
application/javascript 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.opmnstr.com/app/js/11.38e902ad.min.js
Requested by: Host: a.opmnstr.com
URL: https://a.opmnstr.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1081 /
Resource Hash: c110d3e795d9bcb956d5c9ef500d23c7e480a259519d383d5c626293ee413815

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.goaheadtours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 02:11:22 GMT
content-encoding: br
cdn-edgestorageid: 1081
perma-cache: HIT
cdn-storageserver: DE-662
cdn-cachedat: 12/08/2023 16:04:25
cdn-pullzone: 293267
last-modified: Mon, 18 Sep 2023 16:47:37 GMT
server: BunnyCDN-DE1-1081
cdn-fileserver: 383
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"65087f29-a40"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 145ac8a69c0a17918e6352c01d205015
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 28.377be946.min.js Show response
a.opmnstr.com/app/js/ 3 KB
2 KB 11ms
10ms Script
application/javascript 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.opmnstr.com/app/js/28.377be946.min.js
Requested by: Host: a.opmnstr.com
URL: https://a.opmnstr.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1081 /
Resource Hash: 8f927cd54d7ef0ffd667f6537f9a9f3ef56fd8f86b32c8dfd534c29da2f2242a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.goaheadtours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 02:11:22 GMT
content-encoding: br
cdn-edgestorageid: 1082
perma-cache: HIT
cdn-storageserver: DE-679
cdn-cachedat: 12/08/2023 16:04:25
cdn-pullzone: 293267
last-modified: Mon, 18 Sep 2023 16:47:51 GMT
server: BunnyCDN-DE1-1081
cdn-fileserver: 383
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"65087f37-d7b"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: a5db6d23f12c64c202c161cec6505c03
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 26.1898e425.min.js Show response
a.opmnstr.com/app/js/ 2 KB
1 KB 10ms
10ms Script
application/javascript 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.opmnstr.com/app/js/26.1898e425.min.js
Requested by: Host: a.opmnstr.com
URL: https://a.opmnstr.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1081 /
Resource Hash: c6fd60d4ecfcac36ecdcb7456ecf170d8eef75c883a1e34a4dd7855d23966cd2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.goaheadtours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 02:11:22 GMT
content-encoding: br
cdn-edgestorageid: 1081
perma-cache: HIT
cdn-storageserver: DE-165
cdn-cachedat: 12/08/2023 16:04:25
cdn-pullzone: 293267
last-modified: Mon, 18 Sep 2023 16:47:40 GMT
server: BunnyCDN-DE1-1081
cdn-fileserver: 588
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"65087f2c-6b6"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 93016f0c1acae68a87ae376d01763c49
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 16.0e435a6f.min.js Show response
a.opmnstr.com/app/js/ 1 KB
1 KB 11ms
11ms Script
application/javascript 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.opmnstr.com/app/js/16.0e435a6f.min.js
Requested by: Host: a.opmnstr.com
URL: https://a.opmnstr.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1081 /
Resource Hash: c4fbf61bcc8a017d5d9cd2d95105bf88005bc0a3b6c18be6bfee8fc94d0adf52

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.goaheadtours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 02:11:22 GMT
content-encoding: br
cdn-edgestorageid: 1080
perma-cache: HIT
cdn-storageserver: DE-168
cdn-cachedat: 12/08/2023 16:04:25
cdn-pullzone: 293267
last-modified: Mon, 18 Sep 2023 16:47:35 GMT
server: BunnyCDN-DE1-1081
cdn-fileserver: 383
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"65087f27-51f"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 3ca971f9b716c39e8a73fbdf07f638d9
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 1.ea963399.min.js Show response
a.opmnstr.com/app/js/ 11 KB
3 KB 12ms
11ms Script
application/javascript 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.opmnstr.com/app/js/1.ea963399.min.js
Requested by: Host: a.opmnstr.com
URL: https://a.opmnstr.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1081 /
Resource Hash: 6507a044d207a767ec2971e891b149b58d6d32a6ee1b18068a6d6dd36bc5fa9a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.goaheadtours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 02:11:22 GMT
content-encoding: br
cdn-edgestorageid: 1080
perma-cache: HIT
cdn-storageserver: DE-680
cdn-cachedat: 12/08/2023 16:04:25
cdn-pullzone: 293267
last-modified: Mon, 18 Sep 2023 16:47:50 GMT
server: BunnyCDN-DE1-1081
cdn-fileserver: 587
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"65087f36-2abc"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 3ca29496204914811397f0a2e8815873
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 21.5aa698b1.min.js Show response
a.opmnstr.com/app/js/ 2 KB
2 KB 12ms
12ms Script
application/javascript 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.opmnstr.com/app/js/21.5aa698b1.min.js
Requested by: Host: a.opmnstr.com
URL: https://a.opmnstr.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1081 /
Resource Hash: 5c756ba00bc22ff5690e08fc74aa2c70cde9b692a4acb7ca813a9dc7168c27d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.goaheadtours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 02:11:22 GMT
content-encoding: br
cdn-edgestorageid: 1082
perma-cache: HIT
cdn-storageserver: DE-587
cdn-cachedat: 12/08/2023 16:04:25
cdn-pullzone: 293267
last-modified: Mon, 18 Sep 2023 16:47:35 GMT
server: BunnyCDN-DE1-1081
cdn-fileserver: 599
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"65087f27-81f"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: b4edbef1a2f38a4fd2652d4390fdfcaf
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 20.1d4b97e9.min.js Show response
a.opmnstr.com/app/js/ 4 KB
2 KB 12ms
12ms Script
application/javascript 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.opmnstr.com/app/js/20.1d4b97e9.min.js
Requested by: Host: a.opmnstr.com
URL: https://a.opmnstr.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1081 /
Resource Hash: e1b149f9dffc3130750034a65c4a1d2cbefe7ffcef67fcb368f292a065aabeef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.goaheadtours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 02:11:22 GMT
content-encoding: br
cdn-edgestorageid: 1082
perma-cache: HIT
cdn-storageserver: DE-663
cdn-cachedat: 12/08/2023 16:04:25
cdn-pullzone: 293267
last-modified: Mon, 18 Sep 2023 16:47:38 GMT
server: BunnyCDN-DE1-1081
cdn-fileserver: 587
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"65087f2a-1062"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: e9f0a2f771c476425f99d01016994dc0
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 17.24171f7e.min.js Show response
a.opmnstr.com/app/js/ 975 B
1 KB 11ms
11ms Script
application/javascript 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.opmnstr.com/app/js/17.24171f7e.min.js
Requested by: Host: a.opmnstr.com
URL: https://a.opmnstr.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1081 /
Resource Hash: 228739c5660b9818a95c3b2c13f6c65cf4364f871c0cde499446c985be07a682

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.goaheadtours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 02:11:22 GMT
content-encoding: br
cdn-edgestorageid: 1080
perma-cache: HIT
cdn-storageserver: DE-676
cdn-cachedat: 12/08/2023 16:04:25
cdn-pullzone: 293267
last-modified: Tue, 12 Sep 2023 04:06:13 GMT
server: BunnyCDN-DE1-1081
cdn-fileserver: 599
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"64ffe3b5-3cf"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: b1a011bef070f505c628e5b3a3b1947d
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 25.f2bef543.min.js Show response
a.opmnstr.com/app/js/ 3 KB
2 KB 10ms
10ms Script
application/javascript 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.opmnstr.com/app/js/25.f2bef543.min.js
Requested by: Host: a.opmnstr.com
URL: https://a.opmnstr.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1081 /
Resource Hash: 5af0576ae4724a12d65aa86acc4231c868e4e6087c87a0b57243c6ca6dd5b67c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.goaheadtours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 02:11:22 GMT
content-encoding: br
cdn-edgestorageid: 1082
perma-cache: HIT
cdn-storageserver: DE-51
cdn-cachedat: 12/08/2023 16:04:25
cdn-pullzone: 293267
last-modified: Mon, 18 Sep 2023 16:47:39 GMT
server: BunnyCDN-DE1-1081
cdn-fileserver: 383
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"65087f2b-d0a"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: cb029555b52d40a5427f5371dc398fdb
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 css2
fonts.googleapis.com/ 4 KB
644 B 37ms
17ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat%3Aital%2Cwght%400%2C400%3B0%2C500&display=swap

Requested by

Host: a.opmnstr.com
URL: https://a.opmnstr.com/app/js/4.1dae6b4d.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

211d8c9dcccd319acbdaa1d751176ecf1a44a82b9df56050f29e4a06502b007d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.goaheadtours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 11 Dec 2023 02:11:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 11 Dec 2023 02:11:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 11 Dec 2023 02:11:22 GMT

GET
H2 200 css2
fonts.googleapis.com/ 6 KB
766 B 32ms
24ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans%3Aital%2Cwght%400%2C400%3B0%2C600&display=swap

Requested by

Host: a.opmnstr.com
URL: https://a.opmnstr.com/app/js/4.1dae6b4d.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8a5471e7115bde2b91f8be92a788450b08b18f306ef7a2dce93064bafb3f93d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.goaheadtours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 11 Dec 2023 02:11:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 11 Dec 2023 02:11:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 11 Dec 2023 02:11:22 GMT

GET
H2 200 css2
fonts.googleapis.com/ 3 KB
1 KB 25ms
16ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans%3Aital%2Cwght%400%2C500&display=swap

Requested by

Host: a.opmnstr.com
URL: https://a.opmnstr.com/app/js/4.1dae6b4d.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e12ba0c7fdf697f51afcc060e5c7a62be776fe9c631bb714964e15e4f65ddae6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.goaheadtours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 11 Dec 2023 02:11:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 11 Dec 2023 02:11:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 11 Dec 2023 02:11:22 GMT

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjr0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v36/ 18 KB
18 KB 41ms
19ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v36/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjr0B4gaVI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans%3Aital%2Cwght%400%2C500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55d6f41fd18bcaa57afb4edbc8e4465e792fedc842111c787ad52bfb82231693

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.goaheadtours.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 01:12:30 GMT
x-content-type-options: nosniff
age: 262732
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18740
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 01:36:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Dec 2024 01:12:30 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 32 KB
33 KB 27ms
7ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat%3Aital%2Cwght%400%2C400%3B0%2C500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.goaheadtours.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 07:18:49 GMT
x-content-type-options: nosniff
age: 154353
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33092
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 08 Dec 2024 07:18:49 GMT

POST
H2 200 act
analytics.tiktok.com/api/v2/pixel/ 0
842 B 152ms
152ms Ping
text/plain 184.86.103.203
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel/act
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.86.103.203 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-86-103-203.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.goaheadtours.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: ed024493.9fa8ac05
date: Mon, 11 Dec 2023 02:11:23 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-23121102112252A8E44ED042EFAD38AC-1B95D053500C6682-00
x-cache: TCP_MISS from a184-86-102-203.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
x-parent-response-time: 131,184.86.102.203
server-timing: cdn-cache; desc=MISS, edge; dur=96, origin; dur=43, inner; dur=39
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 2023121102112252A8E44ED042EFAD38AC
x-cache-remote: TCP_MISS from a23-48-100-68.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 43,23.48.100.68
x-tt-trace-host: 01d6b83cef2b28e4aa36819906b3329808560f4cbf14a9524241acd7ffda08a2c9128de5a3f8f0dc321e2a272652f6d8be13869aef62cde402e510329c88bae995db967b15b25fdfa2e4674b3b95278818e0442edc750b62232cacc5cc6980a4dec2837ee05e4018516777c0ada23d766e
access-control-allow-headers: Authorization,*
expires: Mon, 11 Dec 2023 02:11:23 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v36/ 47 KB
47 KB 23ms
13ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans%3Aital%2Cwght%400%2C400%3B0%2C600&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.goaheadtours.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:08:30 GMT
x-content-type-options: nosniff
age: 219772
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48432
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 00:40:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Dec 2024 13:08:30 GMT

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame 851C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-mbeshQXrZvJXwT5Qjfzual_OtauOX7LtmkAomw&google_cm&google_hm=ay1tYmVzaFFYclp2Slh3VDVRamZ6dWFsX090YXVPWDdMd...
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-mbeshQXrZvJXwT5Qjfzual_OtauOX7LtmkAomw&google_gid=CAESEBnz2-5A0fyRi6QGnCA1jio&google_cver=1&google_ula=913071,0

43 B
369 B

14ms
13ms

Image
image/gif

178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-mbeshQXrZvJXwT5Qjfzual_OtauOX7LtmkAomw&google_gid=CAESEBnz2-5A0fyRi6QGnCA1jio&google_cver=1&google_ula=913071,0

Protocol

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 02:11:22 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 541059
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 11 Dec 2023 02:11:23 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-mbeshQXrZvJXwT5Qjfzual_OtauOX7LtmkAomw&google_gid=CAESEBnz2-5A0fyRi6QGnCA1jio&google_cver=1&google_ula=913071,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 398
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sync
x.bidswitch.net/ Frame 851C 43 B
146 B 29ms
7ms Image
image/gif 3.124.69.248
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=46&user_id=k-WaqEdQXrZvJXwT5Qjfzual_OtatvRc53w15gvQ&expires=30
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.69.248 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-69-248.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 02:11:23 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame 851C
Redirect Chain

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=6214389574145634159

43 B
370 B

14ms
13ms

Image
image/gif

178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=6214389574145634159

Protocol

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 02:11:23 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1605021
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 11 Dec 2023 02:11:23 GMT
an-x-request-uuid: 9122f1cc-52d5-4a59-81ea-7a7284d20b0a
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=6214389574145634159
x-proxy-origin: 80.255.10.198; 80.255.10.198; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 cksync.php
contextual.media.net/ Frame 851C 53 B
783 B 54ms
31ms Image
image/gif 104.79.88.129
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-csjOmAXrZvJXwT5Qjfzual_OtauLrl6-VnDhDA

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.79.88.129 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-79-88-129.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Mon, 11 Dec 2023 02:11:23 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 53
x-mnet-hl2: E
expires: Mon, 11 Dec 2023 02:11:23 GMT

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame 851C 0
239 B 57ms
9ms Image
image/gif 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-WINWogXrZvJXwT5Qjfzual_OtasAlPI_ecsTDA&expires=30
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 28e1e7d28d06b07ec669bc9e43057b8e
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame 851C 43 B
163 B 78ms
17ms Image
image/gif 185.86.138.153
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-YwHTCAXrZvJXwT5Qjfzual_OtauhezTu0jGowA
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.153 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 02:11:22 GMT
transfer-encoding: chunked
content-type: image/gif

GET
H2 200 um
criteo-sync.teads.tv/ Frame 851C 23 B
163 B 97ms
34ms Image
image/gif 2.19.104.4
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-sync.teads.tv/um?eid=80&uid=k-1rZQ6QXrZvJXwT5Qjfzual_Otavr1Aw0BkoXug
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.104.4 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-104-4.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires: Mon, 11 Dec 2023 02:11:23 GMT
pragma: no-cache
date: Mon, 11 Dec 2023 02:11:23 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

GET
H2 200 xuid
eb2.3lift.com/ Frame 851C 37 B
140 B 42ms
8ms Image
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2711&xuid=k-19DVygXrZvJXwT5Qjfzual_OtauV4zuYGqA_Lw&dongle=013b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 02:11:23 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58301/ Frame 851C 0
125 B 105ms
9ms Image
text/plain 3.75.62.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-B-hN-AXrZvJXwT5Qjfzual_OtatQiPCFnYUBKQ

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.94 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 02:11:23 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.94
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 pixel
cm.adform.net/ Frame 851C 43 B
162 B 77ms
24ms Image
image/gif 37.157.5.132
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/pixel?adform_pid=15&adform_pc=k-i6_GjwXrZvJXwT5Qjfzual_Otavym-g5RlpaHw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.132 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 02:11:23 GMT
last-modified: Mon, 04 Oct 2021 14:04:49 GMT
server: nginx
accept-ranges: bytes
etag: "615b0a01-2b"
content-length: 43
content-type: image/gif

GET
H2 200 sync
visitor.omnitagjs.com/visitor/ Frame 851C 49 B
385 B 156ms
32ms Image
image/gif 63.33.18.223
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-VuNxXgXrZvJXwT5Qjfzual_OtavyrhrHvhOgmg

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

63.33.18.223 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-63-33-18-223.eu-west-1.compute.amazonaws.com

Software

Resource Hash

d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 02:11:23 GMT
via: kong/2.8.4
x-content-type-options: nosniff
x-kong-proxy-latency: 0
vary: Accept-Encoding
p3p: CP="CAO PSA OUR"
content-type: image/gif
x-kong-upstream-latency: 4
cache-control: no-cache, no-store, must-revalidate
content-length: 49
expires: 0

GET
H2

200

rum
r.casalemedia.com/ Frame 851C
Redirect Chain

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-ZfbKrwXrZvJXwT5Qjfzual_Otav9AOT3wBaL5A
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-ZfbKrwXrZvJXwT5Qjfzual_Otav9AOT3wBaL5A&C=1

43 B
330 B

23ms
23ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-ZfbKrwXrZvJXwT5Qjfzual_Otav9AOT3wBaL5A&C=1
Protocol: H2
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 02:11:23 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wY2Ct1YgtjS65QOsDtSwNsCporcTea7h9izER75VuaJ%2BvEOZzlqW9Pwv1YyP0E%2FilHmLOd7jtHw%2F%2FwdVELFBIJmU%2FNiTE%2Fm%2FDto2mvrhrd%2FqA1Sd4RW34rbNAzcGuwKqTdeX"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 833a32561cd865b6-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 11 Dec 2023 02:11:23 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MOYw6bci%2FG5Xm7cPr1itNrblXwIAxS0uWmciW%2FSNdYq9R9mPnUa7p1MJXtgE2Edze8ueRWKzt6MYkx2hFQLhknZHuHxkvM95pl5qRYLBrnlSzptdcroA7VXbk6Wwq5JrfuPL"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=20&external_user_id=k-ZfbKrwXrZvJXwT5Qjfzual_Otav9AOT3wBaL5A&C=1
cache-control: no-cache
cf-ray: 833a3255fcc765b6-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H2

200

demconf.jpg
dpm.demdex.net/ Frame 851C
Redirect Chain

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=daJjXPnUAE5br-VERr51U5lL_GKOgM-p
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=daJjXPnUAE5br-VERr51U5lL_GKOgM-p

42 B
715 B

30ms
30ms

Image
image/gif

54.220.4.214
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=daJjXPnUAE5br-VERr51U5lL_GKOgM-p

Protocol

Server

54.220.4.214 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-220-4-214.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

dcs: dcs-prod-irl1-1-v054-0dd64a28b.edge-irl1.demdex.com 1 ms
pragma: no-cache
date: Mon, 11 Dec 2023 02:11:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: 6yqBczCmTSQ=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs: dcs-prod-irl1-1-v054-06164c850.edge-irl1.demdex.com 0 ms
pragma: no-cache
date: Mon, 11 Dec 2023 02:11:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-tid: W+tFaj/ZR/Q=
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=daJjXPnUAE5br-VERr51U5lL_GKOgM-p
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 9.gif
id5-sync.com/s/966/ Frame 851C 43 B
921 B 35ms
7ms Image
image/gif 141.95.98.64
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/s/966/9.gif?puid=k-IMGNowXrZvJXwT5Qjfzual_OtasTy0oVMxrNlQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.64 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216658.ip-141-95-98.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
date: Mon, 11 Dec 2023 02:11:22 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="CAO PSA OUR"

GET
H2 200 match
ad.360yield.com/ Frame 851C 43 B
199 B 143ms
47ms Image
image/gif 54.228.143.85
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-BOmNCQXrZvJXwT5Qjfzual_OtatHJ-U3qN9wqQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.228.143.85 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-228-143-85.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 11 Dec 2023 02:11:23 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 sync
matching.ivitrack.com/ Frame 851C 42 B
265 B 50ms
15ms Image
image/gif 34.117.157.22
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://matching.ivitrack.com/sync?realm=criteo&uid=k-5diCywXrZvJXwT5Qjfzual_OtavZ9WXb3pk5eQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.157.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 22.157.117.34.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 02:11:23 GMT
x-envoy-decorator-operation: tag-manager.programmatic.svc.cluster.local:3000/*
via: 1.1 google
server: istio-envoy
content-type: image/gif
cache-control: public, max-age=86400
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H2 200 push
exchange.mediavine.com/usersync/ Frame 851C 0
879 B 36ms
9ms Image
text/html 3.124.39.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-O9rCjAXrZvJXwT5Qjfzual_OtatCnDDQX4Pr1A
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.39.171 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-39-171.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 02:11:23 GMT
cache-control: private, no-cache
access-control-allow-credentials: true
content-encoding: gzip
vary: Origin, Accept-Encoding
content-type: text/html; charset=utf-8

GET
H2 200 1017
jadserve.postrelease.com/suid/ Frame 851C 43 B
422 B 108ms
30ms Image
image/gif 99.80.129.181
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/suid/1017?vk=k-F6lblQXrZvJXwT5Qjfzual_OtauPAR-XKo7Hrg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.80.129.181 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-80-129-181.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 02:11:23 GMT
server: nginx
content-type: image/gif
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H/1.1 200
OK cookie-sync
sync.outbrain.com/ Frame 851C 0
145 B 355ms
86ms Image
text/plain 70.42.32.31
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-x0f1mgXrZvJXwT5Qjfzual_OtasffBkdvDdN1g&initiator=partner
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.31 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Mon, 11 Dec 2023 02:11:23 GMT
Cache-Control: no-cache
X-TraceId: 8e1b5499ea06c2d14ba444d1eaaf58e1
Content-Length: 0

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame 851C 0
225 B 58ms
12ms Image
text/html 198.47.127.205
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-njIQZgXrZvJXwT5Qjfzual_OtateobV4YksZwA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Mon, 11 Dec 2023 02:11:22 GMT
cache-control: no-store, no-cache, private
content-encoding: gzip
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 204 v1
match.sharethrough.com/sync/ Frame 851C 0
35 B 34ms
8ms Image
text/plain 3.68.0.8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-i7mVKgXrZvJXwT5Qjfzual_OtasvwonWqjkaYg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.68.0.8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-68-0-8.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 02:11:23 GMT

GET
H2 200 sync
criteo-partners.tremorhub.com/ Frame 851C 43 B
398 B 307ms
91ms Image
image/gif 2600:1f18:612b:4216:9670:1560:e7cd:376a
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-partners.tremorhub.com/sync?UICR=k-115OrwXrZvJXwT5Qjfzual_OtautdaLoKuzzMg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4216:9670:1560:e7cd:376a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Mon, 11 Dec 2023 02:11:23 GMT
server: nginx
content-type: image/gif

GET
H2 200 getusermatch.php
a.twiago.com/rtb/ Frame 851C 43 B
153 B 117ms
39ms Image
image/gif 85.215.5.31
CRONON-BERLIN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.twiago.com/rtb/getusermatch.php?dataid=6&external_user_id=k-BFB9xAXrZvJXwT5Qjfzual_OtasPRg3Wc8aFGg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 85.215.5.31 Berlin, Germany, ASN6786 (CRONON-BERLIN-AS, DE),
Reverse DNS
Software: Apache / PHP/7.3.30
Resource Hash: 5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 11 Dec 2023 02:11:23 GMT
server: Apache
x-powered-by: PHP/7.3.30
content-length: 43
content-type: image/gif

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame 851C 0
235 B 50ms
17ms Image
text/plain 2.19.105.55
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.yieldlab.net/m?dt_id=8664&ext_id=k-1rzMtgXrZvJXwT5Qjfzual_OtasSaxTrIqJrlQ
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.19.105.55 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-105-55.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 11 Dec 2023 02:11:23 GMT
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
Expires: Sun, 10 Dec 2023 02:11:23 GMT

GET
H2 200 sync
sync-criteo.ads.yieldmo.com/ Frame 851C 0
38 B 274ms
30ms Image
text/plain 34.241.3.33
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-criteo.ads.yieldmo.com/sync?id=k-uud2EwXrZvJXwT5Qjfzual_OtavOSlGzKnoXYw&pn_id=criteo&ext=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.241.3.33 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-241-3-33.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 02:11:23 GMT
content-length: 0

GET
H2 204 put
e1.emxdgt.com/ Frame 851C 0
44 B 32ms
6ms Image
text/plain 35.158.30.42
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e1.emxdgt.com/put?d=d53&uid=k-yKdb5wXrZvJXwT5Qjfzual_Otas2BWmdKMwwcQ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.158.30.42 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-158-30-42.eu-central-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 02:11:23 GMT
server: awselb/2.0

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 8ms
7ms Image
image/gif 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=507994896&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.goaheadtours.com%2F&ul=en-us&de=UTF-8&dt=Guided%20Tours%20%26%20Group%20Travel%20Tours%20%7C%20EF%20Go%20Ahead%20Tours&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Web%20Vitals&ea=TTFB&el=59.10000014305115&_u=aHDAiEALBAAAAGAMK~&jid=&gjid=&cid=1895333414.1702260683&tid=UA-321712-14&_gid=482350610.1702260683&gtm=45He3bt0n81NDTHZ2Gv811745238&cd8=1702260683137.4yml0gkb&cd10=0&cd13=https%3A%2F%2Fwww.goaheadtours.com%2F&cd18=https%3A%2F%2Fwww.goaheadtours.com%2F&cd20=%20%20&cd22=goaheadtours.com&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cd2=1895333414.1702260683&il1nm=slider_&il1pi1id=GIT&il1pi1nm=A%20Week%20in%20Greece%3A%20Athens%2C%20Mykonos%20%26%20Santorini&il1pi1pr=3179&il1pi1ps=0&il1pi1ca=GIT&il1pi2id=VFS&il1pi2nm=A%20Week%20in%20Italy%3A%20Venice%2C%20Florence%20%26%20Rome&il1pi2pr=2749&il1pi2ps=1&il1pi2ca=VFS&il1pi3id=TGI&il1pi3nm=The%20Greek%20Islands%3A%20Mykonos%2C%20Santorini%20%26%20Crete&il1pi3pr=4019&il1pi3ps=2&il1pi3ca=TGI&il1pi4id=LPR&il1pi4nm=London%2C%20Paris%20%26%20Rome&il1pi4pr=3199&il1pi4ps=3&il1pi4ca=LPR&il1pi5id=BES&il1pi5nm=Highlights%20of%20England%2C%20Scotland%20%26%20Ireland&il1pi5pr=3399&il1pi5ps=4&il1pi5ca=BES&il1pi6id=CRP&il1pi6nm=Costa%20Rica%3A%20Rainforests%2C%20Volcanoes%20%26%20Wildlife&il1pi6pr=3279&il1pi6ps=5&il1pi6ca=CRP&z=1740582372

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.goaheadtours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 23:04:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 11243
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 6ms
6ms Image
image/gif 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=507994896&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.goaheadtours.com%2F&ul=en-us&de=UTF-8&dt=Guided%20Tours%20%26%20Group%20Travel%20Tours%20%7C%20EF%20Go%20Ahead%20Tours&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=scroll%20depth&ea=percent25&el=%2F&_u=aHDAiEALBAAAAGAMK~&jid=&gjid=&cid=1895333414.1702260683&tid=UA-321712-14&_gid=482350610.1702260683&gtm=45He3bt0n81NDTHZ2Gv811745238&cd8=1702260683145.iwtc7q5t&cd10=0&cd13=https%3A%2F%2Fwww.goaheadtours.com%2F&cd18=https%3A%2F%2Fwww.goaheadtours.com%2F&cd20=%20%20&cd22=goaheadtours.com&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cd2=1895333414.1702260683&il1nm=slider_&il1pi1id=GIT&il1pi1nm=A%20Week%20in%20Greece%3A%20Athens%2C%20Mykonos%20%26%20Santorini&il1pi1pr=3179&il1pi1ps=0&il1pi1ca=GIT&il1pi2id=VFS&il1pi2nm=A%20Week%20in%20Italy%3A%20Venice%2C%20Florence%20%26%20Rome&il1pi2pr=2749&il1pi2ps=1&il1pi2ca=VFS&il1pi3id=TGI&il1pi3nm=The%20Greek%20Islands%3A%20Mykonos%2C%20Santorini%20%26%20Crete&il1pi3pr=4019&il1pi3ps=2&il1pi3ca=TGI&il1pi4id=LPR&il1pi4nm=London%2C%20Paris%20%26%20Rome&il1pi4pr=3199&il1pi4ps=3&il1pi4ca=LPR&il1pi5id=BES&il1pi5nm=Highlights%20of%20England%2C%20Scotland%20%26%20Ireland&il1pi5pr=3399&il1pi5ps=4&il1pi5ca=BES&il1pi6id=CRP&il1pi6nm=Costa%20Rica%3A%20Rainforests%2C%20Volcanoes%20%26%20Wildlife&il1pi6pr=3279&il1pi6ps=5&il1pi6ca=CRP&z=905053537

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.goaheadtours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 23:04:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 11243
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK st Show response
px.mountain.com/ 2 KB
2 KB 758ms
185ms Script
application/javascript 34.210.219.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://px.mountain.com/st?ga_tracking_id=UA-321712-14&ga_client_id=1895333414.1702260683&shpt=Guided%20Tours%20%26%20Group%20Travel%20Tours%20%7C%20EF%20Go%20Ahead%20Tours&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22UA-321712-14%22%2C%22ga_client_id%22%3A%221895333414.1702260683%22%2C%22shpt%22%3A%22Guided%20Tours%20%26%20Group%20Travel%20Tours%20%7C%20EF%20Go%20Ahead%20Tours%22%2C%22dcm_cid%22%3A%221702260682.1%22%2C%22dcm_gid%22%3A%22482350610.1702260683%22%2C%22mntnis%22%3A%22zyeTr7c7%2Bzr9YY5vv%2FPV2k50QF9tZjiH%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A4%2C%22getClientIdByCookie%22%3A%22OK%22%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%7D%7D&dcm_cid=1702260682.1&dcm_gid=482350610.1702260683&available_ga=%5B%7B%22id%22%3A%22UA-321712-14%22%2C%22sess_id%22%3Anull%7D%5D&hardcoded_ga=&dxver=4.0.0&shaid=33640&plh=https%3A%2F%2Fwww.goaheadtours.com%2F&cb=39946794955490424term%3Dvalue&shpp=1&shpc=&shadditional=criteo%3Dtrue
Requested by: Host: dx.mountain.com
URL: https://dx.mountain.com/spx?dxver=4.0.0&shaid=33640&tdr=&plh=https%3A%2F%2Fwww.goaheadtours.com%2F&cb=39946794955490424term=value
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.210.219.79 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-210-219-79.us-west-2.compute.amazonaws.com
Software: istio-envoy /
Resource Hash: 0ba118c57d07aaab25d2c7c58f367fef8c515ea876cddf6f683098ff95d217a2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.goaheadtours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 02:11:23 GMT
content-encoding: gzip
server: istio-envoy
transfer-encoding: chunked
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
p3p: CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
x-envoy-upstream-service-time: 3
connection: close

GET
H2 200 m5k7y7ds347b.js Show response
js.driftt.com/include/1702260900000/ 219 KB
62 KB 201ms
143ms Script
application/javascript 18.245.86.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/include/1702260900000/m5k7y7ds347b.js

Requested by

Host: www.goaheadtours.com
URL: https://www.goaheadtours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-77.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

dcacea7de18211a80fe31dfcbc821306515a46aa88841e7c01bee6cb902ded09

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.goaheadtours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 02:11:23 GMT
x-amz-version-id: Eo2wjiKHcGPxzDw42wGX.GmuIWAQEkSX
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b17826d683a2d96e59e274ca2b79697e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P6
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 35
last-modified: Thu, 07 Dec 2023 18:22:48 GMT
server: istio-envoy
etag: W/"5d148cf7fa8dc7978ffbce70736e6b78"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: N2CmcCWoweg2LSkriXJs1x1vBo-SnE_YYpek4tzrgqfCJRCXa_AoDw==

GET
H2 200 setuid
ib.adnxs.com/ Frame 851C 43 B
853 B 7ms
6ms Image
image/gif 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=52&code=k-FkaUNwXrZvJXwT5Qjfzual_Otasu_c209x0JmQ

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 02:11:23 GMT
an-x-request-uuid: 46701ac3-2c18-4007-905d-316a411bfe4a
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 80.255.10.198; 80.255.10.198; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58301/ Frame 851C 0
15 B 13ms
12ms Image
text/plain 3.75.62.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=0&redir=true&uid=k-B-hN-AXrZvJXwT5Qjfzual_OtatQiPCFnYUBKQ

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.94 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 02:11:23 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.94
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 851C
Redirect Chain

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=daAK88qV7_Qg5dEToovA2rB1kFVj2GIC

0
337 B

93ms
29ms

Image
text/plain

34.241.154.142
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=daAK88qV7_Qg5dEToovA2rB1kFVj2GIC
Protocol: H2
Server: 34.241.154.142 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-241-154-142.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-served-by: beacon-n004-dub-prod.krxd.net
date: Mon, 11 Dec 2023 02:11:23 GMT
cache-control: private, no-cache, no-store
x-request-time: D=42 t=1702260683
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=daAK88qV7_Qg5dEToovA2rB1kFVj2GIC
date: Mon, 11 Dec 2023 02:11:23 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 606067
content-length: 0

GET
H2 200 6550a6d394f20491bc2c120182577aea-optin.json Show response
a.omappapi.com/app/campaign-views/71243615b528/uvnfhtbns7pxeitav6yc/ 25 KB
5 KB 20ms
7ms XHR
application/json 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/campaign-views/71243615b528/uvnfhtbns7pxeitav6yc/6550a6d394f20491bc2c120182577aea-optin.json
Requested by: Host: a.opmnstr.com
URL: https://a.opmnstr.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1081 /
Resource Hash: b0963e8bade289b66b3467eabcda648f8cd613048d33284a7be4b6c93a106c58

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.goaheadtours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 02:11:23 GMT
content-encoding: br
cdn-edgestorageid: 1081
perma-cache: HIT
cdn-storageserver: DE-168
cdn-cachedat: 12/08/2023 16:11:45
cdn-pullzone: 293267
last-modified: Fri, 01 Dec 2023 02:16:28 GMT
server: BunnyCDN-DE1-1081
cdn-fileserver: 382
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"656941fc-6494"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 332c2d6422babc7bcc901068aa2badd9
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H/1.1 204
No Content i Show response
z.omappapi.com/v3/ 0
250 B 292ms
105ms XHR
text/plain 178.128.135.232
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://z.omappapi.com/v3/i?aid=50504&cid=uvnfhtbns7pxeitav6yc&sid=5b97dc7db8a90&rt=false&dv=desktop&cty=floating&url=&v=5
Requested by: Host: a.opmnstr.com
URL: https://a.opmnstr.com/app/js/api.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 178.128.135.232 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: kong/3.4.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.goaheadtours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.goaheadtours.com
Date: Mon, 11 Dec 2023 02:11:23 GMT
Access-Control-Allow-Credentials: true
X-Kong-Response-Latency: 19
Server: kong/3.4.2
Connection: keep-alive
vary: Origin

GET
H2

200

cs
s.thebrighttag.com/ Frame 851C
Redirect Chain

https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=0Gt4rWdKNIQl8d4MPz8qzxDLu4ElVDJ0

35 B
268 B

343ms
101ms

Image
image/gif

18.224.227.143
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=0Gt4rWdKNIQl8d4MPz8qzxDLu4ElVDJ0
Protocol: H2
Server: 18.224.227.143 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-224-227-143.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 02:11:23 GMT
x-bt-requestid: 9530dee0-97ca-11ee-af15-0000ac1702cf
server: nginx
content-type: image/gif
access-control-allow-origin
p3p: CP=NOI DSP COR NID
cache-control: private, must-revalidate
content-length: 35
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=0Gt4rWdKNIQl8d4MPz8qzxDLu4ElVDJ0
date: Mon, 11 Dec 2023 02:11:23 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 9093954
content-length: 0

GET
H2 200 core Show response
js.driftt.com/ Frame F0F2 2 KB
1 KB 114ms
114ms Document
text/html 18.245.86.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core?d=1&embedId=m5k7y7ds347b&eId=m5k7y7ds347b&region=US&forceShow=false&skipCampaigns=false&sessionId=3ec4e7b8-e9b5-461a-b049-2967fb88ba46&sessionStarted=1702260683.6&campaignRefreshToken=f563119f-1403-4b88-97fe-a8341eb03557&hideController=false&pageLoadStartTime=1702260682086&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.goaheadtours.com%2F

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1702260900000/m5k7y7ds347b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-77.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

b5fb447ffd2974d56939b56b0a43b0b4810f69d64c39143c4a7e5ed5685fe769

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.goaheadtours.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Mon, 11 Dec 2023 02:11:23 GMT
etag: W/"4ed8ce4714f2295dc5ef9351e8814cbd"
last-modified: Thu, 07 Dec 2023 18:22:37 GMT
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 b17826d683a2d96e59e274ca2b79697e.cloudfront.net (CloudFront)
x-amz-cf-id: gWfphRuOSPH3bP_SFZaUNAtS4w1-hpn3H03CbctkexSuv0ITZ1DfEw==
x-amz-cf-pop: FRA60-P6
x-amz-server-side-encryption: AES256
x-amz-version-id: qk8pdwKiUT5.cquSX5jwRMKUZ7YiKW2g
x-cache: RefreshHit from cloudfront
x-envoy-upstream-service-time: 20

GET
H2 200 chat Show response
js.driftt.com/core/ Frame 1E69 2 KB
1 KB 117ms
116ms Document
text/html 18.245.86.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1702260682086

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1702260900000/m5k7y7ds347b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-77.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

b5fb447ffd2974d56939b56b0a43b0b4810f69d64c39143c4a7e5ed5685fe769

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.goaheadtours.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Mon, 11 Dec 2023 02:11:23 GMT
etag: W/"4ed8ce4714f2295dc5ef9351e8814cbd"
last-modified: Thu, 07 Dec 2023 18:22:37 GMT
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 b17826d683a2d96e59e274ca2b79697e.cloudfront.net (CloudFront)
x-amz-cf-id: vdAivIdE-Z4epgvnfXK39___fdgpsAMq4yrHp4fPZjko91-Uj7uZpw==
x-amz-cf-pop: FRA60-P6
x-amz-server-side-encryption: AES256
x-amz-version-id: qk8pdwKiUT5.cquSX5jwRMKUZ7YiKW2g
x-cache: RefreshHit from cloudfront
x-envoy-upstream-service-time: 49

POST
H/1.1 204
No Content events Show response
logx.optimizely.com/v1/ 0
663 B 334ms
119ms XHR
text/plain 3.232.124.103
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://logx.optimizely.com/v1/events
Requested by: Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/25065710806.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.232.124.103 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-232-124-103.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.goaheadtours.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Mon, 11 Dec 2023 02:11:23 GMT
Via: 1.1 google
server: istio-envoy
access-control-allow-methods: POST,OPTIONS
Content-Type: text/plain
access-control-allow-origin: https://www.goaheadtours.com
access-control-expose-headers: X-Requested-With,Content-Type,Accept,Origin,X-App-Trace-Id
access-control-allow-credentials: true
x-envoy-upstream-service-time: 7
Connection: keep-alive
timing-allow-origin: *
access-control-allow-headers: X-Requested-With,Content-Type,Accept,Origin,X-App-Trace-Id,X-Optimizely-Strict
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-request-id: 015aa300-ce9e-4a3d-b23b-33b903214ffb

GET
H2 200 runtime~main.95493482.js Show response
js.driftt.com/core/assets/js/ Frame F0F2 6 KB
3 KB 7ms
7ms Script
application/javascript 18.245.86.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/runtime~main.95493482.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core?d=1&embedId=m5k7y7ds347b&eId=m5k7y7ds347b&region=US&forceShow=false&skipCampaigns=false&sessionId=3ec4e7b8-e9b5-461a-b049-2967fb88ba46&sessionStarted=1702260683.6&campaignRefreshToken=f563119f-1403-4b88-97fe-a8341eb03557&hideController=false&pageLoadStartTime=1702260682086&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.goaheadtours.com%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-77.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

86d58fd4c5a7b600742f7f7d3dd4e180cb66c78794cdfb262ab4717bf0c14482

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?d=1&embedId=m5k7y7ds347b&eId=m5k7y7ds347b&region=US&forceShow=false&skipCampaigns=false&sessionId=3ec4e7b8-e9b5-461a-b049-2967fb88ba46&sessionStarted=1702260683.6&campaignRefreshToken=f563119f-1403-4b88-97fe-a8341eb03557&hideController=false&pageLoadStartTime=1702260682086&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.goaheadtours.com%2F
Origin: https://js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 18:22:36 GMT
x-amz-version-id: Twa0j8cu4OOEdxlv3tU3S6TF36LicRfW
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b17826d683a2d96e59e274ca2b79697e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P6
age: 287326
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 20
last-modified: Wed, 06 Dec 2023 19:18:02 GMT
server: istio-envoy
etag: W/"487dd8eb134d40531c6351dd6ccf7f77"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Um5xffgc6YgsC5YNEljUswh7t6KTWl7ArIrboCuq6IfMJNQwwlrycQ==

GET
H2 200 9.4a3e9801.chunk.js Show response
js.driftt.com/core/assets/js/ Frame F0F2 35 KB
13 KB 8ms
7ms Script
application/javascript 18.245.86.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/9.4a3e9801.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-77.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

2a8a441d8086f20a64563edc759aba1de84d932e34ff77b8bb0279a730cdb428

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?d=1&embedId=m5k7y7ds347b&eId=m5k7y7ds347b&region=US&forceShow=false&skipCampaigns=false&sessionId=3ec4e7b8-e9b5-461a-b049-2967fb88ba46&sessionStarted=1702260683.6&campaignRefreshToken=f563119f-1403-4b88-97fe-a8341eb03557&hideController=false&pageLoadStartTime=1702260682086&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.goaheadtours.com%2F
Origin: https://js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 01:18:07 GMT
x-amz-version-id: q5pTVpOtKy3mkc3tgJvo47OHqvdilate
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b17826d683a2d96e59e274ca2b79697e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P6
age: 12358395
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 17
last-modified: Thu, 20 Jul 2023 18:22:11 GMT
server: istio-envoy
etag: W/"c6f58dd3d60f07462254b842dd4f9ca1"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: m25cBSDwM2jIRJGUEwbwUHjIUzQ6wdABesyKGWdQezo25wd3ZtUzxQ==

GET
H2 200 main~493df0b3.d2a43907.chunk.js Show response
js.driftt.com/core/assets/js/ Frame F0F2 7 KB
3 KB 8ms
8ms Script
application/javascript 18.245.86.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~493df0b3.d2a43907.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-77.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

481baffabb9011ae6ffd10103983908ebc2c06e6f6be7797d226ccee04c2172f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?d=1&embedId=m5k7y7ds347b&eId=m5k7y7ds347b&region=US&forceShow=false&skipCampaigns=false&sessionId=3ec4e7b8-e9b5-461a-b049-2967fb88ba46&sessionStarted=1702260683.6&campaignRefreshToken=f563119f-1403-4b88-97fe-a8341eb03557&hideController=false&pageLoadStartTime=1702260682086&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.goaheadtours.com%2F
Origin: https://js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 08:26:54 GMT
x-amz-version-id: OTiYyuMgyycXvMHseM5MN77RPTRQczpn
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b17826d683a2d96e59e274ca2b79697e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P6
age: 7062269
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 31
last-modified: Mon, 18 Sep 2023 19:58:07 GMT
server: istio-envoy
etag: W/"e094b276ad2035c3a46871991c258c2d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: BhxNAuqVGMMI66mfFVvSKm1r8x1nU5LPOy7WBpVneTzLkr7676704A==

GET
H2 200 runtime~main.95493482.js Show response
js.driftt.com/core/assets/js/ Frame 1E69 6 KB
3 KB 8ms
8ms Script
application/javascript 18.245.86.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/runtime~main.95493482.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1702260682086

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-77.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

86d58fd4c5a7b600742f7f7d3dd4e180cb66c78794cdfb262ab4717bf0c14482

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1702260682086
Origin: https://js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 18:22:36 GMT
x-amz-version-id: Twa0j8cu4OOEdxlv3tU3S6TF36LicRfW
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b17826d683a2d96e59e274ca2b79697e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P6
age: 287326
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 20
last-modified: Wed, 06 Dec 2023 19:18:02 GMT
server: istio-envoy
etag: W/"487dd8eb134d40531c6351dd6ccf7f77"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Ma2YIcXxfGrZiD4cqyQf7ZYgMU9QitiYjAJHPgJqZDSIYxvqFEmCFA==

GET
H2 200 9.4a3e9801.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1E69 35 KB
13 KB 9ms
9ms Script
application/javascript 18.245.86.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/9.4a3e9801.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1702260682086

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-77.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

2a8a441d8086f20a64563edc759aba1de84d932e34ff77b8bb0279a730cdb428

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1702260682086
Origin: https://js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 01:18:07 GMT
x-amz-version-id: q5pTVpOtKy3mkc3tgJvo47OHqvdilate
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b17826d683a2d96e59e274ca2b79697e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P6
age: 12358395
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 17
last-modified: Thu, 20 Jul 2023 18:22:11 GMT
server: istio-envoy
etag: W/"c6f58dd3d60f07462254b842dd4f9ca1"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: gAGgBRu3T-0gEzKTIzZW5Ns0HssBPojg7UbUvIQseAwdJMGk5wNHFg==

GET
H2 200 main~493df0b3.d2a43907.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1E69 7 KB
3 KB 9ms
9ms Script
application/javascript 18.245.86.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~493df0b3.d2a43907.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1702260682086

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-77.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

481baffabb9011ae6ffd10103983908ebc2c06e6f6be7797d226ccee04c2172f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1702260682086
Origin: https://js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 08:26:54 GMT
x-amz-version-id: OTiYyuMgyycXvMHseM5MN77RPTRQczpn
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b17826d683a2d96e59e274ca2b79697e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P6
age: 7062269
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 31
last-modified: Mon, 18 Sep 2023 19:58:07 GMT
server: istio-envoy
etag: W/"e094b276ad2035c3a46871991c258c2d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: rXVIP_PWSh12XJnGYhV0epcF-T9t4SA9uiqKbVRCdtSA8NzrkDf7-w==

GET
H2 200 51.558be3c5.chunk.js Show response
js.driftt.com/core/assets/js/ Frame F0F2 23 KB
8 KB 7ms
6ms Script
application/javascript 18.245.86.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/51.558be3c5.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.95493482.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-77.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

b0af909b7ae6ad2644bfe2a60d939092aaf113b2cbc4ed2981a892869143b98a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=m5k7y7ds347b&eId=m5k7y7ds347b&region=US&forceShow=false&skipCampaigns=false&sessionId=3ec4e7b8-e9b5-461a-b049-2967fb88ba46&sessionStarted=1702260683.6&campaignRefreshToken=f563119f-1403-4b88-97fe-a8341eb03557&hideController=false&pageLoadStartTime=1702260682086&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.goaheadtours.com%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 02:52:29 GMT
x-amz-version-id: Esj.HZA_tbw6gqPOdguyiXaCinsX9owN
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b17826d683a2d96e59e274ca2b79697e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P6
age: 6736734
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 19
last-modified: Thu, 21 Sep 2023 18:21:36 GMT
server: istio-envoy
etag: W/"fa281fcbe4b2e35558d60fae3e316367"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: o8_Im3OXLinBd8rWcazNOmfOGJbQXBr-sR_R2T4K4boW6bu175AExg==

GET
H2 200 35.d0f1ccda.chunk.js Show response
js.driftt.com/core/assets/js/ Frame F0F2 36 KB
10 KB 8ms
7ms Script
application/javascript 18.245.86.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/35.d0f1ccda.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.95493482.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-77.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

e0c6f8695589df90e63442fee1c9cf14e60dfc4fd8ce7296515b1d6db41e1d3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=m5k7y7ds347b&eId=m5k7y7ds347b&region=US&forceShow=false&skipCampaigns=false&sessionId=3ec4e7b8-e9b5-461a-b049-2967fb88ba46&sessionStarted=1702260683.6&campaignRefreshToken=f563119f-1403-4b88-97fe-a8341eb03557&hideController=false&pageLoadStartTime=1702260682086&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.goaheadtours.com%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 01:19:18 GMT
x-amz-version-id: 28EWWIrfyXnbH9o_fCp_ZuBJ9aAwW8z2
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b17826d683a2d96e59e274ca2b79697e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P6
age: 7087925
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 33
last-modified: Mon, 18 Sep 2023 19:58:05 GMT
server: istio-envoy
etag: W/"46fa5a7bc37a22544a908e4ad950309c"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: W3sWPrJjHapWdelVSjdrEVTPfpL_PbdU1kk_65f5uac4XTagI6sFDw==

GET
H2 200 22.6b9a301a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame F0F2 32 KB
11 KB 9ms
7ms Script
application/javascript 18.245.86.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/22.6b9a301a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.95493482.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-77.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

8f0f8792237470ee661c6afc32ca68200dd74bcc0d544d0fd54c7777af362eae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=m5k7y7ds347b&eId=m5k7y7ds347b&region=US&forceShow=false&skipCampaigns=false&sessionId=3ec4e7b8-e9b5-461a-b049-2967fb88ba46&sessionStarted=1702260683.6&campaignRefreshToken=f563119f-1403-4b88-97fe-a8341eb03557&hideController=false&pageLoadStartTime=1702260682086&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.goaheadtours.com%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 04:06:06 GMT
x-amz-version-id: QdsA1eP5upj.c59gGRUMZlWh3VaRO3QX
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b17826d683a2d96e59e274ca2b79697e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P6
age: 6732317
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 17
last-modified: Fri, 22 Sep 2023 19:55:10 GMT
server: istio-envoy
etag: W/"d8739a9fe9a3a42936f5cd86c8727494"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: etdPzeHvF0-uwgSlQmHoaBIDtlSWPMOH9mN_IXQiLKE8ZmZzk61U1w==

GET
H2 200 19.6f85b843.chunk.js Show response
js.driftt.com/core/assets/js/ Frame F0F2 17 KB
6 KB 9ms
8ms Script
application/javascript 18.245.86.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/19.6f85b843.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.95493482.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-77.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

afbd41e7209fa3aef6f53c7a5713aa542a7be54c432fec2d690e0dfaccd528d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=m5k7y7ds347b&eId=m5k7y7ds347b&region=US&forceShow=false&skipCampaigns=false&sessionId=3ec4e7b8-e9b5-461a-b049-2967fb88ba46&sessionStarted=1702260683.6&campaignRefreshToken=f563119f-1403-4b88-97fe-a8341eb03557&hideController=false&pageLoadStartTime=1702260682086&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.goaheadtours.com%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 08:26:54 GMT
x-amz-version-id: sH9o8YkkibMEUbCvCSPhoXTl_6cFk9oY
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b17826d683a2d96e59e274ca2b79697e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P6
age: 7062269
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 23
last-modified: Mon, 18 Sep 2023 19:58:05 GMT
server: istio-envoy
etag: W/"e28ebc3391b56e8f01ea063dc089e9d3"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Hl_cvOzo5vqYyEZe12Ydf254WDvqAfr_jF61d6-lzHk6isn5zyGmmw==

GET
H2 200 41.b4fc4de2.chunk.js Show response
js.driftt.com/core/assets/js/ Frame F0F2 25 KB
8 KB 12ms
10ms Script
application/javascript 18.245.86.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/41.b4fc4de2.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.95493482.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-77.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

edf1011ad272d21b66ae82a21a9d029186dc81c9f13972203fc3107f75835d4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=m5k7y7ds347b&eId=m5k7y7ds347b&region=US&forceShow=false&skipCampaigns=false&sessionId=3ec4e7b8-e9b5-461a-b049-2967fb88ba46&sessionStarted=1702260683.6&campaignRefreshToken=f563119f-1403-4b88-97fe-a8341eb03557&hideController=false&pageLoadStartTime=1702260682086&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.goaheadtours.com%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 08:26:54 GMT
x-amz-version-id: zY0Ou_sLgA4Cobo6T_PpWO3n4_bhl.BX
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b17826d683a2d96e59e274ca2b79697e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P6
age: 7062269
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 18
last-modified: Mon, 18 Sep 2023 19:58:06 GMT
server: istio-envoy
etag: W/"a2ace4f65aa7b34dedb884f6cfe9df8d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: a5d4AikKlS2op9mQkUrRze8vuoElB9VwUyI1x1443zqjZTzg5-n_qQ==

GET
H2 200 20.8c21ea18.chunk.js Show response
js.driftt.com/core/assets/js/ Frame F0F2 74 KB
23 KB 12ms
11ms Script
application/javascript 18.245.86.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/20.8c21ea18.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.95493482.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-77.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

19473eebfb0672867a4438e2a015de79fded34b9f5ae5598bade57eb01cf0563

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=m5k7y7ds347b&eId=m5k7y7ds347b&region=US&forceShow=false&skipCampaigns=false&sessionId=3ec4e7b8-e9b5-461a-b049-2967fb88ba46&sessionStarted=1702260683.6&campaignRefreshToken=f563119f-1403-4b88-97fe-a8341eb03557&hideController=false&pageLoadStartTime=1702260682086&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.goaheadtours.com%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 18:42:47 GMT
x-amz-version-id: koF.ql6S6iU4L3DAmCcO8za68l9Cvk6p
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b17826d683a2d96e59e274ca2b79697e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P6
age: 7975716
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 19
last-modified: Thu, 07 Sep 2023 15:58:12 GMT
server: istio-envoy
etag: W/"6d77a76055d81227033363af2f18caf8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: w-QOFfPXMjC6z8PSp54GLtgGEMxRMiJJkk4I97nI966QMTmYZAfdIg==

GET
H2 200 26.04e7f30b.chunk.js Show response
js.driftt.com/core/assets/js/ Frame F0F2 66 KB
20 KB 13ms
12ms Script
application/javascript 18.245.86.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/26.04e7f30b.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.95493482.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-77.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

d70fa5dc6c8bfe9d7824be31e669528533d0879a2b1600a7df68b880f4d44296

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=m5k7y7ds347b&eId=m5k7y7ds347b&region=US&forceShow=false&skipCampaigns=false&sessionId=3ec4e7b8-e9b5-461a-b049-2967fb88ba46&sessionStarted=1702260683.6&campaignRefreshToken=f563119f-1403-4b88-97fe-a8341eb03557&hideController=false&pageLoadStartTime=1702260682086&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.goaheadtours.com%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 10:11:06 GMT
x-amz-version-id: QuflpVsRjQoeLsgyzbb2dO87jCp6veQD
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b17826d683a2d96e59e274ca2b79697e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P6
age: 10857617
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 32
last-modified: Fri, 28 Jul 2023 18:55:10 GMT
server: istio-envoy
etag: W/"49ce5445ddcf5d24ef3badc4eb1a11dd"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: HPn_3MEy1Gsgw-m1LB2wVUAwlFjWYQq41Gh51cKN8_ogsDC_cRFZaQ==

GET
H2 200 14.e24a6190.chunk.js Show response
js.driftt.com/core/assets/js/ Frame F0F2 91 KB
28 KB 14ms
13ms Script
application/javascript 18.245.86.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/14.e24a6190.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.95493482.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-77.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

6c9c6406c9bd9814cf84974221433003377b67f071ec5411fddbcba4ec109bca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=m5k7y7ds347b&eId=m5k7y7ds347b&region=US&forceShow=false&skipCampaigns=false&sessionId=3ec4e7b8-e9b5-461a-b049-2967fb88ba46&sessionStarted=1702260683.6&campaignRefreshToken=f563119f-1403-4b88-97fe-a8341eb03557&hideController=false&pageLoadStartTime=1702260682086&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.goaheadtours.com%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 08:26:54 GMT
x-amz-version-id: mPHV5tAqPye8LylceWqtCyeRVygMz4fc
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b17826d683a2d96e59e274ca2b79697e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P6
age: 7062269
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 16
last-modified: Mon, 18 Sep 2023 19:58:05 GMT
server: istio-envoy
etag: W/"16d7ae86e21434a32157d3226ac9bb77"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: -Si61On0yXSQMaKxjshhBDQudovRvT8brlcxne0d-T8IqGruZA0tDw==

GET
H2 200 11.639238ba.chunk.js Show response
js.driftt.com/core/assets/js/ Frame F0F2 23 KB
7 KB 15ms
14ms Script
application/javascript 18.245.86.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/11.639238ba.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.95493482.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-77.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

c501de88fbb90a445f1754a529bc772e7047071bf653c8c3f0330f7bb736d140

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=m5k7y7ds347b&eId=m5k7y7ds347b&region=US&forceShow=false&skipCampaigns=false&sessionId=3ec4e7b8-e9b5-461a-b049-2967fb88ba46&sessionStarted=1702260683.6&campaignRefreshToken=f563119f-1403-4b88-97fe-a8341eb03557&hideController=false&pageLoadStartTime=1702260682086&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.goaheadtours.com%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 08:26:54 GMT
x-amz-version-id: XlMxTkRfqAYNG4rhc7QwtAO3yzTax5oV
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b17826d683a2d96e59e274ca2b79697e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P6
age: 7062269
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 23
last-modified: Mon, 18 Sep 2023 19:58:04 GMT
server: istio-envoy
etag: W/"4049f38c00add1738dc4806148ff8829"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: a4VlcBd_L5h8yF03XW4zZHd_50Z744a7JSwZzTBICp4Vx_xeNSqV2w==

GET
H2 200 18.9c1bd1fb.chunk.js Show response
js.driftt.com/core/assets/js/ Frame F0F2 62 KB
20 KB 15ms
14ms Script
application/javascript 18.245.86.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/18.9c1bd1fb.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.95493482.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-77.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

e555f4b34b579e6528d6bbd4819620a634c0759b41dfa99520b7ca5aa5117b11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=m5k7y7ds347b&eId=m5k7y7ds347b&region=US&forceShow=false&skipCampaigns=false&sessionId=3ec4e7b8-e9b5-461a-b049-2967fb88ba46&sessionStarted=1702260683.6&campaignRefreshToken=f563119f-1403-4b88-97fe-a8341eb03557&hideController=false&pageLoadStartTime=1702260682086&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.goaheadtours.com%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 02:55:15 GMT
x-amz-version-id: 9mpbkuyHmd3DbfSHS5sKR7jluuxgLo9E
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b17826d683a2d96e59e274ca2b79697e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P6
age: 8464568
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 17
last-modified: Sat, 02 Sep 2023 21:37:07 GMT
server: istio-envoy
etag: W/"02f09379c544befa413d22eb57ed41de"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: qYiQnjvsR0uSYOhqGzT9ha0uob1Uuf4jQIqDaCgXaRc1szzUkA8uXQ==

GET
H2 200 49.f7274268.chunk.js Show response
js.driftt.com/core/assets/js/ Frame F0F2 105 KB
34 KB 16ms
15ms Script
application/javascript 18.245.86.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/49.f7274268.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.95493482.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-77.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

6861a320271e0fda832800e20d53b858ef409f88d9bc9c1a48953888289d1ea3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=m5k7y7ds347b&eId=m5k7y7ds347b&region=US&forceShow=false&skipCampaigns=false&sessionId=3ec4e7b8-e9b5-461a-b049-2967fb88ba46&sessionStarted=1702260683.6&campaignRefreshToken=f563119f-1403-4b88-97fe-a8341eb03557&hideController=false&pageLoadStartTime=1702260682086&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.goaheadtours.com%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 17:53:19 GMT
x-amz-version-id: nu5YPPYpbxwbA5KeFnNDvED6qjQ46e.5
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b17826d683a2d96e59e274ca2b79697e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P6
age: 11866684
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 22
last-modified: Wed, 26 Jul 2023 13:14:43 GMT
server: istio-envoy
etag: W/"e268d36b98f0119a2bb1a15f69fd4ffe"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: -Rmn3sdcmQOTkckvXb5GC0MdeGaaEGmHjsbZR5XzXFZ0HYTze2elaA==

GET
H2 200 40.31ef8dbf.chunk.js Show response
js.driftt.com/core/assets/js/ Frame F0F2 12 KB
4 KB 17ms
16ms Script
application/javascript 18.245.86.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/40.31ef8dbf.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.95493482.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-77.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

bba54915db71fc417be4d5852ec7d138d7c3fa90356ddee98b5267a7db7e6b5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=m5k7y7ds347b&eId=m5k7y7ds347b&region=US&forceShow=false&skipCampaigns=false&sessionId=3ec4e7b8-e9b5-461a-b049-2967fb88ba46&sessionStarted=1702260683.6&campaignRefreshToken=f563119f-1403-4b88-97fe-a8341eb03557&hideController=false&pageLoadStartTime=1702260682086&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.goaheadtours.com%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 22:50:10 GMT
x-amz-version-id: 4vFIc6iMaOHHRPFul3_EyvJfXUuIcmEs
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b17826d683a2d96e59e274ca2b79697e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P6
age: 6578473
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 19
last-modified: Thu, 21 Sep 2023 18:21:36 GMT
server: istio-envoy
etag: W/"b0793fa46e8c0ae1846b7be8a833da35"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: nM7afS-UAC1MJX4ZWa40__9-pknjjETUMrevAePXJ4m9CFu349_NnA==

GET
H2 200 29.31d09948.chunk.js Show response
js.driftt.com/core/assets/js/ Frame F0F2 13 KB
6 KB 18ms
17ms Script
application/javascript 18.245.86.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/29.31d09948.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.95493482.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-77.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

7641f066c35d0ca15d4897bfe49d640ed4c143ff8f04030c2020cbb2acfa7b0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=m5k7y7ds347b&eId=m5k7y7ds347b&region=US&forceShow=false&skipCampaigns=false&sessionId=3ec4e7b8-e9b5-461a-b049-2967fb88ba46&sessionStarted=1702260683.6&campaignRefreshToken=f563119f-1403-4b88-97fe-a8341eb03557&hideController=false&pageLoadStartTime=1702260682086&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.goaheadtours.com%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 04:56:51 GMT
x-amz-version-id: PyawGVolC84hpcWm6OWVT0dG84hVjB6f
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b17826d683a2d96e59e274ca2b79697e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P6
age: 6038072
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 17
last-modified: Thu, 21 Sep 2023 18:21:36 GMT
server: istio-envoy
etag: W/"455157cb49065fb85fed54901ddaeb0e"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: gbPhwYmtbQX8881wAVC00n9_gwJ_Jx3rd4MAtslzoPmvkPFpdaQe2Q==

GET
H2 200 21.b8c41db9.chunk.js Show response
js.driftt.com/core/assets/js/ Frame F0F2 17 KB
7 KB 18ms
17ms Script
application/javascript 18.245.86.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/21.b8c41db9.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.95493482.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-77.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

b84595cc8461bb6e8376fe94f0dd23d6657172103b03653534089c5992b058a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=m5k7y7ds347b&eId=m5k7y7ds347b&region=US&forceShow=false&skipCampaigns=false&sessionId=3ec4e7b8-e9b5-461a-b049-2967fb88ba46&sessionStarted=1702260683.6&campaignRefreshToken=f563119f-1403-4b88-97fe-a8341eb03557&hideController=false&pageLoadStartTime=1702260682086&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.goaheadtours.com%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 08:26:54 GMT
x-amz-version-id: g1ri2j1Cjjab.VdRD9o2Qfb0pzjBKg2Y
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b17826d683a2d96e59e274ca2b79697e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P6
age: 7062269
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 19
last-modified: Mon, 18 Sep 2023 19:58:05 GMT
server: istio-envoy
etag: W/"65e5c965272e021ae33ff8bc39565ef5"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Jbx-uXT0SLiP4ZQ5THi2MGMone2gJR8r5B3PwMGHtkGvPz7og-I6qw==

GET
H2 200 8.7602338c.chunk.css
js.driftt.com/core/assets/css/ Frame F0F2 31 KB
4 KB 18ms
18ms Stylesheet
text/css 18.245.86.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/8.7602338c.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.95493482.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-77.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

310de82ec6ba5948814ab8ec2369aa1d437e84e26ac56967fc79897acaa99a95

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=m5k7y7ds347b&eId=m5k7y7ds347b&region=US&forceShow=false&skipCampaigns=false&sessionId=3ec4e7b8-e9b5-461a-b049-2967fb88ba46&sessionStarted=1702260683.6&campaignRefreshToken=f563119f-1403-4b88-97fe-a8341eb03557&hideController=false&pageLoadStartTime=1702260682086&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.goaheadtours.com%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 01:16:19 GMT
x-amz-version-id: hjTFQAoU.KAgYbJR7bli92DUId80a05s
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b17826d683a2d96e59e274ca2b79697e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P6
age: 6224104
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 30
last-modified: Thu, 21 Sep 2023 18:21:34 GMT
server: istio-envoy
etag: W/"76d0343f1f9f445c80d5c68c2a35b6e0"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: IDRuwwNm9Tw4VC1aYjmix5hmgqtLHUvQQiwBtXtX1IVW_3AOHJwTCg==

GET
H2 200 8.f7153452.chunk.js Show response
js.driftt.com/core/assets/js/ Frame F0F2 81 KB
26 KB 20ms
19ms Script
application/javascript 18.245.86.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/8.f7153452.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.95493482.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-77.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

cd0391921eb418d52f00e38cf417c33b074edeca8ba76ac7fdebc822d53c22c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=m5k7y7ds347b&eId=m5k7y7ds347b&region=US&forceShow=false&skipCampaigns=false&sessionId=3ec4e7b8-e9b5-461a-b049-2967fb88ba46&sessionStarted=1702260683.6&campaignRefreshToken=f563119f-1403-4b88-97fe-a8341eb03557&hideController=false&pageLoadStartTime=1702260682086&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.goaheadtours.com%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 18:15:53 GMT
x-amz-version-id: ZJl9D9EzNE1WdNgFlISbyPGas_oIckZK
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b17826d683a2d96e59e274ca2b79697e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P6
age: 978930
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 19
last-modified: Wed, 29 Nov 2023 17:11:56 GMT
server: istio-envoy
etag: W/"4b575e2d4a033261a7c29d23f642a4d2"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: RVdjvp4F7LZ7hoP31865Q2uOcpDsV3sety9RjZtAo8ukDLuLcq-jMw==

GET
H2 200 16.22abfce0.chunk.css
js.driftt.com/core/assets/css/ Frame F0F2 24 B
696 B 19ms
19ms Stylesheet
text/css 18.245.86.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/16.22abfce0.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.95493482.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-77.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=m5k7y7ds347b&eId=m5k7y7ds347b&region=US&forceShow=false&skipCampaigns=false&sessionId=3ec4e7b8-e9b5-461a-b049-2967fb88ba46&sessionStarted=1702260683.6&campaignRefreshToken=f563119f-1403-4b88-97fe-a8341eb03557&hideController=false&pageLoadStartTime=1702260682086&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.goaheadtours.com%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 18:42:47 GMT
x-amz-version-id: L7ekVthaAMSAcl7y3LfpvLig..DjHOJ0
via: 1.1 b17826d683a2d96e59e274ca2b79697e.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA60-P6
age: 7975716
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 15
content-length: 24
last-modified: Thu, 07 Sep 2023 15:58:10 GMT
server: istio-envoy
etag: "0c5dad92482d9a7c7c253510f5082465"
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: b9bH9ZUXtcn7VVCUvIuChc-axfH3pdi5JfsuzPiym9_yGXwuN0K9tA==

GET
H2 200 16.736de600.chunk.js Show response
js.driftt.com/core/assets/js/ Frame F0F2 92 KB
24 KB 20ms
20ms Script
application/javascript 18.245.86.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/16.736de600.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.95493482.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-77.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

924c652cca204322241dab3654d097e3d856c31c4a32578264d17118d4d65f4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=m5k7y7ds347b&eId=m5k7y7ds347b&region=US&forceShow=false&skipCampaigns=false&sessionId=3ec4e7b8-e9b5-461a-b049-2967fb88ba46&sessionStarted=1702260683.6&campaignRefreshToken=f563119f-1403-4b88-97fe-a8341eb03557&hideController=false&pageLoadStartTime=1702260682086&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.goaheadtours.com%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 18:22:37 GMT
x-amz-version-id: AX6Q6j10nLqEa3DVQd1n8x.BepxtSjRO
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b17826d683a2d96e59e274ca2b79697e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P6
age: 287326
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 18
last-modified: Wed, 06 Dec 2023 19:18:00 GMT
server: istio-envoy
etag: W/"17f48416e74287db11e30b376ca530c3"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: MOGvCzCSDeNbip_VzLAGouSoKIpTfJElFjZPuYZe_02PgVMgPvK8RA==

GET
H2 200 24.ca560a16.chunk.js Show response
js.driftt.com/core/assets/js/ Frame F0F2 51 KB
14 KB 21ms
21ms Script
application/javascript 18.245.86.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/24.ca560a16.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.95493482.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-77.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

85fd62d320b29db9aeb3e9e28df01c331228fbac48ecdacf1d12d11052995821

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=m5k7y7ds347b&eId=m5k7y7ds347b&region=US&forceShow=false&skipCampaigns=false&sessionId=3ec4e7b8-e9b5-461a-b049-2967fb88ba46&sessionStarted=1702260683.6&campaignRefreshToken=f563119f-1403-4b88-97fe-a8341eb03557&hideController=false&pageLoadStartTime=1702260682086&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.goaheadtours.com%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 18:22:37 GMT
x-amz-version-id: MxiiifjP7mIpciMKo.v.jmGgltwROWpK
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b17826d683a2d96e59e274ca2b79697e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P6
age: 287326
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 17
last-modified: Wed, 06 Dec 2023 19:18:00 GMT
server: istio-envoy
etag: W/"6b6a8f66a8cd65088ea8052336ee758b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 5W9PKl-_LVTe6i3B0lJzZ4mP7I046dhL0fkNiOqyup_PzJYJLp4laQ==

GET
H2 200 17.426ea1ef.chunk.js Show response
js.driftt.com/core/assets/js/ Frame F0F2 40 KB
13 KB 21ms
21ms Script
application/javascript 18.245.86.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/17.426ea1ef.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.95493482.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-77.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

dc125e9d86f939c87602ea8e5d855fc40b063b7d9558129a3b8f09b7cc7fe772

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=m5k7y7ds347b&eId=m5k7y7ds347b&region=US&forceShow=false&skipCampaigns=false&sessionId=3ec4e7b8-e9b5-461a-b049-2967fb88ba46&sessionStarted=1702260683.6&campaignRefreshToken=f563119f-1403-4b88-97fe-a8341eb03557&hideController=false&pageLoadStartTime=1702260682086&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.goaheadtours.com%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 18:22:37 GMT
x-amz-version-id: jTXzUyy.6LFpXzFAVpJ3er6CRcT1P8pq
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b17826d683a2d96e59e274ca2b79697e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P6
age: 287326
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 17
last-modified: Wed, 06 Dec 2023 19:18:00 GMT
server: istio-envoy
etag: W/"4b9e8442bb313b6195810a9a03e60773"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: XOVgVqgvxg7fv9DIFCoqVmgZRA9O7xs0SiFUXgRNdGb32zTwBrmIvg==

GET
H2 200 51.558be3c5.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1E69 23 KB
8 KB 15ms
8ms Script
application/javascript 18.245.86.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/51.558be3c5.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.95493482.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-77.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

b0af909b7ae6ad2644bfe2a60d939092aaf113b2cbc4ed2981a892869143b98a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1702260682086
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 02:52:29 GMT
x-amz-version-id: Esj.HZA_tbw6gqPOdguyiXaCinsX9owN
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b17826d683a2d96e59e274ca2b79697e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P6
age: 6736734
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 19
last-modified: Thu, 21 Sep 2023 18:21:36 GMT
server: istio-envoy
etag: W/"fa281fcbe4b2e35558d60fae3e316367"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: DDhEov5LPylh47ApcEqfg-8O1jK3BBABdy6Sc5I4tYkCR9st60SB-A==

GET
H2 200 35.d0f1ccda.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1E69 36 KB
10 KB 16ms
9ms Script
application/javascript 18.245.86.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/35.d0f1ccda.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.95493482.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-77.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

e0c6f8695589df90e63442fee1c9cf14e60dfc4fd8ce7296515b1d6db41e1d3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1702260682086
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 01:19:18 GMT
x-amz-version-id: 28EWWIrfyXnbH9o_fCp_ZuBJ9aAwW8z2
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b17826d683a2d96e59e274ca2b79697e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P6
age: 7087925
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 33
last-modified: Mon, 18 Sep 2023 19:58:05 GMT
server: istio-envoy
etag: W/"46fa5a7bc37a22544a908e4ad950309c"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 05EhOdr-jwaCXvQ0_YzbGQsHVoDYK4dpW35OeBS91_pSXC4inYfxow==

GET
H2 200 22.6b9a301a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1E69 32 KB
11 KB 16ms
9ms Script
application/javascript 18.245.86.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/22.6b9a301a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.95493482.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-77.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

8f0f8792237470ee661c6afc32ca68200dd74bcc0d544d0fd54c7777af362eae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1702260682086
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 04:06:06 GMT
x-amz-version-id: QdsA1eP5upj.c59gGRUMZlWh3VaRO3QX
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b17826d683a2d96e59e274ca2b79697e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P6
age: 6732317
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 17
last-modified: Fri, 22 Sep 2023 19:55:10 GMT
server: istio-envoy
etag: W/"d8739a9fe9a3a42936f5cd86c8727494"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: iv5ySK-bFlDEgB1GFnoSK3ag5ikKZkOQp8AbZV4su3g8Jk6qRqySXA==

GET
H2 200 19.6f85b843.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1E69 17 KB
6 KB 17ms
10ms Script
application/javascript 18.245.86.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/19.6f85b843.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.95493482.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-77.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

afbd41e7209fa3aef6f53c7a5713aa542a7be54c432fec2d690e0dfaccd528d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1702260682086
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 08:26:54 GMT
x-amz-version-id: sH9o8YkkibMEUbCvCSPhoXTl_6cFk9oY
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b17826d683a2d96e59e274ca2b79697e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P6
age: 7062269
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 23
last-modified: Mon, 18 Sep 2023 19:58:05 GMT
server: istio-envoy
etag: W/"e28ebc3391b56e8f01ea063dc089e9d3"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 69lh9Eq1HZPcyeiZoa4qX4WSxpPOUNMt6oVCAsCWqYD2SiaNr4vptw==

GET
H2 200 41.b4fc4de2.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1E69 25 KB
8 KB 17ms
11ms Script
application/javascript 18.245.86.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/41.b4fc4de2.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.95493482.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-77.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

edf1011ad272d21b66ae82a21a9d029186dc81c9f13972203fc3107f75835d4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1702260682086
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 08:26:54 GMT
x-amz-version-id: zY0Ou_sLgA4Cobo6T_PpWO3n4_bhl.BX
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b17826d683a2d96e59e274ca2b79697e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P6
age: 7062269
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 18
last-modified: Mon, 18 Sep 2023 19:58:06 GMT
server: istio-envoy
etag: W/"a2ace4f65aa7b34dedb884f6cfe9df8d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: pDNGT2nqqkKW6ElbEex8mtCRzJDGyPr26og6oC_Spf6LtILznuBVww==

GET
H2 200 20.8c21ea18.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1E69 74 KB
23 KB 18ms
11ms Script
application/javascript 18.245.86.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/20.8c21ea18.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.95493482.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-77.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

19473eebfb0672867a4438e2a015de79fded34b9f5ae5598bade57eb01cf0563

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1702260682086
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 18:42:47 GMT
x-amz-version-id: koF.ql6S6iU4L3DAmCcO8za68l9Cvk6p
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b17826d683a2d96e59e274ca2b79697e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P6
age: 7975716
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 19
last-modified: Thu, 07 Sep 2023 15:58:12 GMT
server: istio-envoy
etag: W/"6d77a76055d81227033363af2f18caf8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: ria5IO3fiUzThzjVGm31ahoemVHiN5our4shXTeUF8ytv0i_Dd08fA==

GET
H2 200 26.04e7f30b.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1E69 66 KB
20 KB 19ms
12ms Script
application/javascript 18.245.86.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/26.04e7f30b.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.95493482.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-77.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

d70fa5dc6c8bfe9d7824be31e669528533d0879a2b1600a7df68b880f4d44296

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1702260682086
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 10:11:06 GMT
x-amz-version-id: QuflpVsRjQoeLsgyzbb2dO87jCp6veQD
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b17826d683a2d96e59e274ca2b79697e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P6
age: 10857617
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 32
last-modified: Fri, 28 Jul 2023 18:55:10 GMT
server: istio-envoy
etag: W/"49ce5445ddcf5d24ef3badc4eb1a11dd"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: deHmbz0UUVqf6nXbZ9FDlsQYJkTaoNv2dNHETYGR48mSN5Tr-Olbcw==

GET
H2 200 14.e24a6190.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1E69 91 KB
28 KB 19ms
13ms Script
application/javascript 18.245.86.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/14.e24a6190.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.95493482.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-77.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

6c9c6406c9bd9814cf84974221433003377b67f071ec5411fddbcba4ec109bca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1702260682086
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 08:26:54 GMT
x-amz-version-id: mPHV5tAqPye8LylceWqtCyeRVygMz4fc
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b17826d683a2d96e59e274ca2b79697e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P6
age: 7062269
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 16
last-modified: Mon, 18 Sep 2023 19:58:05 GMT
server: istio-envoy
etag: W/"16d7ae86e21434a32157d3226ac9bb77"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: eDU8dT5KPIUb3jOLUHy_MTHGzWIwDc0AWTKY7rToqdOlVAyJ1B7Szg==

GET
H2 200 11.639238ba.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1E69 23 KB
7 KB 20ms
13ms Script
application/javascript 18.245.86.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/11.639238ba.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.95493482.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-77.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

c501de88fbb90a445f1754a529bc772e7047071bf653c8c3f0330f7bb736d140

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1702260682086
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 08:26:54 GMT
x-amz-version-id: XlMxTkRfqAYNG4rhc7QwtAO3yzTax5oV
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b17826d683a2d96e59e274ca2b79697e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P6
age: 7062269
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 23
last-modified: Mon, 18 Sep 2023 19:58:04 GMT
server: istio-envoy
etag: W/"4049f38c00add1738dc4806148ff8829"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: ylOiLp5M8DJqBwL8hr3FAksGt5HyIbPekNgt3lOp3b2pues_kEOpRA==

GET
H2 200 18.9c1bd1fb.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1E69 62 KB
20 KB 20ms
14ms Script
application/javascript 18.245.86.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/18.9c1bd1fb.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.95493482.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-77.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

e555f4b34b579e6528d6bbd4819620a634c0759b41dfa99520b7ca5aa5117b11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1702260682086
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 02:55:15 GMT
x-amz-version-id: 9mpbkuyHmd3DbfSHS5sKR7jluuxgLo9E
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b17826d683a2d96e59e274ca2b79697e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P6
age: 8464568
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 17
last-modified: Sat, 02 Sep 2023 21:37:07 GMT
server: istio-envoy
etag: W/"02f09379c544befa413d22eb57ed41de"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 4PCXmNgeC8pEBRzj3QTlufV1Y9xrPElnQjiVprTknFtb31qwlRaGfA==

GET
H2 200 49.f7274268.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1E69 105 KB
34 KB 21ms
15ms Script
application/javascript 18.245.86.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/49.f7274268.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.95493482.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-77.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

6861a320271e0fda832800e20d53b858ef409f88d9bc9c1a48953888289d1ea3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1702260682086
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 17:53:19 GMT
x-amz-version-id: nu5YPPYpbxwbA5KeFnNDvED6qjQ46e.5
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b17826d683a2d96e59e274ca2b79697e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P6
age: 11866684
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 22
last-modified: Wed, 26 Jul 2023 13:14:43 GMT
server: istio-envoy
etag: W/"e268d36b98f0119a2bb1a15f69fd4ffe"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: bPSAtg3iTTnqf9hZrEEyaBTshPTxygPa3rvuycQdPF_DlzNr48RafQ==

GET
H2 200 40.31ef8dbf.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1E69 12 KB
4 KB 22ms
15ms Script
application/javascript 18.245.86.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/40.31ef8dbf.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.95493482.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-77.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

bba54915db71fc417be4d5852ec7d138d7c3fa90356ddee98b5267a7db7e6b5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1702260682086
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 22:50:10 GMT
x-amz-version-id: 4vFIc6iMaOHHRPFul3_EyvJfXUuIcmEs
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b17826d683a2d96e59e274ca2b79697e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P6
age: 6578473
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 19
last-modified: Thu, 21 Sep 2023 18:21:36 GMT
server: istio-envoy
etag: W/"b0793fa46e8c0ae1846b7be8a833da35"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: cCKam6wVE3ipwS0pBwuGWMdbVJgDvriZciZXlvDKljxuO6qhSsLibQ==

GET
H2 200 29.31d09948.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1E69 13 KB
6 KB 22ms
16ms Script
application/javascript 18.245.86.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/29.31d09948.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.95493482.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-77.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

7641f066c35d0ca15d4897bfe49d640ed4c143ff8f04030c2020cbb2acfa7b0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1702260682086
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 04:56:51 GMT
x-amz-version-id: PyawGVolC84hpcWm6OWVT0dG84hVjB6f
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b17826d683a2d96e59e274ca2b79697e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P6
age: 6038072
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 17
last-modified: Thu, 21 Sep 2023 18:21:36 GMT
server: istio-envoy
etag: W/"455157cb49065fb85fed54901ddaeb0e"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: pMc7FYldjBZk4Erci3eymy13EBXiDqRxhohxgR4SFW-1GWPGgc0bhA==

GET
H2 200 21.b8c41db9.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1E69 17 KB
7 KB 23ms
17ms Script
application/javascript 18.245.86.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/21.b8c41db9.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.95493482.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-77.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

b84595cc8461bb6e8376fe94f0dd23d6657172103b03653534089c5992b058a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1702260682086
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 08:26:54 GMT
x-amz-version-id: g1ri2j1Cjjab.VdRD9o2Qfb0pzjBKg2Y
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b17826d683a2d96e59e274ca2b79697e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P6
age: 7062269
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 19
last-modified: Mon, 18 Sep 2023 19:58:05 GMT
server: istio-envoy
etag: W/"65e5c965272e021ae33ff8bc39565ef5"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: ayiaQKJRLJ8mMTgfIHk_4z6TxCpsWsSyGthNPqHE3hj0eWRVNhGkBw==

GET
H2 200 8.7602338c.chunk.css
js.driftt.com/core/assets/css/ Frame 1E69 31 KB
4 KB 13ms
7ms Stylesheet
text/css 18.245.86.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/8.7602338c.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.95493482.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-77.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

310de82ec6ba5948814ab8ec2369aa1d437e84e26ac56967fc79897acaa99a95

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1702260682086
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 01:16:19 GMT
x-amz-version-id: hjTFQAoU.KAgYbJR7bli92DUId80a05s
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b17826d683a2d96e59e274ca2b79697e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P6
age: 6224104
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 30
last-modified: Thu, 21 Sep 2023 18:21:34 GMT
server: istio-envoy
etag: W/"76d0343f1f9f445c80d5c68c2a35b6e0"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: rouVQF8byk67H4PAZDiC4eTU3uwPOvanGHS0RgJczVqgIQ7BOF5TsQ==

GET
H2 200 8.f7153452.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1E69 81 KB
26 KB 23ms
17ms Script
application/javascript 18.245.86.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/8.f7153452.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.95493482.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-77.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

cd0391921eb418d52f00e38cf417c33b074edeca8ba76ac7fdebc822d53c22c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1702260682086
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 18:15:53 GMT
x-amz-version-id: ZJl9D9EzNE1WdNgFlISbyPGas_oIckZK
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b17826d683a2d96e59e274ca2b79697e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P6
age: 978930
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 19
last-modified: Wed, 29 Nov 2023 17:11:56 GMT
server: istio-envoy
etag: W/"4b575e2d4a033261a7c29d23f642a4d2"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: DEc1dJM-QyL4k-bg73oRMKsVNvbokhdPr9tVnftydGTuJLgevlps8A==

GET
H2 200 16.22abfce0.chunk.css
js.driftt.com/core/assets/css/ Frame 1E69 24 B
696 B 13ms
8ms Stylesheet
text/css 18.245.86.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/16.22abfce0.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.95493482.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-77.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1702260682086
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 18:42:47 GMT
x-amz-version-id: L7ekVthaAMSAcl7y3LfpvLig..DjHOJ0
via: 1.1 b17826d683a2d96e59e274ca2b79697e.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA60-P6
age: 7975716
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 15
content-length: 24
last-modified: Thu, 07 Sep 2023 15:58:10 GMT
server: istio-envoy
etag: "0c5dad92482d9a7c7c253510f5082465"
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: kGc6euhEuJNul4SRU0yig1RIdXAeZ-j_NSvHE7jqcwdeIObS4evVMg==

GET
H2 200 16.736de600.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1E69 92 KB
24 KB 23ms
18ms Script
application/javascript 18.245.86.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/16.736de600.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.95493482.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-77.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

924c652cca204322241dab3654d097e3d856c31c4a32578264d17118d4d65f4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1702260682086
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 18:22:37 GMT
x-amz-version-id: AX6Q6j10nLqEa3DVQd1n8x.BepxtSjRO
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b17826d683a2d96e59e274ca2b79697e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P6
age: 287326
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 18
last-modified: Wed, 06 Dec 2023 19:18:00 GMT
server: istio-envoy
etag: W/"17f48416e74287db11e30b376ca530c3"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: fA5KZbsj0FmxZFWHofLmmRPA2gkitcuKHvYGLU1ash0jJ55dMX7CmA==

GET
H2 200 24.ca560a16.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1E69 51 KB
14 KB 24ms
19ms Script
application/javascript 18.245.86.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/24.ca560a16.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.95493482.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-77.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

85fd62d320b29db9aeb3e9e28df01c331228fbac48ecdacf1d12d11052995821

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1702260682086
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 18:22:37 GMT
x-amz-version-id: MxiiifjP7mIpciMKo.v.jmGgltwROWpK
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b17826d683a2d96e59e274ca2b79697e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P6
age: 287326
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 17
last-modified: Wed, 06 Dec 2023 19:18:00 GMT
server: istio-envoy
etag: W/"6b6a8f66a8cd65088ea8052336ee758b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: -POOZDK1Sbae5qfeNNfA_8ISVbjhA83E1T1zP-UyvLkMe2R1yRC0rw==

GET
H2 200 17.426ea1ef.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1E69 40 KB
13 KB 25ms
19ms Script
application/javascript 18.245.86.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/17.426ea1ef.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.95493482.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-77.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

dc125e9d86f939c87602ea8e5d855fc40b063b7d9558129a3b8f09b7cc7fe772

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1702260682086
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 18:22:37 GMT
x-amz-version-id: jTXzUyy.6LFpXzFAVpJ3er6CRcT1P8pq
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b17826d683a2d96e59e274ca2b79697e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P6
age: 287326
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 17
last-modified: Wed, 06 Dec 2023 19:18:00 GMT
server: istio-envoy
etag: W/"4b9e8442bb313b6195810a9a03e60773"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: OdPUgiAzV3oWAVd8aySXkZTTVkHhvm1c21tfjUQ8WMBhB9jhIanTRg==

GET
H2 200 0.0b2ebd4a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame F0F2 9 KB
3 KB 8ms
8ms Script
application/javascript 18.245.86.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/0.0b2ebd4a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.95493482.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-77.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

862bae5c822d87db86d0b893f474177ca1d9a51309354f12cc0ab85cd9bd9cf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=m5k7y7ds347b&eId=m5k7y7ds347b&region=US&forceShow=false&skipCampaigns=false&sessionId=3ec4e7b8-e9b5-461a-b049-2967fb88ba46&sessionStarted=1702260683.6&campaignRefreshToken=f563119f-1403-4b88-97fe-a8341eb03557&hideController=false&pageLoadStartTime=1702260682086&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.goaheadtours.com%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 01:16:20 GMT
x-amz-version-id: N.P1rsR6Ulh0hyhpF1x45w2GtJbK5a1j
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b17826d683a2d96e59e274ca2b79697e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P6
age: 6224103
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 17
last-modified: Fri, 29 Sep 2023 23:27:53 GMT
server: istio-envoy
etag: W/"c5efcdc9e465604f32cf24af10fd6c13"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: IY6NFEIhykrmyKOzdH_JMNVqvUYnzI9OpR4AKop8AcmB7-l23QvXKg==

GET
H2 200 27.01c2bea5.chunk.js Show response
js.driftt.com/core/assets/js/ Frame F0F2 35 KB
10 KB 9ms
8ms Script
application/javascript 18.245.86.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/27.01c2bea5.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.95493482.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-77.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

b13c9311dec3f49821d88065299e95cc1c4e6c26acc4b27b4ebdb380d40d8788

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=m5k7y7ds347b&eId=m5k7y7ds347b&region=US&forceShow=false&skipCampaigns=false&sessionId=3ec4e7b8-e9b5-461a-b049-2967fb88ba46&sessionStarted=1702260683.6&campaignRefreshToken=f563119f-1403-4b88-97fe-a8341eb03557&hideController=false&pageLoadStartTime=1702260682086&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.goaheadtours.com%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 23:54:28 GMT
x-amz-version-id: YMtskddlt_BynGDwl8_lx2.1Au5P.Zy_
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b17826d683a2d96e59e274ca2b79697e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P6
age: 7611415
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 40
last-modified: Wed, 13 Sep 2023 15:34:32 GMT
server: istio-envoy
etag: W/"04a233a42dcf8c50a83bfecea8ba552d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: zeCdywdlrxbsWJDZEaUF1fZLIyCvDjTaLxg5roGCiwr7VMUvyuA5PQ==

GET
H2 200 28.b5e8f5e1.chunk.css
js.driftt.com/core/assets/css/ Frame F0F2 8 KB
2 KB 7ms
6ms Stylesheet
text/css 18.245.86.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/28.b5e8f5e1.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.95493482.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-77.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

7849ba1748f8188749df28e9d59ca4e570a8495684353d8df4715fa70a81e787

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=m5k7y7ds347b&eId=m5k7y7ds347b&region=US&forceShow=false&skipCampaigns=false&sessionId=3ec4e7b8-e9b5-461a-b049-2967fb88ba46&sessionStarted=1702260683.6&campaignRefreshToken=f563119f-1403-4b88-97fe-a8341eb03557&hideController=false&pageLoadStartTime=1702260682086&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.goaheadtours.com%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 23:24:26 GMT
x-amz-version-id: dWp9miJXOVmUTXcain7mZ7aJqiAGjznQ
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b17826d683a2d96e59e274ca2b79697e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P6
age: 8390817
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 41
last-modified: Mon, 04 Sep 2023 22:45:58 GMT
server: istio-envoy
etag: W/"e7107bc29ccb3c6d928f0f8f10a0f22d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: tCublkpPiugPjvuwa69TOQF7I7AOTqG7IWNs4cWcS5P4Bom9kv3d8w==

GET
H2 200 28.354f8331.chunk.js Show response
js.driftt.com/core/assets/js/ Frame F0F2 14 KB
6 KB 9ms
9ms Script
application/javascript 18.245.86.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/28.354f8331.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.95493482.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-77.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

00a14d912fc855b36367d0a4b3ad5a7d0fa44a489e91a58c74182310851eb8b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=m5k7y7ds347b&eId=m5k7y7ds347b&region=US&forceShow=false&skipCampaigns=false&sessionId=3ec4e7b8-e9b5-461a-b049-2967fb88ba46&sessionStarted=1702260683.6&campaignRefreshToken=f563119f-1403-4b88-97fe-a8341eb03557&hideController=false&pageLoadStartTime=1702260682086&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.goaheadtours.com%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 18:15:54 GMT
x-amz-version-id: VIDuUgEsbJKTOCrdRsFerT2D3LYUczsZ
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b17826d683a2d96e59e274ca2b79697e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P6
age: 978929
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 19
last-modified: Wed, 29 Nov 2023 17:11:55 GMT
server: istio-envoy
etag: W/"4abc1b49a2a66da6e15239410e2e3c59"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: ex7Z1t4gSsTDfybsmf-BJcIMuUBJS75dcrk_ybeflQ9UuZpWdQarQQ==

GET
H2 200 25.c695453b.chunk.css
js.driftt.com/core/assets/css/ Frame F0F2 365 B
1 KB 7ms
7ms Stylesheet
text/css 18.245.86.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/25.c695453b.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.95493482.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-77.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

ec3a84e593065a50cd77ce9fba273b4196936940c0813ca248b045df2e2c8eff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=m5k7y7ds347b&eId=m5k7y7ds347b&region=US&forceShow=false&skipCampaigns=false&sessionId=3ec4e7b8-e9b5-461a-b049-2967fb88ba46&sessionStarted=1702260683.6&campaignRefreshToken=f563119f-1403-4b88-97fe-a8341eb03557&hideController=false&pageLoadStartTime=1702260682086&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.goaheadtours.com%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 06:06:36 GMT
x-amz-version-id: I8MJvRD6MTh126AnSPBNc7JG7IhkzIAO
via: 1.1 b17826d683a2d96e59e274ca2b79697e.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA60-P6
age: 7070686
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 64
content-length: 365
last-modified: Mon, 18 Sep 2023 19:58:03 GMT
server: istio-envoy
etag: "06b2963b029c0824382815165bfea73e"
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: ooyumGKE54d_okfU0YiafDVt5YPhlbb--Kb3dDRfySYTNgl7Uht25A==

GET
H2 200 25.c23e5ac7.chunk.js Show response
js.driftt.com/core/assets/js/ Frame F0F2 92 KB
25 KB 10ms
10ms Script
application/javascript 18.245.86.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/25.c23e5ac7.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.95493482.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-77.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

5e3e66d78bff095598c5bd4f5071d92f041ec6569cf14535f12ce2d29b569ca4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=m5k7y7ds347b&eId=m5k7y7ds347b&region=US&forceShow=false&skipCampaigns=false&sessionId=3ec4e7b8-e9b5-461a-b049-2967fb88ba46&sessionStarted=1702260683.6&campaignRefreshToken=f563119f-1403-4b88-97fe-a8341eb03557&hideController=false&pageLoadStartTime=1702260682086&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.goaheadtours.com%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 18:15:54 GMT
x-amz-version-id: 8iMVsATZi5uXpnERVvgtrXjrfdHlVO4Y
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b17826d683a2d96e59e274ca2b79697e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P6
age: 978929
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 86
last-modified: Wed, 29 Nov 2023 17:11:55 GMT
server: istio-envoy
etag: W/"35a1af11a6e48a892705448095db936a"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: gUWz719wm4Gom7ujHqsfYjPLQh5uTdyddy5wC1fyVeBmNe0_Sveu5A==

GET
H2 200 37.11d2b6a7.chunk.css
js.driftt.com/core/assets/css/ Frame 1E69 3 KB
1 KB 7ms
6ms Stylesheet
text/css 18.245.86.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/37.11d2b6a7.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.95493482.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-77.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

e40b6eae9d66c60b9c750da70da6b2bc5d35c2ae9689cc1e9547e300fac4a3ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1702260682086
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 01:16:20 GMT
x-amz-version-id: Hu5iSIFN36zIxSOSUYZtBnss99Os2EQi
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b17826d683a2d96e59e274ca2b79697e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P6
age: 6224103
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 71
last-modified: Thu, 21 Sep 2023 18:21:33 GMT
server: istio-envoy
etag: W/"87532c4db85f1429fa6d759bc3332f36"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: RZrlvroA9D0XF9wpY1dl8JmzgO0I_g90Xjuvw8UrgWNc1Dv8xGHyug==

GET
H2 200 37.298cbb69.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1E69 3 KB
2 KB 8ms
7ms Script
application/javascript 18.245.86.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/37.298cbb69.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.95493482.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-77.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

c640d911a58cc3ef31b1a3c2090fa753c948902033b9917ab5daef4fbb33b5d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1702260682086
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 00:14:58 GMT
x-amz-version-id: PUAI0__GdQuv9OUrb9AbmioJKXyFo.FH
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b17826d683a2d96e59e274ca2b79697e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P6
age: 7005385
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 102
last-modified: Fri, 15 Sep 2023 20:51:07 GMT
server: istio-envoy
etag: W/"86b289eeb2bf9d30034f30d9794e8041"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: c0lMDQ64vvlqwiGfeTtKTgQxBAOEzES-irPsR_TFiNWGstDz8mRu0w==

GET
H2 200 0.0b2ebd4a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1E69 9 KB
3 KB 8ms
7ms Script
application/javascript 18.245.86.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/0.0b2ebd4a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.95493482.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-77.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

862bae5c822d87db86d0b893f474177ca1d9a51309354f12cc0ab85cd9bd9cf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1702260682086
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 01:16:20 GMT
x-amz-version-id: N.P1rsR6Ulh0hyhpF1x45w2GtJbK5a1j
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b17826d683a2d96e59e274ca2b79697e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P6
age: 6224103
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 17
last-modified: Fri, 29 Sep 2023 23:27:53 GMT
server: istio-envoy
etag: W/"c5efcdc9e465604f32cf24af10fd6c13"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: uMBx-ciOH2HMe195T1D757E3YsKNxZSwgiMrwkdNTIhSwCpIdxg2ew==

GET
H2 200 3.07aa08a5.chunk.css
js.driftt.com/core/assets/css/ Frame 1E69 7 KB
2 KB 7ms
6ms Stylesheet
text/css 18.245.86.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/3.07aa08a5.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.95493482.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-77.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

dd09e3ba26066abe27c4dad57c8e0c8a63fe23a0bc87e63bcab94f25e9096459

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1702260682086
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 17:53:21 GMT
x-amz-version-id: Ov831I2a5yEZEgVNkzjL3jR4iYT4qeoU
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b17826d683a2d96e59e274ca2b79697e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P6
age: 11866682
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 40
last-modified: Wed, 26 Jul 2023 13:12:09 GMT
server: istio-envoy
etag: W/"189aeffd571884559dababa22c66d75a"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: ZSz1jwVrkNzgMJb4TstMKqhSFslyIQDskAoAPfJ4reDf19s5fe0MaA==

GET
H2 200 3.f50b964b.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1E69 54 KB
15 KB 9ms
8ms Script
application/javascript 18.245.86.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/3.f50b964b.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.95493482.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-77.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

d14e287ddae470b06c4639e73260ca21a4c9b7cfdf56e02965a8f50fb5333b42

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1702260682086
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 08:26:55 GMT
x-amz-version-id: Kynz7_sRLMeatVgI4HEORmIIXnKig1_t
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b17826d683a2d96e59e274ca2b79697e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P6
age: 7062268
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 37
last-modified: Mon, 18 Sep 2023 19:58:05 GMT
server: istio-envoy
etag: W/"1ac37bf2b93050f29058b66a9ad43e10"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: mHgrmgZVJsnrIKEMKUrweqYBzzruXEVB7txYKEg2lWYtq7OQ99NTkg==

GET
H2 200 1.12ba17b6.chunk.css
js.driftt.com/core/assets/css/ Frame 1E69 44 KB
7 KB 8ms
7ms Stylesheet
text/css 18.245.86.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/1.12ba17b6.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.95493482.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-77.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

58fdb03fac3e89e51525a5a45eb777395d1b499bf4483e96201b6becddbe516f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1702260682086
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 11:27:15 GMT
x-amz-version-id: eSNvdp0yfhg_hVHGVV1T0Cg9aS8M1FwM
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b17826d683a2d96e59e274ca2b79697e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P6
age: 10853048
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 20
last-modified: Fri, 28 Jul 2023 18:55:08 GMT
server: istio-envoy
etag: W/"3b8ba82e1bac13ee29e9764a55620d99"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: LiSsSm68g32G2NmsKX7F7WmXyFQUC2oekfA3z6-z6VCKVU8vVzXIMQ==

GET
H2 200 1.d3d44d51.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1E69 54 KB
18 KB 9ms
9ms Script
application/javascript 18.245.86.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/1.d3d44d51.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.95493482.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-77.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

60409946ec37f5d25bf3516bd3fbc347358e60feaf168a3d578b323cb750860b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1702260682086
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 18:15:54 GMT
x-amz-version-id: D.N99_2D91oITyRWme243GD804X_1eUw
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b17826d683a2d96e59e274ca2b79697e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P6
age: 978929
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 27
last-modified: Wed, 29 Nov 2023 17:11:54 GMT
server: istio-envoy
etag: W/"8dec138e62d799d028f8c7ed0cc19058"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Ybpl4BokhK9mFlV5MkZDIQor75-VUafQOAVcjMeg0-QGwPDe49N6hg==

GET
H2 200 4.9d776499.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1E69 23 KB
10 KB 10ms
10ms Script
application/javascript 18.245.86.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/4.9d776499.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.95493482.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-77.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

622373f59cdda9ea36f307c5f7bef0cfd8e140018c995b6394468a26ef499dec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1702260682086
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 18:55:58 GMT
x-amz-version-id: uGJ36CDXFf5jc7zFgfXUohqg1i8mPHWM
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b17826d683a2d96e59e274ca2b79697e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P6
age: 11949325
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 17
last-modified: Tue, 25 Jul 2023 18:08:15 GMT
server: istio-envoy
etag: W/"cc02ad980b6b04f3bba61e68883356d4"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 1NweCUL7Z0bU_yTsCcLk6lLyc0vl5PmjaWKAc1ejDk2BWCYOh1R19w==

GET
H2 200 34.d13ab69b.chunk.css
js.driftt.com/core/assets/css/ Frame 1E69 16 KB
3 KB 10ms
9ms Stylesheet
text/css 18.245.86.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/34.d13ab69b.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.95493482.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-77.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

7c8b113cce07a87ca4cb9dc4f1c55d701efd44834430e1939c27b2e5e1c12ac1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1702260682086
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 17:04:21 GMT
x-amz-version-id: pFWMvJB2j2wrLwpXYClAbSTx9Ncr0bnJ
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b17826d683a2d96e59e274ca2b79697e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P6
age: 3229622
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 19
last-modified: Fri, 03 Nov 2023 16:05:55 GMT
server: istio-envoy
etag: W/"cd2168c34ad30fc16e40bb8888419c0b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: oSuAfabX4Vr86NHqTpnZ6HzXhLE67FVIK2YP3PCzne8ad-HjeJOaEw==

GET
H2 200 34.c43db91b.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1E69 13 KB
5 KB 11ms
11ms Script
application/javascript 18.245.86.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/34.c43db91b.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.95493482.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-77.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

da4a39f6208e897443b5bda6ef5014e8e2c9477beac582ea7e17b2c61391c9f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1702260682086
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 18:15:54 GMT
x-amz-version-id: zobHdt587F47ddPn6EqtWA5N1wPoElTv
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b17826d683a2d96e59e274ca2b79697e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P6
age: 978929
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 22
last-modified: Wed, 29 Nov 2023 17:11:55 GMT
server: istio-envoy
etag: W/"38156cd1b538ae036f57b23fcbe9ca1f"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Ph2NwqD9SbngR-0l_f945w9_zCCZjLj31vw4l0WfKVF9SNmQbW0rIA==

POST
H2 200 v2 Show response
bootstrap.api.drift.com/widget_bootstrap/ping/ Frame F0F2 208 B
648 B 400ms
96ms XHR
application/json 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://bootstrap.api.drift.com/widget_bootstrap/ping/v2

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/51.558be3c5.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

77a3faaed9865d18c1b382095e7bdacf0f024d0c96a5f3abcb4598b65cab3f3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 11 Dec 2023 02:11:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: istio-envoy
requestid: e11898d000858f03
access-control-max-age: 1209600
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
vary: Accept-Encoding
access-control-allow-credentials: true
x-envoy-upstream-service-time: 2
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 208

GET
H/1.1 200
OK gs Show response
gs.mountain.com/ 144 B
733 B 759ms
182ms Script
application/javascript 52.12.117.226
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gs.mountain.com/gs
Requested by: Host: www.goaheadtours.com
URL: https://www.goaheadtours.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.12.117.226 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-12-117-226.us-west-2.compute.amazonaws.com
Software: istio-envoy /
Resource Hash: 1c5bab09bcd60636e11f4f3fb95ad568e57a83b96a8e8d8838db7d2dcc65cd07

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.goaheadtours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 02:11:24 GMT
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: istio-envoy
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
p3p: CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
cache-control: public, max-age=31536000
x-envoy-upstream-service-time: 1
connection: close
access-control-allow-headers: Accept, Content-Type, x-requested-with, X-Custom-Header
content-length: 144
x-application-context: application:prod:8080

POST
H2 200 v3 Show response
metrics.api.drift.com/monitoring/metrics/widget/init/ Frame F0F2 25 B
88 B 135ms
105ms XHR
application/json 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/widget/init/v3

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/51.558be3c5.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 11 Dec 2023 02:11:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: istio-envoy
requestid: 7e00aff1d9e737a
access-control-max-age: 1209600
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
vary: Accept-Encoding
access-control-allow-credentials: true
x-envoy-upstream-service-time: 12
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 25

POST
H2 200 widget_bootstrap Show response
bootstrap.api.drift.com/ Frame F0F2 25 KB
7 KB 299ms
299ms XHR
application/json 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://bootstrap.api.drift.com/widget_bootstrap

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/51.558be3c5.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

7140dce1c597fa79f8d66b2e909735a8bd78989978f2c2b782355d9efd417f55

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 11 Dec 2023 02:11:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
server: istio-envoy
requestid: a778ccda78c1c92c
access-control-max-age: 1209600
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
vary: Accept-Encoding
access-control-allow-credentials: true
x-envoy-upstream-service-time: 207
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version

GET
H/1.1 200
OK st Show response
px.mountain.com/ 2 KB
1 KB 563ms
200ms Script
application/javascript 34.210.219.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://px.mountain.com/st?ga_tracking_id=UA-321712-14&ga_client_id=1895333414.1702260683&shpt=Guided%20Tours%20%26%20Group%20Travel%20Tours%20%7C%20EF%20Go%20Ahead%20Tours&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22UA-321712-14%22%2C%22ga_client_id%22%3A%221895333414.1702260683%22%2C%22shpt%22%3A%22Guided%20Tours%20%26%20Group%20Travel%20Tours%20%7C%20EF%20Go%20Ahead%20Tours%22%2C%22dcm_cid%22%3A%221702260682.1%22%2C%22dcm_gid%22%3A%22482350610.1702260683%22%2C%22mntnis%22%3A%22zyeTr7c7%2Bzr9YY5vv%2FPV2k50QF9tZjiH%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A4%2C%22getClientIdByCookie%22%3A%22OK%22%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%7D%7D&dcm_cid=1702260682.1&dcm_gid=482350610.1702260683&available_ga=%5B%7B%22id%22%3A%22UA-321712-14%22%2C%22sess_id%22%3Anull%7D%5D&hardcoded_ga=&dxver=4.0.0&shaid=33640&plh=https%3A%2F%2Fwww.goaheadtours.com%2F&shpp=1&shpc=&shadditional=criteo%3Dtrue&cb=1702260683951374&shguid=88da41ca-e4cd-3a3f-90b5-524e94f859a6&shgts=1702260684714
Requested by: Host: www.goaheadtours.com
URL: https://www.goaheadtours.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.210.219.79 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-210-219-79.us-west-2.compute.amazonaws.com
Software: istio-envoy /
Resource Hash: 422b962aff597c5aca5f9c3aa114fcea7f3fda6abcad9584510b36b3eecd0f09

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.goaheadtours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 02:11:25 GMT
content-encoding: gzip
server: istio-envoy
transfer-encoding: chunked
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
p3p: CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
x-envoy-upstream-service-time: 16
connection: close

POST
H2 200 track Show response
event.api.drift.com/ Frame F0F2 584 B
643 B 93ms
93ms XHR
application/json 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://event.api.drift.com/track

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/51.558be3c5.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

90debd01246f03d32e23d23e406e0e26977718ea29dc1b008f7cc4ddb0d0c01e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
accept-language: de-DE,de;q=0.9
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJzdWIiOiIyMDM2MjUwODYwMyIsImNsaWVudElkIjoiZjZ6dWl6ZHloeHJtN3IiLCJ1c2VySWRUeXBlIjoiTEVBRCIsInNjb3BlIjoibGVhZCIsImlzcyI6IjEwOTQ2MTQiLCJleHAiOjE3MzM4ODMwODQsImlhdCI6MTcwMjI2MDY4NH0.GL8Pjy5imJaCk7mb1jsJKVbB0C5goMIBnk36mpGffPJiRFfYqgUlcek1BIZ9-JDIaQWbRGxR_nMjQh4yiBv1JA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 11 Dec 2023 02:11:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: istio-envoy
requestid: 847c18cf23381cab
access-control-max-age: 1209600
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 584

OPTIONS
H2 200 track
event.api.drift.com/ Frame 0
0 98ms
93ms Preflight
text/plain 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://event.api.drift.com/track

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://js.driftt.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-max-age: 1209600
allow: POST,OPTIONS
content-length: 13
content-type: text/plain
date: Mon, 11 Dec 2023 02:11:25 GMT
requestid: drift1adac4644b4b287fb2169728694
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 1

POST
H2 200 evaluate_with_log Show response
targeting.api.drift.com/targeting/ Frame F0F2 2 KB
530 B 95ms
94ms XHR
application/json 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://targeting.api.drift.com/targeting/evaluate_with_log

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/51.558be3c5.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

cb0ad1fa1d6796f35b15546b32c1ab962180c701f0e936b2b3efad317294e8ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
accept-language: de-DE,de;q=0.9
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJzdWIiOiIyMDM2MjUwODYwMyIsImNsaWVudElkIjoiZjZ6dWl6ZHloeHJtN3IiLCJ1c2VySWRUeXBlIjoiTEVBRCIsInNjb3BlIjoibGVhZCIsImlzcyI6IjEwOTQ2MTQiLCJleHAiOjE3MzM4ODMwODQsImlhdCI6MTcwMjI2MDY4NH0.GL8Pjy5imJaCk7mb1jsJKVbB0C5goMIBnk36mpGffPJiRFfYqgUlcek1BIZ9-JDIaQWbRGxR_nMjQh4yiBv1JA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 11 Dec 2023 02:11:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
server: istio-envoy
requestid: 9164e9db460561f
access-control-max-age: 1209600
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
vary: Accept-Encoding
access-control-allow-credentials: true
x-envoy-upstream-service-time: 2
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 470

OPTIONS
H2 200 evaluate_with_log
targeting.api.drift.com/targeting/ Frame 0
0 101ms
93ms Preflight
text/plain 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://targeting.api.drift.com/targeting/evaluate_with_log

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://js.driftt.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-max-age: 1209600
allow: POST,OPTIONS
content-length: 13
content-type: text/plain
date: Mon, 11 Dec 2023 02:11:25 GMT
requestid: driftf4afab448278df534966276e0e4
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 1

OPTIONS
H2 200 render_initial_v3
flow.api.drift.com/flows/ Frame 0
0 121ms
92ms Preflight
text/plain 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://flow.api.drift.com/flows/render_initial_v3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://js.driftt.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-max-age: 1209600
allow: POST,OPTIONS
content-length: 13
content-type: text/plain
date: Mon, 11 Dec 2023 02:11:25 GMT
requestid: driftd9cd53446c580d7422d5db4382a
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 0

POST
H2 200 render_initial_v3 Show response
flow.api.drift.com/flows/ Frame F0F2 3 KB
2 KB 119ms
119ms XHR
application/json 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://flow.api.drift.com/flows/render_initial_v3

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/51.558be3c5.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

462575145e71017a50c22e3e0fd3b0c6929d423552b9e49778eef901ea29be2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
accept-language: de-DE,de;q=0.9
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJzdWIiOiIyMDM2MjUwODYwMyIsImNsaWVudElkIjoiZjZ6dWl6ZHloeHJtN3IiLCJ1c2VySWRUeXBlIjoiTEVBRCIsInNjb3BlIjoibGVhZCIsImlzcyI6IjEwOTQ2MTQiLCJleHAiOjE3MzM4ODMwODQsImlhdCI6MTcwMjI2MDY4NH0.GL8Pjy5imJaCk7mb1jsJKVbB0C5goMIBnk36mpGffPJiRFfYqgUlcek1BIZ9-JDIaQWbRGxR_nMjQh4yiBv1JA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 11 Dec 2023 02:11:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
server: istio-envoy
requestid: 97d18a3b7d2a7e63
access-control-max-age: 1209600
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
vary: Accept-Encoding
access-control-allow-credentials: true
x-envoy-upstream-service-time: 27
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 1987

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 6ms
6ms Image
image/gif 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=507994896&t=event&ni=1&_s=2&dl=https%3A%2F%2Fwww.goaheadtours.com%2F&ul=en-us&de=UTF-8&dt=Guided%20Tours%20%26%20Group%20Travel%20Tours%20%7C%20EF%20Go%20Ahead%20Tours&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Drift%20Widget&ea=Playbook%20Fired&el=Playbook%20ID%3A%202622705&_u=aHDAiEALBAAAAGAMK~&jid=&gjid=&cid=1895333414.1702260683&tid=UA-321712-14&_gid=482350610.1702260683&gtm=45He3bt0n81NDTHZ2Gv811745238&cd8=1702260682283.b5qeaaq&cd10=0&cd13=https%3A%2F%2Fwww.goaheadtours.com%2F&cd18=https%3A%2F%2Fwww.goaheadtours.com%2F&cd20=%20%20&cd22=goaheadtours.com&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cd2=1895333414.1702260683&z=1817748570

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.goaheadtours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 23:04:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 11245
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 57.28dde8ce.chunk.js Show response
js.driftt.com/core/assets/js/ Frame F0F2 19 KB
7 KB 7ms
7ms Script
application/javascript 18.245.86.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/57.28dde8ce.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.95493482.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-77.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

594d3ade307f6f48a5ef5143228b9da7c4e78589177ac70e91d31fe75ea83d60

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=m5k7y7ds347b&eId=m5k7y7ds347b&region=US&forceShow=false&skipCampaigns=false&sessionId=3ec4e7b8-e9b5-461a-b049-2967fb88ba46&sessionStarted=1702260683.6&campaignRefreshToken=f563119f-1403-4b88-97fe-a8341eb03557&hideController=false&pageLoadStartTime=1702260682086&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.goaheadtours.com%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 00:15:01 GMT
x-amz-version-id: NgwNgUBll2U9FZo8u3lk6X1MiWsF.fFq
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b17826d683a2d96e59e274ca2b79697e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P6
age: 7005384
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 22
last-modified: Mon, 18 Sep 2023 19:58:06 GMT
server: istio-envoy
etag: W/"3c4cd13822c0069a68e9f9c8240f5ba9"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 3UfOvGJ9WvJjIY5-l44gWG6_Mhcfqmm_i3CSTe9N5slc1tmFgWvTPQ==

OPTIONS
H2 200 widget
targeting.api.drift.com/impressions/ Frame 0
0 94ms
94ms Preflight
text/plain 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://targeting.api.drift.com/impressions/widget

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://js.driftt.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-max-age: 1209600
allow: POST,OPTIONS
content-length: 13
content-type: text/plain
date: Mon, 11 Dec 2023 02:11:25 GMT
requestid: drift4611f0e41bb86f3891e1cc7583c
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 2

POST
H2 204 widget Show response
targeting.api.drift.com/impressions/ Frame F0F2 0
36 B 102ms
101ms XHR
text/plain 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://targeting.api.drift.com/impressions/widget

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/51.558be3c5.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
accept-language: de-DE,de;q=0.9
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJzdWIiOiIyMDM2MjUwODYwMyIsImNsaWVudElkIjoiZjZ6dWl6ZHloeHJtN3IiLCJ1c2VySWRUeXBlIjoiTEVBRCIsInNjb3BlIjoibGVhZCIsImlzcyI6IjEwOTQ2MTQiLCJleHAiOjE3MzM4ODMwODQsImlhdCI6MTcwMjI2MDY4NH0.GL8Pjy5imJaCk7mb1jsJKVbB0C5goMIBnk36mpGffPJiRFfYqgUlcek1BIZ9-JDIaQWbRGxR_nMjQh4yiBv1JA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 11 Dec 2023 02:11:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: istio-envoy
requestid: 9efeef2f41eeeab
access-control-max-age: 1209600
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-credentials: true
x-envoy-upstream-service-time: 9
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version

OPTIONS
H2 200 identify
event.api.drift.com/ Frame 0
0 93ms
93ms Preflight
text/plain 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://event.api.drift.com/identify

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://js.driftt.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-max-age: 1209600
allow: POST,OPTIONS
content-length: 13
content-type: text/plain
date: Mon, 11 Dec 2023 02:11:25 GMT
requestid: drifte403db34d97a08b8f254ad2125b
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 0

POST
H2 200 identify Show response
event.api.drift.com/ Frame F0F2 817 B
881 B 219ms
219ms XHR
application/json 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://event.api.drift.com/identify

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/51.558be3c5.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

7fbb21e73a91b81288b5ccb93c6c57a51895add5490967eb850ba8b808f3e35a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 11 Dec 2023 02:11:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: istio-envoy
requestid: e6385a9e28d7a8b3
access-control-max-age: 1209600
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-credentials: true
x-envoy-upstream-service-time: 126
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 817

GET
H2 200 57.28dde8ce.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1E69 19 KB
7 KB 6ms
6ms Script
application/javascript 18.245.86.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/57.28dde8ce.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.95493482.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-77.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

594d3ade307f6f48a5ef5143228b9da7c4e78589177ac70e91d31fe75ea83d60

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1702260682086
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 00:15:01 GMT
x-amz-version-id: NgwNgUBll2U9FZo8u3lk6X1MiWsF.fFq
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b17826d683a2d96e59e274ca2b79697e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P6
age: 7005384
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 22
last-modified: Mon, 18 Sep 2023 19:58:06 GMT
server: istio-envoy
etag: W/"3c4cd13822c0069a68e9f9c8240f5ba9"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 3GLMbqd-LL8PbYC2EkmjmoIGNdRhqBvn9kvsjniP33XHJjrBfVoh8A==

GET
H2 200 https%3A%2F%2Fdriftt.imgix.net%2Fhttps%253A%252F%252Fs3.us-east-1.amazonaws.com%252Fcustomer-api-avatars-prod%252F1306177%252Fc19782a8a6b4ea7a1d099ac9709f0bc8reazvg5s446w%3Ffit%3Dmax%26fm%3Dpng%26h...
driftt.imgix.net/ Frame F0F2 5 KB
6 KB 35ms
7ms Image
image/png 2a04:4e42:8d::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://driftt.imgix.net/https%3A%2F%2Fdriftt.imgix.net%2Fhttps%253A%252F%252Fs3.us-east-1.amazonaws.com%252Fcustomer-api-avatars-prod%252F1306177%252Fc19782a8a6b4ea7a1d099ac9709f0bc8reazvg5s446w%3Ffit%3Dmax%26fm%3Dpng%26h%3D200%26w%3D200%26s%3D67d1618880bc4a39a7f6c941e7e3e633?fit=max&fm=png&h=200&w=200&s=018ffbbdc549ab1e884141306e8bd2e2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:8d::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

54ec46e9035982bb8c1363e2abdf4a6e5b1942bd11b939d67f7ea2a69925909c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 02:11:25 GMT
x-content-type-options: nosniff
age: 1912025
x-cache: HIT, HIT
x-imgix-id: 2daccaad69711a8c1e3ef696a7ea6515a456b960
cross-origin-resource-policy: cross-origin
content-length: 5574
x-served-by: cache-sjc10046-SJC, cache-fra-eddf8230028-FRA
x-imgix-render-farm: 01.140328
last-modified: Sat, 18 Nov 2023 23:04:20 GMT
server: imgix
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-mu0SC55I.woff2
js.driftt.com/deploy/assets/static/fonts/ Frame 1E69 38 KB
39 KB 7ms
7ms Font
font/woff2 18.245.86.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/deploy/assets/static/fonts/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-mu0SC55I.woff2

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/css/8.7602338c.chunk.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-77.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

fbeb296c1ecc216a17bda77bf65e833cc0410cfbe1908e121f7a4549cc390675

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/assets/css/8.7602338c.chunk.css
Origin: https://js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 09:00:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b17826d683a2d96e59e274ca2b79697e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P6
age: 12676247
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 40
content-length: 39372
last-modified: Fri, 03 Mar 2023 16:21:38 GMT
server: istio-envoy
etag: "40b6965b5cd26213faf61e5ab6765bb9"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/font-woff2,font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: apCZ3rQq3l_DbksVai033VVlnARYVPSyyNy-UGoN3bXncMN4dawm5Q==

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-mu0SC55I.woff2
js.driftt.com/deploy/assets/static/fonts/ Frame F0F2 38 KB
39 KB 7ms
7ms Font
font/woff2 18.245.86.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/deploy/assets/static/fonts/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-mu0SC55I.woff2

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/css/8.7602338c.chunk.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-77.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

fbeb296c1ecc216a17bda77bf65e833cc0410cfbe1908e121f7a4549cc390675

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/assets/css/8.7602338c.chunk.css
Origin: https://js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 09:00:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b17826d683a2d96e59e274ca2b79697e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P6
age: 12676247
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 40
content-length: 39372
last-modified: Fri, 03 Mar 2023 16:21:38 GMT
server: istio-envoy
etag: "40b6965b5cd26213faf61e5ab6765bb9"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/font-woff2,font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: bQF-NETAw2fmgRPsOZVF_InkcbMvDwSDAdci_wNDuqSo7XWUc1xvWg==

POST
H2 200 bulk Show response
metrics.api.drift.com/monitoring/metrics/event3/ Frame F0F2 25 B
112 B 106ms
106ms XHR
application/json 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/event3/bulk

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/51.558be3c5.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 11 Dec 2023 02:11:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: istio-envoy
requestid: 518842f281a6a506
access-control-max-age: 1209600
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
vary: Accept-Encoding
access-control-allow-credentials: true
x-envoy-upstream-service-time: 14
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 25

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 14ms
14ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-LQM236SHEC&gtm=45je3bt0v888938065&_p=1702260682102&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1895333414.1702260683&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=gA&sid=1702260682&sct=1&seg=0&dl=https%3A%2F%2Fwww.goaheadtours.com%2F&dt=Guided%20Tours%20%26%20Group%20Travel%20Tours%20%7C%20EF%20Go%20Ahead%20Tours&_s=4&tfd=5637
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LQM236SHEC&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.goaheadtours.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 02:11:27 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.goaheadtours.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 be2b6a49b1d092a39d0070b934b31632-optin.json Show response
a.omappapi.com/app/campaign-views/71243615b528/vrjql4bayfklnoolz9lw/ 34 KB
7 KB 7ms
7ms XHR
application/json 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/campaign-views/71243615b528/vrjql4bayfklnoolz9lw/be2b6a49b1d092a39d0070b934b31632-optin.json
Requested by: Host: a.opmnstr.com
URL: https://a.opmnstr.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1081 /
Resource Hash: 91ba6f36218564da5a9cc2c86d69423641d45328afabe3c756b5508d02c02592

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.goaheadtours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 02:11:27 GMT
content-encoding: br
cdn-edgestorageid: 1082
perma-cache: HIT
cdn-storageserver: DE-677
cdn-cachedat: 12/08/2023 16:08:30
cdn-pullzone: 293267
last-modified: Fri, 01 Dec 2023 18:56:00 GMT
server: BunnyCDN-DE1-1081
cdn-fileserver: 709
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"656a2c40-88ee"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: c4dc140a7d81aa06abb51f307589a385
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H/1.1 204
No Content i Show response
z.omappapi.com/v3/ 0
250 B 102ms
102ms XHR
text/plain 178.128.135.232
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://z.omappapi.com/v3/i?aid=50504&cid=vrjql4bayfklnoolz9lw&sid=5b97dc7db8a90&rt=false&dv=desktop&cty=popup&url=&v=5
Requested by: Host: a.opmnstr.com
URL: https://a.opmnstr.com/app/js/api.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 178.128.135.232 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: kong/3.4.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.goaheadtours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.goaheadtours.com
Date: Mon, 11 Dec 2023 02:11:28 GMT
Access-Control-Allow-Credentials: true
X-Kong-Response-Latency: 17
Server: kong/3.4.2
Connection: keep-alive
vary: Origin

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
6ms Image
image/gif 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=507994896&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.goaheadtours.com%2F&ul=en-us&de=UTF-8&dt=Guided%20Tours%20%26%20Group%20Travel%20Tours%20%7C%20EF%20Go%20Ahead%20Tours&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=lead%20form&ea=view&el=organic-flex&_u=aHDAiEALBAAAAGAMK~&jid=&gjid=&cid=1895333414.1702260683&tid=UA-321712-14&_gid=482350610.1702260683&gtm=45He3bt0n81NDTHZ2Gv811745238&cd8=1702260688040.c0pydeh&cd10=0&cd13=https%3A%2F%2Fwww.goaheadtours.com%2F&cd18=https%3A%2F%2Fwww.goaheadtours.com%2F&cd20=%20%20&cd22=goaheadtours.com&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cd2=1895333414.1702260683&il1nm=slider_&il1pi1id=GIT&il1pi1nm=A%20Week%20in%20Greece%3A%20Athens%2C%20Mykonos%20%26%20Santorini&il1pi1pr=3179&il1pi1ps=0&il1pi1ca=GIT&il1pi2id=VFS&il1pi2nm=A%20Week%20in%20Italy%3A%20Venice%2C%20Florence%20%26%20Rome&il1pi2pr=2749&il1pi2ps=1&il1pi2ca=VFS&il1pi3id=TGI&il1pi3nm=The%20Greek%20Islands%3A%20Mykonos%2C%20Santorini%20%26%20Crete&il1pi3pr=4019&il1pi3ps=2&il1pi3ca=TGI&il1pi4id=LPR&il1pi4nm=London%2C%20Paris%20%26%20Rome&il1pi4pr=3199&il1pi4ps=3&il1pi4ca=LPR&il1pi5id=BES&il1pi5nm=Highlights%20of%20England%2C%20Scotland%20%26%20Ireland&il1pi5pr=3399&il1pi5ps=4&il1pi5ca=BES&il1pi6id=CRP&il1pi6nm=Costa%20Rica%3A%20Rainforests%2C%20Volcanoes%20%26%20Wildlife&il1pi6pr=3279&il1pi6ps=5&il1pi6ca=CRP&z=1487508936

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.goaheadtours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 23:04:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 11248
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

184 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

50 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.goaheadtours.com/	1970-01-20 16:51:02	Name: __cf_bm Value: X813_CPPHBJBdk3sHzx5aItLK90srMgFBz2LK.ZTVK8-1702260682-0-ATyHSi94xrviL4VMbos95/MJCyO67tv9ZJ4nvJSEsLa3jR6OLlzGdJpYLn82vfC/85fE8bxTgKk5qcTdklwCjIY=
.goaheadtours.com/	1969-12-31 23:59:59	Name: _cfuvid Value: 0bYYA889JW0s7yPsDTeqBcLJGfXJv386Q7kORjCFXlA-1702260682072-0-604800000
.goaheadtours.com/	1970-01-20 19:00:36	Name: _gcl_au Value: 1.1.1476295756.1702260682
.doubleclick.net/	1970-01-21 02:12:36	Name: IDE Value: AHWqTUlyDsQ93vW4rhIY2BKK44SldkC1ASiABDzfUyUWqM9QRd_gua6zO8BzHwd6
www.goaheadtours.com/	1970-01-21 02:27:00	Name: _omappvp Value: bUGtqkvytgBnAkrEcA1FNYRdAwu0a3KHL5h6HgklCzyxHLKsxIue88LrCJ0w0STZ0WfdRO0QSjHPCK15gUXqFSnQCx2m0IFF
www.goaheadtours.com/	1970-01-20 16:51:01	Name: _omappvs Value: 1702260682391
.tiktok.com/	1970-01-21 02:12:36	Name: _ttp Value: 2ZNRjB6L6J5RQNjE7eHYO7Y4Ecc
.goaheadtours.com/	1970-01-20 16:52:27	Name: _gid Value: GA1.2.482350610.1702260683
.goaheadtours.com/	1970-01-20 16:51:00	Name: _dc_gtm_UA-321712-14 Value: 1
www.goaheadtours.com/	1970-01-20 21:10:12	Name: _ALGOLIA Value: anonymous-de955769-255e-4a16-8641-a1d055cb8ddd
.goaheadtours.com/	1970-01-20 16:52:27	Name: _uetsid Value: 94861f9097ca11ee87035fff05ee259b
.goaheadtours.com/	1970-01-21 02:12:36	Name: _uetvid Value: 948614e097ca11ee9d64cfb6759cc74a
.goaheadtours.com/	1970-01-20 21:10:12	Name: optimizelyEndUserId Value: oeu1702260682634r0.6940453644447477
.bing.com/	1970-01-21 02:12:36	Name: MUID Value: 214757BDA83F6CA53C4D4459A9B46DBA
.criteo.com/	1970-01-21 02:12:36	Name: receive-cookie-deprecation Value: 1
.criteo.com/	1970-01-21 02:12:36	Name: uid Value: e845c9c2-1603-4711-85b2-4858198d39ad
.goaheadtours.com/	1970-01-21 02:27:00	Name: _ga_LQM236SHEC Value: GS1.1.1702260682.1.0.1702260682.60.0.0
.goaheadtours.com/	1970-01-21 02:27:00	Name: _ga Value: GA1.2.1895333414.1702260683
.goaheadtours.com/	1970-01-21 02:12:36	Name: _tt_enable_cookie Value: 1
.goaheadtours.com/	1970-01-21 02:12:36	Name: _ttp Value: -sczGmSRjNe3pKLj4OAvsr40-4u
.goaheadtours.com/	1970-01-21 02:27:00	Name: invoca_session Value: %7B%22ttl%22%3A%222024-01-10T02%3A11%3A22.734Z%22%2C%22session%22%3A%7B%7D%2C%22config%22%3A%7B%22campaignIdOverrideParam%22%3Anull%2C%22campaignIdOverrideValue%22%3Anull%2C%22requirementsNeeded%22%3Atrue%2C%22cookieName%22%3A%22invoca_session%22%7D%7D
.goaheadtours.com/	1970-01-21 02:20:24	Name: cto_bundle Value: j_Ooz19maHpCWDZtOU50RzUlMkYlMkZ1bTFRNHdmU0x3R243aXY3dkZLYUgzSWZ1OWxNSWozam1pMFB1MllIOUpHRm9vZ0pBSkJHSjZQQThmdWVyZVJpYyUyRlp0N1F6MDFCT0lmUGhjUjB5QiUyRmJZZ0s3YXQ3dzRhb3BQWFl3R3lTd3lmazlYSGl2V3kwSmtQUyUyQnBZbFZpR2xVZ2VyY0lweG9xYnJBSjlQNUFoc3BuRVhJJTJCQkUlM0Q
www.goaheadtours.com/	1970-01-21 02:27:00	Name: _tq_id.TV-6390362718-1.5a92 Value: 10b20c0a935f7602.1702260683.0.1702260683..
.goaheadtours.com/	1970-01-20 19:00:36	Name: _fbp Value: fb.1.1702260682759.1159458134
.adnxs.com/	1970-01-20 19:00:36	Name: uuid2 Value: 6214389574145634159
.media.net/	1970-01-21 01:36:36	Name: visitor-id Value: 3452622839171877000V10
.media.net/	1970-01-20 17:34:12	Name: data-c-ts Value: 1702260683
.media.net/	1970-01-20 17:34:12	Name: data-c Value: k-csjOmAXrZvJXwT5Qjfzual_OtauLrl6-VnDhDA~~3
.adnxs.com/	1970-01-20 19:00:36	Name: anj Value: dTM7k!M4/rCxrEQF']wIg2C$Sx8w[3!]tbPl@/D!9hy6]/CwgS7$/9l7NJ:gYbHQe()1z]kA670k5Xe_.+ZWkzYy:dWD_a>zQ!IW$g6kbpRzqF1`bcF#+uNCd
.casalemedia.com/	1970-01-21 01:36:36	Name: CMID Value: ZXZvywQcfleefHjqsrF-PAAA
.casalemedia.com/	1970-01-20 19:00:36	Name: CMPS Value: 5295
.casalemedia.com/	1970-01-20 19:00:36	Name: CMPRO Value: 5295
exchange.mediavine.com/	1970-01-20 17:11:10	Name: mv_tokens Value: %7B%22mv_uuid%22%3A%2294e66860-97ca-11ee-af46-b7c540eea936%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 17:11:10	Name: mv_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%2294e66860-97ca-11ee-af46-b7c540eea936%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 17:11:10	Name: am_tokens Value: %7B%22mv_uuid%22%3A%2294e66860-97ca-11ee-af46-b7c540eea936%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 17:11:10	Name: am_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%2294e66860-97ca-11ee-af46-b7c540eea936%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 17:11:10	Name: criteo Value: %7B%22id%22%3A%22k-O9rCjAXrZvJXwT5Qjfzual_OtatCnDDQX4Pr1A%22%2C%22version%22%3A%22criteo%22%7D
.demdex.net/	1970-01-20 21:10:12	Name: demdex Value: 57217932760263065993377962060815922086
.dpm.demdex.net/	1970-01-20 21:10:12	Name: dpm Value: 57217932760263065993377962060815922086
.omnitagjs.com/	1970-01-20 17:34:12	Name: ayl_visitor Value: 545700ea31f8eb309506038ac95db82d
.postrelease.com/	1970-01-21 01:36:36	Name: opt_out Value: 1
.krxd.net/	1970-01-20 21:10:12	Name: _kuid_ Value: P97H23dS
www.goaheadtours.com/	1970-01-20 17:34:12	Name: omSeen-uvnfhtbns7pxeitav6yc Value: 1702260683410
.tremorhub.com/	1970-01-21 01:36:57	Name: tvid Value: 725460bd833d4d539cb535a51a4b79a4
.tremorhub.com/	1970-01-20 17:34:12	Name: tv_UICR Value: k-115OrwXrZvJXwT5Qjfzual_OtautdaLoKuzzMg
www.goaheadtours.com/	1970-01-20 16:51:02	Name: drift_campaign_refresh Value: f563119f-1403-4b88-97fe-a8341eb03557
.mountain.com/	1970-01-21 02:27:00	Name: guid Value: 9553348d-97ca-11ee-98b1-7daac152217b
www.goaheadtours.com/	1970-01-21 02:27:00	Name: drift_aid Value: 3030f85d-626b-4400-9127-d83dff9cba07
www.goaheadtours.com/	1970-01-21 02:27:00	Name: driftt_aid Value: 3030f85d-626b-4400-9127-d83dff9cba07
.px.mountain.com/	1970-01-21 02:27:00	Name: tt Value: H4sIAAAAAAAAAKtWKlOyMqoFAP609q8HAAAA

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors https://app.storyblok.com http://app.storyblok.com/
Strict-Transport-Security	max-age=0
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

10100557.fls.doubleclick.net
6384424.fls.doubleclick.net
a.omappapi.com
a.opmnstr.com
a.storyblok.com
a.twiago.com
a24099230963.cdn.optimizely.com
ad.360yield.com
ad.yieldlab.net
adservice.google.com
analytics.tiktok.com
api.omappapi.com
assets.goaheadtours.com
bat.bing.com
beacon.krxd.net
bootstrap.api.drift.com
cdn.jsdelivr.net
cdn.optimizely.com
cm.adform.net
cm.g.doubleclick.net
collector-30678.us.tvsquared.com
connect.facebook.net
contextual.media.net
criteo-partners.tremorhub.com
criteo-sync.teads.tv
d1nldbz8jmu82w.cloudfront.net
d3oig6rspwnkfc.cloudfront.net
dis.criteo.com
dpm.demdex.net
driftt.imgix.net
dx.mountain.com
e1.emxdgt.com
eb2.3lift.com
event.api.drift.com
exchange.mediavine.com
flow.api.drift.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gs.mountain.com
gum.criteo.com
ib.adnxs.com
id5-sync.com
img2.storyblok.com
jadserve.postrelease.com
js.driftt.com
logx.optimizely.com
match.sharethrough.com
matching.ivitrack.com
metrics.api.drift.com
mug.criteo.com
pixel.rubiconproject.com
px.mountain.com
r.casalemedia.com
region1.analytics.google.com
rtb-csync.smartadserver.com
s.thebrighttag.com
simage2.pubmatic.com
solutions.invocacdn.com
sslwidget.criteo.com
static.criteo.net
stats.g.doubleclick.net
sync-criteo.ads.yieldmo.com
sync.outbrain.com
targeting.api.drift.com
ups.analytics.yahoo.com
visitor.omnitagjs.com
widget.us.criteo.com
www.dwin1.com
www.facebook.com
www.goaheadtours.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
x.bidswitch.net
z.omappapi.com
104.79.88.129
141.95.98.64
142.250.185.226
172.64.151.101
178.128.135.232
178.250.1.9
18.224.227.143
18.238.243.69
18.239.36.27
18.239.83.104
18.245.86.77
184.30.133.160
184.86.103.203
185.86.138.153
198.47.127.205
2.19.104.4
2.19.105.55
2001:4860:4802:34::36
216.58.206.38
2400:52e0:1e00::1081:1
2600:1f18:612b:4216:9670:1560:e7cd:376a
2600:9000:2090:c200:f:8ce2:fb80:93a1
2600:9000:20a0:6c00:13:b371:9a00:21
2600:9000:21a8:f400:12:66da:ca00:21
2606:4700::6810:5914
2606:4700::6812:7059
2620:1ec:c11::200
2a00:1450:4001:803::2003
2a00:1450:4001:80b::2008
2a00:1450:4001:810::2004
2a00:1450:4001:812::2002
2a00:1450:4001:813::2003
2a00:1450:4001:828::2002
2a00:1450:4001:82a::200a
2a00:1450:4001:82f::200e
2a00:1450:400c:c00::9a
2a02:2638:3::3
2a02:2638:3::c
2a02:26f0:480:5b0::13b8
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
2a04:4e42:8d::720
3.124.39.171
3.124.69.248
3.17.53.221
3.212.39.155
3.232.124.103
3.68.0.8
3.75.62.37
34.117.157.22
34.210.219.79
34.241.154.142
34.241.3.33
35.158.30.42
37.157.5.132
37.252.173.215
50.16.7.188
52.12.117.226
52.7.151.245
54.220.4.214
54.228.143.85
63.33.18.223
65.9.86.45
69.173.144.139
70.42.32.31
74.119.119.150
76.223.111.18
85.215.5.31
99.80.129.181
00a14d912fc855b36367d0a4b3ad5a7d0fa44a489e91a58c74182310851eb8b9
017fcff7c5bd0a778022ad75d94fd5cd6e82d466f3422263b77881f44d73055f
04681ea0d011eca225e528bad1c8cdbc10c59624d02c056099c8c45bc3223bba
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
0b33a288581a9eab8478805d7fea9af598bc706bbe0d550fc1935994f45f0685
0ba118c57d07aaab25d2c7c58f367fef8c515ea876cddf6f683098ff95d217a2
0ff11e71dc336096127eacb0484ade7bd0c3b63b528bc9e8cee6a94537c4ccba
10063453da71e51e08622944ba9ffc770fa783c49fbb96134ebf6c5396552f3c
12d89f355ea2a70cceeeb47ee8d007442bef0db1d77b4c1425d8d99bdbabb33c
17c637303b3f9d684a1cd953b7999c1c75dc76b644a82dccf29303710d3990af
19473eebfb0672867a4438e2a015de79fded34b9f5ae5598bade57eb01cf0563
1c5bab09bcd60636e11f4f3fb95ad568e57a83b96a8e8d8838db7d2dcc65cd07
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
211d8c9dcccd319acbdaa1d751176ecf1a44a82b9df56050f29e4a06502b007d
228739c5660b9818a95c3b2c13f6c65cf4364f871c0cde499446c985be07a682
25b2b402f5fb926c7f00bbce9664055f10729221d98fc2b90a311027acd8ee3a
263c3a799ea39e2db3c3347bab23a9f98990d9d9633d2d8b833d8766c3dc2b36
285fe6d501fb8812827f066e71f4219dce57344ea4c69ed0ab6a7a8ca189327a
2a8a441d8086f20a64563edc759aba1de84d932e34ff77b8bb0279a730cdb428
310de82ec6ba5948814ab8ec2369aa1d437e84e26ac56967fc79897acaa99a95
318b3811fff78b9d51b1385ccafe830b1b731407f73d12aba87704ce4c8c478c
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32a19b76e4b3f58d3736c6b1974d871210440c92a5efe0b3707695b1d543ae9b
34290bcc7fffbeb7c5f213987b36ac33c167b9d1a72a2373c40bfa4be14f3c9c
37ad809409817f7139138e19f5116f85889b390b19fa3883bc96379b50ada1b9
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
40d4e90cbd08177f2a5a82d8afad079be9761510684dd0516a979b9ff1629035
419e9ceec0f42d8d507ffd2bc953430abeb29bd2612358428d7b217deb284c5d
42079be35ad0d0e2b52f090fb07cf4587863e61be8ef47293ceec97ee5560504
422b962aff597c5aca5f9c3aa114fcea7f3fda6abcad9584510b36b3eecd0f09
43acd90d3c65e3d6e25c372cb71c739f16379a7f18f64f28a6774b19a83bb559
44781b67504e09f3241ef9dc8b6dacfd8757c45ed04717584ccd55f3ec9eba65
4563823fd629a48517c7feb8bf33640e12440e08bdde7a172ce477c2ddfc9c4d
462575145e71017a50c22e3e0fd3b0c6929d423552b9e49778eef901ea29be2f
4701b2e1ec76dd19d170df197631b535d8f317e6432314e54ff420ea61ec5001
47b3cdf62af98b2557c88d5052927d9491b3bdadb29eb2bc4156ee32a581d608
481baffabb9011ae6ffd10103983908ebc2c06e6f6be7797d226ccee04c2172f
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4be2d9b5ed0447bf7d2b372d988938d87dab3d063e2252aa32dafc5cbb47f2d9
4c843cf07186cb3b96ce97cc635ff2331db3fe4162012c771c5009c64aecade9
4d65180699598cc634c94568f2d0575cd2271276f0258f809c7dcd257a849372
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ec540661e312366140129bc71b3666c95c5722882c5e17cf254f499e8fecd65
4f4a7a40796cf40a47e1befc310f0f46ecf8c22c8eef6004edc915425ffaca79
4feda6639543cfbe6fbfc52198de2599d0b903689c96b6ce2f0a4e034ec60e59
50329428b5bb7153ccb0dd05a720dcec4dc5f3e5b28b12dafa2551f7de81ec3b
527a2ab93f12834cac411f2bf96d1548fa10333689c7ba8abd71e94922b41158
53e1fbcb6c5b16c822557569d6130c72ea739c91698d2ef44598da98d0bd6338
5405f21fd05a73a76a85b2021b366df4dcd00dd93ad956d671776622ea5e1ffc
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54ec46e9035982bb8c1363e2abdf4a6e5b1942bd11b939d67f7ea2a69925909c
55d6f41fd18bcaa57afb4edbc8e4465e792fedc842111c787ad52bfb82231693
569f041ebf1517bc89897ddeb38835b9d93afed9d870742c4e8b967464617b54
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc
582c863de4df81180468a0bf44b8f18a60803dc85528d00534935fd4d7ded404
58fdb03fac3e89e51525a5a45eb777395d1b499bf4483e96201b6becddbe516f
594d3ade307f6f48a5ef5143228b9da7c4e78589177ac70e91d31fe75ea83d60
5a7277a57b25689c813ee9166293fe6b1d68008b20657ad51fb198f7f76ceb38
5af0576ae4724a12d65aa86acc4231c868e4e6087c87a0b57243c6ca6dd5b67c
5b6f59384f6cb9627be4fa5b63e6a093cb39970d9369f49062dd2e3dde6a5c38
5b7cf5a2660fb33477f53ab0b83471c49b60e3c7a324f3122fc1fe88ec1440dc
5c756ba00bc22ff5690e08fc74aa2c70cde9b692a4acb7ca813a9dc7168c27d5
5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5
5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214
5e3e66d78bff095598c5bd4f5071d92f041ec6569cf14535f12ce2d29b569ca4
60409946ec37f5d25bf3516bd3fbc347358e60feaf168a3d578b323cb750860b
622373f59cdda9ea36f307c5f7bef0cfd8e140018c995b6394468a26ef499dec
63ead2aaccd136652af7839f4526e58eba88a1434f0447ce8e0e562e4b32b540
6507a044d207a767ec2971e891b149b58d6d32a6ee1b18068a6d6dd36bc5fa9a
673e457023ac61d43f651a944cc0b1d9948beff615aafc6aa7ae328e2ea0b43d
67f3fc308975e1114ae6d9beb0c7b4eb0153f9038402fd78a354084cf2094de2
6861a320271e0fda832800e20d53b858ef409f88d9bc9c1a48953888289d1ea3
6c9c6406c9bd9814cf84974221433003377b67f071ec5411fddbcba4ec109bca
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
7140dce1c597fa79f8d66b2e909735a8bd78989978f2c2b782355d9efd417f55
745b79544835c8ee16198c039bdde0b6ec42333c0f830df5770bd4dcd60a6ac6
7641f066c35d0ca15d4897bfe49d640ed4c143ff8f04030c2020cbb2acfa7b0b
77a3faaed9865d18c1b382095e7bdacf0f024d0c96a5f3abcb4598b65cab3f3a
7849ba1748f8188749df28e9d59ca4e570a8495684353d8df4715fa70a81e787
7c8b113cce07a87ca4cb9dc4f1c55d701efd44834430e1939c27b2e5e1c12ac1
7ddec3a2d69247482b88edf9c09e40131252980f87f9d70000892784534c1df7
7fbb21e73a91b81288b5ccb93c6c57a51895add5490967eb850ba8b808f3e35a
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85016d81a1b51d8867123c56433b2e638844aac2e3dfe64fd79acc1f11c6f983
852bd0cacc917cf120c13a24ce9082d7cbbd0c20f8f74aadc5cc3f0863a3a0b3
85fd62d320b29db9aeb3e9e28df01c331228fbac48ecdacf1d12d11052995821
862bae5c822d87db86d0b893f474177ca1d9a51309354f12cc0ab85cd9bd9cf7
86d58fd4c5a7b600742f7f7d3dd4e180cb66c78794cdfb262ab4717bf0c14482
899b480c61ba64c81eca25d7e37c963401ce6521586c6f42b20648597f20acbd
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a5471e7115bde2b91f8be92a788450b08b18f306ef7a2dce93064bafb3f93d6
8ad9a6bcdc20b0bb29576b861332e7b11719bd11af68024d7676724574070f05
8be54f9df63756f7a72ca5721de8d3ed6fd99dc2d4c8dbe09b5439515028ab48
8d528fa7f2e49038400bc2a99cb777f3b57cb55e0b485c117957478e12b00266
8d7293476de0d15a9417a6f896f642845e90a174c74455e095f5f9a69768b51c
8e9a6d909dc9c70587affdefea54ba839f8c9c539a0663db465b76d5968397eb
8f0f8792237470ee661c6afc32ca68200dd74bcc0d544d0fd54c7777af362eae
8f927cd54d7ef0ffd667f6537f9a9f3ef56fd8f86b32c8dfd534c29da2f2242a
90debd01246f03d32e23d23e406e0e26977718ea29dc1b008f7cc4ddb0d0c01e
91ba6f36218564da5a9cc2c86d69423641d45328afabe3c756b5508d02c02592
924c652cca204322241dab3654d097e3d856c31c4a32578264d17118d4d65f4c
978277c7385002bbd8eca4f51d7bdac7424ef8c6d267066e36b018b25bf88f7a
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
9bf37c357401c10712eb17dbd6433130c058d399d0b15a52cad8cb853c35db71
9c12008459a92eaee91d2044d61926c8128c1fd573337f9b6a829af7394af259
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0746aee5a2b0032d3d664b8383d97bb3e1f0dce11ececfa1258072a704b1a72
a1d4b01843b9dad68a10bba7ab416fb60cbe6052a223f6bd74cbad286b812b2a
a463aa6666ce0abcabf8033013cfe881fdbfb570389aff471d400a45b3a496d4
a6678baeec82870a146217be499618653e947eb3b0ca0dfc04b8ce3f03692307
a7261c03942fe3aeae6c21a5e0d467a14b728a707eaf7e1d294a93683032d761
a7c1a06c4d212374f6b12504afe290c122a72e0caf1b8f07ba87ae874fe7042c
ac9ed0e67f9ec3cd220ca7fd8548ff1d3ddd7c9900ce7214d8f52631b5288b1f
acb6c568434728225b997b0f1e7068cf886cbad7ba4a1bf3a711b0b3f75bbcbf
ad989fea9b3d9e1c7dbf7532aefe9286f36ce3b2338804c77fa7dbfeafcdfb21
ade30ddbc83c165140e004aa0bbe5f843cb479538451cdc208cb47e718e1593d
ae8ee359ff01f447cf2b5353e0dfb9329c8282d9c419f0ca9feb418e5ed4a4e2
afbd41e7209fa3aef6f53c7a5713aa542a7be54c432fec2d690e0dfaccd528d1
aff3f080ca81726de6f6af5f1fc204edc7efed19b2141b53db9f589832bd5123
b0963e8bade289b66b3467eabcda648f8cd613048d33284a7be4b6c93a106c58
b0af909b7ae6ad2644bfe2a60d939092aaf113b2cbc4ed2981a892869143b98a
b13c9311dec3f49821d88065299e95cc1c4e6c26acc4b27b4ebdb380d40d8788
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b18b7934fcad866d7a86f35e082d61323a9417ef10ded37e30c710dae0d38df4
b2bb1c9c44a6e45972049a95b3bfb9e0609bd2253251029fcab32ec08066881c
b3270ed405782208fad71fdada8fd19c55e6042dbcf3a6390cb12f359f93f8fe
b4e955ffc5c5f7aeba5e91a9d7b86dbd8f64a5a61fe816ac9ed81933f107e7f8
b5fb447ffd2974d56939b56b0a43b0b4810f69d64c39143c4a7e5ed5685fe769
b84595cc8461bb6e8376fe94f0dd23d6657172103b03653534089c5992b058a1
b8be0a62ea1bd67705eb6c3b863546763f3f27f8200274bc526a6703ca0d224d
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
bba54915db71fc417be4d5852ec7d138d7c3fa90356ddee98b5267a7db7e6b5b
c03628d9933445974fb52e2a61530b55bfb27101c25716eb35a031a3a81151c9
c110d3e795d9bcb956d5c9ef500d23c7e480a259519d383d5c626293ee413815
c418460b30462d253c0f0460ff64a45524d6c5a90ecbc6f6cb46ceddff91ca84
c4fbf61bcc8a017d5d9cd2d95105bf88005bc0a3b6c18be6bfee8fc94d0adf52
c501de88fbb90a445f1754a529bc772e7047071bf653c8c3f0330f7bb736d140
c551887113fed17fab1383594ce7942ac75d371c8e75304cf1d28536ac7899fc
c640d911a58cc3ef31b1a3c2090fa753c948902033b9917ab5daef4fbb33b5d2
c6fd60d4ecfcac36ecdcb7456ecf170d8eef75c883a1e34a4dd7855d23966cd2
ca576224eadf33d00539fd0d7f912861526ff0b99b38994c169587737def7288
cb0ad1fa1d6796f35b15546b32c1ab962180c701f0e936b2b3efad317294e8ca
cd0391921eb418d52f00e38cf417c33b074edeca8ba76ac7fdebc822d53c22c0
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d14e287ddae470b06c4639e73260ca21a4c9b7cfdf56e02965a8f50fb5333b42
d677c52b0dda864e5eb975106f53918f5e2dfb2b584ee65395b5dd0bb253989e
d70fa5dc6c8bfe9d7824be31e669528533d0879a2b1600a7df68b880f4d44296
d720b49553e0bb64a77896b03b22ea0df1801761d609c55d7026cedaa36e3452
da4a39f6208e897443b5bda6ef5014e8e2c9477beac582ea7e17b2c61391c9f9
dc125e9d86f939c87602ea8e5d855fc40b063b7d9558129a3b8f09b7cc7fe772
dcacea7de18211a80fe31dfcbc821306515a46aa88841e7c01bee6cb902ded09
dd09e3ba26066abe27c4dad57c8e0c8a63fe23a0bc87e63bcab94f25e9096459
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df50671350e30af789f10f002651e0cfa05d76b238f32b8463e40d7d6098abd7
e0c6f8695589df90e63442fee1c9cf14e60dfc4fd8ce7296515b1d6db41e1d3d
e0d2e872be145886fa21dbfb0bdd82a6dd87de09470f3b4dc8a93c9548f1d365
e12ba0c7fdf697f51afcc060e5c7a62be776fe9c631bb714964e15e4f65ddae6
e1b149f9dffc3130750034a65c4a1d2cbefe7ffcef67fcb368f292a065aabeef
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40b6eae9d66c60b9c750da70da6b2bc5d35c2ae9689cc1e9547e300fac4a3ba
e426b2e0d9fc29869aacce20dddb12bc82753cc91f8d1447b2ba178f0f042eb3
e555f4b34b579e6528d6bbd4819620a634c0759b41dfa99520b7ca5aa5117b11
e563b4b6b27709874bb9d43e78e666705ac388159b8be03517fd00f6a934a224
e89767a717d5fa04154ca21c66d1d96e7a5d3844875f0083f6bf400f2441d297
e934015e6fca5ce9e8ef1cde72d07561e55d8eb90cc6a8ba078b4aac7f595b62
ea4cb4275f9789710ecd9b8e9e0fdd177bfeef6d501585d9251822df8da5a722
ebcabaeaf48094ef947db06d5e531ea5837df7878afff31e07aa5b32ad08dae0
ec3a84e593065a50cd77ce9fba273b4196936940c0813ca248b045df2e2c8eff
ed66405827a21a72b4df472a08b2978ab6e47405d80f6097a9a8f0d045d3f38f
edf1011ad272d21b66ae82a21a9d029186dc81c9f13972203fc3107f75835d4b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0c71e3da5b3fcab3c66af1cf0cdbf262c97b9330b7b37116f1ae2ab18bdc660
f262b7ab4bc7ac9bff363b4dcc6a68420dc195850d6218a1d66764639db5a8d7
f3b1aff8338b23e10e71666f6257898fc6d37fb5192acdf4879ff752fd83b365
f412437549c8ba029d57d8dad26ea46a31de7d190b9f33532db17188b98d655c
f43e194bad36d6d39054e1bd5da4bc4835829692ba445891bc2ff3e7da048760
f8a3acb3478de376bfa31392508a5c19f328c262a378e93672c15e51349ee238
f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47
f8f0055fa05b219340699b6f0fd8a9ba4633be73c12e1fe5493dc9aca44d93cb
fbeb296c1ecc216a17bda77bf65e833cc0410cfbe1908e121f7a4549cc390675
fdeaafd230868d5f4a4f85b5db119062f6a1698dab8e318be609e79080ba27f7
fe7788f8afdd9dc9a0533007e8c5f173b1c753253494a03170ccd9333c6a5ce2

www.goaheadtours.com Open in urlscan Pro 2606:4700::6812:7059 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

265 Requests

97 %HTTPS

35 %IPv6

54 Domains

77 Subdomains

68 IPs

6 Countries

3505 kBTransfer

8760 kBSize

50 Cookies

18 Outgoing links

Redirected requests

265 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.goaheadtours.com Open in urlscan Pro
2606:4700::6812:7059 Public Scan

Screenshot
Live screenshot

Full Image

265
Requests

97 %
HTTPS

35 %
IPv6

54
Domains

77
Subdomains

68
IPs

6
Countries

3505 kB
Transfer

8760 kB
Size

50
Cookies

265 HTTP transactions
0 data transactions