urlscan.io logo urlscan.io
SecurityTrails logo

itinerator.pages.dev Open in urlscan Pro
2a06:98c1:3120::3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://itinerator.pages.dev/
Effective URL: https://itinerator.pages.dev/
Submission Tags: @ecarlesi possiblethreat phishing Search All
Submission: On October 21 via api from IT — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 3 countries across 5 domains to perform 17 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is itinerator.pages.dev.
TLS certificate: Issued by WE1 on October 20th 2024. Valid for: 3 months.
This is the only time itinerator.pages.dev was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

3    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
itinerator.pages.dev
1    2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
maps.googleapis.com
5    216.58.206.66 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr35s11-in-f2.1e100.net
pagead2.googlesyndication.com
1    2a00:1450:4001:81d::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    142.250.186.131 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f3.1e100.net
fonts.gstatic.com
1    2600:9000:26db:3e00:2:cea4:aa80:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.builder.io
1    172.217.18.10 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f10.1e100.net
maps.googleapis.com
1    188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
itinerator.pages.dev
2    2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
Apex Domain
Subdomains		 Transfer
7 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 116
tpc.googlesyndication.com — Cisco Umbrella Rank: 163
215 KB
4 pages.dev
itinerator.pages.dev
394 KB
3 googleapis.com
maps.googleapis.com — Cisco Umbrella Rank: 445
fonts.googleapis.com — Cisco Umbrella Rank: 30
113 KB
1 builder.io
cdn.builder.io — Cisco Umbrella Rank: 18105
12 KB
1 gstatic.com
fonts.gstatic.com
35 KB
17 5
Domain Requested by
5 pagead2.googlesyndication.com itinerator.pages.dev
pagead2.googlesyndication.com
4 itinerator.pages.dev itinerator.pages.dev
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 maps.googleapis.com itinerator.pages.dev
maps.googleapis.com
1 cdn.builder.io itinerator.pages.dev
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com itinerator.pages.dev
17 7

This site contains no links.

Subject Issuer Validity Valid
itinerator.pages.dev
WE1		 2024-10-20 -
2025-01-18		 3 months crt.sh
upload.video.google.com
WR2		 2024-09-30 -
2024-12-23		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-09-30 -
2024-12-23		 3 months crt.sh
*.gstatic.com
WR2		 2024-09-30 -
2024-12-23		 3 months crt.sh
*.builder.io
Amazon RSA 2048 M02		 2024-08-30 -
2025-09-27		 a year crt.sh
tpc.googlesyndication.com
WR2		 2024-09-30 -
2024-12-23		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://itinerator.pages.dev/
Frame ID: 9A25013B1424705A4A3D94B1AEE88C3E
Requests: 14 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/html/r20241014/r20190131/zrt_lookup_fy2021.html
Frame ID: B49BBE13C58810323093D9619A982DEB
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-4121612542531502&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1729472371&plat=9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x1080_l%7C500x945_r&format=0x0&url=https%3A%2F%2Fitinerator.pages.dev%2F&pra=5&wgl=1&aihb=0&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aicel=33&aifxl=29_18~30_19&aiixl=29_5~30_6&aslmct=0.7&asamct=0.7&aiict=1&itsi=-1&aief=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1729472371820&bpp=2&bdt=228&idt=154&shv=r20241014&mjsv=m202410150101&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=902145952491&frm=20&pv=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95343853%2C44759875%2C44759926%2C44759842%2C31088131%2C44795922%2C95343681%2C95344187%2C31087609&oid=2&pvsid=365177125477614&tmod=1593347740&uas=0&nvt=1&fsapi=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&nt=1&ifi=1&uci=a!1&fsb=1&dtd=167
Frame ID: C21F3607DFAE88056F5E2E8EBBEB3902
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/232/runner.html
Frame ID: A6A5AAD4757EF7875ED081D5631C5CC3
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Itinerator

Page URL History Show full URLs

  1. http://itinerator.pages.dev/ HTTP 307
    https://itinerator.pages.dev/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //maps\.google(?:apis)?\.com/maps/api/js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Page Statistics

17
Requests

94 %
HTTPS

56 %
IPv6

5
Domains

7
Subdomains

10
IPs

3
Countries

769 kB
Transfer

2231 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://itinerator.pages.dev/ HTTP 307
    https://itinerator.pages.dev/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
itinerator.pages.dev/
Redirect Chain
  • http://itinerator.pages.dev/
  • https://itinerator.pages.dev/
936 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://itinerator.pages.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b8194603d0f7c8b181e4339745200f72c17a73e4f714d69530356e5e2f7a6cb7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=0, must-revalidate
cf-ray
8d5d4e321df30ba6-AMS
content-encoding
br
content-type
text/html; charset=utf-8
date
Mon, 21 Oct 2024 00:59:31 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2Kjj%2BjWQ6lnYXoWiCAfZ6YeqpGjto17qsF%2BHqRNw38r%2F1Sa5TDXKjg4zyxaq0w%2FQATemgSbJ1kpGwGI8AIjwHRCkpKGgRYgAn6B1159WJ5I2EMuAPMZSyf4L7YKTJtQ3qyB%2FkerS370Pj5QhRpQsaz9TdA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=TCP&rtt=15007&sent=7&recv=11&lost=0&retrans=0&sent_bytes=3981&recv_bytes=2294&delivery_rate=258452&cwnd=253&unsent_bytes=0&cid=94bbe2caeb8273c9&ts=60&x=0"
vary
Accept-Encoding
x-content-type-options
nosniff

Redirect headers

Cross-Origin-Resource-Policy
Cross-Origin
Location
https://itinerator.pages.dev/
Non-Authoritative-Reason
HSTS
js
maps.googleapis.com/maps/api/ 		348 KB
112 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/js?key=AIzaSyCIIMHgVVhViFHKPkYF002gJptJZDukKvY&libraries=places
Requested by
Host: itinerator.pages.dev
URL: https://itinerator.pages.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
0985623d3db8e5c3cfd52a1da19dbcb376d21377c6e72e703f3208e21c4d0b88
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://itinerator.pages.dev/

Response headers

cache-control
public, max-age=1800, stale-while-revalidate=3600
timing-allow-origin
*
content-encoding
gzip
etag
2e327063
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
114460
date
Mon, 21 Oct 2024 00:59:31 GMT
x-xss-protection
0
content-type
text/javascript; charset=UTF-8
vary
Accept-Language, Origin, X-Origin, Referer
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		154 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4121612542531502
Requested by
Host: itinerator.pages.dev
URL: https://itinerator.pages.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s11-in-f2.1e100.net
Software
cafe /
Resource Hash
7c67af3de6d94fe95e565c9095841abc4a27298ce54feefeb96d952768ba31f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://itinerator.pages.dev
Referer
https://itinerator.pages.dev/

Response headers

content-encoding
br
etag
3010550937672958546
x-content-type-options
nosniff
expires
Mon, 21 Oct 2024 00:59:31 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Mon, 21 Oct 2024 00:59:31 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
53045
x-xss-protection
0
server
cafe
main.c0c752ae.js
itinerator.pages.dev/static/js/ 		1 MB
345 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://itinerator.pages.dev/static/js/main.c0c752ae.js
Requested by
Host: itinerator.pages.dev
URL: https://itinerator.pages.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
17e79aebbc2d1693f0dec342406a9881ceb312092929591e502b0778da4c2cf9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://itinerator.pages.dev/

Response headers

cache-control
public, max-age=0, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
etag
W/"cd8062bc5af834b066c8167b6c751d8b"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LGDSVgR3B3Yq3ffLOxCwahEzYIQTM%2F6hBRswmfMlF27XbPJCwtnpwaBZ5okWQElmXizbqGrRIisTWSVKfV3aE9tM5m2JdCLJHeIdPxhth21rcW%2B1y5CDrD2B43%2FWkZYLLOESttzdfU1U4f2iGR8cTqsySA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
cf-ray
8d5d4e329ea20ba6-AMS
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=14978&sent=16&recv=16&lost=0&retrans=0&sent_bytes=7774&recv_bytes=2507&delivery_rate=433895&cwnd=256&unsent_bytes=0&cid=94bbe2caeb8273c9&ts=129&x=0"
date
Mon, 21 Oct 2024 00:59:31 GMT
content-type
application/javascript
vary
Accept-Encoding
server
cloudflare
main.82c40eff.css
itinerator.pages.dev/static/css/ 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://itinerator.pages.dev/static/css/main.82c40eff.css
Requested by
Host: itinerator.pages.dev
URL: https://itinerator.pages.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1705791db2052553ce9207a4bfd32139de6aa6d2a1ddbb57b6a36f3bed09a36e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://itinerator.pages.dev/

Response headers

cache-control
public, max-age=0, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
etag
W/"af9ff8f8717ea603fa55accdb66975a6"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8v%2BhMpKX6DMEvQybAXwAFQn6qo6eyiGkbsjH9ZNgSEiIkmfoHr6qLj%2FF9vILkQ4uPHPbWAz6HUViggEBy1MI70yQ%2B58oXPkJYXw2SXYwmq6Dmh7%2BadPf9gKbMkoGxCElqe5YCAS2cg2ibVxMCWYwDizyeQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
cf-ray
8d5d4e328e960ba6-AMS
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=15001&sent=11&recv=14&lost=0&retrans=0&sent_bytes=5204&recv_bytes=2507&delivery_rate=260041&cwnd=256&unsent_bytes=0&cid=94bbe2caeb8273c9&ts=105&x=0"
date
Mon, 21 Oct 2024 00:59:31 GMT
content-type
text/css; charset=utf-8
vary
Accept-Encoding
server
cloudflare
css2
fonts.googleapis.com/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Rubik:wght@400;700&display=swap
Requested by
Host: itinerator.pages.dev
URL: https://itinerator.pages.dev/static/css/main.82c40eff.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ca1d6d87b1648aad9a1761cc3f01d5f308d357b8604e2f931a69f3b928988639
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://itinerator.pages.dev/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 21 Oct 2024 00:59:31 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 21 Oct 2024 00:59:31 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Mon, 21 Oct 2024 00:19:19 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
iJWKBXyIfDnIV7nBrXw.woff2
fonts.gstatic.com/s/rubik/v28/ 		35 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/rubik/v28/iJWKBXyIfDnIV7nBrXw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Rubik:wght@400;700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f3.1e100.net
Software
sffe /
Resource Hash
47374cb7d373f9a8450e1237c80bc5fe68c61fbf0cdf958df7a298143b7dd445
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://itinerator.pages.dev
Referer
https://fonts.googleapis.com/

Response headers

age
421452
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 16 Oct 2025 03:55:19 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 16 Oct 2024 03:55:19 GMT
last-modified
Thu, 29 Jun 2023 16:14:39 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
35448
x-xss-protection
0
server
sffe
18c1060fdb7de4a2128a3e5d304fea376e03e36e1f38556ee5a3fa91aae67d3d
cdn.builder.io/api/v1/image/assets/TEMP/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.builder.io/api/v1/image/assets/TEMP/18c1060fdb7de4a2128a3e5d304fea376e03e36e1f38556ee5a3fa91aae67d3d?apiKey=95bdd6893dbc47d0ac51c502bd26afe2&width=2000
Requested by
Host: itinerator.pages.dev
URL: https://itinerator.pages.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26db:3e00:2:cea4:aa80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Google Frontend / Express
Resource Hash
45cc5d8cca85a3a382f1a1122d6a2759e44e4416873f9d4501c8db2c5a3aafd9
Security Headers
Name Value
Content-Security-Policy script-src 'none'

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://itinerator.pages.dev/

Response headers

surrogate-control
public, max-age=2592000000, s-maxage=2592000000, stale-if-error=2678400, stale-while-revalidate=86400
x-robots-tag
noindex
x-request-id
f54c45d0-8eeb-11ef-b440-9d9add7335e0
access-control-allow-private-network
true
age
39416
access-control-allow-methods
GET
x-cache
Hit from cloudfront
x-amz-cf-id
Bner7Fn9U6E024FTC7Ld7msCnH-RtZxz43cJIX9ypH8139KnwmIStw==
date
Sun, 20 Oct 2024 14:02:35 GMT
content-type
image/png
x-cloud-trace-context
0ead06505f92e98fe27a977e074c7db5
access-control-allow-headers
content-type, accept, authorization
content-security-policy
script-src 'none'
cache-control
public, max-age=2592000000, s-maxage=2592000000, stale-if-error=2678400, stale-while-revalidate=86400
via
1.1 19392de11dadb918bd6f24e199ea180e.cloudfront.net (CloudFront)
access-control-allow-origin
*
content-length
11489
function-execution-id
wkq7u6vvsgj8
x-amz-cf-pop
MUC50-P3
x-powered-by
Express
server
Google Frontend
gen_204
maps.googleapis.com/maps/api/mapsjs/ 		3 B
45 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyCIIMHgVVhViFHKPkYF002gJptJZDukKvY&libraries=places
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.10 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f10.1e100.net
Software
scaffolding on HTTPServer2 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://itinerator.pages.dev/

Response headers

cache-control
private
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
content-encoding
gzip
x-content-type-options
nosniff
access-control-allow-origin
https://itinerator.pages.dev
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23
date
Mon, 21 Oct 2024 00:59:31 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
vary
Origin, X-Origin, Referer
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410150101/ 		432 KB
144 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4121612542531502&plah=itinerator.pages.dev
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4121612542531502
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s11-in-f2.1e100.net
Software
cafe /
Resource Hash
254638464c3c70a4b7a3ada9d2d1e815db220c027ee14ca82e880863c5a74e20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://itinerator.pages.dev/

Response headers

content-encoding
br
etag
17934673882220755656
x-content-type-options
nosniff
expires
Mon, 21 Oct 2024 00:59:31 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Mon, 21 Oct 2024 00:59:31 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
147165
x-xss-protection
0
server
cafe
zrt_lookup_fy2021.html
pagead2.googlesyndication.com/pagead/html/r20241014/r20190131/ Frame B49B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/html/r20241014/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4121612542531502&plah=itinerator.pages.dev
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s11-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://itinerator.pages.dev/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

age
22021
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4121
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 20 Oct 2024 18:52:31 GMT
etag
13108003645644964576
expires
Sun, 03 Nov 2024 18:52:31 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
pagead2.googlesyndication.com/pagead/ Frame C21F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-4121612542531502&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1729472371&plat=9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x1080_l%7C500x945_r&format=0x0&url=https%3A%2F%2Fitinerator.pages.dev%2F&pra=5&wgl=1&aihb=0&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aicel=33&aifxl=29_18~30_19&aiixl=29_5~30_6&aslmct=0.7&asamct=0.7&aiict=1&itsi=-1&aief=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1729472371820&bpp=2&bdt=228&idt=154&shv=r20241014&mjsv=m202410150101&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=902145952491&frm=20&pv=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95343853%2C44759875%2C44759926%2C44759842%2C31088131%2C44795922%2C95343681%2C95344187%2C31087609&oid=2&pvsid=365177125477614&tmod=1593347740&uas=0&nvt=1&fsapi=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&nt=1&ifi=1&uci=a!1&fsb=1&dtd=167
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4121612542531502&plah=itinerator.pages.dev
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s11-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://itinerator.pages.dev/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 21 Oct 2024 00:59:32 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ 		17 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20241014&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4121612542531502&plah=itinerator.pages.dev
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s11-in-f2.1e100.net
Software
cafe /
Resource Hash
9e9c004d4482209940f196d49080a7bb69303e5c7cf660d401ad65d7ebf6cc6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://itinerator.pages.dev/

Response headers

timing-allow-origin
*
content-encoding
br
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
12862
date
Mon, 21 Oct 2024 00:59:32 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
favicon.ico
itinerator.pages.dev/ 		46 KB
46 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://itinerator.pages.dev/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8726781f2658d7d45256e5f156ab7659d1e92a3141b2487bdbc0f192293dc1c7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://itinerator.pages.dev/

Response headers

content-encoding
br
etag
W/"e23ca909edf8742b9f2e4c5517ec3fcc"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=44Tkl0zYJpKuApCxJHyheIdWcTDH528ERzpP7lZJ4cEOWdmOCeOGpocxNL%2BL3hVESxBEcdIrBriTq2cgiraNZ5bpTNXflFGxcpvu9OLeqtO9%2FZea8OseA68KhAOLNrkO6pU5GtXu7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=15357&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4236&recv_bytes=4457&delivery_rate=682&cwnd=12000&unsent_bytes=0&cid=7569b81901e3b490&ts=500&x=1", cfExtPri, cfHdrFlush;dur=0
date
Mon, 21 Oct 2024 00:59:32 GMT
content-type
image/vnd.microsoft.icon
vary
Accept-Encoding
priority
u=1,i
cache-control
public, max-age=0, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8d5d4e357a860e78-AMS
access-control-allow-origin
*
server
cloudflare
sodar2.js
tpc.googlesyndication.com/sodar/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4121612542531502&plah=itinerator.pages.dev
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://itinerator.pages.dev/

Response headers

content-encoding
gzip
etag
"1727224258380615"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options
nosniff
expires
Mon, 21 Oct 2024 00:59:32 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 21 Oct 2024 00:59:32 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
private, max-age=3000
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
6445
x-xss-protection
0
server
sffe
runner.html
tpc.googlesyndication.com/sodar/sodar2/232/ Frame A6A5 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/232/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://itinerator.pages.dev/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
848
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3000
content-encoding
gzip
content-length
5005
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 21 Oct 2024 00:45:24 GMT
expires
Mon, 21 Oct 2024 01:35:24 GMT
last-modified
Mon, 23 Sep 2024 18:12:21 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=232&t=2&li=gda_r20241014&jk=365177125477614&bg=!wsGlwY7NAAaUWUsktFk7ADQBe5WfOPfuG9W6-FZr5l8VhnIWTXvUnM2oA8uSHCc82iAEFfhcZY_evCcej4RvhC8uO2YIAgAAADNSAAAAAmgBB34ANqjWgobsSRQjPVhHvCbuONRJSBTPodoGAH7NQwGmamtsUbOSN6rRGK6sSaRx7Oa42Ey1QTlYbgoAjxYlrmd3D-hUAdgz555qeDFrfqIGC3zgUutLvcLVZQeNFbHqMDwpWcbk7YGroTLBLBT4EoKgaux_1jognYNKBe2AVjHG6cPz1fgG1mcZ2ipj4gn1OouYHiYJMMlBMn7RoMhgg0cIQmQPQCtRBo8VuufMd3HWoF3qzHAolz2ukexXUm9amZOKjg5l29fiwJFSmQKW6JMElix4D5UvoSRIvNCmuPJq6hBqN1v1Uz626cRhy4HPZxXxl4rbZJeuNzj0y0aSHwFw3yt2Doittfz-QMW074kgKxOL_1kdZMtOEah_ogTkQb9gE9I10CSbfMErbf06RGisGFAXD79w8iWmVH2LkfC9p5gUrq2augYnL4BT5KbN7LCO1k3xlDEIW_A5Syyn5YJjBSy6yWVdHFKA4hj5GdXs17uN-Qy7NMMfVhypZ0FUhPHhvYkrnff8AVcfkOhjy1fCKeBDmx9-b5pYoVvS8ZpL1kpN6yxBBJQdK-qXkPrbNuM7wg7CIEwTrAn7qH-a6-_mvJH4bvzYv3q7UpLyDusLO0Ua1M3ngh_Qm90n9rMmomBRr-q1Ra5p2gen9kk9yLIGtqTLsbp-XaUcC3H52uB_1LpfG3acuQyjB63r1zdx2kstsRwySX2XAr6XIlwbpmyndGIp2ORy5mz31HvzFC1ULhdEEj1RMSTZhBMOmTcXtC8SqCX9MMSrhMEvszCekrMinkbwY5maWGP2iGmZAooory32pnvLIufFJwrxHXC4mhjjW8ESZD6ghqEtq1Ye2fs9QRhzSF1gpMUx1q7BGNXA75Sn6s1QQ_yVRSCfFnZcgPNmRGaEf93kGHND1UKa_hndRap_TxQvkii1_RzV6m59a2YaLU1thvhkrRIujDE0FU2707qol2OiMyNejAWh-5dgmoGAWOXeiSg4hDsZQyyyzSE3CgAvD0C4BqOj3wIVavJBo6IM-_FdXUrar24m1XUXVgcDhsIpjoEjfeBpzOyJuVuSm42-X5kf9eAXgEPLNoIgdhmRmJZpqYOrbj7hhexTVicriGXuCt9IxMGEjK0V0pDoPZkB-hRKMUS_8kXK-bqjJZw

Verdicts & Comments Add Verdict or Comment

33 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| webpackChunkitinerator_react string| __reactRouterVersion object| google object| litHtmlVersions object| module$exports$mapsapi$geometry$spherical object| litElementVersions object| reactiveElementVersions object| module$contents$mapsapi$overlay$overlayView_OverlayView object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac object| google_persistent_state_async object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| google_sa_impl number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| GoogleGcLKhOms object| google_image_requests

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff