urlscan.io logo urlscan.io
SecurityTrails logo

buy.travelguard.com Open in urlscan Pro
167.230.141.64  Public Scan

Go To Rescan Add Verdict Report
URL: https://buy.travelguard.com/tgi2/policytools/viewpolicy.aspx?policy=928128931&ln=CEGLOWSKA&br=hotwire
Submission: On July 26 via manual from AU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 22 IPs in 5 countries across 22 domains to perform 58 HTTP transactions. The main IP is 167.230.141.64, located in United States and belongs to NET-AIG - American International Group Data Center, Inc., US. The main domain is buy.travelguard.com.
TLS certificate: Issued by Symantec Class 3 Secure Server CA - G4 on April 26th 2017. Valid for: 2 years.
This is the only time buy.travelguard.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
29 167.230.141.64 10975 (NET-AIG)
1 2 172.82.228.17 15224 (OMNITURE)
3 104.193.82.55 63124 (IGNITIONO...)
1 1 208.52.184.101 13703 (VCI-13703)
2 208.52.184.100 13703 (VCI-13703)
1 4 31.186.247.145 30282 (AS-INAPCD...)
1 2 172.217.22.70 15169 (GOOGLE)
2 2a03:2880:f02... 32934 (FACEBOOK)
1 152.163.64.1 1668 (AOL-ATDN)
3 4 216.58.210.2 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2 52.49.41.66 16509 (AMAZON-02)
1 185.64.189.110 62713 (AS-PUBMATIC)
1 3 185.33.223.83 29990 (ASN-APPNEXUS)
1 2 2.18.234.21 16625 (AKAMAI-AS)
1 2 34.240.96.173 16509 (AMAZON-02)
1 52.29.18.226 16509 (AMAZON-02)
2 2 18.153.11.18 16509 (AMAZON-02)
1 52.19.172.241 16509 (AMAZON-02)
2 2.18.232.233 16625 (AKAMAI-AS)
1 2 173.241.240.143 36089 (OPENX-AS1)
1 54.228.181.107 16509 (AMAZON-02)
1 2a03:2880:f11... 32934 (FACEBOOK)
58 22
29    167.230.141.64 (United States)

ASN10975 (NET-AIG - American International Group Data Center, Inc., US)
PTR: NotAllocatedbyAIG.maybe.spoofed
buy.travelguard.com
2    172.82.228.17 (Lehi, United States)

ASN15224 (OMNITURE - Adobe Systems Inc., US)
PTR: *.d2.sc.omtrdc.net
cebwa.d2.sc.omtrdc.net
3    104.193.82.55 (Atlanta, United States)

ASN63124 (IGNITIONONE-ASN - IgnitionOne, Inc., US)
trvlgrd.netmng.com
1    208.52.184.101 (United States)

ASN13703 (VCI-13703 - Virtual Citadel Inc., US)
track.searchignite.com
2    208.52.184.100 (United States)

ASN13703 (VCI-13703 - Virtual Citadel Inc., US)
dms.netmng.com
4    31.186.247.145 (United Kingdom)

ASN30282 (AS-INAPCDN-OCY - Internap Network Services Corporation, US)
nan.netmng.com
com-tgus.netmng.com
gcm.netmng.com
2    172.217.22.70 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s17-in-f6.1e100.net
4376667.fls.doubleclick.net
2    2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
connect.facebook.net
1    152.163.64.1 (United States)

ASN1668 (AOL-ATDN - AOL Transit Data Network, US)
PTR: m-prd-pxl-shared-mr3-blue-a.evip.aol.com
secure.leadback.advertising.com
4    216.58.210.2 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s07-in-f2.1e100.net
cm.g.doubleclick.net
www.googleadservices.com
1    2a00:1450:4001:81d::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
googleads.g.doubleclick.net
1    2a00:1450:4001:81c::2004 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.google.com
1    2a00:1450:4001:810::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.google.de
2    52.49.41.66 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-49-41-66.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC - PubMatic, Inc., US)
image2.pubmatic.com
3    185.33.223.83 (European Union)

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)
secure.adnxs.com
2    2.18.234.21 (European Union)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
dsum-sec.casalemedia.com
2    34.240.96.173 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-34-240-96-173.eu-west-1.compute.amazonaws.com
ad.360yield.com
1    52.29.18.226 (Frankfurt, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-29-18-226.eu-central-1.compute.amazonaws.com
pixel.advertising.com
2    18.153.11.18 (Cambridge, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-18-153-11-18.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    52.19.172.241 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-19-172-241.eu-west-1.compute.amazonaws.com
rtb.gumgum.com
2    2.18.232.233 (European Union)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-232-233.deploy.static.akamaitechnologies.com
ad.yieldlab.net
2    173.241.240.143 (New York, United States)

ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US)
PTR: ox-173-241-240-143.xa.dc.openx.org
us-u.openx.net
1    54.228.181.107 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-228-181-107.eu-west-1.compute.amazonaws.com
beacon.krxd.net
1    2a03:2880:f11c:8186:face:b00c:0:50fb (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
www.facebook.com
Domain Requested by
29 buy.travelguard.com buy.travelguard.com
3 secure.adnxs.com 1 redirects buy.travelguard.com
3 cm.g.doubleclick.net 2 redirects buy.travelguard.com
3 trvlgrd.netmng.com buy.travelguard.com
trvlgrd.netmng.com
2 us-u.openx.net 1 redirects buy.travelguard.com
2 ad.yieldlab.net buy.travelguard.com
2 x.bidswitch.net 2 redirects
2 ad.360yield.com 1 redirects buy.travelguard.com
2 dsum-sec.casalemedia.com 1 redirects buy.travelguard.com
2 dpm.demdex.net 1 redirects buy.travelguard.com
2 connect.facebook.net nan.netmng.com
connect.facebook.net
2 4376667.fls.doubleclick.net 1 redirects nan.netmng.com
2 nan.netmng.com trvlgrd.netmng.com
nan.netmng.com
2 dms.netmng.com buy.travelguard.com
2 cebwa.d2.sc.omtrdc.net 1 redirects buy.travelguard.com
1 www.facebook.com buy.travelguard.com
1 beacon.krxd.net buy.travelguard.com
1 rtb.gumgum.com buy.travelguard.com
1 pixel.advertising.com buy.travelguard.com
1 image2.pubmatic.com buy.travelguard.com
1 www.google.de buy.travelguard.com
1 www.google.com 1 redirects
1 googleads.g.doubleclick.net 1 redirects
1 www.googleadservices.com 1 redirects
1 gcm.netmng.com 1 redirects
1 secure.leadback.advertising.com buy.travelguard.com
1 com-tgus.netmng.com nan.netmng.com
1 track.searchignite.com 1 redirects
0 delivery.swid.switchadhub.com Failed buy.travelguard.com
58 29

This site contains no links.

Subject Issuer Validity Valid
buy.travelguard.com
Symantec Class 3 Secure Server CA - G4		 2017-04-26 -
2019-04-26		 2 years crt.sh
*.doubleclick.net
Google Internet Authority G3		 2018-06-19 -
2018-08-28		 2 months crt.sh

This page contains 2 frames:

Primary Page: https://buy.travelguard.com/tgi2/policytools/viewpolicy.aspx?policy=928128931&ln=CEGLOWSKA&br=hotwire
Frame ID: 45809496CD1940983C130B93C5C2FDA5
Requests: 57 HTTP requests in this frame

Frame: https://4376667.fls.doubleclick.net/activityi;dc_pre=CNDW7vyRvNwCFfUK0wodGeMMYw;src=4376667;type=invmedia;cat=drv6CuFA;ord=6419007560163.698
Frame ID: 1BAE9B8A61D664B40259EC297B54E0F5
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /IIS(?:\/([\d.]+))?/i
  • url /\.aspx(?:$|\?)/i
  • html /<input[^>]+name="__VIEWSTATE/i
Overall confidence: 100%
Detected patterns
  • url /\.aspx(?:$|\?)/i
  • html /<input[^>]+name="__VIEWSTATE/i
Overall confidence: 100%
Detected patterns
  • headers server /IIS(?:\/([\d.]+))?/i
  • url /\.aspx(?:$|\?)/i
  • html /<input[^>]+name="__VIEWSTATE/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • env /^s_(?:account|objectID|code|INST)$/i
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js/i
  • env /^jQuery$/i

Page Statistics

58
Requests

2 %
HTTPS

20 %
IPv6

22
Domains

29
Subdomains

22
IPs

5
Countries

516 kB
Transfer

523 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 28
  • https://cebwa.d2.sc.omtrdc.net/b/ss/cebwa001,cebwaglobalchartis/1/H.23.6/s65753558875370?AQB=1&ndh=1&t=26%2F6%2F2018%206%3A29%3A54%204%200&vmt=4C5CBD83&vmf=cebwa.122.2o7.net&ce=UTF-8&ns=cebwa&cdp=2&pageName=us_partner%3A%2Ftgi2%2Fpolicytools%2Fviewpolicy.aspx&g=https%3A%2F%2Fbuy.travelguard.com%2Ftgi2%2Fpolicytools%2Fviewpolicy.aspx%3Fpolicy%3D928128931%26ln%3DCEGLOWSKA%26br%3Dhotwire&cc=USD&ch=us_partner&c2=us_partner%3A%2Ftgi2%2Fpolicytools%2F&c3=us_partner%3A%2Ftgi2%2Fpolicytools%2F&c4=CEBWA%3A2.0.3&c8=insurance%20services%3Aamericas%3Aunited%20states%3Acommercial%20insurance%3Aaig%20travel%20guard-us&v18=D%3DpageName&c19=us_partner&v19=us_partner&c20=us_partner%3Aus_partner%3A%2Ftgi2%2Fpolicytools%2Fviewpolicy.aspx&c21=anon&v21=anon&c22=1%3A00AM&v22=D%3Dc22&c23=Thursday&v23=D%3Dc23&c28=travelguard-us&v28=D%3Dc28&c29=001&v29=001&c30=north%20america&v30=D%3Dc30&c31=usa&v31=usa&c32=hotwire&v32=D%3Dc32&c33=english&v33=D%3Dc33&c41=Live&c74=New&v74=New&h1=D%3Dc8&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1 HTTP 302
  • https://cebwa.d2.sc.omtrdc.net/b/ss/cebwa001,cebwaglobalchartis/1/H.23.6/s65753558875370?AQB=1&pccr=true&vidn=2DACB53105311FB4-40000101E0035F33&&ndh=1&t=26%2F6%2F2018%206%3A29%3A54%204%200&vmt=4C5CBD83&vmf=cebwa.122.2o7.net&ce=UTF-8&ns=cebwa&cdp=2&pageName=us_partner%3A%2Ftgi2%2Fpolicytools%2Fviewpolicy.aspx&g=https%3A%2F%2Fbuy.travelguard.com%2Ftgi2%2Fpolicytools%2Fviewpolicy.aspx%3Fpolicy%3D928128931%26ln%3DCEGLOWSKA%26br%3Dhotwire&cc=USD&ch=us_partner&c2=us_partner%3A%2Ftgi2%2Fpolicytools%2F&c3=us_partner%3A%2Ftgi2%2Fpolicytools%2F&c4=CEBWA%3A2.0.3&c8=insurance%20services%3Aamericas%3Aunited%20states%3Acommercial%20insurance%3Aaig%20travel%20guard-us&v18=D%3DpageName&c19=us_partner&v19=us_partner&c20=us_partner%3Aus_partner%3A%2Ftgi2%2Fpolicytools%2Fviewpolicy.aspx&c21=anon&v21=anon&c22=1%3A00AM&v22=D%3Dc22&c23=Thursday&v23=D%3Dc23&c28=travelguard-us&v28=D%3Dc28&c29=001&v29=001&c30=north%20america&v30=D%3Dc30&c31=usa&v31=usa&c32=hotwire&v32=D%3Dc32&c33=english&v33=D%3Dc33&c41=Live&c74=New&v74=New&h1=D%3Dc8&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1
Request Chain 30
  • https://track.searchignite.com/si/CM/Tracking/ClickTracking.aspx?siclientid=3489&jscript=1 HTTP 302
  • https://dms.netmng.com/si/CM/Tracking/ClickTracking.aspx?siclientid=3489&jscript=1&u=
Request Chain 35
  • https://4376667.fls.doubleclick.net/activityi;src=4376667;type=invmedia;cat=drv6CuFA;ord=6419007560163.698 HTTP 302
  • https://4376667.fls.doubleclick.net/activityi;dc_pre=CNDW7vyRvNwCFfUK0wodGeMMYw;src=4376667;type=invmedia;cat=drv6CuFA;ord=6419007560163.698
Request Chain 40
  • https://cm.g.doubleclick.net/pixel?google_nid=netmng&google_cm&google_sc&google_hm=bDRreTNpa25hOW1pZw==&vid=l4ky3ikna9mig HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=netmng&google_cm=&google_sc=&google_hm=bDRreTNpa25hOW1pZw==&vid=l4ky3ikna9mig&google_tc= HTTP 302
  • https://gcm.netmng.com/?id=&vid=l4ky3ikna9mig&google_gid=CAESEFtyYdl7yflERfX605OXieA&google_cver=1 HTTP 302
  • https://www.googleadservices.com/pagead/conversion/1057254703/?label=Uq59CP-34QEQr9qR-AM&amp;guid=ON&amp;script=0 HTTP 302
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1057254703/?label=Uq59CP-34QEQr9qR-AM&amp;guid=ON&amp;script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=Y2pZW5zfH8_V3gPowqWgBQ&random=659071965&sscte=1&crd=CKrPGw&gsr= HTTP 302
  • https://www.google.com/ads/conversion/1057254703/?label=Uq59CP-34QEQr9qR-AM&amp;guid=ON&amp;script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=659071965&sscte=1&crd=CKrPGw&gsr=&cdct=2&is_vtc=1&ocp_id=Y2pZW5zfH8_V3gPowqWgBQ&random=1386598844 HTTP 302
  • https://www.google.de/ads/conversion/1057254703/?label=Uq59CP-34QEQr9qR-AM&amp;guid=ON&amp;script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=659071965&sscte=1&crd=CKrPGw&gsr=&cdct=2&is_vtc=1&ocp_id=Y2pZW5zfH8_V3gPowqWgBQ&random=1386598844&ipr=y&ulfeg=n
Request Chain 41
  • https://dpm.demdex.net/ibs:dpid=640&dpuuid=l4ky3ikna9mig HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=640&dpuuid=l4ky3ikna9mig
Request Chain 44
  • https://secure.adnxs.com/mapuid?member=6928&user=l4ky3ikna9mig HTTP 302
  • https://secure.adnxs.com/bounce?%2Fmapuid%3Fmember%3D6928%26user%3Dl4ky3ikna9mig
Request Chain 45
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=61&external_user_id=l4ky3ikna9mig&expiration=1535178595 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=61&external_user_id=l4ky3ikna9mig&expiration=1535178595&C=1
Request Chain 46
  • https://ad.360yield.com/match?publisher_dsp_id=35&external_user_id=l4ky3ikna9mig HTTP 302
  • https://ad.360yield.com/ul_cb/match?publisher_dsp_id=35&external_user_id=l4ky3ikna9mig
Request Chain 49
  • https://x.bidswitch.net/sync?dsp_id=14&user_id=l4ky3ikna9mig&expires=30 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=14&user_id=l4ky3ikna9mig&expires=30 HTTP 302
  • https://rtb.gumgum.com/usersync?b=bsw&i=9e6bdc69-e4f7-4f6e-8166-a12ab68c4911
Request Chain 52
  • https://us-u.openx.net/w/1.0/sd?id=537072967&val=l4ky3ikna9mig HTTP 302
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537072967&val=l4ky3ikna9mig

58 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set viewpolicy.aspx
buy.travelguard.com/tgi2/policytools/ 		31 KB
32 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://buy.travelguard.com/tgi2/policytools/viewpolicy.aspx?policy=928128931&ln=CEGLOWSKA&br=hotwire
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
167.230.141.64 , United States, ASN10975 (NET-AIG - American International Group Data Center, Inc., US),
Reverse DNS
NotAllocatedbyAIG.maybe.spoofed
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
3a338df5f2ec74f64add7bcb08667b62aa9de55e15bcbc4f03f9de189c8af7af

Request headers

Host
buy.travelguard.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
45809496CD1940983C130B93C5C2FDA5

Response headers

Connection
Keep-Alive
Transfer-Encoding
chunked
Cache-Control
private
Content-Type
text/html; charset=utf-8
Server
Microsoft-IIS/8.5
X-AspNet-Version
2.0.50727
Set-Cookie
New_Location=ftwt; path=/; HttpOnly ADRUM_BTa=R:0|g:691c26b4-956f-4f7a-86ab-9cb80bb7f587; expires=Thu, 26-Jul-2018 06:30:17 GMT; path=/; HttpOnly ADRUM_BT1=R:0|i:738827|e:5250; expires=Thu, 26-Jul-2018 06:30:17 GMT; path=/; HttpOnly
X-Powered-By
ASP.NET
Date
Thu, 26 Jul 2018 06:29:51 GMT
common.css
buy.travelguard.com/tgi2/brands/ADXTGUS/default/css/ 		1 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://buy.travelguard.com/tgi2/brands/ADXTGUS/default/css/common.css
Requested by
Host: buy.travelguard.com
URL: https://buy.travelguard.com/tgi2/policytools/viewpolicy.aspx?policy=928128931&ln=CEGLOWSKA&br=hotwire
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
167.230.141.64 , United States, ASN10975 (NET-AIG - American International Group Data Center, Inc., US),
Reverse DNS
NotAllocatedbyAIG.maybe.spoofed
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
ab534f20fc5688c37042fab8b9138e507f16464116e3356a1506ca492f1dec4c

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
buy.travelguard.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
https://buy.travelguard.com/tgi2/policytools/viewpolicy.aspx?policy=928128931&ln=CEGLOWSKA&br=hotwire
Cookie
New_Location=ftwt; ADRUM_BTa=R:0|g:691c26b4-956f-4f7a-86ab-9cb80bb7f587; ADRUM_BT1=R:0|i:738827|e:5250
Connection
keep-alive
Cache-Control
no-cache
Referer
https://buy.travelguard.com/tgi2/policytools/viewpolicy.aspx?policy=928128931&ln=CEGLOWSKA&br=hotwire
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 26 Jul 2018 06:29:51 GMT
Last-Modified
Sun, 28 Mar 2010 01:24:22 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"067246515ceca1:0"
Transfer-Encoding
chunked
Content-Type
text/css
Connection
Keep-Alive
styleAbstract.css
buy.travelguard.com/tgi2/css/ 		31 KB
31 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://buy.travelguard.com/tgi2/css/styleAbstract.css
Requested by
Host: buy.travelguard.com
URL: https://buy.travelguard.com/tgi2/policytools/viewpolicy.aspx?policy=928128931&ln=CEGLOWSKA&br=hotwire
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
167.230.141.64 , United States, ASN10975 (NET-AIG - American International Group Data Center, Inc., US),
Reverse DNS
NotAllocatedbyAIG.maybe.spoofed
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
2ba5b01761544e351b597e8e568de9929f679675e57974301c4f74bc5060ae51

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
buy.travelguard.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
https://buy.travelguard.com/tgi2/policytools/viewpolicy.aspx?policy=928128931&ln=CEGLOWSKA&br=hotwire
Cookie
New_Location=ftwt; ADRUM_BTa=R:0|g:691c26b4-956f-4f7a-86ab-9cb80bb7f587; ADRUM_BT1=R:0|i:738827|e:5250
Connection
keep-alive
Cache-Control
no-cache
Referer
https://buy.travelguard.com/tgi2/policytools/viewpolicy.aspx?policy=928128931&ln=CEGLOWSKA&br=hotwire
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 26 Jul 2018 06:29:52 GMT
Last-Modified
Fri, 11 May 2018 15:02:56 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"090942439e9d31:0"
Transfer-Encoding
chunked
Content-Type
text/css
Connection
Keep-Alive
dictionary.js
buy.travelguard.com/tgi2/js/ 		987 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buy.travelguard.com/tgi2/js/dictionary.js
Requested by
Host: buy.travelguard.com
URL: https://buy.travelguard.com/tgi2/policytools/viewpolicy.aspx?policy=928128931&ln=CEGLOWSKA&br=hotwire
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
167.230.141.64 , United States, ASN10975 (NET-AIG - American International Group Data Center, Inc., US),
Reverse DNS
NotAllocatedbyAIG.maybe.spoofed
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
afe64170aba0054ef6876e439eb51e68f6db3d3f266c4280a628abdf2cb0d79b

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
buy.travelguard.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://buy.travelguard.com/tgi2/policytools/viewpolicy.aspx?policy=928128931&ln=CEGLOWSKA&br=hotwire
Cookie
New_Location=ftwt; ADRUM_BTa=R:0|g:691c26b4-956f-4f7a-86ab-9cb80bb7f587; ADRUM_BT1=R:0|i:738827|e:5250
Connection
keep-alive
Cache-Control
no-cache
Referer
https://buy.travelguard.com/tgi2/policytools/viewpolicy.aspx?policy=928128931&ln=CEGLOWSKA&br=hotwire
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 26 Jul 2018 06:29:52 GMT
Last-Modified
Mon, 12 Apr 2010 16:01:40 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"0a87059daca1:0"
Transfer-Encoding
chunked
Content-Type
application/javascript
Connection
Keep-Alive
policyconfirmation.js
buy.travelguard.com/tgi2/js/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buy.travelguard.com/tgi2/js/policyconfirmation.js
Requested by
Host: buy.travelguard.com
URL: https://buy.travelguard.com/tgi2/policytools/viewpolicy.aspx?policy=928128931&ln=CEGLOWSKA&br=hotwire
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
167.230.141.64 , United States, ASN10975 (NET-AIG - American International Group Data Center, Inc., US),
Reverse DNS
NotAllocatedbyAIG.maybe.spoofed
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
df1bd199de87247dd238ba5360d7a4ccd5d8e0782a1e917df2b729a140beb753

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
buy.travelguard.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://buy.travelguard.com/tgi2/policytools/viewpolicy.aspx?policy=928128931&ln=CEGLOWSKA&br=hotwire
Cookie
New_Location=ftwt; ADRUM_BTa=R:0|g:691c26b4-956f-4f7a-86ab-9cb80bb7f587; ADRUM_BT1=R:0|i:738827|e:5250
Connection
keep-alive
Cache-Control
no-cache
Referer
https://buy.travelguard.com/tgi2/policytools/viewpolicy.aspx?policy=928128931&ln=CEGLOWSKA&br=hotwire
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 26 Jul 2018 06:29:52 GMT
Last-Modified
Tue, 01 Aug 2017 16:39:14 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"8279c3b5e4ad31:0"
Transfer-Encoding
chunked
Content-Type
application/javascript
Connection
Keep-Alive
utils.js
buy.travelguard.com/tgi2/js/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buy.travelguard.com/tgi2/js/utils.js
Requested by
Host: buy.travelguard.com
URL: https://buy.travelguard.com/tgi2/policytools/viewpolicy.aspx?policy=928128931&ln=CEGLOWSKA&br=hotwire
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
167.230.141.64 , United States, ASN10975 (NET-AIG - American International Group Data Center, Inc., US),
Reverse DNS
NotAllocatedbyAIG.maybe.spoofed
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
21e3439fe5c80e2e59a56181ca3f9290c49aa93f4f3159d1126f981ed4c1c174

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
buy.travelguard.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://buy.travelguard.com/tgi2/policytools/viewpolicy.aspx?policy=928128931&ln=CEGLOWSKA&br=hotwire
Cookie
New_Location=ftwt; ADRUM_BTa=R:0|g:691c26b4-956f-4f7a-86ab-9cb80bb7f587; ADRUM_BT1=R:0|i:738827|e:5250
Connection
keep-alive
Cache-Control
no-cache
Referer
https://buy.travelguard.com/tgi2/policytools/viewpolicy.aspx?policy=928128931&ln=CEGLOWSKA&br=hotwire
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 26 Jul 2018 06:29:52 GMT
Last-Modified
Wed, 01 Oct 2008 23:21:46 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"061bb781c24c91:0"
Transfer-Encoding
chunked
Content-Type
application/javascript
Connection
Keep-Alive
stylePopup.css
buy.travelguard.com/tgi2/css/ 		1 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://buy.travelguard.com/tgi2/css/stylePopup.css
Requested by
Host: buy.travelguard.com
URL: https://buy.travelguard.com/tgi2/policytools/viewpolicy.aspx?policy=928128931&ln=CEGLOWSKA&br=hotwire
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
167.230.141.64 , United States, ASN10975 (NET-AIG - American International Group Data Center, Inc., US),
Reverse DNS
NotAllocatedbyAIG.maybe.spoofed
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
90fbcf6066c2ea41484dcfdaa976a23170a87dbb2ac1d29e6cc8ac4c6affbcd6

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
buy.travelguard.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
https://buy.travelguard.com/tgi2/policytools/viewpolicy.aspx?policy=928128931&ln=CEGLOWSKA&br=hotwire
Cookie
New_Location=ftwt; ADRUM_BTa=R:0|g:691c26b4-956f-4f7a-86ab-9cb80bb7f587; ADRUM_BT1=R:0|i:738827|e:5250
Connection
keep-alive
Cache-Control
no-cache
Referer
https://buy.travelguard.com/tgi2/policytools/viewpolicy.aspx?policy=928128931&ln=CEGLOWSKA&br=hotwire
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 26 Jul 2018 06:29:52 GMT
Last-Modified
Mon, 12 Nov 2007 20:59:54 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"04158f96e25c81:0"
Transfer-Encoding
chunked
Content-Type
text/css
Connection
Keep-Alive
styleConfirmation_V2.css
buy.travelguard.com/tgi2/css/ 		5 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://buy.travelguard.com/tgi2/css/styleConfirmation_V2.css
Requested by
Host: buy.travelguard.com
URL: https://buy.travelguard.com/tgi2/policytools/viewpolicy.aspx?policy=928128931&ln=CEGLOWSKA&br=hotwire
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
167.230.141.64 , United States, ASN10975 (NET-AIG - American International Group Data Center, Inc., US),
Reverse DNS
NotAllocatedbyAIG.maybe.spoofed
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
0440aabe9c68e531a19d1d92dad8a26019b15e7d80f1828ee354a6fec7e918c8

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
buy.travelguard.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
https://buy.travelguard.com/tgi2/policytools/viewpolicy.aspx?policy=928128931&ln=CEGLOWSKA&br=hotwire
Cookie
New_Location=ftwt; ADRUM_BTa=R:0|g:691c26b4-956f-4f7a-86ab-9cb80bb7f587; ADRUM_BT1=R:0|i:738827|e:5250
Connection
keep-alive
Cache-Control
no-cache
Referer
https://buy.travelguard.com/tgi2/policytools/viewpolicy.aspx?policy=928128931&ln=CEGLOWSKA&br=hotwire
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 26 Jul 2018 06:29:52 GMT
Last-Modified
Tue, 13 Jan 2015 18:02:56 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"04865285b2fd01:0"
Transfer-Encoding
chunked
Content-Type
text/css
Connection
Keep-Alive
purchase.css
buy.travelguard.com/tgi2/App_Themes/default/ 		282 B
548 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://buy.travelguard.com/tgi2/App_Themes/default/purchase.css
Requested by
Host: buy.travelguard.com
URL: https://buy.travelguard.com/tgi2/policytools/viewpolicy.aspx?policy=928128931&ln=CEGLOWSKA&br=hotwire
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
167.230.141.64 , United States, ASN10975 (NET-AIG - American International Group Data Center, Inc., US),
Reverse DNS
NotAllocatedbyAIG.maybe.spoofed
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
e1899562d92281b00d934a653e1ebdd369bf2bd9bc23ebc699ffba414a43906b

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
buy.travelguard.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
https://buy.travelguard.com/tgi2/policytools/viewpolicy.aspx?policy=928128931&ln=CEGLOWSKA&br=hotwire
Cookie
New_Location=ftwt; ADRUM_BTa=R:0|g:691c26b4-956f-4f7a-86ab-9cb80bb7f587; ADRUM_BT1=R:0|i:738827|e:5250
Connection
keep-alive
Cache-Control
no-cache
Referer
https://buy.travelguard.com/tgi2/policytools/viewpolicy.aspx?policy=928128931&ln=CEGLOWSKA&br=hotwire
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 26 Jul 2018 06:29:52 GMT
Last-Modified
Sun, 28 Mar 2010 01:40:38 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"02fe2aa17ceca1:0"
Transfer-Encoding
chunked
Content-Type
text/css
Connection
Keep-Alive
WebResource.axd
buy.travelguard.com/tgi2/ 		20 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buy.travelguard.com/tgi2/WebResource.axd?d=gBFebIZauHryFKCoDKVXlDjhJXSDwKinqzIxLGM1OluOeQPiUCs4t0VMhpMnO6UVP3lreD1O82XEywbBX9FwSH9ay9I1&t=636284453271971599
Requested by
Host: buy.travelguard.com
URL: https://buy.travelguard.com/tgi2/policytools/viewpolicy.aspx?policy=928128931&ln=CEGLOWSKA&br=hotwire
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
167.230.141.64 , United States, ASN10975 (NET-AIG - American International Group Data Center, Inc., US),
Reverse DNS
NotAllocatedbyAIG.maybe.spoofed
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
0ba2f6756001669bdf934f9d79e8fd1ccf2028130c33a0510279581ec9dfd73a

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
buy.travelguard.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://buy.travelguard.com/tgi2/policytools/viewpolicy.aspx?policy=928128931&ln=CEGLOWSKA&br=hotwire
Cookie
New_Location=ftwt; ADRUM_BTa=R:0|g:691c26b4-956f-4f7a-86ab-9cb80bb7f587; ADRUM_BT1=R:0|i:738827|e:5250
Connection
keep-alive
Cache-Control
no-cache
Referer
https://buy.travelguard.com/tgi2/policytools/viewpolicy.aspx?policy=928128931&ln=CEGLOWSKA&br=hotwire
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 26 Jul 2018 06:29:52 GMT
Last-Modified
Sat, 22 Apr 2017 13:08:47 GMT
Server
Microsoft-IIS/8.5
ADRUM_0
g:0a8bdc63-33ef-49a0-a8d4-7a4866dc094b
X-Powered-By
ASP.NET
Transfer-Encoding
chunked
Content-Type
application/x-javascript
Cache-Control
public
Connection
Keep-Alive
X-AspNet-Version
2.0.50727
Expires
Thu, 25 Jul 2019 09:48:47 GMT
ScriptResource.axd
buy.travelguard.com/tgi2/ 		21 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buy.travelguard.com/tgi2/ScriptResource.axd?d=39TrmJruOadUZ2ya5A7-F0CHdS_OtzqIaW41v2zqTrzLgdBI6fbspoz2q3olpVQzBJ12iEymmFotxZodBVCnArMeBkOQAn1ZMZmiXoECXxuWCP2eJK8SmQRxSrpvOe-TwtqqsRYz8eYOIzOn8MHONTZneJQ1&t=4eaab336
Requested by
Host: buy.travelguard.com
URL: https://buy.travelguard.com/tgi2/policytools/viewpolicy.aspx?policy=928128931&ln=CEGLOWSKA&br=hotwire
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
167.230.141.64 , United States, ASN10975 (NET-AIG - American International Group Data Center, Inc., US),
Reverse DNS
NotAllocatedbyAIG.maybe.spoofed
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
f407eaaca7adb84344e02cd92e043ef70373783fd2fb562f7acc154eb0ecee02

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
buy.travelguard.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://buy.travelguard.com/tgi2/policytools/viewpolicy.aspx?policy=928128931&ln=CEGLOWSKA&br=hotwire
Cookie
New_Location=ftwt; ADRUM_BTa=R:0|g:691c26b4-956f-4f7a-86ab-9cb80bb7f587; ADRUM_BT1=R:0|i:738827|e:5250
Connection
keep-alive
Cache-Control
no-cache
Referer
https://buy.travelguard.com/tgi2/policytools/viewpolicy.aspx?policy=928128931&ln=CEGLOWSKA&br=hotwire
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 26 Jul 2018 06:29:52 GMT
Last-Modified
Wed, 25 Jul 2018 09:48:48 GMT
Server
Microsoft-IIS/8.5
ADRUM_0
g:4a01aa09-fb5e-4347-9130-ed3e559d14f6
X-Powered-By
ASP.NET
Transfer-Encoding
chunked
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
public
Connection
Keep-Alive
X-AspNet-Version
2.0.50727
Expires
Thu, 25 Jul 2019 09:48:48 GMT
ScriptResource.axd
buy.travelguard.com/tgi2/ 		98 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buy.travelguard.com/tgi2/ScriptResource.axd?d=_eRLQ1wvRd51aRUKwgrqIV4BO0h8--56xlj8_Ti7_7OR-s6R25Eg4_zSmwRmTjZvx_QJHkoey6hi4Dj6VLc_7oxpe3B_akfxcKlGsPLRqy7ioR5BoA3V56iIEi_aB3Yu9DBo9ho4zE-dW6ZzvrZjTQ4kG1c1&t=ffffffffbcb9b94a
Requested by
Host: buy.travelguard.com
URL: https://buy.travelguard.com/tgi2/policytools/viewpolicy.aspx?policy=928128931&ln=CEGLOWSKA&br=hotwire
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
167.230.141.64 , United States, ASN10975 (NET-AIG - American International Group Data Center, Inc., US),
Reverse DNS
NotAllocatedbyAIG.maybe.spoofed
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
0e0323ebfa8dcfa5853cdd4d50bd4820fd0323455efb09fcd05a1196e103224d

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
buy.travelguard.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://buy.travelguard.com/tgi2/policytools/viewpolicy.aspx?policy=928128931&ln=CEGLOWSKA&br=hotwire
Cookie
New_Location=ftwt; ADRUM_BTa=R:0|g:691c26b4-956f-4f7a-86ab-9cb80bb7f587; ADRUM_BT1=R:0|i:738827|e:5250
Connection
keep-alive
Cache-Control
no-cache
Referer
https://buy.travelguard.com/tgi2/policytools/viewpolicy.aspx?policy=928128931&ln=CEGLOWSKA&br=hotwire
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 26 Jul 2018 06:29:52 GMT
Last-Modified
Wed, 25 Jul 2018 09:47:44 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
2.0.50727
X-Powered-By
ASP.NET
Transfer-Encoding
chunked
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
public
Connection
Keep-Alive
Expires
Thu, 25 Jul 2019 09:47:44 GMT
ScriptResource.axd
buy.travelguard.com/tgi2/ 		31 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buy.travelguard.com/tgi2/ScriptResource.axd?d=TNJH2lonJ1fosv5WvDBbp8gwzpRs5gNPbGk4XNJ2ufwlzNI0FRSMpoAXj5jsDWgfnMP_KT187fBFPw1xfgvOfC80Di7skFSK1JTcYl2HrfFvJXoDqiuqzn6TqbR5SeLrfpOGdu_sgiL0V0EwzxgM63y_TyPpGIMn3sT7vJ-AxJJzIX980&t=ffffffffbcb9b94a
Requested by
Host: buy.travelguard.com
URL: https://buy.travelguard.com/tgi2/policytools/viewpolicy.aspx?policy=928128931&ln=CEGLOWSKA&br=hotwire
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
167.230.141.64 , United States, ASN10975 (NET-AIG - American International Group Data Center, Inc., US),
Reverse DNS
NotAllocatedbyAIG.maybe.spoofed
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
4697cc3c8f7dd5826d9239bd84e99e89bfc46ad876139c52a988fa9269c5f819

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
buy.travelguard.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://buy.travelguard.com/tgi2/policytools/viewpolicy.aspx?policy=928128931&ln=CEGLOWSKA&br=hotwire
Cookie
New_Location=ftwt; ADRUM_BTa=R:0|g:691c26b4-956f-4f7a-86ab-9cb80bb7f587; ADRUM_BT1=R:0|i:738827|e:5250
Connection
keep-alive
Cache-Control
no-cache
Referer
https://buy.travelguard.com/tgi2/policytools/viewpolicy.aspx?policy=928128931&ln=CEGLOWSKA&br=hotwire
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 26 Jul 2018 06:29:52 GMT
Last-Modified
Wed, 25 Jul 2018 07:17:02 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
2.0.50727
X-Powered-By
ASP.NET
Transfer-Encoding
chunked
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
public
Connection
Keep-Alive
Expires
Thu, 25 Jul 2019 07:17:02 GMT
WebResource.axd
buy.travelguard.com/tgi2/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buy.travelguard.com/tgi2/WebResource.axd?d=cEGrpYYYvVLMZ0wWDidQY_KImkdOweRYeaYQUeuR0KTPEVJDk1ey22pm307XHWpmeb7kurq_cJeFgTrGrVcuMpzNRn01&t=636284453271971599
Requested by
Host: buy.travelguard.com
URL: https://buy.travelguard.com/tgi2/policytools/viewpolicy.aspx?policy=928128931&ln=CEGLOWSKA&br=hotwire
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
167.230.141.64 , United States, ASN10975 (NET-AIG - American International Group Data Center, Inc., US),
Reverse DNS
NotAllocatedbyAIG.maybe.spoofed
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
144524233f795d6a425b76f7ae5c0bb622b5f67e2e6ae73532ad526528ca07cf

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
buy.travelguard.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://buy.travelguard.com/tgi2/policytools/viewpolicy.aspx?policy=928128931&ln=CEGLOWSKA&br=hotwire
Cookie
New_Location=ftwt; ADRUM_BTa=R:0|g:691c26b4-956f-4f7a-86ab-9cb80bb7f587; ADRUM_BT1=R:0|i:738827|e:5250
Connection
keep-alive
Cache-Control
no-cache
Referer
https://buy.travelguard.com/tgi2/policytools/viewpolicy.aspx?policy=928128931&ln=CEGLOWSKA&br=hotwire
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 26 Jul 2018 06:29:52 GMT
Last-Modified
Sat, 22 Apr 2017 13:08:47 GMT
Server
Microsoft-IIS/8.5
ADRUM_0
g:ab304bdc-d5a8-4414-8044-341a1f73d81e
X-Powered-By
ASP.NET
Transfer-Encoding
chunked
Content-Type
application/x-javascript
Cache-Control
public
Connection
Keep-Alive
X-AspNet-Version
2.0.50727
Expires
Thu, 25 Jul 2019 10:30:08 GMT
Chartis-TG-logo.png
buy.travelguard.com/tgi2/App_Themes/default/img/header/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://buy.travelguard.com/tgi2/App_Themes/default/img/header/Chartis-TG-logo.png
Requested by
Host: buy.travelguard.com
URL: https://buy.travelguard.com/tgi2/policytools/viewpolicy.aspx?policy=928128931&ln=CEGLOWSKA&br=hotwire
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
167.230.141.64 , United States, ASN10975 (NET-AIG - American International Group Data Center, Inc., US),
Reverse DNS
NotAllocatedbyAIG.maybe.spoofed
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
349c6bf2c750e4943672ef10c5d09ffbda4b0d96e56a89b9a532fb9747849115

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
buy.travelguard.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://buy.travelguard.com/tgi2/policytools/viewpolicy.aspx?policy=928128931&ln=CEGLOWSKA&br=hotwire
Cookie
New_Location=ftwt; ADRUM_BTa=R:0|g:691c26b4-956f-4f7a-86ab-9cb80bb7f587; ADRUM_BT1=R:0|i:738827|e:5250
Connection
keep-alive
Cache-Control
no-cache
Referer
https://buy.travelguard.com/tgi2/policytools/viewpolicy.aspx?policy=928128931&ln=CEGLOWSKA&br=hotwire
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 26 Jul 2018 06:29:54 GMT
Last-Modified
Tue, 16 Jul 2013 20:56:28 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"0e6e2f06682ce1:0"
Transfer-Encoding
chunked
Content-Type
image/png
Connection
Keep-Alive
AIG_Logo.gif
buy.travelguard.com/tgi2/App_Themes/default/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://buy.travelguard.com/tgi2/App_Themes/default/img/AIG_Logo.gif
Requested by
Host: buy.travelguard.com
URL: https://buy.travelguard.com/tgi2/policytools/viewpolicy.aspx?policy=928128931&ln=CEGLOWSKA&br=hotwire
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
167.230.141.64 , United States, ASN10975 (NET-AIG - American International Group Data Center, Inc., US),
Reverse DNS
NotAllocatedbyAIG.maybe.spoofed
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
89451cc80b6cba3abeaa5d615bd57c05468e2e80209812acb1c3ac1ec2f316e1

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
buy.travelguard.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://buy.travelguard.com/tgi2/policytools/viewpolicy.aspx?policy=928128931&ln=CEGLOWSKA&br=hotwire
Cookie
New_Location=ftwt; ADRUM_BTa=R:0|g:691c26b4-956f-4f7a-86ab-9cb80bb7f587; ADRUM_BT1=R:0|i:738827|e:5250
Connection
keep-alive
Cache-Control
no-cache
Referer
https://buy.travelguard.com/tgi2/policytools/viewpolicy.aspx?policy=928128931&ln=CEGLOWSKA&br=hotwire
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 26 Jul 2018 06:29:54 GMT
Last-Modified
Fri, 27 Oct 2017 15:28:46 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"9864e48384fd31:0"
Transfer-Encoding
chunked
Content-Type
image/gif
Connection
Keep-Alive
spacer.gif
buy.travelguard.com/tgi2/images/ 		43 B
309 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://buy.travelguard.com/tgi2/images/spacer.gif
Requested by
Host: buy.travelguard.com
URL: https://buy.travelguard.com/tgi2/policytools/viewpolicy.aspx?policy=928128931&ln=CEGLOWSKA&br=hotwire
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
167.230.141.64 , United States, ASN10975 (NET-AIG - American International Group Data Center, Inc., US),
Reverse DNS
NotAllocatedbyAIG.maybe.spoofed
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
1b59ea2fe89b49ba3b0340b8a67c30de84f715888d640f108fb246017df1114d

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
buy.travelguard.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://buy.travelguard.com/tgi2/policytools/viewpolicy.aspx?policy=928128931&ln=CEGLOWSKA&br=hotwire
Cookie
New_Location=ftwt; ADRUM_BTa=R:0|g:691c26b4-956f-4f7a-86ab-9cb80bb7f587; ADRUM_BT1=R:0|i:738827|e:5250
Connection
keep-alive
Cache-Control
no-cache
Referer
https://buy.travelguard.com/tgi2/policytools/viewpolicy.aspx?policy=928128931&ln=CEGLOWSKA&br=hotwire
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 26 Jul 2018 06:29:54 GMT
Last-Modified
Mon, 12 Nov 2007 21:00:02 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"0f51cfe6e25c81:0"
Transfer-Encoding
chunked
Content-Type
image/gif
Connection
Keep-Alive
btn-doc.png
buy.travelguard.com/tgi2/images/popupdiv/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://buy.travelguard.com/tgi2/images/popupdiv/btn-doc.png
Requested by
Host: buy.travelguard.com
URL: https://buy.travelguard.com/tgi2/policytools/viewpolicy.aspx?policy=928128931&ln=CEGLOWSKA&br=hotwire
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
167.230.141.64 , United States, ASN10975 (NET-AIG - American International Group Data Center, Inc., US),
Reverse DNS
NotAllocatedbyAIG.maybe.spoofed
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
d1d5604f14c583faf18e064f17fef4864fe4906bfeb612aa37c777ece72b2bf9

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
buy.travelguard.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://buy.travelguard.com/tgi2/policytools/viewpolicy.aspx?policy=928128931&ln=CEGLOWSKA&br=hotwire
Cookie
New_Location=ftwt; ADRUM_BTa=R:0|g:691c26b4-956f-4f7a-86ab-9cb80bb7f587; ADRUM_BT1=R:0|i:738827|e:5250
Connection
keep-alive
Cache-Control
no-cache
Referer
https://buy.travelguard.com/tgi2/policytools/viewpolicy.aspx?policy=928128931&ln=CEGLOWSKA&br=hotwire
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 26 Jul 2018 06:29:54 GMT
Last-Modified
Mon, 12 Nov 2007 21:00:06 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"04f7f06f25c81:0"
Transfer-Encoding
chunked
Content-Type
image/png
Connection
Keep-Alive
btn-alert.png
buy.travelguard.com/tgi2/images/popupdiv/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://buy.travelguard.com/tgi2/images/popupdiv/btn-alert.png
Requested by
Host: buy.travelguard.com
URL: https://buy.travelguard.com/tgi2/policytools/viewpolicy.aspx?policy=928128931&ln=CEGLOWSKA&br=hotwire
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
167.230.141.64 , United States, ASN10975 (NET-AIG - American International Group Data Center, Inc., US),
Reverse DNS
NotAllocatedbyAIG.maybe.spoofed
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
bd09f4549710c6d75761191e96017adf6e3fee2a5ddf8e1f9edc91afcdc247f5

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
buy.travelguard.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://buy.travelguard.com/tgi2/policytools/viewpolicy.aspx?policy=928128931&ln=CEGLOWSKA&br=hotwire
Cookie
New_Location=ftwt; ADRUM_BTa=R:0|g:691c26b4-956f-4f7a-86ab-9cb80bb7f587; ADRUM_BT1=R:0|i:738827|e:5250
Connection
keep-alive
Cache-Control
no-cache
Referer
https://buy.travelguard.com/tgi2/policytools/viewpolicy.aspx?policy=928128931&ln=CEGLOWSKA&br=hotwire
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 26 Jul 2018 06:29:54 GMT
Last-Modified
Mon, 12 Nov 2007 21:00:04 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"0224eff6e25c81:0"
Transfer-Encoding
chunked
Content-Type
image/png
Connection
Keep-Alive
btn-strike.png
buy.travelguard.com/tgi2/images/popupdiv/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://buy.travelguard.com/tgi2/images/popupdiv/btn-strike.png
Requested by
Host: buy.travelguard.com
URL: https://buy.travelguard.com/tgi2/policytools/viewpolicy.aspx?policy=928128931&ln=CEGLOWSKA&br=hotwire
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
167.230.141.64 , United States, ASN10975 (NET-AIG - American International Group Data Center, Inc., US),
Reverse DNS
NotAllocatedbyAIG.maybe.spoofed
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
c5c6b66f1dae815e54d72fdeaa5b697be8600206c34d67aeec843e35c4ddf289

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
buy.travelguard.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://buy.travelguard.com/tgi2/policytools/viewpolicy.aspx?policy=928128931&ln=CEGLOWSKA&br=hotwire
Cookie
New_Location=ftwt; ADRUM_BTa=R:0|g:691c26b4-956f-4f7a-86ab-9cb80bb7f587; ADRUM_BT1=R:0|i:738827|e:5250
Connection
keep-alive
Cache-Control
no-cache
Referer
https://buy.travelguard.com/tgi2/policytools/viewpolicy.aspx?policy=928128931&ln=CEGLOWSKA&br=hotwire
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 26 Jul 2018 06:29:54 GMT
Last-Modified
Mon, 12 Nov 2007 21:00:06 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"04f7f06f25c81:0"
Transfer-Encoding
chunked
Content-Type
image/png
Connection
Keep-Alive
btn-close.png
buy.travelguard.com/tgi2/images/popupdiv/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://buy.travelguard.com/tgi2/images/popupdiv/btn-close.png
Requested by
Host: buy.travelguard.com
URL: https://buy.travelguard.com/tgi2/policytools/viewpolicy.aspx?policy=928128931&ln=CEGLOWSKA&br=hotwire
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
167.230.141.64 , United States, ASN10975 (NET-AIG - American International Group Data Center, Inc., US),
Reverse DNS
NotAllocatedbyAIG.maybe.spoofed
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
e77a821257feb2889068d6d5031905c03c12fbfe173bfbc7199208fc322343c4

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
buy.travelguard.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://buy.travelguard.com/tgi2/policytools/viewpolicy.aspx?policy=928128931&ln=CEGLOWSKA&br=hotwire
Cookie
New_Location=ftwt; ADRUM_BTa=R:0|g:691c26b4-956f-4f7a-86ab-9cb80bb7f587; ADRUM_BT1=R:0|i:738827|e:5250
Connection
keep-alive
Cache-Control
no-cache
Referer
https://buy.travelguard.com/tgi2/policytools/viewpolicy.aspx?policy=928128931&ln=CEGLOWSKA&br=hotwire
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 26 Jul 2018 06:29:54 GMT
Last-Modified
Mon, 12 Nov 2007 21:00:04 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"0224eff6e25c81:0"
Transfer-Encoding
chunked
Content-Type
image/png
Connection
Keep-Alive
scCustom.js
buy.travelguard.com/tgi2/js/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buy.travelguard.com/tgi2/js/scCustom.js
Requested by
Host: buy.travelguard.com
URL: https://buy.travelguard.com/tgi2/policytools/viewpolicy.aspx?policy=928128931&ln=CEGLOWSKA&br=hotwire
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
167.230.141.64 , United States, ASN10975 (NET-AIG - American International Group Data Center, Inc., US),
Reverse DNS
NotAllocatedbyAIG.maybe.spoofed
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
2aec0c6ec6d9e171c5745310cb5d7437525998abcece4474682d168f7a646ced

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
buy.travelguard.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://buy.travelguard.com/tgi2/policytools/viewpolicy.aspx?policy=928128931&ln=CEGLOWSKA&br=hotwire
Cookie
New_Location=ftwt; ADRUM_BTa=R:0|g:691c26b4-956f-4f7a-86ab-9cb80bb7f587; ADRUM_BT1=R:0|i:738827|e:5250
Connection
keep-alive
Cache-Control
no-cache
Referer
https://buy.travelguard.com/tgi2/policytools/viewpolicy.aspx?policy=928128931&ln=CEGLOWSKA&br=hotwire
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 26 Jul 2018 06:29:54 GMT
Last-Modified
Fri, 27 Jun 2014 23:02:26 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"0adbbdc5b92cf1:0"
Transfer-Encoding
chunked
Content-Type
application/javascript
Connection
Keep-Alive
siteCatalyst.js
buy.travelguard.com/tgi2/js/ 		62 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buy.travelguard.com/tgi2/js/siteCatalyst.js
Requested by
Host: buy.travelguard.com
URL: https://buy.travelguard.com/tgi2/policytools/viewpolicy.aspx?policy=928128931&ln=CEGLOWSKA&br=hotwire
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
167.230.141.64 , United States, ASN10975 (NET-AIG - American International Group Data Center, Inc., US),
Reverse DNS
NotAllocatedbyAIG.maybe.spoofed
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
bb18ece4127638abccc63fc552ee7dba7dfafb8846242006d371ba3df764e83b

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
buy.travelguard.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://buy.travelguard.com/tgi2/policytools/viewpolicy.aspx?policy=928128931&ln=CEGLOWSKA&br=hotwire
Cookie
New_Location=ftwt; ADRUM_BTa=R:0|g:691c26b4-956f-4f7a-86ab-9cb80bb7f587; ADRUM_BT1=R:0|i:738827|e:5250
Connection
keep-alive
Cache-Control
no-cache
Referer
https://buy.travelguard.com/tgi2/policytools/viewpolicy.aspx?policy=928128931&ln=CEGLOWSKA&br=hotwire
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 26 Jul 2018 06:29:54 GMT
Last-Modified
Wed, 23 May 2012 14:31:58 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"033cff038cd1:0"
Transfer-Encoding
chunked
Content-Type
application/javascript
Connection
Keep-Alive
jQuery158.js
buy.travelguard.com/tgi2/brands/ADXTGUS/tgdirect/javascript/ 		138 KB
138 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buy.travelguard.com/tgi2/brands/ADXTGUS/tgdirect/javascript/jQuery158.js
Requested by
Host: buy.travelguard.com
URL: https://buy.travelguard.com/tgi2/policytools/viewpolicy.aspx?policy=928128931&ln=CEGLOWSKA&br=hotwire
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
167.230.141.64 , United States, ASN10975 (NET-AIG - American International Group Data Center, Inc., US),
Reverse DNS
NotAllocatedbyAIG.maybe.spoofed
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
15492365ee521aacdd1fe4771a80080a669f3111784cdccdf88373d6f3572807

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
buy.travelguard.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://buy.travelguard.com/tgi2/policytools/viewpolicy.aspx?policy=928128931&ln=CEGLOWSKA&br=hotwire
Cookie
New_Location=ftwt; ADRUM_BTa=R:0|g:691c26b4-956f-4f7a-86ab-9cb80bb7f587; ADRUM_BT1=R:0|i:738827|e:5250
Connection
keep-alive
Cache-Control
no-cache
Referer
https://buy.travelguard.com/tgi2/policytools/viewpolicy.aspx?policy=928128931&ln=CEGLOWSKA&br=hotwire
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 26 Jul 2018 06:29:52 GMT
Last-Modified
Fri, 05 Sep 2014 18:24:06 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"067ac9336c9cf1:0"
Transfer-Encoding
chunked
Content-Type
application/javascript
Connection
Keep-Alive
stylePrint.css
buy.travelguard.com/tgi2/css/ 		2 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://buy.travelguard.com/tgi2/css/stylePrint.css
Requested by
Host: buy.travelguard.com
URL: https://buy.travelguard.com/tgi2/policytools/viewpolicy.aspx?policy=928128931&ln=CEGLOWSKA&br=hotwire
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
167.230.141.64 , United States, ASN10975 (NET-AIG - American International Group Data Center, Inc., US),
Reverse DNS
NotAllocatedbyAIG.maybe.spoofed
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
2db2ed2ec1b2d7bdaccf190db9cfb40096f36c349f782b3280a65c51fe8a0a49

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
buy.travelguard.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
https://buy.travelguard.com/tgi2/policytools/viewpolicy.aspx?policy=928128931&ln=CEGLOWSKA&br=hotwire
Cookie
New_Location=ftwt; ADRUM_BTa=R:0|g:691c26b4-956f-4f7a-86ab-9cb80bb7f587; ADRUM_BT1=R:0|i:738827|e:5250
Connection
keep-alive
Cache-Control
no-cache
Referer
https://buy.travelguard.com/tgi2/policytools/viewpolicy.aspx?policy=928128931&ln=CEGLOWSKA&br=hotwire
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 26 Jul 2018 06:29:54 GMT
Last-Modified
Tue, 13 Jan 2015 17:51:22 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"049bd8a592fd01:0"
Transfer-Encoding
chunked
Content-Type
text/css
Connection
Keep-Alive
main-body-bg.gif
buy.travelguard.com/tgi2/App_Themes/default/img/header/ 		524 B
791 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://buy.travelguard.com/tgi2/App_Themes/default/img/header/main-body-bg.gif
Requested by
Host: buy.travelguard.com
URL: https://buy.travelguard.com/tgi2/policytools/viewpolicy.aspx?policy=928128931&ln=CEGLOWSKA&br=hotwire
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
167.230.141.64 , United States, ASN10975 (NET-AIG - American International Group Data Center, Inc., US),
Reverse DNS
NotAllocatedbyAIG.maybe.spoofed
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
62c5f2313be7056576885c27b088b6e4fdf5f0e6e256145760a124a8c1b67361

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
buy.travelguard.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://buy.travelguard.com/tgi2/brands/ADXTGUS/default/css/common.css
Cookie
New_Location=ftwt; ADRUM_BTa=R:0|g:691c26b4-956f-4f7a-86ab-9cb80bb7f587; ADRUM_BT1=R:0|i:738827|e:5250
Connection
keep-alive
Cache-Control
no-cache
Referer
https://buy.travelguard.com/tgi2/brands/ADXTGUS/default/css/common.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 26 Jul 2018 06:29:54 GMT
Last-Modified
Fri, 26 Mar 2010 01:53:30 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"089342287ccca1:0"
Transfer-Encoding
chunked
Content-Type
image/gif
Connection
Keep-Alive
checker.gif
buy.travelguard.com/tgi2/images/popupdiv/ 		938 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://buy.travelguard.com/tgi2/images/popupdiv/checker.gif
Requested by
Host: buy.travelguard.com
URL: https://buy.travelguard.com/tgi2/policytools/viewpolicy.aspx?policy=928128931&ln=CEGLOWSKA&br=hotwire
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
167.230.141.64 , United States, ASN10975 (NET-AIG - American International Group Data Center, Inc., US),
Reverse DNS
NotAllocatedbyAIG.maybe.spoofed
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
0c795c3fff22b1f9b301d7d255314de75b9941a7ad293cabf6d33b5af67a4987

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
buy.travelguard.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://buy.travelguard.com/tgi2/css/stylePopup.css
Cookie
New_Location=ftwt; ADRUM_BTa=R:0|g:691c26b4-956f-4f7a-86ab-9cb80bb7f587; ADRUM_BT1=R:0|i:738827|e:5250
Connection
keep-alive
Cache-Control
no-cache
Referer
https://buy.travelguard.com/tgi2/css/stylePopup.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 26 Jul 2018 06:29:54 GMT
Last-Modified
Fri, 18 Nov 2011 19:10:42 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"0a5bc425a6cc1:0"
Transfer-Encoding
chunked
Content-Type
image/gif
Connection
Keep-Alive
error.png
buy.travelguard.com/tgi2/images/messages/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://buy.travelguard.com/tgi2/images/messages/error.png
Requested by
Host: buy.travelguard.com
URL: https://buy.travelguard.com/tgi2/policytools/viewpolicy.aspx?policy=928128931&ln=CEGLOWSKA&br=hotwire
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
167.230.141.64 , United States, ASN10975 (NET-AIG - American International Group Data Center, Inc., US),
Reverse DNS
NotAllocatedbyAIG.maybe.spoofed
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
7206a8994f04d8cf4332a751f06d3ae6d780ffed9a8bd1c33eec577e14f8ec99

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
buy.travelguard.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://buy.travelguard.com/tgi2/css/styleAbstract.css
Cookie
New_Location=ftwt; ADRUM_BTa=R:0|g:691c26b4-956f-4f7a-86ab-9cb80bb7f587; ADRUM_BT1=R:0|i:738827|e:5250
Connection
keep-alive
Cache-Control
no-cache
Referer
https://buy.travelguard.com/tgi2/css/styleAbstract.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 26 Jul 2018 06:29:54 GMT
Last-Modified
Fri, 05 Sep 2014 18:24:14 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"01b719836c9cf1:0"
Transfer-Encoding
chunked
Content-Type
image/png
Connection
Keep-Alive
agentlink-logout-bg2.png
buy.travelguard.com/tgi2/App_Themes/default/img/header/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://buy.travelguard.com/tgi2/App_Themes/default/img/header/agentlink-logout-bg2.png
Requested by
Host: buy.travelguard.com
URL: https://buy.travelguard.com/tgi2/policytools/viewpolicy.aspx?policy=928128931&ln=CEGLOWSKA&br=hotwire
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
167.230.141.64 , United States, ASN10975 (NET-AIG - American International Group Data Center, Inc., US),
Reverse DNS
NotAllocatedbyAIG.maybe.spoofed
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
b9fcfda463a2da7639d7280166427cc69bbc5c2ae612efb4282aa5a818b02a0c

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
buy.travelguard.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://buy.travelguard.com/tgi2/brands/ADXTGUS/default/css/common.css
Cookie
New_Location=ftwt; ADRUM_BTa=R:0|g:691c26b4-956f-4f7a-86ab-9cb80bb7f587; ADRUM_BT1=R:0|i:738827|e:5250
Connection
keep-alive
Cache-Control
no-cache
Referer
https://buy.travelguard.com/tgi2/brands/ADXTGUS/default/css/common.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 26 Jul 2018 06:29:54 GMT
Last-Modified
Sat, 27 Mar 2010 22:08:42 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"0918effacdca1:0"
Transfer-Encoding
chunked
Content-Type
image/png
Connection
Keep-Alive
s65753558875370
cebwa.d2.sc.omtrdc.net/b/ss/cebwa001,cebwaglobalchartis/1/H.23.6/
Redirect Chain
  • https://cebwa.d2.sc.omtrdc.net/b/ss/cebwa001,cebwaglobalchartis/1/H.23.6/s65753558875370?AQB=1&ndh=1&t=26%2F6%2F2018%206%3A29%3A54%204%200&vmt=4C5CBD83&vmf=cebwa.122.2o7.net&ce=UTF-8&ns=cebwa&cdp=2...
  • https://cebwa.d2.sc.omtrdc.net/b/ss/cebwa001,cebwaglobalchartis/1/H.23.6/s65753558875370?AQB=1&pccr=true&vidn=2DACB53105311FB4-40000101E0035F33&&ndh=1&t=26%2F6%2F2018%206%3A29%3A54%204%200&vmt=4C5C...
43 B
732 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cebwa.d2.sc.omtrdc.net/b/ss/cebwa001,cebwaglobalchartis/1/H.23.6/s65753558875370?AQB=1&pccr=true&vidn=2DACB53105311FB4-40000101E0035F33&&ndh=1&t=26%2F6%2F2018%206%3A29%3A54%204%200&vmt=4C5CBD83&vmf=cebwa.122.2o7.net&ce=UTF-8&ns=cebwa&cdp=2&pageName=us_partner%3A%2Ftgi2%2Fpolicytools%2Fviewpolicy.aspx&g=https%3A%2F%2Fbuy.travelguard.com%2Ftgi2%2Fpolicytools%2Fviewpolicy.aspx%3Fpolicy%3D928128931%26ln%3DCEGLOWSKA%26br%3Dhotwire&cc=USD&ch=us_partner&c2=us_partner%3A%2Ftgi2%2Fpolicytools%2F&c3=us_partner%3A%2Ftgi2%2Fpolicytools%2F&c4=CEBWA%3A2.0.3&c8=insurance%20services%3Aamericas%3Aunited%20states%3Acommercial%20insurance%3Aaig%20travel%20guard-us&v18=D%3DpageName&c19=us_partner&v19=us_partner&c20=us_partner%3Aus_partner%3A%2Ftgi2%2Fpolicytools%2Fviewpolicy.aspx&c21=anon&v21=anon&c22=1%3A00AM&v22=D%3Dc22&c23=Thursday&v23=D%3Dc23&c28=travelguard-us&v28=D%3Dc28&c29=001&v29=001&c30=north%20america&v30=D%3Dc30&c31=usa&v31=usa&c32=hotwire&v32=D%3Dc32&c33=english&v33=D%3Dc33&c41=Live&c74=New&v74=New&h1=D%3Dc8&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1
Requested by
Host: buy.travelguard.com
URL: https://buy.travelguard.com/tgi2/policytools/viewpolicy.aspx?policy=928128931&ln=CEGLOWSKA&br=hotwire
Protocol
HTTP/1.1
Server
172.82.228.17 Lehi, United States, ASN15224 (OMNITURE - Adobe Systems Inc., US),
Reverse DNS
*.d2.sc.omtrdc.net
Software
Omniture DC/2.0.0 /
Resource Hash
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://buy.travelguard.com/tgi2/policytools/viewpolicy.aspx?policy=928128931&ln=CEGLOWSKA&br=hotwire
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 26 Jul 2018 06:29:54 GMT
X-Content-Type-Options
nosniff
X-C
ms-6.4.0
P3P
CP="This is not a P3P policy"
Connection
keep-alive
Content-Length
43
X-XSS-Protection
1; mode=block
Pragma
no-cache
Last-Modified
Fri, 27 Jul 2018 06:29:54 GMT
Server
Omniture DC/2.0.0
xserver
www15
ETag
"3291204649846112256-5182799853738221369"
Vary
*
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, max-age=0, no-transform, private
Expires
Wed, 25 Jul 2018 06:29:54 GMT

Redirect headers

Date
Thu, 26 Jul 2018 06:29:54 GMT
X-Content-Type-Options
nosniff
X-C
ms-6.4.0
P3P
CP="This is not a P3P policy"
Connection
keep-alive
Content-Length
0
X-XSS-Protection
1; mode=block
Pragma
no-cache
Last-Modified
Fri, 27 Jul 2018 06:29:54 GMT
Server
Omniture DC/2.0.0
xserver
www15
Location
https://cebwa.d2.sc.omtrdc.net/b/ss/cebwa001,cebwaglobalchartis/1/H.23.6/s65753558875370?AQB=1&pccr=true&vidn=2DACB53105311FB4-40000101E0035F33&&ndh=1&t=26%2F6%2F2018%206%3A29%3A54%204%200&vmt=4C5CBD83&vmf=cebwa.122.2o7.net&ce=UTF-8&ns=cebwa&cdp=2&pageName=us_partner%3A%2Ftgi2%2Fpolicytools%2Fviewpolicy.aspx&g=https%3A%2F%2Fbuy.travelguard.com%2Ftgi2%2Fpolicytools%2Fviewpolicy.aspx%3Fpolicy%3D928128931%26ln%3DCEGLOWSKA%26br%3Dhotwire&cc=USD&ch=us_partner&c2=us_partner%3A%2Ftgi2%2Fpolicytools%2F&c3=us_partner%3A%2Ftgi2%2Fpolicytools%2F&c4=CEBWA%3A2.0.3&c8=insurance%20services%3Aamericas%3Aunited%20states%3Acommercial%20insurance%3Aaig%20travel%20guard-us&v18=D%3DpageName&c19=us_partner&v19=us_partner&c20=us_partner%3Aus_partner%3A%2Ftgi2%2Fpolicytools%2Fviewpolicy.aspx&c21=anon&v21=anon&c22=1%3A00AM&v22=D%3Dc22&c23=Thursday&v23=D%3Dc23&c28=travelguard-us&v28=D%3Dc28&c29=001&v29=001&c30=north%20america&v30=D%3Dc30&c31=usa&v31=usa&c32=hotwire&v32=D%3Dc32&c33=english&v33=D%3Dc33&c41=Live&c74=New&v74=New&h1=D%3Dc8&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, max-age=0, no-transform, private
Expires
Wed, 25 Jul 2018 06:29:54 GMT
/
trvlgrd.netmng.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trvlgrd.netmng.com/?aid=088&u3=hotwire&u4=&u8=us_partner&u9=Live
Requested by
Host: buy.travelguard.com
URL: https://buy.travelguard.com/tgi2/policytools/viewpolicy.aspx?policy=928128931&ln=CEGLOWSKA&br=hotwire
Protocol
HTTP/1.1
Server
104.193.82.55 Atlanta, United States, ASN63124 (IGNITIONONE-ASN - IgnitionOne, Inc., US),
Reverse DNS
Software
Apache/2.2.22 /
Resource Hash
cfe039ecd8613edec658e84d49d5fd47e3de0d951b03033c7f3c67557ddde869

Request headers

Referer
https://buy.travelguard.com/tgi2/policytools/viewpolicy.aspx?policy=928128931&ln=CEGLOWSKA&br=hotwire
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 26 Jul 2018 06:29:55 GMT
Content-Encoding
gzip
Last-Modified
Tue, 24 Jul 2018 06:29:55 GMT
Server
Apache/2.2.22
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa PSAa OUR BUS COM NAV"
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Content-Type
text/javascript; charset=UTF-8
Content-Length
1347
Expires
Tue, 24 Jul 2018 06:29:55 GMT
ClickTracking.aspx
dms.netmng.com/si/CM/Tracking/
Redirect Chain
  • https://track.searchignite.com/si/CM/Tracking/ClickTracking.aspx?siclientid=3489&jscript=1
  • https://dms.netmng.com/si/CM/Tracking/ClickTracking.aspx?siclientid=3489&jscript=1&u=
701 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dms.netmng.com/si/CM/Tracking/ClickTracking.aspx?siclientid=3489&jscript=1&u=
Requested by
Host: buy.travelguard.com
URL: https://buy.travelguard.com/tgi2/policytools/viewpolicy.aspx?policy=928128931&ln=CEGLOWSKA&br=hotwire
Protocol
HTTP/1.1
Server
208.52.184.100 , United States, ASN13703 (VCI-13703 - Virtual Citadel Inc., US),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
f264dd9de21314dd51174f7a37387faf89b635a54d2ee0d681d16bad1f98adbc

Request headers

Referer
https://buy.travelguard.com/tgi2/policytools/viewpolicy.aspx?policy=928128931&ln=CEGLOWSKA&br=hotwire
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

io-hbr
True
Content-Encoding
gzip
Server
Microsoft-IIS/7.5
X-AspNet-Version
4.0.30319
io-u
56de98c5-f180-4932-8892-2c4600e57001
X-Powered-By
ASP.NET
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="CURa ADMa DEVa PSAa PSDa OUR LEG DSP NON COR COM NAV"
io-r
cb8ce848-d617-4801-9724-8d5c198bba8d
Cache-Control
private
svc
A3
io-d
False
Content-Type
text/html; charset=utf-8
Content-Length
524
Date
Thu, 26 Jul 2018 06:29:55 GMT

Redirect headers

Date
Thu, 26 Jul 2018 06:29:54 GMT
Server
Microsoft-IIS/7.5
X-AspNet-Version
4.0.30319
svc
A5
X-Powered-By
ASP.NET
P3P
policyref="/w3c/p3p.xml", CP="CURa ADMa DEVa PSAa PSDa OUR LEG DSP NON COR COM NAV"
Location
https://dms.netmng.com/si/CM/Tracking/ClickTracking.aspx?siclientid=3489&jscript=1&u=
Cache-Control
private
Connection
close
Content-Type
text/html
/
nan.netmng.com/ 		256 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nan.netmng.com/?aid=088
Requested by
Host: trvlgrd.netmng.com
URL: https://trvlgrd.netmng.com/?aid=088&u3=hotwire&u4=&u8=us_partner&u9=Live
Protocol
HTTP/1.1
Server
31.186.247.145 , United Kingdom, ASN30282 (AS-INAPCDN-OCY - Internap Network Services Corporation, US),
Reverse DNS
Software
nginx /
Resource Hash
2c8d3cae3f73ae1383f92af6eaa0b5035a5ed1b852e405a339120e48b55b4b12

Request headers

Referer
https://buy.travelguard.com/tgi2/policytools/viewpolicy.aspx?policy=928128931&ln=CEGLOWSKA&br=hotwire
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 26 Jul 2018 06:29:55 GMT
Last-Modified
Tue, 24 Jul 2018 06:29:55 GMT
Server
nginx
Transfer-Encoding
chunked
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa PSAa OUR BUS COM NAV"
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Content-Type
text/javascript; charset=UTF-8
Expires
Tue, 24 Jul 2018 06:29:55 GMT
/
trvlgrd.netmng.com/ 		0
855 B 		Script
General
Check archive.org
Download Go to
Full URL
https://trvlgrd.netmng.com/?function=browser_check&vid=hvo3xzlo21kkb&browserPixelRatio=1&browserWidth=1600&browserHeight=1200&aid=088&u3=hotwire&u4=&u8=us_partner&u9=Live&rand=0.49647618440581387&nm_input_data=%22%22
Requested by
Host: trvlgrd.netmng.com
URL: https://trvlgrd.netmng.com/?aid=088&u3=hotwire&u4=&u8=us_partner&u9=Live
Protocol
HTTP/1.1
Server
104.193.82.55 Atlanta, United States, ASN63124 (IGNITIONONE-ASN - IgnitionOne, Inc., US),
Reverse DNS
Software
Apache/2.2.22 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://buy.travelguard.com/tgi2/policytools/viewpolicy.aspx?policy=928128931&ln=CEGLOWSKA&br=hotwire
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 26 Jul 2018 06:29:55 GMT
Content-Encoding
gzip
Last-Modified
Tue, 24 Jul 2018 06:29:55 GMT
Server
Apache/2.2.22
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa PSAa OUR BUS COM NAV"
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Content-Type
text/javascript; charset=UTF-8
Content-Length
20
Expires
Tue, 24 Jul 2018 06:29:55 GMT
/
trvlgrd.netmng.com/ 		0
509 B 		Script
General
Check archive.org
Download Go to
Full URL
https://trvlgrd.netmng.com/?function=getReferer&referer=&rand=0.08259676048877806&nm_input_data=%22%22
Requested by
Host: trvlgrd.netmng.com
URL: https://trvlgrd.netmng.com/?aid=088&u3=hotwire&u4=&u8=us_partner&u9=Live
Protocol
HTTP/1.1
Server
104.193.82.55 Atlanta, United States, ASN63124 (IGNITIONONE-ASN - IgnitionOne, Inc., US),
Reverse DNS
Software
Apache/2.2.22 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://buy.travelguard.com/tgi2/policytools/viewpolicy.aspx?policy=928128931&ln=CEGLOWSKA&br=hotwire
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 26 Jul 2018 06:29:55 GMT
Content-Encoding
gzip
Last-Modified
Tue, 24 Jul 2018 06:29:55 GMT
Server
Apache/2.2.22
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa PSAa OUR BUS COM NAV"
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Content-Type
text/javascript; charset=UTF-8
Content-Length
20
Expires
Tue, 24 Jul 2018 06:29:55 GMT
/
nan.netmng.com/ 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nan.netmng.com/?aid=088&cch
Requested by
Host: nan.netmng.com
URL: https://nan.netmng.com/?aid=088
Protocol
HTTP/1.1
Server
31.186.247.145 , United Kingdom, ASN30282 (AS-INAPCDN-OCY - Internap Network Services Corporation, US),
Reverse DNS
Software
nginx /
Resource Hash
7ebc4d3324b37c7f06799ae232fd98a3f90b5039280323d9f08b3fd87718d368

Request headers

Referer
https://buy.travelguard.com/tgi2/policytools/viewpolicy.aspx?policy=928128931&ln=CEGLOWSKA&br=hotwire
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 26 Jul 2018 06:29:55 GMT
Last-Modified
Tue, 24 Jul 2018 06:29:55 GMT
Server
nginx
Transfer-Encoding
chunked
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa PSAa OUR BUS COM NAV"
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Content-Type
text/javascript; charset=UTF-8
Expires
Tue, 24 Jul 2018 06:29:55 GMT
activityi;dc_pre=CNDW7vyRvNwCFfUK0wodGeMMYw;src=4376667;type=invmedia;cat=drv6CuFA;ord=6419007560163.698
4376667.fls.doubleclick.net/ Frame 1BAE
Redirect Chain
  • https://4376667.fls.doubleclick.net/activityi;src=4376667;type=invmedia;cat=drv6CuFA;ord=6419007560163.698?
  • https://4376667.fls.doubleclick.net/activityi;dc_pre=CNDW7vyRvNwCFfUK0wodGeMMYw;src=4376667;type=invmedia;cat=drv6CuFA;ord=6419007560163.698?
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://4376667.fls.doubleclick.net/activityi;dc_pre=CNDW7vyRvNwCFfUK0wodGeMMYw;src=4376667;type=invmedia;cat=drv6CuFA;ord=6419007560163.698?
Requested by
Host: nan.netmng.com
URL: https://nan.netmng.com/?aid=088&cch
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.217.22.70 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s17-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
4376667.fls.doubleclick.net
:scheme
https
:path
/activityi;dc_pre=CNDW7vyRvNwCFfUK0wodGeMMYw;src=4376667;type=invmedia;cat=drv6CuFA;ord=6419007560163.698?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://buy.travelguard.com/tgi2/policytools/viewpolicy.aspx?policy=928128931&ln=CEGLOWSKA&br=hotwire
accept-encoding
gzip, deflate
cookie
IDE=AHWqTUnPZnCYx-i2BT_za0ikXJ7S7Pnh0_ofg4QvjWv-00yOYp-NZHA7Dw; test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
45809496CD1940983C130B93C5C2FDA5
Referer
https://buy.travelguard.com/tgi2/policytools/viewpolicy.aspx?policy=928128931&ln=CEGLOWSKA&br=hotwire

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
date
Thu, 26 Jul 2018 06:29:55 GMT
expires
Thu, 26 Jul 2018 06:29:55 GMT
cache-control
private, max-age=0
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
177
x-xss-protection
1; mode=block
set-cookie
test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"

Redirect headers

status
302
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
date
Thu, 26 Jul 2018 06:29:55 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
strict-transport-security
max-age=21600
location
https://4376667.fls.doubleclick.net/activityi;dc_pre=CNDW7vyRvNwCFfUK0wodGeMMYw;src=4376667;type=invmedia;cat=drv6CuFA;ord=6419007560163.698?
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
1; mode=block
set-cookie
test_cookie=CheckForPermission; expires=Thu, 26-Jul-2018 06:44:55 GMT; path=/; domain=.doubleclick.net
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
/
com-tgus.netmng.com/ 		1 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://com-tgus.netmng.com/?aid=2872&siclientid=
Requested by
Host: nan.netmng.com
URL: https://nan.netmng.com/?aid=088&cch
Protocol
HTTP/1.1
Server
31.186.247.145 , United Kingdom, ASN30282 (AS-INAPCDN-OCY - Internap Network Services Corporation, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://buy.travelguard.com/tgi2/policytools/viewpolicy.aspx?policy=928128931&ln=CEGLOWSKA&br=hotwire
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 26 Jul 2018 06:29:55 GMT
Last-Modified
Tue, 24 Jul 2018 06:29:55 GMT
Server
nginx
Transfer-Encoding
chunked
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa PSAa OUR BUS COM NAV"
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Content-Type
text/javascript; charset=UTF-8
Expires
Tue, 24 Jul 2018 06:29:55 GMT
fbevents.js
connect.facebook.net/en_US/ 		42 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: nan.netmng.com
URL: https://nan.netmng.com/?aid=088&cch
Protocol
SPDY
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
5616a7380d74a78a42cd93efda3c9d277c3d66c189f2580b825f696af388b7f7
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://buy.travelguard.com/tgi2/policytools/viewpolicy.aspx?policy=928128931&ln=CEGLOWSKA&br=hotwire
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Origin, Accept-Encoding
content-length
13314
x-xss-protection
0
pragma
public
x-fb-debug
E0QzMM88p5PhNatksG6Nu5n9Q2JWjGCuwmkZRJ4EIMuabAYY0b4vR1/3yOncxvRjNmn8matpKZRlbexyGDfJsA==
x-frame-options
DENY
date
Thu, 26 Jul 2018 06:29:55 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
expires
Sat, 01 Jan 2000 00:00:00 GMT
lb
secure.leadback.advertising.com/adcedge/ 		49 B
907 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.leadback.advertising.com/adcedge/lb?site=695501&betr=sslbet_39255=[+]ssprlb_920046[8760]|sslbet_39256=[+]ssprlb_920048[3]|sslbet_39257=[+]ssprlb_920050[24]|sslbet_39258=[+]ssprlb_920052[72]|sslbet_39259=[+]ssprlb_920054[168]|sslbet_39260=[+]ssprlb_920056[720]
Requested by
Host: buy.travelguard.com
URL: https://buy.travelguard.com/tgi2/policytools/viewpolicy.aspx?policy=928128931&ln=CEGLOWSKA&br=hotwire
Protocol
HTTP/1.1
Server
152.163.64.1 , United States, ASN1668 (AOL-ATDN - AOL Transit Data Network, US),
Reverse DNS
m-prd-pxl-shared-mr3-blue-a.evip.aol.com
Software
Apache-Coyote/1.1 /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer
https://buy.travelguard.com/tgi2/policytools/viewpolicy.aspx?policy=928128931&ln=CEGLOWSKA&br=hotwire
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 26 Jul 2018 06:29:54 GMT
Cache-Control
private, max-age=3600
Server
Apache-Coyote/1.1
P3P
CP="NOI DSP COR LAW CUR DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV", an.n="Advertising.com", an.pp="http://advertising.aol.com/privacy/advertisingcom", an.oo="http://advertising.aol.com/privacy/advertisingcom/opt-out", an.bt="Y"
Content-Length
49
Content-Type
image/gif
pixel
cm.g.doubleclick.net/ 		170 B
440 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?nid=echo&c1=Netmining-TravelGuard&r1=&t1=Netmining-TravelGuard
Requested by
Host: buy.travelguard.com
URL: https://buy.travelguard.com/tgi2/policytools/viewpolicy.aspx?policy=928128931&ln=CEGLOWSKA&br=hotwire
Protocol
SPDY
Server
216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://buy.travelguard.com/tgi2/policytools/viewpolicy.aspx?policy=928128931&ln=CEGLOWSKA&br=hotwire
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 26 Jul 2018 06:29:55 GMT
server
HTTP server (unknown)
content-type
image/png
status
200
cache-control
no-cache, must-revalidate
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
170
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/ads/conversion/1057254703/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=netmng&google_cm&google_sc&google_hm=bDRreTNpa25hOW1pZw==&vid=l4ky3ikna9mig
  • https://cm.g.doubleclick.net/pixel?google_nid=netmng&google_cm=&google_sc=&google_hm=bDRreTNpa25hOW1pZw==&vid=l4ky3ikna9mig&google_tc=
  • https://gcm.netmng.com/?id=&vid=l4ky3ikna9mig&google_gid=CAESEFtyYdl7yflERfX605OXieA&google_cver=1
  • https://www.googleadservices.com/pagead/conversion/1057254703/?label=Uq59CP-34QEQr9qR-AM&amp;guid=ON&amp;script=0
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1057254703/?label=Uq59CP-34QEQr9qR-AM&amp;guid=ON&amp;script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=Y2pZW5zfH8_V3g...
  • https://www.google.com/ads/conversion/1057254703/?label=Uq59CP-34QEQr9qR-AM&amp;guid=ON&amp;script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=659071965&sscte=1&crd=CKrPGw&gsr=&cdct=2&...
  • https://www.google.de/ads/conversion/1057254703/?label=Uq59CP-34QEQr9qR-AM&amp;guid=ON&amp;script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=659071965&sscte=1&crd=CKrPGw&gsr=&cdct=2&i...
42 B
282 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/conversion/1057254703/?label=Uq59CP-34QEQr9qR-AM&amp;guid=ON&amp;script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=659071965&sscte=1&crd=CKrPGw&gsr=&cdct=2&is_vtc=1&ocp_id=Y2pZW5zfH8_V3gPowqWgBQ&random=1386598844&ipr=y&ulfeg=n
Requested by
Host: buy.travelguard.com
URL: https://buy.travelguard.com/tgi2/policytools/viewpolicy.aspx?policy=928128931&ln=CEGLOWSKA&br=hotwire
Protocol
SPDY
Server
2a00:1450:4001:810::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
adclick_server /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://buy.travelguard.com/tgi2/policytools/viewpolicy.aspx?policy=928128931&ln=CEGLOWSKA&br=hotwire
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 26 Jul 2018 06:29:55 GMT
x-content-type-options
nosniff
server
adclick_server
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
42
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 26 Jul 2018 06:29:55 GMT
x-content-type-options
nosniff
server
adclick_server
status
302
content-type
text/html; charset=UTF-8
location
https://www.google.de/ads/conversion/1057254703/?label=Uq59CP-34QEQr9qR-AM&amp;guid=ON&amp;script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=659071965&sscte=1&crd=CKrPGw&gsr=&cdct=2&is_vtc=1&ocp_id=Y2pZW5zfH8_V3gPowqWgBQ&random=1386598844&ipr=y&ulfeg=n
cache-control
private, max-age=43200
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
519
x-xss-protection
1; mode=block
expires
Thu, 26 Jul 2018 06:29:55 GMT
demconf.jpg
dpm.demdex.net/
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=640&dpuuid=l4ky3ikna9mig
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=640&dpuuid=l4ky3ikna9mig
42 B
764 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=640&dpuuid=l4ky3ikna9mig
Requested by
Host: buy.travelguard.com
URL: https://buy.travelguard.com/tgi2/policytools/viewpolicy.aspx?policy=928128931&ln=CEGLOWSKA&br=hotwire
Protocol
HTTP/1.1
Server
52.49.41.66 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-49-41-66.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://buy.travelguard.com/tgi2/policytools/viewpolicy.aspx?policy=928128931&ln=CEGLOWSKA&br=hotwire
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

DCS
irl1-prod-dcs-05cef23d1.edge-irl1.demdex.com 5.34.2.20180719143257 3ms
Pragma
no-cache
X-TID
eq+p1ckDRfM=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
42
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
X-TID
vKplkjjERGY=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=640&dpuuid=l4ky3ikna9mig
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ 		42 B
775 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxMTQmdGw9NDMyMDA=&piggybackCookie=l4ky3ikna9mig
Requested by
Host: buy.travelguard.com
URL: https://buy.travelguard.com/tgi2/policytools/viewpolicy.aspx?policy=928128931&ln=CEGLOWSKA&br=hotwire
Protocol
HTTP/1.1
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC - PubMatic, Inc., US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://buy.travelguard.com/tgi2/policytools/viewpolicy.aspx?policy=928128931&ln=CEGLOWSKA&br=hotwire
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

X-Cnection
close
Pragma
no-cache
Date
Thu, 26 Jul 2018 06:29:55 GMT
X-lat
Pug22031:0:473
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Content-Type
image/gif; charset=utf-8
Content-Length
42
pxj
secure.adnxs.com/ 		0
592 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/pxj?bidder=72&seg=1440590&action=setuid(%27l4ky3ikna9mig%27)
Requested by
Host: buy.travelguard.com
URL: https://buy.travelguard.com/tgi2/policytools/viewpolicy.aspx?policy=928128931&ln=CEGLOWSKA&br=hotwire
Protocol
HTTP/1.1
Server
185.33.223.83 , European Union, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS
Software
nginx/1.13.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://buy.travelguard.com/tgi2/policytools/viewpolicy.aspx?policy=928128931&ln=CEGLOWSKA&br=hotwire
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 26 Jul 2018 06:29:57 GMT
X-Proxy-Origin
148.251.45.254; 148.251.45.254; 250.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.137:80
AN-X-Request-Uuid
36338064-af53-4898-bdc0-c7174e2c8d32
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bounce
secure.adnxs.com/
Redirect Chain
  • https://secure.adnxs.com/mapuid?member=6928&user=l4ky3ikna9mig
  • https://secure.adnxs.com/bounce?%2Fmapuid%3Fmember%3D6928%26user%3Dl4ky3ikna9mig
43 B
991 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/bounce?%2Fmapuid%3Fmember%3D6928%26user%3Dl4ky3ikna9mig
Requested by
Host: buy.travelguard.com
URL: https://buy.travelguard.com/tgi2/policytools/viewpolicy.aspx?policy=928128931&ln=CEGLOWSKA&br=hotwire
Protocol
HTTP/1.1
Server
185.33.223.83 , European Union, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS
Software
nginx/1.13.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://buy.travelguard.com/tgi2/policytools/viewpolicy.aspx?policy=928128931&ln=CEGLOWSKA&br=hotwire
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 26 Jul 2018 06:29:57 GMT
X-Proxy-Origin
148.251.45.254; 148.251.45.254; 250.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.118:80
AN-X-Request-Uuid
cffad44e-c367-4594-9cea-af78b4a1f85d
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 26 Jul 2018 06:29:57 GMT
X-Proxy-Origin
148.251.45.254; 148.251.45.254; 250.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.103:80
AN-X-Request-Uuid
1f90ae1e-f684-4c2b-94f7-a3732c18151f
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://secure.adnxs.com/bounce?%2Fmapuid%3Fmember%3D6928%26user%3Dl4ky3ikna9mig
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/
Redirect Chain
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=61&external_user_id=l4ky3ikna9mig&expiration=1535178595
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=61&external_user_id=l4ky3ikna9mig&expiration=1535178595&C=1
43 B
1013 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=61&external_user_id=l4ky3ikna9mig&expiration=1535178595&C=1
Requested by
Host: buy.travelguard.com
URL: https://buy.travelguard.com/tgi2/policytools/viewpolicy.aspx?policy=928128931&ln=CEGLOWSKA&br=hotwire
Protocol
HTTP/1.1
Server
2.18.234.21 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://buy.travelguard.com/tgi2/policytools/viewpolicy.aspx?policy=928128931&ln=CEGLOWSKA&br=hotwire
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 26 Jul 2018 06:29:55 GMT
Server
Apache
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 26 Jul 2018 06:29:55 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 26 Jul 2018 06:29:55 GMT
Server
Apache
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=61&external_user_id=l4ky3ikna9mig&expiration=1535178595&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
302
Expires
Thu, 26 Jul 2018 06:29:55 GMT
match
ad.360yield.com/ul_cb/
Redirect Chain
  • https://ad.360yield.com/match?publisher_dsp_id=35&external_user_id=l4ky3ikna9mig
  • https://ad.360yield.com/ul_cb/match?publisher_dsp_id=35&external_user_id=l4ky3ikna9mig
43 B
614 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=35&external_user_id=l4ky3ikna9mig
Requested by
Host: buy.travelguard.com
URL: https://buy.travelguard.com/tgi2/policytools/viewpolicy.aspx?policy=928128931&ln=CEGLOWSKA&br=hotwire
Protocol
HTTP/1.1
Server
34.240.96.173 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-240-96-173.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://buy.travelguard.com/tgi2/policytools/viewpolicy.aspx?policy=928128931&ln=CEGLOWSKA&br=hotwire
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 26 Jul 2018 06:29:55 GMT
Server
nginx
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Type
image/gif
Content-Length
43

Redirect headers

Date
Thu, 26 Jul 2018 06:29:55 GMT
Server
nginx
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=35&external_user_id=l4ky3ikna9mig
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
user_sync.php
delivery.swid.switchadhub.com/adserver/ 		0
0
sync
pixel.advertising.com/ups/55948/ 		0
93 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.advertising.com/ups/55948/sync?uid=l4ky3ikna9mig&_origin=1
Requested by
Host: buy.travelguard.com
URL: https://buy.travelguard.com/tgi2/policytools/viewpolicy.aspx?policy=928128931&ln=CEGLOWSKA&br=hotwire
Protocol
SPDY
Server
52.29.18.226 Frankfurt, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-29-18-226.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://buy.travelguard.com/tgi2/policytools/viewpolicy.aspx?policy=928128931&ln=CEGLOWSKA&br=hotwire
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
204
date
Thu, 26 Jul 2018 06:29:55 GMT
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
usersync
rtb.gumgum.com/
Redirect Chain
  • https://x.bidswitch.net/sync?dsp_id=14&user_id=l4ky3ikna9mig&expires=30
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=14&user_id=l4ky3ikna9mig&expires=30
  • https://rtb.gumgum.com/usersync?b=bsw&i=9e6bdc69-e4f7-4f6e-8166-a12ab68c4911
35 B
238 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=bsw&i=9e6bdc69-e4f7-4f6e-8166-a12ab68c4911
Requested by
Host: buy.travelguard.com
URL: https://buy.travelguard.com/tgi2/policytools/viewpolicy.aspx?policy=928128931&ln=CEGLOWSKA&br=hotwire
Protocol
SPDY
Server
52.19.172.241 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-19-172-241.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://buy.travelguard.com/tgi2/policytools/viewpolicy.aspx?policy=928128931&ln=CEGLOWSKA&br=hotwire
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 26 Jul 2018 06:29:55 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
status
200
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Date
Thu, 26 Jul 2018 06:29:55 GMT
Server
nginx/1.12.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
//rtb.gumgum.com/usersync?b=bsw&i=9e6bdc69-e4f7-4f6e-8166-a12ab68c4911
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Keep-Alive
timeout=10
Content-Length
0
m
ad.yieldlab.net/ 		0
495 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.yieldlab.net/m?dm_id=34952&ext_id=l4ky3ikna9mig
Requested by
Host: buy.travelguard.com
URL: https://buy.travelguard.com/tgi2/policytools/viewpolicy.aspx?policy=928128931&ln=CEGLOWSKA&br=hotwire
Protocol
HTTP/1.1
Server
2.18.232.233 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-232-233.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://buy.travelguard.com/tgi2/policytools/viewpolicy.aspx?policy=928128931&ln=CEGLOWSKA&br=hotwire
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 26 Jul 2018 06:29:55 GMT
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Application-Context
application
Expires
Wed, 25 Jul 2018 06:29:55 GMT
m
ad.yieldlab.net/ 		0
495 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.yieldlab.net/m?dt_id=34950&ext_id=l4ky3ikna9mig
Requested by
Host: buy.travelguard.com
URL: https://buy.travelguard.com/tgi2/policytools/viewpolicy.aspx?policy=928128931&ln=CEGLOWSKA&br=hotwire
Protocol
HTTP/1.1
Server
2.18.232.233 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-232-233.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://buy.travelguard.com/tgi2/policytools/viewpolicy.aspx?policy=928128931&ln=CEGLOWSKA&br=hotwire
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 26 Jul 2018 06:29:55 GMT
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Application-Context
application
Expires
Wed, 25 Jul 2018 06:29:55 GMT
sd
us-u.openx.net/w/1.0/
Redirect Chain
  • https://us-u.openx.net/w/1.0/sd?id=537072967&val=l4ky3ikna9mig
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537072967&val=l4ky3ikna9mig
43 B
255 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072967&val=l4ky3ikna9mig
Requested by
Host: buy.travelguard.com
URL: https://buy.travelguard.com/tgi2/policytools/viewpolicy.aspx?policy=928128931&ln=CEGLOWSKA&br=hotwire
Protocol
SPDY
Server
173.241.240.143 New York, United States, ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US),
Reverse DNS
ox-173-241-240-143.xa.dc.openx.org
Software
OXGW/16.54.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://buy.travelguard.com/tgi2/policytools/viewpolicy.aspx?policy=928128931&ln=CEGLOWSKA&br=hotwire
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 26 Jul 2018 06:29:55 GMT
server
OXGW/16.54.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
status
200
cache-control
private, max-age=0, no-cache
content-type
image/gif
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

status
302
date
Thu, 26 Jul 2018 06:29:55 GMT
server
OXGW/16.54.0
content-length
0
location
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072967&val=l4ky3ikna9mig
p3p
CP="CUR ADM OUR NOR STA NID"
usermatch.gif
beacon.krxd.net/ 		0
453 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=ignitionone&partner_uid=l4ky3ikna9mig
Requested by
Host: buy.travelguard.com
URL: https://buy.travelguard.com/tgi2/policytools/viewpolicy.aspx?policy=928128931&ln=CEGLOWSKA&br=hotwire
Protocol
HTTP/1.1
Server
54.228.181.107 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-228-181-107.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://buy.travelguard.com/tgi2/policytools/viewpolicy.aspx?policy=928128931&ln=CEGLOWSKA&br=hotwire
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 26 Jul 2018 06:29:55 GMT
Cache-Control
private, no-cache, no-store
X-Request-Time
D=80 t=1532586595
Connection
keep-alive
P3P
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
X-Served-By
beacon-n017-dub.krxd.net
591873020973108
connect.facebook.net/signals/config/ 		1 KB
904 B 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/591873020973108?v=2.8.23&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
SPDY
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
b490920c4e412d40d1c1c1242ef928ad72a8fee5346606db940e3b45ece1dc0c
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://buy.travelguard.com/tgi2/policytools/viewpolicy.aspx?policy=928128931&ln=CEGLOWSKA&br=hotwire
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Origin, Accept-Encoding
x-xss-protection
0
pragma
public
x-fb-debug
O2tP4nqe1Rv4mZm+gy3WecSdHQnSpgLp9eHXwUsNBBxAfbj+uNA/aq0k2g4d5O39YK3yiBktuJfIlzv9vgeI5w==
x-frame-options
DENY
date
Thu, 26 Jul 2018 06:29:55 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=591873020973108&ev=PageView&dl=https%3A%2F%2Fbuy.travelguard.com%2Ftgi2%2Fpolicytools%2Fviewpolicy.aspx%3Fpolicy%3D928128931%26ln%3DCEGLOWSKA%26br%3Dhotwire&rl=&if=false&ts=1532586595464&sw=1600&sh=1200&v=2.8.23&r=stable&ec=0&o=28&it=1532586595418
Requested by
Host: buy.travelguard.com
URL: https://buy.travelguard.com/tgi2/policytools/viewpolicy.aspx?policy=928128931&ln=CEGLOWSKA&br=hotwire
Protocol
SPDY
Server
2a03:2880:f11c:8186:face:b00c:0:50fb , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Request headers

Referer
https://buy.travelguard.com/tgi2/policytools/viewpolicy.aspx?policy=928128931&ln=CEGLOWSKA&br=hotwire
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 26 Jul 2018 06:29:55 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
content-length
44
expires
Thu, 26 Jul 2018 06:29:55 GMT
ClickTracking.aspx
dms.netmng.com/si/CM/Tracking/ 		0
511 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dms.netmng.com/si/CM/Tracking/ClickTracking.aspx?siclientid=3489&jscript=0&timecode=1532586596071&sirefurl=&sipageurl=https%3A//buy.travelguard.com/tgi2/policytools/viewpolicy.aspx%3Fpolicy%3D928128931%26ln%3DCEGLOWSKA%26br%3Dhotwire&sichannel=Direct
Requested by
Host: buy.travelguard.com
URL: https://buy.travelguard.com/tgi2/policytools/viewpolicy.aspx?policy=928128931&ln=CEGLOWSKA&br=hotwire
Protocol
HTTP/1.1
Server
208.52.184.100 , United States, ASN13703 (VCI-13703 - Virtual Citadel Inc., US),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://buy.travelguard.com/tgi2/policytools/viewpolicy.aspx?policy=928128931&ln=CEGLOWSKA&br=hotwire
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

io-hbr
True
Server
Microsoft-IIS/7.5
X-AspNet-Version
4.0.30319
io-u
56de98c5-f180-4932-8892-2c4600e57001
X-Powered-By
ASP.NET
P3P
policyref="/w3c/p3p.xml", CP="CURa ADMa DEVa PSAa PSDa OUR LEG DSP NON COR COM NAV"
io-r
c51bd74d-60e9-48b4-b063-57c634064115
Cache-Control
private
svc
A1
io-d
False
Content-Length
0
Date
Thu, 26 Jul 2018 06:29:56 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
delivery.swid.switchadhub.com
URL
https://delivery.swid.switchadhub.com/adserver/user_sync.php?do[single]=1&sKey=ADJG&sVal=l4ky3ikna9mig

Verdicts & Comments Add Verdict or Comment

210 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| _dictionary number| _cnt function| Dictionary function| Lookup function| Add function| Delete function| TrackingOptionCheck object| fp boolean| jQueryScriptOutputted function| initJQuery function| $ektron object| Ektron function| $ function| jQuery undefined| popupDiv undefined| iframePopup function| ShowPane function| resizePopupDiv function| ShowDOC function| ShowAlerts function| ShowStrikes function| Close function| goImport function| openwindow function| CloseWindow function| ShowPricing function| getQueryStrings function| __utmLinker object| theForm function| __doPostBack function| WebForm_PostBackOptions function| WebForm_DoPostBackWithOptions object| __pendingCallbacks number| __synchronousCallBackIndex function| WebForm_DoCallback function| WebForm_CallbackComplete function| WebForm_ExecuteCallback function| WebForm_FillFirstAvailableSlot boolean| __nonMSDOMBrowser string| __theFormPostData object| __theFormPostCollection function| WebForm_InitCallback function| WebForm_InitCallbackAddField function| WebForm_EncodeCallback object| __disabledControlArray function| WebForm_ReEnableControls function| WebForm_ReDisableControls function| WebForm_FireDefaultButton function| WebForm_GetScrollX function| WebForm_GetScrollY function| WebForm_SaveScrollPositionSubmit function| WebForm_SaveScrollPositionOnSubmit function| WebForm_RestoreScrollPosition function| WebForm_TextBoxKeyHandler function| WebForm_TrimString function| WebForm_AppendToClassName function| WebForm_RemoveClassName function| WebForm_GetElementById function| WebForm_GetElementByTagName function| WebForm_GetElementsByTagName function| WebForm_GetElementDir function| WebForm_GetElementPosition function| WebForm_GetParentByTagName function| WebForm_SetElementHeight function| WebForm_SetElementWidth function| WebForm_SetElementX function| WebForm_SetElementY string| EffectDate string| STORESITE string| STORECOUNTRY string| STOREARC string| STOREBRAND string| Page_ValidationVer boolean| Page_IsValid boolean| Page_BlockSubmit object| Page_InvalidControlToBeFocused function| ValidatorUpdateDisplay function| ValidatorUpdateIsValid function| AllValidatorsValid function| ValidatorHookupControlID function| ValidatorHookupControl function| ValidatorHookupEvent function| ValidatorGetValue function| ValidatorGetValueRecursive function| Page_ClientValidate function| ValidatorCommonOnSubmit function| ValidatorEnable function| ValidatorOnChange function| ValidatedTextBoxOnKeyPress function| ValidatedControlOnBlur function| ValidatorValidate function| ValidatorSetFocus function| IsInVisibleContainer function| IsValidationGroupMatch function| ValidatorOnLoad function| ValidatorConvert function| ValidatorCompare function| CompareValidatorEvaluateIsValid function| CustomValidatorEvaluateIsValid function| RegularExpressionValidatorEvaluateIsValid function| ValidatorTrim function| RequiredFieldValidatorEvaluateIsValid function| RangeValidatorEvaluateIsValid function| ValidationSummaryOnSubmit function| Sys$Enum$parse function| Sys$Enum$toString function| Sys$Component$_setProperties function| Sys$Component$_setReferences function| $create function| $addHandler function| $addHandlers function| $clearHandlers function| $removeHandler function| $get function| $find string| __cultureInfo function| Type object| Sys object| _events function| WebForm_FindFirstFocusableChild function| WebForm_AutoFocus function| WebForm_CanFocus function| WebForm_IsFocusableTag function| WebForm_IsInVisibleContainer function| WebForm_OnSubmit string| hbxBrandType string| hbxStoreType string| tmpStoreBrand string| scOpts string| scStoreSite string| scStoreCountry string| scStoreArc string| scStoreBrand function| GetStoreType function| setOpts function| setDecimalPoints string| hbxWebEnvironment string| s_c_currencyCode string| s_c_cookieDomainPeriods string| s_c_charSet string| s_c_busUnit string| s_account object| s function| s_doPlugins string| s_code string| s_objectID function| s_gi string| s_an function| s_sp function| s_jn function| s_rep function| s_d function| s_fe function| s_fa function| s_ft object| s_c_il number| s_c_in undefined| TGpath1 undefined| TGpath2 string| tempName function| SubCategory function| getBrandType string| setBrandType string| s_searchPage object| dc number| f number| ne object| gmar number| dsts object| gnov number| dste object| spr object| fl object| cd number| utc object| tz number| thisy number| thish number| thismin number| thisd object| s_i_cebwa object| Page_ValidationSummaries object| Page_Validators object| ctl00_ctl00_purchasePathContainer_stepContainer_transactionValidator object| ctl00_ctl00_purchasePathContainer_stepContainer_ucConfirmation_errorSummary boolean| Page_ValidationActive function| ValidatorOnSubmit function| sendMessage function| nm_createCookie function| nm_readCookie function| nm_eraseCookie function| json_encode function| json_decode function| nm_getReferer object| remarketing number| dPixelRatio string| nm_mt_rand string| nm_tag_uri string| nm_query_str string| axel number| a string| z function| fbq function| _fbq string| sirefurl object| sipageurl string| url string| proto object| now object| siimage

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4376667.fls.doubleclick.net
ad.360yield.com
ad.yieldlab.net
beacon.krxd.net
buy.travelguard.com
cebwa.d2.sc.omtrdc.net
cm.g.doubleclick.net
com-tgus.netmng.com
connect.facebook.net
delivery.swid.switchadhub.com
dms.netmng.com
dpm.demdex.net
dsum-sec.casalemedia.com
gcm.netmng.com
googleads.g.doubleclick.net
image2.pubmatic.com
nan.netmng.com
pixel.advertising.com
rtb.gumgum.com
secure.adnxs.com
secure.leadback.advertising.com
track.searchignite.com
trvlgrd.netmng.com
us-u.openx.net
www.facebook.com
www.google.com
www.google.de
www.googleadservices.com
x.bidswitch.net
delivery.swid.switchadhub.com
104.193.82.55
152.163.64.1
167.230.141.64
172.217.22.70
172.82.228.17
173.241.240.143
18.153.11.18
185.33.223.83
185.64.189.110
2.18.232.233
2.18.234.21
208.52.184.100
208.52.184.101
216.58.210.2
2a00:1450:4001:810::2003
2a00:1450:4001:81c::2004
2a00:1450:4001:81d::2002
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f11c:8186:face:b00c:0:50fb
31.186.247.145
34.240.96.173
52.19.172.241
52.29.18.226
52.49.41.66
54.228.181.107
0440aabe9c68e531a19d1d92dad8a26019b15e7d80f1828ee354a6fec7e918c8
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ba2f6756001669bdf934f9d79e8fd1ccf2028130c33a0510279581ec9dfd73a
0c795c3fff22b1f9b301d7d255314de75b9941a7ad293cabf6d33b5af67a4987
0e0323ebfa8dcfa5853cdd4d50bd4820fd0323455efb09fcd05a1196e103224d
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
144524233f795d6a425b76f7ae5c0bb622b5f67e2e6ae73532ad526528ca07cf
15492365ee521aacdd1fe4771a80080a669f3111784cdccdf88373d6f3572807
1b59ea2fe89b49ba3b0340b8a67c30de84f715888d640f108fb246017df1114d
21e3439fe5c80e2e59a56181ca3f9290c49aa93f4f3159d1126f981ed4c1c174
2aec0c6ec6d9e171c5745310cb5d7437525998abcece4474682d168f7a646ced
2ba5b01761544e351b597e8e568de9929f679675e57974301c4f74bc5060ae51
2c8d3cae3f73ae1383f92af6eaa0b5035a5ed1b852e405a339120e48b55b4b12
2db2ed2ec1b2d7bdaccf190db9cfb40096f36c349f782b3280a65c51fe8a0a49
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
349c6bf2c750e4943672ef10c5d09ffbda4b0d96e56a89b9a532fb9747849115
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
3a338df5f2ec74f64add7bcb08667b62aa9de55e15bcbc4f03f9de189c8af7af
4697cc3c8f7dd5826d9239bd84e99e89bfc46ad876139c52a988fa9269c5f819
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5616a7380d74a78a42cd93efda3c9d277c3d66c189f2580b825f696af388b7f7
62c5f2313be7056576885c27b088b6e4fdf5f0e6e256145760a124a8c1b67361
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
7206a8994f04d8cf4332a751f06d3ae6d780ffed9a8bd1c33eec577e14f8ec99
7ebc4d3324b37c7f06799ae232fd98a3f90b5039280323d9f08b3fd87718d368
89451cc80b6cba3abeaa5d615bd57c05468e2e80209812acb1c3ac1ec2f316e1
90fbcf6066c2ea41484dcfdaa976a23170a87dbb2ac1d29e6cc8ac4c6affbcd6
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
ab534f20fc5688c37042fab8b9138e507f16464116e3356a1506ca492f1dec4c
afe64170aba0054ef6876e439eb51e68f6db3d3f266c4280a628abdf2cb0d79b
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b490920c4e412d40d1c1c1242ef928ad72a8fee5346606db940e3b45ece1dc0c
b9fcfda463a2da7639d7280166427cc69bbc5c2ae612efb4282aa5a818b02a0c
bb18ece4127638abccc63fc552ee7dba7dfafb8846242006d371ba3df764e83b
bd09f4549710c6d75761191e96017adf6e3fee2a5ddf8e1f9edc91afcdc247f5
c5c6b66f1dae815e54d72fdeaa5b697be8600206c34d67aeec843e35c4ddf289
cfe039ecd8613edec658e84d49d5fd47e3de0d951b03033c7f3c67557ddde869
d1d5604f14c583faf18e064f17fef4864fe4906bfeb612aa37c777ece72b2bf9
df1bd199de87247dd238ba5360d7a4ccd5d8e0782a1e917df2b729a140beb753
e1899562d92281b00d934a653e1ebdd369bf2bd9bc23ebc699ffba414a43906b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e77a821257feb2889068d6d5031905c03c12fbfe173bfbc7199208fc322343c4
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f264dd9de21314dd51174f7a37387faf89b635a54d2ee0d681d16bad1f98adbc
f407eaaca7adb84344e02cd92e043ef70373783fd2fb562f7acc154eb0ecee02