tours.wingontravel.com Open in urlscan Pro
14.136.236.151 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.trip.com/forward/middlepages/channel/edm?targetUrl=https%3A%2F%2Ftours.wingontravel.com%2Fdest%2FLongHaul...
Effective URL:
https://tours.wingontravel.com/dest/LongHaultravel-5-5?allianceid=7&ouid=1iXEdYcBvhzjj6G_IC9I&SID=1&utm_source=foxpage&utm_id=E...
Submission: On April 13 via manual (April 13th 2023, 7:54:35 am UTC) from US — Scanned from NL

Summary HTTP 95 Redirects Behaviour Indicators

Summary

This website contacted 26 IPs in 5 countries across 16 domains to perform 95 HTTP transactions. The main IP is 14.136.236.151, located in Central, Hong Kong and belongs to HKBN-AS-AP Hong Kong Broadband Network Ltd., HK. The main domain is tours.wingontravel.com.
TLS certificate: Issued by Thawte RSA CA 2018 on December 7th 2022. Valid for: a year.

This is the only time tours.wingontravel.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	13.32.121.69 13.32.121.69	16509 (AMAZON-02) (AMAZON-02)
4	23.73.141.168 23.73.141.168	16625 (AKAMAI-AS) (AKAMAI-AS)
2	18.155.153.7 18.155.153.7	16509 (AMAZON-02) (AMAZON-02)
2	18.141.241.6 18.141.241.6	16509 (AMAZON-02) (AMAZON-02)
10	14.136.236.151 14.136.236.151	9269 (HKBN-AS-A...) (HKBN-AS-AP Hong Kong Broadband Network Ltd.)
1	35.158.198.220 35.158.198.220	16509 (AMAZON-02) (AMAZON-02)
12	115.160.189.3 115.160.189.3	9381 (HKBNES-AS...) (HKBNES-AS-AP HKBN Enterprise Solutions HK Limited)
2	2a00:1450:400... 2a00:1450:4001:80f::200d	() ()
3	14.136.236.141 14.136.236.141	() ()
4	115.160.189.12 115.160.189.12	() ()
4	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	() ()
3	2a00:1450:400... 2a00:1450:4001:810::200e	() ()
5	2a00:1450:400... 2a00:1450:4001:828::200e	() ()
3	2a00:1450:400... 2a00:1450:4001:830::2008	() ()
6	2620:1ec:c11:... 2620:1ec:c11::200	() ()
1	2a00:1288:80:... 2a00:1288:80:807::2	() ()
4	2a00:1450:400... 2a00:1450:400c:c0c::9d	() ()
1	2a03:2880:f17... 2a03:2880:f176:84:face:b00c:0:25de	() ()
5	2a00:1450:400... 2a00:1450:4001:80e::2004	() ()
5	2a00:1450:400... 2a00:1450:4001:829::2003	() ()
1	212.82.100.181 212.82.100.181	() ()
1	2a00:1450:400... 2a00:1450:4001:812::2002	() ()
1	142.250.185.226 142.250.185.226	() ()
1	2a00:1450:400... 2a00:1450:4001:82a::2002	() ()
1	2001:4860:480... 2001:4860:4802:32::36	() ()
95	26

2 13.32.121.69 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-69.fra60.r.cloudfront.net

www.trip.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.73.141.168 (Prague, Czech Republic)

ASN16625 (AKAMAI-AS, US)
PTR: a23-73-141-168.deploy.static.akamaitechnologies.com

ak-s.tripcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.155.153.7 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-155-153-7.ham50.r.cloudfront.net

m.trip.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.141.241.6 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-141-241-6.ap-southeast-1.compute.amazonaws.com

ubt-sin.tripcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 14.136.236.151 (Central, Hong Kong)

ASN9269 (HKBN-AS-AP Hong Kong Broadband Network Ltd., HK)
PTR: 014136236151.static.ctinets.com

tours.wingontravel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.158.198.220 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-198-220.eu-central-1.compute.amazonaws.com

chloro.trip.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 115.160.189.3 (Sai Wan, Hong Kong)

ASN9381 (HKBNES-AS-AP HKBN Enterprise Solutions HK Limited, HK)
PTR: vsa2.hkecl.net

webresource.wingontravel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::200d (None, )

ASN- ()

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 14.136.236.141 (None, )

ASN- ()

members.wingontravel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 115.160.189.12 (None, )

ASN- ()

m.wingontravel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f01c:8012:face:b00c:0:3 (None, )

ASN- ()

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::200e (None, )

ASN- ()

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:828::200e (None, )

ASN- ()

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2008 (None, )

ASN- ()

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2620:1ec:c11::200 (None, )

ASN- ()

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:80:807::2 (None, )

ASN- ()

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400c:c0c::9d (None, )

ASN- ()

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f176:84:face:b00c:0:25de (None, )

ASN- ()

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80e::2004 (None, )

ASN- ()

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:829::2003 (None, )

ASN- ()

www.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.181 (None, )

ASN- ()

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (None, )

ASN- ()

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.226 (None, )

ASN- ()

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (None, )

ASN- ()

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (None, )

ASN- ()

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
29	wingontravel.com tours.wingontravel.com webresource.wingontravel.com — Cisco Umbrella Rank: 918054 members.wingontravel.com m.wingontravel.com webpush.wingontravel.com Failed cuckoo.wingontravel.com Failed	796 KB
10	google.com accounts.google.com apis.google.com www.google.com	194 KB
6	bing.com bat.bing.com	13 KB
6	google-analytics.com www.google-analytics.com region1.google-analytics.com	20 KB
6	tripcdn.com ak-s.tripcdn.com — Cisco Umbrella Rank: 64144 ubt-sin.tripcdn.com — Cisco Umbrella Rank: 42070	84 KB
5	google.nl www.google.nl	797 B
5	doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net	3 KB
5	trip.com www.trip.com — Cisco Umbrella Rank: 42032 m.trip.com — Cisco Umbrella Rank: 61907 chloro.trip.com — Cisco Umbrella Rank: 96870	4 KB
4	facebook.net connect.facebook.net	225 KB
3	googletagmanager.com www.googletagmanager.com	250 KB
1	googlesyndication.com pagead2.googlesyndication.com	47 KB
1	googleadservices.com www.googleadservices.com	2 KB
1	yahoo.com sp.analytics.yahoo.com	635 B
1	facebook.com www.facebook.com	186 B
1	yimg.com s.yimg.com	6 KB
0	cfjump.com Failed t.cfjump.com Failed
95	16

	Domain	Requested by
12	webresource.wingontravel.com	tours.wingontravel.com webresource.wingontravel.com
10	tours.wingontravel.com	ak-s.tripcdn.com tours.wingontravel.com
6	bat.bing.com	webresource.wingontravel.com bat.bing.com tours.wingontravel.com
5	www.google.nl	tours.wingontravel.com
5	www.google.com	tours.wingontravel.com
5	www.google-analytics.com	webresource.wingontravel.com tours.wingontravel.com www.google-analytics.com
4	stats.g.doubleclick.net	www.google-analytics.com
4	connect.facebook.net	members.wingontravel.com webresource.wingontravel.com connect.facebook.net
4	m.wingontravel.com	tours.wingontravel.com webresource.wingontravel.com
4	ak-s.tripcdn.com	www.trip.com ak-s.tripcdn.com
3	www.googletagmanager.com	webresource.wingontravel.com www.googletagmanager.com
3	apis.google.com	webresource.wingontravel.com apis.google.com
3	members.wingontravel.com	tours.wingontravel.com
2	accounts.google.com	tours.wingontravel.com accounts.google.com apis.google.com
2	ubt-sin.tripcdn.com	www.trip.com
2	m.trip.com	ak-s.tripcdn.com
2	www.trip.com	ak-s.tripcdn.com
1	region1.google-analytics.com	www.googletagmanager.com
1	pagead2.googlesyndication.com	www.googletagmanager.com
1	www.googleadservices.com	www.googletagmanager.com
1	googleads.g.doubleclick.net	www.googletagmanager.com tours.wingontravel.com pagead2.googlesyndication.com
1	sp.analytics.yahoo.com	tours.wingontravel.com
1	www.facebook.com	tours.wingontravel.com
1	s.yimg.com	webresource.wingontravel.com
1	chloro.trip.com	ak-s.tripcdn.com
0	t.cfjump.com Failed	www.googletagmanager.com
0	cuckoo.wingontravel.com Failed	tours.wingontravel.com
0	webpush.wingontravel.com Failed	tours.wingontravel.com
95	28

This site contains no links.

Subject Issuer	Validity	Valid
*.trip.com GlobalSign RSA OV SSL CA 2018	`2022-11-24` - `2023-09-10`	10 months	crt.sh
Trip.com DigiCert TLS RSA SHA256 2020 CA1	`2022-12-20` - `2023-12-20`	a year	crt.sh
*.ctrip.com GlobalSign RSA OV SSL CA 2018	`2022-06-22` - `2023-07-24`	a year	crt.sh
*.wingontravel.com Thawte RSA CA 2018	`2022-12-07` - `2023-12-24`	a year	crt.sh
accounts.google.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-01-20` - `2023-04-20`	3 months	crt.sh
*.apis.google.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2023-02-16` - `2023-08-16`	6 months	crt.sh
*.api.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-04-10` - `2023-05-31`	2 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
*.google.nl GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
real.sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-01-03` - `2023-06-28`	6 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://tours.wingontravel.com/dest/LongHaultravel-5-5?allianceid=7&ouid=1iXEdYcBvhzjj6G_IC9I&SID=1&utm_source=foxpage&utm_id=EDM2023DM123&utm_medium=Email&utm_campaign=EDM2023DM123-TBS-23Apr12&
Frame ID: E59DBD083EF15D8C6A25726DB742DA88
Requests: 93 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/iframe
Frame ID: FD3875E0F3C44C7B9B2F39EECF47B2C9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230411/r20190131/zrt_lookup.html
Frame ID: B62B32C328E95188765D8B36EA9C58B8
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

長線旅行團,長線旅遊,長線旅行團優惠-永安旅遊

Page URL History Show full URLs

https://www.trip.com/forward/middlepages/channel/edm?targetUrl=https%3A%2F%2Ftours.wingontravel.c... Page URL
https://tours.wingontravel.com/dest/LongHaultravel-5-5?allianceid=7&ouid=1iXEdYcBvhzjj6G_IC9I&SID=1&utm_sou... Page URL

Detected technologies

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

accounts\.google\.com/gsi/client

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

95
Requests

88 %
HTTPS

56 %
IPv6

16
Domains

28
Subdomains

26
IPs

5
Countries

1652 kB
Transfer

5212 kB
Size

10
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.trip.com/forward/middlepages/channel/edm?targetUrl=https%3A%2F%2Ftours.wingontravel.com%2Fdest%2FLongHaultravel-5-5%3Fallianceid%3D7%26ouid%3D1iXEdYcBvhzjj6G_IC9I%26SID%3D1%26utm_source%3Dfoxpage%26utm_id%3DEDM2023DM123%26utm_medium%3DEmail%26utm_campaign%3DEDM2023DM123-TBS-23Apr12%26&bizData=eyJldmVudCI6ImNsaWNrIiwia2V5IjoiU0hBWFktMjA2MjEtMTA4ODUxOTMtMTY4MTMwODIxNzcxNy4zOTEiLCJ0aXRsZSI6Im1haWwtYnV0dG9uIiwidHlwZSI6InJlYWN0LmNvbXBvbmVudCIsIm5hbWUiOiJAY3RyaXAvY2xvdWQtY29tcG9uZW50LW1haWwtYnV0dG9uIiwibGFiZWwiOiJidXR0b24iLCJpZCI6InN0cnVfc2dOSzNSS2puT3RhZmtKIiwiZmlsZUlkIjoiZmlsZV9zcXg1OFJGbmZhdG1nMWsiLCJ0ZW1wbGF0ZUlkIjoiY29udF9BOWxVNFFlVlQ1Sm1USjYiLCJ0ZW1wbGF0ZVZlcnNpb24iOjgsImZveHBhZ2VWZXJzaW9uIjoyLCJkYXRhIjp7Im5hbWUiOiJtYWlsLWJ1dHRvbiIsImxpbmsiOiJodHRwczovL3RvdXJzLndpbmdvbnRyYXZlbC5jb20vZGVzdC9Mb25nSGF1bHRyYXZlbC01LTU%2FYWxsaWFuY2VpZD03Jm91aWQ9MWlYRWRZY0J2aHpqajZHX0lDOUkmU0lEPTEmdXRtX3NvdXJjZT1mb3hwYWdlJnV0bV9pZD1FRE0yMDIzRE0xMjMmdXRtX21lZGl1bT1FbWFpbCZ1dG1fY2FtcGFpZ249RURNMjAyM0RNMTIzLVRCUy0yM0FwcjEyIiwiYnV0dG9uVGV4dCI6Iuafpeeci%2BabtOWkmumVt%2Be3muaXheihjOWcmCJ9fQ%3D%3D Page URL
https://tours.wingontravel.com/dest/LongHaultravel-5-5?allianceid=7&ouid=1iXEdYcBvhzjj6G_IC9I&SID=1&utm_source=foxpage&utm_id=EDM2023DM123&utm_medium=Email&utm_campaign=EDM2023DM123-TBS-23Apr12& Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

95 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 edm Show response
www.trip.com/forward/middlepages/channel/ 834 B
1 KB 697ms
197ms Document
text/html 13.32.121.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.trip.com/forward/middlepages/channel/edm?targetUrl=https%3A%2F%2Ftours.wingontravel.com%2Fdest%2FLongHaultravel-5-5%3Fallianceid%3D7%26ouid%3D1iXEdYcBvhzjj6G_IC9I%26SID%3D1%26utm_source%3Dfoxpage%26utm_id%3DEDM2023DM123%26utm_medium%3DEmail%26utm_campaign%3DEDM2023DM123-TBS-23Apr12%26&bizData=eyJldmVudCI6ImNsaWNrIiwia2V5IjoiU0hBWFktMjA2MjEtMTA4ODUxOTMtMTY4MTMwODIxNzcxNy4zOTEiLCJ0aXRsZSI6Im1haWwtYnV0dG9uIiwidHlwZSI6InJlYWN0LmNvbXBvbmVudCIsIm5hbWUiOiJAY3RyaXAvY2xvdWQtY29tcG9uZW50LW1haWwtYnV0dG9uIiwibGFiZWwiOiJidXR0b24iLCJpZCI6InN0cnVfc2dOSzNSS2puT3RhZmtKIiwiZmlsZUlkIjoiZmlsZV9zcXg1OFJGbmZhdG1nMWsiLCJ0ZW1wbGF0ZUlkIjoiY29udF9BOWxVNFFlVlQ1Sm1USjYiLCJ0ZW1wbGF0ZVZlcnNpb24iOjgsImZveHBhZ2VWZXJzaW9uIjoyLCJkYXRhIjp7Im5hbWUiOiJtYWlsLWJ1dHRvbiIsImxpbmsiOiJodHRwczovL3RvdXJzLndpbmdvbnRyYXZlbC5jb20vZGVzdC9Mb25nSGF1bHRyYXZlbC01LTU%2FYWxsaWFuY2VpZD03Jm91aWQ9MWlYRWRZY0J2aHpqajZHX0lDOUkmU0lEPTEmdXRtX3NvdXJjZT1mb3hwYWdlJnV0bV9pZD1FRE0yMDIzRE0xMjMmdXRtX21lZGl1bT1FbWFpbCZ1dG1fY2FtcGFpZ249RURNMjAyM0RNMTIzLVRCUy0yM0FwcjEyIiwiYnV0dG9uVGV4dCI6Iuafpeeci%2BabtOWkmumVt%2Be3muaXheihjOWcmCJ9fQ%3D%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.121.69 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-121-69.fra60.r.cloudfront.net

Software

nginx/1.20.1 /

Resource Hash

6a9da8d5c71a1c35feafd659dbb449c3b01a2876a9bd72a5e11b32c866e6ed81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

content-length: 834
content-type: text/html; charset=utf-8
date: Thu, 13 Apr 2023 07:54:29 GMT
server: nginx/1.20.1
timing-allow-origin: *
via: 1.1 06a27d66e25d02ebcfb014b9d194016a.cloudfront.net (CloudFront)
x-amz-cf-id: xIAToFWF8xdnso8RU2ilPYoaJ1drKdyYvoxf6tx1ZQeSBsURjcRzJQ==
x-amz-cf-pop: FRA60-P1
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-download-options: noopen
x-envoy-upstream-service-time: 9
x-frame-options: SAMEORIGIN
x-ibu-trip-region: SIN-AWS-IBU
x-readtime: 7
x-trip-region: sg de
x-xss-protection: 1; mode=block

GET
H2 200 _mubt.min.cd6d4a59457fc26d96bbc7c951e835ef.macro.js Show response
ak-s.tripcdn.com/modules/ubt/trip/ 67 KB
27 KB 192ms
119ms Script
application/javascript 23.73.141.168
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ak-s.tripcdn.com/modules/ubt/trip/_mubt.min.cd6d4a59457fc26d96bbc7c951e835ef.macro.js
Requested by: Host: www.trip.com
URL: https://www.trip.com/forward/middlepages/channel/edm?targetUrl=https%3A%2F%2Ftours.wingontravel.com%2Fdest%2FLongHaultravel-5-5%3Fallianceid%3D7%26ouid%3D1iXEdYcBvhzjj6G_IC9I%26SID%3D1%26utm_source%3Dfoxpage%26utm_id%3DEDM2023DM123%26utm_medium%3DEmail%26utm_campaign%3DEDM2023DM123-TBS-23Apr12%26&bizData=eyJldmVudCI6ImNsaWNrIiwia2V5IjoiU0hBWFktMjA2MjEtMTA4ODUxOTMtMTY4MTMwODIxNzcxNy4zOTEiLCJ0aXRsZSI6Im1haWwtYnV0dG9uIiwidHlwZSI6InJlYWN0LmNvbXBvbmVudCIsIm5hbWUiOiJAY3RyaXAvY2xvdWQtY29tcG9uZW50LW1haWwtYnV0dG9uIiwibGFiZWwiOiJidXR0b24iLCJpZCI6InN0cnVfc2dOSzNSS2puT3RhZmtKIiwiZmlsZUlkIjoiZmlsZV9zcXg1OFJGbmZhdG1nMWsiLCJ0ZW1wbGF0ZUlkIjoiY29udF9BOWxVNFFlVlQ1Sm1USjYiLCJ0ZW1wbGF0ZVZlcnNpb24iOjgsImZveHBhZ2VWZXJzaW9uIjoyLCJkYXRhIjp7Im5hbWUiOiJtYWlsLWJ1dHRvbiIsImxpbmsiOiJodHRwczovL3RvdXJzLndpbmdvbnRyYXZlbC5jb20vZGVzdC9Mb25nSGF1bHRyYXZlbC01LTU%2FYWxsaWFuY2VpZD03Jm91aWQ9MWlYRWRZY0J2aHpqajZHX0lDOUkmU0lEPTEmdXRtX3NvdXJjZT1mb3hwYWdlJnV0bV9pZD1FRE0yMDIzRE0xMjMmdXRtX21lZGl1bT1FbWFpbCZ1dG1fY2FtcGFpZ249RURNMjAyM0RNMTIzLVRCUy0yM0FwcjEyIiwiYnV0dG9uVGV4dCI6Iuafpeeci%2BabtOWkmumVt%2Be3muaXheihjOWcmCJ9fQ%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.73.141.168 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-73-141-168.deploy.static.akamaitechnologies.com
Software: nginx/1.20.1 /
Resource Hash: 3e01f09dab8a39687e91ef880e41ab9e02b6b82a58acedcc4712531154608745

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.trip.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 07:54:29 GMT
content-encoding: gzip
x-ares-server: r100013666-21038164-54xkg@FRA-AWS
content-length: 27406
x-ares-source: aws
last-modified: Thu, 13 Apr 2023 07:09:58 GMT
server: nginx/1.20.1
x-ares-extended-request-id: QvzW+rcdSdsOUTZosIUuKmlRR3bXstNFZvKNsROvG7wfC8QZokFD8Lh1tr9HtzXFZEJSQIBNLDg=
etag: W/"cd6d4a59457fc26d96bbc7c951e835ef"
vary: Origin,Accept-Encoding
content-type: application/javascript
access-control-expose-headers: cache-control
x-ares-request-id: TR5XESNPQVPNTXZ6
access-control-allow-credentials: true
cache-control: max-age=5181433
timing-allow-origin: *
expires: Mon, 12 Jun 2023 07:11:42 GMT

GET
H2 200 wakeup.639c56eb131566dc66672235c7175b8a.js Show response
ak-s.tripcdn.com/modules/ibu/node-microservice/ 125 KB
37 KB 165ms
93ms Script
application/javascript 23.73.141.168
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ak-s.tripcdn.com/modules/ibu/node-microservice/wakeup.639c56eb131566dc66672235c7175b8a.js
Requested by: Host: www.trip.com
URL: https://www.trip.com/forward/middlepages/channel/edm?targetUrl=https%3A%2F%2Ftours.wingontravel.com%2Fdest%2FLongHaultravel-5-5%3Fallianceid%3D7%26ouid%3D1iXEdYcBvhzjj6G_IC9I%26SID%3D1%26utm_source%3Dfoxpage%26utm_id%3DEDM2023DM123%26utm_medium%3DEmail%26utm_campaign%3DEDM2023DM123-TBS-23Apr12%26&bizData=eyJldmVudCI6ImNsaWNrIiwia2V5IjoiU0hBWFktMjA2MjEtMTA4ODUxOTMtMTY4MTMwODIxNzcxNy4zOTEiLCJ0aXRsZSI6Im1haWwtYnV0dG9uIiwidHlwZSI6InJlYWN0LmNvbXBvbmVudCIsIm5hbWUiOiJAY3RyaXAvY2xvdWQtY29tcG9uZW50LW1haWwtYnV0dG9uIiwibGFiZWwiOiJidXR0b24iLCJpZCI6InN0cnVfc2dOSzNSS2puT3RhZmtKIiwiZmlsZUlkIjoiZmlsZV9zcXg1OFJGbmZhdG1nMWsiLCJ0ZW1wbGF0ZUlkIjoiY29udF9BOWxVNFFlVlQ1Sm1USjYiLCJ0ZW1wbGF0ZVZlcnNpb24iOjgsImZveHBhZ2VWZXJzaW9uIjoyLCJkYXRhIjp7Im5hbWUiOiJtYWlsLWJ1dHRvbiIsImxpbmsiOiJodHRwczovL3RvdXJzLndpbmdvbnRyYXZlbC5jb20vZGVzdC9Mb25nSGF1bHRyYXZlbC01LTU%2FYWxsaWFuY2VpZD03Jm91aWQ9MWlYRWRZY0J2aHpqajZHX0lDOUkmU0lEPTEmdXRtX3NvdXJjZT1mb3hwYWdlJnV0bV9pZD1FRE0yMDIzRE0xMjMmdXRtX21lZGl1bT1FbWFpbCZ1dG1fY2FtcGFpZ249RURNMjAyM0RNMTIzLVRCUy0yM0FwcjEyIiwiYnV0dG9uVGV4dCI6Iuafpeeci%2BabtOWkmumVt%2Be3muaXheihjOWcmCJ9fQ%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.73.141.168 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-73-141-168.deploy.static.akamaitechnologies.com
Software: nginx/1.20.1 /
Resource Hash: 23528c848f2b4a70e0ffddcf5590c9fc4b0b66f0d0ccba6472c3e91dc84110ad

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.trip.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 07:54:29 GMT
content-encoding: gzip
x-ares-server: r100013666-21038164-zs7fs@FRA-AWS
content-length: 37198
x-ares-source: aws
last-modified: Tue, 04 Apr 2023 02:40:48 GMT
server: nginx/1.20.1
x-ares-extended-request-id: wPTdwNkNts0CtEh7xLa8i+Dm5qUZrA+utEh+MCxJLus3Zh1854MmxzoMKw1ygBCjFc+qEAHL9eE=
etag: W/"639c56eb131566dc66672235c7175b8a"
vary: Origin,Accept-Encoding
content-type: application/javascript
access-control-expose-headers: cache-control
x-ares-request-id: WW05AW5BEMYJNKDD
access-control-allow-credentials: true
cache-control: max-age=4391222
timing-allow-origin: *
expires: Sat, 03 Jun 2023 03:41:31 GMT

OPTIONS
H2 200 getAppConfig.json
m.trip.com/restapi/soa2/18088/ Frame 0
0 530ms
242ms Preflight
text/html 18.155.153.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://m.trip.com/restapi/soa2/18088/getAppConfig.json
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.153.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-153-7.ham50.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.trip.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://www.trip.com
access-control-expose-headers: x-service-call x-gate-region
content-length: 0
content-type: text/html
date: Thu, 13 Apr 2023 07:54:29 GMT
timing-allow-origin: *
via: 1.1 c08e2480b7edc38ca37e62153bcb77fe.cloudfront.net (CloudFront)
x-amz-cf-id: DBIIdMlMxRWW-gAaICssklj8o7Z69jyo0j1k6YWiLm5iWyVEuDYkNA==
x-amz-cf-pop: HAM50-P2
x-cache: Miss from cloudfront
x-gate: ctrip-gate
x-gate-region: SHARB
x-gate-root-id: 100025527-0a3d50a1-467047-4879734
x-originating-url: https://m.trip.com/restapi/soa2/18088/getAppConfig.json

POST
H2 200 getAppConfig.json
m.trip.com/restapi/soa2/18088/ 667 B
1 KB 260ms
258ms XHR
application/json 18.155.153.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://m.trip.com/restapi/soa2/18088/getAppConfig.json
Requested by: Host: ak-s.tripcdn.com
URL: https://ak-s.tripcdn.com/modules/ubt/trip/_mubt.min.cd6d4a59457fc26d96bbc7c951e835ef.macro.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.153.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-153-7.ham50.r.cloudfront.net
Software: /
Resource Hash

Request headers

Referer: https://www.trip.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
content-type: application/json

Response headers

date: Thu, 13 Apr 2023 07:54:30 GMT
content-encoding: gzip
via: 1.1 c08e2480b7edc38ca37e62153bcb77fe.cloudfront.net (CloudFront)
x-service-appid: 100033051
x-amz-cf-pop: HAM50-P2
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 2
x-service-call: 0.007
clogging_trace_id: 7427191620916161414
x-service-hostip: 10.43.48.113
vary: accept-encoding
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.trip.com
x-gate-root-id: 100025527-0a3d50a9-467047-4885376
access-control-expose-headers: RootMessageId, x-service-call, x-gate-region
access-control-allow-credentials: true
x-gate-region: SHARB
x-originating-url: https://m.trip.com/restapi/soa2/18088/getAppConfig.json
servermessageid: 100025527-0a3d50a9-467047-4885377
timing-allow-origin: *
x-amz-cf-id: Lj9kwxwutuwoQnl-WtAMg-FhEjniRflGGCSsfgC3pq8w5zf3X1SxdQ==
rootmessageid: 100025527-0a3d50a9-467047-4885376
x-gate: ctrip-gate

GET
H2 200 bf.gif
ubt-sin.tripcdn.com/ 43 B
498 B 700ms
215ms Image
image/gif 18.141.241.6
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ubt-sin.tripcdn.com/bf.gif?ac=g&d=%7B%22c%22%3A%5B%2210650038432%22%2C%221681372469338.gx93wt%22%2C1%2C1%2C%22%22%2C%22%22%2C%22%22%2C%224.1.34%2Ftrip%22%2C%22vlc3zj-153xat0-1k1mivz%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22h5%22%2C%22SIN-AWS-IBU%22%2C1%2C%22%22%2C%22https%3A%2F%2Fwww.trip.com%2Fforward%2Fmiddlepages%2Fchannel%2Fedm%3FtargetUrl%3Dhttps%253A%252F%252Ftours.wingontravel.com%252Fdest%252FLongHaultravel-5-5%253Fallianceid%253D7%2526ouid%253D1iXEdYcBvhzjj6G_IC9I%2526SID%253D1%2526utm_source%253Dfoxpage%2526utm_id%253DEDM2023DM123%2526utm_medium%253DEmail%2526utm_campaign%253DEDM2023DM123-TBS-23Apr12%2526%26bizData%3DeyJldmVudCI6ImNsaWNrIiwia2V5IjoiU0hBWFktMjA2MjEtMTA4ODUxOTMtMTY4MTMwODIxNzcxNy4zOTEiLCJ0aXRsZSI6Im1haWwtYnV0dG9uIiwidHlwZSI6InJlYWN0LmNvbXBvbmVudCIsIm5hbWUiOiJAY3RyaXAvY2xvdWQtY29tcG9uZW50LW1haWwtYnV0dG9uIiwibGFiZWwiOiJidXR0b24iLCJpZCI6InN0cnVfc2dOSzNSS2puT3RhZmtKIiwiZmlsZUlkIjoiZmlsZV9zcXg1OFJGbmZhdG1nMWsiLCJ0ZW1wbGF0ZUlkIjoiY29udF9BOWxVNFFlVlQ1Sm1USjYiLCJ0ZW1wbGF0ZVZlcnNpb24iOjgsImZveHBhZ2VWZXJzaW9uIjoyLCJkYXRhIjp7Im5hbWUiOiJtYWlsLWJ1dHRvbiIsImxpbmsiOiJodHRwczovL3RvdXJzLndpbmdvbnRyYXZlbC5jb20vZGVzdC9Mb25nSGF1bHRyYXZlbC01LTU%252FYWxsaWFuY2VpZD03Jm91aWQ9MWlYRWRZY0J2aHpqajZHX0lDOUkmU0lEPTEmdXRtX3NvdXJjZT1mb3hwYWdlJnV0bV9pZD1FRE0yMDIzRE0xMjMmdXRtX21lZGl1bT1FbWFpbCZ1dG1fY2FtcGFpZ249RURNMjAyM0RNMTIzLVRCUy0yM0FwcjEyIiwiYnV0dG9uVGV4dCI6Iuafpeeci%252BabtOWkmumVt%252Be3muaXheihjOWcmCJ9fQ%253D%253D%22%5D%2C%22d%22%3A%7B%22uinfo%22%3A%5B17%2C0%2C0%2C%22https%3A%2F%2Fwww.trip.com%2Fforward%2Fmiddlepages%2Fchannel%2Fedm%3FtargetUrl%3Dhttps%253A%252F%252Ftours.wingontravel.com%252Fdest%252FLongHaultravel-5-5%253Fallianceid%253D7%2526ouid%253D1iXEdYcBvhzjj6G_IC9I%2526SID%253D1%2526utm_source%253Dfoxpage%2526utm_id%253DEDM2023DM123%2526utm_medium%253DEmail%2526utm_campaign%253DEDM2023DM123-TBS-23Apr12%2526%26bizData%3DeyJldmVudCI6ImNsaWNrIiwia2V5IjoiU0hBWFktMjA2MjEtMTA4ODUxOTMtMTY4MTMwODIxNzcxNy4zOTEiLCJ0aXRsZSI6Im1haWwtYnV0dG9uIiwidHlwZSI6InJlYWN0LmNvbXBvbmVudCIsIm5hbWUiOiJAY3RyaXAvY2xvdWQtY29tcG9uZW50LW1haWwtYnV0dG9uIiwibGFiZWwiOiJidXR0b24iLCJpZCI6InN0cnVfc2dOSzNSS2puT3RhZmtKIiwiZmlsZUlkIjoiZmlsZV9zcXg1OFJGbmZhdG1nMWsiLCJ0ZW1wbGF0ZUlkIjoiY29udF9BOWxVNFFlVlQ1Sm1USjYiLCJ0ZW1wbGF0ZVZlcnNpb24iOjgsImZveHBhZ2VWZXJzaW9uIjoyLCJkYXRhIjp7Im5hbWUiOiJtYWlsLWJ1dHRvbiIsImxpbmsiOiJodHRwczovL3RvdXJzLndpbmdvbnRyYXZlbC5jb20vZGVzdC9Mb25nSGF1bHRyYXZlbC01LTU%252FYWxsaWFuY2VpZD03Jm91aWQ9MWlYRWRZY0J2aHpqajZHX0lDOUkmU0lEPTEmdXRtX3NvdXJjZT1mb3hwYWdlJnV0bV9pZD1FRE0yMDIzRE0xMjMmdXRtX21lZGl1bT1FbWFpbCZ1dG1fY2FtcGFpZ249RURNMjAyM0RNMTIzLVRCUy0yM0FwcjEyIiwiYnV0dG9uVGV4dCI6Iuafpeeci%252BabtOWkmumVt%252Be3muaXheihjOWcmCJ9fQ%253D%253D%22%2C1600%2C1200%2C%22cl%3D169%2Cckl%3D2%2Clk%3D1%2Clog%3DEAh~%22%2C%22en-US%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C1%2C0%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22h5%22%2C1%2C1%2C%22%7B%5C%22fef_name%5C%22%3A%5C%22%5C%22%2C%5C%22fef_ver%5C%22%3A%5C%22%5C%22%2C%5C%22lizard%5C%22%3A%5C%22%5C%22%2C%5C%22rg%5C%22%3A%5C%22%5C%22%2C%5C%22lang%5C%22%3A%5C%22en%5C%22%7D%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2Cnull%2C%7B%22eid%22%3A%22%22%7D%2Cnull%2Cnull%2Cnull%5D%7D%7D&v=4.1.34/trip&t=1681372469353&_mt=lgetr8fd2gn80a

Requested by

Host: www.trip.com
URL: https://www.trip.com/forward/middlepages/channel/edm?targetUrl=https%3A%2F%2Ftours.wingontravel.com%2Fdest%2FLongHaultravel-5-5%3Fallianceid%3D7%26ouid%3D1iXEdYcBvhzjj6G_IC9I%26SID%3D1%26utm_source%3Dfoxpage%26utm_id%3DEDM2023DM123%26utm_medium%3DEmail%26utm_campaign%3DEDM2023DM123-TBS-23Apr12%26&bizData=eyJldmVudCI6ImNsaWNrIiwia2V5IjoiU0hBWFktMjA2MjEtMTA4ODUxOTMtMTY4MTMwODIxNzcxNy4zOTEiLCJ0aXRsZSI6Im1haWwtYnV0dG9uIiwidHlwZSI6InJlYWN0LmNvbXBvbmVudCIsIm5hbWUiOiJAY3RyaXAvY2xvdWQtY29tcG9uZW50LW1haWwtYnV0dG9uIiwibGFiZWwiOiJidXR0b24iLCJpZCI6InN0cnVfc2dOSzNSS2puT3RhZmtKIiwiZmlsZUlkIjoiZmlsZV9zcXg1OFJGbmZhdG1nMWsiLCJ0ZW1wbGF0ZUlkIjoiY29udF9BOWxVNFFlVlQ1Sm1USjYiLCJ0ZW1wbGF0ZVZlcnNpb24iOjgsImZveHBhZ2VWZXJzaW9uIjoyLCJkYXRhIjp7Im5hbWUiOiJtYWlsLWJ1dHRvbiIsImxpbmsiOiJodHRwczovL3RvdXJzLndpbmdvbnRyYXZlbC5jb20vZGVzdC9Mb25nSGF1bHRyYXZlbC01LTU%2FYWxsaWFuY2VpZD03Jm91aWQ9MWlYRWRZY0J2aHpqajZHX0lDOUkmU0lEPTEmdXRtX3NvdXJjZT1mb3hwYWdlJnV0bV9pZD1FRE0yMDIzRE0xMjMmdXRtX21lZGl1bT1FbWFpbCZ1dG1fY2FtcGFpZ249RURNMjAyM0RNMTIzLVRCUy0yM0FwcjEyIiwiYnV0dG9uVGV4dCI6Iuafpeeci%2BabtOWkmumVt%2Be3muaXheihjOWcmCJ9fQ%3D%3D

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

18.141.241.6 , Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-141-241-6.ap-southeast-1.compute.amazonaws.com

Software

nginx/1.20.1 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Apr 2023 07:54:29 GMT
x-content-type-options: nosniff
server: nginx/1.20.1
content-type: image/gif
p3p: CP=CUR ADM OUR NOR STA NID
access-control-allow-origin: *
cache-control: private, no-store, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 getUniversalLinkH5
www.trip.com/restapi/soa2/13618/json/ 313 B
967 B 216ms
216ms XHR
application/json 13.32.121.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.trip.com/restapi/soa2/13618/json/getUniversalLinkH5
Requested by: Host: ak-s.tripcdn.com
URL: https://ak-s.tripcdn.com/modules/ibu/node-microservice/wakeup.639c56eb131566dc66672235c7175b8a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-69.fra60.r.cloudfront.net
Software: nginx/1.20.1 /
Resource Hash

Request headers

Referer: https://www.trip.com/forward/middlepages/channel/edm?targetUrl=https%3A%2F%2Ftours.wingontravel.com%2Fdest%2FLongHaultravel-5-5%3Fallianceid%3D7%26ouid%3D1iXEdYcBvhzjj6G_IC9I%26SID%3D1%26utm_source%3Dfoxpage%26utm_id%3DEDM2023DM123%26utm_medium%3DEmail%26utm_campaign%3DEDM2023DM123-TBS-23Apr12%26&bizData=eyJldmVudCI6ImNsaWNrIiwia2V5IjoiU0hBWFktMjA2MjEtMTA4ODUxOTMtMTY4MTMwODIxNzcxNy4zOTEiLCJ0aXRsZSI6Im1haWwtYnV0dG9uIiwidHlwZSI6InJlYWN0LmNvbXBvbmVudCIsIm5hbWUiOiJAY3RyaXAvY2xvdWQtY29tcG9uZW50LW1haWwtYnV0dG9uIiwibGFiZWwiOiJidXR0b24iLCJpZCI6InN0cnVfc2dOSzNSS2puT3RhZmtKIiwiZmlsZUlkIjoiZmlsZV9zcXg1OFJGbmZhdG1nMWsiLCJ0ZW1wbGF0ZUlkIjoiY29udF9BOWxVNFFlVlQ1Sm1USjYiLCJ0ZW1wbGF0ZVZlcnNpb24iOjgsImZveHBhZ2VWZXJzaW9uIjoyLCJkYXRhIjp7Im5hbWUiOiJtYWlsLWJ1dHRvbiIsImxpbmsiOiJodHRwczovL3RvdXJzLndpbmdvbnRyYXZlbC5jb20vZGVzdC9Mb25nSGF1bHRyYXZlbC01LTU%2FYWxsaWFuY2VpZD03Jm91aWQ9MWlYRWRZY0J2aHpqajZHX0lDOUkmU0lEPTEmdXRtX3NvdXJjZT1mb3hwYWdlJnV0bV9pZD1FRE0yMDIzRE0xMjMmdXRtX21lZGl1bT1FbWFpbCZ1dG1fY2FtcGFpZ249RURNMjAyM0RNMTIzLVRCUy0yM0FwcjEyIiwiYnV0dG9uVGV4dCI6Iuafpeeci%2BabtOWkmumVt%2Be3muaXheihjOWcmCJ9fQ%3D%3D
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-type: application/json

Response headers

date: Thu, 13 Apr 2023 07:54:29 GMT
content-encoding: gzip
via: 1.1 06a27d66e25d02ebcfb014b9d194016a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
x-capa-server: capa-service
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 6
x-service-call: 0.028
x-ibu-trip-region: SIN-AWS-IBU
x-trip-region: sg, de
server: nginx/1.20.1
vary: accept-encoding
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.trip.com
x-gate-root-id: 100025527-0a8163f8-467047-7087064
access-control-expose-headers: RootMessageId, x-service-call, x-gate-region
access-control-allow-credentials: true
x-gate-region: SIN-AWS
x-originating-url: https://www.trip.com/restapi/soa2/13618/json/getUniversalLinkH5
timing-allow-origin: *
x-amz-cf-id: JXka7cCIDAuD2YG5LU0RYWtmSxGeYV6Iw4jxpW1omKVNSGSMqZva_A==
x-gate: ctrip-gate

GET
H2 200 mrms.b3e2fe310462520e86c081d1da12862c.macro.js Show response
ak-s.tripcdn.com/modules/sysdev/rms.ubt/ 6 KB
3 KB 80ms
28ms Script
application/javascript 23.73.141.168
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ak-s.tripcdn.com/modules/sysdev/rms.ubt/mrms.b3e2fe310462520e86c081d1da12862c.macro.js?v=20230413
Requested by: Host: ak-s.tripcdn.com
URL: https://ak-s.tripcdn.com/modules/ubt/trip/_mubt.min.cd6d4a59457fc26d96bbc7c951e835ef.macro.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.73.141.168 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-73-141-168.deploy.static.akamaitechnologies.com
Software: nginx/1.20.1 /
Resource Hash: 8e889a40128050733d2b40336871caf5e79e3c90522670cae3447ec0d2f26898

Request headers

Referer: https://www.trip.com/
Origin: https://www.trip.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency: 34
date: Thu, 13 Apr 2023 07:54:29 GMT
content-encoding: gzip
x-ares-server: r100013666-21038164-jzrvm@FRA-AWS
x-edgeconnect-midmile-rtt: 7
content-length: 2589
x-ares-source: aws
last-modified: Wed, 02 Nov 2022 02:18:54 GMT
server: nginx/1.20.1
x-ares-extended-request-id: LIkxbrMVyEqDm36uVYiyENIbM5rqeAOThk/TDTSXyLQ6FCNfqO/9J6g5pzKs4sxcwAHYzXR4ync=
etag: W/"b3e2fe310462520e86c081d1da12862c"
vary: Origin,Accept-Encoding
content-type: application/javascript
access-control-allow-origin: https://www.trip.com
access-control-expose-headers: cache-control
x-ares-request-id: 4BXRE4G8NTATFP54
access-control-allow-credentials: true
cache-control: max-age=5127200
timing-allow-origin: *
expires: Sun, 11 Jun 2023 16:07:49 GMT

GET
H2 200 md.min.43e82c9d4777c65439c87b6385903e26.js Show response
ak-s.tripcdn.com/modules/sysdev/rms.ubt/ 49 KB
15 KB 40ms
39ms Script
application/javascript 23.73.141.168
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ak-s.tripcdn.com/modules/sysdev/rms.ubt/md.min.43e82c9d4777c65439c87b6385903e26.js
Requested by: Host: ak-s.tripcdn.com
URL: https://ak-s.tripcdn.com/modules/sysdev/rms.ubt/mrms.b3e2fe310462520e86c081d1da12862c.macro.js?v=20230413
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.73.141.168 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-73-141-168.deploy.static.akamaitechnologies.com
Software: nginx/1.20.1 /
Resource Hash: af93fca4f5243ec0a7f7fbd6ed4fd230cc04b9865d4b50ed60864bca471aa6e5

Request headers

Referer: https://www.trip.com/
Origin: https://www.trip.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 07:54:29 GMT
content-encoding: gzip
x-ares-server: r100013666-21038164-nwkpt@FRA-AWS
content-length: 15356
x-ares-source: aws
last-modified: Thu, 10 Dec 2020 01:29:07 GMT
server: nginx/1.20.1
x-ares-extended-request-id: FRsVkHVvzHY17/R9VO55hqmkH3vu/NnGjNMWksyERBqU2TZEUT2PptkUNWarfQMXJXcYl7ACsAw=
etag: W/"43e82c9d4777c65439c87b6385903e26"
vary: Origin,Accept-Encoding
content-type: application/javascript
access-control-allow-origin: https://www.trip.com
access-control-expose-headers: cache-control
x-ares-request-id: 1W0YBZTKMVTHRS09
access-control-allow-credentials: true
cache-control: max-age=5180594
timing-allow-origin: *
expires: Mon, 12 Jun 2023 06:57:43 GMT

GET
H2 200 Primary Request LongHaultravel-5-5 Show response
tours.wingontravel.com/dest/ 56 KB
11 KB 1631ms
516ms Document
text/html 14.136.236.151
HKBN-AS-AP Hong K...

General

Check archive.org

Show headers Download Go to

Full URL

https://tours.wingontravel.com/dest/LongHaultravel-5-5?allianceid=7&ouid=1iXEdYcBvhzjj6G_IC9I&SID=1&utm_source=foxpage&utm_id=EDM2023DM123&utm_medium=Email&utm_campaign=EDM2023DM123-TBS-23Apr12&

Requested by

Host: ak-s.tripcdn.com
URL: https://ak-s.tripcdn.com/modules/ibu/node-microservice/wakeup.639c56eb131566dc66672235c7175b8a.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

14.136.236.151 Central, Hong Kong, ASN9269 (HKBN-AS-AP Hong Kong Broadband Network Ltd., HK),

Reverse DNS

014136236151.static.ctinets.com

Software

tengine / wingonServer

Resource Hash

4357f68b231e13ad1624a5cfab208b3d6907cce689f65e86f05191ec049e5964

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.trip.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

content-encoding: gzip
content-security-policy: frame-ancestors 'self'
content-type: text/html; charset=utf-8
date: Thu, 13 Apr 2023 07:54:31 GMT
server: tengine
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-envoy-upstream-service-time: 288
x-frame-options: SAMEORIGIN
x-powered-by: wingonServer
x-xss-protection: 1; mode=block

GET
H2 200 bf.gif
ubt-sin.tripcdn.com/ 43 B
496 B 466ms
216ms Image
image/gif 18.141.241.6
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ubt-sin.tripcdn.com/bf.gif?ac=a&d=E8dbWzQsIm1hdHJpeCJdLFsiMTA2NTAwMzg0MzIiLCIxNjgxMzcyNDY5MzM4Lmd4OTN3dCIsMSwxLCIAGwAAAAD5NC4xLjM0LwA__3AAC-p2bGMzemotMTUzeGF0MC0xazFtaXZ6BiQGAP5oNQAC8lNJTi1BV1MtSUJVIiwyAxL1dHRwczovL3d3dy4BT9EuY29tL2ZvcndhcmQvbWlkZGxlcGFnZXMvY2hhbm5lbC9lZG0_dGFyZ2V0VXJsPQI6-iUzQSUyRgAA7nRvdXJzLndpbmdvbnRyYXZlbAFLABb8ZGVzdAAE-ExvbmdIYXVsAxbmLTUtNSUzRmFsbGlhbmNlaWQlM0Q3JTI2b3UCBuwxaVhFZFljQnZoempqNkdfSUM5SQAb_VNJRAEZAAf7dXRtX3MAb_5jZQAO_WZveAGkAQQQAjz0RURNMjAyM0RNMTIzBBH6bWVkaXVtARj8bWFpbAQO-GNhbXBhaWduDCT0LVRCUy0yM0FwcjEyACe8JmJpekRhdGE9ZXlKbGRtVnVkQ0k2SW1Oc2FXTnJJaXdpYTJWNUlqb2lVMGhCV0ZrdE1qQTJNakV0TVRBNE9EVXhPVE0ACeBZNE1UTXdPREl4TnpjeE55NHpPVEVpTENKMGFYUnNaUwFQ8jFoYVd3dFluVjBkRzl1AVj8ZEhsdwIX8G5KbFlXTjBMbU52YlhCdmIDggHec0ltNWhiV1VpT2lKQVkzUnlhWEF2WTJ4dmRXUXRZMjl0YwBF-lpXNTBMVw9K-WJHRmlaV3cBOPhpZFhSMGIyNAGMAf5wWgHcAeVuTjBjblZmYzJkT1N6TlNTMnB1VDNSaFptdEsBOPhabWxzWlVsawH0AQIH6lY5emNYZzFPRkpHYm1aaGRHMW5NV3MC2wH8WlcxdwBp_zAFKACVAeh1ZEY5Qk9XeFZORkZsVmxRMVNtMVVTalkLIvlWWmxjbk5wAZQB_U9qZwDpAfBadmVIQmhaMlZXWlhKemFXAMUB_WpveQAx92tZWFJoSWpwNwiFAvF0WVdsc0xXSjFkSFJ2YmkBqAL7eHBibXMBGP9vABH2d2N6b3ZMM1J2ZABJ_UxuZAAZ3GR2Ym5SeVlYWmxiQzVqYjIwdlpHVnpkQzlNYjI1blNHRjFiSAUY-zAxTFRVANgF_VlXeACHBMpGdVkyVnBaRDAzSm05MWFXUTlNV2xZUldSWlkwSjJhSHBxYWpaSFgwbERPVWttVTBsRVBURW0A8wL8dFgzTgF-8mpaVDFtYjNod1lXZGxKAKMD_WJWOQBN9jFGUkUweU1ESXoABfx4TWpNAy7tMjFsWkdsMWJUMUZiV0ZwYkNaMQDvAv5mWQCHB_RjR0ZwWjI0OVJVUk4AhwX9eU0wAAX3VEl6TFZSQ1V5AEn5MEZ3Y2pFeQHCAwWGBPxWR1Y0AtEF63VhZnBlZWNpJTJCYWJ0T1drbXVtVgC-B-tCZTNtdWFYaGVpaGpPV2NtQ0o5ZlEAtAYAAAHJCep7Im5hbWUiOiJpYnVfYWpheF9wZXJmAOII9XRhZ3MiOnsidXJsABsS3gj_cgCfCOxhcGkvc29hMi8xMzYxOC9qc29uLwHkCPNuaXZlcnNhbExpbmtIAcQJ-0ROU1RpAWb6MCwiVENQBgP9U1NMBgP8cmVxdQBRAwr2MjE1Ljg5OTk5OQBW-zUzMDI3AR36c3BvbnNlBCvlLjkwMDAwMDU3MjIwNDU4OTgsImR1cmF0aW9uATz9Ny4zAhv4MTkwNzM0ODYBPP9nAhcFzgr-In0Aiwv9YWx1AmoPHf90AP8BB9UL_jU4AIQM92NsaWVudENvZAGwAvwifV1d&c=1&v=4.1.34/trip&t=1681372469587&_mt=lgetr8lv1dkk8b

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

18.141.241.6 , Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-141-241-6.ap-southeast-1.compute.amazonaws.com

Software

nginx/1.20.1 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Apr 2023 07:54:29 GMT
x-content-type-options: nosniff
server: nginx/1.20.1
content-type: image/gif
p3p: CP=CUR ADM OUR NOR STA NID
access-control-allow-origin: *
cache-control: private, no-store, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 d
chloro.trip.com/v2/ 108 B
395 B 398ms
305ms XHR
text/plain 35.158.198.220
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://chloro.trip.com/v2/d
Requested by: Host: ak-s.tripcdn.com
URL: https://ak-s.tripcdn.com/modules/sysdev/rms.ubt/md.min.43e82c9d4777c65439c87b6385903e26.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 35.158.198.220 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-158-198-220.eu-central-1.compute.amazonaws.com
Software: nginx/1.20.1 /
Resource Hash

Request headers

Referer: https://www.trip.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: https://www.trip.com
date: Thu, 13 Apr 2023 07:54:30 GMT
access-control-allow-credentials: true
server: nginx/1.20.1
access-control-allow-headers: x-ctrip-canary-req,x-ctx-CanaryReq,x-ctx-CanarySrc,x-ctx-CanaryIdc,x-cat-trace-mode
content-length: 108

GET
H2 200 web_chat_entry.css
webresource.wingontravel.com/cui/css/ 984 B
782 B 1148ms
216ms Stylesheet
text/css 115.160.189.3
HKBNES-AS-AP HKBN...

General

Check archive.org

Show headers Download Go to

Full URL

https://webresource.wingontravel.com/cui/css/web_chat_entry.css

Requested by

Host: tours.wingontravel.com
URL: https://tours.wingontravel.com/dest/LongHaultravel-5-5?allianceid=7&ouid=1iXEdYcBvhzjj6G_IC9I&SID=1&utm_source=foxpage&utm_id=EDM2023DM123&utm_medium=Email&utm_campaign=EDM2023DM123-TBS-23Apr12&

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

115.160.189.3 Sai Wan, Hong Kong, ASN9381 (HKBNES-AS-AP HKBN Enterprise Solutions HK Limited, HK),

Reverse DNS

vsa2.hkecl.net

Software

nginx /

Resource Hash

eb01b6ff65c49df827739b4ccc46e4f02f85a51ff54b51b3b4673a9802c61af7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tours.wingontravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 07:54:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
last-modified: Thu, 22 Aug 2019 02:55:31 GMT
server: nginx
content-security-policy: frame-ancestors 'self'
etag: "3d8-590abd2a412f7-gzip"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
accept-ranges: bytes
content-length: 353
x-xss-protection: 1; mode=block

GET
H2 200 header_footer.min.css
webresource.wingontravel.com/headerfooter/Content/css/ 25 KB
6 KB 1149ms
217ms Stylesheet
text/css 115.160.189.3
HKBNES-AS-AP HKBN...

General

Check archive.org

Show headers Download Go to

Full URL

https://webresource.wingontravel.com/headerfooter/Content/css/header_footer.min.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

115.160.189.3 Sai Wan, Hong Kong, ASN9381 (HKBNES-AS-AP HKBN Enterprise Solutions HK Limited, HK),

Reverse DNS

vsa2.hkecl.net

Software

nginx /

Resource Hash

e35d2aaac97c14c8d193d4453092d80a569dc6b35eb734134e76446ad1297548

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tours.wingontravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 07:54:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
last-modified: Tue, 21 Mar 2023 01:00:09 GMT
server: nginx
content-security-policy: frame-ancestors 'self'
etag: "65f5-5f75e90adabca-gzip"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
accept-ranges: bytes
content-length: 5493
x-xss-protection: 1; mode=block

GET
H2 200 iconfont.min.css
webresource.wingontravel.com/headerfooter/Content/icon/ 13 KB
9 KB 1358ms
426ms Stylesheet
text/css 115.160.189.3
HKBNES-AS-AP HKBN...

General

Check archive.org

Show headers Download Go to

Full URL

https://webresource.wingontravel.com/headerfooter/Content/icon/iconfont.min.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

115.160.189.3 Sai Wan, Hong Kong, ASN9381 (HKBNES-AS-AP HKBN Enterprise Solutions HK Limited, HK),

Reverse DNS

vsa2.hkecl.net

Software

nginx /

Resource Hash

d248bdda7062529418aabb155224862066083eeb03cc9fe6f7d00e54ecc5357c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tours.wingontravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 07:54:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
last-modified: Tue, 21 Mar 2023 01:00:10 GMT
server: nginx
content-security-policy: frame-ancestors 'self'
etag: "322d-5f75e90b485b2-gzip"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
accept-ranges: bytes
content-length: 8603
x-xss-protection: 1; mode=block

GET
H2 200 masterpage.min.js Show response
webresource.wingontravel.com/headerfooter/Content/js/ 7 KB
3 KB 1360ms
428ms Script
application/x-javascript 115.160.189.3
HKBNES-AS-AP HKBN...

General

Check archive.org

Show headers Download Go to

Full URL

https://webresource.wingontravel.com/headerfooter/Content/js/masterpage.min.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

115.160.189.3 Sai Wan, Hong Kong, ASN9381 (HKBNES-AS-AP HKBN Enterprise Solutions HK Limited, HK),

Reverse DNS

vsa2.hkecl.net

Software

nginx /

Resource Hash

330908701ec91e9121a64524e12fcd1af08bfa68565f597324838f9d61fcb787

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tours.wingontravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 07:54:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
last-modified: Tue, 21 Mar 2023 01:00:13 GMT
server: nginx
content-security-policy: frame-ancestors 'self'
etag: "1a46-5f75e90eb58da-gzip"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/x-javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 2606
x-xss-protection: 1; mode=block

GET
H2 200 chunks.common.css
tours.wingontravel.com/Content/WebJS/css/ 247 KB
38 KB 463ms
460ms Stylesheet
text/css 14.136.236.151
HKBN-AS-AP Hong K...

General

Check archive.org

Show headers Download Go to

Full URL

https://tours.wingontravel.com/Content/WebJS/css/chunks.common.css?_=tbs_online_8_25_20

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

14.136.236.151 Central, Hong Kong, ASN9269 (HKBN-AS-AP Hong Kong Broadband Network Ltd., HK),

Reverse DNS

014136236151.static.ctinets.com

Software

tengine / wingonServer

Resource Hash

bf498c3a44e99172073df70525d863cb4e99130a5e6c7ffd34ce93e8b47e7d0e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tours.wingontravel.com/dest/LongHaultravel-5-5?allianceid=7&ouid=1iXEdYcBvhzjj6G_IC9I&SID=1&utm_source=foxpage&utm_id=EDM2023DM123&utm_medium=Email&utm_campaign=EDM2023DM123-TBS-23Apr12&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 07:54:31 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: frame-ancestors 'self'
last-modified: Mon, 03 Apr 2023 09:39:10 GMT
server: tengine
etag: W/"1d966102462e9b6"
x-powered-by: wingonServer
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
x-envoy-upstream-service-time: 3
x-xss-protection: 1; mode=block

GET
H2 200 product.search.css
tours.wingontravel.com/Content/WebJS/css/ 293 KB
58 KB 464ms
461ms Stylesheet
text/css 14.136.236.151
HKBN-AS-AP Hong K...

General

Check archive.org

Show headers Download Go to

Full URL

https://tours.wingontravel.com/Content/WebJS/css/product.search.css?_=tbs_online_8_25_20

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

14.136.236.151 Central, Hong Kong, ASN9269 (HKBN-AS-AP Hong Kong Broadband Network Ltd., HK),

Reverse DNS

014136236151.static.ctinets.com

Software

tengine / wingonServer

Resource Hash

6651bd66f89751ff3b1c15f7295a0250d70b605488a17862a0d5f47fcdcdd5f0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tours.wingontravel.com/dest/LongHaultravel-5-5?allianceid=7&ouid=1iXEdYcBvhzjj6G_IC9I&SID=1&utm_source=foxpage&utm_id=EDM2023DM123&utm_medium=Email&utm_campaign=EDM2023DM123-TBS-23Apr12&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 07:54:31 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: frame-ancestors 'self'
last-modified: Mon, 03 Apr 2023 09:39:10 GMT
server: tengine
etag: W/"1d966102465a6ae"
x-powered-by: wingonServer
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
x-envoy-upstream-service-time: 4
x-xss-protection: 1; mode=block

GET
H2 200 header.query.min.js Show response
webresource.wingontravel.com/headerfooter/Content/js/ 88 KB
31 KB 1361ms
429ms Script
application/x-javascript 115.160.189.3
HKBNES-AS-AP HKBN...

General

Check archive.org

Show headers Download Go to

Full URL

https://webresource.wingontravel.com/headerfooter/Content/js/header.query.min.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

115.160.189.3 Sai Wan, Hong Kong, ASN9381 (HKBNES-AS-AP HKBN Enterprise Solutions HK Limited, HK),

Reverse DNS

vsa2.hkecl.net

Software

nginx /

Resource Hash

280a2efc19b95696ae52b137e0d7e07889f15bcd075add47706c3bba5f0ef14c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tours.wingontravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 07:54:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
last-modified: Tue, 21 Mar 2023 01:00:13 GMT
server: nginx
content-security-policy: frame-ancestors 'self'
etag: "160d8-5f75e90e7884a-gzip"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/x-javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 31516
x-xss-protection: 1; mode=block

GET
H2 200 client Show response
accounts.google.com/gsi/ 195 KB
77 KB 196ms
91ms Script
application/javascript 2a00:1450:4001:80f::200d

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/client

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200d -, , ASN (),

Reverse DNS

Software

ESF /

Resource Hash

dabe0c04d1eedfca7c4ede5cf46ad0b5224604b311f83519b17b0bcb7faa24de

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-SjwVpo6f5Oe1vUt5zYogJg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tours.wingontravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 07:54:34 GMT
content-security-policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-SjwVpo6f5Oe1vUt5zYogJg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=1800
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Thu, 13 Apr 2023 07:54:34 GMT

GET
H2 200 header-message.js Show response
webresource.wingontravel.com/headerfooter/Content/js/ 2 KB
1 KB 1359ms
428ms Script
application/x-javascript 115.160.189.3
HKBNES-AS-AP HKBN...

General

Check archive.org

Show headers Download Go to

Full URL

https://webresource.wingontravel.com/headerfooter/Content/js/header-message.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

115.160.189.3 Sai Wan, Hong Kong, ASN9381 (HKBNES-AS-AP HKBN Enterprise Solutions HK Limited, HK),

Reverse DNS

vsa2.hkecl.net

Software

nginx /

Resource Hash

b1be1585f542c01a314e1c7a301fdeeeb036d1fac34f2b952124e24b97b86eb8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tours.wingontravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 07:54:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
last-modified: Tue, 21 Mar 2023 01:00:13 GMT
server: nginx
content-security-policy: frame-ancestors 'self'
etag: "908-5f75e90df4ed2-gzip"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/x-javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 610
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK CrmQuickLogin.js Show response
members.wingontravel.com/Home/ 87 KB
25 KB 1910ms
428ms Script
application/x-javascript 14.136.236.141

General

Check archive.org

Show headers Download Go to

Full URL

https://members.wingontravel.com/Home/CrmQuickLogin.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

14.136.236.141 -, , ASN (),

Reverse DNS

Software

Resource Hash

2b707125b3c310fad257d554a21463bb98f261a18d5ba966f2848ee04a65daa6

Security Headers

Name	Value
Content-Security-Policy	object-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tours.wingontravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

CONTENT-SECURITY-POLICY: object-src 'self'
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000; includeSubDomains
Date: Thu, 13 Apr 2023 07:53:46 GMT
ETag: a0b6a5e3dd10a861dab4a4a0a6b65b70
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: private
Content-Length: 24591
X-XSS-PROTECTION: 1; mode=block

GET
H/1.1 200
OK CrmWealComponent.js Show response
members.wingontravel.com/Home/ 43 KB
13 KB 1930ms
434ms Script
application/x-javascript 14.136.236.141

General

Check archive.org

Show headers Download Go to

Full URL

https://members.wingontravel.com/Home/CrmWealComponent.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

14.136.236.141 -, , ASN (),

Reverse DNS

Software

Resource Hash

f704be628d8d83aeb9a7da1d3bb660087017822abfabf67888c7657a6761dada

Security Headers

Name	Value
Content-Security-Policy	object-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tours.wingontravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

CONTENT-SECURITY-POLICY: object-src 'self'
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000; includeSubDomains
Date: Thu, 13 Apr 2023 07:53:46 GMT
ETag: 4769d5ddcab5b7650b5d930bcbdc192e
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: private
Content-Length: 12473
X-XSS-PROTECTION: 1; mode=block

GET
H2 200 google-oauth.min.js Show response
webresource.wingontravel.com/headerfooter/Content/js/ 4 KB
2 KB 1360ms
429ms Script
application/x-javascript 115.160.189.3
HKBNES-AS-AP HKBN...

General

Check archive.org

Show headers Download Go to

Full URL

https://webresource.wingontravel.com/headerfooter/Content/js/google-oauth.min.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

115.160.189.3 Sai Wan, Hong Kong, ASN9381 (HKBNES-AS-AP HKBN Enterprise Solutions HK Limited, HK),

Reverse DNS

vsa2.hkecl.net

Software

nginx /

Resource Hash

802c1b40ff27875ff4654ce8499c1c2b9bf499c2a6358405bab05850b199fd2b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tours.wingontravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 07:54:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
last-modified: Tue, 21 Mar 2023 01:00:13 GMT
server: nginx
content-security-policy: frame-ancestors 'self'
etag: "e13-5f75e90dea6da-gzip"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/x-javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 1463
x-xss-protection: 1; mode=block

GET
H2 200 manifest.js Show response
tours.wingontravel.com/Content/WebJS/js/ 826 B
786 B 229ms
227ms Script
application/javascript 14.136.236.151
HKBN-AS-AP Hong K...

General

Check archive.org

Show headers Download Go to

Full URL

https://tours.wingontravel.com/Content/WebJS/js/manifest.js?_=tbs_online_8_25_20

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

14.136.236.151 Central, Hong Kong, ASN9269 (HKBN-AS-AP Hong Kong Broadband Network Ltd., HK),

Reverse DNS

014136236151.static.ctinets.com

Software

tengine / wingonServer

Resource Hash

a5f450c93d3e937e8e5fb011fb6fd2a5f5d979265eb4f23a4b72dd74b10a90c1

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tours.wingontravel.com/dest/LongHaultravel-5-5?allianceid=7&ouid=1iXEdYcBvhzjj6G_IC9I&SID=1&utm_source=foxpage&utm_id=EDM2023DM123&utm_medium=Email&utm_campaign=EDM2023DM123-TBS-23Apr12&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 07:54:31 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: frame-ancestors 'self'
last-modified: Mon, 03 Apr 2023 09:39:10 GMT
server: tengine
etag: W/"1d966102461303a"
x-powered-by: wingonServer
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-envoy-upstream-service-time: 2
x-xss-protection: 1; mode=block

GET
H2 200 vendor.js Show response
tours.wingontravel.com/Content/WebJS/js/ 983 KB
285 KB 462ms
461ms Script
application/javascript 14.136.236.151
HKBN-AS-AP Hong K...

General

Check archive.org

Show headers Download Go to

Full URL

https://tours.wingontravel.com/Content/WebJS/js/vendor.js?_=tbs_online_8_25_20

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

14.136.236.151 Central, Hong Kong, ASN9269 (HKBN-AS-AP Hong Kong Broadband Network Ltd., HK),

Reverse DNS

014136236151.static.ctinets.com

Software

tengine / wingonServer

Resource Hash

611fdd1aee31d8fde48103f886e829b34a2e6597159cd7d8228667f9ef53b18f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tours.wingontravel.com/dest/LongHaultravel-5-5?allianceid=7&ouid=1iXEdYcBvhzjj6G_IC9I&SID=1&utm_source=foxpage&utm_id=EDM2023DM123&utm_medium=Email&utm_campaign=EDM2023DM123-TBS-23Apr12&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 07:54:31 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: frame-ancestors 'self'
last-modified: Mon, 03 Apr 2023 09:39:10 GMT
server: tengine
etag: W/"1d96610246e6805"
x-powered-by: wingonServer
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-envoy-upstream-service-time: 3
x-xss-protection: 1; mode=block

GET
H2 200 chunks.common.js Show response
tours.wingontravel.com/Content/WebJS/js/ 106 KB
27 KB 464ms
462ms Script
application/javascript 14.136.236.151
HKBN-AS-AP Hong K...

General

Check archive.org

Show headers Download Go to

Full URL

https://tours.wingontravel.com/Content/WebJS/js/chunks.common.js?_=tbs_online_8_25_20

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

14.136.236.151 Central, Hong Kong, ASN9269 (HKBN-AS-AP Hong Kong Broadband Network Ltd., HK),

Reverse DNS

014136236151.static.ctinets.com

Software

tengine / wingonServer

Resource Hash

61aa777426b5393e891dd5e9f8d3c33124df2da7ad8e9459c5e0178d6a7f1a96

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tours.wingontravel.com/dest/LongHaultravel-5-5?allianceid=7&ouid=1iXEdYcBvhzjj6G_IC9I&SID=1&utm_source=foxpage&utm_id=EDM2023DM123&utm_medium=Email&utm_campaign=EDM2023DM123-TBS-23Apr12&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 07:54:31 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: frame-ancestors 'self'
last-modified: Mon, 03 Apr 2023 09:39:10 GMT
server: tengine
etag: W/"1d9661024609b00"
x-powered-by: wingonServer
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-envoy-upstream-service-time: 4
x-xss-protection: 1; mode=block

GET
H2 200 product.search.js Show response
tours.wingontravel.com/Content/WebJS/js/ 179 KB
46 KB 464ms
463ms Script
application/javascript 14.136.236.151
HKBN-AS-AP Hong K...

General

Check archive.org

Show headers Download Go to

Full URL

https://tours.wingontravel.com/Content/WebJS/js/product.search.js?_=tbs_online_8_25_20

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

14.136.236.151 Central, Hong Kong, ASN9269 (HKBN-AS-AP Hong Kong Broadband Network Ltd., HK),

Reverse DNS

014136236151.static.ctinets.com

Software

tengine / wingonServer

Resource Hash

9ad68b2fdf9cdf109a1b1eba67b2b3e6ded4d7b166838dc784295195ff87b8c9

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tours.wingontravel.com/dest/LongHaultravel-5-5?allianceid=7&ouid=1iXEdYcBvhzjj6G_IC9I&SID=1&utm_source=foxpage&utm_id=EDM2023DM123&utm_medium=Email&utm_campaign=EDM2023DM123-TBS-23Apr12&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 07:54:31 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: frame-ancestors 'self'
last-modified: Mon, 03 Apr 2023 09:39:10 GMT
server: tengine
etag: W/"1d966102463f99a"
x-powered-by: wingonServer
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-envoy-upstream-service-time: 6
x-xss-protection: 1; mode=block

GET
H2 200 2vm.jpg
webresource.wingontravel.com/headerfooter/Content/images/ 38 KB
39 KB 212ms
211ms Image
image/jpeg 115.160.189.3
HKBNES-AS-AP HKBN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://webresource.wingontravel.com/headerfooter/Content/images/2vm.jpg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

115.160.189.3 Sai Wan, Hong Kong, ASN9381 (HKBNES-AS-AP HKBN Enterprise Solutions HK Limited, HK),

Reverse DNS

vsa2.hkecl.net

Software

nginx /

Resource Hash

c8aa9c8a8e396abb567b45cd194d6a1e63068026ed2b5a157e2219b0a3b5888c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tours.wingontravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 07:54:34 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
last-modified: Tue, 21 Mar 2023 01:00:10 GMT
server: nginx
etag: "99d3-5f75e90bb964a"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
accept-ranges: bytes
content-length: 39379
x-xss-protection: 1; mode=block

GET
H2 200 eztravel.png
webresource.wingontravel.com/headerfooter/Content/images/ 2 KB
3 KB 631ms
630ms Image
image/png 115.160.189.3
HKBNES-AS-AP HKBN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://webresource.wingontravel.com/headerfooter/Content/images/eztravel.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

115.160.189.3 Sai Wan, Hong Kong, ASN9381 (HKBNES-AS-AP HKBN Enterprise Solutions HK Limited, HK),

Reverse DNS

vsa2.hkecl.net

Software

nginx /

Resource Hash

3aedb297adf29cff8f749e6c53093d8bc7e61f420a87750c6b5d34abab2a68e6

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tours.wingontravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 07:54:34 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
last-modified: Tue, 21 Mar 2023 01:00:11 GMT
server: nginx
etag: "91d-5f75e90c5b03a"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
content-length: 2333
x-xss-protection: 1; mode=block

GET
H2 200 analysis.min.js Show response
webresource.wingontravel.com/headerfooter/Content/js/ 4 KB
2 KB 632ms
629ms Script
application/x-javascript 115.160.189.3
HKBNES-AS-AP HKBN...

General

Check archive.org

Show headers Download Go to

Full URL

https://webresource.wingontravel.com/headerfooter/Content/js/analysis.min.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

115.160.189.3 Sai Wan, Hong Kong, ASN9381 (HKBNES-AS-AP HKBN Enterprise Solutions HK Limited, HK),

Reverse DNS

vsa2.hkecl.net

Software

nginx /

Resource Hash

db3b633da4f579137dbd65a532beda8c381b6f0a96dc4f8a7a2f2ef58b890ce0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tours.wingontravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 07:54:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
last-modified: Tue, 21 Mar 2023 01:00:12 GMT
server: nginx
content-security-policy: frame-ancestors 'self'
etag: "e59-5f75e90dd474a-gzip"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/x-javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 1528
x-xss-protection: 1; mode=block

GET
H2 200 TBS_events.js Show response
tours.wingontravel.com/Scripts/ 4 KB
2 KB 232ms
230ms Script
application/javascript 14.136.236.151
HKBN-AS-AP Hong K...

General

Check archive.org

Show headers Download Go to

Full URL

https://tours.wingontravel.com/Scripts/TBS_events.js?_=tbs_online_8_25_20

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

14.136.236.151 Central, Hong Kong, ASN9269 (HKBN-AS-AP Hong Kong Broadband Network Ltd., HK),

Reverse DNS

014136236151.static.ctinets.com

Software

tengine / wingonServer

Resource Hash

f42b0c7f04e2ec56d73d8895df456650f86473c5c96cf27570bc3db09d34ba94

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tours.wingontravel.com/dest/LongHaultravel-5-5?allianceid=7&ouid=1iXEdYcBvhzjj6G_IC9I&SID=1&utm_source=foxpage&utm_id=EDM2023DM123&utm_medium=Email&utm_campaign=EDM2023DM123-TBS-23Apr12&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 07:54:33 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: frame-ancestors 'self'
last-modified: Mon, 03 Apr 2023 09:39:10 GMT
server: tengine
etag: W/"1d966102461224e"
x-powered-by: wingonServer
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-envoy-upstream-service-time: 3
x-xss-protection: 1; mode=block

GET
H2 200 jquery-1.7.1.min.js Show response
tours.wingontravel.com/Scripts/ 92 KB
33 KB 231ms
229ms Script
application/javascript 14.136.236.151
HKBN-AS-AP Hong K...

General

Check archive.org

Show headers Download Go to

Full URL

https://tours.wingontravel.com/Scripts/jquery-1.7.1.min.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

14.136.236.151 Central, Hong Kong, ASN9269 (HKBN-AS-AP Hong Kong Broadband Network Ltd., HK),

Reverse DNS

014136236151.static.ctinets.com

Software

tengine / wingonServer

Resource Hash

863cd492b5b90e6518292dd9684fa54a5485d361a229b81a85cfc08de6ce899f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tours.wingontravel.com/dest/LongHaultravel-5-5?allianceid=7&ouid=1iXEdYcBvhzjj6G_IC9I&SID=1&utm_source=foxpage&utm_id=EDM2023DM123&utm_medium=Email&utm_campaign=EDM2023DM123-TBS-23Apr12&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 07:54:33 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: frame-ancestors 'self'
last-modified: Mon, 03 Apr 2023 09:39:10 GMT
server: tengine
etag: W/"1d9661024605daf"
x-powered-by: wingonServer
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-envoy-upstream-service-time: 3
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK CrmQuickLogin.js Show response
members.wingontravel.com/Home/ 87 KB
25 KB 224ms
223ms Script
application/x-javascript 14.136.236.141

General

Check archive.org

Show headers Download Go to

Full URL

https://members.wingontravel.com/Home/CrmQuickLogin.js?_=tbs_online_8_25_20

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

14.136.236.141 -, , ASN (),

Reverse DNS

Software

Resource Hash

2b707125b3c310fad257d554a21463bb98f261a18d5ba966f2848ee04a65daa6

Security Headers

Name	Value
Content-Security-Policy	object-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tours.wingontravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

CONTENT-SECURITY-POLICY: object-src 'self'
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000; includeSubDomains
Date: Thu, 13 Apr 2023 07:53:48 GMT
ETag: a0b6a5e3dd10a861dab4a4a0a6b65b70
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: private
Content-Length: 24591
X-XSS-PROTECTION: 1; mode=block

GET
H2 200 web_chat_entry.js Show response
m.wingontravel.com/crocodile/ 5 KB
2 KB 637ms
217ms Script
application/x-javascript 115.160.189.12

General

Check archive.org

Show headers Download Go to

Full URL

https://m.wingontravel.com/crocodile/web_chat_entry.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

115.160.189.12 -, , ASN (),

Reverse DNS

Software

Tengine / wingonServer

Resource Hash

c251648289ae2cceda511cbcc2221901f4f6978113159c8d3f51ff1b8ff1e922

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self', frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000, max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tours.wingontravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 07:54:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000, max-age=31536000
content-security-policy: frame-ancestors 'self', frame-ancestors 'self'
x-powered-by: wingonServer
content-length: 1582
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Wed, 18 Sep 2019 09:26:12 GMT
server: Tengine
etag: "159a-592d06d8c0bf1-gzip"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: application/x-javascript
access-control-allow-origin: *
accept-ranges: bytes

GET
H2 200 clientid Show response
m.wingontravel.com/api/wireless/ 35 B
345 B 1275ms
216ms XHR
application/json 115.160.189.12

General

Check archive.org

Show headers Download Go to

Full URL: https://m.wingontravel.com/api/wireless/clientid?platform=03
Requested by: Host: webresource.wingontravel.com
URL: https://webresource.wingontravel.com/headerfooter/Content/js/masterpage.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 115.160.189.12 -, , ASN (),
Reverse DNS
Software: Tengine / Express, wireless_wingon_p
Resource Hash: 6b433720c12b76bc0c98234777fe70e36c216d78d1df6a16f173942584d52567

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tours.wingontravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 07:54:33 GMT
server: Tengine
x-powered-by: Express, wireless_wingon_p
etag: W/"23-9kJZ0z7ixhMVecDFyeGrq108xbA"
access-control-allow-methods: PUT,POST,GET,DELETE,OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-envoy-upstream-service-time: 4
access-control-allow-headers: X-Requested-With, accept, origin, content-type
content-length: 35

GET
H2 200 logo_v2.png
webresource.wingontravel.com/headerfooter/Content/images/ 39 KB
39 KB 625ms
624ms Image
image/png 115.160.189.3
HKBNES-AS-AP HKBN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://webresource.wingontravel.com/headerfooter/Content/images/logo_v2.png

Requested by

Host: webresource.wingontravel.com
URL: https://webresource.wingontravel.com/headerfooter/Content/css/header_footer.min.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

115.160.189.3 Sai Wan, Hong Kong, ASN9381 (HKBNES-AS-AP HKBN Enterprise Solutions HK Limited, HK),

Reverse DNS

vsa2.hkecl.net

Software

nginx /

Resource Hash

d13a6c75642a6537e18a56944f3ada6efe7df43d1522b6daec8191f4668a91a2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://webresource.wingontravel.com/headerfooter/Content/css/header_footer.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 07:54:34 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
last-modified: Tue, 21 Mar 2023 01:00:12 GMT
server: nginx
etag: "9a5c-5f75e90cf4d2a"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
content-length: 39516
x-xss-protection: 1; mode=block

GET
DATA 200
OK truncated
/ 7 KB
7 KB Font
application/x-font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 26b486e9a2f9f2610e7725137323ca62f301a668c5be5bc0ed21b67f323b4a49

Request headers

Referer
Origin: https://tours.wingontravel.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: application/x-font-woff2;charset=utf-8

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 103ms
23ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: members.wingontravel.com
URL: https://members.wingontravel.com/Home/CrmQuickLogin.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 -, , ASN (),

Reverse DNS

Software

Resource Hash

7b0247fcdda5cb3d01f155bb872ac6a05fea084a3e872bf54433bb9a2f3f330a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tours.wingontravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 13 Apr 2023 07:54:34 GMT
content-md5: +axDG+Qzdx1Ll07ANSuJdw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1686
x-fb-rlafr: 0
x-fb-debug: sy0RlslHNQy9ipmepq37bXidkzcmw2sOULDbb1tQkqGCq0aNsEsIDIogwL3/jojK5IdNlKkhM0D+kqN6xEA9Kg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 2050670934
x-fb-content-md5: 437d67716334f0fe4f9256874930c6ff
cross-origin-opener-policy: same-origin-allow-popups
etag: "f029e18a24566091cea162a40712957c"
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
x-frame-options: DENY
timing-allow-origin: *
expires: Thu, 13 Apr 2023 08:06:00 GMT

GET
H2 200 api:client.js Show response
apis.google.com/js/ 17 KB
7 KB 108ms
31ms Script
text/javascript 2a00:1450:4001:810::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/api:client.js?_=1681372473916

Requested by

Host: webresource.wingontravel.com
URL: https://webresource.wingontravel.com/headerfooter/Content/js/header.query.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

36414480f9c7b5ab976271397bcbe0c64d2d057859f9c82c3048d3780ca7ac1d

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tours.wingontravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 13 Apr 2023 07:54:34 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6895
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "d6eda21fddff6c75"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 13 Apr 2023 07:54:34 GMT

POST
H2 200 GetWealByPageCode Show response
m.wingontravel.com/api/member/appreciation/MemberWeal/ 71 B
357 B 277ms
277ms XHR
application/json 115.160.189.12

General

Check archive.org

Show headers Download Go to

Full URL: https://m.wingontravel.com/api/member/appreciation/MemberWeal/GetWealByPageCode
Requested by: Host: webresource.wingontravel.com
URL: https://webresource.wingontravel.com/headerfooter/Content/js/header.query.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 115.160.189.12 -, , ASN (),
Reverse DNS
Software: Tengine /
Resource Hash: b3bd4f98dbc336d8ae942f7abfec18bc81ba8f4faace4fd70f9e7c3772b1e276

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://tours.wingontravel.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Thu, 13 Apr 2023 07:54:34 GMT
content-encoding: gzip
server: Tengine
vary: Accept-Encoding, Origin,Access-Control-Request-Method,Access-Control-Request-Headers
upstream: K1
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://tours.wingontravel.com
access-control-allow-credentials: true
x-envoy-upstream-service-time: 65

OPTIONS
H2 200 GetWealByPageCode
m.wingontravel.com/api/member/appreciation/MemberWeal/ Frame 0
0 212ms
211ms Preflight 115.160.189.12

General

Check archive.org

Show headers Download Go to

Full URL: https://m.wingontravel.com/api/member/appreciation/MemberWeal/GetWealByPageCode
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 115.160.189.12 -, , ASN (),
Reverse DNS
Software: Tengine /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://tours.wingontravel.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,POST,DELETE,PUT
access-control-allow-origin: https://tours.wingontravel.com
access-control-max-age: 3600
allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
content-length: 0
date: Thu, 13 Apr 2023 07:54:34 GMT
server: Tengine
upstream: K2
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-envoy-upstream-service-time: 1

GET
H2 200 GetAreaProductCategorys
tours.wingontravel.com/Product/ 33 KB
0 230ms
229ms XHR
application/json 14.136.236.151
HKBN-AS-AP Hong K...

General

Check archive.org

Show headers Download Go to

Full URL

https://tours.wingontravel.com/Product/GetAreaProductCategorys

Requested by

Host: tours.wingontravel.com
URL: https://tours.wingontravel.com/Content/WebJS/js/vendor.js?_=tbs_online_8_25_20

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

14.136.236.151 Central, Hong Kong, ASN9269 (HKBN-AS-AP Hong Kong Broadband Network Ltd., HK),

Reverse DNS

014136236151.static.ctinets.com

Software

tengine / wingonServer

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://tours.wingontravel.com/dest/LongHaultravel-5-5?allianceid=7&ouid=1iXEdYcBvhzjj6G_IC9I&SID=1&utm_source=foxpage&utm_id=EDM2023DM123&utm_medium=Email&utm_campaign=EDM2023DM123-TBS-23Apr12&
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 07:54:34 GMT
strict-transport-security: max-age=31536000
content-security-policy: frame-ancestors 'self'
server: tengine
etag: "Ma7CHgCU_mie9ga9wrykYhmBHyA"
x-powered-by: wingonServer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
x-envoy-upstream-service-time: 3
x-xss-protection: 1; mode=block

GET
DATA 200
OK truncated
/ 247 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f1e5e74235d095069b8de1a0bc8ef8826fb33e115937ba9f5747cf6b53740a7d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/png

GET element-icons.535877f.woff
tours.wingontravel.com/Content/WebJS/fonts/ 0
0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 84ms
25ms Script
text/javascript 2a00:1450:4001:828::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: webresource.wingontravel.com
URL: https://webresource.wingontravel.com/headerfooter/Content/js/analysis.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e -, , ASN (),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tours.wingontravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 13 Apr 2023 06:05:09 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 6565
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Thu, 13 Apr 2023 08:05:09 GMT

GET
H2 200 gtm.js
www.googletagmanager.com/ 394 KB
93 KB 282ms
65ms Script
application/javascript 2a00:1450:4001:830::2008

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-N3645R

Requested by

Host: webresource.wingontravel.com
URL: https://webresource.wingontravel.com/headerfooter/Content/js/analysis.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 -, , ASN (),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tours.wingontravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 07:54:34 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 94540
x-xss-protection: 0
last-modified: Thu, 13 Apr 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 13 Apr 2023 07:54:34 GMT

GET
H2 200 bat.js
bat.bing.com/ 40 KB
12 KB 266ms
49ms Script
application/javascript 2620:1ec:c11::200

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: webresource.wingontravel.com
URL: https://webresource.wingontravel.com/headerfooter/Content/js/analysis.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 -, , ASN (),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tours.wingontravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Thu, 13 Apr 2023 07:54:34 GMT
last-modified: Thu, 16 Feb 2023 18:31:53 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 31F7E67FA3F641339DBC787D42AF9518 Ref B: AMS04EDGE3405 Ref C: 2023-04-13T07:54:34Z
etag: "8072cff03442d91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 11894

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 107 KB
28 KB 22ms
20ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: webresource.wingontravel.com
URL: https://webresource.wingontravel.com/headerfooter/Content/js/analysis.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 -, , ASN (),

Reverse DNS

Software

Resource Hash

0ec06672fe3c64b5f9a2734153c38dc3aac1a84dd0c656447e4f393339608db6

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tours.wingontravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 13 Apr 2023 07:54:34 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27909
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: kl5Nmg+7EdrmWEbKRwcDDGDZeB0AMvt66uxRehgQ01XGM2Kfn34ThxfsfEWnpXttpTx4A5nkz1T0olJInY21qg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 2050670934
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 ytc.js
s.yimg.com/wi/ 16 KB
6 KB 236ms
21ms Script
application/javascript 2a00:1288:80:807::2

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Host: webresource.wingontravel.com
URL: https://webresource.wingontravel.com/headerfooter/Content/js/analysis.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 -, , ASN (),

Reverse DNS

Software

ATS /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tours.wingontravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 07:54:32 GMT
x-amz-version-id: .QD3nDfK79S8_ikLSJXTL23Tdis9tg0C
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: ZWTC1YH5HG8M5ZSB
age: 3
x-amz-server-side-encryption: AES256
x-amz-id-2: 51WNbdMzchz27i3Fd0vTA8J9pUHjhoX/5XW2H++WYIq86RmBZb+vUE5LhGcY5wypRMhglU6rShUMNB0nQbt4JdgsyZ35eEBnl9h1AEROmuo=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Thu, 20 Jul 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Tue, 14 Jun 2022 12:21:31 GMT
server: ATS
etag: "6a624022b5d271dcefb070b0b6670abc-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=3600
accept-ranges: bytes

GET
H2 200 wg_site_icons.png
webresource.wingontravel.com/headerfooter/Content/images/ 96 KB
96 KB 213ms
212ms Image
image/png 115.160.189.3
HKBNES-AS-AP HKBN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://webresource.wingontravel.com/headerfooter/Content/images/wg_site_icons.png?v=20180205

Requested by

Host: webresource.wingontravel.com
URL: https://webresource.wingontravel.com/headerfooter/Content/css/header_footer.min.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

115.160.189.3 Sai Wan, Hong Kong, ASN9381 (HKBNES-AS-AP HKBN Enterprise Solutions HK Limited, HK),

Reverse DNS

vsa2.hkecl.net

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://webresource.wingontravel.com/headerfooter/Content/css/header_footer.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 07:54:35 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
last-modified: Tue, 21 Mar 2023 01:00:12 GMT
server: nginx
etag: "17e6d-5f75e90da5562"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
content-length: 97901
x-xss-protection: 1; mode=block

GET registerSW.js
webpush.wingontravel.com/ws/ 0
0

GET analytics.js
cuckoo.wingontravel.com/analytics/ 0
0

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 306 KB
87 KB 49ms
26ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=b86dd03183153deb67cbde02e8c14079

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 -, , ASN (),

Reverse DNS

Software

Resource Hash

b816647b078f2967c9daffd11d2850815f309df01aed05ebf3a93559c3e003fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://tours.wingontravel.com/
Origin: https://tours.wingontravel.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 13 Apr 2023 07:54:34 GMT
content-md5: kVCO6TwQD9FTPMg08C58/A==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88564
x-fb-rlafr: 0
x-fb-debug: HhyjZn+Oj+O0GpK/QzHDYx7HiBj3/250rKJhnkEc/gC5K4aEyi14p+W+Vem2L9roulKEqS0ZvSmbj0yXYWfJhg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 7ddd6314a0d412ad5a03aae42d5ecb83
cross-origin-opener-policy: same-origin-allow-popups
etag: "3e61226bf857319924fed8ecef8d4a95"
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
x-frame-options: DENY
timing-allow-origin: *
priority: u=3,i
expires: Fri, 12 Apr 2024 07:35:33 GMT

GET
H2 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.nl.FR_GGCoVxHA.O/m=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-e6nboIIFTKsrbl_jrcbXu7xY9IA/ 315 KB
108 KB 41ms
39ms Script
text/javascript 2a00:1450:4001:810::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.nl.FR_GGCoVxHA.O/m=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-e6nboIIFTKsrbl_jrcbXu7xY9IA/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/api:client.js?_=1681372473916

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

22bb5a785e770febe7c9102627e128c94a999614f6ded1a40673e32e910f6a7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tours.wingontravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 00:57:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 111454
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110193
x-xss-protection: 0
last-modified: Thu, 09 Mar 2023 16:31:32 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 11 Apr 2024 00:57:00 GMT

GET
H2 200 cb=gapi.loaded_1 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.nl.FR_GGCoVxHA.O/m=auth2/exm=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-e6nboIIFTKsrbl_jrcbXu7xY9IA/ 62 B
478 B 22ms
21ms Script
text/javascript 2a00:1450:4001:810::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.nl.FR_GGCoVxHA.O/m=auth2/exm=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-e6nboIIFTKsrbl_jrcbXu7xY9IA/cb=gapi.loaded_1?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/api:client.js?_=1681372473916

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

27095d13a9c6e755cb20dc225c60d419aaea91a9ec240b842527daea5c98a3ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tours.wingontravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 17:57:51 GMT
x-content-type-options: nosniff
age: 50203
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62
x-xss-protection: 0
last-modified: Thu, 09 Mar 2023 16:31:32 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 11 Apr 2024 17:57:51 GMT

GET
H2 200 style
accounts.google.com/gsi/ 533 B
585 B 210ms
206ms Stylesheet
text/css 2a00:1450:4001:80f::200d

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/style

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/gsi/client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200d -, , ASN (),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-gyQcjaCon29qJOnalZiuyg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tours.wingontravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 07:54:34 GMT
content-security-policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-gyQcjaCon29qJOnalZiuyg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type: text/css; charset=utf-8
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Thu, 13 Apr 2023 07:54:34 GMT

GET
H3 200 1619595334960635
connect.facebook.net/signals/config/ 378 KB
108 KB 39ms
35ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1619595334960635?v=2.9.101&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 -, , ASN (),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tours.wingontravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 13 Apr 2023 07:54:34 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 110375
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: hqb9bxsZCJNzSV9nMYUxxVDKZ3J6oZifWPOHQ4QscDf0Bf/IVXrLGoXFUF6kBm3qg96slX8VCJgZq1lzITxiMg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 collect
stats.g.doubleclick.net/j/ 4 B
355 B 133ms
22ms XHR
text/plain 2a00:1450:400c:c0c::9d

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-34690760-1&cid=214880780.1681372475&jid=1276563963&gjid=1488254212&_gid=796544112.1681372475&_u=IGBAgAABAAAAAEAAI~&z=1633716203

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9d -, , ASN (),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://tours.wingontravel.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 13 Apr 2023 07:54:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://tours.wingontravel.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 33ms
33ms Image
image/gif 2a00:1450:4001:828::200e

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=383423851&t=pageview&_s=1&dl=https%3A%2F%2Ftours.wingontravel.com%2Fdest%2FLongHaultravel-5-5%3Fallianceid%3D7%26ouid%3D1iXEdYcBvhzjj6G_IC9I%26SID%3D1%26utm_source%3Dfoxpage%26utm_id%3DEDM2023DM123%26utm_medium%3DEmail%26utm_campaign%3DEDM2023DM123-TBS-23Apr12%26&dr=https%3A%2F%2Fwww.trip.com%2F&ul=en-us&de=UTF-8&dt=%E9%95%B7%E7%B7%9A%E6%97%85%E8%A1%8C%E5%9C%98%2C%E9%95%B7%E7%B7%9A%E6%97%85%E9%81%8A%2C%E9%95%B7%E7%B7%9A%E6%97%85%E8%A1%8C%E5%9C%98%E5%84%AA%E6%83%A0-%E6%B0%B8%E5%AE%89%E6%97%85%E9%81%8A&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IGBAgAABAAAAAAAAI~&jid=1276563963&gjid=1488254212&cid=214880780.1681372475&tid=UA-34690760-1&_gid=796544112.1681372475&z=809739062

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e -, , ASN (),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tours.wingontravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Apr 2023 19:05:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 46161
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET iframe
accounts.google.com/o/oauth2/ Frame FD38 0
0

GET
H2 200 /
www.facebook.com/tr/ 0
186 B 87ms
22ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1619595334960635&ev=PageView&dl=https%3A%2F%2Ftours.wingontravel.com%2Fdest%2FLongHaultravel-5-5%3Fallianceid%3D7%26ouid%3D1iXEdYcBvhzjj6G_IC9I%26SID%3D1%26utm_source%3Dfoxpage%26utm_id%3DEDM2023DM123%26utm_medium%3DEmail%26utm_campaign%3DEDM2023DM123-TBS-23Apr12%26&rl=https%3A%2F%2Fwww.trip.com%2F&if=false&ts=1681372474853&sw=1600&sh=1200&v=2.9.101&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1681372474852.1603544787&it=1681372474702&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de -, , ASN (),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tours.wingontravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 13 Apr 2023 07:54:34 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
409 B 96ms
46ms Image
image/gif 2a00:1450:4001:80e::2004

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-34690760-1&cid=214880780.1681372475&jid=1276563963&_u=IGBAgAABAAAAAEAAI~&z=857746454

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tours.wingontravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Apr 2023 07:54:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.nl/ads/ 42 B
409 B 126ms
55ms Image
image/gif 2a00:1450:4001:829::2003

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-34690760-1&cid=214880780.1681372475&jid=1276563963&_u=IGBAgAABAAAAAEAAI~&z=857746454

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tours.wingontravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Apr 2023 07:54:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ 43 B
635 B 134ms
39ms Image
image/gif 212.82.100.181

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=1000128285921&d=Thu%2C%2013%20Apr%202023%2007%3A54%3A34%20GMT&n=0&b=%E9%95%B7%E7%B7%9A%E6%97%85%E8%A1%8C%E5%9C%98%2C%E9%95%B7%E7%B7%9A%E6%97%85%E9%81%8A%2C%E9%95%B7%E7%B7%9A%E6%97%85%E8%A1%8C%E5%9C%98%E5%84%AA%E6%83%A0-%E6%B0%B8%E5%AE%89%E6%97%85%E9%81%8A&.yp=32738&f=https%3A%2F%2Ftours.wingontravel.com%2Fdest%2FLongHaultravel-5-5%3Fallianceid%3D7%26ouid%3D1iXEdYcBvhzjj6G_IC9I%26SID%3D1%26utm_source%3Dfoxpage%26utm_id%3DEDM2023DM123%26utm_medium%3DEmail%26utm_campaign%3DEDM2023DM123-TBS-23Apr12%26&e=https%3A%2F%2Fwww.trip.com%2F&enc=UTF-8&yv=1.13.0&package_id=&pageURL=https%253A%252F%252Ftours.wingontravel.com%252Fdest%252FLongHaultravel-5-5%253Fallianceid%253D7%2526ouid%253D1iXEdYcBvhzjj6G_IC9I%2526SID%253D1%2526utm_source%253Dfoxpage%2526utm_id%253DEDM2023DM123%2526utm_medium%253DEmail%2526utm_campaign%253DEDM2023DM123-TBS-23Apr12%2526

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 -, , ASN (),

Reverse DNS

Software

ATS /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tours.wingontravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Apr 2023 07:54:35 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 1
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
accept-ranges: bytes
content-length: 43
expires: Thu, 13 Apr 2023 07:54:35 GMT

GET
H2 204 4015321.js
bat.bing.com/p/action/ 0
118 B 116ms
116ms Script
text/plain 2620:1ec:c11::200

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/4015321.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 -, , ASN (),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tours.wingontravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Thu, 13 Apr 2023 07:54:34 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A31AFF422B124017B42AE129122662A2 Ref B: AMS04EDGE3405 Ref C: 2023-04-13T07:54:34Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
288 B 35ms
34ms Image
text/plain 2620:1ec:c11::200

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=4015321&Ver=2&mid=28c48bf5-f639-40f7-bfa9-b6349e6315f6&sid=6e84dcc0d9d011eda8bd29c376346191&vid=6e84ea20d9d011edb3555906664a2b98&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=%E9%95%B7%E7%B7%9A%E6%97%85%E8%A1%8C%E5%9C%98,%E9%95%B7%E7%B7%9A%E6%97%85%E9%81%8A,%E9%95%B7%E7%B7%9A%E6%97%85%E8%A1%8C%E5%9C%98%E5%84%AA%E6%83%A0-%E6%B0%B8%E5%AE%89%E6%97%85%E9%81%8A&kw=%E9%95%B7%E7%B7%9A%E6%97%85%E8%A1%8C%E5%9C%98,%E9%95%B7%E7%B7%9A%E6%97%85%E9%81%8A,%E9%95%B7%E7%B7%9A%E6%97%85%E8%A1%8C%E5%9C%98%E5%84%AA%E6%83%A0,%E9%95%B7%E7%B7%9A%E6%97%85%E8%A1%8C%E5%9C%98%E5%83%B9%E6%A0%BC,%E9%95%B7%E7%B7%9A%E5%8C%85%E5%9C%98,%E6%B0%B8%E5%AE%89%E6%97%85%E9%81%8A&p=https%3A%2F%2Ftours.wingontravel.com%2Fdest%2FLongHaultravel-5-5%3Fallianceid%3D7%26ouid%3D1iXEdYcBvhzjj6G_IC9I%26SID%3D1%26utm_source%3Dfoxpage%26utm_id%3DEDM2023DM123%26utm_medium%3DEmail%26utm_campaign%3DEDM2023DM123-TBS-23Apr12%26&r=https%3A%2F%2Fwww.trip.com%2F&lt=5108&evt=pageLoad&sv=1&rn=31130

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 -, , ASN (),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tours.wingontravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 13 Apr 2023 07:54:34 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 264ED021255A413CA50CBE19BE1DA079 Ref B: AMS04EDGE3405 Ref C: 2023-04-13T07:54:34Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect
www.google-analytics.com/j/ 4 B
24 B 27ms
27ms XHR
text/plain 2a00:1450:4001:828::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=383423851&t=pageview&_s=1&dl=https%3A%2F%2Ftours.wingontravel.com%2Fdest%2FLongHaultravel-5-5%3Fallianceid%3D7%26ouid%3D1iXEdYcBvhzjj6G_IC9I%26SID%3D1%26utm_source%3Dfoxpage%26utm_id%3DEDM2023DM123%26utm_medium%3DEmail%26utm_campaign%3DEDM2023DM123-TBS-23Apr12%26&dr=https%3A%2F%2Fwww.trip.com%2F&ul=en-us&de=UTF-8&dt=%E9%95%B7%E7%B7%9A%E6%97%85%E8%A1%8C%E5%9C%98%2C%E9%95%B7%E7%B7%9A%E6%97%85%E9%81%8A%2C%E9%95%B7%E7%B7%9A%E6%97%85%E8%A1%8C%E5%9C%98%E5%84%AA%E6%83%A0-%E6%B0%B8%E5%AE%89%E6%97%85%E9%81%8A&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAEABAAAAAGAAI~&jid=1186024822&gjid=2024532836&cid=214880780.1681372475&tid=UA-34690760-5&_gid=796544112.1681372475&_r=1&_slc=1&gtm=45He34a0n71N3645R&z=2046368185

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e -, , ASN (),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://tours.wingontravel.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 13 Apr 2023 07:54:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://tours.wingontravel.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect
www.google-analytics.com/j/ 4 B
24 B 27ms
27ms XHR
text/plain 2a00:1450:4001:828::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=383423851&t=pageview&_s=1&dl=https%3A%2F%2Ftours.wingontravel.com%2Fdest%2FLongHaultravel-5-5%3Fallianceid%3D7%26ouid%3D1iXEdYcBvhzjj6G_IC9I%26SID%3D1%26utm_source%3Dfoxpage%26utm_id%3DEDM2023DM123%26utm_medium%3DEmail%26utm_campaign%3DEDM2023DM123-TBS-23Apr12%26&dr=https%3A%2F%2Fwww.trip.com%2F&ul=en-us&de=UTF-8&dt=%E9%95%B7%E7%B7%9A%E6%97%85%E8%A1%8C%E5%9C%98%2C%E9%95%B7%E7%B7%9A%E6%97%85%E9%81%8A%2C%E9%95%B7%E7%B7%9A%E6%97%85%E8%A1%8C%E5%9C%98%E5%84%AA%E6%83%A0-%E6%B0%B8%E5%AE%89%E6%97%85%E9%81%8A&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAEABAAAAAGAAI~&jid=1210589200&gjid=1685501733&cid=214880780.1681372475&tid=UA-34690760-4&_gid=796544112.1681372475&_r=1&_slc=1&gtm=45He34a0n71N3645R&z=713284483

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e -, , ASN (),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://tours.wingontravel.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 13 Apr 2023 07:54:35 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://tours.wingontravel.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect
www.google-analytics.com/j/ 4 B
24 B 27ms
27ms XHR
text/plain 2a00:1450:4001:828::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=383423851&t=pageview&_s=1&dl=https%3A%2F%2Ftours.wingontravel.com%2Fdest%2FLongHaultravel-5-5%3Fallianceid%3D7%26ouid%3D1iXEdYcBvhzjj6G_IC9I%26SID%3D1%26utm_source%3Dfoxpage%26utm_id%3DEDM2023DM123%26utm_medium%3DEmail%26utm_campaign%3DEDM2023DM123-TBS-23Apr12%26&dr=https%3A%2F%2Fwww.trip.com%2F&ul=en-us&de=UTF-8&dt=%E9%95%B7%E7%B7%9A%E6%97%85%E8%A1%8C%E5%9C%98%2C%E9%95%B7%E7%B7%9A%E6%97%85%E9%81%8A%2C%E9%95%B7%E7%B7%9A%E6%97%85%E8%A1%8C%E5%9C%98%E5%84%AA%E6%83%A0-%E6%B0%B8%E5%AE%89%E6%97%85%E9%81%8A&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAEABAAAAAGAAI~&jid=778461524&gjid=60561646&cid=214880780.1681372475&tid=UA-34690760-7&_gid=796544112.1681372475&_r=1&_slc=1&gtm=45He34a0n71N3645R&z=2009204736

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e -, , ASN (),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://tours.wingontravel.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 13 Apr 2023 07:54:35 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://tours.wingontravel.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
googleads.g.doubleclick.net/pagead/viewthroughconversion/965279151/ 3 KB
2 KB 130ms
70ms Script
text/javascript 2a00:1450:4001:812::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/965279151/?random=1681372474997&cv=11&fst=1681372474997&bg=ffffff&guid=ON&async=1&gtm=45He34a0&u_w=1600&u_h=1200&url=https%3A%2F%2Ftours.wingontravel.com%2Fdest%2FLongHaultravel-5-5%3Fallianceid%3D7%26ouid%3D1iXEdYcBvhzjj6G_IC9I%26SID%3D1%26utm_source%3Dfoxpage%26utm_id%3DEDM2023DM123%26utm_medium%3DEmail%26utm_campaign%3DEDM2023DM123-TBS-23Apr12%26&ref=https%3A%2F%2Fwww.trip.com%2F&label=Remarketing-Google%E4%B8%BB%E6%8E%A8%E7%94%A2%E5%93%81&hn=www.googleadservices.com&frm=0&tiba=%E9%95%B7%E7%B7%9A%E6%97%85%E8%A1%8C%E5%9C%98%2C%E9%95%B7%E7%B7%9A%E6%97%85%E9%81%8A%2C%E9%95%B7%E7%B7%9A%E6%97%85%E8%A1%8C%E5%9C%98%E5%84%AA%E6%83%A0-%E6%B0%B8%E5%AE%89%E6%97%85%E9%81%8A&auid=205951743.1681372475&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N3645R

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tours.wingontravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Apr 2023 07:54:35 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1465
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.googleadservices.com/pagead/conversion/955191440/ 3 KB
2 KB 125ms
37ms Script
text/javascript 142.250.185.226

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/955191440/?random=1681372475004&cv=11&fst=1681372475004&bg=ffffff&guid=ON&async=1&gtm=45He34a0&u_w=1600&u_h=1200&url=https%3A%2F%2Ftours.wingontravel.com%2Fdest%2FLongHaultravel-5-5%3Fallianceid%3D7%26ouid%3D1iXEdYcBvhzjj6G_IC9I%26SID%3D1%26utm_source%3Dfoxpage%26utm_id%3DEDM2023DM123%26utm_medium%3DEmail%26utm_campaign%3DEDM2023DM123-TBS-23Apr12%26&ref=https%3A%2F%2Fwww.trip.com%2F&label=exSACK_bkYkDEJChvMcD&hn=www.googleadservices.com&frm=0&tiba=%E9%95%B7%E7%B7%9A%E6%97%85%E8%A1%8C%E5%9C%98%2C%E9%95%B7%E7%B7%9A%E6%97%85%E9%81%8A%2C%E9%95%B7%E7%B7%9A%E6%97%85%E8%A1%8C%E5%9C%98%E5%84%AA%E6%83%A0-%E6%B0%B8%E5%AE%89%E6%97%85%E9%81%8A&value=0&bttype=purchase&auid=205951743.1681372475&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N3645R

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tours.wingontravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Apr 2023 07:54:35 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1779
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 137 KB
47 KB 144ms
91ms Script
text/javascript 2a00:1450:4001:82a::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N3645R

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tours.wingontravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 07:54:35 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47815
x-xss-protection: 0
server: cafe
etag: 11255791993954544839
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 13 Apr 2023 07:54:35 GMT

GET
H2 200 js
www.googletagmanager.com/gtag/ 182 KB
66 KB 39ms
38ms Script
application/javascript 2a00:1450:4001:830::2008

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-751494347

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N3645R

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 -, , ASN (),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tours.wingontravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 07:54:35 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 67144
x-xss-protection: 0
last-modified: Thu, 13 Apr 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 13 Apr 2023 07:54:35 GMT

GET 76772
t.cfjump.com/tag/ 0
0

GET
H2 200 js
www.googletagmanager.com/gtag/ 273 KB
91 KB 41ms
40ms Script
application/javascript 2a00:1450:4001:830::2008

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-43TSTPJCJW&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N3645R

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 -, , ASN (),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tours.wingontravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 07:54:35 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93410
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 13 Apr 2023 07:54:35 GMT

GET
H2 204 26087706.js
bat.bing.com/p/action/ 0
138 B 107ms
106ms Script
text/plain 2620:1ec:c11::200

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/26087706.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 -, , ASN (),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tours.wingontravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Thu, 13 Apr 2023 07:54:34 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: B862915F695A4809B5175E4F32D32CB9 Ref B: AMS04EDGE3405 Ref C: 2023-04-13T07:54:35Z
x-powered-by: ARR/3.0
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
122 B 34ms
34ms Image
text/plain 2620:1ec:c11::200

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=26087706&Ver=2&mid=2b5d87d1-74cd-4e9a-9595-0433b7112885&sid=6e84dcc0d9d011eda8bd29c376346191&vid=6e84ea20d9d011edb3555906664a2b98&vids=0&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=%E9%95%B7%E7%B7%9A%E6%97%85%E8%A1%8C%E5%9C%98,%E9%95%B7%E7%B7%9A%E6%97%85%E9%81%8A,%E9%95%B7%E7%B7%9A%E6%97%85%E8%A1%8C%E5%9C%98%E5%84%AA%E6%83%A0-%E6%B0%B8%E5%AE%89%E6%97%85%E9%81%8A&kw=%E9%95%B7%E7%B7%9A%E6%97%85%E8%A1%8C%E5%9C%98,%E9%95%B7%E7%B7%9A%E6%97%85%E9%81%8A,%E9%95%B7%E7%B7%9A%E6%97%85%E8%A1%8C%E5%9C%98%E5%84%AA%E6%83%A0,%E9%95%B7%E7%B7%9A%E6%97%85%E8%A1%8C%E5%9C%98%E5%83%B9%E6%A0%BC,%E9%95%B7%E7%B7%9A%E5%8C%85%E5%9C%98,%E6%B0%B8%E5%AE%89%E6%97%85%E9%81%8A&p=https%3A%2F%2Ftours.wingontravel.com%2Fdest%2FLongHaultravel-5-5%3Fallianceid%3D7%26ouid%3D1iXEdYcBvhzjj6G_IC9I%26SID%3D1%26utm_source%3Dfoxpage%26utm_id%3DEDM2023DM123%26utm_medium%3DEmail%26utm_campaign%3DEDM2023DM123-TBS-23Apr12%26&r=https%3A%2F%2Fwww.trip.com%2F&lt=5108&evt=pageLoad&sv=1&rn=377752

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 -, , ASN (),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tours.wingontravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 13 Apr 2023 07:54:34 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D091F100251F4C06947E233798DDE0C3 Ref B: AMS04EDGE3405 Ref C: 2023-04-13T07:54:35Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect
stats.g.doubleclick.net/j/ 4 B
71 B 22ms
21ms XHR
text/plain 2a00:1450:400c:c0c::9d

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-34690760-5&cid=214880780.1681372475&jid=1186024822&gjid=2024532836&_gid=796544112.1681372475&_u=aGDAAEABAAAAAGAAI~&z=2126829441

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9d -, , ASN (),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://tours.wingontravel.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 13 Apr 2023 07:54:35 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://tours.wingontravel.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 0
bat.bing.com/action/ 0
123 B 85ms
85ms Image
text/plain 2620:1ec:c11::200

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=26087706&Ver=2&mid=2b5d87d1-74cd-4e9a-9595-0433b7112885&sid=6e84dcc0d9d011eda8bd29c376346191&vid=6e84ea20d9d011edb3555906664a2b98&vids=0&msclkid=N&ec=https%3A%2F%2Ftours.wingontravel.com%2Fdest%2FLongHaultravel-5-5%3Fallianceid%3D7%26ouid%3D1iXEdYcBvhzjj6G_IC9I%26SID%3D1%26utm_source%3Dfoxpage%26utm_id%3DEDM2023DM123%26utm_medium%3DEmail%26utm_campaign%3DEDM2023DM123-TBS-23Apr12%26&tpp=1&en=Y&sw=1600&sh=1200&sc=24&evt=custom&rn=335344

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 -, , ASN (),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tours.wingontravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 13 Apr 2023 07:54:34 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 577219CEE43C48E7ACD086C695D0A027 Ref B: AMS04EDGE3405 Ref C: 2023-04-13T07:54:35Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect
stats.g.doubleclick.net/j/ 4 B
71 B 21ms
21ms XHR
text/plain 2a00:1450:400c:c0c::9d

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-34690760-4&cid=214880780.1681372475&jid=1210589200&gjid=1685501733&_gid=796544112.1681372475&_u=aGDAAEABAAAAAGAAI~&z=1598663909

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9d -, , ASN (),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://tours.wingontravel.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 13 Apr 2023 07:54:35 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://tours.wingontravel.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect
stats.g.doubleclick.net/j/ 4 B
71 B 22ms
22ms XHR
text/plain 2a00:1450:400c:c0c::9d

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-34690760-7&cid=214880780.1681372475&jid=778461524&gjid=60561646&_gid=796544112.1681372475&_u=aGDAAEABAAAAAGAAI~&z=1324585413

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9d -, , ASN (),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://tours.wingontravel.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 13 Apr 2023 07:54:35 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://tours.wingontravel.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
108 B 51ms
39ms Image
image/gif 2a00:1450:4001:80e::2004

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-34690760-5&cid=214880780.1681372475&jid=1186024822&_u=aGDAAEABAAAAAGAAI~&z=1048938865

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tours.wingontravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Apr 2023 07:54:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.nl/ads/ 42 B
108 B 68ms
56ms Image
image/gif 2a00:1450:4001:829::2003

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-34690760-5&cid=214880780.1681372475&jid=1186024822&_u=aGDAAEABAAAAAGAAI~&z=1048938865

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tours.wingontravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Apr 2023 07:54:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
108 B 51ms
43ms Image
image/gif 2a00:1450:4001:80e::2004

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-34690760-4&cid=214880780.1681372475&jid=1210589200&_u=aGDAAEABAAAAAGAAI~&z=1528834496

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tours.wingontravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Apr 2023 07:54:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.nl/ads/ 42 B
108 B 62ms
55ms Image
image/gif 2a00:1450:4001:829::2003

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-34690760-4&cid=214880780.1681372475&jid=1210589200&_u=aGDAAEABAAAAAGAAI~&z=1528834496

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tours.wingontravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Apr 2023 07:54:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
108 B 49ms
43ms Image
image/gif 2a00:1450:4001:80e::2004

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-34690760-7&cid=214880780.1681372475&jid=778461524&_u=aGDAAEABAAAAAGAAI~&z=1187457559

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tours.wingontravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Apr 2023 07:54:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.nl/ads/ 42 B
108 B 62ms
55ms Image
image/gif 2a00:1450:4001:829::2003

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-34690760-7&cid=214880780.1681372475&jid=778461524&_u=aGDAAEABAAAAAGAAI~&z=1187457559

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tours.wingontravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Apr 2023 07:54:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
251 B 62ms
18ms Ping
text/plain 2001:4860:4802:32::36

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-43TSTPJCJW&gtm=45je34a0&_p=383423851&cid=214880780.1681372475&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1681372475&sct=1&seg=0&dl=https%3A%2F%2Ftours.wingontravel.com%2Fdest%2FLongHaultravel-5-5%3Fallianceid%3D7%26ouid%3D1iXEdYcBvhzjj6G_IC9I%26SID%3D1%26utm_source%3Dfoxpage%26utm_id%3DEDM2023DM123%26utm_medium%3DEmail%26utm_campaign%3DEDM2023DM123-TBS-23Apr12%26&dr=https%3A%2F%2Fwww.trip.com%2F&dt=%E9%95%B7%E7%B7%9A%E6%97%85%E8%A1%8C%E5%9C%98%2C%E9%95%B7%E7%B7%9A%E6%97%85%E9%81%8A%2C%E9%95%B7%E7%B7%9A%E6%97%85%E8%A1%8C%E5%9C%98%E5%84%AA%E6%83%A0-%E6%B0%B8%E5%AE%89%E6%97%85%E9%81%8A&en=page_view&_fv=1&_ss=2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-43TSTPJCJW&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 -, , ASN (),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tours.wingontravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Apr 2023 07:54:35 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://tours.wingontravel.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET /
googleads.g.doubleclick.net/pagead/viewthroughconversion/964263469/ 0
0

GET /
googleads.g.doubleclick.net/pagead/viewthroughconversion/960476658/ 0
0

GET /
googleads.g.doubleclick.net/pagead/viewthroughconversion/11084367259/ 0
0

GET
H3 200 /
www.google.com/pagead/1p-user-list/965279151/ 42 B
64 B 34ms
33ms Image
image/gif 2a00:1450:4001:80e::2004

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/965279151/?random=1681372474997&cv=11&fst=1681369200000&bg=ffffff&guid=ON&async=1&gtm=45He34a0&u_w=1600&u_h=1200&url=https%3A%2F%2Ftours.wingontravel.com%2Fdest%2FLongHaultravel-5-5%3Fallianceid%3D7%26ouid%3D1iXEdYcBvhzjj6G_IC9I%26SID%3D1%26utm_source%3Dfoxpage%26utm_id%3DEDM2023DM123%26utm_medium%3DEmail%26utm_campaign%3DEDM2023DM123-TBS-23Apr12%26&ref=https%3A%2F%2Fwww.trip.com%2F&label=Remarketing-Google%E4%B8%BB%E6%8E%A8%E7%94%A2%E5%93%81&frm=0&tiba=%E9%95%B7%E7%B7%9A%E6%97%85%E8%A1%8C%E5%9C%98%2C%E9%95%B7%E7%B7%9A%E6%97%85%E9%81%8A%2C%E9%95%B7%E7%B7%9A%E6%97%85%E8%A1%8C%E5%9C%98%E5%84%AA%E6%83%A0-%E6%B0%B8%E5%AE%89%E6%97%85%E9%81%8A&fmt=3&is_vtc=1&random=373884179&rmt_tld=0&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tours.wingontravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Apr 2023 07:54:35 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.nl/pagead/1p-user-list/965279151/ 42 B
64 B 33ms
32ms Image
image/gif 2a00:1450:4001:829::2003

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/pagead/1p-user-list/965279151/?random=1681372474997&cv=11&fst=1681369200000&bg=ffffff&guid=ON&async=1&gtm=45He34a0&u_w=1600&u_h=1200&url=https%3A%2F%2Ftours.wingontravel.com%2Fdest%2FLongHaultravel-5-5%3Fallianceid%3D7%26ouid%3D1iXEdYcBvhzjj6G_IC9I%26SID%3D1%26utm_source%3Dfoxpage%26utm_id%3DEDM2023DM123%26utm_medium%3DEmail%26utm_campaign%3DEDM2023DM123-TBS-23Apr12%26&ref=https%3A%2F%2Fwww.trip.com%2F&label=Remarketing-Google%E4%B8%BB%E6%8E%A8%E7%94%A2%E5%93%81&frm=0&tiba=%E9%95%B7%E7%B7%9A%E6%97%85%E8%A1%8C%E5%9C%98%2C%E9%95%B7%E7%B7%9A%E6%97%85%E9%81%8A%2C%E9%95%B7%E7%B7%9A%E6%97%85%E8%A1%8C%E5%9C%98%E5%84%AA%E6%83%A0-%E6%B0%B8%E5%AE%89%E6%97%85%E9%81%8A&fmt=3&is_vtc=1&random=373884179&rmt_tld=1&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tours.wingontravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Apr 2023 07:54:35 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET /
googleads.g.doubleclick.net/pagead/viewthroughconversion/955191440/ 0
0

GET zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230411/r20190131/ Frame B62B 0
0

GET /
googleads.g.doubleclick.net/pagead/viewthroughconversion/751494347/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: tours.wingontravel.com
URL: https://tours.wingontravel.com/Content/WebJS/fonts/element-icons.535877f.woff

Domain: webpush.wingontravel.com
URL: https://webpush.wingontravel.com/ws/registerSW.js

Domain: cuckoo.wingontravel.com
URL: https://cuckoo.wingontravel.com/analytics/analytics.js

Domain: accounts.google.com
URL: https://accounts.google.com/o/oauth2/iframe

Domain: t.cfjump.com
URL: https://t.cfjump.com/tag/76772

Domain: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/viewthroughconversion/964263469/?random=1681372475115&cv=11&fst=1681372475115&bg=ffffff&guid=ON&async=1&gtm=45je34a0&u_w=1600&u_h=1200&url=https%3A%2F%2Ftours.wingontravel.com%2Fdest%2FLongHaultravel-5-5%3Fallianceid%3D7%26ouid%3D1iXEdYcBvhzjj6G_IC9I%26SID%3D1%26utm_source%3Dfoxpage%26utm_id%3DEDM2023DM123%26utm_medium%3DEmail%26utm_campaign%3DEDM2023DM123-TBS-23Apr12%26&ref=https%3A%2F%2Fwww.trip.com%2F&hn=www.googleadservices.com&frm=0&tiba=%E9%95%B7%E7%B7%9A%E6%97%85%E8%A1%8C%E5%9C%98%2C%E9%95%B7%E7%B7%9A%E6%97%85%E9%81%8A%2C%E9%95%B7%E7%B7%9A%E6%97%85%E8%A1%8C%E5%9C%98%E5%84%AA%E6%83%A0-%E6%B0%B8%E5%AE%89%E6%97%85%E9%81%8A&auid=205951743.1681372475&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Domain: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/viewthroughconversion/960476658/?random=1681372475128&cv=11&fst=1681372475128&bg=ffffff&guid=ON&async=1&gtm=45je34a0&u_w=1600&u_h=1200&url=https%3A%2F%2Ftours.wingontravel.com%2Fdest%2FLongHaultravel-5-5%3Fallianceid%3D7%26ouid%3D1iXEdYcBvhzjj6G_IC9I%26SID%3D1%26utm_source%3Dfoxpage%26utm_id%3DEDM2023DM123%26utm_medium%3DEmail%26utm_campaign%3DEDM2023DM123-TBS-23Apr12%26&ref=https%3A%2F%2Fwww.trip.com%2F&hn=www.googleadservices.com&frm=0&tiba=%E9%95%B7%E7%B7%9A%E6%97%85%E8%A1%8C%E5%9C%98%2C%E9%95%B7%E7%B7%9A%E6%97%85%E9%81%8A%2C%E9%95%B7%E7%B7%9A%E6%97%85%E8%A1%8C%E5%9C%98%E5%84%AA%E6%83%A0-%E6%B0%B8%E5%AE%89%E6%97%85%E9%81%8A&auid=205951743.1681372475&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Domain: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11084367259/?random=1681372475137&cv=11&fst=1681372475137&bg=ffffff&guid=ON&async=1&gtm=45je34a0&u_w=1600&u_h=1200&url=https%3A%2F%2Ftours.wingontravel.com%2Fdest%2FLongHaultravel-5-5%3Fallianceid%3D7%26ouid%3D1iXEdYcBvhzjj6G_IC9I%26SID%3D1%26utm_source%3Dfoxpage%26utm_id%3DEDM2023DM123%26utm_medium%3DEmail%26utm_campaign%3DEDM2023DM123-TBS-23Apr12%26&ref=https%3A%2F%2Fwww.trip.com%2F&hn=www.googleadservices.com&frm=0&tiba=%E9%95%B7%E7%B7%9A%E6%97%85%E8%A1%8C%E5%9C%98%2C%E9%95%B7%E7%B7%9A%E6%97%85%E9%81%8A%2C%E9%95%B7%E7%B7%9A%E6%97%85%E8%A1%8C%E5%9C%98%E5%84%AA%E6%83%A0-%E6%B0%B8%E5%AE%89%E6%97%85%E9%81%8A&auid=205951743.1681372475&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Domain: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/viewthroughconversion/955191440/?random=128527511&cv=11&fst=1681372475004&bg=ffffff&guid=ON&async=1&gtm=45He34a0&u_w=1600&u_h=1200&url=https%3A%2F%2Ftours.wingontravel.com%2Fdest%2FLongHaultravel-5-5%3Fallianceid%3D7%26ouid%3D1iXEdYcBvhzjj6G_IC9I%26SID%3D1%26utm_source%3Dfoxpage%26utm_id%3DEDM2023DM123%26utm_medium%3DEmail%26utm_campaign%3DEDM2023DM123-TBS-23Apr12%26&ref=https%3A%2F%2Fwww.trip.com%2F&label=exSACK_bkYkDEJChvMcD&hn=www.googleadservices.com&frm=0&tiba=%E9%95%B7%E7%B7%9A%E6%97%85%E8%A1%8C%E5%9C%98%2C%E9%95%B7%E7%B7%9A%E6%97%85%E9%81%8A%2C%E9%95%B7%E7%B7%9A%E6%97%85%E8%A1%8C%E5%9C%98%E5%84%AA%E6%83%A0-%E6%B0%B8%E5%AE%89%E6%97%85%E9%81%8A&value=0&auid=205951743.1681372475&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=O7U3ZJvOBo7S1gaI1oXoCQ&sscte=1&crd=&eitems=ChEI8NDeoQYQ0MWs7tmMjYGyARIdABZU-WnOpEaUsHRZcMtNEtmAPjt7pm3-zq-0tV4&pscrd=EkxDaEFJOE5EZW9RWVFuZks5bU5pcmk3VWlFaVVBNklsY01yMkUyUjZrXzdTR25tbnhCUXBYNWF4SGtpT0s0MGptM3M5UG1yRUZwci1ZGlhDaEVJOE5EZW9RWVFfOHpDX3FXazNhMlRBUkl0QUxfNlZFSGxVYVRCMG9rMm1DeDBIR3cwZnI0dU96RlN1d0dlN0JrSTdkVnJIV2JhSWQ3ZWFJVmVZOTJS

Domain: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230411/r20190131/zrt_lookup.html

Domain: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/viewthroughconversion/751494347/?random=1681372475226&cv=11&fst=1681372475226&bg=ffffff&guid=ON&async=1&gtm=45be34a0&u_w=1600&u_h=1200&url=https%3A%2F%2Ftours.wingontravel.com%2Fdest%2FLongHaultravel-5-5%3Fallianceid%3D7%26ouid%3D1iXEdYcBvhzjj6G_IC9I%26SID%3D1%26utm_source%3Dfoxpage%26utm_id%3DEDM2023DM123%26utm_medium%3DEmail%26utm_campaign%3DEDM2023DM123-TBS-23Apr12%26&ref=https%3A%2F%2Fwww.trip.com%2F&hn=www.googleadservices.com&frm=0&tiba=%E9%95%B7%E7%B7%9A%E6%97%85%E8%A1%8C%E5%9C%98%2C%E9%95%B7%E7%B7%9A%E6%97%85%E9%81%8A%2C%E9%95%B7%E7%B7%9A%E6%97%85%E8%A1%8C%E5%9C%98%E5%84%AA%E6%83%A0-%E6%B0%B8%E5%AE%89%E6%97%85%E9%81%8A&auid=205951743.1681372475&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
ubt-sin.tripcdn.com/	1970-01-20 20:38:52	Name: suid Value: AJ2Ua+0R0NkUAiaJRu2yNA==
.trip.com/	1970-01-20 20:38:52	Name: _bfa Value: 1.1681372469338.gx93wt.1.1681372469338.1681372470057.1.1.10650038432
.trip.com/	1970-01-20 20:38:52	Name: _ubtstatus Value: %7B%22vid%22%3A%221681372469338.gx93wt%22%2C%22sid%22%3A1%2C%22pvid%22%3A1%2C%22pid%22%3A10650038432%7D
chloro.trip.com/	1970-01-20 19:48:28	Name: _RGUID Value: 60d308e2-a62c-4238-80bc-531d6bfdebd9
.trip.com/	1970-01-20 20:38:52	Name: _RF1 Value: 95.211.95.247
.trip.com/	1970-01-20 20:38:52	Name: _RSG Value: u84BcAE2J36PlU_hrnKy28
.trip.com/	1970-01-20 20:38:52	Name: _RDG Value: 280f93bd3752e9281d10c0b3aa721a25fe
.trip.com/	1970-01-20 20:38:52	Name: _RGUID Value: 60d308e2-a62c-4238-80bc-531d6bfdebd9
.wingontravel.com/	1970-01-20 11:02:56	Name: culture Value: zh-HK
.wingontravel.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId_Global Value: 5a1ca37f-e7f5-453a-89e4-c36e67e1c19e

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.nl.FR_GGCoVxHA.O/m=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-e6nboIIFTKsrbl_jrcbXu7xY9IA/cb=gapi.loaded_0?le=scs(Line 408) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can remove its sandboxing.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
ak-s.tripcdn.com
apis.google.com
bat.bing.com
chloro.trip.com
connect.facebook.net
cuckoo.wingontravel.com
googleads.g.doubleclick.net
m.trip.com
m.wingontravel.com
members.wingontravel.com
pagead2.googlesyndication.com
region1.google-analytics.com
s.yimg.com
sp.analytics.yahoo.com
stats.g.doubleclick.net
t.cfjump.com
tours.wingontravel.com
ubt-sin.tripcdn.com
webpush.wingontravel.com
webresource.wingontravel.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.nl
www.googleadservices.com
www.googletagmanager.com
www.trip.com
accounts.google.com
cuckoo.wingontravel.com
googleads.g.doubleclick.net
t.cfjump.com
tours.wingontravel.com
webpush.wingontravel.com
115.160.189.12
115.160.189.3
13.32.121.69
14.136.236.141
14.136.236.151
142.250.185.226
18.141.241.6
18.155.153.7
2001:4860:4802:32::36
212.82.100.181
23.73.141.168
2620:1ec:c11::200
2a00:1288:80:807::2
2a00:1450:4001:80e::2004
2a00:1450:4001:80f::200d
2a00:1450:4001:810::200e
2a00:1450:4001:812::2002
2a00:1450:4001:828::200e
2a00:1450:4001:829::2003
2a00:1450:4001:82a::2002
2a00:1450:4001:830::2008
2a00:1450:400c:c0c::9d
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
35.158.198.220
0ec06672fe3c64b5f9a2734153c38dc3aac1a84dd0c656447e4f393339608db6
22bb5a785e770febe7c9102627e128c94a999614f6ded1a40673e32e910f6a7a
23528c848f2b4a70e0ffddcf5590c9fc4b0b66f0d0ccba6472c3e91dc84110ad
26b486e9a2f9f2610e7725137323ca62f301a668c5be5bc0ed21b67f323b4a49
27095d13a9c6e755cb20dc225c60d419aaea91a9ec240b842527daea5c98a3ba
280a2efc19b95696ae52b137e0d7e07889f15bcd075add47706c3bba5f0ef14c
2b707125b3c310fad257d554a21463bb98f261a18d5ba966f2848ee04a65daa6
330908701ec91e9121a64524e12fcd1af08bfa68565f597324838f9d61fcb787
36414480f9c7b5ab976271397bcbe0c64d2d057859f9c82c3048d3780ca7ac1d
3aedb297adf29cff8f749e6c53093d8bc7e61f420a87750c6b5d34abab2a68e6
3e01f09dab8a39687e91ef880e41ab9e02b6b82a58acedcc4712531154608745
4357f68b231e13ad1624a5cfab208b3d6907cce689f65e86f05191ec049e5964
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
611fdd1aee31d8fde48103f886e829b34a2e6597159cd7d8228667f9ef53b18f
61aa777426b5393e891dd5e9f8d3c33124df2da7ad8e9459c5e0178d6a7f1a96
6651bd66f89751ff3b1c15f7295a0250d70b605488a17862a0d5f47fcdcdd5f0
6a9da8d5c71a1c35feafd659dbb449c3b01a2876a9bd72a5e11b32c866e6ed81
6b433720c12b76bc0c98234777fe70e36c216d78d1df6a16f173942584d52567
7b0247fcdda5cb3d01f155bb872ac6a05fea084a3e872bf54433bb9a2f3f330a
802c1b40ff27875ff4654ce8499c1c2b9bf499c2a6358405bab05850b199fd2b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
863cd492b5b90e6518292dd9684fa54a5485d361a229b81a85cfc08de6ce899f
8e889a40128050733d2b40336871caf5e79e3c90522670cae3447ec0d2f26898
9ad68b2fdf9cdf109a1b1eba67b2b3e6ded4d7b166838dc784295195ff87b8c9
a5f450c93d3e937e8e5fb011fb6fd2a5f5d979265eb4f23a4b72dd74b10a90c1
af93fca4f5243ec0a7f7fbd6ed4fd230cc04b9865d4b50ed60864bca471aa6e5
b1be1585f542c01a314e1c7a301fdeeeb036d1fac34f2b952124e24b97b86eb8
b3bd4f98dbc336d8ae942f7abfec18bc81ba8f4faace4fd70f9e7c3772b1e276
b816647b078f2967c9daffd11d2850815f309df01aed05ebf3a93559c3e003fc
bf498c3a44e99172073df70525d863cb4e99130a5e6c7ffd34ce93e8b47e7d0e
c251648289ae2cceda511cbcc2221901f4f6978113159c8d3f51ff1b8ff1e922
c8aa9c8a8e396abb567b45cd194d6a1e63068026ed2b5a157e2219b0a3b5888c
d13a6c75642a6537e18a56944f3ada6efe7df43d1522b6daec8191f4668a91a2
d248bdda7062529418aabb155224862066083eeb03cc9fe6f7d00e54ecc5357c
dabe0c04d1eedfca7c4ede5cf46ad0b5224604b311f83519b17b0bcb7faa24de
db3b633da4f579137dbd65a532beda8c381b6f0a96dc4f8a7a2f2ef58b890ce0
e35d2aaac97c14c8d193d4453092d80a569dc6b35eb734134e76446ad1297548
eb01b6ff65c49df827739b4ccc46e4f02f85a51ff54b51b3b4673a9802c61af7
f1e5e74235d095069b8de1a0bc8ef8826fb33e115937ba9f5747cf6b53740a7d
f42b0c7f04e2ec56d73d8895df456650f86473c5c96cf27570bc3db09d34ba94
f704be628d8d83aeb9a7da1d3bb660087017822abfabf67888c7657a6761dada

tours.wingontravel.com Open in urlscan Pro 14.136.236.151 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

95 Requests

88 %HTTPS

56 %IPv6

16 Domains

28 Subdomains

26 IPs

5 Countries

1652 kBTransfer

5212 kBSize

10 Cookies

0 Outgoing links

Page URL History

Redirected requests

95 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

tours.wingontravel.com Open in urlscan Pro
14.136.236.151 Public Scan

Screenshot
Live screenshot

Full Image

95
Requests

88 %
HTTPS

56 %
IPv6

16
Domains

28
Subdomains

26
IPs

5
Countries

1652 kB
Transfer

5212 kB
Size

10
Cookies

95 HTTP transactions
2 data transactions