Submitted URL: https://www.antietamtravelservice.besttrip.tv/
Effective URL: https://www.travelagencytribes.com/down?site=antietamtravelservice.besttrip.tv
Submission: On October 02 via automatic, source certstream-suspicious — Scanned from DE

Summary

This website contacted 7 IPs in 2 countries across 7 domains to perform 14 HTTP transactions. The main IP is 51.81.251.175, located in Hillsboro, United States and belongs to OVH, FR. The main domain is www.travelagencytribes.com.
TLS certificate: Issued by R3 on September 24th 2021. Valid for: 3 months.
This is the only time www.travelagencytribes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 8 51.81.251.175 16276 (OVH)
1 172.217.23.106 15169 (GOOGLE)
2 104.18.10.207 13335 (CLOUDFLAR...)
3 151.101.193.229 54113 (FASTLY)
1 142.250.186.170 15169 (GOOGLE)
1 52.217.174.136 16509 (AMAZON-02)
1 52.204.196.81 14618 (AMAZON-AES)
14 7
Domain Requested by
6 www.travelagencytribes.com 1 redirects www.travelagencytribes.com
cdn.jsdelivr.net
3 cdn.jsdelivr.net www.travelagencytribes.com
2 maxcdn.bootstrapcdn.com www.travelagencytribes.com
maxcdn.bootstrapcdn.com
1 trackcmp.net www.travelagencytribes.com
1 s3.amazonaws.com www.travelagencytribes.com
1 maps.googleapis.com www.travelagencytribes.com
1 fonts.googleapis.com www.travelagencytribes.com
1 antietamtravelservice.besttrip.tv 1 redirects
1 www.antietamtravelservice.besttrip.tv 1 redirects
14 9

This site contains no links.

Subject Issuer Validity Valid
www.travelagencytribes.com
R3
2021-09-24 -
2021-12-23
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2021-09-13 -
2021-11-20
2 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2021-03-01 -
2022-02-28
a year crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2020
2021-04-30 -
2022-06-01
a year crt.sh
s3.amazonaws.com
DigiCert Baltimore CA-2 G2
2021-06-23 -
2022-07-24
a year crt.sh
*.trackcmp.net
Amazon
2021-03-02 -
2022-03-31
a year crt.sh

This page contains 1 frames:

Primary Page: https://www.travelagencytribes.com/down?site=antietamtravelservice.besttrip.tv
Frame ID: B44A04FCFD46D6D96481E6CAC5031182
Requests: 14 HTTP requests in this frame

Screenshot

Page Title

Your site is down :-(

Page URL History Show full URLs

  1. https://www.antietamtravelservice.besttrip.tv/ HTTP 301
    https://antietamtravelservice.besttrip.tv/ HTTP 301
    http://www.travelagencytribes.com/down?site=antietamtravelservice.besttrip.tv HTTP 301
    https://www.travelagencytribes.com/down?site=antietamtravelservice.besttrip.tv Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //maps\.google(?:apis)?\.com/maps/api/js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css

Overall confidence: 100%
Detected patterns
  • <link[^>]+foundation[^>"]+css
  • <div [^>]*class="[^"]*(?:small|medium|large)-\d{1,2} columns

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

14
Requests

100 %
HTTPS

0 %
IPv6

7
Domains

9
Subdomains

7
IPs

2
Countries

197 kB
Transfer

484 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.antietamtravelservice.besttrip.tv/ HTTP 301
    https://antietamtravelservice.besttrip.tv/ HTTP 301
    http://www.travelagencytribes.com/down?site=antietamtravelservice.besttrip.tv HTTP 301
    https://www.travelagencytribes.com/down?site=antietamtravelservice.besttrip.tv Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request down
www.travelagencytribes.com/
Redirect Chain
  • https://www.antietamtravelservice.besttrip.tv/
  • https://antietamtravelservice.besttrip.tv/
  • http://www.travelagencytribes.com/down?site=antietamtravelservice.besttrip.tv
  • https://www.travelagencytribes.com/down?site=antietamtravelservice.besttrip.tv
11 KB
5 KB
Document
General
Full URL
https://www.travelagencytribes.com/down?site=antietamtravelservice.besttrip.tv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.81.251.175 Hillsboro, United States, ASN16276 (OVH, FR),
Reverse DNS
proxy1.gttwl.net
Software
Caddy nginx/1.12.2 + Phusion Passenger 5.2.1 / Phusion Passenger 5.2.1
Resource Hash
4c35c7e156a990318bf11bce44e8919c26559608cc79ac5ca77f2945e53cdeb7
Security Headers
Name Value
Strict-Transport-Security max-age=3000;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.travelagencytribes.com
:scheme
https
:path
/down?site=antietamtravelservice.besttrip.tv
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sat, 02 Oct 2021 06:04:51 GMT
etag
W/"7918246cab6ab5fa50aeeb8d1713b588"
server
Caddy nginx/1.12.2 + Phusion Passenger 5.2.1
set-cookie
cart=60bac5e5-bc33-40fb-a5cb-4b6c50524638; path=/; expires=Wed, 02 Oct 2041 06:04:51 -0000 _gttwl2_session=djVta2JnTG1CSTFQY2dreUVoRTl0S01QNkJDRXZRWFY2NDZIVE0zZGtQNTVMVWtqSk9ORm1zcTAreWx6SHFoWWZpanpSSE5CS0FxSDkxTFJkczRoUm1FS2Z3SU0xMTM5VFY2MlFaMEo2R1dKUmxuWS9LSUhaS2g3SWc2WitvdHh6aFlMd3MzYXdNOG4xNldtK2lSWWsyeHFLdzcvVG8xVm1oWm1Ia0E2dVIxb01EYVQzQ1dEZkJ5NFRsZG9zeXQ3LS1nMVRNZ3ljQ0VBdWJtSHJUSHRTaThnPT0%3D--8a6c4a3fa8f7d0259d131f6de5bd21d75e314cda; path=/; expires=Sun, 03 Oct 2021 06:04:51 -0000; HttpOnly
status
200 OK
strict-transport-security
max-age=3000;
x-content-type-options
nosniff
x-powered-by
Phusion Passenger 5.2.1
x-request-id
01b6d218-c6cc-4379-969c-a5f178faefcd
x-runtime
0.031705
x-ua-compatible
chrome=1
x-xss-protection
1; mode=block

Redirect headers

Cache-Control
no-cache
Content-Type
text/html; charset=utf-8
Date
Sat, 02 Oct 2021 06:04:51 GMT
Location
https://www.travelagencytribes.com/down?site=antietamtravelservice.besttrip.tv
Server
Caddy nginx/1.12.2 + Phusion Passenger 5.2.1
Status
301 Moved Permanently
Strict-Transport-Security
max-age=3000;
X-Content-Type-Options
nosniff
X-Powered-By
Phusion Passenger 5.2.1
X-Request-Id
af2d2b66-2471-47b8-904f-52febe04b883
X-Runtime
0.007386
X-Ua-Compatible
chrome=1
X-Xss-Protection
1; mode=block
Content-Length
144
css
fonts.googleapis.com/
2 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Bitter
Requested by
Host: www.travelagencytribes.com
URL: https://www.travelagencytribes.com/down?site=antietamtravelservice.besttrip.tv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f106.1e100.net
Software
ESF /
Resource Hash
957ad0b51445cc8397e42d7d7350d9006b4aaa7e96a73e5d04b899a78175e357
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.travelagencytribes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 02 Oct 2021 05:07:20 GMT
server
ESF
date
Sat, 02 Oct 2021 06:04:51 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Sat, 02 Oct 2021 06:04:51 GMT
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/
27 KB
7 KB
Stylesheet
General
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css
Requested by
Host: www.travelagencytribes.com
URL: https://www.travelagencytribes.com/down?site=antietamtravelservice.besttrip.tv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.travelagencytribes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 06:04:51 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
632, 718
age
14027239
cdn-cachedat
2021-03-10 20:26:24
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:54 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
ee86ac04c9cc5e4b6aa4d3998616f598
cf-ray
697bbc57284d21b1-DUS
cdn-requestcountrycode
DE
cdn-requestpullsuccess
True
foundation.min.css
cdn.jsdelivr.net/foundation/6.1.1/
52 KB
11 KB
Stylesheet
General
Full URL
https://cdn.jsdelivr.net/foundation/6.1.1/foundation.min.css
Requested by
Host: www.travelagencytribes.com
URL: https://www.travelagencytribes.com/down?site=antietamtravelservice.besttrip.tv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.229 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
af4c1c20a5353d32675bf0e2628e560c81241b6603a97e7f88dfc4cf6c4423f4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.travelagencytribes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
377366
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
content-length
10824
etag
W/"cf17-1QYcWEIprINdTl9K35AzEXUlHxk"
x-served-by
cache-fra19129-FRA, cache-hhn4054-HHN
date
Sat, 02 Oct 2021 06:04:51 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
js
maps.googleapis.com/maps/api/
146 KB
48 KB
Script
General
Full URL
https://maps.googleapis.com/maps/api/js?key=AIzaSyBa0KhpPIkUCNdYfyGCyaxM5f5dtMkd0fQ&libraries=places&sensor=true
Requested by
Host: www.travelagencytribes.com
URL: https://www.travelagencytribes.com/down?site=antietamtravelservice.besttrip.tv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.170 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f10.1e100.net
Software
mafe /
Resource Hash
ccf6295b931ab6578c0a85465a55901f308b58db28b4100336d71472da07a52b
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.travelagencytribes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 06:04:51 GMT
content-encoding
gzip
vary
Accept-Language
server
mafe
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1800
cross-origin-resource-policy
cross-origin
server-timing
gfet4t7; dur=43
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48657
x-xss-protection
0
expires
Sat, 02 Oct 2021 06:34:51 GMT
1452173603_original.png
s3.amazonaws.com/gttwl/attachments/tat.gttwl2.com/lsc85x/
4 KB
5 KB
Image
General
Full URL
https://s3.amazonaws.com/gttwl/attachments/tat.gttwl2.com/lsc85x/1452173603_original.png
Requested by
Host: www.travelagencytribes.com
URL: https://www.travelagencytribes.com/down?site=antietamtravelservice.besttrip.tv
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.174.136 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
a9f5fe817e0bf54f8cf52db2d009217d8212127e7d8a48b7933d5bc8eb18d7c8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.travelagencytribes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 02 Oct 2021 06:04:53 GMT
Last-Modified
Thu, 07 Jan 2016 13:32:00 GMT
Server
AmazonS3
x-amz-request-id
EBD03CP6WDVNBD96
ETag
"c2ba9d20695aebbe60e00def65a0003c"
Content-Type
image/png
x-amz-version-id
null
Accept-Ranges
bytes
Content-Length
4413
x-amz-id-2
DnSC2PzCOJqXywA+gT1vv4XQu0da6vTB5vrZKgVgHFL6pnzzuTno6UXG5yXFysK1oSiWegw6QdY=
jquery.min.js
cdn.jsdelivr.net/jquery/2.1.4/
82 KB
29 KB
Script
General
Full URL
https://cdn.jsdelivr.net/jquery/2.1.4/jquery.min.js
Requested by
Host: www.travelagencytribes.com
URL: https://www.travelagencytribes.com/down?site=antietamtravelservice.besttrip.tv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.229 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.travelagencytribes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
1953477
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
content-length
29595
etag
W/"1499c-gljQRvF908FaXTmE4YaLe10dsyk"
x-served-by
cache-fra19143-FRA, cache-hhn4054-HHN
date
Sat, 02 Oct 2021 06:04:51 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
foundation.min.js
cdn.jsdelivr.net/foundation/6.1.1/
91 KB
23 KB
Script
General
Full URL
https://cdn.jsdelivr.net/foundation/6.1.1/foundation.min.js
Requested by
Host: www.travelagencytribes.com
URL: https://www.travelagencytribes.com/down?site=antietamtravelservice.besttrip.tv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.229 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4ed7421a58154c4b3f5a365917e6646c1e8793b9f6ff1e9a89304e12939aa18b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.travelagencytribes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
1953470
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
content-length
23192
etag
W/"16c8d-S8+9pBO4lJUxBhSk7sY35pAYpBE"
x-served-by
cache-fra19150-FRA, cache-hhn4054-HHN
date
Sat, 02 Oct 2021 06:04:51 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
gttwl2.js
www.travelagencytribes.com/javascripts/
4 KB
1 KB
Script
General
Full URL
https://www.travelagencytribes.com/javascripts/gttwl2.js
Requested by
Host: www.travelagencytribes.com
URL: https://www.travelagencytribes.com/down?site=antietamtravelservice.besttrip.tv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.81.251.175 Hillsboro, United States, ASN16276 (OVH, FR),
Reverse DNS
proxy1.gttwl.net
Software
Caddy nginx/1.12.2 /
Resource Hash
901f5c66d74ebf9e3900248ceea21aaf160d8cc86143e4646fa07839a170ac83
Security Headers
Name Value
Strict-Transport-Security max-age=3000;

Request headers

:path
/javascripts/gttwl2.js
pragma
no-cache
cookie
cart=60bac5e5-bc33-40fb-a5cb-4b6c50524638; _gttwl2_session=djVta2JnTG1CSTFQY2dreUVoRTl0S01QNkJDRXZRWFY2NDZIVE0zZGtQNTVMVWtqSk9ORm1zcTAreWx6SHFoWWZpanpSSE5CS0FxSDkxTFJkczRoUm1FS2Z3SU0xMTM5VFY2MlFaMEo2R1dKUmxuWS9LSUhaS2g3SWc2WitvdHh6aFlMd3MzYXdNOG4xNldtK2lSWWsyeHFLdzcvVG8xVm1oWm1Ia0E2dVIxb01EYVQzQ1dEZkJ5NFRsZG9zeXQ3LS1nMVRNZ3ljQ0VBdWJtSHJUSHRTaThnPT0%3D--8a6c4a3fa8f7d0259d131f6de5bd21d75e314cda
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.travelagencytribes.com
referer
https://www.travelagencytribes.com/down?site=antietamtravelservice.besttrip.tv
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.travelagencytribes.com/down?site=antietamtravelservice.besttrip.tv
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 06:04:51 GMT
content-encoding
gzip
last-modified
Mon, 06 Apr 2020 02:31:21 GMT
server
Caddy nginx/1.12.2
etag
W/"5e8a9479-ece"
strict-transport-security
max-age=3000;
content-type
application/x-javascript
content-length
1270
hits
www.travelagencytribes.com/
4 B
504 B
Script
General
Full URL
https://www.travelagencytribes.com/hits?js=1&u=209e433c-e4d9-4ff9-977c-c0b9c91b34cd&r=&q=https%3A%2F%2Fwww.travelagencytribes.com%2Fdown%3Fsite%3Dantietamtravelservice.besttrip.tv
Requested by
Host: www.travelagencytribes.com
URL: https://www.travelagencytribes.com/down?site=antietamtravelservice.besttrip.tv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.81.251.175 Hillsboro, United States, ASN16276 (OVH, FR),
Reverse DNS
proxy1.gttwl.net
Software
Caddy nginx/1.12.2 + Phusion Passenger 5.2.1 / Phusion Passenger 5.2.1
Resource Hash
a8883bc180474bec5859cbb00c092eb96d48d2ee0d99416c6c3790d04bd7cb0d
Security Headers
Name Value
Strict-Transport-Security max-age=3000;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/hits?js=1&u=209e433c-e4d9-4ff9-977c-c0b9c91b34cd&r=&q=https%3A%2F%2Fwww.travelagencytribes.com%2Fdown%3Fsite%3Dantietamtravelservice.besttrip.tv
pragma
no-cache
cookie
cart=60bac5e5-bc33-40fb-a5cb-4b6c50524638; _gttwl2_session=djVta2JnTG1CSTFQY2dreUVoRTl0S01QNkJDRXZRWFY2NDZIVE0zZGtQNTVMVWtqSk9ORm1zcTAreWx6SHFoWWZpanpSSE5CS0FxSDkxTFJkczRoUm1FS2Z3SU0xMTM5VFY2MlFaMEo2R1dKUmxuWS9LSUhaS2g3SWc2WitvdHh6aFlMd3MzYXdNOG4xNldtK2lSWWsyeHFLdzcvVG8xVm1oWm1Ia0E2dVIxb01EYVQzQ1dEZkJ5NFRsZG9zeXQ3LS1nMVRNZ3ljQ0VBdWJtSHJUSHRTaThnPT0%3D--8a6c4a3fa8f7d0259d131f6de5bd21d75e314cda; __tat_u=209e433c-e4d9-4ff9-977c-c0b9c91b34cd
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.travelagencytribes.com
referer
https://www.travelagencytribes.com/down?site=antietamtravelservice.besttrip.tv
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.travelagencytribes.com/down?site=antietamtravelservice.besttrip.tv
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 06:04:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-powered-by
Phusion Passenger 5.2.1
status
200 OK
content-length
30
x-xss-protection
1; mode=block
x-request-id
9264dec3-d673-4228-ba53-6ef5a12a8a3d
x-ua-compatible
chrome=1
x-runtime
0.061061
server
Caddy nginx/1.12.2 + Phusion Passenger 5.2.1
etag
W/"fe46eec7bb2dbf27375ebcbf208b19c8"
strict-transport-security
max-age=3000;
content-type
text/javascript; charset=utf-8
cache-control
max-age=0, private, must-revalidate
set-cookie
_gttwl2_session=cXM3WlZJeDMyUkpIaFVoa0Vmb3d3SjBsaTR2SEwzMWtRTzVwSmVOcmgvSU1uR090OG1qT2JGRjVzMVB0anhxN1huUUZ6UGp0OENWZlNHdHl3dXdIakNHSklLVEU0Q1VLdGpEdEg0M1Fyam04Q2NGR2gyN1Mxb1ljSHB0NHlWNWlBWUgwSDdYTEVVMEc0OFVMd1FpeDZzVjhNU2UyL09PdG05NDUzaVdON1R6YlJCN3NKeXkvRDI5N1VnMVdrblJlLS0vUUp3amJsNk5iNDR6ZENvMXl3WWJnPT0%3D--13fc0981b27569af20c64b69ad9053a7acda8cd0; path=/; expires=Sun, 03 Oct 2021 06:04:52 -0000; HttpOnly
574
www.travelagencytribes.com/tm/h/
4 B
431 B
Script
General
Full URL
https://www.travelagencytribes.com/tm/h/574?js=1&t=209e433c-e4d9-4ff9-977c-c0b9c91b34cd&req=https%3A%2F%2Fwww.travelagencytribes.com%2Fdown%3Fsite%3Dantietamtravelservice.besttrip.tv&ref=&kind=&kind_id=
Requested by
Host: www.travelagencytribes.com
URL: https://www.travelagencytribes.com/down?site=antietamtravelservice.besttrip.tv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.81.251.175 Hillsboro, United States, ASN16276 (OVH, FR),
Reverse DNS
proxy1.gttwl.net
Software
Caddy nginx/1.12.2 + Phusion Passenger 5.2.1 / Phusion Passenger 5.2.1
Resource Hash
a8883bc180474bec5859cbb00c092eb96d48d2ee0d99416c6c3790d04bd7cb0d
Security Headers
Name Value
Strict-Transport-Security max-age=3000;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/tm/h/574?js=1&t=209e433c-e4d9-4ff9-977c-c0b9c91b34cd&req=https%3A%2F%2Fwww.travelagencytribes.com%2Fdown%3Fsite%3Dantietamtravelservice.besttrip.tv&ref=&kind=&kind_id=
pragma
no-cache
cookie
cart=60bac5e5-bc33-40fb-a5cb-4b6c50524638; _gttwl2_session=djVta2JnTG1CSTFQY2dreUVoRTl0S01QNkJDRXZRWFY2NDZIVE0zZGtQNTVMVWtqSk9ORm1zcTAreWx6SHFoWWZpanpSSE5CS0FxSDkxTFJkczRoUm1FS2Z3SU0xMTM5VFY2MlFaMEo2R1dKUmxuWS9LSUhaS2g3SWc2WitvdHh6aFlMd3MzYXdNOG4xNldtK2lSWWsyeHFLdzcvVG8xVm1oWm1Ia0E2dVIxb01EYVQzQ1dEZkJ5NFRsZG9zeXQ3LS1nMVRNZ3ljQ0VBdWJtSHJUSHRTaThnPT0%3D--8a6c4a3fa8f7d0259d131f6de5bd21d75e314cda; __tat_u=209e433c-e4d9-4ff9-977c-c0b9c91b34cd
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.travelagencytribes.com
referer
https://www.travelagencytribes.com/down?site=antietamtravelservice.besttrip.tv
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.travelagencytribes.com/down?site=antietamtravelservice.besttrip.tv
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 06:04:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-powered-by
Phusion Passenger 5.2.1
status
200 OK
content-length
30
x-xss-protection
1; mode=block
x-request-id
6d3998ed-360b-4269-bbd5-10144b1d8c11
x-ua-compatible
chrome=1
x-runtime
0.075294
server
Caddy nginx/1.12.2 + Phusion Passenger 5.2.1
etag
W/"fe46eec7bb2dbf27375ebcbf208b19c8"
strict-transport-security
max-age=3000;
content-type
text/javascript; charset=utf-8
cache-control
max-age=0, private, must-revalidate
set-cookie
_gttwl2_session=YXV2WGlHb3dVQU02NndrSWJlQ2ZtNGErRUZLSnZXcVNTeTlPd2QvaFhVRzIxZml6VERYOWtBUzF6ZWRJTTFRT1ZpK0ZFSytvaldSV2ZuUWZsSFFMcldZZUw1NjJXSlAvVE9wYS80RTB2QmtvenJ6UWRUeUtLOVFjcUY4QWorL05jK01Ic2k3c1JUT1h1ZFFTWDFwakNPa0hxSWRYNXpOVjFHbUFSTHBDRENhemd4dkZrbnlNUUxHTU0vVlowZmVBLS15ZnN6bFRNQjBDL0lFNSthcmRMWFRnPT0%3D--0e1dfb2d4869d931924456876ec806fc8d40d4cd; path=/; expires=Sun, 03 Oct 2021 06:04:52 -0000; HttpOnly
fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.5.0/fonts/
65 KB
66 KB
Font
General
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/fonts/fontawesome-webfont.woff2?v=4.5.0
Requested by
Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css
Origin
https://www.travelagencytribes.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 06:04:51 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
723, 617, 617, 617
access-control-allow-origin
*
cdn-cachedat
2021-07-24 16:51:41
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
66624
timing-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:54 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
font/woff2
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
e75a07526f53cffc7929bafe17bf0195
accept-ranges
bytes
cf-ray
697bbc584bb32199-DUS
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
visit
trackcmp.net/
0
385 B
Script
General
Full URL
https://trackcmp.net/visit?actid=798941141&e=&r=&u=https%3A%2F%2Fwww.travelagencytribes.com%2Fdown%3Fsite%3Dantietamtravelservice.besttrip.tv
Requested by
Host: www.travelagencytribes.com
URL: https://www.travelagencytribes.com/down?site=antietamtravelservice.besttrip.tv
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.204.196.81 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-204-196-81.compute-1.amazonaws.com
Software
Apache/2.4.48 (Amazon) / PHP/7.1.33
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.travelagencytribes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 06:04:52 GMT
server
Apache/2.4.48 (Amazon)
x-powered-by
PHP/7.1.33
p3p
CP="NON BUS INT NAV COM ADM CON CUR IVA IVD OTP PSA PSD TEL SAM"
cache-control
no-cache, private
x-privacy-policy
You can find our privacy policy here: https://www.activecampaign.com/help/privacy-policy/
content-type
text/javascript;charset=UTF-8
content-length
0
humanity
www.travelagencytribes.com/api/
36 B
479 B
XHR
General
Full URL
https://www.travelagencytribes.com/api/humanity
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/jquery/2.1.4/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.81.251.175 Hillsboro, United States, ASN16276 (OVH, FR),
Reverse DNS
proxy1.gttwl.net
Software
Caddy nginx/1.12.2 + Phusion Passenger 5.2.1 / Phusion Passenger 5.2.1
Resource Hash
e3da42a7910887d3b38e2492c068165a484b71094355be4805b7560cbc3189a8
Security Headers
Name Value
Strict-Transport-Security max-age=3000;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
x-requested-with
XMLHttpRequest
sec-fetch-dest
empty
cookie
cart=60bac5e5-bc33-40fb-a5cb-4b6c50524638; _gttwl2_session=djVta2JnTG1CSTFQY2dreUVoRTl0S01QNkJDRXZRWFY2NDZIVE0zZGtQNTVMVWtqSk9ORm1zcTAreWx6SHFoWWZpanpSSE5CS0FxSDkxTFJkczRoUm1FS2Z3SU0xMTM5VFY2MlFaMEo2R1dKUmxuWS9LSUhaS2g3SWc2WitvdHh6aFlMd3MzYXdNOG4xNldtK2lSWWsyeHFLdzcvVG8xVm1oWm1Ia0E2dVIxb01EYVQzQ1dEZkJ5NFRsZG9zeXQ3LS1nMVRNZ3ljQ0VBdWJtSHJUSHRTaThnPT0%3D--8a6c4a3fa8f7d0259d131f6de5bd21d75e314cda; __tat_u=209e433c-e4d9-4ff9-977c-c0b9c91b34cd; ac_enable_tracking=1
:path
/api/humanity
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.travelagencytribes.com
referer
https://www.travelagencytribes.com/down?site=antietamtravelservice.besttrip.tv
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept
*/*
Referer
https://www.travelagencytribes.com/down?site=antietamtravelservice.besttrip.tv
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-runtime
0.020103
date
Sat, 02 Oct 2021 06:04:52 GMT
x-content-type-options
nosniff
server
Caddy nginx/1.12.2 + Phusion Passenger 5.2.1
x-powered-by
Phusion Passenger 5.2.1
strict-transport-security
max-age=3000;
content-type
text; charset=utf-8
status
200 OK
x-xss-protection
1; mode=block
cache-control
max-age=0, private, must-revalidate
set-cookie
_gttwl2_session=Wkl1NnZXYndOZDBUcWdKNGJNMVBhU0dNOC9xUGVlYi9yVzBtZTd5ZnhJc2ZJNDA3d1hrWlkzcXVETTN3d0xld1hKdW55VjNVTU44VXFXR1FMcW5BWnVxa1I2VE1CZkpGZnhJbVc3ejI3alluRWoyVDhQcC9Wb284VXdvSmhEUEJmRi9KMHhPTWg5YXpIRFVQNWlsK3hZNTlRQXJCNXV5ZHZWdmNXU0grSXhxT0xyazRvTnpzVmFuQjVJUnhaK1BDLS1nV09JSnJ6c3p2c003SDFjd0U2OGFnPT0%3D--9221ed00b602ff43291c8db6218e65af9da3222b; path=/; expires=Sun, 03 Oct 2021 06:04:52 -0000; HttpOnly
content-length
36
etag
"8baec19b2764625c03cbdf8547835489"
x-request-id
9b92906b-0e5d-43ff-b90a-cdd4ce0a308d
x-ua-compatible
chrome=1

Verdicts & Comments Add Verdict or Comment

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect boolean| originAgentCluster object| google object| module$exports$mapsapi$util$event object| module$contents$mapsapi$overlay$overlayView_OverlayView function| _tat_add_script function| _tat_uuid object| _tat_cook string| _tat_u string| _tat_ref string| _tat_req string| _tat_img1 string| _tat_img2 boolean| trackByDefault function| acEnableTracking function| acTrackVisit function| $ function| jQuery object| Foundation object| geo_place object| geo_autocomplete object| geo_autocomplete2 number| sc number| tmv function| google_add_place function| google_add_place2

5 Cookies

Domain/Path Name / Value
www.travelagencytribes.com/ Name: cart
Value: 60bac5e5-bc33-40fb-a5cb-4b6c50524638
www.travelagencytribes.com/ Name: __tat_u
Value: 209e433c-e4d9-4ff9-977c-c0b9c91b34cd
www.travelagencytribes.com/ Name: ac_enable_tracking
Value: 1
www.travelagencytribes.com/ Name: _gttwl2_session
Value: YXV2WGlHb3dVQU02NndrSWJlQ2ZtNGErRUZLSnZXcVNTeTlPd2QvaFhVRzIxZml6VERYOWtBUzF6ZWRJTTFRT1ZpK0ZFSytvaldSV2ZuUWZsSFFMcldZZUw1NjJXSlAvVE9wYS80RTB2QmtvenJ6UWRUeUtLOVFjcUY4QWorL05jK01Ic2k3c1JUT1h1ZFFTWDFwakNPa0hxSWRYNXpOVjFHbUFSTHBDRENhemd4dkZrbnlNUUxHTU0vVlowZmVBLS15ZnN6bFRNQjBDL0lFNSthcmRMWFRnPT0%3D--0e1dfb2d4869d931924456876ec806fc8d40d4cd
trackcmp.net/ Name: cmp798941141
Value: ba5c5f2b2f7f238cd63749b1a18456be

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=3000;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block