www.travelbyjen.com Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://click.icptrack.com/icp/relay.php?r=1098640993&msgid=32083069&act=V2OG&c=100941&pid=16752192&destination=https%3A%2F...
Effective URL:
https://www.travelbyjen.com/
Submission: On November 17 via manual (November 17th 2023, 9:07:48 pm UTC) from US — Scanned from DE

Summary HTTP 56 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 10 IPs in 4 countries across 10 domains to perform 56 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.travelbyjen.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on February 22nd 2023. Valid for: a year.

This is the only time www.travelbyjen.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	104.18.28.148 104.18.28.148	13335 (CLOUDFLAR...) (CLOUDFLARENET)
25	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	104.18.30.34 104.18.30.34	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3030::ac43:ad71	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:400c:c0a::9c	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f17... 2a03:2880:f176:84:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
6	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
56	10

1 104.18.28.148 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

click.icptrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

www.travelbyjen.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.18.30.34 (None, )

ASN13335 (CLOUDFLARENET, US)

app.icontact.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3030::ac43:ad71 (United States)

ASN13335 (CLOUDFLARENET, US)

www.jetsetvacations.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0a::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	travelbyjen.com www.travelbyjen.com	138 KB
14	gstatic.com www.gstatic.com fonts.gstatic.com	692 KB
6	google.com www.google.com — Cisco Umbrella Rank: 2	98 KB
5	icontact.com app.icontact.com — Cisco Umbrella Rank: 41761	5 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 174	89 KB
2	google-analytics.com 1 redirects ssl.google-analytics.com — Cisco Umbrella Rank: 574	17 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 110	185 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 78	337 B
1	jetsetvacations.com www.jetsetvacations.com
1	icptrack.com 1 redirects click.icptrack.com — Cisco Umbrella Rank: 37008	194 B
56	10

	Domain	Requested by
25	www.travelbyjen.com	www.travelbyjen.com
9	www.gstatic.com	www.google.com www.gstatic.com
6	www.google.com	app.icontact.com www.gstatic.com www.google.com
5	fonts.gstatic.com	www.google.com
5	app.icontact.com	www.travelbyjen.com app.icontact.com
2	connect.facebook.net	www.travelbyjen.com connect.facebook.net
2	ssl.google-analytics.com	1 redirects www.travelbyjen.com
1	www.facebook.com	www.travelbyjen.com
1	stats.g.doubleclick.net	www.travelbyjen.com
1	www.jetsetvacations.com	www.travelbyjen.com
1	click.icptrack.com	1 redirects
56	11

This site contains links to these domains. Also see Links.

Domain
www.jetsetvacations.com
www.onestarmedia.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-02-22` - `2024-02-22`	a year	crt.sh
icontact.com Cloudflare Inc ECC CA-3	`2023-06-18` - `2024-06-17`	a year	crt.sh
jetsetvacations.com Cloudflare Inc ECC CA-3	`2023-06-03` - `2024-06-02`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-08-27` - `2023-11-25`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://www.travelbyjen.com/
Frame ID: 9F1F901B28DA44D77E5BF2B8DDEC082D
Requests: 38 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeCZCcUAAAAALhxcQ5fN80W6Wa2K3GqRQK6WRjA&co=aHR0cHM6Ly93d3cudHJhdmVsYnlqZW4uY29tOjQ0Mw..&hl=de&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=5b9eo2392gru
Frame ID: 63551D7C870DC5F5B2343B21BA502855
Requests: 7 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=-QbJqHfGOUB8nuVRLvzFLVed&k=6LeCZCcUAAAAALhxcQ5fN80W6Wa2K3GqRQK6WRjA
Frame ID: B7A0935A0D1F3FAAA0F90DA835ED4092
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

TravelByJen : Travel agency specializing in discount travel and personal service

Page URL History Show full URLs

https://click.icptrack.com/icp/relay.php?r=1098640993&msgid=32083069&act=V2OG&c=100941&pid=16752192&des... HTTP 302
https://www.travelbyjen.com/ Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

<div[^>]+class="g-recaptcha"
/recaptcha/api\.js

Page Statistics

56
Requests

98 %
HTTPS

82 %
IPv6

10
Domains

11
Subdomains

10
IPs

4
Countries

1039 kB
Transfer

2487 kB
Size

7
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: http://www.jetsetvacations.com/cruise.php

Search URL Search Domain Scan URL

URL: http://www.onestarmedia.com/
Title: OneStarMedia

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://click.icptrack.com/icp/relay.php?r=1098640993&msgid=32083069&act=V2OG&c=100941&pid=16752192&destination=https%3A%2F%2Fwww.travelbyjen.com%2F&cf=147265&v=387a98450ff2d4808533def6fa016b3d6201a62cdc4fa34565405b597d82f784 HTTP 302
https://www.travelbyjen.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=874422008&utmhn=www.travelbyjen.com&utmcs=windows-1252&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=TravelByJen%20%3A%20Travel%20agency%20specializing%20in%20discount%20travel%20and%20personal%20service&utmhid=911904540&utmr=-&utmp=%2F&utmht=1700255263213&utmac=UA-27374530-1&utmcc=__utma%3D256534350.1951859176.1700255263.1700255263.1700255263.1%3B%2B__utmz%3D256534350.1700255263.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=2116423525&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-27374530-1&cid=1951859176.1700255263&jid=2116423525&_v=5.7.2&z=874422008

56 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.travelbyjen.com/
Redirect Chain

https://click.icptrack.com/icp/relay.php?r=1098640993&msgid=32083069&act=V2OG&c=100941&pid=16752192&destination=https%3A%2F%2Fwww.travelbyjen.com%2F&cf=147265&v=387a98450ff2d4808533def6fa016b3d6201...
https://www.travelbyjen.com/

255 KB
46 KB

875ms
814ms

Document
text/html

2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.travelbyjen.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b2fcc8417d561ab17c6737032e877d99f051e44955ddba1b202b236c7bee945a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 827af1d58c0a3665-FRA
content-encoding: br
content-type: text/html
date: Fri, 17 Nov 2023 21:07:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=snHVmCimBf52h7F6qT8wYCYDhb9CYkc8SjE8rCB3SW7boFQ3%2FE2JG4UP0aeeWWVhFvq87uF5LfAtqlK8QkXjWoqF10L1Ezn%2FpJVnPcm9r7eLSWAeqZKfRURFhTlwUl8eQGw1zSEp%2BtTlkAxkNIMKhsO6"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

access-control-allow-origin: https://ui.icontact.com
cf-cache-status: DYNAMIC
cf-ray: 827af1d4486a37d8-FRA
content-length: 0
content-type: text/html; charset=utf-8
date: Fri, 17 Nov 2023 21:07:40 GMT
location: https://www.travelbyjen.com/
server: cloudflare
x-cnection: close
x-robots-tag: noindex, nofollow

GET
H2 200 jen.css
www.travelbyjen.com/ 4 KB
1 KB 613ms
611ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.travelbyjen.com/jen.css
Requested by: Host: www.travelbyjen.com
URL: https://www.travelbyjen.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eeebc0488950ff1d1010707d8c96a7f1036f777235c0dc3230f182c40d814091

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.travelbyjen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:07:42 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Wed, 17 Jun 2009 00:02:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"2004306-fee-46c80026aa5c0-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FSu%2F5K6mrhzp6KPbiJJezaTkOkR4t5rA3GfyHFtKJMvoiueqkmj2CyoaR%2BbxNzep7optsyzq0IUmlwgV2LCl2BLQ7uWw9mE58ho0h2d92A%2FQdD%2BkvE12miijdxs6LmXJxIPWTO0w6QvjZu6bqlvjbFfV"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=7200
cf-ray: 827af1daa9483665-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 formGlobalStyles.css
app.icontact.com/icp/static/human/css/signupBuilder/ 10 KB
2 KB 72ms
21ms Stylesheet
text/css 104.18.30.34
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.icontact.com/icp/static/human/css/signupBuilder/formGlobalStyles.css
Requested by: Host: www.travelbyjen.com
URL: https://www.travelbyjen.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.30.34 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c7d3c6c064a36de471b6c80e98e5b91dc3a0851d81c4e9cc0aa14f378748d19

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.travelbyjen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:07:41 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 20 Feb 2012 20:29:33 GMT
server: cloudflare
age: 332229
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: https://ui.icontact.com
cache-control: public, max-age=31536000
x-cnection: close
accept-ranges: bytes
cf-ray: 827af1dafec91cbf-FRA
content-length: 1305
expires: Sat, 16 Nov 2024 21:07:41 GMT

GET
H2 200 rocket-loader.min.js Show response
www.travelbyjen.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 11ms
10ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.travelbyjen.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: www.travelbyjen.com
URL: https://www.travelbyjen.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.travelbyjen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:07:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 16 Nov 2023 21:55:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65568fe4-302c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xd0n6ZCwxF%2FhTdhRe6dOkE1m9rPXeCNPeo%2Fx4cEv2tRecR2IlFnz%2FDajr4gcd3ZO%2FVzv7aPtJPoNhZ%2F59Jz55EqhG3RpzaVUw%2Bw8HdOV0P9WQg%2FF08nDaa7TllTlfTt6%2BaReuQvzrtSofvTCBPUTY%2B4E"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 827af1daa9493665-FRA
expires: Sun, 19 Nov 2023 21:07:41 GMT

GET
H2 200 top_logo.jpg
www.travelbyjen.com/img/ 13 KB
14 KB 621ms
620ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.travelbyjen.com/img/top_logo.jpg
Requested by: Host: www.travelbyjen.com
URL: https://www.travelbyjen.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b79992169d15d2b89f704a0adbe24531f86e665962d673b2be84aa22cd5a831e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.travelbyjen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:07:42 GMT
cf-cache-status: MISS
last-modified: Tue, 16 Jun 2009 23:57:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "2626d13-35be-46c7fee35eb00"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t%2BNSA0C2SWGWRPwW%2F4HDKOnUDUVqtXeUFnW68kB9xadkLpO5mfz1FZz5pZzs5q1514I7Tzs6Sbd5MKrkSsvSePviKLzL1PtbTltVsBDpKdW3JKfXOTVKOLij7LgHOc8cCfUyz2hoc5nOV2Fqc%2BN0v0%2FT"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=7200
accept-ranges: bytes
cf-ray: 827af1daa94d3665-FRA
alt-svc: h3=":443"; ma=86400
content-length: 13758

GET
H2 200 top_2.jpg
www.travelbyjen.com/img/ 14 KB
14 KB 611ms
610ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.travelbyjen.com/img/top_2.jpg
Requested by: Host: www.travelbyjen.com
URL: https://www.travelbyjen.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ae90333755ae81b485c03e5539edc3df19d87f91fd6fc9bcbc589a14b36db701

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.travelbyjen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:07:42 GMT
cf-cache-status: MISS
last-modified: Mon, 01 Feb 2016 18:50:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "2626d0c-3728-52ab9db4b1300"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VWvpYocFrX4C%2FS%2B3%2BGZqRFR4HBuKomNG5JApmdFEDM5jJ9X0R6FlBbU7hoOjQODW9TaQaA6mRzIiUPq0CKmZjgHwd78CFaHej5TdaMsqRkxsZBEcRtWQfeUWvQFLd1zmbNwSLcj0O3DPIROqrFZdrajI"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=7200
accept-ranges: bytes
cf-ray: 827af1daa94e3665-FRA
alt-svc: h3=":443"; ma=86400
content-length: 14120

GET
H3 200 top_2_bot.jpg
www.travelbyjen.com/img/ 12 KB
13 KB 613ms
612ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.travelbyjen.com/img/top_2_bot.jpg
Requested by: Host: www.travelbyjen.com
URL: https://www.travelbyjen.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0302c0a5dce44524744b97b4f28bacb38e4b436f3d2a7b373a3dd23ae11950bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.travelbyjen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:07:43 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 16 Jun 2009 23:56:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "2626d0e-3004-46c7fedf8e200"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vDtzJ1SDZyHj0hUfPytIINZcS4cSTpRhoGyJUDhyIe56T7GpaA1RES9g4j3XsoeAsTpWadCW%2BZf%2FqoPVW3mY9xAISKelD%2Fg48Fh9Yk8iWhkYW0LdNlEYpix8z67IcjcO96KjMlusWK6EgMlAUTd5arTM"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=7200
accept-ranges: bytes
cf-ray: 827af1de7dde19a9-FRA
alt-svc: h3=":443"; ma=86400
content-length: 12292

GET
H3 200 sign-top.gif
www.travelbyjen.com/img/ 8 KB
8 KB 611ms
611ms Image
image/gif 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.travelbyjen.com/img/sign-top.gif
Requested by: Host: www.travelbyjen.com
URL: https://www.travelbyjen.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4943a5c92c5c6d475c8d1a650c5bc5c7c023e95224bc81a357bd7e93d339ab7f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.travelbyjen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:07:43 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 16 Jun 2009 23:56:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "2626cff-2018-46c7feca93080"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pbv1u046clas4jCUrDlQthYClJa1xVYFS8NphXbD2CkBRmOAgVl7xIpZT9QCyzFUuwef11e%2FxxYmIBPx4vCZwh8L21dPlJJY2Bh%2FrhBR6ekmONoCnhqoZ1ROHeXnIimGyiuqugDWKBuRTyF%2F0fR9bN85"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=7200
accept-ranges: bytes
cf-ray: 827af1de8de819a9-FRA
alt-svc: h3=":443"; ma=86400
content-length: 8216

GET
H3 200 signl.gif
www.travelbyjen.com/img/ 180 B
649 B 611ms
611ms Image
image/gif 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.travelbyjen.com/img/signl.gif
Requested by: Host: www.travelbyjen.com
URL: https://www.travelbyjen.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2c295a53c54223191739da9976ba2e585495365b86182c7471f722e0a225a21f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.travelbyjen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:07:43 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 16 Jun 2009 23:56:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "2626d00-b4-46c7fec8aac00"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TnvzL7neOYxriEzcIyD3tYFQS7pOxgZiiKvLYhHyQAJsOdhhNlRtw12dQwIwVu1ePCi1LSfpcW3cKlvYZ1JLdb6BLK1I8CDe8KbD3nTjV9hecANwkbSjf3CYPCK3Prt8JvlD6x2Fdsvpz8tGE18%2BR8Rd"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=7200
accept-ranges: bytes
cf-ray: 827af1e27a2819a9-FRA
alt-svc: h3=":443"; ma=86400
content-length: 180

GET
H2 200 tracking.gif
app.icontact.com/icp/core/signup/ 43 B
229 B 536ms
535ms Image
image/gif 104.18.30.34
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://app.icontact.com/icp/core/signup/tracking.gif?id=270&cid=100941&lid=147265
Requested by: Host: www.travelbyjen.com
URL: https://www.travelbyjen.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.30.34 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.travelbyjen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 21:07:43 GMT
cf-cache-status: MISS
last-modified: Fri, 17 Nov 2023 21:07:43 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: https://ui.icontact.com
cache-control: no-store, no-cache, must-revalidate
x-cnection: close
accept-ranges: bytes
x-robots-tag: noindex, nofollow
cf-ray: 827af1e25e5c1cbf-FRA
content-length: 43
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 signr.gif
www.travelbyjen.com/img/ 201 B
675 B 610ms
609ms Image
image/gif 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.travelbyjen.com/img/signr.gif
Requested by: Host: www.travelbyjen.com
URL: https://www.travelbyjen.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a63b8d0df54fd4c2c27244cebff92c02ed311d46761912654d50a3cfda1b1d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.travelbyjen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:07:43 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 16 Jun 2009 23:56:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "2626d01-c9-46c7fec8aac00"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BUf8%2BVrGbuRWwnImGKtThyYokvyeJaUntJjUyHKXLitEHq1s8rd1oXhZfhEetBbBssNg5Xb5JIXzy7uiG%2FTBDow%2FD9slvTS2tWi3Pknsd3CxSwkrJYIH4XzypGknySWP33lUsXtIc%2BqTjTuViepiRW7s"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=7200
accept-ranges: bytes
cf-ray: 827af1e29a5519a9-FRA
alt-svc: h3=":443"; ma=86400
content-length: 201

GET
H3 200 top_right_1.gif
www.travelbyjen.com/img/ 662 B
1 KB 614ms
610ms Image
image/gif 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.travelbyjen.com/img/top_right_1.gif
Requested by: Host: www.travelbyjen.com
URL: https://www.travelbyjen.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5cabfa32f88d2cba9b59f714e4b008e734f8e2f39204928da94b45c6c426587d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.travelbyjen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:07:43 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 16 Jun 2009 23:56:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "2626d14-296-46c7fee26a8c0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x6c1B2mgVzuSy%2FgmcaX4iAFKyjGzgmsEiAU2U2yScng20gu3QbNZ%2FmXU5a5yKXZIW4it3Bjkeumm7zaok%2BLwMIoJ%2F6Bf%2FKwpgRLlRKdzyE09aeRQCEGgB2C1L0LfHnZaNfUFIZ8xBQQr4l0ZEGc6rzrw"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=7200
accept-ranges: bytes
cf-ray: 827af1e29a5a19a9-FRA
alt-svc: h3=":443"; ma=86400
content-length: 662

GET
H3 200 top_right_2.gif
www.travelbyjen.com/img/ 823 B
1 KB 614ms
611ms Image
image/gif 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.travelbyjen.com/img/top_right_2.gif
Requested by: Host: www.travelbyjen.com
URL: https://www.travelbyjen.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4842f3be25ff4f5c36eb0d7e565d21625fc42dd412a16b1c9907d5a79dd3f98d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.travelbyjen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:07:43 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 16 Jun 2009 23:57:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "2626d16-337-46c7fee452d40"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0HvRE0gJjOgtFJxpRkVnQJQu9Bjv5VvdGNozX3IphDfymf5x2W4y8i6LTXUIOP7VHK%2Bs9depiAkuCzBfcr5IKzsCOVeVWlye8sGPImXC7KX3jO2%2FElHkELQ0nnzirGoB504JuLZU53aHym9n8WqWTwSO"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=7200
accept-ranges: bytes
cf-ray: 827af1e29a5b19a9-FRA
alt-svc: h3=":443"; ma=86400
content-length: 823

GET
H3 200 top_tel.gif
www.travelbyjen.com/img/ 1 KB
2 KB 614ms
610ms Image
image/gif 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.travelbyjen.com/img/top_tel.gif
Requested by: Host: www.travelbyjen.com
URL: https://www.travelbyjen.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8435a597c6eae836d4808dae301d8fb2e0a0edd3eb3329f2b705c34f45fd33e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.travelbyjen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:07:43 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 19 Sep 2023 14:27:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "26201a7-4d6-605b70da4ed5c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dFUYCKJBQ70iEo3mAC9AnmkvSb%2BJtDEdNAFQcASCCd7IEK4M8HneSaEf9lb8fBExFGGzqkk9BSL8dgE8VuH4vbSahZd10L5c6NQ6AtV3T4C0lZqgwMHzWYLZGs5TuInFVva1DNWCndDwQVcZ14qQTj3G"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=7200
accept-ranges: bytes
cf-ray: 827af1e29a5d19a9-FRA
alt-svc: h3=":443"; ma=86400
content-length: 1238

GET
H3 200 nav_top.gif
www.travelbyjen.com/img/ 2 KB
3 KB 613ms
609ms Image
image/gif 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.travelbyjen.com/img/nav_top.gif
Requested by: Host: www.travelbyjen.com
URL: https://www.travelbyjen.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c86c420a2ace6b09b3995339ad10f59c14b0ff6fe6404525660e83703115754

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.travelbyjen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:07:43 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 16 Jun 2009 23:20:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "2626cee-88b-46c7f6bad2b80"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B63XKma3OLgTrVbvzsZje8Bp8Qo%2B5UPkgfqZ3eZYuWJU2s8ulFmsh4%2FrZc6Gqad611zHJjG6lL%2BIP75mVoEy5XzpRRDBp%2BGXSmVwuzdfNJBFCbtoE%2BHM%2Bx2MheSs6CVa%2FK3Zw5E7%2F%2BfoXXtmgRhquBHh"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=7200
accept-ranges: bytes
cf-ray: 827af1e29a5e19a9-FRA
alt-svc: h3=":443"; ma=86400
content-length: 2187

GET
H3 200 bullet_up.gif
www.travelbyjen.com/img/ 472 B
947 B 611ms
608ms Image
image/gif 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.travelbyjen.com/img/bullet_up.gif
Requested by: Host: www.travelbyjen.com
URL: https://www.travelbyjen.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 15135131e8eb9cebb240f6e4fef1897a55868095a3d7fe2f4e95289b8df760e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.travelbyjen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:07:43 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 16 Jun 2009 23:20:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "2626cbb-1d8-46c7f6a8b40c0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AeT4c0DdiMOjmzB1uBSczTAnIkPU1yScLIgZGq4Ir8ZnY7nyBjKAndBYQV1tlhlBRrrb5hQT6mXqdVpmcxW%2FUjnkcPQDxkDmpOlXVA0n2FwFTD7WQ62j96WbY6OqAqzIBU251KBQeyYx6%2Bj5sXYorsqt"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=7200
accept-ranges: bytes
cf-ray: 827af1e29a6019a9-FRA
alt-svc: h3=":443"; ma=86400
content-length: 472

GET
H3 200 nav_bot.gif
www.travelbyjen.com/img/ 1 KB
2 KB 615ms
612ms Image
image/gif 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.travelbyjen.com/img/nav_bot.gif
Requested by: Host: www.travelbyjen.com
URL: https://www.travelbyjen.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 72cf21a525cd53de503b4fd212d8deb8d6da381febb9b360f62cd593b456b5d2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.travelbyjen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:07:43 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 16 Jun 2009 23:20:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "2626ced-4a3-46c7f6bad2b80"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G33YfRNPEGWzZ9VwL6X3uiIP9WNYy%2BQgXaiFozjeA3MJXrkeL2WYUpyUwlQqKqF6LakybOBu%2BULn6bbvINNuFQ7CU1zTrdAiyt%2B9L9%2F82xuZQgKliKKxtk%2FAto1IEzb7lY6C4%2FBA4UMSNzn%2F9L8yaArH"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=7200
accept-ranges: bytes
cf-ray: 827af1e29a6119a9-FRA
alt-svc: h3=":443"; ma=86400
content-length: 1187

GET
H2 403 tbj-full-fare-advertising.jpg
www.jetsetvacations.com/images/deals/ 0
0 276ms
31ms Image
text/html 2606:4700:3030::ac43:ad71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.jetsetvacations.com/images/deals/tbj-full-fare-advertising.jpg
Requested by: Host: www.travelbyjen.com
URL: https://www.travelbyjen.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:ad71 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.travelbyjen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H3 200 block_top.gif
www.travelbyjen.com/img/ 546 B
1018 B 620ms
618ms Image
image/gif 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.travelbyjen.com/img/block_top.gif
Requested by: Host: www.travelbyjen.com
URL: https://www.travelbyjen.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 846e0bb1c71f90a1575cc4712d49127c4d6faaf051203013fa1aff9e677e5032

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.travelbyjen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:07:43 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 16 Jun 2009 23:19:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "2626c9e-222-46c7f69789840"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3M5mY1BP2Wmbv0uigtGuGnKSrWHCqb0ruI57VV%2Bz9WH4z3AaRqkBTlJk80o5K4F9U0tVoho9WzY8p6WeMlmTdvNjvkV1N5S9pnYYOK1G8Nr4bh3fASrQ6PXpB44lHAGdsWhO1XfPXgl168dKYSFm7WQJ"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=7200
accept-ranges: bytes
cf-ray: 827af1e29a6319a9-FRA
alt-svc: h3=":443"; ma=86400
content-length: 546

GET
H3 200 block_bot_alldeals.gif
www.travelbyjen.com/img/ 2 KB
2 KB 614ms
612ms Image
image/gif 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.travelbyjen.com/img/block_bot_alldeals.gif
Requested by: Host: www.travelbyjen.com
URL: https://www.travelbyjen.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c6039b2bec9f4f793baff7c42d5f282df88c0837b9c252e493ceaefe34d75f4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.travelbyjen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:07:43 GMT
cf-cache-status: MISS
last-modified: Tue, 16 Jun 2009 23:19:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "2626c9d-66f-46c7f69695600"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KdJ7Co6sAnFmpHSkmXhwcawFSDZFIGhlEf9ULf3OCo0upi3P49xBXIe0LGNNXijyaTBHI4Wxxu3eoXsxODk7%2FPPFZZ5%2FvbMSUK6jXCdg8a5E65Bsv3lvA4iqEStnWoMDAlowfAaj%2B9NnATji07Xy5myY"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=7200
accept-ranges: bytes
cf-ray: 827af1e29a6419a9-FRA
alt-svc: h3=":443"; ma=86400
content-length: 1647

GET
H3 200 block_bot.gif
www.travelbyjen.com/img/ 549 B
1 KB 613ms
611ms Image
image/gif 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.travelbyjen.com/img/block_bot.gif
Requested by: Host: www.travelbyjen.com
URL: https://www.travelbyjen.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0646d48b2da314ec33040f2a55e6b795204de37bd16cb24ed8e11f08d3cc8bdb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.travelbyjen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:07:43 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 16 Jun 2009 23:19:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "2626c9b-225-46c7f69695600"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AuPAtx%2FUg5IZeN%2Bb1j0iOllBNPjhak8GEC5ef1D8deR5rrMbQ6JsCFAreLeemiV5GtWtzvZggU0sDMaFK5Ud2N98LaKqWMSUhQ7G2j8TF7z%2FWZ3CEOQjIsaVAN8YUS5t0XJg1dwwRWMst2J%2FAJf98QcF"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=7200
accept-ranges: bytes
cf-ray: 827af1e29a6519a9-FRA
alt-svc: h3=":443"; ma=86400
content-length: 549

GET
H3 200 banner-cruise.jpg
www.travelbyjen.com/img/ 18 KB
19 KB 638ms
636ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.travelbyjen.com/img/banner-cruise.jpg
Requested by: Host: www.travelbyjen.com
URL: https://www.travelbyjen.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a2bfc94643c9be095dc379c239b7b85423792cce91a465c8593521c6e24cd79f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.travelbyjen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:07:43 GMT
cf-cache-status: MISS
last-modified: Tue, 16 Jun 2009 23:19:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "2626c95-487f-46c7f693b8f40"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kPeKZ4ddMmBsRZNOe6OU4n0I5iMu1irO5eQI54IG0Gm1r5VtsXEc2%2FM0XAQ2mJZrYRatlaiEFIxFbjr7MbQz3dtsPN%2F%2FUJAZCiCcGN3F3kAD3qi07uuoPEuluGSd5kay3U3Pek8KvAX%2BSDx5mo%2Be9SU4"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=7200
accept-ranges: bytes
cf-ray: 827af1e29a6719a9-FRA
alt-svc: h3=":443"; ma=86400
content-length: 18559

GET
H3 200 spacer.gif
www.travelbyjen.com/img/ 43 B
517 B 620ms
618ms Image
image/gif 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.travelbyjen.com/img/spacer.gif
Requested by: Host: www.travelbyjen.com
URL: https://www.travelbyjen.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.travelbyjen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:07:43 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 16 Jun 2009 23:56:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "2626d04-2b-46c7feca93080"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bJlijOrcgXOLcFe2diNQGW9QkY%2BzKpxrOrD4GOwbQp62Z58tr77St09Ya0K%2FyFcWjJB%2BGMKqaALNXrkgwKeM2gup8GSgsFVN4UkpEuEJ1dmMixOFNnX36qBPO7rLt39vUXR5Pem5Kkeg8T8n2nfGUghY"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=7200
accept-ranges: bytes
cf-ray: 827af1e29a6919a9-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43

GET
H3 200 email-decode.min.js Show response
www.travelbyjen.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 9ms
8ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.travelbyjen.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: www.travelbyjen.com
URL: https://www.travelbyjen.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.travelbyjen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:07:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 16 Nov 2023 21:55:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65568fe4-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xxKaeuZiTQQ4%2B2rqT6sgsEyYuobt6fIhBKJA9ZH3johX7sOSnXW3YwUEkv9KXhYmo6bqmNuquxRoIVXhiYCI%2FY32LlMVdkrZw2NavYWf8vxvJCzJQNwzvdIDCCC9rY4H%2FK2usDbHD%2F6MMXjx%2BVMtxpBQ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 827af1e25a0a19a9-FRA
expires: Sun, 19 Nov 2023 21:07:43 GMT

GET
H3 200 roll.js Show response
www.travelbyjen.com/ 1 KB
976 B 616ms
616ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.travelbyjen.com/roll.js
Requested by: Host: www.travelbyjen.com
URL: https://www.travelbyjen.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf7f502f937d01f91295c7380ab1b2b4b7896d7840a9d05b82cad86faebe88f7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.travelbyjen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:07:43 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Wed, 17 Jun 2009 00:02:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"2004367-415-46c800063d940-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ObZhFR4%2BA%2BoejEXqYXkB3Sra3WqwmT0MSIYfuLW7xL1pLJBVelCYVFLId7Bhqxktd3xE0ORJv2q4t4%2BcapkGCyA1BSDu73%2BDkmTpAwrVzcu5901L9eyDHTLUgxuHbaPW5Fo8I9cfbR6UTyyhbKoFoLgy"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=7200
cf-ray: 827af1de8de219a9-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 43ms
8ms Script
text/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: www.travelbyjen.com
URL: https://www.travelbyjen.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.travelbyjen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 17 Nov 2023 19:20:22 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 6441
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17168
expires: Fri, 17 Nov 2023 21:20:22 GMT

GET
H2 200 validation-captcha.js Show response
app.icontact.com/icp/static/form/javascripts/ 6 KB
2 KB 14ms
14ms Script
application/javascript 104.18.30.34
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.icontact.com/icp/static/form/javascripts/validation-captcha.js
Requested by: Host: www.travelbyjen.com
URL: https://www.travelbyjen.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.30.34 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d37428034573475170e66119bd415d46092d33f0108a7b0909a09e998d23f674

Request headers

Referer: https://www.travelbyjen.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Fri, 17 Nov 2023 21:07:43 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 20 Feb 2012 20:29:33 GMT
server: cloudflare
age: 686901
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: https://ui.icontact.com
cache-control: public, max-age=31536000
x-cnection: close
accept-ranges: bytes
cf-ray: 827af1e26e5f1cbf-FRA
content-length: 1845
expires: Sat, 16 Nov 2024 21:07:43 GMT

GET
H2 200 tracking.js Show response
app.icontact.com/icp/static/form/javascripts/ 0
49 B 15ms
15ms Script
application/javascript 104.18.30.34
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.icontact.com/icp/static/form/javascripts/tracking.js
Requested by: Host: www.travelbyjen.com
URL: https://www.travelbyjen.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.30.34 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.travelbyjen.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Fri, 17 Nov 2023 21:07:43 GMT
cf-cache-status: HIT
last-modified: Mon, 20 Feb 2012 20:29:33 GMT
server: cloudflare
age: 395779
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: https://ui.icontact.com
cache-control: public, max-age=31536000
x-cnection: close
accept-ranges: bytes
cf-ray: 827af1e27e791cbf-FRA
content-length: 0
expires: Sat, 16 Nov 2024 21:07:43 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 202 KB
54 KB 37ms
8ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.travelbyjen.com
URL: https://www.travelbyjen.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.travelbyjen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 17 Nov 2023 21:07:43 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54273
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: 5u8qwQgIxKtg+jSbPbNKLHKsnXKr2YsZZ3paxCbGGH1IM9EpMJt6wpiSRHEqCJ45+tEhOYZ2oHPuCCDERkTJ7A==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 select-arrow-black.png
app.icontact.com/icp/static/human/images/icons/ 956 B
1 KB 16ms
15ms Image
image/png 104.18.30.34
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://app.icontact.com/icp/static/human/images/icons/select-arrow-black.png
Requested by: Host: app.icontact.com
URL: https://app.icontact.com/icp/static/human/css/signupBuilder/formGlobalStyles.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.30.34 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ffa0820dc58ed25c0b93540f265f68a9e98aa594797ec37705250bd64c87d45a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.icontact.com/icp/static/human/css/signupBuilder/formGlobalStyles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:07:43 GMT
cf-cache-status: HIT
last-modified: Mon, 20 Feb 2012 20:29:33 GMT
server: cloudflare
age: 240528
etag: "3bc-4b96b26f3e540"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: https://ui.icontact.com
cache-control: public, max-age=604800
x-cnection: close
accept-ranges: bytes
cf-ray: 827af1e2aea11cbf-FRA
content-length: 956
expires: Fri, 24 Nov 2023 21:07:43 GMT

GET
H3 200 block_bg.gif
www.travelbyjen.com/img/ 64 B
542 B 611ms
611ms Image
image/gif 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.travelbyjen.com/img/block_bg.gif
Requested by: Host: www.travelbyjen.com
URL: https://www.travelbyjen.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 357dfba7c71a928dd5307fef9d49e11e8bc73aa988194ab1f6d1ba432ffdc76e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.travelbyjen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:07:43 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 16 Jun 2009 23:19:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "2626c99-40-46c7f695a13c0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FCDeayEUzCquq9lm3yR4vTPebj1cJsQNvAel4Tl8jwq%2FAaEksSc%2Fmhn%2FKZzsJusYe2tZ%2FgsP23NrWOPfOZTlDkT%2FmvheYmZlUIf8RuDW6SVgfupJVABuV1HTdyeYfgOyeJIJ9OR7Kn%2Byx9CSIw2jnQIY"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=7200
accept-ranges: bytes
cf-ray: 827af1e2aa7019a9-FRA
alt-svc: h3=":443"; ma=86400
content-length: 64

GET
H3 200 bottom_bg.gif
www.travelbyjen.com/img/ 312 B
791 B 610ms
610ms Image
image/gif 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.travelbyjen.com/img/bottom_bg.gif
Requested by: Host: www.travelbyjen.com
URL: https://www.travelbyjen.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1fea1067084bef4ec7a5c0568a13d2f33ed821473c21e67570bc5b157b153e7a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.travelbyjen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:07:43 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 16 Jun 2009 23:20:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "2626cb9-138-46c7f6a7bfe80"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RtXBs%2B4JehWJoC4gD3tpsoxdjkAvtkL45oXvDFUp9CUXR%2BRXGg%2BvyNcNjD0zrr8ky3rwzP%2BOgDhSI0ssXqBacT1N1a10rjeCTkASJ%2Bn80Z3fIrScYTGl%2FQ0wNFR6GNcv6H2kTMgM0U54O3EeTQiRY8C5"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=7200
accept-ranges: bytes
cf-ray: 827af1e2aa7719a9-FRA
alt-svc: h3=":443"; ma=86400
content-length: 312

GET
H2

200

collect
stats.g.doubleclick.net/r/
Redirect Chain

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=874422008&utmhn=www.travelbyjen.com&utmcs=windows-1252&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-27374530-1&cid=1951859176.1700255263&jid=2116423525&_v=5.7.2&z=874422008

35 B
337 B

57ms
19ms

Image
image/gif

2a00:1450:400c:c0a::9c
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-27374530-1&cid=1951859176.1700255263&jid=2116423525&_v=5.7.2&z=874422008

Requested by

Host: www.travelbyjen.com
URL: https://www.travelbyjen.com/

Protocol

Server

2a00:1450:400c:c0a::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.travelbyjen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 17 Nov 2023 21:07:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 17 Nov 2023 21:07:43 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/html; charset=UTF-8
location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-27374530-1&cid=1951859176.1700255263&jid=2116423525&_v=5.7.2&z=874422008
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 370
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 411949113456966 Show response
connect.facebook.net/signals/config/ 133 KB
35 KB 9ms
8ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/411949113456966?v=2.9.138&r=stable&domain=www.travelbyjen.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b351c93af73bd6376b1ce448efece6059ac65b445b9c002bed75ab7289350a67

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.travelbyjen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 17 Nov 2023 21:07:43 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 35340
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: cUC7EKKImEsQA6n1SIiF6gY8hj4rxoINZ1u1dRB1ywuTaj7aBKaoFela3+otsCVh0p5TFaDOQGdOXFaXx7xz7g==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 66ms
7ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=411949113456966&ev=PageView&dl=https%3A%2F%2Fwww.travelbyjen.com%2F&rl=&if=false&ts=1700255263267&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1700255263266.2039689777&ler=empty&it=1700255263242&coo=false&rqm=GET

Requested by

Host: www.travelbyjen.com
URL: https://www.travelbyjen.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.travelbyjen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 17 Nov 2023 21:07:43 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 1 KB
1 KB 41ms
17ms Script
text/javascript 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: app.icontact.com
URL: https://app.icontact.com/icp/static/form/javascripts/validation-captcha.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

eb7bf02db906592731efaa8338874fde0ebd1135d5ae5307aca6b451871d0e73

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.travelbyjen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:07:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Fri, 17 Nov 2023 21:07:43 GMT

GET
H3 200 bullet_down.gif
www.travelbyjen.com/img/ 472 B
946 B 610ms
610ms Image
image/gif 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.travelbyjen.com/img/bullet_down.gif
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eca417947c6512db665afe54493e1aff6b344171217e2ea759ae690728636be

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.travelbyjen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:07:44 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 16 Jun 2009 23:20:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "2626cba-1d8-46c7f6a8b40c0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J8CkShLaDPY9ywZQS%2BA5L40DBw29yRa4%2FIz4fZV8lWCXWelRF0zgIA0smRPoGtOSNnKoEnru9c7SSB4mVMt6PFj7w9tZau%2F5V02vwGjJzpimbyll1UO5920NXKGcPqD2dn8X54jZqtptcv5zNp7e5aQw"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=7200
accept-ranges: bytes
cf-ray: 827af1e69f5419a9-FRA
alt-svc: h3=":443"; ma=86400
content-length: 472

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/ 468 KB
188 KB 281ms
7ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

983871cac9e719263fcecaa540c4e1597c8ece1805845830ec21fef0e71d9f88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.travelbyjen.com/
Origin: https://www.travelbyjen.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 11:04:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 36193
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 192016
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 05:42:11 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 16 Nov 2024 11:04:31 GMT

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 6355 61 KB
35 KB 31ms
30ms Document
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeCZCcUAAAAALhxcQ5fN80W6Wa2K3GqRQK6WRjA&co=aHR0cHM6Ly93d3cudHJhdmVsYnlqZW4uY29tOjQ0Mw..&hl=de&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=5b9eo2392gru

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c30ff8cc6fab5cb4724ceb9bd5e2fde1500bafa11c707f6fb43c5c2aed0f69dc

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-_VIS2mKc8pflMT1Y7ghn1g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.travelbyjen.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-_VIS2mKc8pflMT1Y7ghn1g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 21:07:44 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/ Frame 6355 55 KB
24 KB 24ms
7ms Stylesheet
text/css 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeCZCcUAAAAALhxcQ5fN80W6Wa2K3GqRQK6WRjA&co=aHR0cHM6Ly93d3cudHJhdmVsYnlqZW4uY29tOjQ0Mw..&hl=de&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=5b9eo2392gru

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 20:41:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1598
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 05:42:11 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 16 Nov 2024 20:41:06 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/ Frame 6355 468 KB
188 KB 23ms
7ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

983871cac9e719263fcecaa540c4e1597c8ece1805845830ec21fef0e71d9f88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 11:04:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 36193
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 192016
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 05:42:11 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 16 Nov 2024 11:04:31 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 6355 2 KB
2 KB 8ms
7ms Image
image/png 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 15:15:26 GMT
x-content-type-options: nosniff
age: 107538
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Thu, 23 Nov 2023 15:15:26 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 6355 15 KB
16 KB 31ms
7ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 23:26:56 GMT
x-content-type-options: nosniff
age: 78048
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Nov 2024 23:26:56 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 6355 15 KB
15 KB 32ms
9ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 21:01:27 GMT
x-content-type-options: nosniff
age: 173177
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Nov 2024 21:01:27 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 6355 102 B
135 B 17ms
16ms Other
text/javascript 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=-QbJqHfGOUB8nuVRLvzFLVed

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f3706dd9e175fdadc2a564238f1ddc64afea19e67aefd5b922f33040d5f94540

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeCZCcUAAAAALhxcQ5fN80W6Wa2K3GqRQK6WRjA&co=aHR0cHM6Ly93d3cudHJhdmVsYnlqZW4uY29tOjQ0Mw..&hl=de&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=5b9eo2392gru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:07:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Fri, 17 Nov 2023 21:07:44 GMT

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame B7A0 7 KB
1 KB 18ms
17ms Document
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=de&v=-QbJqHfGOUB8nuVRLvzFLVed&k=6LeCZCcUAAAAALhxcQ5fN80W6Wa2K3GqRQK6WRjA

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a46afbd4b090844ef94e25e3e3f27f9ed65936e5558a21cd286786b912bc3c3c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ZTudhvsNc3UkafTg32Wtgw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.travelbyjen.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-ZTudhvsNc3UkafTg32Wtgw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 21:07:44 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/ Frame B7A0 55 KB
24 KB 8ms
7ms Stylesheet
text/css 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=-QbJqHfGOUB8nuVRLvzFLVed&k=6LeCZCcUAAAAALhxcQ5fN80W6Wa2K3GqRQK6WRjA

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 20:41:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1598
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 05:42:11 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 16 Nov 2024 20:41:06 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/ Frame B7A0 468 KB
188 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=-QbJqHfGOUB8nuVRLvzFLVed&k=6LeCZCcUAAAAALhxcQ5fN80W6Wa2K3GqRQK6WRjA

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

983871cac9e719263fcecaa540c4e1597c8ece1805845830ec21fef0e71d9f88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 11:04:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 36193
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 192016
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 05:42:11 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 16 Nov 2024 11:04:31 GMT

POST
H3 200 reload Show response
www.google.com/recaptcha/api2/ Frame B7A0 41 KB
25 KB 69ms
68ms XHR
application/json 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6LeCZCcUAAAAALhxcQ5fN80W6Wa2K3GqRQK6WRjA

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f77f03366c6d67114860bc31f25dd40b7c1a119f39aafd2287c8364433dbc9a3

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/bframe?hl=de&v=-QbJqHfGOUB8nuVRLvzFLVed&k=6LeCZCcUAAAAALhxcQ5fN80W6Wa2K3GqRQK6WRjA
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Fri, 17 Nov 2023 21:07:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Fri, 17 Nov 2023 21:07:44 GMT

GET
H3 200 refresh_2x.png
www.gstatic.com/recaptcha/api2/ Frame B7A0 600 B
624 B 8ms
7ms Image
image/png 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/refresh_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 07:52:58 GMT
x-content-type-options: nosniff
age: 306886
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 600
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Tue, 21 Nov 2023 07:52:58 GMT

GET
H3 200 audio_2x.png
www.gstatic.com/recaptcha/api2/ Frame B7A0 530 B
554 B 10ms
8ms Image
image/png 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/audio_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 11 Nov 2023 06:58:17 GMT
x-content-type-options: nosniff
age: 569367
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 530
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Sat, 18 Nov 2023 06:58:17 GMT

GET
H3 200 info_2x.png
www.gstatic.com/recaptcha/api2/ Frame B7A0 665 B
689 B 10ms
9ms Image
image/png 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/info_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 21:53:06 GMT
x-content-type-options: nosniff
age: 170078
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 665
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Wed, 22 Nov 2023 21:53:06 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame B7A0 15 KB
15 KB 9ms
7ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 23:26:56 GMT
x-content-type-options: nosniff
age: 78048
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Nov 2024 23:26:56 GMT

GET
H2 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame B7A0 15 KB
15 KB 10ms
10ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 23:30:11 GMT
x-content-type-options: nosniff
age: 337053
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15340
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Nov 2024 23:30:11 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame B7A0 15 KB
15 KB 9ms
9ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 21:01:27 GMT
x-content-type-options: nosniff
age: 173177
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Nov 2024 21:01:27 GMT

GET
H3 200 payload
www.google.com/recaptcha/api2/ Frame B7A0 36 KB
36 KB 17ms
17ms Image
image/jpeg 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/recaptcha/api2/payload?p=06AFcWeA4I6hLsULaDW_uCIe9AXninGjqZBvE_sRc3Xg_SC_aAqqqCZ2dFz45IrkgalUIuF-JFI5d3ZdcwyRMuN40OzbfRgF-1KraSqV7ArZrfLMII7xt_yg3AUOtsvrnpn5RUTCwvQaLv-501fCwo9G_M9coZFJRaARB5j1SV7zE1OCV6dd8Weap59bdoTLX1mOHstwBI9QYmvTMmUryoA8ivNaDK6BWU0Q&k=6LeCZCcUAAAAALhxcQ5fN80W6Wa2K3GqRQK6WRjA

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

57b5b3af68e4dd39465b01ff9cf9b54ae42d142208c2c846b37e356ae82ec68b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/bframe?hl=de&v=-QbJqHfGOUB8nuVRLvzFLVed&k=6LeCZCcUAAAAALhxcQ5fN80W6Wa2K3GqRQK6WRjA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:07:44 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: private, max-age=30
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Fri, 17 Nov 2023 21:07:44 GMT

Verdicts & Comments Add Verdict or Comment

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.google.com/recaptcha	1970-01-20 20:36:47	Name: _GRECAPTCHA Value: 09ALvilpZ5FEEB42H0NvGRLzxldN60qikvLtQ3Hy1ocaDFT5tBbqRP1nGPhfWDpzCWFY9lIhoH1TpxMvtokAH0neY
.travelbyjen.com/	1970-01-21 01:53:35	Name: __utma Value: 256534350.1951859176.1700255263.1700255263.1700255263.1
.travelbyjen.com/	1969-12-31 23:59:59	Name: __utmc Value: 256534350
.travelbyjen.com/	1970-01-20 20:40:23	Name: __utmz Value: 256534350.1700255263.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.travelbyjen.com/	1970-01-20 16:17:35	Name: __utmt Value: 1
.travelbyjen.com/	1970-01-20 16:17:37	Name: __utmb Value: 256534350.1.10.1700255263
.travelbyjen.com/	1970-01-20 18:27:11	Name: _fbp Value: fb.1.1700255263266.2039689777

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://www.travelbyjen.com/ Message: Mixed Content: The page at 'https://www.travelbyjen.com/' was loaded over HTTPS, but requested an insecure element 'http://www.jetsetvacations.com/images/deals/tbj-full-fare-advertising.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
javascript	warning	URL: https://www.travelbyjen.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://app.icontact.com/icp/static/form/javascripts/validation-captcha.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.travelbyjen.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://app.icontact.com/icp/static/form/javascripts/validation-captcha.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.travelbyjen.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://app.icontact.com/icp/static/form/javascripts/tracking.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.travelbyjen.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://app.icontact.com/icp/static/form/javascripts/tracking.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
security	warning	URL: https://www.travelbyjen.com/(Line 1242) Message: Mixed Content: The page at 'https://www.travelbyjen.com/' was loaded over HTTPS, but requested an insecure element 'http://www.jetsetvacations.com/images/deals/tbj-full-fare-advertising.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network	error	URL: https://www.jetsetvacations.com/images/deals/tbj-full-fare-advertising.jpg Message: Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.icontact.com
click.icptrack.com
connect.facebook.net
fonts.gstatic.com
ssl.google-analytics.com
stats.g.doubleclick.net
www.facebook.com
www.google.com
www.gstatic.com
www.jetsetvacations.com
www.travelbyjen.com
104.18.28.148
104.18.30.34
2606:4700:3030::ac43:ad71
2a00:1450:4001:80e::2003
2a00:1450:4001:829::2004
2a00:1450:4001:82b::2003
2a00:1450:4001:82b::2008
2a00:1450:400c:c0a::9c
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
2a06:98c1:3121::3
0302c0a5dce44524744b97b4f28bacb38e4b436f3d2a7b373a3dd23ae11950bd
0646d48b2da314ec33040f2a55e6b795204de37bd16cb24ed8e11f08d3cc8bdb
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
15135131e8eb9cebb240f6e4fef1897a55868095a3d7fe2f4e95289b8df760e1
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1c7d3c6c064a36de471b6c80e98e5b91dc3a0851d81c4e9cc0aa14f378748d19
1c86c420a2ace6b09b3995339ad10f59c14b0ff6fe6404525660e83703115754
1fea1067084bef4ec7a5c0568a13d2f33ed821473c21e67570bc5b157b153e7a
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2c295a53c54223191739da9976ba2e585495365b86182c7471f722e0a225a21f
2eca417947c6512db665afe54493e1aff6b344171217e2ea759ae690728636be
357dfba7c71a928dd5307fef9d49e11e8bc73aa988194ab1f6d1ba432ffdc76e
3a63b8d0df54fd4c2c27244cebff92c02ed311d46761912654d50a3cfda1b1d4
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98
4842f3be25ff4f5c36eb0d7e565d21625fc42dd412a16b1c9907d5a79dd3f98d
4943a5c92c5c6d475c8d1a650c5bc5c7c023e95224bc81a357bd7e93d339ab7f
4c6039b2bec9f4f793baff7c42d5f282df88c0837b9c252e493ceaefe34d75f4
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee
57b5b3af68e4dd39465b01ff9cf9b54ae42d142208c2c846b37e356ae82ec68b
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5cabfa32f88d2cba9b59f714e4b008e734f8e2f39204928da94b45c6c426587d
72cf21a525cd53de503b4fd212d8deb8d6da381febb9b360f62cd593b456b5d2
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8435a597c6eae836d4808dae301d8fb2e0a0edd3eb3329f2b705c34f45fd33e8
846e0bb1c71f90a1575cc4712d49127c4d6faaf051203013fa1aff9e677e5032
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992
983871cac9e719263fcecaa540c4e1597c8ece1805845830ec21fef0e71d9f88
a2bfc94643c9be095dc379c239b7b85423792cce91a465c8593521c6e24cd79f
a46afbd4b090844ef94e25e3e3f27f9ed65936e5558a21cd286786b912bc3c3c
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ae90333755ae81b485c03e5539edc3df19d87f91fd6fc9bcbc589a14b36db701
b2fcc8417d561ab17c6737032e877d99f051e44955ddba1b202b236c7bee945a
b351c93af73bd6376b1ce448efece6059ac65b445b9c002bed75ab7289350a67
b79992169d15d2b89f704a0adbe24531f86e665962d673b2be84aa22cd5a831e
c30ff8cc6fab5cb4724ceb9bd5e2fde1500bafa11c707f6fb43c5c2aed0f69dc
c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cf7f502f937d01f91295c7380ab1b2b4b7896d7840a9d05b82cad86faebe88f7
d37428034573475170e66119bd415d46092d33f0108a7b0909a09e998d23f674
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb7bf02db906592731efaa8338874fde0ebd1135d5ae5307aca6b451871d0e73
eeebc0488950ff1d1010707d8c96a7f1036f777235c0dc3230f182c40d814091
f3706dd9e175fdadc2a564238f1ddc64afea19e67aefd5b922f33040d5f94540
f77f03366c6d67114860bc31f25dd40b7c1a119f39aafd2287c8364433dbc9a3
ffa0820dc58ed25c0b93540f265f68a9e98aa594797ec37705250bd64c87d45a

www.travelbyjen.com Open in urlscan Pro 2a06:98c1:3121::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

56 Requests

98 %HTTPS

82 %IPv6

10 Domains

11 Subdomains

10 IPs

4 Countries

1039 kBTransfer

2487 kBSize

7 Cookies

2 Outgoing links

Page URL History

Redirected requests

56 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.travelbyjen.com Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Screenshot
Live screenshot

Full Image

56
Requests

98 %
HTTPS

82 %
IPv6

10
Domains

11
Subdomains

10
IPs

4
Countries

1039 kB
Transfer

2487 kB
Size

7
Cookies

56 HTTP transactions
0 data transactions