excellentravel.com Open in urlscan Pro
2606:4700:3032::6815:1a69 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://excellentravel.com/w/instant/cF
Submission: On May 03 via manual (May 3rd 2022, 12:51:58 pm UTC) from MX — Scanned from DE

Summary HTTP 60 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 24 IPs in 4 countries across 16 domains to perform 60 HTTP transactions. The main IP is 2606:4700:3032::6815:1a69, located in United States and belongs to CLOUDFLARENET, US. The main domain is excellentravel.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 17th 2021. Valid for: a year.

This is the only time excellentravel.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
6	2606:4700:303... 2606:4700:3032::6815:1a69	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6810:5914	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:3b	20446 (STACKPATH...) (STACKPATH-CDN)
4	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2.18.234.194 2.18.234.194	16625 (AKAMAI-AS) (AKAMAI-AS)
5	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:1::2 2a02:2638:1::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638:1::4 2a02:2638:1::4	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
7	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 2	142.250.186.134 142.250.186.134	15169 (GOOGLE) (GOOGLE)
1	2600:9000:215... 2600:9000:2156:ec00:1e:a43d:b640:93a1	16509 (AMAZON-02) (AMAZON-02)
1	178.250.2.148 178.250.2.148	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
5	178.250.0.139 178.250.0.139	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.2.150 178.250.2.150	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
60	24

6 2606:4700:3032::6815:1a69 (United States)

ASN13335 (CLOUDFLARENET, US)

excellentravel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5914 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:3b (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

firebasestorage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.234.194 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-194.deploy.static.akamaitechnologies.com

www.tripadvisor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.nl.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::4 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.134 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:ec00:1e:a43d:b640:93a1 (United States)

ASN16509 (AMAZON-02, US)

secure-gl.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.148 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 178.250.0.139 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: pix.par.vip.prod.criteo.com

pix.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.2.150 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	criteo.net static.criteo.net — Cisco Umbrella Rank: 760 pix.eu.criteo.net — Cisco Umbrella Rank: 6356 csm.eu.criteo.net — Cisco Umbrella Rank: 6365	99 KB
13	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 119 tpc.googlesyndication.com — Cisco Umbrella Rank: 171	209 KB
6	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 65 ad.doubleclick.net — Cisco Umbrella Rank: 246	15 KB
6	excellentravel.com excellentravel.com	61 KB
4	gstatic.com www.gstatic.com fonts.gstatic.com	98 KB
3	criteo.com rtb.nl.eu.criteo.com — Cisco Umbrella Rank: 9640 ads.eu.criteo.com — Cisco Umbrella Rank: 6296 cat.nl.eu.criteo.com — Cisco Umbrella Rank: 8534	45 KB
3	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 341	87 KB
2	google.com adservice.google.com — Cisco Umbrella Rank: 128 www.google.com — Cisco Umbrella Rank: 20	2 KB
2	googleapis.com firebasestorage.googleapis.com — Cisco Umbrella Rank: 5368 fonts.googleapis.com — Cisco Umbrella Rank: 111	4 MB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 574	41 KB
1	imrworldwide.com secure-gl.imrworldwide.com — Cisco Umbrella Rank: 1861	688 B
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 227	37 KB
1	google.de adservice.google.de — Cisco Umbrella Rank: 5351	792 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 940	648 B
1	tripadvisor.com www.tripadvisor.com — Cisco Umbrella Rank: 9226	3 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 936	30 KB
60	16

	Domain	Requested by
8	pagead2.googlesyndication.com	excellentravel.com pagead2.googlesyndication.com tpc.googlesyndication.com www.googletagservices.com
7	static.criteo.net	ads.eu.criteo.com
6	excellentravel.com	excellentravel.com
5	pix.eu.criteo.net	ads.eu.criteo.com
5	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
4	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
3	www.gstatic.com	excellentravel.com
3	cdnjs.cloudflare.com	excellentravel.com cdnjs.cloudflare.com ads.eu.criteo.com
2	csm.eu.criteo.net	ads.eu.criteo.com
2	ad.doubleclick.net	1 redirects ads.eu.criteo.com
2	cdn.jsdelivr.net	excellentravel.com
1	www.google.com	tpc.googlesyndication.com
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	cdnjs.cloudflare.com
1	cat.nl.eu.criteo.com	ads.eu.criteo.com
1	secure-gl.imrworldwide.com	ads.eu.criteo.com
1	ads.eu.criteo.com	googleads.g.doubleclick.net
1	rtb.nl.eu.criteo.com	googleads.g.doubleclick.net
1	www.googletagservices.com	googleads.g.doubleclick.net
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.tripadvisor.com	excellentravel.com
1	firebasestorage.googleapis.com	excellentravel.com
1	code.jquery.com	excellentravel.com
60	25

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.pinterest.com
twitter.com
www.youtube.com
api.whatsapp.com
www.tripadvisor.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-17` - `2022-06-16`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
www.tripadvisor.com DigiCert SHA2 Extended Validation Server CA	`2021-05-26` - `2022-06-15`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.nl.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-15` - `2022-06-13`	3 months	crt.sh
*.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-19` - `2022-06-18`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-11` - `2022-07-13`	3 months	crt.sh
*.imrworldwide.com DigiCert TLS RSA SHA256 2020 CA1	`2022-01-04` - `2023-02-03`	a year	crt.sh
*.eu.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-10` - `2022-07-04`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh

This page contains 7 frames:

Primary Page: https://excellentravel.com/w/instant/cF
Frame ID: 79F04FE0EBD5E12486AE4D5A58A22DC2
Requests: 25 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220428/r20190131/zrt_lookup.html
Frame ID: 3E45F24A2D6368E0F670B0B8AA54B670
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5416819712408858&output=html&adk=1812271804&adf=3025194257&lmt=1651582314&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fexcellentravel.com%2Fw%2Finstant%2FcF&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651582313976&bpp=2&bdt=602&idt=133&shv=r20220428&mjsv=m202204270101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4870011117180&frm=20&pv=2&ga_vid=179967721.1651582314&ga_sid=1651582314&ga_hid=1577700413&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31066184%2C31064019&oid=2&pvsid=261406067957745&pem=958&tmod=201589430&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=149
Frame ID: 91787A2A9EB7B9E3E95A11067F8FA314
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5416819712408858&output=html&h=280&slotname=7062134934&adk=207091057&adf=3017137674&pi=t.ma~as.7062134934&w=340&fwrn=4&fwrnh=100&lmt=1651582314&rafmt=1&psa=0&format=340x280&url=https%3A%2F%2Fexcellentravel.com%2Fw%2Finstant%2FcF&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651582313979&bpp=2&bdt=605&idt=151&shv=r20220428&mjsv=m202204270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4870011117180&frm=20&pv=1&ga_vid=179967721.1651582314&ga_sid=1651582314&ga_hid=1577700413&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=630&ady=290&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31066184%2C31064019&oid=2&pvsid=261406067957745&pem=958&tmod=201589430&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cp&abl=XS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=DV0hXyC5Et&p=https%3A//excellentravel.com&dtd=156
Frame ID: 9285D2648A92E625291D332E8E601FA8
Requests: 8 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YnElagADkTcKmuwTAAXkZb-jau9Egk9BJkseXg&u=%7CKzyXYokKF7BUWejmxsKA0O72slQyJtyqro4IQC97zgg%3D%7C&c1=ey2CWPGBBq8KLbNmF-WcsI4oklu97rBxhDFjb-SPIrhe_8rVdq7qlDb2tXb5Ycu4fz3PYRcxFiJrcmiOdIlmYYbcJO8b_dtVy2WCPak4Bwy4_v9wNTEOctvtbn937XR0ZGGA95Fg8F-nf8n-SoYudNr7FZKkSkGH8N9GB2V88OmSbcCAyvdvl3urBfCSJZRTPPZShhWHTHfwd6COb9UYxYdIh_6G7_Rvvlg-J69PIHOCNP8h9IjyhypYcAvBSTA8J-cEvEEDD0vI1rBx1nbxEPn9SjhJ5bp5DFvWxMffY_9SWeepm-V1jfZaGwRNdjH2y6SqPcCKZvGbReVmeMIeVhOD1_4ex2W4OTqJRivWi5dBQa1ktzZe27LIZDq46KBdmkrkACjk5HUDyBrtbkFoFhra_M_sexxRtaok8n3FHfKypeK340frbD-PLKqnnDZh0lU-0_jJYfktSEEyRWAteSpy-MAbIyzy&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8pANaiVxYreiDpPY6wTlyJewDMme0rFc1fbi1pMBwI23ARABIABglYKAgKwHggEXY2EtcHViLTU0MTY4MTk3MTI0MDg4NTigAdW20uoDyAEJqQL8ITG73J2xPqgDAaoE1QFP0LgG8VB5PhQs8DGBZXDP9-uPJqIiQIwmiIC5M405bKpm78TmZZGL3dEraeULFQzkh3CxL5i6H0P1B7OCY7szWDVcvKfIYRbYjz7L_txDyGR-4hTL7-x-gz46_ywyhG-bTothUelS3LjZm7EjJOXUYONi6zbKRFOiZTO66zravD_y8Pke8NYszI2ep6NImZeXopDWLpB933QU0hCKl2wGorqy1xGyLY5Y8vPM0MPkOv9bISDMeFX7OwKmbcDykPnMGlQ5h9Je_L1w75RY4p3QhmShebeABtXEhcbW28KobqAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2D709mePognab8myhKeGQTS_MYMw%26client%3Dca-pub-5416819712408858%26adurl%3D
Frame ID: 8509E01951A830630BEC30AFE40B3C72
Requests: 21 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F3FB353C2D2498688B539E7AD37E29D3
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D1A0DD898B2893608BA4977AE025BA3A
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

traveler en ExcellenTravel #PuebloMagico #Cuetzalan #mexico #puebla

Detected technologies

Firebase (Databases) Expand

Overall confidence: 100%
Detected patterns

/firebasejs/([\d.]+)/firebase

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

60
Requests

98 %
HTTPS

74 %
IPv6

16
Domains

25
Subdomains

24
IPs

4
Countries

4470 kB
Transfer

5452 kB
Size

3
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/excellentravel1/

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/3xcellentravel/

Search URL Search Domain Scan URL

URL: https://twitter.com/excellentravel_

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UChNVmTFKq0a-GrGQsErNiFw/about

Search URL Search Domain Scan URL

URL: https://api.whatsapp.com/send?phone=525546995151&text=Hola,%20tengo%20una%20duda

Search URL Search Domain Scan URL

URL: https://www.tripadvisor.com/Attraction_Review-g150800-d23835559-Reviews-Excellentravel-Mexico_City_Central_Mexico_and_Gulf_Coast.html

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 35

https://ad.doubleclick.net/ddm/trackimp/N465602.154378CRITEO/B27280118.329175288;dc_trk_aid=521434294;dc_trk_cid=166770497;dcopt=anid;ord=62712569a4f54295236dc68f45727c1a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=1;;ltd= HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N465602.154378CRITEO/B27280118.329175288;dc_pre=CJfov8mvw_cCFYi8dwodb1INyg;dc_trk_aid=521434294;dc_trk_cid=166770497;dcopt=anid;ord=62712569a4f54295236dc68f45727c1a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=1;;ltd=

60 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request cF Show response
excellentravel.com/w/instant/ 8 KB
9 KB 452ms
415ms Document
text/html 2606:4700:3032::6815:1a69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://excellentravel.com/w/instant/cF
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:1a69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.1.3
Resource Hash: fe18f9e8e33d5184e9953fd6d67bc2b9d91718070a48e0272830a2daedac0691

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7059216ffc529001-FRA
content-type: text/html charset=utf-8
date: Tue, 03 May 2022 12:51:53 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cmnGR46Tdg6GGD1ShJYuTjJdn03uOp1uaRQJ8H9sMu4k6rVXbA%2F3TMq%2FRSTycjMHlotYx9dhHpFdzNRsybUuaBAF1PiSTcLxPKy%2BdSwcduEjqFlbOFZ0iakzxBFC5%2BpiU2%2BMr0H7%2FlirpfDv4NwzwWE%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/8.1.3

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.6.1/dist/css/ 158 KB
25 KB 41ms
23ms Stylesheet
text/css 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.6.1/dist/css/bootstrap.min.css

Requested by

Host: excellentravel.com
URL: https://excellentravel.com/w/instant/cF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c5ed985fdbddc027124d4e6879ce1a1860832cda85e2b517c18d8fbd2fffc06

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://excellentravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 12:51:53 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3727809
x-jsd-version: 4.6.1
x-cache: MISS, HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19177-FRA, cache-hhn4054-HHN
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"278e1-H7g/xZXPKL+TYth2EOrfo7e7vlk"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vvSUBlwDgUG5ZqXpZd8iZjDWCzMCkHvuWZsMAFdVFPqA9Xf7zWZBKHadjR5PqYETwzAPkYgea9JReTPrG%2Fa4IEx13GdqvGcYRD1gnRqrZsabl8CW0tg5ZB0WAQNAbwa9roPh%2Fgl4wiusfAnlBmE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 705921730e409b7d-FRA

GET
H2 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 30 KB
6 KB 34ms
17ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: excellentravel.com
URL: https://excellentravel.com/w/instant/cF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://excellentravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 12:51:53 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2480938
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5631
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-7918"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1wo4oRCKqRcHE2Nlkb0K3oF2T1pG6yS1DcsLfGZYT871r3TCei%2Fhd%2FwRgsuTHtDcz37DSkFFCPs88MIM1ILk60ReJ%2B0TDWXvVdoEvLrTuQOHx8FZvGxZciBt1qSfGa%2BrGj6OAjeu8Kmy11CTaZ0XtRjW"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 7059217308819131-FRA
expires: Sun, 23 Apr 2023 12:51:53 GMT

GET
H2 200 dynamic.css.php
excellentravel.com/core/static/css/ 7 KB
2 KB 124ms
121ms Stylesheet
text/css 2606:4700:3032::6815:1a69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://excellentravel.com/core/static/css/dynamic.css.php?s=common
Requested by: Host: excellentravel.com
URL: https://excellentravel.com/w/instant/cF
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:1a69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.1.3
Resource Hash: f98ad3e0de02578a6df034f01fc1fd0f61911320c8d5711738d6c5824cb69855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://excellentravel.com/w/instant/cF
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 May 2022 12:51:53 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/8.1.3
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lCHJ6E2UddFpZVM1iNtE1qsKv%2BnGG%2BabfBxhaYyLmqzh1DMjmdLIX53IFaObcHRQglxxchzAG%2FnklQyCoyBUlvNz9QUvTif%2FzVZn9qvVwdEdqL9U%2BPsNpSPd1kv5O51owCidYvk8EA24gsmoX8D0Ids%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
cache-control: no-store, no-cache, must-revalidate
cf-ray: 70592172ede29001-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 jquery-3.5.1.min.js Show response
code.jquery.com/ 87 KB
30 KB 37ms
13ms Script
application/javascript 2001:4de0:ac18::1:a:3b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.5.1.min.js
Requested by: Host: excellentravel.com
URL: https://excellentravel.com/w/instant/cF
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:3b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://excellentravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 12:51:53 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-15d84"
vary: Accept-Encoding
x-hw: 1651582313.dop158.fr8.t,1651582313.cds002.fr8.hn,1651582313.cds142.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30879

GET
H2 200 bootstrap.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@4.6.1/dist/js/ 61 KB
16 KB 35ms
19ms Script
application/javascript 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.6.1/dist/js/bootstrap.min.js

Requested by

Host: excellentravel.com
URL: https://excellentravel.com/w/instant/cF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4b24eee82c2b7ce85ace76193e8a25570dabc6863b94a60a42fa9bb6a37ddc72

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://excellentravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 12:51:53 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3727791
x-jsd-version: 4.6.1
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19143-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"f3e8-JKkAvfzv1Sy8/zvDZECvm4fNUGc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WpMR7t07xVxPAEMFhgv1fL7aXBy7ydJdjCwASbBCQq%2B82pZIfeSFMCCn5cNPDjKluBuP1RlQA5YsAlip8V3ZK9ZwqZEE%2FSHCDjaBPhQ8ztZ0jb3vLsyk4YG7jOTg9H98TqFC6qFVrRFgZ8WubjE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 705921730e419b7d-FRA

GET
H2 200 firebase-app.js Show response
www.gstatic.com/firebasejs/8.10.0/ 22 KB
7 KB 50ms
13ms Script
text/javascript 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/8.10.0/firebase-app.js

Requested by

Host: excellentravel.com
URL: https://excellentravel.com/w/instant/cF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a78d872dee0b66e1fd7cfdab14645678b8f9596cf42b212029825029acda4dfc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://excellentravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 21:12:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 488374
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7003
x-xss-protection: 0
last-modified: Thu, 19 Aug 2021 20:25:44 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 27 Apr 2023 21:12:19 GMT

GET
H2 200 firebase-analytics.js Show response
www.gstatic.com/firebasejs/8.10.0/ 35 KB
11 KB 51ms
15ms Script
text/javascript 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/8.10.0/firebase-analytics.js

Requested by

Host: excellentravel.com
URL: https://excellentravel.com/w/instant/cF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f114e062db8d6e28b27679e95a074ca452faeb799cc6c04b4189fd04f5dcbe9f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://excellentravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 22:38:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 310383
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10768
x-xss-protection: 0
last-modified: Thu, 19 Aug 2021 20:25:38 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 29 Apr 2023 22:38:50 GMT

GET
H2 200 firebase-auth.js Show response
www.gstatic.com/firebasejs/8.10.0/ 173 KB
56 KB 54ms
18ms Script
text/javascript 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/8.10.0/firebase-auth.js

Requested by

Host: excellentravel.com
URL: https://excellentravel.com/w/instant/cF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a99665d77fbb2a8996da55c9dee2f8df31fb163a4ea3aa612042c9dfbd7d7dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://excellentravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 07:30:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 364860
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56948
x-xss-protection: 0
last-modified: Thu, 19 Aug 2021 20:25:38 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="firebase-js"
expires: Sat, 29 Apr 2023 07:30:53 GMT

GET
H2 200 dynamic.js.php Show response
excellentravel.com/core/static/js/ 1 KB
736 B 411ms
410ms Script
text/javascript 2606:4700:3032::6815:1a69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://excellentravel.com/core/static/js/dynamic.js.php?s=config
Requested by: Host: excellentravel.com
URL: https://excellentravel.com/w/instant/cF
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:1a69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.1.3
Resource Hash: a9b63f31fd4c9fd602952300f4ec075e962c9549c6b4bc1de51813e8e32d32e9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://excellentravel.com/w/instant/cF
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 May 2022 12:51:53 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/8.1.3
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N5GV%2FpFSu5fF1kAdNS%2F15KfoWBdI0pRs11pK8herrqoZReu2WRbCTnCEcOaBHrk4mjdUflcZ9qLo55AkYXPHXjHOoG2KDgVhwDISTKP3P6Jq5GrRJRuaarlCemQeXprkqskPRQjwrDclybn0YPw%2BWic%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
cf-ray: 70592172ede79001-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 dynamic.js.php Show response
excellentravel.com/core/static/js/ 10 KB
1 KB 391ms
391ms Script
text/javascript 2606:4700:3032::6815:1a69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://excellentravel.com/core/static/js/dynamic.js.php?s=common&_rjs627125693ffec=vr627125693ffed
Requested by: Host: excellentravel.com
URL: https://excellentravel.com/w/instant/cF
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:1a69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.1.3
Resource Hash: 925b0e02095543a62d25282013b55b56a369c77f9b905b72588413c837795b14

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://excellentravel.com/w/instant/cF
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 May 2022 12:51:53 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/8.1.3
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=53BzWVe7BRujCx%2B4fOMoDnCN31FnykJEabDyauw56L5kDk%2BCAMAjeBZ151b5I8WIyRJlk%2F2G6OgfA08M1ngdanZsy4csCg38%2BgYj%2FMQPfDnazQnTG6pYx%2Fw9wQ10d1txusMCysyzipp%2FU%2BIJYWA7Pq8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
cf-ray: 70592172ede99001-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 excellentravel1.svg
excellentravel.com/static/img/logo/ 10 KB
4 KB 399ms
398ms Image
image/svg+xml 2606:4700:3032::6815:1a69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://excellentravel.com/static/img/logo/excellentravel1.svg
Requested by: Host: excellentravel.com
URL: https://excellentravel.com/w/instant/cF
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:1a69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e5b1c0cfe2d7684839341b6cac418d210bee998a2d9a87f1f91cd30742991a18

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://excellentravel.com/w/instant/cF
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 12:51:54 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 17 Feb 2022 04:46:56 GMT
server: cloudflare
etag: W/"34e3523-293b-5d82f74ba42a4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7l1bJvrN%2F6r4SWTKgVYpWBwE4FkIfGfAxsNyfnaiqhxGcVQLJFmL3S8OMTL%2Bwk367tjlufUxD5Q%2BqeozMjI8bpgCFoINU7gJwPAsj45OdMb89bizLEolNZbq0rY%2FXHrA3qLKmpVUw%2FCg02%2BStBPJAp0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 705921756ba89a35-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 RlKLonfHXobxZPGYXwqW2nbDpr33%2FprofilePicture%2Fdefault.png
firebasestorage.googleapis.com/v0/b/excellentravel-tourists.appspot.com/o/ 4 MB
4 MB 1187ms
1126ms Image
image/jpeg 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://firebasestorage.googleapis.com/v0/b/excellentravel-tourists.appspot.com/o/RlKLonfHXobxZPGYXwqW2nbDpr33%2FprofilePicture%2Fdefault.png?alt=media
Requested by: Host: excellentravel.com
URL: https://excellentravel.com/w/instant/cF
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: be97bdcaccbcc86a0112ebf6ca467ac1b7f564ebce0d551142d2b03b63dc7fb0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://excellentravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 12:51:54 GMT
x-guploader-uploadid: ADPycdt9g_TO1jFgBbgKHFgRbYxfADw1xSpvmIsi5ubhppL9vrJMYvK7r1xqSCELe4DBGLq7YbSzmFcW3-iEvtyTpCswmA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-disposition: inline; filename*=utf-8''default.png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3827291
last-modified: Tue, 26 Apr 2022 01:46:27 GMT
server: UploadServer
etag: "6d2ebf3b06dc13823010c9442376dc80"
x-goog-hash: crc32c=09ZF2g==, md5=bS6/OwbcE4IwEMlEI3bcgA==
x-goog-generation: 1650937586922102
cache-control: private, max-age=0
x-goog-stored-content-length: 3827291
x-goog-meta-firebasestoragedownloadtokens: 039ba2a4-4356-4843-b38b-4332b23beafe
accept-ranges: bytes
content-type: image/jpeg
expires: Tue, 03 May 2022 12:51:54 GMT

GET
H3 200 ed39de96521b70368b73a8e24cb05415.cache
excellentravel.com/cacheMaster/resid/cache/ 43 KB
44 KB 383ms
382ms Image
image/jpeg 2606:4700:3032::6815:1a69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://excellentravel.com/cacheMaster/resid/cache/ed39de96521b70368b73a8e24cb05415.cache
Requested by: Host: excellentravel.com
URL: https://excellentravel.com/w/instant/cF
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:1a69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c28cc0d77433e5ab992bbfec6cdf10de756eb7c0b33a0668ad5e666ab560966

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://excellentravel.com/w/instant/cF
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 12:51:54 GMT
cf-cache-status: DYNAMIC
last-modified: Mon, 02 May 2022 03:43:25 GMT
server: cloudflare
etag: "3460049-ad7b-5ddff31c8873d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S49PX3bIGJPlefdWY7gZCEgVmMRC83tHmeNBrCEATUvZ7UThNATvYH6f4ZxOmdp41LjYk3jf1Lk%2FxfVzuuQajqq5tQ7UOLhvs4zZeI0SqyAN9TAZLHYkqYxhvRRsazOXX49hU03djmIIBWrmZ5l1KTU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 705921758bfa9a35-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44411

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 161 KB
55 KB 75ms
39ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5416819712408858

Requested by

Host: excellentravel.com
URL: https://excellentravel.com/w/instant/cF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

890e9ee3f1573dcfb9437347198de0b8fbd284a1c77206b07bdc79e2d6a34ce6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://excellentravel.com/
Origin: https://excellentravel.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 12:51:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56152
x-xss-protection: 0
server: cafe
etag: 4984157536108343545
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 03 May 2022 12:51:53 GMT

GET
H2 200 Tripadvisor_lockup_horizontal_secondary_registered-11900-2.svg
www.tripadvisor.com/img/cdsi/img2/branding/v2/ 5 KB
3 KB 327ms
248ms Image
image/svg+xml 2.18.234.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tripadvisor.com/img/cdsi/img2/branding/v2/Tripadvisor_lockup_horizontal_secondary_registered-11900-2.svg
Requested by: Host: excellentravel.com
URL: https://excellentravel.com/w/instant/cF
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.234.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-194.deploy.static.akamaitechnologies.com
Software: envoy /
Resource Hash: b148a123dd65aa6603102281e5203539c1e3ad6514e035a9fd4096e5779017d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://excellentravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin: https://www.tripadvisor.com
date: Tue, 03 May 2022 12:51:54 GMT
content-encoding: gzip
server: envoy
vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT DSP COR CAO PSA IDC ADM DEVi TAIi PSD IVAi IVDi CONi HIS CNT"
cache-control: private, max-age=43200
content-type: image/svg+xml
content-length: 2315
expires: Wed, 04 May 2022 00:51:54 GMT

GET
H3 200 fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/ 75 KB
76 KB 92ms
71ms Font
application/octet-stream 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://excellentravel.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 12:51:53 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 867785
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 77160
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-12d68"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bdtyjf9a%2Fk6bFlBdJrwMpllcxbjX1uYP7UJ4H8MhpJ88ppLxvII286h3R%2ByDDqTvraSuedc0qgXSjJrXhA%2B9RjF1ce7eDVuFILKUht9eoLhnk5M811ajRhQYaE%2BnHIAXBawdwkUfaEXPsdKCNto4HOxU"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 70592175ff10908e-FRA
expires: Sun, 23 Apr 2023 12:51:53 GMT

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204270101/ 308 KB
110 KB 92ms
42ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204270101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5416819712408858&plah=excellentravel.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5416819712408858

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

31f6076ed2b939144cf3011e2b9924c42e68ba3fe01e58ba9c2371318f86e9fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://excellentravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 12:51:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112673
x-xss-protection: 0
server: cafe
etag: 1568103078979045043
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 03 May 2022 12:51:54 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220428/r20190131/ Frame 3E45 10 KB
5 KB 49ms
13ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220428/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5416819712408858

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7339fe12f332ac7ecd6e0ef04bb7a48fad9e74be887d67f458548ff33ea4db65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://excellentravel.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 47356
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4404
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 02 May 2022 23:42:38 GMT
etag: 3347421328414474149
expires: Mon, 16 May 2022 23:42:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 222 B
648 B 59ms
24ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=excellentravel.com&callback=_gfp_s_&client=ca-pub-5416819712408858

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204270101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5416819712408858&plah=excellentravel.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

b4610c91e275ef2305b4388f03a356a1bc76bfe4c9575be7317b4add726117b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://excellentravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 12:51:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 204
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 59ms
23ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=excellentravel.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://excellentravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 03 May 2022 12:51:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 72ms
23ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=excellentravel.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://excellentravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 03 May 2022 12:51:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 47ms
46ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fexcellentravel.com%2Fw%2Finstant%2FcF&tn=NAV&cls=navbar%20fixed-top%20navbar-expand-sm%20bg-light%20navbar-light&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: excellentravel.com
URL: https://excellentravel.com/w/instant/cF

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://excellentravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 May 2022 12:51:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9178 0
19 B 142ms
92ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5416819712408858&output=html&adk=1812271804&adf=3025194257&lmt=1651582314&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fexcellentravel.com%2Fw%2Finstant%2FcF&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651582313976&bpp=2&bdt=602&idt=133&shv=r20220428&mjsv=m202204270101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4870011117180&frm=20&pv=2&ga_vid=179967721.1651582314&ga_sid=1651582314&ga_hid=1577700413&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31066184%2C31064019&oid=2&pvsid=261406067957745&pem=958&tmod=201589430&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=149

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://excellentravel.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 03 May 2022 12:51:54 GMT
expires: Tue, 03 May 2022 12:51:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9285 23 KB
10 KB 339ms
297ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5416819712408858&output=html&h=280&slotname=7062134934&adk=207091057&adf=3017137674&pi=t.ma~as.7062134934&w=340&fwrn=4&fwrnh=100&lmt=1651582314&rafmt=1&psa=0&format=340x280&url=https%3A%2F%2Fexcellentravel.com%2Fw%2Finstant%2FcF&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651582313979&bpp=2&bdt=605&idt=151&shv=r20220428&mjsv=m202204270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4870011117180&frm=20&pv=1&ga_vid=179967721.1651582314&ga_sid=1651582314&ga_hid=1577700413&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=630&ady=290&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31066184%2C31064019&oid=2&pvsid=261406067957745&pem=958&tmod=201589430&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cp&abl=XS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=DV0hXyC5Et&p=https%3A//excellentravel.com&dtd=156

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0b2934a1098d4546edd245bc896b74f8b9720e0c7fa2dc5a48fff3b69c2fa854

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://excellentravel.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 9739
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 03 May 2022 12:51:54 GMT
expires: Tue, 03 May 2022 12:51:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220428/r20110914/client/ Frame 9285 3 KB
1 KB 59ms
24ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220428/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5416819712408858&output=html&h=280&slotname=7062134934&adk=207091057&adf=3017137674&pi=t.ma~as.7062134934&w=340&fwrn=4&fwrnh=100&lmt=1651582314&rafmt=1&psa=0&format=340x280&url=https%3A%2F%2Fexcellentravel.com%2Fw%2Finstant%2FcF&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651582313979&bpp=2&bdt=605&idt=151&shv=r20220428&mjsv=m202204270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4870011117180&frm=20&pv=1&ga_vid=179967721.1651582314&ga_sid=1651582314&ga_hid=1577700413&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=630&ady=290&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31066184%2C31064019&oid=2&pvsid=261406067957745&pem=958&tmod=201589430&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cp&abl=XS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=DV0hXyC5Et&p=https%3A//excellentravel.com&dtd=156

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 12:51:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 24
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 17 May 2022 12:51:30 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9285 120 KB
37 KB 65ms
29ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

160178c39d1766871699e6ec601ded1376873834318f71aab6bc76017cedb34a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 12:51:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37332
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1651491962848324"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 03 May 2022 12:51:54 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220428/r20110914/client/ Frame 9285 15 KB
7 KB 58ms
23ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220428/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdc0c59701784258f143dfd4201f28353f080e0900a3530a83702e08c9ff353f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 12:48:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 214
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 567849196274905959
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 17 May 2022 12:48:20 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 9285 0
0 55ms
55ms Fetch
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C6LJSaiVxYreiDpPY6wTlyJewDMme0rFc1fbi1pMBwI23ARABIABglYKAgKwHggEXY2EtcHViLTU0MTY4MTk3MTI0MDg4NTigAdW20uoDyAEJqQL8ITG73J2xPqgDAaoE0gFP0LgG8VB5PhQs8DGBZXDP9-uPJqIiQIwmiIC5M405bKpm78TmZZGL3dEraeULFQzkh3CxL5i6H0P1B7OCY7szWDVcvKfIYRbYjz7L_txDyGR-4hTL7-x-gz46_ywyhG-bTothUelS3LjZm7EjJOXUYONi6zbKRFOiZTO66zravD_y8Pke8NYszI2ep6NImZeXopDWLpB933QU0hCKl2wGorqy1xGyLY5Y8vPMksHFqHjUvTNz5EFY6z8Alcnmmk_GNEy7MxpjWk_P8bhAZzdUlduABtXEhcbW28KobqAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBABgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTU0MTY4MTk3MTI0MDg4NTgYAA&sigh=GYw7QYdce8k&uach_m=[UACH]&cid=CAQSGwCNIrLMWTyRJysFZJFkxA74ApqlkYRpKECc6BgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5416819712408858&output=html&h=280&slotname=7062134934&adk=207091057&adf=3017137674&pi=t.ma~as.7062134934&w=340&fwrn=4&fwrnh=100&lmt=1651582314&rafmt=1&psa=0&format=340x280&url=https%3A%2F%2Fexcellentravel.com%2Fw%2Finstant%2FcF&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651582313979&bpp=2&bdt=605&idt=151&shv=r20220428&mjsv=m202204270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4870011117180&frm=20&pv=1&ga_vid=179967721.1651582314&ga_sid=1651582314&ga_hid=1577700413&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=630&ady=290&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31066184%2C31064019&oid=2&pvsid=261406067957745&pem=958&tmod=201589430&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cp&abl=XS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=DV0hXyC5Et&p=https%3A//excellentravel.com&dtd=156
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 03 May 2022 12:51:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 03 May 2022 12:51:54 GMT

GET
H2 200 notify
rtb.nl.eu.criteo.com/google/auction/ Frame 9285 0
0 56ms
17ms Fetch 2a02:2638:1::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=kpvLEsz6RNQCmAKdg2ICAgAAAJCDKFA_YrxtKEK2XhBpJXFi-tMS9D_3RvCL_1IAEgAA&wp=YnElagADkTcKmuwTAAXkZb-jau9Egk9BJkseXg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 12:51:53 GMT
server: Kestrel
server-processing-duration-in-ticks: 333785
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 8509 128 KB
44 KB 162ms
128ms Document
text/html 2a02:2638:1::4
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=YnElagADkTcKmuwTAAXkZb-jau9Egk9BJkseXg&u=%7CKzyXYokKF7BUWejmxsKA0O72slQyJtyqro4IQC97zgg%3D%7C&c1=ey2CWPGBBq8KLbNmF-WcsI4oklu97rBxhDFjb-SPIrhe_8rVdq7qlDb2tXb5Ycu4fz3PYRcxFiJrcmiOdIlmYYbcJO8b_dtVy2WCPak4Bwy4_v9wNTEOctvtbn937XR0ZGGA95Fg8F-nf8n-SoYudNr7FZKkSkGH8N9GB2V88OmSbcCAyvdvl3urBfCSJZRTPPZShhWHTHfwd6COb9UYxYdIh_6G7_Rvvlg-J69PIHOCNP8h9IjyhypYcAvBSTA8J-cEvEEDD0vI1rBx1nbxEPn9SjhJ5bp5DFvWxMffY_9SWeepm-V1jfZaGwRNdjH2y6SqPcCKZvGbReVmeMIeVhOD1_4ex2W4OTqJRivWi5dBQa1ktzZe27LIZDq46KBdmkrkACjk5HUDyBrtbkFoFhra_M_sexxRtaok8n3FHfKypeK340frbD-PLKqnnDZh0lU-0_jJYfktSEEyRWAteSpy-MAbIyzy&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8pANaiVxYreiDpPY6wTlyJewDMme0rFc1fbi1pMBwI23ARABIABglYKAgKwHggEXY2EtcHViLTU0MTY4MTk3MTI0MDg4NTigAdW20uoDyAEJqQL8ITG73J2xPqgDAaoE1QFP0LgG8VB5PhQs8DGBZXDP9-uPJqIiQIwmiIC5M405bKpm78TmZZGL3dEraeULFQzkh3CxL5i6H0P1B7OCY7szWDVcvKfIYRbYjz7L_txDyGR-4hTL7-x-gz46_ywyhG-bTothUelS3LjZm7EjJOXUYONi6zbKRFOiZTO66zravD_y8Pke8NYszI2ep6NImZeXopDWLpB933QU0hCKl2wGorqy1xGyLY5Y8vPM0MPkOv9bISDMeFX7OwKmbcDykPnMGlQ5h9Je_L1w75RY4p3QhmShebeABtXEhcbW28KobqAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2D709mePognab8myhKeGQTS_MYMw%26client%3Dca-pub-5416819712408858%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

3cb606b50037fdc102fec3a954e06d73de8c309753f2280f24f64c2b146de152

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Tue, 03 May 2022 12:51:54 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=u4r9Wg0Wk_jstaZGCuPZyR5X8CAPcUTQmKOtAZ0U_JktoMnqLpEVzNXBNC5JvGSvc2HJZkB643kvfyv0CLa-gnCoXcOEueeRRGVbGGi4g2MV9DrfLmbJzHIPmBBtBFNL4FAJkhTE01VZEq7wY-23J0XzPWHhMMc-EdPneYo-oQTvHfmJi-AtaNMjxurIfFmrly1Kqgqx2yQDlA9CK3veeCdNzPmnQku0Nn8MOafaf5UYlZ1VZs7wedrvbTwrt_g-ynINfQ"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 115382790
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
DATA 200
OK truncated
/ Frame 9285 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2abf97b7c8ae8df9a17649e91fcfa22ae5dc164aa9e86e379accff38b46c0946

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 8509 2 KB
1 KB 45ms
15ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YnElagADkTcKmuwTAAXkZb-jau9Egk9BJkseXg&u=%7CKzyXYokKF7BUWejmxsKA0O72slQyJtyqro4IQC97zgg%3D%7C&c1=ey2CWPGBBq8KLbNmF-WcsI4oklu97rBxhDFjb-SPIrhe_8rVdq7qlDb2tXb5Ycu4fz3PYRcxFiJrcmiOdIlmYYbcJO8b_dtVy2WCPak4Bwy4_v9wNTEOctvtbn937XR0ZGGA95Fg8F-nf8n-SoYudNr7FZKkSkGH8N9GB2V88OmSbcCAyvdvl3urBfCSJZRTPPZShhWHTHfwd6COb9UYxYdIh_6G7_Rvvlg-J69PIHOCNP8h9IjyhypYcAvBSTA8J-cEvEEDD0vI1rBx1nbxEPn9SjhJ5bp5DFvWxMffY_9SWeepm-V1jfZaGwRNdjH2y6SqPcCKZvGbReVmeMIeVhOD1_4ex2W4OTqJRivWi5dBQa1ktzZe27LIZDq46KBdmkrkACjk5HUDyBrtbkFoFhra_M_sexxRtaok8n3FHfKypeK340frbD-PLKqnnDZh0lU-0_jJYfktSEEyRWAteSpy-MAbIyzy&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8pANaiVxYreiDpPY6wTlyJewDMme0rFc1fbi1pMBwI23ARABIABglYKAgKwHggEXY2EtcHViLTU0MTY4MTk3MTI0MDg4NTigAdW20uoDyAEJqQL8ITG73J2xPqgDAaoE1QFP0LgG8VB5PhQs8DGBZXDP9-uPJqIiQIwmiIC5M405bKpm78TmZZGL3dEraeULFQzkh3CxL5i6H0P1B7OCY7szWDVcvKfIYRbYjz7L_txDyGR-4hTL7-x-gz46_ywyhG-bTothUelS3LjZm7EjJOXUYONi6zbKRFOiZTO66zravD_y8Pke8NYszI2ep6NImZeXopDWLpB933QU0hCKl2wGorqy1xGyLY5Y8vPM0MPkOv9bISDMeFX7OwKmbcDykPnMGlQ5h9Je_L1w75RY4p3QhmShebeABtXEhcbW28KobqAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2D709mePognab8myhKeGQTS_MYMw%26client%3Dca-pub-5416819712408858%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 12:51:54 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 28 Apr 2023 12:51:54 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 8509 2 KB
1 KB 46ms
17ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 12:51:54 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 28 Apr 2023 12:51:54 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 8509 308 B
636 B 44ms
16ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 12:51:54 GMT
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Fri, 28 Apr 2023 12:51:54 GMT

GET
H2 200 back_button.svg
static.criteo.net/flash/icon/ Frame 8509 507 B
836 B 43ms
15ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 12:51:54 GMT
last-modified: Thu, 01 Apr 2021 14:03:13 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "6065d2a1-1fb"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 507
expires: Fri, 28 Apr 2023 12:51:54 GMT

GET
H3

200

B27280118.329175288;dc_pre=CJfov8mvw_cCFYi8dwodb1INyg;dc_trk_aid=521434294;dc_trk_cid=166770497;dcopt=anid;ord=62712569a4f54295236dc68f45727c1a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tf...
ad.doubleclick.net/ddm/trackimp/N465602.154378CRITEO/ Frame 8509
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N465602.154378CRITEO/B27280118.329175288;dc_trk_aid=521434294;dc_trk_cid=166770497;dcopt=anid;ord=62712569a4f54295236dc68f45727c1a;dc_lat=;dc_rdid=;tag_for_c...
https://ad.doubleclick.net/ddm/trackimp/N465602.154378CRITEO/B27280118.329175288;dc_pre=CJfov8mvw_cCFYi8dwodb1INyg;dc_trk_aid=521434294;dc_trk_cid=166770497;dcopt=anid;ord=62712569a4f54295236dc68f4...

42 B
63 B

86ms
35ms

Image
image/gif

142.250.186.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N465602.154378CRITEO/B27280118.329175288;dc_pre=CJfov8mvw_cCFYi8dwodb1INyg;dc_trk_aid=521434294;dc_trk_cid=166770497;dcopt=anid;ord=62712569a4f54295236dc68f45727c1a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=1;;ltd=?

Requested by

Protocol

Server

142.250.186.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 May 2022 12:51:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 03 May 2022 12:51:54 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
location: https://ad.doubleclick.net/ddm/trackimp/N465602.154378CRITEO/B27280118.329175288;dc_pre=CJfov8mvw_cCFYi8dwodb1INyg;dc_trk_aid=521434294;dc_trk_cid=166770497;dcopt=anid;ord=62712569a4f54295236dc68f45727c1a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=1;;ltd=?
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 m
secure-gl.imrworldwide.com/cgi-bin/ Frame 8509 0
688 B 204ms
156ms Image
text/plain 2600:9000:2156:ec00:1e:a43d:b640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-gl.imrworldwide.com/cgi-bin/m?ca=nlsn317603&cr=crtve&ce=criteo&pc=criteo_plc0001&ci=nlsnci1777&am=3&at=view&rt=banner&st=image&gdpr=1&&r=62712569a4f54295236dc68f45727c1a
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YnElagADkTcKmuwTAAXkZb-jau9Egk9BJkseXg&u=%7CKzyXYokKF7BUWejmxsKA0O72slQyJtyqro4IQC97zgg%3D%7C&c1=ey2CWPGBBq8KLbNmF-WcsI4oklu97rBxhDFjb-SPIrhe_8rVdq7qlDb2tXb5Ycu4fz3PYRcxFiJrcmiOdIlmYYbcJO8b_dtVy2WCPak4Bwy4_v9wNTEOctvtbn937XR0ZGGA95Fg8F-nf8n-SoYudNr7FZKkSkGH8N9GB2V88OmSbcCAyvdvl3urBfCSJZRTPPZShhWHTHfwd6COb9UYxYdIh_6G7_Rvvlg-J69PIHOCNP8h9IjyhypYcAvBSTA8J-cEvEEDD0vI1rBx1nbxEPn9SjhJ5bp5DFvWxMffY_9SWeepm-V1jfZaGwRNdjH2y6SqPcCKZvGbReVmeMIeVhOD1_4ex2W4OTqJRivWi5dBQa1ktzZe27LIZDq46KBdmkrkACjk5HUDyBrtbkFoFhra_M_sexxRtaok8n3FHfKypeK340frbD-PLKqnnDZh0lU-0_jJYfktSEEyRWAteSpy-MAbIyzy&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8pANaiVxYreiDpPY6wTlyJewDMme0rFc1fbi1pMBwI23ARABIABglYKAgKwHggEXY2EtcHViLTU0MTY4MTk3MTI0MDg4NTigAdW20uoDyAEJqQL8ITG73J2xPqgDAaoE1QFP0LgG8VB5PhQs8DGBZXDP9-uPJqIiQIwmiIC5M405bKpm78TmZZGL3dEraeULFQzkh3CxL5i6H0P1B7OCY7szWDVcvKfIYRbYjz7L_txDyGR-4hTL7-x-gz46_ywyhG-bTothUelS3LjZm7EjJOXUYONi6zbKRFOiZTO66zravD_y8Pke8NYszI2ep6NImZeXopDWLpB933QU0hCKl2wGorqy1xGyLY5Y8vPM0MPkOv9bISDMeFX7OwKmbcDykPnMGlQ5h9Je_L1w75RY4p3QhmShebeABtXEhcbW28KobqAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2D709mePognab8myhKeGQTS_MYMw%26client%3Dca-pub-5416819712408858%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:ec00:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 May 2022 12:51:54 GMT
via: 1.1 a1098f0eeab192209962e3a9d76d0338.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA50-C1
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
x-cache: Miss from cloudfront
accept-ch: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
content-length: 0
x-amz-cf-id: 8c7Eyq4zXU4CjP4i5Q9w11rArtElfv9RcxaVuSFU99ZAVC4-5my9xQ==
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 lg.php
cat.nl.eu.criteo.com/delivery/ Frame 8509 43 B
348 B 55ms
16ms Image
image/gif 178.250.2.148
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=cxlvSDRkHI6vnsvD5pZAa3weXiS6spel4CMyiFfGjni_39wmgs0gMMBT8d5j_kBoaVlJSJXZ-fiBtB7J_6BZKED09wiMgeO0dyncCLTwm6wOHQw4YkkJh16oUP25S8IeOJCTGHOIw71si2FEEP36KunYNAvcx35pU5mXOQ2_MFpH_E_rOoo5DHhRdPtUGe9dYSVgcofw50DpyFm5cQS-4BuGoA-zctj0CbOXeG6t1RGT7G1FnrNDVUBC9emq8G0tKJY7nel6FM-qbFXAW3j_Xy8fXqwSfy_5Mxr_TnOaJv3k2rhCchUsayEuz5thGT6uG6ewugh6rqyWVsgAMdOytjXepM6SDAXkHybrF1P4ZiEITedJJxPqJo0lUP327XUHRXIT09rXVKT_UEfIPItccU_UIxgTOiDXXP1-9X7icXd0QID03wugBuLNt66A_22mP7G5pw

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 May 2022 12:51:54 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2669393
content-type: image/gif
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 8509 12 KB
5 KB 28ms
18ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 12:51:54 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 480626
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B9UMCXjH8peF1eHKgXjsMKxvo2UsuW%2FGbhL3pbEbquQNQfolra2cpr3%2BtDvI9PcCtOVJrOj2IfR7uKyhy3pHo85XKaBAYUWMtfyED94ulig6qk0aJhHKndyV9Um9751gw9ZTPmqNcCpYYrVbffhlxOzS"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 7059217abbf86987-FRA
expires: Sun, 23 Apr 2023 12:51:54 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 8509 12 KB
6 KB 34ms
24ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 12:51:54 GMT
content-encoding: gzip
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 28 Apr 2023 12:51:54 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 8509 53 KB
53 KB 76ms
31ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=1200&m=0&partner=11208&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F11208%2F220228%2F18d9e0ebab8d47dfac9e56dc38fbdb9e_img_horizontal_1.jpg&v=3&w=1200&s=4Q0vU-mF2N0CxlwMT4FiZw2E

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

cf0daadcada75ea1d6ca4e3695bb9167a76c6914ee7921403c057bcf973ffca2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 12:51:54 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=29210847
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 54220
expires: Thu, 06 Apr 2023 14:59:22 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 8509 8 KB
9 KB 72ms
28ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=11208&q=80&r=0&u=https%3A%2F%2Fwww.zegna.com%2Fmedia%2Ffeed-images%2FLHSTE-A5105X-COB-F.jpg&v=3&w=400&s=qrm-t9TPhv_j20r_NLKWEXZZ&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

f2c77e5f1b871e40934d67397fea03239422101b2ef721473cf300f8b293bedb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 12:51:54 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=12626
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 8686
expires: Tue, 03 May 2022 16:22:21 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 8509 9 KB
9 KB 75ms
31ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=11208&q=80&r=0&u=https%3A%2F%2Fwww.zegna.com%2Fmedia%2Ffeed-images%2FLHUTE-A5159X-EUY-F.jpg&v=3&w=400&s=CCzfiGzLGdpMXhK3zXm41ZRq&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

ea502cbe365b837e522f872a1cdd6159cb789abce9e586b9a0979e401b0e4051

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 12:51:54 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=11623
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 8820
expires: Tue, 03 May 2022 16:05:38 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 8509 8 KB
9 KB 60ms
16ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=11208&q=80&r=0&u=https%3A%2F%2Fwww.zegna.com%2Fmedia%2Ffeed-images%2FLHSTE-A5105X-UTS-F.jpg&v=3&w=400&s=jr4_XrX5FC8DFmgujA0lmunc&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

0d026add2f9b25652ec0e8df4d521abe2353caa723fca74a7eb92d59849121fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 12:51:53 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=11460
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 8500
expires: Tue, 03 May 2022 16:02:54 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 8509 7 KB
7 KB 95ms
52ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=11208&q=80&r=0&u=https%3A%2F%2Fwww.zegna.com%2Fmedia%2Ffeed-images%2FLHSTE-A5106X-NDG-F.jpg&v=3&w=400&s=GWaJUwAhPrLU6oXvJXyn6upD&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

1c3cb2c3c11cef960d58945d6b95d77a1624617bc727d4cc67b6ba5d7a891a70

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 12:51:54 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=10517
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 6718
expires: Tue, 03 May 2022 15:47:11 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 8509 0
128 B 47ms
13ms Ping
text/plain 178.250.2.150
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=u4r9Wg0Wk_jstaZGCuPZyR5X8CAPcUTQmKOtAZ0U_JktoMnqLpEVzNXBNC5JvGSvc2HJZkB643kvfyv0CLa-gnCoXcOEueeRRGVbGGi4g2MV9DrfLmbJzHIPmBBtBFNL4FAJkhTE01VZEq7wY-23J0XzPWHhMMc-EdPneYo-oQTvHfmJi-AtaNMjxurIfFmrly1Kqgqx2yQDlA9CK3veeCdNzPmnQku0Nn8MOafaf5UYlZ1VZs7wedrvbTwrt_g-ynINfQ&sds=2&rev=81333&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 03 May 2022 12:51:54 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 8509 2 KB
1 KB 18ms
18ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 12:51:54 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 28 Apr 2023 12:51:54 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 8509 2 KB
1 KB 19ms
19ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 12:51:54 GMT
content-encoding: gzip
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 28 Apr 2023 12:51:54 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 8509 664 B
858 B 70ms
24ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:400&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5a9f9b8fdda3dc64dc104281767edc8ce0798cd76bfc307c17a7c7b4db115c86

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 03 May 2022 12:02:42 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 03 May 2022 12:51:54 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 03 May 2022 12:51:54 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/ Frame 8509 23 KB
24 KB 49ms
14ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 17:07:14 GMT
x-content-type-options: nosniff
age: 589480
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Apr 2023 17:07:14 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
10 KB 59ms
29ms XHR
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220428&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d3757b54acec8ba32741bb9e2cbe33f8687b2c182f6c08b3e7b7221ffa51170b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://excellentravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 03 May 2022 12:51:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10593
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 129ms
77ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://excellentravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 12:51:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 03 May 2022 12:51:55 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F3FB 13 KB
5 KB 13ms
13ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://excellentravel.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2149
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 03 May 2022 12:16:06 GMT
expires: Wed, 03 May 2023 12:16:06 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame D1A0 783 B
1 KB 59ms
24ms Document
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

90f85e1963a7ebb124ee3cbf443665995646d808259afe7fcc4cc58de7de68b5

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-SisOcDnyFbxVQD/REQZEZA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://excellentravel.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 511
content-security-policy: script-src 'report-sample' 'nonce-SisOcDnyFbxVQD/REQZEZA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 03 May 2022 12:51:55 GMT
expires: Tue, 03 May 2022 12:51:55 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 e8WcSG94vkM93ke5SjF29cSEjmyq7vfry6EL03wtuS4.js Show response
pagead2.googlesyndication.com/bg/ Frame F3FB 35 KB
13 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/e8WcSG94vkM93ke5SjF29cSEjmyq7vfry6EL03wtuS4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7bc59c486f78be433dde47b94a3176f5c4848e6caaeef7ebcba10bd37c2db92e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 06:47:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21893
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13654
x-xss-protection: 0
last-modified: Mon, 25 Apr 2022 12:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 03 May 2023 06:47:02 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame D1A0 0
0 124ms
124ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220428&jk=261406067957745&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame F3FB 0
9 B 13ms
13ms Image
text/plain 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?2IgYVQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 12:51:55 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 9285 42 B
64 B 63ms
63ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuNbZ37KPfFVD3jKYmY-u2Ge-d8TAqNqosDiBlh_GWnLgf9MQHo1ggo5nDG071mfK1Xe2zbATHFOUbqAqLqZboTVw&sig=Cg0ArKJSzJPibuWfch3LEAE&id=lidar2&mcvt=1000&p=0,0,280,340&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220502&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=207091057&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1651582314136&rpt=454&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 May 2022 12:51:55 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 8509 0
127 B 13ms
13ms Ping
text/plain 178.250.2.150
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 03 May 2022 12:51:55 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 65ms
65ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220428&jk=261406067957745&bg=!9Pel97PNAAZNIUvJbSE7ACkAdvg8WlI4UwA_JhNvpjlI4oMTS0TUkovLp_7apngFP2bxDVbL6qiYtgIAAABYUgAAAAJoAQeZAsiWU8J54-IbfgWAvQ9vugNqilNU5vm06-Uy0SHz8oUhEblOUnCmidFTLhRE07sQuZw-K1Eec0i4V4GfowFyQyp1cakdLATFW2LFLQi21Evqz7JUD459q6TlGC5cjccyoGzuqOlbts998cLyu3CW1fgAHkDiA5M-tiHlnOEasBwuPKzbstVnyCwPYeIkmNvAbLUvaCG8vqBFNXdamrxvazS54NOH1hgChk2vhmNgNPC_aNB5WV5nv9f71oUaQKwZV17G9onMCTO95CoCfWb5XQrJvI3vrkmRFhdc8saPDUgERhLY-J_-i1mUfmlYq64BYR_LJTffmif83fMvWMhM8xkg1Ua3COPBWgQiKcMp2VBOjGif66farVZnviZyexo6s-1YXTBBRUiHDq-iDmG8LCohhH8qikYwhldtcZzH9nMgxRYYLxnPCOGBeqvkXlHU4h7Ocf6sgO71D3krv99eM6UuEU1yR3r0y-e-jJmlopZoz9DSP34Og86UzSr8XUuNMv6jzbqOeJvRhOUTHfl6-B0gOmAchjtDNF3liIgYEFEb8OJ0gUGUV0xua_7BOOTM99vaGgMjdDJjFQjmhbTLPmF6YVwUclCykAxIchX9NGw1ed66XQ-oOHCHPkPTa02o0iIaUoB5DZL1-JNWKh3xT7_FYkxSsnuv865dG3OPdR0FkJQa3Y-98PQ2LoQJ0uLLMRWfYJqxs68JZm7qm39e0MYXd14JbY6DEVsZv_jrtFi7Woa3pcUIqjfFszLlrwfYuK388bFJ-SZQQv7cuzjWVBUPAJ1AmrQXypN6xR16i9kXjnaLv4AXkPN7VhOEAZT56mB0pq1CGDyUdNR4hVgW_LF2JpqFToRyigOPxWJZgALbVQc1WOR1zBqLa9xD7yXIZ8glJcAmZHEHWfIAg63UUQunZt4qjaop4ZL5yjWRB-Ph48fr0BZEFP9i
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://excellentravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

44 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
excellentravel.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: ijmu16l60ldll0ldls87197t8g
.excellentravel.com/	1970-01-20 12:07:58	Name: __gads Value: ID=cf51d39340ee3e9e-22a2bef388cd00a8:T=1651582314:RT=1651582314:S=ALNI_Mb_0oPnEh830FknxcRbjfOTNUwFiA
.doubleclick.net/	1970-01-20 12:07:58	Name: IDE Value: AHWqTUmnXjNvlTDjRPE0nSoXl69MSYLO63NyZira-OqFhbEI7mvF0ZFmC1UxKK6Q5OQ

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
ads.eu.criteo.com
adservice.google.com
adservice.google.de
cat.nl.eu.criteo.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
code.jquery.com
csm.eu.criteo.net
excellentravel.com
firebasestorage.googleapis.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
pix.eu.criteo.net
rtb.nl.eu.criteo.com
secure-gl.imrworldwide.com
static.criteo.net
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
www.gstatic.com
www.tripadvisor.com
142.250.186.134
172.217.16.130
178.250.0.139
178.250.2.148
178.250.2.150
2.18.234.194
2001:4de0:ac18::1:a:3b
2600:9000:2156:ec00:1e:a43d:b640:93a1
2606:4700:3032::6815:1a69
2606:4700::6810:5914
2606:4700::6811:180e
2a00:1450:4001:808::2003
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::2004
2a00:1450:4001:810::2002
2a00:1450:4001:812::2001
2a00:1450:4001:812::200a
2a00:1450:4001:813::2002
2a00:1450:4001:813::200a
2a00:1450:4001:827::2002
2a02:2638:1::2
2a02:2638:1::3
2a02:2638:1::4
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0a99665d77fbb2a8996da55c9dee2f8df31fb163a4ea3aa612042c9dfbd7d7dc
0b2934a1098d4546edd245bc896b74f8b9720e0c7fa2dc5a48fff3b69c2fa854
0c5ed985fdbddc027124d4e6879ce1a1860832cda85e2b517c18d8fbd2fffc06
0d026add2f9b25652ec0e8df4d521abe2353caa723fca74a7eb92d59849121fd
160178c39d1766871699e6ec601ded1376873834318f71aab6bc76017cedb34a
1c3cb2c3c11cef960d58945d6b95d77a1624617bc727d4cc67b6ba5d7a891a70
2abf97b7c8ae8df9a17649e91fcfa22ae5dc164aa9e86e379accff38b46c0946
31f6076ed2b939144cf3011e2b9924c42e68ba3fe01e58ba9c2371318f86e9fc
3cb606b50037fdc102fec3a954e06d73de8c309753f2280f24f64c2b146de152
4b24eee82c2b7ce85ace76193e8a25570dabc6863b94a60a42fa9bb6a37ddc72
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5a9f9b8fdda3dc64dc104281767edc8ce0798cd76bfc307c17a7c7b4db115c86
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
7339fe12f332ac7ecd6e0ef04bb7a48fad9e74be887d67f458548ff33ea4db65
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7bc59c486f78be433dde47b94a3176f5c4848e6caaeef7ebcba10bd37c2db92e
890e9ee3f1573dcfb9437347198de0b8fbd284a1c77206b07bdc79e2d6a34ce6
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8c28cc0d77433e5ab992bbfec6cdf10de756eb7c0b33a0668ad5e666ab560966
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
90f85e1963a7ebb124ee3cbf443665995646d808259afe7fcc4cc58de7de68b5
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
925b0e02095543a62d25282013b55b56a369c77f9b905b72588413c837795b14
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a78d872dee0b66e1fd7cfdab14645678b8f9596cf42b212029825029acda4dfc
a9b63f31fd4c9fd602952300f4ec075e962c9549c6b4bc1de51813e8e32d32e9
b148a123dd65aa6603102281e5203539c1e3ad6514e035a9fd4096e5779017d3
b4610c91e275ef2305b4388f03a356a1bc76bfe4c9575be7317b4add726117b1
bdc0c59701784258f143dfd4201f28353f080e0900a3530a83702e08c9ff353f
be97bdcaccbcc86a0112ebf6ca467ac1b7f564ebce0d551142d2b03b63dc7fb0
cf0daadcada75ea1d6ca4e3695bb9167a76c6914ee7921403c057bcf973ffca2
d3757b54acec8ba32741bb9e2cbe33f8687b2c182f6c08b3e7b7221ffa51170b
d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5b1c0cfe2d7684839341b6cac418d210bee998a2d9a87f1f91cd30742991a18
ea502cbe365b837e522f872a1cdd6159cb789abce9e586b9a0979e401b0e4051
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f114e062db8d6e28b27679e95a074ca452faeb799cc6c04b4189fd04f5dcbe9f
f2c77e5f1b871e40934d67397fea03239422101b2ef721473cf300f8b293bedb
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f98ad3e0de02578a6df034f01fc1fd0f61911320c8d5711738d6c5824cb69855
fe18f9e8e33d5184e9953fd6d67bc2b9d91718070a48e0272830a2daedac0691

excellentravel.com Open in urlscan Pro 2606:4700:3032::6815:1a69 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

60 Requests

98 %HTTPS

74 %IPv6

16 Domains

25 Subdomains

24 IPs

4 Countries

4470 kBTransfer

5452 kBSize

3 Cookies

6 Outgoing links

Redirected requests

60 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

excellentravel.com Open in urlscan Pro
2606:4700:3032::6815:1a69 Public Scan

Screenshot
Live screenshot

Full Image

60
Requests

98 %
HTTPS

74 %
IPv6

16
Domains

25
Subdomains

24
IPs

4
Countries

4470 kB
Transfer

5452 kB
Size

3
Cookies

60 HTTP transactions
1 data transactions