rochesterny.vacation.travelleadersnetwork.com Open in urlscan Pro
52.33.8.180 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://links.travelleaders.mkt5763.com/ctt?ms=MTkxNzIyNTgS1&kn=3&r=MzY0MTI0OTA2MDkyS0&b=0&j=MjIwMTQwNzczMQS2&mt=1&rt=0
Effective URL:
https://rochesterny.vacation.travelleadersnetwork.com/promotion-details.aspx?&promotionid=40103&utm_source=b2cemail&utm_medium=email&utm_campaign=6715
Submission: On September 08 via api (September 8th 2021, 3:21:15 pm UTC) from US — Scanned from DE

Summary HTTP 60 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 10 IPs in 3 countries across 10 domains to perform 60 HTTP transactions. The main IP is 52.33.8.180, located in Boardman, United States and belongs to AMAZON-02, US. The main domain is rochesterny.vacation.travelleadersnetwork.com.
TLS certificate: Issued by R3 on July 17th 2021. Valid for: 3 months.

This is the only time rochesterny.vacation.travelleadersnetwork.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	52.222.158.94 52.222.158.94	16509 (AMAZON-02) (AMAZON-02)
2 17	52.33.8.180 52.33.8.180	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:218... 2600:9000:218e:ea00:16:4349:fe00:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4007:80b::200e	15169 (GOOGLE) (GOOGLE)
1	52.92.145.218 52.92.145.218	16509 (AMAZON-02) (AMAZON-02)
28	2606:4700::68... 2606:4700::6812:18a5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	151.101.120.193 151.101.120.193	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4007:80c::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4007:810::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4007:819::200a	() ()
60	10

1 52.222.158.94 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-52-222-158-94.cdg52.r.cloudfront.net

links.travelleaders.mkt5763.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 52.33.8.180 (Boardman, United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-33-8-180.us-west-2.compute.amazonaws.com

rochesterny.vacation.travelleadersnetwork.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:218e:ea00:16:4349:fe00:93a1 (United States)

ASN16509 (AMAZON-02, US)

skins.webtreepro.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4007:80b::200e (Ireland)

ASN15169 (GOOGLE, US)

maps.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.92.145.218 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2-r-w.amazonaws.com

wtp-prd.s3.us-west-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2606:4700::6812:18a5 (United States)

ASN13335 (CLOUDFLARENET, US)

www.travelleaders.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.120.193 (Paris, France)

ASN54113 (FASTLY, US)

i.imgur.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4007:80c::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4007:810::2003 (Ireland)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4007:819::200a (None, )

ASN- ()

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	travelleaders.com www.travelleaders.com	2 MB
17	travelleadersnetwork.com 2 redirects rochesterny.vacation.travelleadersnetwork.com	428 KB
4	gstatic.com fonts.gstatic.com	75 KB
4	google.com maps.google.com	168 KB
3	imgur.com i.imgur.com	10 KB
2	googleapis.com fonts.googleapis.com maps.googleapis.com	1 KB
2	webtreepro.com skins.webtreepro.com	1 MB
1	amazonaws.com wtp-prd.s3.us-west-2.amazonaws.com	5 KB
1	mkt5763.com 1 redirects links.travelleaders.mkt5763.com	476 B
0	mercavia.com Failed www.mercavia.com Failed
60	10

	Domain	Requested by
28	www.travelleaders.com	rochesterny.vacation.travelleadersnetwork.com
17	rochesterny.vacation.travelleadersnetwork.com	2 redirects rochesterny.vacation.travelleadersnetwork.com
4	fonts.gstatic.com	fonts.googleapis.com
4	maps.google.com	rochesterny.vacation.travelleadersnetwork.com maps.google.com
3	i.imgur.com	rochesterny.vacation.travelleadersnetwork.com
2	skins.webtreepro.com	rochesterny.vacation.travelleadersnetwork.com
1	maps.googleapis.com	maps.google.com
1	fonts.googleapis.com	skins.webtreepro.com
1	wtp-prd.s3.us-west-2.amazonaws.com	rochesterny.vacation.travelleadersnetwork.com
1	links.travelleaders.mkt5763.com	1 redirects
0	www.mercavia.com Failed	rochesterny.vacation.travelleadersnetwork.com
60	11

This site contains links to these domains. Also see Links.

Domain
www.travelleadersgroup.com

Subject Issuer	Validity	Valid
rochesterny.vacation.travelleadersnetwork.com R3	`2021-07-17` - `2021-10-15`	3 months	crt.sh
skins.webtreepro.com Amazon	`2021-05-23` - `2022-06-21`	a year	crt.sh
*.google.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.s3-us-west-2.amazonaws.com DigiCert Baltimore CA-2 G2	`2021-06-23` - `2022-07-24`	a year	crt.sh
travelleaders.com Cloudflare Inc ECC CA-3	`2021-06-08` - `2022-06-07`	a year	crt.sh
*.imgur.com DigiCert SHA2 Secure Server CA	`2020-01-15` - `2022-03-16`	2 years	crt.sh
upload.video.google.com GTS CA 1O1	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://rochesterny.vacation.travelleadersnetwork.com/promotion-details.aspx?&promotionid=40103&utm_source=b2cemail&utm_medium=email&utm_campaign=6715
Frame ID: 545181A2D722A3E75A18EDEAD2F8A4F5
Requests: 60 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Promotions Details

Page URL History Show full URLs

https://links.travelleaders.mkt5763.com/ctt?ms=MTkxNzIyNTgS1&kn=3&r=MzY0MTI0OTA2MDkyS0&b=0&j=MjIwMTQwNzczMQS2&mt=1&rt=0 HTTP 302
http://rochesterny.vacation.travelleadersnetwork.com/promotion-details.aspx?&promotionid=40103&utm_source=b2cemail&utm_medium=ema... HTTP 301
https://rochesterny.vacation.travelleadersnetwork.com/promotion-details.aspx?&promotionid=40103&utm_source=b2cemail&utm_medium=ema... Page URL

Detected technologies

Google Maps (Maps) Expand

Overall confidence: 100%
Detected patterns

//maps\.google(?:apis)?\.com/maps/api/js

Microsoft ASP.NET (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

\.aspx?(?:$|\?)

Pure CSS (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]+(?:([\d.])+/)?pure(?:-min)?\.css
<div[^>]+class="[^"]*pure-u-(?:sm-|md-|lg-|xl-)?\d-\d

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Page Statistics

60
Requests

98 %
HTTPS

60 %
IPv6

10
Domains

11
Subdomains

10
IPs

3
Countries

4101 kB
Transfer

4904 kB
Size

4
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.travelleadersgroup.com/terms-of-use/
Title: TERMS & CONDITIONS

Search URL Search Domain Scan URL

URL: https://www.travelleadersgroup.com/privacy-policy/
Title: PRIVACY POLICY

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://links.travelleaders.mkt5763.com/ctt?ms=MTkxNzIyNTgS1&kn=3&r=MzY0MTI0OTA2MDkyS0&b=0&j=MjIwMTQwNzczMQS2&mt=1&rt=0 HTTP 302
http://rochesterny.vacation.travelleadersnetwork.com/promotion-details.aspx?&promotionid=40103&utm_source=b2cemail&utm_medium=email&utm_campaign=6715 HTTP 301
https://rochesterny.vacation.travelleadersnetwork.com/promotion-details.aspx?&promotionid=40103&utm_source=b2cemail&utm_medium=email&utm_campaign=6715 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11

https://rochesterny.vacation.travelleadersnetwork.com/Customers/TLG/CustomAddIn/DefaultLogo.ashx HTTP 302
https://wtp-prd.s3.us-west-2.amazonaws.com/sites/tlg/logos/58fc616b736d4e69a62422e8914f09f7.png?X-Amz-Expires=86400&response-cache-control=max-age%3D86400&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAZWPS3ZQLI4JROM46/20210908/us-west-2/s3/aws4_request&X-Amz-Date=20210908T152108Z&X-Amz-SignedHeaders=host&X-Amz-Signature=f3a47037369e6d569014c8ce74c6a11c993050ae2c2db9963b6634d22bf26b69

60 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request promotion-details.aspx Show response
rochesterny.vacation.travelleadersnetwork.com/
Redirect Chain

https://links.travelleaders.mkt5763.com/ctt?ms=MTkxNzIyNTgS1&kn=3&r=MzY0MTI0OTA2MDkyS0&b=0&j=MjIwMTQwNzczMQS2&mt=1&rt=0
http://rochesterny.vacation.travelleadersnetwork.com/promotion-details.aspx?&promotionid=40103&utm_source=b2cemail&utm_medium=email&utm_campaign=6715
https://rochesterny.vacation.travelleadersnetwork.com/promotion-details.aspx?&promotionid=40103&utm_source=b2cemail&utm_medium=email&utm_campaign=6715

81 KB
82 KB

4979ms
4619ms

Document
text/html

52.33.8.180
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rochesterny.vacation.travelleadersnetwork.com/promotion-details.aspx?&promotionid=40103&utm_source=b2cemail&utm_medium=email&utm_campaign=6715
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.33.8.180 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-33-8-180.us-west-2.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: d7af8f5650edce4c53e9cb3efeb23607011570c1e5be2da4b9e10af92d4b2d7d

Request headers

:method: GET
:authority: rochesterny.vacation.travelleadersnetwork.com
:scheme: https
:path: /promotion-details.aspx?&promotionid=40103&utm_source=b2cemail&utm_medium=email&utm_campaign=6715
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
cookie: ASP.NET_SessionId=rpec1myf0iasid5rxgqabfth
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

cache-control: private
content-type: text/html; charset=utf-8
vary: User-Agent
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
access-control-allow-origin: *
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
access-control-allow-headers: Content-Type
date: Wed, 08 Sep 2021 15:21:07 GMT
content-length: 83189

Redirect headers

Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: https://rochesterny.vacation.travelleadersnetwork.com/promotion-details.aspx?&promotionid=40103&utm_source=b2cemail&utm_medium=email&utm_campaign=6715
Server: Microsoft-IIS/10.0
Set-Cookie: ASP.NET_SessionId=rpec1myf0iasid5rxgqabfth; path=/; HttpOnly; SameSite=Lax
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,PUT,POST,DELETE,OPTIONS
Access-Control-Allow-Headers: Content-Type
Date: Wed, 08 Sep 2021 15:21:01 GMT
Content-Length: 283

GET
H2 200 6h3vCm3tWFchCks0tPQunBIVHv-Bk7i-HNeRsXcgv0tuixt6MMFDSCU15vrscA9xFQSCzLCcxp2niv_jGlU0YxreYdSWmblNLOi10bSWfFCNppuWvfVYSxkINqZ31gjGGTVVj3X3tsqMzh5NANHw3jr9kdtPSXbNuXVrDKyaT_MT4ywjMCnj9vBSWOhc0ITcWLsKm... Show response
rochesterny.vacation.travelleadersnetwork.com/dynamicScriptBundle/637662409453458172/kwMAAB-LCAAAAAAABAB1UkFSwzAMfE250QO8gAEGypQZDtAr48RK6yS2hCW3ze9RiAHThpOlXVmjlXZx1Tzx4qppPxLEYdnyxeIvcoBKIgBFLMka... 525 KB
140 KB 628ms
625ms Script
text/javascript 52.33.8.180
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rochesterny.vacation.travelleadersnetwork.com/dynamicScriptBundle/637662409453458172/kwMAAB-LCAAAAAAABAB1UkFSwzAMfE250QO8gAEGypQZDtAr48RK6yS2hCW3ze9RiAHThpOlXVmjlXZx1Tzx4qppPxLEYdnyxeIvcoBKIgBFLMkasXPAGXqNpu5c2BZhWcyHBqsWainBBqPn4IjgD9w55M6jhRI0rTk-Qk8Q-Ra9x3A-Z3I_4WVyJX8QeiekRCUYUIaR-xU3IjMVeQtfLKk0swWby26I3p8NC8QXRcc_r-CpNzLF64c1GKsj39stKECp/6h3vCm3tWFchCks0tPQunBIVHv-Bk7i-HNeRsXcgv0tuixt6MMFDSCU15vrscA9xFQSCzLCcxp2niv_jGlU0YxreYdSWmblNLOi10bSWfFCNppuWvfVYSxkINqZ31gjGGTVVj3X3tsqMzh5NANHw3jr9kdtPSXbNuXVrDKyaT_MT4ywjMCnj9vBSWOhc0ITcWLsKmm2uv0dWYwS5c6y2GNZmwDR3HoGjNK7v86k_AbML66GTAwAA0
Requested by: Host: rochesterny.vacation.travelleadersnetwork.com
URL: https://rochesterny.vacation.travelleadersnetwork.com/promotion-details.aspx?&promotionid=40103&utm_source=b2cemail&utm_medium=email&utm_campaign=6715
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.33.8.180 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-33-8-180.us-west-2.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: f317df767971f8d070cf8f63e9d5a7815c0eb426a15247a0b4187b3d02c2f0c0

Request headers

:path: /dynamicScriptBundle/637662409453458172/kwMAAB-LCAAAAAAABAB1UkFSwzAMfE250QO8gAEGypQZDtAr48RK6yS2hCW3ze9RiAHThpOlXVmjlXZx1Tzx4qppPxLEYdnyxeIvcoBKIgBFLMkasXPAGXqNpu5c2BZhWcyHBqsWainBBqPn4IjgD9w55M6jhRI0rTk-Qk8Q-Ra9x3A-Z3I_4WVyJX8QeiekRCUYUIaR-xU3IjMVeQtfLKk0swWby26I3p8NC8QXRcc_r-CpNzLF64c1GKsj39stKECp/6h3vCm3tWFchCks0tPQunBIVHv-Bk7i-HNeRsXcgv0tuixt6MMFDSCU15vrscA9xFQSCzLCcxp2niv_jGlU0YxreYdSWmblNLOi10bSWfFCNppuWvfVYSxkINqZ31gjGGTVVj3X3tsqMzh5NANHw3jr9kdtPSXbNuXVrDKyaT_MT4ywjMCnj9vBSWOhc0ITcWLsKmm2uv0dWYwS5c6y2GNZmwDR3HoGjNK7v86k_AbML66GTAwAA0
pragma: no-cache
cookie: ASP.NET_SessionId=rpec1myf0iasid5rxgqabfth
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: rochesterny.vacation.travelleadersnetwork.com
referer: https://rochesterny.vacation.travelleadersnetwork.com/promotion-details.aspx?&promotionid=40103&utm_source=b2cemail&utm_medium=email&utm_campaign=6715
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://rochesterny.vacation.travelleadersnetwork.com/promotion-details.aspx?&promotionid=40103&utm_source=b2cemail&utm_medium=email&utm_campaign=6715
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 15:21:07 GMT
content-encoding: gzip
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: public
access-control-allow-headers: Content-Type
content-length: 143012
expires: Thu, 08 Sep 2022 15:21:07 GMT

GET
H2 200 font-awesome.min.css
skins.webtreepro.com/skins/common/fontawesome4/css/ 28 KB
29 KB 126ms
27ms Stylesheet
text/css 2600:9000:218e:ea00:16:4349:fe00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://skins.webtreepro.com/skins/common/fontawesome4/css/font-awesome.min.css
Requested by: Host: rochesterny.vacation.travelleadersnetwork.com
URL: https://rochesterny.vacation.travelleadersnetwork.com/promotion-details.aspx?&promotionid=40103&utm_source=b2cemail&utm_medium=email&utm_campaign=6715
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:218e:ea00:16:4349:fe00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ed0f05101d480726c58bcd4956a1e7b02f12b538d02058f1b0ebfdabe8a7ef42

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://rochesterny.vacation.travelleadersnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 f3a3f62227549dcbb83000c9d8bb826a.cloudfront.net (CloudFront)
last-modified: Tue, 10 Jul 2018 20:47:42 GMT
server: AmazonS3
age: 38753
etag: "fea395db9a5c8eaba924d98161324597"
x-cache: Hit from cloudfront
content-type: text/css
date: Wed, 08 Sep 2021 04:35:14 GMT
x-amz-cf-pop: CDG52-P1
accept-ranges: bytes
content-length: 29067
x-amz-cf-id: VpOZ0oT_HsKtI3c_WEPuE21bfxZAr4beqA8kqIC0ZCsLxJxn0PEUaQ==

GET
H2 200 9AEAAB-LCAAAAAAABACVjDEOwjAMRU8TRgZuQIvExBQukLYODdhOFTeI4-NKVcVSCS_Wk_Xed6fYZqLMTsF7vU3lAUGULhBDxVmpw_w49iIH95feqH4u_ZjeIIZMzS5_DMFK9sK_Ehuqa0mDQb8BV4N-B5owzLCTtAiBfyefS0762BSpE5SYZNxXSEdoHfkC_YhTZ...
rochesterny.vacation.travelleadersnetwork.com/dynamicStyleBundle/637659814725177617/ 21 KB
4 KB 807ms
804ms Stylesheet
text/css 52.33.8.180
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rochesterny.vacation.travelleadersnetwork.com/dynamicStyleBundle/637659814725177617/9AEAAB-LCAAAAAAABACVjDEOwjAMRU8TRgZuQIvExBQukLYODdhOFTeI4-NKVcVSCS_Wk_Xed6fYZqLMTsF7vU3lAUGULhBDxVmpw_w49iIH95feqH4u_ZjeIIZMzS5_DMFK9sK_Ehuqa0mDQb8BV4N-B5owzLCTtAiBfyefS0762BSpE5SYZNxXSEdoHfkC_YhTZ_QBAAA1
Requested by: Host: rochesterny.vacation.travelleadersnetwork.com
URL: https://rochesterny.vacation.travelleadersnetwork.com/promotion-details.aspx?&promotionid=40103&utm_source=b2cemail&utm_medium=email&utm_campaign=6715
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.33.8.180 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-33-8-180.us-west-2.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: adbf231038f6d71816a6f8f59bd8aa93b98ec9629b310d5cac8abaa5d3e29009

Request headers

:path: /dynamicStyleBundle/637659814725177617/9AEAAB-LCAAAAAAABACVjDEOwjAMRU8TRgZuQIvExBQukLYODdhOFTeI4-NKVcVSCS_Wk_Xed6fYZqLMTsF7vU3lAUGULhBDxVmpw_w49iIH95feqH4u_ZjeIIZMzS5_DMFK9sK_Ehuqa0mDQb8BV4N-B5owzLCTtAiBfyefS0762BSpE5SYZNxXSEdoHfkC_YhTZ_QBAAA1
pragma: no-cache
cookie: ASP.NET_SessionId=rpec1myf0iasid5rxgqabfth
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: rochesterny.vacation.travelleadersnetwork.com
referer: https://rochesterny.vacation.travelleadersnetwork.com/promotion-details.aspx?&promotionid=40103&utm_source=b2cemail&utm_medium=email&utm_campaign=6715
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://rochesterny.vacation.travelleadersnetwork.com/promotion-details.aspx?&promotionid=40103&utm_source=b2cemail&utm_medium=email&utm_campaign=6715
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 15:21:07 GMT
content-encoding: gzip
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: public
access-control-allow-headers: Content-Type
content-length: 4473
expires: Thu, 08 Sep 2022 15:21:08 GMT

GET
H2 200 jquery-ui-1.10.2.custom.css
rochesterny.vacation.travelleadersnetwork.com/App_Themes/intranet/jquery-ui/ 34 KB
6 KB 464ms
461ms Stylesheet
text/css 52.33.8.180
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rochesterny.vacation.travelleadersnetwork.com/App_Themes/intranet/jquery-ui/jquery-ui-1.10.2.custom.css
Requested by: Host: rochesterny.vacation.travelleadersnetwork.com
URL: https://rochesterny.vacation.travelleadersnetwork.com/promotion-details.aspx?&promotionid=40103&utm_source=b2cemail&utm_medium=email&utm_campaign=6715
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.33.8.180 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-33-8-180.us-west-2.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 0130a8dceb8fc8165defe555fb6311120ce66f1ee2a51abe20990eb2bffc6f66

Request headers

:path: /App_Themes/intranet/jquery-ui/jquery-ui-1.10.2.custom.css
pragma: no-cache
cookie: ASP.NET_SessionId=rpec1myf0iasid5rxgqabfth
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: rochesterny.vacation.travelleadersnetwork.com
referer: https://rochesterny.vacation.travelleadersnetwork.com/promotion-details.aspx?&promotionid=40103&utm_source=b2cemail&utm_medium=email&utm_campaign=6715
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://rochesterny.vacation.travelleadersnetwork.com/promotion-details.aspx?&promotionid=40103&utm_source=b2cemail&utm_medium=email&utm_campaign=6715
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 15:21:07 GMT
content-encoding: gzip
etag: "8013c8a9928d61:0"
last-modified: Tue, 12 May 2020 20:08:03 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
access-control-allow-headers: Content-Type
content-length: 6056

GET
H2 200 Toolbar.css
rochesterny.vacation.travelleadersnetwork.com/App_Themes/Intranet/ 8 KB
2 KB 314ms
311ms Stylesheet
text/css 52.33.8.180
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rochesterny.vacation.travelleadersnetwork.com/App_Themes/Intranet/Toolbar.css
Requested by: Host: rochesterny.vacation.travelleadersnetwork.com
URL: https://rochesterny.vacation.travelleadersnetwork.com/promotion-details.aspx?&promotionid=40103&utm_source=b2cemail&utm_medium=email&utm_campaign=6715
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.33.8.180 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-33-8-180.us-west-2.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: fb1cd0489615f61f72b85c145e978462ed2ffef157d32e5cbf3bffb0e08f3a1e

Request headers

:path: /App_Themes/Intranet/Toolbar.css
pragma: no-cache
cookie: ASP.NET_SessionId=rpec1myf0iasid5rxgqabfth
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: rochesterny.vacation.travelleadersnetwork.com
referer: https://rochesterny.vacation.travelleadersnetwork.com/promotion-details.aspx?&promotionid=40103&utm_source=b2cemail&utm_medium=email&utm_campaign=6715
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://rochesterny.vacation.travelleadersnetwork.com/promotion-details.aspx?&promotionid=40103&utm_source=b2cemail&utm_medium=email&utm_campaign=6715
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 15:21:07 GMT
content-encoding: gzip
etag: "8013c8a9928d61:0"
last-modified: Tue, 12 May 2020 20:08:03 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
access-control-allow-headers: Content-Type
content-length: 1605

GET
H2 200 cookieconsent.min.css
rochesterny.vacation.travelleadersnetwork.com/Js/cookieconsent/css/ 4 KB
1 KB 464ms
462ms Stylesheet
text/css 52.33.8.180
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rochesterny.vacation.travelleadersnetwork.com/Js/cookieconsent/css/cookieconsent.min.css
Requested by: Host: rochesterny.vacation.travelleadersnetwork.com
URL: https://rochesterny.vacation.travelleadersnetwork.com/promotion-details.aspx?&promotionid=40103&utm_source=b2cemail&utm_medium=email&utm_campaign=6715
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.33.8.180 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-33-8-180.us-west-2.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 2f828220b9dd6c92f5c9c096bfa3bb3fbc579380e2b0ec1e4733d850e116a7f1

Request headers

:path: /Js/cookieconsent/css/cookieconsent.min.css
pragma: no-cache
cookie: ASP.NET_SessionId=rpec1myf0iasid5rxgqabfth
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: rochesterny.vacation.travelleadersnetwork.com
referer: https://rochesterny.vacation.travelleadersnetwork.com/promotion-details.aspx?&promotionid=40103&utm_source=b2cemail&utm_medium=email&utm_campaign=6715
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://rochesterny.vacation.travelleadersnetwork.com/promotion-details.aspx?&promotionid=40103&utm_source=b2cemail&utm_medium=email&utm_campaign=6715
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 15:21:07 GMT
content-encoding: gzip
etag: "80dcd5461afd41:0"
last-modified: Fri, 18 Jan 2019 19:09:27 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
access-control-allow-headers: Content-Type
content-length: 1195

GET
H2 200 default.css
skins.webtreepro.com/skins/tlgleadersedge/ 1 MB
1 MB 139ms
41ms Stylesheet
text/css 2600:9000:218e:ea00:16:4349:fe00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://skins.webtreepro.com/skins/tlgleadersedge/default.css?t=637376410722800000
Requested by: Host: rochesterny.vacation.travelleadersnetwork.com
URL: https://rochesterny.vacation.travelleadersnetwork.com/promotion-details.aspx?&promotionid=40103&utm_source=b2cemail&utm_medium=email&utm_campaign=6715
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:218e:ea00:16:4349:fe00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 56262f89c6c4ff07215e8f2054738efe3bff7501794c59e625649ebc2bc9b9f6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://rochesterny.vacation.travelleadersnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: RzALR860EbkVQBfVa3OoYXuntBXf5zB1
via: 1.1 f3a3f62227549dcbb83000c9d8bb826a.cloudfront.net (CloudFront)
last-modified: Wed, 07 Oct 2020 11:17:52 GMT
server: AmazonS3
age: 82396
etag: "6f90a5dda502a08167fe2960e51c7e60"
x-cache: Hit from cloudfront
content-type: text/css
date: Tue, 07 Sep 2021 16:27:52 GMT
x-amz-cf-pop: CDG52-P1
accept-ranges: bytes
content-length: 1295764
x-amz-cf-id: cKpZVue5lZcoLzEn5HiQ8ODFGIn5XHGvEuWxGkkRRCUYRMWaJoxfnQ==

GET
H2 200 js Show response
maps.google.com/maps/api/ 140 KB
46 KB 159ms
65ms Script
text/javascript 2a00:1450:4007:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.google.com/maps/api/js?key=AIzaSyAxuVERn-bIKl8t1fV19IpqYCrAgzZCAv0

Requested by

Host: rochesterny.vacation.travelleadersnetwork.com
URL: https://rochesterny.vacation.travelleadersnetwork.com/promotion-details.aspx?&promotionid=40103&utm_source=b2cemail&utm_medium=email&utm_campaign=6715

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:80b::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

67c6ecc8427464e7bdea2cc7ee09fbf96f4053d3272824b8df34a16b637a1646

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://rochesterny.vacation.travelleadersnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 15:21:07 GMT
content-encoding: gzip
vary: Accept-Language
server: mafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
server-timing: gfet4t7; dur=29
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46627
x-xss-protection: 0
expires: Wed, 08 Sep 2021 15:51:07 GMT

GET
H2 200 map.js Show response
rochesterny.vacation.travelleadersnetwork.com/Customers/TLG/CustomAddIn/V3/js/ 1 KB
1 KB 464ms
462ms Script
application/javascript 52.33.8.180
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rochesterny.vacation.travelleadersnetwork.com/Customers/TLG/CustomAddIn/V3/js/map.js
Requested by: Host: rochesterny.vacation.travelleadersnetwork.com
URL: https://rochesterny.vacation.travelleadersnetwork.com/promotion-details.aspx?&promotionid=40103&utm_source=b2cemail&utm_medium=email&utm_campaign=6715
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.33.8.180 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-33-8-180.us-west-2.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 38e16f15e0f3294a97b254a8332d9f7823dece3e40744a293b4334b9dd7845d2

Request headers

:path: /Customers/TLG/CustomAddIn/V3/js/map.js
pragma: no-cache
cookie: ASP.NET_SessionId=rpec1myf0iasid5rxgqabfth
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: rochesterny.vacation.travelleadersnetwork.com
referer: https://rochesterny.vacation.travelleadersnetwork.com/promotion-details.aspx?&promotionid=40103&utm_source=b2cemail&utm_medium=email&utm_campaign=6715
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://rochesterny.vacation.travelleadersnetwork.com/promotion-details.aspx?&promotionid=40103&utm_source=b2cemail&utm_medium=email&utm_campaign=6715
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 15:21:07 GMT
last-modified: Tue, 11 Jun 2019 21:03:11 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "893221149920d51:0"
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
access-control-allow-headers: Content-Type
content-length: 1353

GET
H2 200 MsAjaxJs Show response
rochesterny.vacation.travelleadersnetwork.com/bundles/ 131 KB
132 KB 465ms
463ms Script
text/javascript 52.33.8.180
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rochesterny.vacation.travelleadersnetwork.com/bundles/MsAjaxJs?v=FKpG-smDBfGNUdgJeZvfEIGvJ6cYQEn3X0F5sU-GCEA1
Requested by: Host: rochesterny.vacation.travelleadersnetwork.com
URL: https://rochesterny.vacation.travelleadersnetwork.com/promotion-details.aspx?&promotionid=40103&utm_source=b2cemail&utm_medium=email&utm_campaign=6715
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.33.8.180 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-33-8-180.us-west-2.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 0b5ccf8ec360d4ce45730aac1718af91e431ee6379282eebc3f44476363a52c7

Request headers

:path: /bundles/MsAjaxJs?v=FKpG-smDBfGNUdgJeZvfEIGvJ6cYQEn3X0F5sU-GCEA1
pragma: no-cache
cookie: ASP.NET_SessionId=rpec1myf0iasid5rxgqabfth
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: rochesterny.vacation.travelleadersnetwork.com
referer: https://rochesterny.vacation.travelleadersnetwork.com/promotion-details.aspx?&promotionid=40103&utm_source=b2cemail&utm_medium=email&utm_campaign=6715
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://rochesterny.vacation.travelleadersnetwork.com/promotion-details.aspx?&promotionid=40103&utm_source=b2cemail&utm_medium=email&utm_campaign=6715
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 15:21:07 GMT
last-modified: Wed, 08 Sep 2021 15:21:07 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
vary: User-Agent
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public
access-control-allow-headers: Content-Type
content-length: 134643
expires: Thu, 08 Sep 2022 15:21:07 GMT

GET
H2 200 WebFormsJs Show response
rochesterny.vacation.travelleadersnetwork.com/bundles/ 45 KB
45 KB 804ms
803ms Script
text/javascript 52.33.8.180
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rochesterny.vacation.travelleadersnetwork.com/bundles/WebFormsJs?v=zi3b_79ovDvaSGwa114ouQNXKwAavyGdBw6Yku1697w1
Requested by: Host: rochesterny.vacation.travelleadersnetwork.com
URL: https://rochesterny.vacation.travelleadersnetwork.com/promotion-details.aspx?&promotionid=40103&utm_source=b2cemail&utm_medium=email&utm_campaign=6715
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.33.8.180 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-33-8-180.us-west-2.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: a78e9e80a951a4a1c522745ee893c891a91d429dc6b66c5901b79d5ee4715e5c

Request headers

:path: /bundles/WebFormsJs?v=zi3b_79ovDvaSGwa114ouQNXKwAavyGdBw6Yku1697w1
pragma: no-cache
cookie: ASP.NET_SessionId=rpec1myf0iasid5rxgqabfth
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: rochesterny.vacation.travelleadersnetwork.com
referer: https://rochesterny.vacation.travelleadersnetwork.com/promotion-details.aspx?&promotionid=40103&utm_source=b2cemail&utm_medium=email&utm_campaign=6715
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://rochesterny.vacation.travelleadersnetwork.com/promotion-details.aspx?&promotionid=40103&utm_source=b2cemail&utm_medium=email&utm_campaign=6715
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 15:21:07 GMT
last-modified: Wed, 08 Sep 2021 15:21:07 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
vary: User-Agent
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public
access-control-allow-headers: Content-Type
content-length: 46189
expires: Thu, 08 Sep 2022 15:21:07 GMT

GET
H/1.1

200
OK

58fc616b736d4e69a62422e8914f09f7.png
wtp-prd.s3.us-west-2.amazonaws.com/sites/tlg/logos/
Redirect Chain

https://rochesterny.vacation.travelleadersnetwork.com/Customers/TLG/CustomAddIn/DefaultLogo.ashx
https://wtp-prd.s3.us-west-2.amazonaws.com/sites/tlg/logos/58fc616b736d4e69a62422e8914f09f7.png?X-Amz-Expires=86400&response-cache-control=max-age%3D86400&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Cre...

5 KB
5 KB

852ms
271ms

Image
image/png

52.92.145.218
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wtp-prd.s3.us-west-2.amazonaws.com/sites/tlg/logos/58fc616b736d4e69a62422e8914f09f7.png?X-Amz-Expires=86400&response-cache-control=max-age%3D86400&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAZWPS3ZQLI4JROM46/20210908/us-west-2/s3/aws4_request&X-Amz-Date=20210908T152108Z&X-Amz-SignedHeaders=host&X-Amz-Signature=f3a47037369e6d569014c8ce74c6a11c993050ae2c2db9963b6634d22bf26b69
Requested by: Host: rochesterny.vacation.travelleadersnetwork.com
URL: https://rochesterny.vacation.travelleadersnetwork.com/promotion-details.aspx?&promotionid=40103&utm_source=b2cemail&utm_medium=email&utm_campaign=6715
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.92.145.218 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 5d9ead5b57aa8dffb50d17a7963c2742d08536b37a7b87786ac1d658cfa85d08

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://rochesterny.vacation.travelleadersnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 08 Sep 2021 15:21:10 GMT
Last-Modified: Wed, 08 Sep 2021 13:01:41 GMT
Server: AmazonS3
x-amz-request-id: BBCZ33T82J53318H
ETag: "9e83f1af943c7823da7af08ae65fa55a"
x-amz-version-id: MUUHPZIkh1I3J61zL8UFdjrQoBvyaZak
Cache-Control: max-age=86400
x-amz-replication-status: COMPLETED
Content-Disposition: attachment; filename="logo.png"
Accept-Ranges: bytes
Content-Type: image/png
x-amz-meta-siteid: 2147483647
Content-Length: 4754
x-amz-id-2: 2ONMwGiYQfjmBmHVbMpLO8Kr7Sfkx9WirpbdgUJnMOGwH2fGPAaoc5GTP4bGxeQy8d03FX1CTXI=

Redirect headers

date: Wed, 08 Sep 2021 15:21:08 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
location: https://wtp-prd.s3.us-west-2.amazonaws.com/sites/tlg/logos/58fc616b736d4e69a62422e8914f09f7.png?X-Amz-Expires=86400&response-cache-control=max-age%3D86400&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAZWPS3ZQLI4JROM46/20210908/us-west-2/s3/aws4_request&X-Amz-Date=20210908T152108Z&X-Amz-SignedHeaders=host&X-Amz-Signature=f3a47037369e6d569014c8ce74c6a11c993050ae2c2db9963b6634d22bf26b69
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: private
access-control-allow-headers: Content-Type
content-length: 535

GET
H2 200 pure-min.css
rochesterny.vacation.travelleadersnetwork.com/Customers/TLG/CustomAddIn/V3/purecss/0.5.0/ 19 KB
4 KB 183ms
179ms Stylesheet
text/css 52.33.8.180
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rochesterny.vacation.travelleadersnetwork.com/Customers/TLG/CustomAddIn/V3/purecss/0.5.0/pure-min.css
Requested by: Host: rochesterny.vacation.travelleadersnetwork.com
URL: https://rochesterny.vacation.travelleadersnetwork.com/promotion-details.aspx?&promotionid=40103&utm_source=b2cemail&utm_medium=email&utm_campaign=6715
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.33.8.180 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-33-8-180.us-west-2.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 39e231142ae1761f5629da079d84565f2d0ae0d76f950e615351d6e039e05901

Request headers

:path: /Customers/TLG/CustomAddIn/V3/purecss/0.5.0/pure-min.css
pragma: no-cache
cookie: ASP.NET_SessionId=rpec1myf0iasid5rxgqabfth
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: rochesterny.vacation.travelleadersnetwork.com
referer: https://rochesterny.vacation.travelleadersnetwork.com/promotion-details.aspx?&promotionid=40103&utm_source=b2cemail&utm_medium=email&utm_campaign=6715
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://rochesterny.vacation.travelleadersnetwork.com/promotion-details.aspx?&promotionid=40103&utm_source=b2cemail&utm_medium=email&utm_campaign=6715
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 15:21:08 GMT
content-encoding: gzip
etag: "0302d5120d2d51:0"
last-modified: Thu, 23 Jan 2020 19:07:12 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
access-control-allow-headers: Content-Type
content-length: 4471

GET
H2 200 grids-responsive-min.css
rochesterny.vacation.travelleadersnetwork.com/Customers/TLG/CustomAddIn/V3/purecss/0.5.0/ 10 KB
1 KB 189ms
185ms Stylesheet
text/css 52.33.8.180
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rochesterny.vacation.travelleadersnetwork.com/Customers/TLG/CustomAddIn/V3/purecss/0.5.0/grids-responsive-min.css
Requested by: Host: rochesterny.vacation.travelleadersnetwork.com
URL: https://rochesterny.vacation.travelleadersnetwork.com/promotion-details.aspx?&promotionid=40103&utm_source=b2cemail&utm_medium=email&utm_campaign=6715
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.33.8.180 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-33-8-180.us-west-2.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 04408c71c259fcc28897df62516f123f74cf80ee68aa30ae65bf93080b299c21

Request headers

:path: /Customers/TLG/CustomAddIn/V3/purecss/0.5.0/grids-responsive-min.css
pragma: no-cache
cookie: ASP.NET_SessionId=rpec1myf0iasid5rxgqabfth
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: rochesterny.vacation.travelleadersnetwork.com
referer: https://rochesterny.vacation.travelleadersnetwork.com/promotion-details.aspx?&promotionid=40103&utm_source=b2cemail&utm_medium=email&utm_campaign=6715
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://rochesterny.vacation.travelleadersnetwork.com/promotion-details.aspx?&promotionid=40103&utm_source=b2cemail&utm_medium=email&utm_campaign=6715
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 15:21:08 GMT
content-encoding: gzip
etag: "0302d5120d2d51:0"
last-modified: Thu, 23 Jan 2020 19:07:12 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
access-control-allow-headers: Content-Type
content-length: 1488

GET AgentImage.jpg
www.mercavia.com/AgentProfile/images/AgentImages/ 0
0

GET
H2 200 loadingAnimation.gif
rochesterny.vacation.travelleadersnetwork.com/Images/ 6 KB
6 KB 188ms
184ms Image
image/gif 52.33.8.180
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rochesterny.vacation.travelleadersnetwork.com/Images/loadingAnimation.gif
Requested by: Host: rochesterny.vacation.travelleadersnetwork.com
URL: https://rochesterny.vacation.travelleadersnetwork.com/promotion-details.aspx?&promotionid=40103&utm_source=b2cemail&utm_medium=email&utm_campaign=6715
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.33.8.180 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-33-8-180.us-west-2.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e69abd7e0cc82f336e61fea889e406ecbbeb7ece1df960231b7a9ba0d1dd1676

Request headers

:path: /Images/loadingAnimation.gif
pragma: no-cache
cookie: ASP.NET_SessionId=rpec1myf0iasid5rxgqabfth
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: rochesterny.vacation.travelleadersnetwork.com
referer: https://rochesterny.vacation.travelleadersnetwork.com/promotion-details.aspx?&promotionid=40103&utm_source=b2cemail&utm_medium=email&utm_campaign=6715
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://rochesterny.vacation.travelleadersnetwork.com/promotion-details.aspx?&promotionid=40103&utm_source=b2cemail&utm_medium=email&utm_campaign=6715
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 15:21:08 GMT
last-modified: Fri, 18 Jan 2019 19:09:27 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "b9d1d45461afd41:0"
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
access-control-allow-headers: Content-Type
content-length: 5886

GET
H2 200 40103_BodyImg1.jpg
www.travelleaders.com/PromoImage/ 182 KB
182 KB 178ms
82ms Image
image/jpeg 2606:4700::6812:18a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.travelleaders.com/PromoImage/40103_BodyImg1.jpg
Requested by: Host: rochesterny.vacation.travelleadersnetwork.com
URL: https://rochesterny.vacation.travelleadersnetwork.com/promotion-details.aspx?&promotionid=40103&utm_source=b2cemail&utm_medium=email&utm_campaign=6715
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:18a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 068127f41f14fdc4af29c6745a188ead07ccc9f6ae7d794161b4ba2cd2ebf108

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://rochesterny.vacation.travelleadersnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 15:21:08 GMT
cf-cache-status: HIT
age: 83415
x-powered-by: ASP.NET
last-modified: Fri, 13 Aug 2021 15:06:02 GMT
content-length: 185997
cf-bgj: h2pri
server: cloudflare
etag: "437099bb5490d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=864000
accept-ranges: bytes
cf-ray: 68b92a33a821d6e9-FRA
expires: Sat, 18 Sep 2021 15:21:08 GMT

GET
H2 200 40103_BodyImg2.jpg
www.travelleaders.com/PromoImage/ 68 KB
69 KB 132ms
35ms Image
image/jpeg 2606:4700::6812:18a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.travelleaders.com/PromoImage/40103_BodyImg2.jpg
Requested by: Host: rochesterny.vacation.travelleadersnetwork.com
URL: https://rochesterny.vacation.travelleadersnetwork.com/promotion-details.aspx?&promotionid=40103&utm_source=b2cemail&utm_medium=email&utm_campaign=6715
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:18a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 07b58674b2c15cda501a564758fba6375acc3a68accc456a6d1fef7fd1d7103b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://rochesterny.vacation.travelleadersnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 15:21:08 GMT
cf-cache-status: HIT
age: 83414
x-powered-by: ASP.NET
last-modified: Fri, 13 Aug 2021 15:06:02 GMT
content-length: 70105
cf-bgj: h2pri
server: cloudflare
etag: "2ed19bbb5490d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=864000
accept-ranges: bytes
cf-ray: 68b92a33a825d6e9-FRA
expires: Sat, 18 Sep 2021 15:21:08 GMT

GET
H2 200 40103_BodyImg3.jpg
www.travelleaders.com/PromoImage/ 101 KB
102 KB 157ms
61ms Image
image/jpeg 2606:4700::6812:18a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.travelleaders.com/PromoImage/40103_BodyImg3.jpg
Requested by: Host: rochesterny.vacation.travelleadersnetwork.com
URL: https://rochesterny.vacation.travelleadersnetwork.com/promotion-details.aspx?&promotionid=40103&utm_source=b2cemail&utm_medium=email&utm_campaign=6715
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:18a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 00b54b83d8aaed868cba2e92c5b0d6483005f1c2023066d22eeb91958b4592c6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://rochesterny.vacation.travelleadersnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 15:21:08 GMT
cf-cache-status: HIT
age: 83414
x-powered-by: ASP.NET
last-modified: Fri, 13 Aug 2021 15:06:02 GMT
content-length: 103931
cf-bgj: h2pri
server: cloudflare
etag: "2ed19bbb5490d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=864000
accept-ranges: bytes
cf-ray: 68b92a33a826d6e9-FRA
expires: Sat, 18 Sep 2021 15:21:08 GMT

GET
H2 200 40103_BodyImg4.jpg
www.travelleaders.com/PromoImage/ 36 KB
36 KB 131ms
35ms Image
image/jpeg 2606:4700::6812:18a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.travelleaders.com/PromoImage/40103_BodyImg4.jpg
Requested by: Host: rochesterny.vacation.travelleadersnetwork.com
URL: https://rochesterny.vacation.travelleadersnetwork.com/promotion-details.aspx?&promotionid=40103&utm_source=b2cemail&utm_medium=email&utm_campaign=6715
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:18a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 82953a7984a5c2ba159367ace8469bd11dbc1b78cac91c8ae771775678358027

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://rochesterny.vacation.travelleadersnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 15:21:08 GMT
cf-cache-status: HIT
age: 62079
x-powered-by: ASP.NET
last-modified: Fri, 13 Aug 2021 15:06:02 GMT
content-length: 36922
cf-bgj: h2pri
server: cloudflare
etag: "2ed19bbb5490d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=864000
accept-ranges: bytes
cf-ray: 68b92a33a829d6e9-FRA
expires: Sat, 18 Sep 2021 15:21:08 GMT

GET
H2 200 40103_BodyImg5.jpg
www.travelleaders.com/PromoImage/ 146 KB
147 KB 132ms
36ms Image
image/jpeg 2606:4700::6812:18a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.travelleaders.com/PromoImage/40103_BodyImg5.jpg
Requested by: Host: rochesterny.vacation.travelleadersnetwork.com
URL: https://rochesterny.vacation.travelleadersnetwork.com/promotion-details.aspx?&promotionid=40103&utm_source=b2cemail&utm_medium=email&utm_campaign=6715
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:18a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 055d7c3f6cb5d9de857863fb27fec3ce0643a772114a65cf1f05f4a763328921

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://rochesterny.vacation.travelleadersnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 15:21:08 GMT
cf-cache-status: HIT
age: 83414
x-powered-by: ASP.NET
last-modified: Fri, 13 Aug 2021 15:06:03 GMT
content-length: 149977
cf-bgj: h2pri
server: cloudflare
etag: "48339ebb5490d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=864000
accept-ranges: bytes
cf-ray: 68b92a33a82ad6e9-FRA
expires: Sat, 18 Sep 2021 15:21:08 GMT

GET
H2 200 40103_BodyImg6.jpg
www.travelleaders.com/PromoImage/ 36 KB
37 KB 172ms
76ms Image
image/jpeg 2606:4700::6812:18a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.travelleaders.com/PromoImage/40103_BodyImg6.jpg
Requested by: Host: rochesterny.vacation.travelleadersnetwork.com
URL: https://rochesterny.vacation.travelleadersnetwork.com/promotion-details.aspx?&promotionid=40103&utm_source=b2cemail&utm_medium=email&utm_campaign=6715
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:18a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 2fe63e9c6dfafeb5c4171a9d0e1ffa1f5d183b3e235a9ab31dc08143518ef6ea

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://rochesterny.vacation.travelleadersnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 15:21:08 GMT
cf-cache-status: HIT
age: 83414
x-powered-by: ASP.NET
last-modified: Thu, 19 Aug 2021 13:28:53 GMT
content-length: 37311
cf-bgj: h2pri
server: cloudflare
etag: "473b5727fe94d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=864000
accept-ranges: bytes
cf-ray: 68b92a33a82cd6e9-FRA
expires: Sat, 18 Sep 2021 15:21:08 GMT

GET
H2 200 40103_BodyImg9.jpg
www.travelleaders.com/PromoImage/ 162 KB
162 KB 70ms
67ms Image
image/jpeg 2606:4700::6812:18a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.travelleaders.com/PromoImage/40103_BodyImg9.jpg
Requested by: Host: rochesterny.vacation.travelleadersnetwork.com
URL: https://rochesterny.vacation.travelleadersnetwork.com/promotion-details.aspx?&promotionid=40103&utm_source=b2cemail&utm_medium=email&utm_campaign=6715
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:18a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 59289c6a89fbda54b3e73366834311fa6b3236db491365e2e53525e003fa9c05

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://rochesterny.vacation.travelleadersnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 15:21:08 GMT
cf-cache-status: HIT
age: 83414
x-powered-by: ASP.NET
last-modified: Fri, 13 Aug 2021 15:06:03 GMT
content-length: 165714
cf-bgj: h2pri
server: cloudflare
etag: "295a0bb5490d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=864000
accept-ranges: bytes
cf-ray: 68b92a33b83cd6e9-FRA
expires: Sat, 18 Sep 2021 15:21:08 GMT

GET
H2 200 40103_BodyImg10.jpg
www.travelleaders.com/PromoImage/ 59 KB
60 KB 70ms
67ms Image
image/jpeg 2606:4700::6812:18a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.travelleaders.com/PromoImage/40103_BodyImg10.jpg
Requested by: Host: rochesterny.vacation.travelleadersnetwork.com
URL: https://rochesterny.vacation.travelleadersnetwork.com/promotion-details.aspx?&promotionid=40103&utm_source=b2cemail&utm_medium=email&utm_campaign=6715
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:18a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: f4c75b73f33943aff0b9bd8bd64959f09c560525c9ed727f08801eb73781e0d2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://rochesterny.vacation.travelleadersnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 15:21:08 GMT
cf-cache-status: HIT
age: 83414
x-powered-by: ASP.NET
last-modified: Fri, 13 Aug 2021 15:06:03 GMT
content-length: 60904
cf-bgj: h2pri
server: cloudflare
etag: "33f8a2bb5490d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=864000
accept-ranges: bytes
cf-ray: 68b92a33b83ed6e9-FRA
expires: Sat, 18 Sep 2021 15:21:08 GMT

GET
H2 200 40103_BodyImg7.jpg
www.travelleaders.com/PromoImage/ 136 KB
136 KB 104ms
101ms Image
image/jpeg 2606:4700::6812:18a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.travelleaders.com/PromoImage/40103_BodyImg7.jpg
Requested by: Host: rochesterny.vacation.travelleadersnetwork.com
URL: https://rochesterny.vacation.travelleadersnetwork.com/promotion-details.aspx?&promotionid=40103&utm_source=b2cemail&utm_medium=email&utm_campaign=6715
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:18a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 07286b4255a695e75b1f9dfdb330bcd2b929583b6f73acdc2bc0e33d101dc12d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://rochesterny.vacation.travelleadersnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 15:21:08 GMT
cf-cache-status: HIT
age: 83414
x-powered-by: ASP.NET
last-modified: Fri, 13 Aug 2021 15:06:03 GMT
content-length: 139409
cf-bgj: h2pri
server: cloudflare
etag: "295a0bb5490d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=864000
accept-ranges: bytes
cf-ray: 68b92a33b850d6e9-FRA
expires: Sat, 18 Sep 2021 15:21:08 GMT

GET
H2 200 40103_BodyImg8.jpg
www.travelleaders.com/PromoImage/ 54 KB
54 KB 105ms
102ms Image
image/jpeg 2606:4700::6812:18a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.travelleaders.com/PromoImage/40103_BodyImg8.jpg
Requested by: Host: rochesterny.vacation.travelleadersnetwork.com
URL: https://rochesterny.vacation.travelleadersnetwork.com/promotion-details.aspx?&promotionid=40103&utm_source=b2cemail&utm_medium=email&utm_campaign=6715
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:18a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: b95d6ba15565d64aec669cd31442364baa51e09d70874c0657c1b5eade6c0f89

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://rochesterny.vacation.travelleadersnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 15:21:08 GMT
cf-cache-status: HIT
age: 83414
x-powered-by: ASP.NET
last-modified: Thu, 19 Aug 2021 13:35:09 GMT
content-length: 55252
cf-bgj: h2pri
server: cloudflare
etag: "c8d1547ff94d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=864000
accept-ranges: bytes
cf-ray: 68b92a33b853d6e9-FRA
expires: Sat, 18 Sep 2021 15:21:08 GMT

GET
H2 200 40103_BodyImg11.jpg
www.travelleaders.com/PromoImage/ 168 KB
168 KB 99ms
96ms Image
image/jpeg 2606:4700::6812:18a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.travelleaders.com/PromoImage/40103_BodyImg11.jpg
Requested by: Host: rochesterny.vacation.travelleadersnetwork.com
URL: https://rochesterny.vacation.travelleadersnetwork.com/promotion-details.aspx?&promotionid=40103&utm_source=b2cemail&utm_medium=email&utm_campaign=6715
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:18a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: aa418d001819a7e85c8255db4b5113f7dfe8379da11ba47d8f9e90eb40b90a95

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://rochesterny.vacation.travelleadersnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 15:21:08 GMT
cf-cache-status: HIT
age: 83414
x-powered-by: ASP.NET
last-modified: Fri, 13 Aug 2021 15:06:03 GMT
content-length: 171855
cf-bgj: h2pri
server: cloudflare
etag: "33f8a2bb5490d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=864000
accept-ranges: bytes
cf-ray: 68b92a33b855d6e9-FRA
expires: Sat, 18 Sep 2021 15:21:08 GMT

GET
H2 200 40103_BodyImg12.jpg
www.travelleaders.com/PromoImage/ 43 KB
44 KB 91ms
88ms Image
image/jpeg 2606:4700::6812:18a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.travelleaders.com/PromoImage/40103_BodyImg12.jpg
Requested by: Host: rochesterny.vacation.travelleadersnetwork.com
URL: https://rochesterny.vacation.travelleadersnetwork.com/promotion-details.aspx?&promotionid=40103&utm_source=b2cemail&utm_medium=email&utm_campaign=6715
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:18a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 91749779a5a13b3e2a39c3d54a3f98638f20ba09e1bdcfe317983fbd44f4cb13

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://rochesterny.vacation.travelleadersnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 15:21:08 GMT
cf-cache-status: HIT
age: 83414
x-powered-by: ASP.NET
last-modified: Fri, 13 Aug 2021 15:06:03 GMT
content-length: 44520
cf-bgj: h2pri
server: cloudflare
etag: "b65ba5bb5490d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=864000
accept-ranges: bytes
cf-ray: 68b92a33b857d6e9-FRA
expires: Sat, 18 Sep 2021 15:21:08 GMT

GET
H2 200 40103_BodyImg13.jpg
www.travelleaders.com/PromoImage/ 86 KB
86 KB 103ms
101ms Image
image/jpeg 2606:4700::6812:18a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.travelleaders.com/PromoImage/40103_BodyImg13.jpg
Requested by: Host: rochesterny.vacation.travelleadersnetwork.com
URL: https://rochesterny.vacation.travelleadersnetwork.com/promotion-details.aspx?&promotionid=40103&utm_source=b2cemail&utm_medium=email&utm_campaign=6715
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:18a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 6883426e28ab0009b0679c705b6dfe53479f5d6ace8ae6f762d842bc26dc9e81

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://rochesterny.vacation.travelleadersnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 15:21:08 GMT
cf-cache-status: HIT
age: 83414
x-powered-by: ASP.NET
last-modified: Fri, 13 Aug 2021 15:06:03 GMT
content-length: 88059
cf-bgj: h2pri
server: cloudflare
etag: "b65ba5bb5490d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=864000
accept-ranges: bytes
cf-ray: 68b92a33b858d6e9-FRA
expires: Sat, 18 Sep 2021 15:21:08 GMT

GET
H2 200 40103_BodyImg14.jpg
www.travelleaders.com/PromoImage/ 87 KB
87 KB 104ms
101ms Image
image/jpeg 2606:4700::6812:18a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.travelleaders.com/PromoImage/40103_BodyImg14.jpg
Requested by: Host: rochesterny.vacation.travelleadersnetwork.com
URL: https://rochesterny.vacation.travelleadersnetwork.com/promotion-details.aspx?&promotionid=40103&utm_source=b2cemail&utm_medium=email&utm_campaign=6715
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:18a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 420b010e928958f26db0f33756cc62472439b1070247804be9d08cb08f7044bc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://rochesterny.vacation.travelleadersnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 15:21:08 GMT
cf-cache-status: HIT
age: 83414
x-powered-by: ASP.NET
last-modified: Fri, 13 Aug 2021 15:06:03 GMT
content-length: 88822
cf-bgj: h2pri
server: cloudflare
etag: "b65ba5bb5490d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=864000
accept-ranges: bytes
cf-ray: 68b92a33b859d6e9-FRA
expires: Sat, 18 Sep 2021 15:21:08 GMT

GET
H2 200 40103_BodyImg15.jpg
www.travelleaders.com/PromoImage/ 144 KB
144 KB 107ms
104ms Image
image/jpeg 2606:4700::6812:18a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.travelleaders.com/PromoImage/40103_BodyImg15.jpg
Requested by: Host: rochesterny.vacation.travelleadersnetwork.com
URL: https://rochesterny.vacation.travelleadersnetwork.com/promotion-details.aspx?&promotionid=40103&utm_source=b2cemail&utm_medium=email&utm_campaign=6715
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:18a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 34480e8a7708d5f1b58d5574b37594e155d4d382e33770369b0a708e55acb4db

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://rochesterny.vacation.travelleadersnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 15:21:08 GMT
cf-cache-status: HIT
age: 83414
x-powered-by: ASP.NET
last-modified: Fri, 13 Aug 2021 15:06:03 GMT
content-length: 147414
cf-bgj: h2pri
server: cloudflare
etag: "b65ba5bb5490d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=864000
accept-ranges: bytes
cf-ray: 68b92a33b85ad6e9-FRA
expires: Sat, 18 Sep 2021 15:21:08 GMT

GET
H2 200 40103_BodyImg16.jpg
www.travelleaders.com/PromoImage/ 38 KB
39 KB 104ms
101ms Image
image/jpeg 2606:4700::6812:18a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.travelleaders.com/PromoImage/40103_BodyImg16.jpg
Requested by: Host: rochesterny.vacation.travelleadersnetwork.com
URL: https://rochesterny.vacation.travelleadersnetwork.com/promotion-details.aspx?&promotionid=40103&utm_source=b2cemail&utm_medium=email&utm_campaign=6715
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:18a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 8228706b6c93f2894fca54286a589628d9da40cd3eceec2efb990135320c20c2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://rochesterny.vacation.travelleadersnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 15:21:08 GMT
cf-cache-status: HIT
age: 83414
x-powered-by: ASP.NET
last-modified: Fri, 13 Aug 2021 15:06:03 GMT
content-length: 39389
cf-bgj: h2pri
server: cloudflare
etag: "8dbca7bb5490d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=864000
accept-ranges: bytes
cf-ray: 68b92a33b85bd6e9-FRA
expires: Sat, 18 Sep 2021 15:21:08 GMT

GET
H2 200 40103_BodyImg17.jpg
www.travelleaders.com/PromoImage/ 221 KB
221 KB 105ms
102ms Image
image/jpeg 2606:4700::6812:18a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.travelleaders.com/PromoImage/40103_BodyImg17.jpg
Requested by: Host: rochesterny.vacation.travelleadersnetwork.com
URL: https://rochesterny.vacation.travelleadersnetwork.com/promotion-details.aspx?&promotionid=40103&utm_source=b2cemail&utm_medium=email&utm_campaign=6715
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:18a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: a202bdbe8db7b66a527041fae6d137b31d1c33d5d732d544e857fa1bd2c19946

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://rochesterny.vacation.travelleadersnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 15:21:08 GMT
cf-cache-status: HIT
age: 83414
x-powered-by: ASP.NET
last-modified: Fri, 13 Aug 2021 15:06:03 GMT
content-length: 226368
cf-bgj: h2pri
server: cloudflare
etag: "8dbca7bb5490d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=864000
accept-ranges: bytes
cf-ray: 68b92a33b85cd6e9-FRA
expires: Sat, 18 Sep 2021 15:21:08 GMT

GET
H2 200 40103_BodyImg18.jpg
www.travelleaders.com/PromoImage/ 52 KB
52 KB 105ms
102ms Image
image/jpeg 2606:4700::6812:18a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.travelleaders.com/PromoImage/40103_BodyImg18.jpg
Requested by: Host: rochesterny.vacation.travelleadersnetwork.com
URL: https://rochesterny.vacation.travelleadersnetwork.com/promotion-details.aspx?&promotionid=40103&utm_source=b2cemail&utm_medium=email&utm_campaign=6715
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:18a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: c6c428f3595f2f63b0f3d56f1098f27a5f9b00ef4f557847b24bd64c97b60dc1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://rochesterny.vacation.travelleadersnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 15:21:08 GMT
cf-cache-status: HIT
age: 83414
x-powered-by: ASP.NET
last-modified: Fri, 13 Aug 2021 15:06:03 GMT
content-length: 53100
cf-bgj: h2pri
server: cloudflare
etag: "8dbca7bb5490d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=864000
accept-ranges: bytes
cf-ray: 68b92a33b85ed6e9-FRA
expires: Sat, 18 Sep 2021 15:21:08 GMT

GET
H2 200 amawaterways.png
www.travelleaders.com/images/supplierLogos/Cruise/ 4 KB
4 KB 104ms
102ms Image
image/png 2606:4700::6812:18a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.travelleaders.com/images/supplierLogos/Cruise/amawaterways.png
Requested by: Host: rochesterny.vacation.travelleadersnetwork.com
URL: https://rochesterny.vacation.travelleadersnetwork.com/promotion-details.aspx?&promotionid=40103&utm_source=b2cemail&utm_medium=email&utm_campaign=6715
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:18a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: f3f5701504016c4392300aea9ad66c01a5e12a63ee0a97e0e7469540c672f75f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://rochesterny.vacation.travelleadersnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 15:21:08 GMT
cf-cache-status: HIT
last-modified: Fri, 10 Jan 2020 12:51:19 GMT
server: cloudflare
age: 182587
x-powered-by: ASP.NET
etag: "e1a7ba7b4c7d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=864000
accept-ranges: bytes
cf-ray: 68b92a33b85fd6e9-FRA
content-length: 4134
expires: Sat, 18 Sep 2021 15:21:08 GMT

GET
H2 200 Azamara_logo_176x84_C.png
www.travelleaders.com/images/supplierLogos/Cruise/ 5 KB
5 KB 104ms
101ms Image
image/png 2606:4700::6812:18a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.travelleaders.com/images/supplierLogos/Cruise/Azamara_logo_176x84_C.png
Requested by: Host: rochesterny.vacation.travelleadersnetwork.com
URL: https://rochesterny.vacation.travelleadersnetwork.com/promotion-details.aspx?&promotionid=40103&utm_source=b2cemail&utm_medium=email&utm_campaign=6715
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:18a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: dc2c6e7b504bbe275f9bbd04672dd18cb21ac0674a133a0b9cd4c0848ec46979

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://rochesterny.vacation.travelleadersnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 15:21:08 GMT
cf-cache-status: HIT
last-modified: Tue, 18 Jun 2019 19:36:55 GMT
server: cloudflare
age: 91520
x-powered-by: ASP.NET
etag: "89c6b62fd26d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=864000
accept-ranges: bytes
cf-ray: 68b92a33b861d6e9-FRA
content-length: 5431
expires: Sat, 18 Sep 2021 15:21:08 GMT

GET
H2 200 ponant.png
www.travelleaders.com/images/supplierLogos/Cruise/ 5 KB
5 KB 436ms
434ms Image
image/png 2606:4700::6812:18a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.travelleaders.com/images/supplierLogos/Cruise/ponant.png
Requested by: Host: rochesterny.vacation.travelleadersnetwork.com
URL: https://rochesterny.vacation.travelleadersnetwork.com/promotion-details.aspx?&promotionid=40103&utm_source=b2cemail&utm_medium=email&utm_campaign=6715
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:18a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 03cc475779bdaf7505896abaf47daaa415dd8cb283d08af068ac6252ebeef262

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://rochesterny.vacation.travelleadersnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 15:21:08 GMT
cf-cache-status: REVALIDATED
last-modified: Thu, 16 Jan 2020 19:22:52 GMT
server: cloudflare
x-powered-by: ASP.NET
etag: "30151659a2ccd51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=864000
accept-ranges: bytes
cf-ray: 68b92a33b863d6e9-FRA
content-length: 4637
expires: Sat, 18 Sep 2021 15:21:08 GMT

GET
H2 200 CIE-Tours.png
www.travelleaders.com/images/supplierLogos/Tour/ 14 KB
14 KB 103ms
101ms Image
image/png 2606:4700::6812:18a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.travelleaders.com/images/supplierLogos/Tour/CIE-Tours.png
Requested by: Host: rochesterny.vacation.travelleadersnetwork.com
URL: https://rochesterny.vacation.travelleadersnetwork.com/promotion-details.aspx?&promotionid=40103&utm_source=b2cemail&utm_medium=email&utm_campaign=6715
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:18a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 0717386f7a43b20098c2598cdc69393291f848e50b1150806067ad9fbb1da75e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://rochesterny.vacation.travelleadersnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 15:21:08 GMT
cf-cache-status: HIT
last-modified: Fri, 31 Jan 2020 18:58:10 GMT
server: cloudflare
age: 726528
x-powered-by: ASP.NET
etag: "fddcf46168d8d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=864000
accept-ranges: bytes
cf-ray: 68b92a33b866d6e9-FRA
content-length: 14297
expires: Sat, 18 Sep 2021 15:21:08 GMT

GET
H2 200 Intrepid-176x84.png
www.travelleaders.com/images/supplierLogos/Tour/ 6 KB
6 KB 105ms
103ms Image
image/png 2606:4700::6812:18a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.travelleaders.com/images/supplierLogos/Tour/Intrepid-176x84.png
Requested by: Host: rochesterny.vacation.travelleadersnetwork.com
URL: https://rochesterny.vacation.travelleadersnetwork.com/promotion-details.aspx?&promotionid=40103&utm_source=b2cemail&utm_medium=email&utm_campaign=6715
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:18a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 8359698e6bdfd634bf3afb29ac265d86f411e11e6d623ce49ca31af90955be7a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://rochesterny.vacation.travelleadersnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 15:21:08 GMT
cf-cache-status: HIT
last-modified: Mon, 21 Mar 2016 16:33:08 GMT
server: cloudflare
age: 83413
x-powered-by: ASP.NET
etag: "07ac3598f83d11:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=864000
accept-ranges: bytes
cf-ray: 68b92a33b868d6e9-FRA
content-length: 6200
expires: Sat, 18 Sep 2021 15:21:08 GMT

GET
H2 200 GOGO.png
www.travelleaders.com/images/supplierLogos/Tour/ 2 KB
3 KB 440ms
438ms Image
image/png 2606:4700::6812:18a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.travelleaders.com/images/supplierLogos/Tour/GOGO.png
Requested by: Host: rochesterny.vacation.travelleadersnetwork.com
URL: https://rochesterny.vacation.travelleadersnetwork.com/promotion-details.aspx?&promotionid=40103&utm_source=b2cemail&utm_medium=email&utm_campaign=6715
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:18a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 0814ba104ce9e9bc4630d3edfd77999bf8936db78e1e81e23d3a07278ab55b59

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://rochesterny.vacation.travelleadersnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 15:21:08 GMT
cf-cache-status: REVALIDATED
last-modified: Wed, 14 Sep 2011 14:31:46 GMT
server: cloudflare
x-powered-by: ASP.NET
etag: "45e6d17eb72cc1:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=864000
accept-ranges: bytes
cf-ray: 68b92a33b86bd6e9-FRA
content-length: 2508
expires: Sat, 18 Sep 2021 15:21:08 GMT

GET
H2 200 amresorts.png
www.travelleaders.com/images/supplierLogos/Resort/ 4 KB
4 KB 106ms
104ms Image
image/png 2606:4700::6812:18a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.travelleaders.com/images/supplierLogos/Resort/amresorts.png?ver=9.7
Requested by: Host: rochesterny.vacation.travelleadersnetwork.com
URL: https://rochesterny.vacation.travelleadersnetwork.com/promotion-details.aspx?&promotionid=40103&utm_source=b2cemail&utm_medium=email&utm_campaign=6715
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:18a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: fed9a74da41a9de2c2bb7842542dfbcbf9de0c35c1837abf4678cd7f2d8015fb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://rochesterny.vacation.travelleadersnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 15:21:08 GMT
cf-cache-status: HIT
last-modified: Tue, 07 Sep 2021 12:45:03 GMT
server: cloudflare
age: 83413
x-powered-by: ASP.NET
etag: "9118912de6a3d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=864000
accept-ranges: bytes
cf-ray: 68b92a33b86fd6e9-FRA
content-length: 3805
expires: Sat, 18 Sep 2021 15:21:08 GMT

GET
H2 200 aulani.png
www.travelleaders.com/images/supplierLogos/Resort/ 5 KB
5 KB 104ms
102ms Image
image/png 2606:4700::6812:18a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.travelleaders.com/images/supplierLogos/Resort/aulani.png?ver=4.26
Requested by: Host: rochesterny.vacation.travelleadersnetwork.com
URL: https://rochesterny.vacation.travelleadersnetwork.com/promotion-details.aspx?&promotionid=40103&utm_source=b2cemail&utm_medium=email&utm_campaign=6715
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:18a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: db389340fe2abdce829bb2bc5cc87f51227e83c86f4b3eb853f63f512bb2fca0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://rochesterny.vacation.travelleadersnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 15:21:08 GMT
cf-cache-status: HIT
last-modified: Mon, 26 Apr 2021 15:26:05 GMT
server: cloudflare
age: 726529
x-powered-by: ASP.NET
etag: "86ba5079b03ad71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=864000
accept-ranges: bytes
cf-ray: 68b92a33b871d6e9-FRA
content-length: 5495
expires: Sat, 18 Sep 2021 15:21:08 GMT

GET
H2 200 sandals.png
www.travelleaders.com/images/supplierLogos/Resort/ 6 KB
6 KB 104ms
102ms Image
image/png 2606:4700::6812:18a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.travelleaders.com/images/supplierLogos/Resort/sandals.png
Requested by: Host: rochesterny.vacation.travelleadersnetwork.com
URL: https://rochesterny.vacation.travelleadersnetwork.com/promotion-details.aspx?&promotionid=40103&utm_source=b2cemail&utm_medium=email&utm_campaign=6715
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:18a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 2fa4f7f3d55ad47b706cf6132477993794fb01ced39de1f0e09be673a382ca31

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://rochesterny.vacation.travelleadersnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 15:21:08 GMT
cf-cache-status: HIT
last-modified: Tue, 24 Jul 2018 19:01:47 GMT
server: cloudflare
age: 462473
x-powered-by: ASP.NET
etag: "154821c58023d41:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=864000
accept-ranges: bytes
cf-ray: 68b92a33b873d6e9-FRA
content-length: 6206
expires: Sat, 18 Sep 2021 15:21:08 GMT

GET
H2 200 43puBan.png
i.imgur.com/ 3 KB
3 KB 100ms
24ms Image
image/png 151.101.120.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/43puBan.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.120.193 Paris, France, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

20383d22a70c230ed85c59040fa6586bc8beb7dc4353ea59a6670cb609100d12

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://rochesterny.vacation.travelleadersnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 15:21:08 GMT
x-content-type-options: nosniff
age: 1497221
x-cache: MISS, HIT
content-length: 2897
x-served-by: cache-bwi5153-BWI, cache-cdg20732-CDG
last-modified: Tue, 16 Apr 2019 17:37:19 GMT
server: cat factory 1.0
x-timer: S1631114468.412500,VS0,VE1
etag: "f38762f9da0c01594ee3805dfab5dce8"
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 0, 1

GET
H2 200 OGn61rg.png
i.imgur.com/ 4 KB
4 KB 100ms
25ms Image
image/png 151.101.120.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/OGn61rg.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.120.193 Paris, France, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

4392b66d78b176d805a564911c8edd0689998491d6ab8377ffb39cddd042b083

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://rochesterny.vacation.travelleadersnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 15:21:08 GMT
x-content-type-options: nosniff
age: 1750992
x-cache: HIT, HIT
content-length: 4025
x-served-by: cache-bwi5123-BWI, cache-cdg20732-CDG
last-modified: Tue, 16 Apr 2019 17:37:19 GMT
server: cat factory 1.0
x-timer: S1631114468.412953,VS0,VE1
etag: "b2a41c7eb9abe02108b176bf268e6d4a"
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 2, 1

GET
H2 200 bG1rN6i.png
i.imgur.com/ 3 KB
3 KB 98ms
23ms Image
image/png 151.101.120.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/bG1rN6i.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.120.193 Paris, France, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

9d698116307e36bcfc8bf63bb76c0ce742f65c605b7482453218d48735485663

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://rochesterny.vacation.travelleadersnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 15:21:08 GMT
x-content-type-options: nosniff
age: 2277082
x-cache: HIT, HIT
content-length: 2857
x-served-by: cache-bwi5153-BWI, cache-cdg20732-CDG
last-modified: Tue, 16 Apr 2019 17:37:19 GMT
server: cat factory 1.0
x-timer: S1631114468.412678,VS0,VE1
etag: "894d9652993d68a10e6218e478e4d7ac"
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 editbutton.css
rochesterny.vacation.travelleadersnetwork.com/App_Themes/Intranet/ 1 KB
2 KB 188ms
187ms Stylesheet
text/css 52.33.8.180
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rochesterny.vacation.travelleadersnetwork.com/App_Themes/Intranet/editbutton.css
Requested by: Host: rochesterny.vacation.travelleadersnetwork.com
URL: https://rochesterny.vacation.travelleadersnetwork.com/App_Themes/Intranet/Toolbar.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.33.8.180 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-33-8-180.us-west-2.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 4823bf9e997f3e4691ce2d7eac0b7c667a5f35a0872c7b7c53402715843394c6

Request headers

:path: /App_Themes/Intranet/editbutton.css
pragma: no-cache
cookie: ASP.NET_SessionId=rpec1myf0iasid5rxgqabfth
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: rochesterny.vacation.travelleadersnetwork.com
referer: https://rochesterny.vacation.travelleadersnetwork.com/App_Themes/Intranet/Toolbar.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://rochesterny.vacation.travelleadersnetwork.com/App_Themes/Intranet/Toolbar.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 15:21:08 GMT
last-modified: Fri, 18 Jan 2019 19:09:25 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "ac6b75361afd41:0"
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
access-control-allow-headers: Content-Type
content-length: 1504

GET
H2 200 css
fonts.googleapis.com/ 4 KB
984 B 126ms
33ms Stylesheet
text/css 2a00:1450:4007:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:300,300i,400,400i,700,700i

Requested by

Host: skins.webtreepro.com
URL: https://skins.webtreepro.com/skins/tlgleadersedge/default.css?t=637376410722800000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:80c::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

334e714a1c5ebefb28783d1c809dda2a01b916554121e92067a2e41417cd10a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://skins.webtreepro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 08 Sep 2021 14:35:36 GMT
server: ESF
date: Wed, 08 Sep 2021 15:21:08 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 08 Sep 2021 15:21:08 GMT

GET
H2 200 common.js Show response
maps.google.com/maps-api-v3/api/js/46/3/intl/de_ALL/ 87 KB
32 KB 37ms
35ms Script
text/javascript 2a00:1450:4007:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.google.com/maps-api-v3/api/js/46/3/intl/de_ALL/common.js

Requested by

Host: maps.google.com
URL: https://maps.google.com/maps/api/js?key=AIzaSyAxuVERn-bIKl8t1fV19IpqYCrAgzZCAv0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:80b::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9dd151e1ad03b8a5e254859512921a89099a5e2f30da5eb316f8aaa88bce97b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://rochesterny.vacation.travelleadersnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 21:31:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 236990
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32244
x-xss-protection: 0
last-modified: Mon, 30 Aug 2021 22:52:10 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 05 Sep 2022 21:31:18 GMT

GET
H2 200 util.js Show response
maps.google.com/maps-api-v3/api/js/46/3/intl/de_ALL/ 288 KB
88 KB 40ms
39ms Script
text/javascript 2a00:1450:4007:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.google.com/maps-api-v3/api/js/46/3/intl/de_ALL/util.js

Requested by

Host: maps.google.com
URL: https://maps.google.com/maps/api/js?key=AIzaSyAxuVERn-bIKl8t1fV19IpqYCrAgzZCAv0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:80b::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

17986bb0127706a97def0b152bb1d8cd492a7c9875a6c29131c7609f7dff81c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://rochesterny.vacation.travelleadersnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 04 Sep 2021 00:44:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 398227
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 90265
x-xss-protection: 0
last-modified: Mon, 30 Aug 2021 22:52:10 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 04 Sep 2022 00:44:01 GMT

GET
H2 200 geocoder.js Show response
maps.google.com/maps-api-v3/api/js/46/3/intl/de_ALL/ 3 KB
2 KB 39ms
38ms Script
text/javascript 2a00:1450:4007:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.google.com/maps-api-v3/api/js/46/3/intl/de_ALL/geocoder.js

Requested by

Host: maps.google.com
URL: https://maps.google.com/maps/api/js?key=AIzaSyAxuVERn-bIKl8t1fV19IpqYCrAgzZCAv0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:80b::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e49cc07dfac4025d39077a83e7fe076064c344d8e4cfcfe77f63705ef43725b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://rochesterny.vacation.travelleadersnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 06 Sep 2021 13:27:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 179611
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1718
x-xss-protection: 0
last-modified: Mon, 30 Aug 2021 22:52:10 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 06 Sep 2022 13:27:37 GMT

GET
H2 200 40103_LargeHeaderNat.jpg
www.travelleaders.com/PromoImage/ 240 KB
240 KB 31ms
30ms Image
image/jpeg 2606:4700::6812:18a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.travelleaders.com/PromoImage/40103_LargeHeaderNat.jpg
Requested by: Host: rochesterny.vacation.travelleadersnetwork.com
URL: https://rochesterny.vacation.travelleadersnetwork.com/promotion-details.aspx?&promotionid=40103&utm_source=b2cemail&utm_medium=email&utm_campaign=6715
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:18a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: fc9dfd7ca95eabaf4140249b69b38d431671ab4d3f243d15845c33064e13cfc9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://rochesterny.vacation.travelleadersnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 15:21:08 GMT
cf-cache-status: HIT
age: 62080
x-powered-by: ASP.NET
last-modified: Fri, 13 Aug 2021 15:06:02 GMT
content-length: 245543
cf-bgj: h2pri
server: cloudflare
etag: "437099bb5490d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=864000
accept-ranges: bytes
cf-ray: 68b92a34698bd6e9-FRA
expires: Sat, 18 Sep 2021 15:21:08 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v20/ 23 KB
23 KB 121ms
27ms Font
font/woff2 2a00:1450:4007:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v20/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,300i,400,400i,700,700i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:810::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://rochesterny.vacation.travelleadersnetwork.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 07 Sep 2021 00:46:51 GMT
x-content-type-options: nosniff
age: 138857
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23484
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:19:01 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 07 Sep 2022 00:46:51 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v20/ 22 KB
23 KB 139ms
45ms Font
font/woff2 2a00:1450:4007:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v20/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,300i,400,400i,700,700i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:810::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://rochesterny.vacation.travelleadersnetwork.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 18:52:00 GMT
x-content-type-options: nosniff
age: 419348
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22992
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:18:57 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 03 Sep 2022 18:52:00 GMT

GET
H2 200 S6u8w4BMUTPHjxsAXC-q.woff2
fonts.gstatic.com/s/lato/v20/ 24 KB
24 KB 150ms
56ms Font
font/woff2 2a00:1450:4007:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v20/S6u8w4BMUTPHjxsAXC-q.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,300i,400,400i,700,700i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:810::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ccb5febf8ac335a1b768a7a2087fa4362cb3a0a9392e2e451df9d9825e88e5db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://rochesterny.vacation.travelleadersnetwork.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 19:13:39 GMT
x-content-type-options: nosniff
age: 418049
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24440
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:19:02 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 03 Sep 2022 19:13:39 GMT

GET
H2 200 Tracking.ashx
rochesterny.vacation.travelleadersnetwork.com/Tracking/ 43 B
208 B 242ms
241ms Image
image/gif 52.33.8.180
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rochesterny.vacation.travelleadersnetwork.com/Tracking/Tracking.ashx?siteId=10005&pageId=129421&pageTitle=Promotions%20Details&url=https%3A%2F%2Frochesterny.vacation.travelleadersnetwork.com%2Fpromotion-details.aspx%3F%26promotionid%3D40103%26utm_source%3Db2cemail%26utm_medium%3Demail%26utm_campaign%3D6715&referrer=&track=1631114468621
Requested by: Host: rochesterny.vacation.travelleadersnetwork.com
URL: https://rochesterny.vacation.travelleadersnetwork.com/promotion-details.aspx?&promotionid=40103&utm_source=b2cemail&utm_medium=email&utm_campaign=6715
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.33.8.180 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-33-8-180.us-west-2.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

:path: /Tracking/Tracking.ashx?siteId=10005&pageId=129421&pageTitle=Promotions%20Details&url=https%3A%2F%2Frochesterny.vacation.travelleadersnetwork.com%2Fpromotion-details.aspx%3F%26promotionid%3D40103%26utm_source%3Db2cemail%26utm_medium%3Demail%26utm_campaign%3D6715&referrer=&track=1631114468621
pragma: no-cache
cookie: ASP.NET_SessionId=rpec1myf0iasid5rxgqabfth
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: rochesterny.vacation.travelleadersnetwork.com
referer: https://rochesterny.vacation.travelleadersnetwork.com/promotion-details.aspx?&promotionid=40103&utm_source=b2cemail&utm_medium=email&utm_campaign=6715
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://rochesterny.vacation.travelleadersnetwork.com/promotion-details.aspx?&promotionid=40103&utm_source=b2cemail&utm_medium=email&utm_campaign=6715
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Sep 2021 15:21:09 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
set-cookie: WTP_Tracking_10005=1179faba-3309-45aa-9be0-8ee0efaeba4e; expires=Tue, 08-Sep-2071 15:21:09 GMT; path=/
access-control-allow-headers: Content-Type
content-length: 43
expires: -1

GET
H2 200 S6uyw4BMUTPHjxAwXjeu.woff2
fonts.gstatic.com/s/lato/v20/ 5 KB
5 KB 29ms
28ms Font
font/woff2 2a00:1450:4007:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v20/S6uyw4BMUTPHjxAwXjeu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,300i,400,400i,700,700i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:810::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b7ad361cce9dbab34c8fd714b379707d7aa40199bf90b90f9f19c7c1db5171b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://rochesterny.vacation.travelleadersnetwork.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 07 Sep 2021 06:56:44 GMT
x-content-type-options: nosniff
age: 116665
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5480
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:19:00 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 07 Sep 2022 06:56:44 GMT

POST
H2 200 SaveDevice Show response
rochesterny.vacation.travelleadersnetwork.com/Common/AjaxPublishedModeHelpers.asmx/ 342 B
492 B 188ms
187ms XHR
application/json 52.33.8.180
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rochesterny.vacation.travelleadersnetwork.com/Common/AjaxPublishedModeHelpers.asmx/SaveDevice
Requested by: Host: rochesterny.vacation.travelleadersnetwork.com
URL: https://rochesterny.vacation.travelleadersnetwork.com/dynamicScriptBundle/637662409453458172/kwMAAB-LCAAAAAAABAB1UkFSwzAMfE250QO8gAEGypQZDtAr48RK6yS2hCW3ze9RiAHThpOlXVmjlXZx1Tzx4qppPxLEYdnyxeIvcoBKIgBFLMkasXPAGXqNpu5c2BZhWcyHBqsWainBBqPn4IjgD9w55M6jhRI0rTk-Qk8Q-Ra9x3A-Z3I_4WVyJX8QeiekRCUYUIaR-xU3IjMVeQtfLKk0swWby26I3p8NC8QXRcc_r-CpNzLF64c1GKsj39stKECp/6h3vCm3tWFchCks0tPQunBIVHv-Bk7i-HNeRsXcgv0tuixt6MMFDSCU15vrscA9xFQSCzLCcxp2niv_jGlU0YxreYdSWmblNLOi10bSWfFCNppuWvfVYSxkINqZ31gjGGTVVj3X3tsqMzh5NANHw3jr9kdtPSXbNuXVrDKyaT_MT4ywjMCnj9vBSWOhc0ITcWLsKmm2uv0dWYwS5c6y2GNZmwDR3HoGjNK7v86k_AbML66GTAwAA0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.33.8.180 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-33-8-180.us-west-2.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 416e8b831d8e40cbce66d4fa8db244db56e596af630acc0448c6810cf637dc7a

Request headers

sec-fetch-mode: cors
origin: https://rochesterny.vacation.travelleadersnetwork.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: empty
x-requested-with: XMLHttpRequest
cookie: ASP.NET_SessionId=rpec1myf0iasid5rxgqabfth
content-length: 43
:path: /Common/AjaxPublishedModeHelpers.asmx/SaveDevice
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
content-type: application/json; charset=UTF-8
accept: */*
cache-control: no-cache
:authority: rochesterny.vacation.travelleadersnetwork.com
referer: https://rochesterny.vacation.travelleadersnetwork.com/promotion-details.aspx?&promotionid=40103&utm_source=b2cemail&utm_medium=email&utm_campaign=6715
:scheme: https
sec-fetch-site: same-origin
:method: POST
Accept: */*
Referer: https://rochesterny.vacation.travelleadersnetwork.com/promotion-details.aspx?&promotionid=40103&utm_source=b2cemail&utm_medium=email&utm_campaign=6715
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

date: Wed, 08 Sep 2021 15:21:09 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=0
set-cookie: screen_width=1600; path=/ device_type=Unknown; expires=Thu, 08-Sep-2022 15:21:09 GMT; path=/
access-control-allow-headers: Content-Type
content-length: 342

GET
H2 200 AuthenticationService.Authenticate Show response
maps.googleapis.com/maps/api/js/ 62 B
478 B 426ms
68ms Script
text/javascript 2a00:1450:4007:819::200a

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js/AuthenticationService.Authenticate?1shttps%3A%2F%2Frochesterny.vacation.travelleadersnetwork.com%2Fpromotion-details.aspx%3F%26promotionid%3D40103%26utm_source%3Db2cemail%26utm_medium%3Demail%26utm_campaign%3D6715&4sAIzaSyAxuVERn-bIKl8t1fV19IpqYCrAgzZCAv0&callback=_xdc_._edfaji&key=AIzaSyAxuVERn-bIKl8t1fV19IpqYCrAgzZCAv0&token=11047

Requested by

Host: maps.google.com
URL: https://maps.google.com/maps-api-v3/api/js/46/3/intl/de_ALL/common.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:819::200a -, , ASN (),

Reverse DNS

Software

mafe /

Resource Hash

d4eccfd1abc37b9baa2cefef5cf53b823b4b9f96232601f74e13ac36114e5489

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://rochesterny.vacation.travelleadersnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Sep 2021 15:21:13 GMT
content-encoding: gzip
server: mafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment
server-timing: gfet4t7; dur=33
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 63
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.mercavia.com
URL: https://www.mercavia.com/AgentProfile/images/AgentImages/AgentImage.jpg

Verdicts & Comments Add Verdict or Comment

184 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
rochesterny.vacation.travelleadersnetwork.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: rpec1myf0iasid5rxgqabfth
rochesterny.vacation.travelleadersnetwork.com/	1970-02-07 03:22:31	Name: WTP_Tracking_10005 Value: 1179faba-3309-45aa-9be0-8ee0efaeba4e
rochesterny.vacation.travelleadersnetwork.com/	1969-12-31 23:59:59	Name: screen_width Value: 1600
rochesterny.vacation.travelleadersnetwork.com/	1970-01-20 05:50:50	Name: device_type Value: Unknown

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://rochesterny.vacation.travelleadersnetwork.com/promotion-details.aspx?&promotionid=40103&utm_source=b2cemail&utm_medium=email&utm_campaign=6715(Line 1) Message: Mixed Content: The page at 'https://rochesterny.vacation.travelleadersnetwork.com/promotion-details.aspx?&promotionid=40103&utm_source=b2cemail&utm_medium=email&utm_campaign=6715' was loaded over HTTPS, but requested an insecure element 'http://www.mercavia.com/AgentProfile/images/AgentImages/AgentImage.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://rochesterny.vacation.travelleadersnetwork.com/promotion-details.aspx?&promotionid=40103&utm_source=b2cemail&utm_medium=email&utm_campaign=6715 Message: Mixed Content: The page at 'https://rochesterny.vacation.travelleadersnetwork.com/promotion-details.aspx?&promotionid=40103&utm_source=b2cemail&utm_medium=email&utm_campaign=6715' was loaded over HTTPS, but requested an insecure element 'http://www.mercavia.com/AgentProfile/images/AgentImages/AgentImage.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://rochesterny.vacation.travelleadersnetwork.com/promotion-details.aspx?&promotionid=40103&utm_source=b2cemail&utm_medium=email&utm_campaign=6715 Message: Mixed Content: The page at 'https://rochesterny.vacation.travelleadersnetwork.com/promotion-details.aspx?&promotionid=40103&utm_source=b2cemail&utm_medium=email&utm_campaign=6715' was loaded over HTTPS, but requested an insecure element 'http://www.mercavia.com/AgentProfile/images/AgentImages/AgentImage.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://rochesterny.vacation.travelleadersnetwork.com/promotion-details.aspx?&promotionid=40103&utm_source=b2cemail&utm_medium=email&utm_campaign=6715 Message: Mixed Content: The page at 'https://rochesterny.vacation.travelleadersnetwork.com/promotion-details.aspx?&promotionid=40103&utm_source=b2cemail&utm_medium=email&utm_campaign=6715' was loaded over HTTPS, but requested an insecure element 'http://www.mercavia.com/AgentProfile/images/AgentImages/AgentImage.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
i.imgur.com
links.travelleaders.mkt5763.com
maps.google.com
maps.googleapis.com
rochesterny.vacation.travelleadersnetwork.com
skins.webtreepro.com
wtp-prd.s3.us-west-2.amazonaws.com
www.mercavia.com
www.travelleaders.com
www.mercavia.com
151.101.120.193
2600:9000:218e:ea00:16:4349:fe00:93a1
2606:4700::6812:18a5
2a00:1450:4007:80b::200e
2a00:1450:4007:80c::200a
2a00:1450:4007:810::2003
2a00:1450:4007:819::200a
52.222.158.94
52.33.8.180
52.92.145.218
00b54b83d8aaed868cba2e92c5b0d6483005f1c2023066d22eeb91958b4592c6
0130a8dceb8fc8165defe555fb6311120ce66f1ee2a51abe20990eb2bffc6f66
03cc475779bdaf7505896abaf47daaa415dd8cb283d08af068ac6252ebeef262
04408c71c259fcc28897df62516f123f74cf80ee68aa30ae65bf93080b299c21
055d7c3f6cb5d9de857863fb27fec3ce0643a772114a65cf1f05f4a763328921
068127f41f14fdc4af29c6745a188ead07ccc9f6ae7d794161b4ba2cd2ebf108
0717386f7a43b20098c2598cdc69393291f848e50b1150806067ad9fbb1da75e
07286b4255a695e75b1f9dfdb330bcd2b929583b6f73acdc2bc0e33d101dc12d
07b58674b2c15cda501a564758fba6375acc3a68accc456a6d1fef7fd1d7103b
0814ba104ce9e9bc4630d3edfd77999bf8936db78e1e81e23d3a07278ab55b59
0b5ccf8ec360d4ce45730aac1718af91e431ee6379282eebc3f44476363a52c7
17986bb0127706a97def0b152bb1d8cd492a7c9875a6c29131c7609f7dff81c0
20383d22a70c230ed85c59040fa6586bc8beb7dc4353ea59a6670cb609100d12
2b7ad361cce9dbab34c8fd714b379707d7aa40199bf90b90f9f19c7c1db5171b
2f828220b9dd6c92f5c9c096bfa3bb3fbc579380e2b0ec1e4733d850e116a7f1
2fa4f7f3d55ad47b706cf6132477993794fb01ced39de1f0e09be673a382ca31
2fe63e9c6dfafeb5c4171a9d0e1ffa1f5d183b3e235a9ab31dc08143518ef6ea
334e714a1c5ebefb28783d1c809dda2a01b916554121e92067a2e41417cd10a2
34480e8a7708d5f1b58d5574b37594e155d4d382e33770369b0a708e55acb4db
38e16f15e0f3294a97b254a8332d9f7823dece3e40744a293b4334b9dd7845d2
39e231142ae1761f5629da079d84565f2d0ae0d76f950e615351d6e039e05901
416e8b831d8e40cbce66d4fa8db244db56e596af630acc0448c6810cf637dc7a
420b010e928958f26db0f33756cc62472439b1070247804be9d08cb08f7044bc
4392b66d78b176d805a564911c8edd0689998491d6ab8377ffb39cddd042b083
4823bf9e997f3e4691ce2d7eac0b7c667a5f35a0872c7b7c53402715843394c6
56262f89c6c4ff07215e8f2054738efe3bff7501794c59e625649ebc2bc9b9f6
59289c6a89fbda54b3e73366834311fa6b3236db491365e2e53525e003fa9c05
5d9ead5b57aa8dffb50d17a7963c2742d08536b37a7b87786ac1d658cfa85d08
67c6ecc8427464e7bdea2cc7ee09fbf96f4053d3272824b8df34a16b637a1646
6883426e28ab0009b0679c705b6dfe53479f5d6ace8ae6f762d842bc26dc9e81
8228706b6c93f2894fca54286a589628d9da40cd3eceec2efb990135320c20c2
82953a7984a5c2ba159367ace8469bd11dbc1b78cac91c8ae771775678358027
8359698e6bdfd634bf3afb29ac265d86f411e11e6d623ce49ca31af90955be7a
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
91749779a5a13b3e2a39c3d54a3f98638f20ba09e1bdcfe317983fbd44f4cb13
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9d698116307e36bcfc8bf63bb76c0ce742f65c605b7482453218d48735485663
9dd151e1ad03b8a5e254859512921a89099a5e2f30da5eb316f8aaa88bce97b8
a202bdbe8db7b66a527041fae6d137b31d1c33d5d732d544e857fa1bd2c19946
a78e9e80a951a4a1c522745ee893c891a91d429dc6b66c5901b79d5ee4715e5c
aa418d001819a7e85c8255db4b5113f7dfe8379da11ba47d8f9e90eb40b90a95
adbf231038f6d71816a6f8f59bd8aa93b98ec9629b310d5cac8abaa5d3e29009
b95d6ba15565d64aec669cd31442364baa51e09d70874c0657c1b5eade6c0f89
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
c6c428f3595f2f63b0f3d56f1098f27a5f9b00ef4f557847b24bd64c97b60dc1
ccb5febf8ac335a1b768a7a2087fa4362cb3a0a9392e2e451df9d9825e88e5db
d4eccfd1abc37b9baa2cefef5cf53b823b4b9f96232601f74e13ac36114e5489
d7af8f5650edce4c53e9cb3efeb23607011570c1e5be2da4b9e10af92d4b2d7d
db389340fe2abdce829bb2bc5cc87f51227e83c86f4b3eb853f63f512bb2fca0
dc2c6e7b504bbe275f9bbd04672dd18cb21ac0674a133a0b9cd4c0848ec46979
e49cc07dfac4025d39077a83e7fe076064c344d8e4cfcfe77f63705ef43725b0
e69abd7e0cc82f336e61fea889e406ecbbeb7ece1df960231b7a9ba0d1dd1676
ed0f05101d480726c58bcd4956a1e7b02f12b538d02058f1b0ebfdabe8a7ef42
f317df767971f8d070cf8f63e9d5a7815c0eb426a15247a0b4187b3d02c2f0c0
f3f5701504016c4392300aea9ad66c01a5e12a63ee0a97e0e7469540c672f75f
f4c75b73f33943aff0b9bd8bd64959f09c560525c9ed727f08801eb73781e0d2
fb1cd0489615f61f72b85c145e978462ed2ffef157d32e5cbf3bffb0e08f3a1e
fc9dfd7ca95eabaf4140249b69b38d431671ab4d3f243d15845c33064e13cfc9
fed9a74da41a9de2c2bb7842542dfbcbf9de0c35c1837abf4678cd7f2d8015fb

rochesterny.vacation.travelleadersnetwork.com Open in urlscan Pro 52.33.8.180 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

60 Requests

98 %HTTPS

60 %IPv6

10 Domains

11 Subdomains

10 IPs

3 Countries

4101 kBTransfer

4904 kBSize

4 Cookies

2 Outgoing links

Page URL History

Redirected requests

60 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

rochesterny.vacation.travelleadersnetwork.com Open in urlscan Pro
52.33.8.180 Public Scan

Screenshot
Live screenshot

Full Image

60
Requests

98 %
HTTPS

60 %
IPv6

10
Domains

11
Subdomains

10
IPs

3
Countries

4101 kB
Transfer

4904 kB
Size

4
Cookies

60 HTTP transactions
0 data transactions