urlscan.io logo urlscan.io
SecurityTrails logo

lavila.dreamvacations.com Open in urlscan Pro
45.60.121.26  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://cl.exct.net/?qs=6fd57b8a41bfa47dfb6814dfebc1808d43953fa76f248204072151baed70d681d9a3b91eb95ba336cff4eee3d114...
Effective URL: https://lavila.dreamvacations.com/promotion/norwegian-cruises.do?utm_medium=HB-Email&utm_source=WeeklySend&utm_campaign=20200427&u...
Submission: On May 01 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 5 countries across 12 domains to perform 84 HTTP transactions. The main IP is 45.60.121.26, located in United States and belongs to INCAPSULA, US. The main domain is lavila.dreamvacations.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on March 9th 2020. Valid for: a year.
This is the only time lavila.dreamvacations.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    2a02:26f0:6c00:18b::416d (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)
cl.exct.net
60    45.60.121.26 (United States)

ASN19551 (INCAPSULA, US)
lavila.dreamvacations.com
2    2a00:1450:4001:809::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:820::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2001:4de0:ac19::1:b:3a (Netherlands)

ASN20446 (HIGHWINDS3, US)
stackpath.bootstrapcdn.com
2    2a00:1450:4001:824::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
2    2a00:1450:4001:81f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
adservice.google.com
2    216.58.210.2 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra16s07-in-f2.1e100.net
securepubads.g.doubleclick.net
1    2a00:1450:400c:c0c::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:815::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:814::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
5    2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
Domain Requested by
60 lavila.dreamvacations.com 1 redirects lavila.dreamvacations.com
5 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
lavila.dreamvacations.com
2 pagead2.googlesyndication.com securepubads.g.doubleclick.net
2 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
2 fonts.gstatic.com lavila.dreamvacations.com
2 www.googletagservices.com lavila.dreamvacations.com
securepubads.g.doubleclick.net
2 stackpath.bootstrapcdn.com lavila.dreamvacations.com
2 fonts.googleapis.com lavila.dreamvacations.com
2 www.googletagmanager.com lavila.dreamvacations.com
1 www.google.de lavila.dreamvacations.com
1 www.google.com 1 redirects
1 stats.g.doubleclick.net 1 redirects
1 adservice.google.com www.googletagservices.com
1 adservice.google.de www.googletagservices.com
1 cl.exct.net 1 redirects
84 16

This site contains links to these domains. Also see Links.

Domain
www.dreamvacationsfranchise.com
Subject Issuer Validity Valid
*.dreamvacations.com
Go Daddy Secure Certificate Authority - G2		 2020-03-09 -
2021-03-09		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-04-07 -
2020-06-30		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2020-04-07 -
2020-06-30		 3 months crt.sh
*.bootstrapcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2019-09-14 -
2020-10-13		 a year crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-04-07 -
2020-06-30		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2020-04-07 -
2020-06-30		 3 months crt.sh
*.google.com
GTS CA 1O1		 2020-04-07 -
2020-06-30		 3 months crt.sh
www.google.de
GTS CA 1O1		 2020-04-07 -
2020-06-30		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1O1		 2020-04-07 -
2020-06-30		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://lavila.dreamvacations.com/promotion/norwegian-cruises.do?utm_medium=HB-Email&utm_source=WeeklySend&utm_campaign=20200427&utm_content=Norwegian
Frame ID: 9E144A7FDAAAD8294476BA26576CF325
Requests: 86 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: D062C297915A4F539E2476F9F05F43D5
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: 95183B354B9534D48587B7018DF0B97F
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Frame ID: 5BB07A16051593F0A58E0FA84B755275
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://cl.exct.net/?qs=6fd57b8a41bfa47dfb6814dfebc1808d43953fa76f248204072151baed70d681d9a3b91e... HTTP 302
    http://lavila.dreamvacations.com/promotion/norwegian-cruises.do?utm_medium=HB-Email&utm_source=WeeklySend&utm... HTTP 302
    https://lavila.dreamvacations.com/promotion/norwegian-cruises.do?utm_medium=HB-Email&utm_source=WeeklySend&utm... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
  • script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i
Overall confidence: 100%
Detected patterns
  • script /jquery[.-]([\d.]*\d)[^/]*\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

84
Requests

100 %
HTTPS

87 %
IPv6

12
Domains

16
Subdomains

13
IPs

5
Countries

2170 kB
Transfer

3667 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://cl.exct.net/?qs=6fd57b8a41bfa47dfb6814dfebc1808d43953fa76f248204072151baed70d681d9a3b91eb95ba336cff4eee3d114c52bfc2925464f296869 HTTP 302
    http://lavila.dreamvacations.com/promotion/norwegian-cruises.do?utm_medium=HB-Email&utm_source=WeeklySend&utm_campaign=20200427&utm_content=Norwegian HTTP 302
    https://lavila.dreamvacations.com/promotion/norwegian-cruises.do?utm_medium=HB-Email&utm_source=WeeklySend&utm_campaign=20200427&utm_content=Norwegian Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 77
  • https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j81&tid=UA-32340454-7&cid=22053536.1588356789&jid=893977558&gjid=1025705375&_gid=1576703382.1588356789&_u=aGDAgEAL~&z=1160660378 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-32340454-7&cid=22053536.1588356789&jid=893977558&_v=j81&z=1160660378 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-32340454-7&cid=22053536.1588356789&jid=893977558&_v=j81&z=1160660378&slf_rd=1&random=3794145905

84 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set norwegian-cruises.do
lavila.dreamvacations.com/promotion/
Redirect Chain
  • https://cl.exct.net/?qs=6fd57b8a41bfa47dfb6814dfebc1808d43953fa76f248204072151baed70d681d9a3b91eb95ba336cff4eee3d114c52bfc2925464f296869
  • http://lavila.dreamvacations.com/promotion/norwegian-cruises.do?utm_medium=HB-Email&utm_source=WeeklySend&utm_campaign=20200427&utm_content=Norwegian
  • https://lavila.dreamvacations.com/promotion/norwegian-cruises.do?utm_medium=HB-Email&utm_source=WeeklySend&utm_campaign=20200427&utm_content=Norwegian
338 KB
43 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lavila.dreamvacations.com/promotion/norwegian-cruises.do?utm_medium=HB-Email&utm_source=WeeklySend&utm_campaign=20200427&utm_content=Norwegian
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.121.26 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
1464b720e5e17df8c783969babc74482c6fc031f82df8a94fdccb238c2e7f7f2

Request headers

Host
lavila.dreamvacations.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
visid_incap_2158146=AYBZWabRR6ydBOrp1Y5dN7BmrF4AAAAAQUIPAAAAAABtBj0kHk05H6UN32k6b79x; incap_ses_144_2158146=8tRWOIBsj0d2LXw9uJj/AbBmrF4AAAAApAxOXNqWUQy5X1dAgXQetQ==; ___utmvmoFucmkBZ=rUPkuJTzQIw; ___utmvboFucmkBZ=kZE XUfOCalp: KtL
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 01 May 2020 18:13:07 GMT
Content-Type
text/html;charset=UTF-8
Connection
keep-alive
Set-Cookie
WDUID=288502a9-5fba-41a8-96b3-beb6dd595a3c; Expires=Mon, 29-Apr-2030 18:13:07 GMT; Path=/ WDVID=b301f99b-3a37-4576-bc6e-d2bdc6ed0d7a; Path=/ IncludeAlumniRates=""; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/ IncludeSeniorRates=""; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/ AlumniCruiseId=false; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/ shoppingZipCode=""; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/ EmailSignupComplete=""; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/ CustomerPref=numPaxAdult%3D2%7CnumPaxChild%3D0%7CchildAges%3D%7CfirstName%3D%7ClastName%3D%7Cemail%3D%7CmemberNumber%3D%7Cair%3D%7CorigCityCode%3D%7Cairport%3D%7C; Expires=Sun, 31-May-2020 18:13:07 GMT; Path=/ AFF%5FCID=""; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/ sid=594272; Path=/ cruiseCriteia=fd%3D%5Ecd%3D%5Edp%3D%5Edo%3D%5Edm%3D%5Emi%3D%5Ecs%3D%5Edi%3D%5Ed%3D%5Epd%3D%5Ec%3D%5Esb%3D%5Ecl%3D%5Edd%3D%5Eac%3D%5E; Expires=Sun, 31-May-2020 18:13:07 GMT; Path=/ searchCriteia=iar%3DCleared%5Efd%3DCleared%5Ecd%3D%5Ezc%3DCleared%5Edp%3DCleared%5Edo%3DCleared%5Edm%3DCleared%5Emi%3DCleared%5Ecs%3DCleared%5Ed%3DCleared%5Ec%3DCleared%5Eisr%3DCleared%5Ecl%3DCleared%5Edd%3DCleared%5Eac%3DCleared%5E; Expires=Sun, 31-May-2020 18:13:07 GMT; Path=/ cruiselineMembershipCookie=cclVifp%3D%7CnclLatitudeRates%3D%7C; Expires=Sun, 31-May-2020 18:13:07 GMT; Path=/ JSESSIONID=E63BAB1A327BAC8122E50181F29E49D9; Path=/; HttpOnly NSC_WJQ-QSPE-BQDI-DPOF=ffffffff096017a845525d5f4f58455e445a4a423660;expires=Fri, 01-May-2020 18:33:07 GMT;path=/;secure;httponly visid_incap_2158146=AYBZWabRR6ydBOrp1Y5dN7BmrF4AAAAAQUIPAAAAAABtBj0kHk05H6UN32k6b79x; expires=Sat, 01 May 2021 13:07:10 GMT; HttpOnly; path=/; Domain=.dreamvacations.com incap_ses_144_2158146=8tRWOIBsj0d2LXw9uJj/AbBmrF4AAAAApAxOXNqWUQy5X1dAgXQetQ==; path=/; Domain=.dreamvacations.com ___utmvboFucmkBZ=a; Max-Age=0; path=/; expires=Sun, 26 Apr 2020 13:03:22 GMT ___utmvmoFucmkBZ=a; Max-Age=0; path=/; expires=Sun, 26 Apr 2020 13:03:22 GMT
Content-Encoding
gzip
Content-Language
en-US
X-CDN
Incapsula
Transfer-Encoding
chunked
X-Iinfo
0-31199404-31203721 NNNY CT(0 0 0) RT(1588356749460 35606) q(0 0 0 -1) r(20 20) U5

Redirect headers

Location
HTTPS://lavila.dreamvacations.com/promotion/norwegian-cruises.do?utm_medium=HB-Email&utm_source=WeeklySend&utm_campaign=20200427&utm_content=Norwegian
Connection
close
Cache-Control
no-cache
Pragma
no-cache
Set-Cookie
visid_incap_2158146=AYBZWabRR6ydBOrp1Y5dN7BmrF4AAAAAQUIPAAAAAABtBj0kHk05H6UN32k6b79x; expires=Sat, 01 May 2021 13:07:10 GMT; HttpOnly; path=/; Domain=.dreamvacations.com incap_ses_144_2158146=8tRWOIBsj0d2LXw9uJj/AbBmrF4AAAAApAxOXNqWUQy5X1dAgXQetQ==; path=/; Domain=.dreamvacations.com ___utmvmoFucmkBZ=rUPkuJTzQIw; path=/; Max-Age=900 ___utmvaoFucmkBZ=bZXJCTI; path=/; Max-Age=900 ___utmvboFucmkBZ=kZE XUfOCalp: KtL; path=/; Max-Age=900
X-CDN
Incapsula
X-Iinfo
2-50042855-50042856 NNNN CT(13 -1 0) RT(1588356784885 0) q(0 0 0 0) r(1 1) U5
js
www.googletagmanager.com/gtag/ 		80 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-32340454-7
Requested by
Host: lavila.dreamvacations.com
URL: https://lavila.dreamvacations.com/promotion/norwegian-cruises.do?utm_medium=HB-Email&utm_source=WeeklySend&utm_campaign=20200427&utm_content=Norwegian
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
fc72333eb9ac1292cc985f93696d57edc7261d5ba05943fa88ac37eda8124f85
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://lavila.dreamvacations.com/promotion/norwegian-cruises.do?utm_medium=HB-Email&utm_source=WeeklySend&utm_campaign=20200427&utm_content=Norwegian
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 01 May 2020 18:13:07 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
status
200
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30217
x-xss-protection
0
expires
Fri, 01 May 2020 18:13:07 GMT
jquery.mobile-1.4.5.min.css
lavila.dreamvacations.com/includes/desktop/css/jqm1.4.5/ 		203 KB
29 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lavila.dreamvacations.com/includes/desktop/css/jqm1.4.5/jquery.mobile-1.4.5.min.css
Requested by
Host: lavila.dreamvacations.com
URL: https://lavila.dreamvacations.com/promotion/norwegian-cruises.do?utm_medium=HB-Email&utm_source=WeeklySend&utm_campaign=20200427&utm_content=Norwegian
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.121.26 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
e0efb2698022192156cc78047437988d55dda3b2f39ce4fa3b4cddce3012dcf2

Request headers

Referer
https://lavila.dreamvacations.com/promotion/norwegian-cruises.do?utm_medium=HB-Email&utm_source=WeeklySend&utm_campaign=20200427&utm_content=Norwegian
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 01 May 2020 18:13:07 GMT
Content-Encoding
gzip
Last-Modified
Thu, 03 Sep 2015 08:39:51 GMT
X-CDN
Incapsula
ETag
"1e86881924e6d01:20c99"
ntCoent-Length
207467
Transfer-Encoding
chunked
P3P
CP="NOI DSP CURa ADMa DEVa TAIa CONo HISa OUR BUS IND PHY ONL UNI PUR COM NAV INT DEM STA"
X-Iinfo
7-47217183-47224446 NNNY CT(0 0 0) RT(1588356749460 37719) q(0 0 0 -1) r(0 1) U5
Cache-Control
max-age=3600
Accept-Ranges
bytes
Content-Type
text/css
wth.css
lavila.dreamvacations.com/includes/desktop/css/ 		169 KB
37 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lavila.dreamvacations.com/includes/desktop/css/wth.css?version=1.0.1
Requested by
Host: lavila.dreamvacations.com
URL: https://lavila.dreamvacations.com/promotion/norwegian-cruises.do?utm_medium=HB-Email&utm_source=WeeklySend&utm_campaign=20200427&utm_content=Norwegian
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.121.26 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
35f6562c765014dd570e978482ef4802db6fec7c4f65c2a0f55df964406b11f7

Request headers

Referer
https://lavila.dreamvacations.com/promotion/norwegian-cruises.do?utm_medium=HB-Email&utm_source=WeeklySend&utm_campaign=20200427&utm_content=Norwegian
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 01 May 2020 18:13:07 GMT
Content-Encoding
gzip
Last-Modified
Wed, 29 Apr 2020 09:19:23 GMT
X-CDN
Incapsula
ETag
"87adc04571ed61:20ca7"
ntCoent-Length
172803
Transfer-Encoding
chunked
P3P
CP="NOI DSP CURa ADMa DEVa TAIa CONo HISa OUR BUS IND PHY ONL UNI PUR COM NAV INT DEM STA"
X-Iinfo
4-73250829-73259814 NNNN CT(19 22 0) RT(1588356749460 37719) q(0 0 1 -1) r(1 1) U5
Cache-Control
max-age=3600
Accept-Ranges
bytes
Content-Type
text/css
desktop_m1.css
lavila.dreamvacations.com/includes/desktop/css/ 		45 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lavila.dreamvacations.com/includes/desktop/css/desktop_m1.css?version=1.0.1
Requested by
Host: lavila.dreamvacations.com
URL: https://lavila.dreamvacations.com/promotion/norwegian-cruises.do?utm_medium=HB-Email&utm_source=WeeklySend&utm_campaign=20200427&utm_content=Norwegian
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.121.26 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
a9339d3d33e84085ae4c20356c6ce5d3a49530d254d772a9c55096a3c8276fab

Request headers

Referer
https://lavila.dreamvacations.com/promotion/norwegian-cruises.do?utm_medium=HB-Email&utm_source=WeeklySend&utm_campaign=20200427&utm_content=Norwegian
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 01 May 2020 18:13:07 GMT
Content-Encoding
gzip
Last-Modified
Wed, 25 Mar 2020 09:10:42 GMT
X-CDN
Incapsula
ETag
"745c7842852d61:20ca7"
ntCoent-Length
46549
P3P
CP="NOI DSP CURa ADMa DEVa TAIa CONo HISa OUR BUS IND PHY ONL UNI PUR COM NAV INT DEM STA"
X-Iinfo
0-31199405-31203721 PNNy RT(1588356749461 37718) q(0 0 0 -1) r(1 1) U5
Cache-Control
max-age=3600
Accept-Ranges
bytes
Content-Type
text/css
Content-Length
11041
jquery-1.11.1.min.js
lavila.dreamvacations.com/lib/javascript/desktop/ 		94 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lavila.dreamvacations.com/lib/javascript/desktop/jquery-1.11.1.min.js
Requested by
Host: lavila.dreamvacations.com
URL: https://lavila.dreamvacations.com/promotion/norwegian-cruises.do?utm_medium=HB-Email&utm_source=WeeklySend&utm_campaign=20200427&utm_content=Norwegian
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.121.26 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
91222f96f34735ebc88df208017e54d4329b9202e3e52367fb8b149698a1a5ef

Request headers

Referer
https://lavila.dreamvacations.com/promotion/norwegian-cruises.do?utm_medium=HB-Email&utm_source=WeeklySend&utm_campaign=20200427&utm_content=Norwegian
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 01 May 2020 18:13:07 GMT
Content-Encoding
gzip
Last-Modified
Wed, 19 Nov 2014 16:12:24 GMT
X-CDN
Incapsula
ETag
"4afc189b134d01:20c99"
Transfer-Encoding
chunked
P3P
CP="NOI DSP CURa ADMa DEVa TAIa CONo HISa OUR BUS IND PHY ONL UNI PUR COM NAV INT DEM STA"
X-Iinfo
8-60433736-60442838 NNYY CT(0 0 0) RT(1588356749460 37719) q(0 0 0 -1) r(0 1) U5
Cache-Control
max-age=3600
Accept-Ranges
bytes
Content-Type
application/x-javascript
jquery.mobile-1.4.5.min.js
lavila.dreamvacations.com/lib/javascript/desktop/jqm1.4.5/ 		195 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lavila.dreamvacations.com/lib/javascript/desktop/jqm1.4.5/jquery.mobile-1.4.5.min.js
Requested by
Host: lavila.dreamvacations.com
URL: https://lavila.dreamvacations.com/promotion/norwegian-cruises.do?utm_medium=HB-Email&utm_source=WeeklySend&utm_campaign=20200427&utm_content=Norwegian
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.121.26 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
34c907374e938efced62f13f2a6755f9edcd5634ec946a74d936258ef1335c58

Request headers

Referer
https://lavila.dreamvacations.com/promotion/norwegian-cruises.do?utm_medium=HB-Email&utm_source=WeeklySend&utm_campaign=20200427&utm_content=Norwegian
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 01 May 2020 18:13:07 GMT
Content-Encoding
gzip
Last-Modified
Thu, 29 Oct 2015 08:56:29 GMT
X-CDN
Incapsula
ETag
"98b08db32712d11:20c8f"
Transfer-Encoding
chunked
P3P
CP="NOI DSP CURa ADMa DEVa TAIa CONo HISa OUR BUS IND PHY ONL UNI PUR COM NAV INT DEM STA"
X-Iinfo
9-79059662-79069421 NNYN CT(25 132 0) RT(1588356749556 37676) q(0 0 1 -1) r(2 2) U5
Cache-Control
max-age=3600
Accept-Ranges
bytes
Content-Type
application/x-javascript
custom.js
lavila.dreamvacations.com/lib/javascript/desktop/ 		52 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lavila.dreamvacations.com/lib/javascript/desktop/custom.js
Requested by
Host: lavila.dreamvacations.com
URL: https://lavila.dreamvacations.com/promotion/norwegian-cruises.do?utm_medium=HB-Email&utm_source=WeeklySend&utm_campaign=20200427&utm_content=Norwegian
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.121.26 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
eaec6789f7c6bfcd7ab8ae931d312ba0defc9766ec7c15c0ba2c205e0cad9671

Request headers

Referer
https://lavila.dreamvacations.com/promotion/norwegian-cruises.do?utm_medium=HB-Email&utm_source=WeeklySend&utm_campaign=20200427&utm_content=Norwegian
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 01 May 2020 18:13:07 GMT
Content-Encoding
gzip
Last-Modified
Wed, 25 Mar 2020 09:10:06 GMT
X-CDN
Incapsula
ETag
"fe68f22c852d61:20cb3"
Transfer-Encoding
chunked
P3P
CP="NOI DSP CURa ADMa DEVa TAIa CONo HISa OUR BUS IND PHY ONL UNI PUR COM NAV INT DEM STA"
X-Iinfo
0-31199404-31204036 SNYN RT(1588356749460 38056) q(0 0 0 -1) r(0 0) U5
Cache-Control
max-age=3600
Accept-Ranges
bytes
Content-Type
application/x-javascript
logerror.js
lavila.dreamvacations.com/lib/javascript/error/ 		331 B
843 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lavila.dreamvacations.com/lib/javascript/error/logerror.js
Requested by
Host: lavila.dreamvacations.com
URL: https://lavila.dreamvacations.com/promotion/norwegian-cruises.do?utm_medium=HB-Email&utm_source=WeeklySend&utm_campaign=20200427&utm_content=Norwegian
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.121.26 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
e1ca14dff08f5b476b36e71e35936b2430bd30c1b68f5f531ce100083a48209d

Request headers

Referer
https://lavila.dreamvacations.com/promotion/norwegian-cruises.do?utm_medium=HB-Email&utm_source=WeeklySend&utm_campaign=20200427&utm_content=Norwegian
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 01 May 2020 18:13:07 GMT
Content-Encoding
gzip
Last-Modified
Wed, 29 Jan 2020 10:04:34 GMT
X-CDN
Incapsula
ETag
"f97d8818bd6d51:20cb3"
Transfer-Encoding
chunked
P3P
CP="NOI DSP CURa ADMa DEVa TAIa CONo HISa OUR BUS IND PHY ONL UNI PUR COM NAV INT DEM STA"
X-Iinfo
8-60433736-60442838 SNYy RT(1588356749460 38061) q(0 0 0 -1) r(0 0) U5
Cache-Control
max-age=3600
Accept-Ranges
bytes
Content-Type
application/x-javascript
gtm.js
www.googletagmanager.com/ 		93 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NKTDR2
Requested by
Host: lavila.dreamvacations.com
URL: https://lavila.dreamvacations.com/promotion/norwegian-cruises.do?utm_medium=HB-Email&utm_source=WeeklySend&utm_campaign=20200427&utm_content=Norwegian
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3662b2b19544f57f1caf2823d453cd89e00bc9ab417bb2b0c3fba4fb76473903
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://lavila.dreamvacations.com/promotion/norwegian-cruises.do?utm_medium=HB-Email&utm_source=WeeklySend&utm_campaign=20200427&utm_content=Norwegian
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 01 May 2020 18:13:08 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
status
200
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28992
x-xss-protection
0
expires
Fri, 01 May 2020 18:13:08 GMT
promopage_m1.css
lavila.dreamvacations.com/includes/desktop/css/promopage/ 		142 B
772 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lavila.dreamvacations.com/includes/desktop/css/promopage/promopage_m1.css
Requested by
Host: lavila.dreamvacations.com
URL: https://lavila.dreamvacations.com/promotion/norwegian-cruises.do?utm_medium=HB-Email&utm_source=WeeklySend&utm_campaign=20200427&utm_content=Norwegian
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.121.26 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
a88e8637763b215e56141415514c77162c4478da1d038c1c11d9250fd58d0830

Request headers

Referer
https://lavila.dreamvacations.com/promotion/norwegian-cruises.do?utm_medium=HB-Email&utm_source=WeeklySend&utm_campaign=20200427&utm_content=Norwegian
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 01 May 2020 18:13:06 GMT
Content-Encoding
gzip
Last-Modified
Wed, 19 Dec 2018 14:57:14 GMT
X-CDN
Incapsula
ETag
"3e78120ab97d41:20cd4"
ntCoent-Length
142
P3P
CP="NOI DSP CURa ADMa DEVa TAIa CONo HISa OUR BUS IND PHY ONL UNI PUR COM NAV INT DEM STA"
X-Iinfo
0-31199404-31204036 NNNN CT(12 15 0) RT(1588356749460 37746) q(0 0 0 -1) r(0 0) U5
Cache-Control
max-age=3600
Accept-Ranges
bytes
Content-Type
text/css
Content-Length
143
msgbox.js
lavila.dreamvacations.com/lib/javascript/general/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lavila.dreamvacations.com/lib/javascript/general/msgbox.js
Requested by
Host: lavila.dreamvacations.com
URL: https://lavila.dreamvacations.com/promotion/norwegian-cruises.do?utm_medium=HB-Email&utm_source=WeeklySend&utm_campaign=20200427&utm_content=Norwegian
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.121.26 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
4f5bad0f6a8f0bd0706e90b30e20949412b1460d420f7ac8199f7695afb1797b

Request headers

Referer
https://lavila.dreamvacations.com/promotion/norwegian-cruises.do?utm_medium=HB-Email&utm_source=WeeklySend&utm_campaign=20200427&utm_content=Norwegian
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 01 May 2020 18:13:07 GMT
Content-Encoding
gzip
Last-Modified
Thu, 31 May 2012 09:13:20 GMT
X-CDN
Incapsula
ETag
"518e699fd3fcd1:20ca7"
Transfer-Encoding
chunked
P3P
CP="NOI DSP CURa ADMa DEVa TAIa CONo HISa OUR BUS IND PHY ONL UNI PUR COM NAV INT DEM STA"
X-Iinfo
4-73250829-73259814 SNYN RT(1588356749460 38066) q(0 0 0 -1) r(0 0) U5
Cache-Control
max-age=3600
Accept-Ranges
bytes
Content-Type
application/x-javascript
multiselectsearchwidget.js
lavila.dreamvacations.com/lib/javascript/desktop/ 		51 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lavila.dreamvacations.com/lib/javascript/desktop/multiselectsearchwidget.js
Requested by
Host: lavila.dreamvacations.com
URL: https://lavila.dreamvacations.com/promotion/norwegian-cruises.do?utm_medium=HB-Email&utm_source=WeeklySend&utm_campaign=20200427&utm_content=Norwegian
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.121.26 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
86590561ae093328b341a9884ce67da377940214f30e9f5a921545ec6ae9dd59

Request headers

Referer
https://lavila.dreamvacations.com/promotion/norwegian-cruises.do?utm_medium=HB-Email&utm_source=WeeklySend&utm_campaign=20200427&utm_content=Norwegian
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 01 May 2020 18:13:07 GMT
Content-Encoding
gzip
Last-Modified
Wed, 08 Apr 2020 09:10:41 GMT
X-CDN
Incapsula
ETag
"36d5849385dd61:20c8f"
Transfer-Encoding
chunked
P3P
CP="NOI DSP CURa ADMa DEVa TAIa CONo HISa OUR BUS IND PHY ONL UNI PUR COM NAV INT DEM STA"
X-Iinfo
7-47217183-47224446 SNYy RT(1588356749460 38174) q(0 0 0 -1) r(0 0) U5
Cache-Control
max-age=3600
Accept-Ranges
bytes
Content-Type
application/x-javascript
MENUstyle.css
lavila.dreamvacations.com/images/hbapp/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lavila.dreamvacations.com/images/hbapp/css/MENUstyle.css
Requested by
Host: lavila.dreamvacations.com
URL: https://lavila.dreamvacations.com/promotion/norwegian-cruises.do?utm_medium=HB-Email&utm_source=WeeklySend&utm_campaign=20200427&utm_content=Norwegian
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.121.26 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
4824ec1a8ee2fb490903cf82101b8ae3b8d789f481985511196cedb47c0dc303

Request headers

Referer
https://lavila.dreamvacations.com/promotion/norwegian-cruises.do?utm_medium=HB-Email&utm_source=WeeklySend&utm_campaign=20200427&utm_content=Norwegian
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Cteonnt-Length
3574
Date
Fri, 01 May 2020 18:12:30 GMT
Content-Encoding
gzip
Last-Modified
Fri, 06 Mar 2020 19:58:00 GMT
X-CDN
Incapsula
ETag
"054b089f1f3d51:1be4"
Content-Type
text/css
X-Iinfo
0-31199405-31203721 SNNy RT(1588356749461 37877) q(0 0 0 -1) r(0 0) U5
Cache-Control
private
Accept-Ranges
bytes
Content-Length
978
DVstyle.css
lavila.dreamvacations.com/images/hbapp/css/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lavila.dreamvacations.com/images/hbapp/css/DVstyle.css
Requested by
Host: lavila.dreamvacations.com
URL: https://lavila.dreamvacations.com/promotion/norwegian-cruises.do?utm_medium=HB-Email&utm_source=WeeklySend&utm_campaign=20200427&utm_content=Norwegian
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.121.26 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
3448f4b7cc91f20a269dd0e8b2851418af8f5b9fe9aea4eb5cf1dfc513a948a8

Request headers

Referer
https://lavila.dreamvacations.com/promotion/norwegian-cruises.do?utm_medium=HB-Email&utm_source=WeeklySend&utm_campaign=20200427&utm_content=Norwegian
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Cteonnt-Length
3727
Date
Fri, 01 May 2020 18:12:30 GMT
Content-Encoding
gzip
Last-Modified
Thu, 17 Mar 2016 14:43:32 GMT
X-CDN
Incapsula
ETag
"08282605b80d11:1be4"
Content-Type
text/css
X-Iinfo
7-47217183-47224446 SNNy RT(1588356749460 37891) q(0 0 0 -1) r(0 0) U5
Cache-Control
private
Accept-Ranges
bytes
Content-Length
1065
dv_custom.css
lavila.dreamvacations.com/images/home-based/wip/marketing_css/ 		13 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lavila.dreamvacations.com/images/home-based/wip/marketing_css/dv_custom.css
Requested by
Host: lavila.dreamvacations.com
URL: https://lavila.dreamvacations.com/promotion/norwegian-cruises.do?utm_medium=HB-Email&utm_source=WeeklySend&utm_campaign=20200427&utm_content=Norwegian
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.121.26 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
939413255b82cd3b68166e91f5a19928724614160c7035c84c9f8480719158fa

Request headers

Referer
https://lavila.dreamvacations.com/promotion/norwegian-cruises.do?utm_medium=HB-Email&utm_source=WeeklySend&utm_campaign=20200427&utm_content=Norwegian
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Cteonnt-Length
13725
Date
Fri, 01 May 2020 18:12:30 GMT
Content-Encoding
gzip
Last-Modified
Mon, 07 Aug 2017 18:31:27 GMT
X-CDN
Incapsula
ETag
"80e94a61abfd31:1be4"
Content-Type
text/css
X-Iinfo
0-31199404-31204036 SNNN RT(1588356749460 37916) q(0 0 0 -1) r(0 0) U5
Cache-Control
private
Accept-Ranges
bytes
Content-Length
3672
css
fonts.googleapis.com/ 		5 KB
780 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,700
Requested by
Host: lavila.dreamvacations.com
URL: https://lavila.dreamvacations.com/promotion/norwegian-cruises.do?utm_medium=HB-Email&utm_source=WeeklySend&utm_campaign=20200427&utm_content=Norwegian
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6bc92b096fa224014e1caa871ae4e6d6c7bcc9a5c5459b893e6bb052b3cb257c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://lavila.dreamvacations.com/promotion/norwegian-cruises.do?utm_medium=HB-Email&utm_source=WeeklySend&utm_campaign=20200427&utm_content=Norwegian
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 01 May 2020 18:13:07 GMT
server
ESF
date
Fri, 01 May 2020 18:13:07 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 01 May 2020 18:13:07 GMT
css
fonts.googleapis.com/ 		3 KB
597 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Oswald:400,700
Requested by
Host: lavila.dreamvacations.com
URL: https://lavila.dreamvacations.com/promotion/norwegian-cruises.do?utm_medium=HB-Email&utm_source=WeeklySend&utm_campaign=20200427&utm_content=Norwegian
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
260ac99838645e41fed2509dcc8c02ca860adfef45dbdbebb61f402cae51c206
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://lavila.dreamvacations.com/promotion/norwegian-cruises.do?utm_medium=HB-Email&utm_source=WeeklySend&utm_campaign=20200427&utm_content=Norwegian
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 01 May 2020 18:13:07 GMT
server
ESF
date
Fri, 01 May 2020 18:13:07 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 01 May 2020 18:13:07 GMT
font-awesome.min.css
lavila.dreamvacations.com/images/home-based/Bootstrap/css/ 		23 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lavila.dreamvacations.com/images/home-based/Bootstrap/css/font-awesome.min.css
Requested by
Host: lavila.dreamvacations.com
URL: https://lavila.dreamvacations.com/promotion/norwegian-cruises.do?utm_medium=HB-Email&utm_source=WeeklySend&utm_campaign=20200427&utm_content=Norwegian
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.121.26 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd

Request headers

Referer
https://lavila.dreamvacations.com/promotion/norwegian-cruises.do?utm_medium=HB-Email&utm_source=WeeklySend&utm_campaign=20200427&utm_content=Norwegian
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Cteonnt-Length
23739
Date
Fri, 01 May 2020 18:12:30 GMT
Content-Encoding
gzip
Last-Modified
Thu, 26 Mar 2015 13:46:48 GMT
X-CDN
Incapsula
ETag
"094184ecb67d01:1be4"
Content-Type
text/css
X-Iinfo
8-60433736-60442838 SNNy RT(1588356749460 37921) q(0 0 0 -1) r(0 0) U5
Cache-Control
private
Accept-Ranges
bytes
Content-Length
5642
promopage_getheight.js
lavila.dreamvacations.com/lib/javascript/display/ 		815 B
937 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lavila.dreamvacations.com/lib/javascript/display/promopage_getheight.js
Requested by
Host: lavila.dreamvacations.com
URL: https://lavila.dreamvacations.com/promotion/norwegian-cruises.do?utm_medium=HB-Email&utm_source=WeeklySend&utm_campaign=20200427&utm_content=Norwegian
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.121.26 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
fa1b182aaf8b99b60a3987d0cf1578097c115cdd9b9707d83a52747b343cee37

Request headers

Referer
https://lavila.dreamvacations.com/promotion/norwegian-cruises.do?utm_medium=HB-Email&utm_source=WeeklySend&utm_campaign=20200427&utm_content=Norwegian
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 01 May 2020 18:13:07 GMT
Content-Encoding
gzip
Last-Modified
Mon, 18 Nov 2013 21:58:40 GMT
X-CDN
Incapsula
ETag
"9bd4657a9e4ce1:20c99"
Transfer-Encoding
chunked
P3P
CP="NOI DSP CURa ADMa DEVa TAIa CONo HISa OUR BUS IND PHY ONL UNI PUR COM NAV INT DEM STA"
X-Iinfo
8-60433736-60442838 SNYy RT(1588356749460 38204) q(0 0 0 -1) r(0 0) U5
Cache-Control
max-age=3600
Accept-Ranges
bytes
Content-Type
application/x-javascript
hb_promopage.css
lavila.dreamvacations.com/includes/desktop/css/promopage/ 		12 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lavila.dreamvacations.com/includes/desktop/css/promopage/hb_promopage.css
Requested by
Host: lavila.dreamvacations.com
URL: https://lavila.dreamvacations.com/promotion/norwegian-cruises.do?utm_medium=HB-Email&utm_source=WeeklySend&utm_campaign=20200427&utm_content=Norwegian
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.121.26 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
be59cd2174679dd5c5f363d7fd79858d23731d9bb3e574fe829e9de82504bc00

Request headers

Referer
https://lavila.dreamvacations.com/promotion/norwegian-cruises.do?utm_medium=HB-Email&utm_source=WeeklySend&utm_campaign=20200427&utm_content=Norwegian
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 01 May 2020 18:13:08 GMT
Content-Encoding
gzip
Last-Modified
Fri, 28 Feb 2020 13:41:04 GMT
X-CDN
Incapsula
ETag
"d22722b93ceed51:20c9e"
ntCoent-Length
12387
P3P
CP="NOI DSP CURa ADMa DEVa TAIa CONo HISa OUR BUS IND PHY ONL UNI PUR COM NAV INT DEM STA"
X-Iinfo
4-73250829-73259814 SNNN RT(1588356749460 37926) q(0 0 0 -1) r(1 1) U5
Cache-Control
max-age=3600
Accept-Ranges
bytes
Content-Type
text/css
Content-Length
3176
stylesheet_marketing.css
lavila.dreamvacations.com/includes/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lavila.dreamvacations.com/includes/stylesheet_marketing.css
Requested by
Host: lavila.dreamvacations.com
URL: https://lavila.dreamvacations.com/promotion/norwegian-cruises.do?utm_medium=HB-Email&utm_source=WeeklySend&utm_campaign=20200427&utm_content=Norwegian
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.121.26 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://lavila.dreamvacations.com/promotion/norwegian-cruises.do?utm_medium=HB-Email&utm_source=WeeklySend&utm_campaign=20200427&utm_content=Norwegian
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 01 May 2020 18:13:08 GMT
Content-Encoding
gzip
X-CDN
Incapsula
ntCoent-Length
12693
Transfer-Encoding
chunked
P3P
CP="NOI DSP CURa ADMa DEVa TAIa CONo HISa OUR BUS IND PHY ONL UNI PUR COM NAV INT DEM STA"
X-Iinfo
0-31199405-31203721 SNNy RT(1588356749461 38016) q(0 0 0 -1) r(2 2) U5
Cache-control
private
Content-Type
text/html
stylesheet_promo_m1.css
lavila.dreamvacations.com/includes/ 		21 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lavila.dreamvacations.com/includes/stylesheet_promo_m1.css
Requested by
Host: lavila.dreamvacations.com
URL: https://lavila.dreamvacations.com/promotion/norwegian-cruises.do?utm_medium=HB-Email&utm_source=WeeklySend&utm_campaign=20200427&utm_content=Norwegian
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.121.26 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
5f7f048d65434c4aed55c49e2ad6cd40eca0829f13e3632255788f3cd2f6b718

Request headers

Referer
https://lavila.dreamvacations.com/promotion/norwegian-cruises.do?utm_medium=HB-Email&utm_source=WeeklySend&utm_campaign=20200427&utm_content=Norwegian
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 01 May 2020 18:13:07 GMT
Content-Encoding
gzip
Last-Modified
Mon, 20 Aug 2018 13:28:00 GMT
X-CDN
Incapsula
ETag
"83e1b19d8938d41:20dac"
ntCoent-Length
21847
P3P
CP="NOI DSP CURa ADMa DEVa TAIa CONo HISa OUR BUS IND PHY ONL UNI PUR COM NAV INT DEM STA"
X-Iinfo
7-47217183-47224446 SNNy RT(1588356749460 38030) q(0 0 0 -1) r(1 1) U5
Cache-Control
max-age=3600
Accept-Ranges
bytes
Content-Type
text/css
Content-Length
5362
jquery.expander.js
lavila.dreamvacations.com/lib/javascript/expander/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lavila.dreamvacations.com/lib/javascript/expander/jquery.expander.js
Requested by
Host: lavila.dreamvacations.com
URL: https://lavila.dreamvacations.com/promotion/norwegian-cruises.do?utm_medium=HB-Email&utm_source=WeeklySend&utm_campaign=20200427&utm_content=Norwegian
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.121.26 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
2b33e008cc80bcf800e6fc83cff2473bf647a7f86227412cdb437da8a9d96a54

Request headers

Referer
https://lavila.dreamvacations.com/promotion/norwegian-cruises.do?utm_medium=HB-Email&utm_source=WeeklySend&utm_campaign=20200427&utm_content=Norwegian
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 01 May 2020 18:13:07 GMT
Content-Encoding
gzip
Last-Modified
Mon, 18 Nov 2013 21:58:40 GMT
X-CDN
Incapsula
ETag
"4072457a9e4ce1:20c99"
Transfer-Encoding
chunked
P3P
CP="NOI DSP CURa ADMa DEVa TAIa CONo HISa OUR BUS IND PHY ONL UNI PUR COM NAV INT DEM STA"
X-Iinfo
9-79059662-79069421 SNYN RT(1588356749556 38152) q(0 0 0 -1) r(0 0) U5
Cache-Control
max-age=3600
Accept-Ranges
bytes
Content-Type
application/x-javascript
truncation.js
lavila.dreamvacations.com/lib/javascript/expander/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lavila.dreamvacations.com/lib/javascript/expander/truncation.js
Requested by
Host: lavila.dreamvacations.com
URL: https://lavila.dreamvacations.com/promotion/norwegian-cruises.do?utm_medium=HB-Email&utm_source=WeeklySend&utm_campaign=20200427&utm_content=Norwegian
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.121.26 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
996342d54cdf52a74c7c2326847c915697bc98f6ad231a7c02a1b0e2b5e374ce

Request headers

Referer
https://lavila.dreamvacations.com/promotion/norwegian-cruises.do?utm_medium=HB-Email&utm_source=WeeklySend&utm_campaign=20200427&utm_content=Norwegian
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 01 May 2020 18:13:08 GMT
Content-Encoding
gzip
Last-Modified
Tue, 14 Aug 2018 15:13:01 GMT
X-CDN
Incapsula
ETag
"cb8fa74ae133d41:20c9e"
Transfer-Encoding
chunked
P3P
CP="NOI DSP CURa ADMa DEVa TAIa CONo HISa OUR BUS IND PHY ONL UNI PUR COM NAV INT DEM STA"
X-Iinfo
4-73250829-73259814 SNYN RT(1588356749460 38218) q(0 0 0 -1) r(0 0) U5
Cache-Control
max-age=3600
Accept-Ranges
bytes
Content-Type
application/x-javascript
datefunctions.js
lavila.dreamvacations.com/lib/javascript/general/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lavila.dreamvacations.com/lib/javascript/general/datefunctions.js
Requested by
Host: lavila.dreamvacations.com
URL: https://lavila.dreamvacations.com/promotion/norwegian-cruises.do?utm_medium=HB-Email&utm_source=WeeklySend&utm_campaign=20200427&utm_content=Norwegian
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.121.26 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
e9375425ed0cb0333fb962d472641bbe240b9c749051dcdd793c8e43229c7671

Request headers

Referer
https://lavila.dreamvacations.com/promotion/norwegian-cruises.do?utm_medium=HB-Email&utm_source=WeeklySend&utm_campaign=20200427&utm_content=Norwegian
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 01 May 2020 18:13:07 GMT
Content-Encoding
gzip
Last-Modified
Mon, 15 Dec 2014 20:36:44 GMT
X-CDN
Incapsula
ETag
"52bcfad6a618d01:20dac"
Transfer-Encoding
chunked
P3P
CP="NOI DSP CURa ADMa DEVa TAIa CONo HISa OUR BUS IND PHY ONL UNI PUR COM NAV INT DEM STA"
X-Iinfo
0-31199404-31204036 SNYN RT(1588356749460 38224) q(0 0 0 -1) r(0 1) U5
Cache-Control
max-age=3600
Accept-Ranges
bytes
Content-Type
application/x-javascript
timer-promo.js
lavila.dreamvacations.com/lib/javascript/general/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lavila.dreamvacations.com/lib/javascript/general/timer-promo.js
Requested by
Host: lavila.dreamvacations.com
URL: https://lavila.dreamvacations.com/promotion/norwegian-cruises.do?utm_medium=HB-Email&utm_source=WeeklySend&utm_campaign=20200427&utm_content=Norwegian
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.121.26 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
04cdfd7648ba063724219c9960d3ff5e8a8861c4b1c58366549205ea9f29c5a7

Request headers

Referer
https://lavila.dreamvacations.com/promotion/norwegian-cruises.do?utm_medium=HB-Email&utm_source=WeeklySend&utm_campaign=20200427&utm_content=Norwegian
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 01 May 2020 18:13:07 GMT
Content-Encoding
gzip
Last-Modified
Mon, 25 Mar 2019 18:13:02 GMT
X-CDN
Incapsula
ETag
"e129926236e3d41:20ca7"
Transfer-Encoding
chunked
P3P
CP="NOI DSP CURa ADMa DEVa TAIa CONo HISa OUR BUS IND PHY ONL UNI PUR COM NAV INT DEM STA"
X-Iinfo
0-31199405-31203721 SNYy RT(1588356749461 38301) q(0 0 0 -1) r(0 0) U5
Cache-Control
max-age=3600
Accept-Ranges
bytes
Content-Type
application/x-javascript
pageheader.js
lavila.dreamvacations.com/lib/javascript/display/adtiles/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lavila.dreamvacations.com/lib/javascript/display/adtiles/pageheader.js
Requested by
Host: lavila.dreamvacations.com
URL: https://lavila.dreamvacations.com/promotion/norwegian-cruises.do?utm_medium=HB-Email&utm_source=WeeklySend&utm_campaign=20200427&utm_content=Norwegian
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.121.26 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
cb5ba86d749dc4437275f764b6f62ff5b40db4752c3c201ba24b22514eea6fd7

Request headers

Referer
https://lavila.dreamvacations.com/promotion/norwegian-cruises.do?utm_medium=HB-Email&utm_source=WeeklySend&utm_campaign=20200427&utm_content=Norwegian
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 01 May 2020 18:13:07 GMT
Content-Encoding
gzip
Last-Modified
Thu, 09 May 2019 19:14:18 GMT
X-CDN
Incapsula
ETag
"b0b5a7669b6d51:20cb3"
Transfer-Encoding
chunked
P3P
CP="NOI DSP CURa ADMa DEVa TAIa CONo HISa OUR BUS IND PHY ONL UNI PUR COM NAV INT DEM STA"
X-Iinfo
7-47217183-47224446 SNYy RT(1588356749460 38329) q(0 0 0 -1) r(1 1) U5
Cache-Control
max-age=3600
Accept-Ranges
bytes
Content-Type
application/x-javascript
caribbean_140x105_y.jpg
lavila.dreamvacations.com/images_unique/java/destination_imgs/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lavila.dreamvacations.com/images_unique/java/destination_imgs/caribbean_140x105_y.jpg
Requested by
Host: lavila.dreamvacations.com
URL: https://lavila.dreamvacations.com/promotion/norwegian-cruises.do?utm_medium=HB-Email&utm_source=WeeklySend&utm_campaign=20200427&utm_content=Norwegian
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.121.26 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
60d9cef1366462ec03703b8614427c1fa34a53e1a28f9aec0a1bba10d92c8f67

Request headers

Referer
https://lavila.dreamvacations.com/promotion/norwegian-cruises.do?utm_medium=HB-Email&utm_source=WeeklySend&utm_campaign=20200427&utm_content=Norwegian
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 01 May 2020 18:13:07 GMT
Last-Modified
Thu, 14 Oct 2010 09:42:49 GMT
X-CDN
Incapsula
ETag
"3e4de2a846bcb1:20c99"
P3P
CP="NOI DSP CURa ADMa DEVa TAIa CONo HISa OUR BUS IND PHY ONL UNI PUR COM NAV INT DEM STA"
X-Iinfo
8-60433736-60442838 SNNy RT(1588356749460 38344) q(0 0 0 -1) r(0 0) U5
Cache-Control
max-age=3600
Accept-Ranges
bytes
Content-Type
image/jpeg
Content-Length
15191
logo_center.png
lavila.dreamvacations.com/images/web/34/PLG/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lavila.dreamvacations.com/images/web/34/PLG/logo_center.png
Requested by
Host: lavila.dreamvacations.com
URL: https://lavila.dreamvacations.com/promotion/norwegian-cruises.do?utm_medium=HB-Email&utm_source=WeeklySend&utm_campaign=20200427&utm_content=Norwegian
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.121.26 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
d538973ff505b593fb8df308f5e1997330d5e537ae9d207e0d17393891734915

Request headers

Referer
https://lavila.dreamvacations.com/promotion/norwegian-cruises.do?utm_medium=HB-Email&utm_source=WeeklySend&utm_campaign=20200427&utm_content=Norwegian
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 01 May 2020 18:13:08 GMT
Last-Modified
Fri, 14 Nov 2014 19:24:42 GMT
X-CDN
Incapsula
ETag
"b4a4eca3400d01:20dac"
P3P
CP="NOI DSP CURa ADMa DEVa TAIa CONo HISa OUR BUS IND PHY ONL UNI PUR COM NAV INT DEM STA"
X-Iinfo
0-31199404-31204036 SNNN RT(1588356749460 38368) q(0 0 0 -1) r(0 0) U5
Cache-Control
max-age=3600
Accept-Ranges
bytes
Content-Type
image/png
Content-Length
6665
ship.jpg
lavila.dreamvacations.com/images/web/34/690/SHP/ 		113 KB
114 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lavila.dreamvacations.com/images/web/34/690/SHP/ship.jpg
Requested by
Host: lavila.dreamvacations.com
URL: https://lavila.dreamvacations.com/promotion/norwegian-cruises.do?utm_medium=HB-Email&utm_source=WeeklySend&utm_campaign=20200427&utm_content=Norwegian
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.121.26 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
10557b7accdf480fa4a95efb1052610392f500d0e6bc4f8c284b7f716e359d8b

Request headers

Referer
https://lavila.dreamvacations.com/promotion/norwegian-cruises.do?utm_medium=HB-Email&utm_source=WeeklySend&utm_campaign=20200427&utm_content=Norwegian
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 01 May 2020 18:13:07 GMT
Last-Modified
Fri, 09 Jan 2015 16:28:43 GMT
X-CDN
Incapsula
ETag
"d1217155292cd01:20c99"
P3P
CP="NOI DSP CURa ADMa DEVa TAIa CONo HISa OUR BUS IND PHY ONL UNI PUR COM NAV INT DEM STA"
X-Iinfo
9-79059662-79069421 SNNN RT(1588356749556 38325) q(0 0 0 -1) r(1 1) U5
Cache-Control
max-age=3600
Accept-Ranges
bytes
Content-Type
image/jpeg
Content-Length
115993
ship.jpg
lavila.dreamvacations.com/images/web/34/116/SHP/ 		130 KB
131 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lavila.dreamvacations.com/images/web/34/116/SHP/ship.jpg
Requested by
Host: lavila.dreamvacations.com
URL: https://lavila.dreamvacations.com/promotion/norwegian-cruises.do?utm_medium=HB-Email&utm_source=WeeklySend&utm_campaign=20200427&utm_content=Norwegian
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.121.26 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
d2c35153b8a3eb15f0d40d6bd12fa0de6f7f515939f1efd993eb808d250f53c3

Request headers

Referer
https://lavila.dreamvacations.com/promotion/norwegian-cruises.do?utm_medium=HB-Email&utm_source=WeeklySend&utm_campaign=20200427&utm_content=Norwegian
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 01 May 2020 18:13:07 GMT
Last-Modified
Fri, 09 Jan 2015 16:28:56 GMT
X-CDN
Incapsula
ETag
"1fa1485d292cd01:20ca7"
P3P
CP="NOI DSP CURa ADMa DEVa TAIa CONo HISa OUR BUS IND PHY ONL UNI PUR COM NAV INT DEM STA"
X-Iinfo
0-31199405-31203721 SNNy RT(1588356749461 38443) q(0 0 0 -1) r(0 0) U5
Cache-Control
max-age=3600
Accept-Ranges
bytes
Content-Type
image/jpeg
Content-Length
133458
ship.jpg
lavila.dreamvacations.com/images/web/34/783/SHP/ 		133 KB
134 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lavila.dreamvacations.com/images/web/34/783/SHP/ship.jpg
Requested by
Host: lavila.dreamvacations.com
URL: https://lavila.dreamvacations.com/promotion/norwegian-cruises.do?utm_medium=HB-Email&utm_source=WeeklySend&utm_campaign=20200427&utm_content=Norwegian
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.121.26 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
b53820bacb3848253ffc59dcb9a056d5e95b5b908bbc67c84f3a6632771f7bcc

Request headers

Referer
https://lavila.dreamvacations.com/promotion/norwegian-cruises.do?utm_medium=HB-Email&utm_source=WeeklySend&utm_campaign=20200427&utm_content=Norwegian
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 01 May 2020 18:13:08 GMT
Last-Modified
Fri, 09 Jan 2015 16:28:43 GMT
X-CDN
Incapsula
ETag
"64e2d255292cd01:20cb3"
P3P
CP="NOI DSP CURa ADMa DEVa TAIa CONo HISa OUR BUS IND PHY ONL UNI PUR COM NAV INT DEM STA"
X-Iinfo
7-47217183-47224446 SNNy RT(1588356749460 38467) q(0 0 0 -1) r(0 0) U5
Cache-Control
max-age=3600
Accept-Ranges
bytes
Content-Type
image/jpeg
Content-Length
136349
ship.jpg
lavila.dreamvacations.com/images/web/34/893/SHP/ 		138 KB
138 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lavila.dreamvacations.com/images/web/34/893/SHP/ship.jpg
Requested by
Host: lavila.dreamvacations.com
URL: https://lavila.dreamvacations.com/promotion/norwegian-cruises.do?utm_medium=HB-Email&utm_source=WeeklySend&utm_campaign=20200427&utm_content=Norwegian
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.121.26 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
6991960b637e4abe9be0c11e8b1cbd5179d6b0d980adbe725f0cab62a5027797

Request headers

Referer
https://lavila.dreamvacations.com/promotion/norwegian-cruises.do?utm_medium=HB-Email&utm_source=WeeklySend&utm_campaign=20200427&utm_content=Norwegian
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 01 May 2020 18:13:07 GMT
Last-Modified
Thu, 15 Jun 2017 18:21:25 GMT
X-CDN
Incapsula
ETag
"dce9a1324e6d21:20c99"
P3P
CP="NOI DSP CURa ADMa DEVa TAIa CONo HISa OUR BUS IND PHY ONL UNI PUR COM NAV INT DEM STA"
X-Iinfo
8-60433736-60442838 SNNy RT(1588356749460 38488) q(0 0 0 -1) r(0 0) U5
Cache-Control
max-age=3600
Accept-Ranges
bytes
Content-Type
image/jpeg
Content-Length
140928
bermuda_140x105_y.jpg
lavila.dreamvacations.com/images_unique/java/destination_imgs/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lavila.dreamvacations.com/images_unique/java/destination_imgs/bermuda_140x105_y.jpg
Requested by
Host: lavila.dreamvacations.com
URL: https://lavila.dreamvacations.com/promotion/norwegian-cruises.do?utm_medium=HB-Email&utm_source=WeeklySend&utm_campaign=20200427&utm_content=Norwegian
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.121.26 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
13a2623eea5bb17b6ced7c05a7cc490c7b4ba88dfafd5365a3fff71ea0e9337a

Request headers

Referer
https://lavila.dreamvacations.com/promotion/norwegian-cruises.do?utm_medium=HB-Email&utm_source=WeeklySend&utm_campaign=20200427&utm_content=Norwegian
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 01 May 2020 18:13:08 GMT
Last-Modified
Thu, 09 Feb 2012 10:13:08 GMT
X-CDN
Incapsula
ETag
"53cee76b13e7cc1:20dac"
P3P
CP="NOI DSP CURa ADMa DEVa TAIa CONo HISa OUR BUS IND PHY ONL UNI PUR COM NAV INT DEM STA"
X-Iinfo
0-31199404-31204036 SNNN RT(1588356749460 38510) q(0 0 0 -1) r(0 0) U5
Cache-Control
max-age=3600
Accept-Ranges
bytes
Content-Type
image/jpeg
Content-Length
5841
ship.jpg
lavila.dreamvacations.com/images/web/34/1079/SHP/ 		135 KB
135 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lavila.dreamvacations.com/images/web/34/1079/SHP/ship.jpg
Requested by
Host: lavila.dreamvacations.com
URL: https://lavila.dreamvacations.com/promotion/norwegian-cruises.do?utm_medium=HB-Email&utm_source=WeeklySend&utm_campaign=20200427&utm_content=Norwegian
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.121.26 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
0da8ad5895dd69823bc2c7a6b26064d33e265cd55fb60f2e8f36cf9c552622df

Request headers

Referer
https://lavila.dreamvacations.com/promotion/norwegian-cruises.do?utm_medium=HB-Email&utm_source=WeeklySend&utm_campaign=20200427&utm_content=Norwegian
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 01 May 2020 18:13:07 GMT
Last-Modified
Thu, 12 Sep 2019 18:53:53 GMT
X-CDN
Incapsula
ETag
"cd8d3b6c9b69d51:20c99"
P3P
CP="NOI DSP CURa ADMa DEVa TAIa CONo HISa OUR BUS IND PHY ONL UNI PUR COM NAV INT DEM STA"
X-Iinfo
0-31199405-31203721 SNNy RT(1588356749461 38629) q(0 0 0 -1) r(1 1) U5
Cache-Control
max-age=3600
Accept-Ranges
bytes
Content-Type
image/jpeg
Content-Length
138138
ship.jpg
lavila.dreamvacations.com/images/web/34/557/SHP/ 		123 KB
124 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lavila.dreamvacations.com/images/web/34/557/SHP/ship.jpg
Requested by
Host: lavila.dreamvacations.com
URL: https://lavila.dreamvacations.com/promotion/norwegian-cruises.do?utm_medium=HB-Email&utm_source=WeeklySend&utm_campaign=20200427&utm_content=Norwegian
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.121.26 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
cfdeda526385665ebccd7587217c1de9ff566d2de54c0e287e71d5c9580c3d4a

Request headers

Referer
https://lavila.dreamvacations.com/promotion/norwegian-cruises.do?utm_medium=HB-Email&utm_source=WeeklySend&utm_campaign=20200427&utm_content=Norwegian
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 01 May 2020 18:13:07 GMT
Last-Modified
Fri, 09 Jan 2015 16:28:48 GMT
X-CDN
Incapsula
ETag
"cf10aa58292cd01:20c99"
P3P
CP="NOI DSP CURa ADMa DEVa TAIa CONo HISa OUR BUS IND PHY ONL UNI PUR COM NAV INT DEM STA"
X-Iinfo
4-73250829-73259814 SNNN RT(1588356749460 38650) q(0 0 0 -1) r(0 0) U5
Cache-Control
max-age=3600
Accept-Ranges
bytes
Content-Type
image/jpeg
Content-Length
126398
alaska_140x105_y.jpg
lavila.dreamvacations.com/images_unique/java/destination_imgs/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lavila.dreamvacations.com/images_unique/java/destination_imgs/alaska_140x105_y.jpg
Requested by
Host: lavila.dreamvacations.com
URL: https://lavila.dreamvacations.com/promotion/norwegian-cruises.do?utm_medium=HB-Email&utm_source=WeeklySend&utm_campaign=20200427&utm_content=Norwegian
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.121.26 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
ab3c20c0fb8caa76e1187380d116f92d1640221575f19cdba1fb335fa03a6398

Request headers

Referer
https://lavila.dreamvacations.com/promotion/norwegian-cruises.do?utm_medium=HB-Email&utm_source=WeeklySend&utm_campaign=20200427&utm_content=Norwegian
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 01 May 2020 18:13:08 GMT
Last-Modified
Thu, 09 Feb 2012 10:13:08 GMT
X-CDN
Incapsula
ETag
"15baf36b13e7cc1:20dac"
P3P
CP="NOI DSP CURa ADMa DEVa TAIa CONo HISa OUR BUS IND PHY ONL UNI PUR COM NAV INT DEM STA"
X-Iinfo
0-31199404-31204036 SNNN RT(1588356749460 38653) q(0 0 0 -1) r(0 0) U5
Cache-Control
max-age=3600
Accept-Ranges
bytes
Content-Type
image/jpeg
Content-Length
7347
ship.jpg
lavila.dreamvacations.com/images/web/34/444/SHP/ 		125 KB
126 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lavila.dreamvacations.com/images/web/34/444/SHP/ship.jpg
Requested by
Host: lavila.dreamvacations.com
URL: https://lavila.dreamvacations.com/promotion/norwegian-cruises.do?utm_medium=HB-Email&utm_source=WeeklySend&utm_campaign=20200427&utm_content=Norwegian
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.121.26 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
c5eca7bd34d086dcb8f0ee78d48128fdb58acdcb3b26ee10d4000110a3eeba31

Request headers

Referer
https://lavila.dreamvacations.com/promotion/norwegian-cruises.do?utm_medium=HB-Email&utm_source=WeeklySend&utm_campaign=20200427&utm_content=Norwegian
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 01 May 2020 18:13:08 GMT
Last-Modified
Fri, 09 Jan 2015 16:28:47 GMT
X-CDN
Incapsula
ETag
"59b5c58292cd01:20dac"
P3P
CP="NOI DSP CURa ADMa DEVa TAIa CONo HISa OUR BUS IND PHY ONL UNI PUR COM NAV INT DEM STA"
X-Iinfo
9-79059662-79069421 SNNN RT(1588356749556 38595) q(0 0 0 -1) r(0 0) U5
Cache-Control
max-age=3600
Accept-Ranges
bytes
Content-Type
image/jpeg
Content-Length
128495
ship.jpg
lavila.dreamvacations.com/images/web/34/1039/SHP/ 		128 KB
128 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lavila.dreamvacations.com/images/web/34/1039/SHP/ship.jpg
Requested by
Host: lavila.dreamvacations.com
URL: https://lavila.dreamvacations.com/promotion/norwegian-cruises.do?utm_medium=HB-Email&utm_source=WeeklySend&utm_campaign=20200427&utm_content=Norwegian
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.121.26 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
46237c22b99b1d75d6eb26b1d2703091071b95f6a0e049c38106c4d8609fbbed

Request headers

Referer
https://lavila.dreamvacations.com/promotion/norwegian-cruises.do?utm_medium=HB-Email&utm_source=WeeklySend&utm_campaign=20200427&utm_content=Norwegian
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 01 May 2020 18:13:08 GMT
Last-Modified
Fri, 18 Aug 2017 15:17:26 GMT
X-CDN
Incapsula
ETag
"f92e8f193518d31:20dac"
P3P
CP="NOI DSP CURa ADMa DEVa TAIa CONo HISa OUR BUS IND PHY ONL UNI PUR COM NAV INT DEM STA"
X-Iinfo
8-60433736-60442838 SNNy RT(1588356749460 38739) q(0 1 1 -1) r(1 1) U5
Cache-Control
max-age=3600
Accept-Ranges
bytes
Content-Type
image/jpeg
Content-Length
130562
ship.jpg
lavila.dreamvacations.com/images/web/34/897/SHP/ 		126 KB
126 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lavila.dreamvacations.com/images/web/34/897/SHP/ship.jpg
Requested by
Host: lavila.dreamvacations.com
URL: https://lavila.dreamvacations.com/promotion/norwegian-cruises.do?utm_medium=HB-Email&utm_source=WeeklySend&utm_campaign=20200427&utm_content=Norwegian
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.121.26 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
31cef4481cba8d35c6458e997057772cf8455204c8007dabdddf595acfc77111

Request headers

Referer
https://lavila.dreamvacations.com/promotion/norwegian-cruises.do?utm_medium=HB-Email&utm_source=WeeklySend&utm_campaign=20200427&utm_content=Norwegian
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 01 May 2020 18:13:08 GMT
Last-Modified
Thu, 26 Jul 2018 20:00:56 GMT
X-CDN
Incapsula
ETag
"dfea855d1b25d41:20dac"
P3P
CP="NOI DSP CURa ADMa DEVa TAIa CONo HISa OUR BUS IND PHY ONL UNI PUR COM NAV INT DEM STA"
X-Iinfo
0-31199404-31204036 SNNN RT(1588356749460 38796) q(0 0 0 -1) r(0 0) U5
Cache-Control
max-age=3600
Accept-Ranges
bytes
Content-Type
image/jpeg
Content-Length
128900
ship.jpg
lavila.dreamvacations.com/images/web/34/431/SHP/ 		144 KB
145 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lavila.dreamvacations.com/images/web/34/431/SHP/ship.jpg
Requested by
Host: lavila.dreamvacations.com
URL: https://lavila.dreamvacations.com/promotion/norwegian-cruises.do?utm_medium=HB-Email&utm_source=WeeklySend&utm_campaign=20200427&utm_content=Norwegian
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.121.26 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
148fe4c41d59d1e101775fe0667d306d15bd7050e0105e8797abfe3e63af0745

Request headers

Referer
https://lavila.dreamvacations.com/promotion/norwegian-cruises.do?utm_medium=HB-Email&utm_source=WeeklySend&utm_campaign=20200427&utm_content=Norwegian
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 01 May 2020 18:13:08 GMT
Last-Modified
Fri, 09 Jan 2015 16:28:46 GMT
X-CDN
Incapsula
ETag
"381d9357292cd01:20dac"
P3P
CP="NOI DSP CURa ADMa DEVa TAIa CONo HISa OUR BUS IND PHY ONL UNI PUR COM NAV INT DEM STA"
X-Iinfo
0-31199405-31203721 SNNy RT(1588356749461 38809) q(0 0 0 -1) r(0 0) U5
Cache-Control
max-age=3600
Accept-Ranges
bytes
Content-Type
image/jpeg
Content-Length
147711
analytics.js
www.google-analytics.com/ 		44 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-32340454-7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://lavila.dreamvacations.com/promotion/norwegian-cruises.do?utm_medium=HB-Email&utm_source=WeeklySend&utm_campaign=20200427&utm_content=Norwegian
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 06 Feb 2020 00:21:02 GMT
server
Golfe2
age
5673
date
Fri, 01 May 2020 16:38:35 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18174
expires
Fri, 01 May 2020 18:38:35 GMT
awards_header.png
lavila.dreamvacations.com/images/home-based/websites/awards/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lavila.dreamvacations.com/images/home-based/websites/awards/awards_header.png
Requested by
Host: lavila.dreamvacations.com
URL: https://lavila.dreamvacations.com/promotion/norwegian-cruises.do?utm_medium=HB-Email&utm_source=WeeklySend&utm_campaign=20200427&utm_content=Norwegian
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.121.26 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
c29b411ca1edd733947cfb5a67235b5a83619bbd92b245e3ec420500a31b78a6

Request headers

Referer
https://lavila.dreamvacations.com/promotion/norwegian-cruises.do?utm_medium=HB-Email&utm_source=WeeklySend&utm_campaign=20200427&utm_content=Norwegian
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 01 May 2020 18:12:30 GMT
Last-Modified
Mon, 02 Jul 2018 21:02:40 GMT
X-CDN
Incapsula
ETag
"0982034812d41:1be4"
Content-Type
image/png
X-Iinfo
4-73250829-73259814 SNNN RT(1588356749460 38836) q(0 0 0 -1) r(1 1) U5
Accept-Ranges
bytes
Content-Length
7805
award_ccl.png
lavila.dreamvacations.com/images/home-based/websites/awards/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lavila.dreamvacations.com/images/home-based/websites/awards/award_ccl.png
Requested by
Host: lavila.dreamvacations.com
URL: https://lavila.dreamvacations.com/promotion/norwegian-cruises.do?utm_medium=HB-Email&utm_source=WeeklySend&utm_campaign=20200427&utm_content=Norwegian
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.121.26 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
705157d5a0ff7449b27ed75b0d5e180b6370af54d1a61cb3d6276047ae4608db

Request headers

Referer
https://lavila.dreamvacations.com/promotion/norwegian-cruises.do?utm_medium=HB-Email&utm_source=WeeklySend&utm_campaign=20200427&utm_content=Norwegian
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 01 May 2020 18:12:30 GMT
Last-Modified
Thu, 20 Feb 2020 20:28:41 GMT
X-CDN
Incapsula
ETag
"9ff66572ce8d51:1be4"
Content-Type
image/png
X-Iinfo
7-47217183-47224446 SNNy RT(1588356749460 38850) q(0 0 0 -1) r(0 0) U5
Accept-Ranges
bytes
Content-Length
12448
award_cel.png
lavila.dreamvacations.com/images/home-based/websites/awards/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lavila.dreamvacations.com/images/home-based/websites/awards/award_cel.png
Requested by
Host: lavila.dreamvacations.com
URL: https://lavila.dreamvacations.com/promotion/norwegian-cruises.do?utm_medium=HB-Email&utm_source=WeeklySend&utm_campaign=20200427&utm_content=Norwegian
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.121.26 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
89caadba2488e39ebb628a7fc9e1e69cd14ecc69741ef31fe618ab4c73704183

Request headers

Referer
https://lavila.dreamvacations.com/promotion/norwegian-cruises.do?utm_medium=HB-Email&utm_source=WeeklySend&utm_campaign=20200427&utm_content=Norwegian
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 01 May 2020 18:12:31 GMT
Last-Modified
Thu, 20 Feb 2020 21:38:31 GMT
X-CDN
Incapsula
ETag
"a73a801836e8d51:1be4"
Content-Type
image/png
X-Iinfo
9-79059662-79069421 SNNN RT(1588356749556 38833) q(0 0 0 -1) r(1 1) U5
Accept-Ranges
bytes
Content-Length
11730
award_ncl.png
lavila.dreamvacations.com/images/home-based/websites/awards/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lavila.dreamvacations.com/images/home-based/websites/awards/award_ncl.png
Requested by
Host: lavila.dreamvacations.com
URL: https://lavila.dreamvacations.com/promotion/norwegian-cruises.do?utm_medium=HB-Email&utm_source=WeeklySend&utm_campaign=20200427&utm_content=Norwegian
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.121.26 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
4776dd769d983e8d8853203765dd32fd8563b029235054ce28595855e8c17a74

Request headers

Referer
https://lavila.dreamvacations.com/promotion/norwegian-cruises.do?utm_medium=HB-Email&utm_source=WeeklySend&utm_campaign=20200427&utm_content=Norwegian
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 01 May 2020 18:12:31 GMT
Last-Modified
Fri, 21 Feb 2020 20:06:08 GMT
X-CDN
Incapsula
ETag
"499dd35af2e8d51:1be4"
Content-Type
image/png
X-Iinfo
4-73250829-73259814 SNNN RT(1588356749460 38978) q(0 0 0 -1) r(0 0) U5
Accept-Ranges
bytes
Content-Length
11248
award_rci.png
lavila.dreamvacations.com/images/home-based/websites/awards/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lavila.dreamvacations.com/images/home-based/websites/awards/award_rci.png
Requested by
Host: lavila.dreamvacations.com
URL: https://lavila.dreamvacations.com/promotion/norwegian-cruises.do?utm_medium=HB-Email&utm_source=WeeklySend&utm_campaign=20200427&utm_content=Norwegian
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.121.26 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
4d7c32aedd6fffbea685beb629f12c5d7d4512524194dc6fedcedbd6c31031a6

Request headers

Referer
https://lavila.dreamvacations.com/promotion/norwegian-cruises.do?utm_medium=HB-Email&utm_source=WeeklySend&utm_campaign=20200427&utm_content=Norwegian
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 01 May 2020 18:12:31 GMT
Last-Modified
Thu, 20 Feb 2020 18:48:55 GMT
X-CDN
Incapsula
ETag
"916c37671ee8d51:1be4"
Content-Type
image/png
X-Iinfo
0-31199404-31204036 SNNN RT(1588356749460 38982) q(0 0 0 -1) r(0 0) U5
Accept-Ranges
bytes
Content-Length
11900
stylesheet_marketing.css
lavila.dreamvacations.com/includes/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lavila.dreamvacations.com/includes/stylesheet_marketing.css
Requested by
Host: lavila.dreamvacations.com
URL: https://lavila.dreamvacations.com/promotion/norwegian-cruises.do?utm_medium=HB-Email&utm_source=WeeklySend&utm_campaign=20200427&utm_content=Norwegian
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.121.26 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://lavila.dreamvacations.com/promotion/norwegian-cruises.do?utm_medium=HB-Email&utm_source=WeeklySend&utm_campaign=20200427&utm_content=Norwegian
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 01 May 2020 18:13:08 GMT
Content-Encoding
gzip
X-CDN
Incapsula
ntCoent-Length
12693
Transfer-Encoding
chunked
P3P
CP="NOI DSP CURa ADMa DEVa TAIa CONo HISa OUR BUS IND PHY ONL UNI PUR COM NAV INT DEM STA"
X-Iinfo
4-73250829-73259814 SNNN RT(1588356749460 38355) q(0 0 0 -1) r(1 1) U5
Cache-control
private
Content-Type
text/html
dream-vacations-price-satisfaction.png
lavila.dreamvacations.com/images/home-based/websites/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lavila.dreamvacations.com/images/home-based/websites/dream-vacations-price-satisfaction.png
Requested by
Host: lavila.dreamvacations.com
URL: https://lavila.dreamvacations.com/promotion/norwegian-cruises.do?utm_medium=HB-Email&utm_source=WeeklySend&utm_campaign=20200427&utm_content=Norwegian
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.121.26 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
921636f59a65aedf8654130a3478613adf2a02017db7981789be341c634099ec

Request headers

Referer
https://lavila.dreamvacations.com/promotion/norwegian-cruises.do?utm_medium=HB-Email&utm_source=WeeklySend&utm_campaign=20200427&utm_content=Norwegian
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 01 May 2020 18:12:31 GMT
Last-Modified
Mon, 04 Mar 2019 22:05:49 GMT
X-CDN
Incapsula
ETag
"80dcc06cd6d2d41:1be4"
Content-Type
image/png
X-Iinfo
7-47217183-47224446 SNNy RT(1588356749460 38997) q(0 0 0 -1) r(0 0) U5
Accept-Ranges
bytes
Content-Length
2621
join-btn.png
lavila.dreamvacations.com/images/home-based/websites/dream-vacations-btns/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lavila.dreamvacations.com/images/home-based/websites/dream-vacations-btns/join-btn.png
Requested by
Host: lavila.dreamvacations.com
URL: https://lavila.dreamvacations.com/promotion/norwegian-cruises.do?utm_medium=HB-Email&utm_source=WeeklySend&utm_campaign=20200427&utm_content=Norwegian
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.121.26 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
3d8d5d9080e568c717fe7f00120679ce3057d480038a637ee4727812445c05ba

Request headers

Referer
https://lavila.dreamvacations.com/promotion/norwegian-cruises.do?utm_medium=HB-Email&utm_source=WeeklySend&utm_campaign=20200427&utm_content=Norwegian
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 01 May 2020 18:12:31 GMT
Last-Modified
Thu, 03 Mar 2016 16:23:06 GMT
X-CDN
Incapsula
ETag
"01182f76875d11:1be4"
Content-Type
image/png
X-Iinfo
0-31199405-31203721 SNNy RT(1588356749461 38994) q(0 0 0 -1) r(0 0) U5
Accept-Ranges
bytes
Content-Length
1571
font-awesome.min.css
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: lavila.dreamvacations.com
URL: https://lavila.dreamvacations.com/promotion/norwegian-cruises.do?utm_medium=HB-Email&utm_source=WeeklySend&utm_campaign=20200427&utm_content=Norwegian
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://lavila.dreamvacations.com/promotion/norwegian-cruises.do?utm_medium=HB-Email&utm_source=WeeklySend&utm_campaign=20200427&utm_content=Norwegian
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 01 May 2020 18:13:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 12 Dec 2018 18:35:20 GMT
status
200
etag
"1544639720"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
7050
_Incapsula_Resource
lavila.dreamvacations.com/ 		116 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lavila.dreamvacations.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=2&cb=1058475099
Requested by
Host: lavila.dreamvacations.com
URL: https://lavila.dreamvacations.com/promotion/norwegian-cruises.do?utm_medium=HB-Email&utm_source=WeeklySend&utm_campaign=20200427&utm_content=Norwegian
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.121.26 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
38dbda2092f1c46b56bcfaae6ef3b0e0f98e9404a44fc09b2802ac853acc44f5

Request headers

Referer
https://lavila.dreamvacations.com/promotion/norwegian-cruises.do?utm_medium=HB-Email&utm_source=WeeklySend&utm_campaign=20200427&utm_content=Norwegian
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Encoding
gzip
Cache-Control
no-cache, no-store
X-Robots-Tag
noindex
Content-Length
16995
Content-Type
application/javascript
gpt.js
www.googletagservices.com/tag/js/ 		43 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: lavila.dreamvacations.com
URL: https://lavila.dreamvacations.com/promotion/norwegian-cruises.do?utm_medium=HB-Email&utm_source=WeeklySend&utm_campaign=20200427&utm_content=Norwegian
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
115d22a94f892ccb0a72daf29f19c4a8b7719d279514b43d719f6cf4d94df4c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://lavila.dreamvacations.com/promotion/norwegian-cruises.do?utm_medium=HB-Email&utm_source=WeeklySend&utm_campaign=20200427&utm_content=Norwegian
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 01 May 2020 18:13:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"503 / 755 of 1000 / last-modified: 1588292333"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
14504
x-xss-protection
0
expires
Fri, 01 May 2020 18:13:08 GMT
dream-vacations-footer-bkgd.png
lavila.dreamvacations.com/images/home-based/websites/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lavila.dreamvacations.com/images/home-based/websites/dream-vacations-footer-bkgd.png
Requested by
Host: lavila.dreamvacations.com
URL: https://lavila.dreamvacations.com/lib/javascript/desktop/jquery-1.11.1.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.121.26 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
d35a8c06ca1021863c28a17bdf76dccf3f346bb2be8eb598b4aca3358475bcda

Request headers

Referer
https://lavila.dreamvacations.com/includes/desktop/css/desktop_m1.css?version=1.0.1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 01 May 2020 18:12:31 GMT
Last-Modified
Mon, 12 Sep 2016 19:25:58 GMT
X-CDN
Incapsula
ETag
"027e7d2bdd21:1be4"
Content-Type
image/png
X-Iinfo
9-79059662-79069421 SNNN RT(1588356749556 39120) q(0 0 0 -1) r(0 0) U5
Accept-Ranges
bytes
Content-Length
35713
mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v17/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
Requested by
Host: lavila.dreamvacations.com
URL: https://lavila.dreamvacations.com/lib/javascript/desktop/jquery-1.11.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Open+Sans:400,700
Origin
https://lavila.dreamvacations.com

Response headers

date
Sat, 28 Mar 2020 00:54:51 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 19:30:49 GMT
server
sffe
age
2999897
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9132
x-xss-protection
0
expires
Sun, 28 Mar 2021 00:54:51 GMT
ajax-loader.gif
lavila.dreamvacations.com/includes/desktop/css/jqm1.4.5/images/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lavila.dreamvacations.com/includes/desktop/css/jqm1.4.5/images/ajax-loader.gif
Requested by
Host: lavila.dreamvacations.com
URL: https://lavila.dreamvacations.com/lib/javascript/desktop/jquery-1.11.1.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.121.26 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
4283b7de52bd36949abd99c7f8f7a1301ecf3d67f60658fa8c6854eadcb91950

Request headers

Referer
https://lavila.dreamvacations.com/includes/desktop/css/jqm1.4.5/jquery.mobile-1.4.5.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 01 May 2020 18:13:08 GMT
Last-Modified
Thu, 03 Sep 2015 08:39:53 GMT
X-CDN
Incapsula
ETag
"2aa3681a24e6d01:20dac"
P3P
CP="NOI DSP CURa ADMa DEVa TAIa CONo HISa OUR BUS IND PHY ONL UNI PUR COM NAV INT DEM STA"
X-Iinfo
7-47217183-47224446 SNNy RT(1588356749460 38710) q(0 0 0 -1) r(0 0) U5
Cache-Control
max-age=3600
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
6242
mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
Requested by
Host: lavila.dreamvacations.com
URL: https://lavila.dreamvacations.com/lib/javascript/desktop/jquery-1.11.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Open+Sans:400,700
Origin
https://lavila.dreamvacations.com

Response headers

date
Fri, 10 Apr 2020 06:12:35 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 19:31:11 GMT
server
sffe
age
1857633
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9080
x-xss-protection
0
expires
Sat, 10 Apr 2021 06:12:35 GMT
truncated
/ 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/gif
filterdynamic.do
lavila.dreamvacations.com/ajaxjson/ 		8 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://lavila.dreamvacations.com/ajaxjson/filterdynamic.do?places=ALL&c=ALL&v=ALL&p=ALL&days=ALL&Month=ALL
Requested by
Host: lavila.dreamvacations.com
URL: https://lavila.dreamvacations.com/lib/javascript/desktop/jquery-1.11.1.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.121.26 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
3d4c008f7a44e26754dc360f81e6179b151755a2fcfcfa8046e51b289deed247

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://lavila.dreamvacations.com/promotion/norwegian-cruises.do?utm_medium=HB-Email&utm_source=WeeklySend&utm_campaign=20200427&utm_content=Norwegian
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/json; charset=utf-8

Response headers

X-Iinfo
8-60433736-60442838 SNNy RT(1588356749460 38921) q(0 0 0 -1) r(1 1) U5
Date
Fri, 01 May 2020 18:13:09 GMT
Content-Encoding
gzip
X-CDN
Incapsula
Connection
keep-alive
Content-Length
2262
Content-Type
application/json;charset=UTF-8
dream-vacation-header-bkgd.jpg
lavila.dreamvacations.com/images/home-based/websites/ 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lavila.dreamvacations.com/images/home-based/websites/dream-vacation-header-bkgd.jpg
Requested by
Host: lavila.dreamvacations.com
URL: https://lavila.dreamvacations.com/lib/javascript/desktop/jquery-1.11.1.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.121.26 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
ee7c835c66e95fe3465d7bc030aa439fe455d448b3b9ec7a6e29c1b46855cd12

Request headers

Referer
https://lavila.dreamvacations.com/includes/desktop/css/desktop_m1.css?version=1.0.1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 01 May 2020 18:12:31 GMT
Last-Modified
Thu, 11 Feb 2016 21:21:02 GMT
X-CDN
Incapsula
ETag
"073c21b1265d11:1be4"
Content-Type
image/jpeg
X-Iinfo
8-60433736-60442838 SNNy RT(1588356749460 39077) q(0 0 0 -1) r(0 0) U5
Accept-Ranges
bytes
Content-Length
39222
dream-vacations-logo.png
lavila.dreamvacations.com/images/home-based/websites/logos/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lavila.dreamvacations.com/images/home-based/websites/logos/dream-vacations-logo.png
Requested by
Host: lavila.dreamvacations.com
URL: https://lavila.dreamvacations.com/lib/javascript/desktop/jquery-1.11.1.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.121.26 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
25d3fd57375ab4857a0bb2c33114dec6cb4df69ae494f60860d0ed1438b4453d

Request headers

Referer
https://lavila.dreamvacations.com/includes/desktop/css/desktop_m1.css?version=1.0.1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 01 May 2020 18:12:31 GMT
Last-Modified
Fri, 11 May 2018 15:20:10 GMT
X-CDN
Incapsula
ETag
"071e48c3be9d31:1be4"
Content-Type
image/png
X-Iinfo
0-31199405-31203721 SNNy RT(1588356749461 39133) q(0 0 0 -1) r(1 1) U5
Accept-Ranges
bytes
Content-Length
24100
NCL_03_718x240.jpg
lavila.dreamvacations.com/images_unique/promo/pageheaders/cruiselines/NCL/718x240/ 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lavila.dreamvacations.com/images_unique/promo/pageheaders/cruiselines/NCL/718x240/NCL_03_718x240.jpg
Requested by
Host: lavila.dreamvacations.com
URL: https://lavila.dreamvacations.com/lib/javascript/desktop/jquery-1.11.1.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.121.26 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
0a7da8cb37e4f1272197c9e414a7f9f563f4918318f6718267e39cf9c24efd13

Request headers

Referer
https://lavila.dreamvacations.com/promotion/norwegian-cruises.do?utm_medium=HB-Email&utm_source=WeeklySend&utm_campaign=20200427&utm_content=Norwegian
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 01 May 2020 18:13:08 GMT
Last-Modified
Sun, 06 Mar 2016 05:59:41 GMT
X-CDN
Incapsula
ETag
"8e83bd5f6d77d11:20dac"
P3P
CP="NOI DSP CURa ADMa DEVa TAIa CONo HISa OUR BUS IND PHY ONL UNI PUR COM NAV INT DEM STA"
X-Iinfo
0-31199404-31204036 SNNN RT(1588356749460 39124) q(0 0 0 -1) r(1 1) U5
Cache-Control
max-age=3600
Accept-Ranges
bytes
Content-Type
image/jpeg
Content-Length
30717
HdrOverlayGeneric_718x240.png
lavila.dreamvacations.com/images_unique/bookit/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lavila.dreamvacations.com/images_unique/bookit/HdrOverlayGeneric_718x240.png
Requested by
Host: lavila.dreamvacations.com
URL: https://lavila.dreamvacations.com/lib/javascript/desktop/jquery-1.11.1.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.121.26 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
33a38646d2d15294479c4ab62a227975ea9a3824f712165191b38adb4a7d7796

Request headers

Referer
https://lavila.dreamvacations.com/includes/desktop/css/promopage/hb_promopage.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 01 May 2020 18:13:08 GMT
Last-Modified
Fri, 17 Apr 2015 19:10:36 GMT
X-CDN
Incapsula
ETag
"4bea22f4279d01:20dac"
P3P
CP="NOI DSP CURa ADMa DEVa TAIa CONo HISa OUR BUS IND PHY ONL UNI PUR COM NAV INT DEM STA"
X-Iinfo
4-73250829-73259814 SNNN RT(1588356749460 39126) q(0 0 0 -1) r(1 1) U5
Cache-Control
max-age=3600
Accept-Ranges
bytes
Content-Type
image/png
Content-Length
6769
cid_34.png
lavila.dreamvacations.com/images_unique/logos/cruiseline/260px/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lavila.dreamvacations.com/images_unique/logos/cruiseline/260px/cid_34.png
Requested by
Host: lavila.dreamvacations.com
URL: https://lavila.dreamvacations.com/lib/javascript/desktop/jquery-1.11.1.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.121.26 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
b90f512321224f972967e1ae4a6057e5153a39be525a31389696d72ed7edfe4a

Request headers

Referer
https://lavila.dreamvacations.com/promotion/norwegian-cruises.do?utm_medium=HB-Email&utm_source=WeeklySend&utm_campaign=20200427&utm_content=Norwegian
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 01 May 2020 18:13:08 GMT
Last-Modified
Wed, 10 Apr 2013 20:50:29 GMT
X-CDN
Incapsula
ETag
"88e35292d36ce1:20dac"
P3P
CP="NOI DSP CURa ADMa DEVa TAIa CONo HISa OUR BUS IND PHY ONL UNI PUR COM NAV INT DEM STA"
X-Iinfo
9-79059662-79069421 SNNN RT(1588356749556 38972) q(0 0 0 -1) r(0 0) U5
Cache-Control
max-age=3600
Accept-Ranges
bytes
Content-Type
image/png
Content-Length
4814
truncated
/ 		843 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ece76822624804ba8d43812cbc9b7b273aaaa9be82ce1c93347a0c13ed9a81a1

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=US-ASCII
bullet_01.png
lavila.dreamvacations.com/images/home-based/wip/template/images/ 		632 B
930 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lavila.dreamvacations.com/images/home-based/wip/template/images/bullet_01.png
Requested by
Host: lavila.dreamvacations.com
URL: https://lavila.dreamvacations.com/lib/javascript/desktop/jquery-1.11.1.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.121.26 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
acb859419ac69c3431109e0a6156973381e7fed4af97ed66da59e5cf6ed563a7

Request headers

Referer
https://lavila.dreamvacations.com/includes/stylesheet_promo_m1.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 01 May 2020 18:12:31 GMT
Last-Modified
Wed, 13 Mar 2013 22:07:06 GMT
X-CDN
Incapsula
ETag
"0a14b193720ce1:1be4"
Content-Type
image/png
X-Iinfo
8-60433736-60442838 SNNy RT(1588356749460 39221) q(0 0 0 -1) r(0 0) U5
Accept-Ranges
bytes
Content-Length
632
truncated
/ 		491 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1e19e7296f29f5a47455a458205b2532777279680669de367751f9e61ca48fc2

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=US-ASCII
social_icon_email.png
lavila.dreamvacations.com/images/hbapp/img/socialNetworks/main/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lavila.dreamvacations.com/images/hbapp/img/socialNetworks/main/social_icon_email.png
Requested by
Host: lavila.dreamvacations.com
URL: https://lavila.dreamvacations.com/lib/javascript/desktop/jquery-1.11.1.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.121.26 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
62adb5168831e869c8d24891fb3c7c447cd8f0c471c84c9d0420b400a54256b9

Request headers

Referer
https://lavila.dreamvacations.com/includes/desktop/css/desktop_m1.css?version=1.0.1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 01 May 2020 18:12:31 GMT
Last-Modified
Tue, 01 Aug 2017 15:24:24 GMT
X-CDN
Incapsula
ETag
"0846241daad31:1be4"
Content-Type
image/png
X-Iinfo
4-73250829-73259814 SNNN RT(1588356749460 39269) q(0 0 0 -1) r(0 0) U5
Accept-Ranges
bytes
Content-Length
1188
CLIA_Logo.png
lavila.dreamvacations.com/images/hbapp/img/misc/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lavila.dreamvacations.com/images/hbapp/img/misc/CLIA_Logo.png
Requested by
Host: lavila.dreamvacations.com
URL: https://lavila.dreamvacations.com/lib/javascript/desktop/jquery-1.11.1.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.121.26 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
f07b4dc29c9e3f60783998a297774b50264742a3a107b98f9454c1a7d93a95d9

Request headers

Referer
https://lavila.dreamvacations.com/includes/desktop/css/desktop_m1.css?version=1.0.1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 01 May 2020 18:12:31 GMT
Last-Modified
Tue, 27 Mar 2012 14:01:18 GMT
X-CDN
Incapsula
ETag
"08bbd1422ccd1:1be4"
Content-Type
image/png
X-Iinfo
0-31199404-31204036 SNNN RT(1588356749460 39267) q(0 0 0 -1) r(0 0) U5
Accept-Ranges
bytes
Content-Length
5312
truncated
/ 		578 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c0f8f520c8876a74eb54f59706270c0246cd7a2264372c926dc496397222fe06

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=US-ASCII
fontawesome-webfont.woff2
stackpath.bootstrapcdn.com/font-awesome/4.7.0/fonts/ 		75 KB
75 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: lavila.dreamvacations.com
URL: https://lavila.dreamvacations.com/lib/javascript/desktop/jquery-1.11.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin
https://lavila.dreamvacations.com

Response headers

date
Fri, 01 May 2020 18:13:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 12 Dec 2018 18:36:18 GMT
status
200
etag
"1544639778"
vary
Accept-Encoding
x-cache
HIT
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
77171
truncated
/ 		34 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/gif
ec.js
www.google-analytics.com/plugins/ua/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/ec.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://lavila.dreamvacations.com/promotion/norwegian-cruises.do?utm_medium=HB-Email&utm_source=WeeklySend&utm_campaign=20200427&utm_content=Norwegian
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 01 May 2020 17:18:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
age
3288
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=3600
accept-ranges
bytes
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1306
x-xss-protection
0
expires
Fri, 01 May 2020 18:18:21 GMT
integrator.js
adservice.google.de/adsid/ 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=lavila.dreamvacations.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://lavila.dreamvacations.com/promotion/norwegian-cruises.do?utm_medium=HB-Email&utm_source=WeeklySend&utm_campaign=20200427&utm_content=Norwegian
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 01 May 2020 18:13:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=lavila.dreamvacations.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://lavila.dreamvacations.com/promotion/norwegian-cruises.do?utm_medium=HB-Email&utm_source=WeeklySend&utm_campaign=20200427&utm_content=Norwegian
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 01 May 2020 18:13:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
pubads_impl_2020042302.js
securepubads.g.doubleclick.net/gpt/ 		237 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042302.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s07-in-f2.1e100.net
Software
sffe /
Resource Hash
0b3678d81937a06cba82b9b8d1b69a6e60c1133246d9798e681bf3908aa390bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://lavila.dreamvacations.com/promotion/norwegian-cruises.do?utm_medium=HB-Email&utm_source=WeeklySend&utm_campaign=20200427&utm_content=Norwegian
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 01 May 2020 18:13:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 23 Apr 2020 17:07:14 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
87243
x-xss-protection
0
expires
Fri, 01 May 2020 18:13:09 GMT
collect
www.google-analytics.com/ 		35 B
100 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j81&a=505524613&t=pageview&_s=1&dl=https%3A%2F%2Flavila.dreamvacations.com%2Fpromotion%2Fnorwegian-cruises.do%3Futm_medium%3DHB-Email%26utm_source%3DWeeklySend%26utm_campaign%3D20200427%26utm_content%3DNorwegian&dp=%2Fpromotion%2Fnorwegian-cruises.do%3Futm_medium%3DHB-Email%26utm_source%3DWeeklySend%26utm_campaign%3D20200427%26utm_content%3DNorwegian&dh=lavila.dreamvacations.com&ul=en-us&de=UTF-8&dt=Norwegian%20Cruise%20Line%20for%20Dream%20Vacations&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aGDAgEAL~&jid=893977558&gjid=1025705375&cid=22053536.1588356789&tid=UA-32340454-7&_gid=1576703382.1588356789&gtm=2wg4m0NKTDR2&cd35=b301f99b-3a37-4576-bc6e-d2bdc6ed0d7a&cd37=Superior%20Travel%20Agency%20-%20Dream%20Vacations&cd38=3706&z=298069055
Requested by
Host: lavila.dreamvacations.com
URL: https://lavila.dreamvacations.com/promotion/norwegian-cruises.do?utm_medium=HB-Email&utm_source=WeeklySend&utm_campaign=20200427&utm_content=Norwegian
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://lavila.dreamvacations.com/promotion/norwegian-cruises.do?utm_medium=HB-Email&utm_source=WeeklySend&utm_campaign=20200427&utm_content=Norwegian
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Apr 2020 01:00:49 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
1444340
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j81&tid=UA-32340454-7&cid=22053536.1588356789&jid=893977558&gjid=1025705375&_gid=1576703382.1588356789&_u=aGDAgEAL~&z=1160660378
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-32340454-7&cid=22053536.1588356789&jid=893977558&_v=j81&z=1160660378
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-32340454-7&cid=22053536.1588356789&jid=893977558&_v=j81&z=1160660378&slf_rd=1&random=3794145905
42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-32340454-7&cid=22053536.1588356789&jid=893977558&_v=j81&z=1160660378&slf_rd=1&random=3794145905
Requested by
Host: lavila.dreamvacations.com
URL: https://lavila.dreamvacations.com/promotion/norwegian-cruises.do?utm_medium=HB-Email&utm_source=WeeklySend&utm_campaign=20200427&utm_content=Norwegian
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://lavila.dreamvacations.com/promotion/norwegian-cruises.do?utm_medium=HB-Email&utm_source=WeeklySend&utm_campaign=20200427&utm_content=Norwegian
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 May 2020 18:13:09 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 01 May 2020 18:13:09 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
content-type
text/html; charset=UTF-8
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-32340454-7&cid=22053536.1588356789&jid=893977558&_v=j81&z=1160660378&slf_rd=1&random=3794145905
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
_Incapsula_Resource
lavila.dreamvacations.com/ 		1 B
123 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lavila.dreamvacations.com/_Incapsula_Resource?SWKMTFSR=1&e=0.3527173596982567
Requested by
Host: lavila.dreamvacations.com
URL: https://lavila.dreamvacations.com/promotion/norwegian-cruises.do?utm_medium=HB-Email&utm_source=WeeklySend&utm_campaign=20200427&utm_content=Norwegian
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.121.26 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://lavila.dreamvacations.com/promotion/norwegian-cruises.do?utm_medium=HB-Email&utm_source=WeeklySend&utm_campaign=20200427&utm_content=Norwegian
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Cache-Control
no-cache, no-store
X-Robots-Tag
noindex
Content-Length
1
Content-Type
text/plain
ads
securepubads.g.doubleclick.net/gampad/ 		9 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=10051171843885&correlator=2015681273220072&output=ldjh&impl=fifs&adsid=NT&eid=21065514&vrg=2020042302&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200501&iu_parts=1053105%2CCON3ad_promo_minisky1%2CCON3ad_res_sky&enc_prev_ius=%2F0%2F1%2C%2F0%2F2&prev_iu_szs=160x600%2C160x600&cust_params=agent%3Dlavila.dreamvacations.com&cookie_enabled=1&bc=31&abxe=1&lmt=1588356789&dt=1588356789613&dlt=1588356787914&idt=1680&frm=20&biw=1585&bih=1200&oid=3&adxs=1032%2C1032&adys=646%2C1246&adks=486181191%2C1309735601&ucis=1%7C2&ifi=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Flavila.dreamvacations.com%2Fpromotion%2Fnorwegian-cruises.do%3Futm_medium%3DHB-Email%26utm_source%3DWeeklySend%26utm_campaign%3D20200427%26utm_content%3DNorwegian&dssz=62&icsg=554050437119&std=0&vis=1&dmc=8&scr_x=0&scr_y=1&psz=258x1200%7C258x1200&msz=258x600%7C258x600&ga_vid=22053536.1588356789&ga_sid=1588356790&ga_hid=505524613&ga_fc=true&fws=0%2C0&ohw=0%2C0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042302.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s07-in-f2.1e100.net
Software
cafe /
Resource Hash
4f96f51c5bd274e99490b35a2e1246de47c345ad07a4f2eef4fa85f84d48aee8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://lavila.dreamvacations.com/promotion/norwegian-cruises.do?utm_medium=HB-Email&utm_source=WeeklySend&utm_campaign=20200427&utm_content=Norwegian
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 01 May 2020 18:13:09 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3642
x-xss-protection
0
google-lineitem-id
4517976469,5350897429
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138219918136,138309335374
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://lavila.dreamvacations.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042302.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://lavila.dreamvacations.com/promotion/norwegian-cruises.do?utm_medium=HB-Email&utm_source=WeeklySend&utm_campaign=20200427&utm_content=Norwegian
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers
container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame D062 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042302.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-37/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://lavila.dreamvacations.com/promotion/norwegian-cruises.do?utm_medium=HB-Email&utm_source=WeeklySend&utm_campaign=20200427&utm_content=Norwegian
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://lavila.dreamvacations.com/promotion/norwegian-cruises.do?utm_medium=HB-Email&utm_source=WeeklySend&utm_campaign=20200427&utm_content=Norwegian

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
timing-allow-origin
*
content-length
2973
date
Fri, 01 May 2020 17:37:39 GMT
expires
Sat, 01 May 2021 17:37:39 GMT
last-modified
Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
2130
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
osd.js
www.googletagservices.com/activeview/js/current/ 		74 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042302.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dab0c64efaaff5747c24f87054d5f177d68ec6e2948c00f3bbc8f958aba63003
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://lavila.dreamvacations.com/promotion/norwegian-cruises.do?utm_medium=HB-Email&utm_source=WeeklySend&utm_campaign=20200427&utm_content=Norwegian
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 01 May 2020 18:13:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1588160963474247"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
28249
x-xss-protection
0
expires
Fri, 01 May 2020 18:13:09 GMT
container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame 9518 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042302.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-37/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://lavila.dreamvacations.com/promotion/norwegian-cruises.do?utm_medium=HB-Email&utm_source=WeeklySend&utm_campaign=20200427&utm_content=Norwegian
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://lavila.dreamvacations.com/promotion/norwegian-cruises.do?utm_medium=HB-Email&utm_source=WeeklySend&utm_campaign=20200427&utm_content=Norwegian

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
timing-allow-origin
*
content-length
2973
date
Fri, 01 May 2020 17:37:39 GMT
expires
Sat, 01 May 2021 17:37:39 GMT
last-modified
Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
2130
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sodar
pagead2.googlesyndication.com/getconfig/ 		7 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020042302&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042302.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b08e49a71dea41d937974e9de5110b6fdd1a0d615e8b5bac7a87142dc3fae3ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://lavila.dreamvacations.com/promotion/norwegian-cruises.do?utm_medium=HB-Email&utm_source=WeeklySend&utm_campaign=20200427&utm_content=Norwegian
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 01 May 2020 18:13:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
5456
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042302.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://lavila.dreamvacations.com/promotion/norwegian-cruises.do?utm_medium=HB-Email&utm_source=WeeklySend&utm_campaign=20200427&utm_content=Norwegian
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 01 May 2020 18:13:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1582746470043195"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5456
x-xss-protection
0
expires
Fri, 01 May 2020 18:13:10 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/209/ Frame 5BB0 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/209/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://lavila.dreamvacations.com/promotion/norwegian-cruises.do?utm_medium=HB-Email&utm_source=WeeklySend&utm_campaign=20200427&utm_content=Norwegian
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://lavila.dreamvacations.com/promotion/norwegian-cruises.do?utm_medium=HB-Email&utm_source=WeeklySend&utm_campaign=20200427&utm_content=Norwegian

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
content-length
5727
date
Fri, 01 May 2020 17:37:50 GMT
expires
Sat, 01 May 2021 17:37:50 GMT
last-modified
Tue, 25 Feb 2020 17:32:01 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
2120
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
gen_204
pagead2.googlesyndication.com/pagead/ 		0
236 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=209&t=2&li=gpt_2020042302&jk=10051171843885&bg=!REelR19YVBOqLYuZez4CAAAAR1IAAAARmQGBB-dtStWjQcN6YgcLWkPaUrsOpvafP3HXCKc4XUbGajKwb_fv8Xv4tuQN9Old3WKJ_85awROsTUox16RRC6EJzkwOIZBAxY_4HtQTeeAxXy0fTOuqtNwdM42RnuSlN9ARD8VpG93yzQ--plP9cvB_Qu37tbwI4a5LSs2EPjj9LAvAba0EG14ff7WLkJmBlqWRSB4kQ_9lGwfhzSsTG7f07bx2IMmhs0DZPT6WkoGjMyGSRVwXGgGO04Zw9O5q4_oTyf8wGO8V8bZiIEF7gI2k8DHsGukdgmT1SWNT0YBrDLjj87fzqgPoKWDc9asVe1_xFNcK2s-MoObGUURM34XU9jlrBXe717Y9dDrIbJBxHTL0Pv5Vud4SreUdVtXsviLcy8MgnCiASMyTf95cWO3UQv7t350XKRbsCcQunwtEvCIyef0L9Muu4Q70XpjDDYHY-j2aI03JHEPV9i5Thi6nC4Ks2DZ8ko8HxaJjbhBUHSykrngjIVw0Gb8Rlqdi7Su0JA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://lavila.dreamvacations.com/promotion/norwegian-cruises.do?utm_medium=HB-Email&utm_source=WeeklySend&utm_campaign=20200427&utm_content=Norwegian
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 May 2020 18:13:10 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
204
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

235 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| wthGaApp function| myFunction string| wdvid string| zendeskChatDisable string| zendeskPages object| zendeskPagesArray string| priceAsDollar object| dataLayer function| gtag string| gaPathName function| changeGaPageviewUrl string| gaGTAGPageURL string| gaUniversalPropertyId string| gaUniversalSiteEndorsement function| CallTracker function| CallTrackerNonInteraction function| CallTrackerServerError function| CallTrackerClientError function| setGACustomVar boolean| insuranceUIShowAlternate boolean| buckBrochPriceVisible number| minSearchWidget number| insuranceContentTest boolean| minimizedSearchWidget object| google_tag_manager string| GoogleAnalyticsObject function| ga function| $ function| jQuery object| jQuery111105783471882594988 string| pageId string| siteEndorsement boolean| mobileDevice boolean| responsiveHeaderEnabled boolean| responsiveFooterEnabled object| wthApp function| getCookie function| setCookie function| setWthExpireCookie function| getCookieWithCurlyBraces boolean| responsiveMenuOn string| headerMenuFavicon string| headerSubMenuFavicon boolean| mobileUser boolean| scTabContentExpanded number| onloadWindowWidth boolean| isAndroid string| accessibilityModeEnabled boolean| dialogOpen boolean| preventFocus boolean| wthDialogLink boolean| notDismissable undefined| pagebackground string| wthDialog string| alignLink string| centerLink string| lastFocus number| offsetTop boolean| historyDialogEnabled function| showDialog function| hideDialog function| dialogAfterClose function| dialogAfterOpen function| positionLinkDialog function| positionDialog function| focusFirst function| centerProgramPopup function| alignLinkProgramPopup function| toggleDialog function| textAreaCounter function| resetTextAreaCounter function| validateNotEmpty function| validateMessageLength function| validateZipCode function| validateEmailPattern function| trimList function| UrlExists function| setFocusSelectEl function| resetResultsStorage function| createVisTrackerTagAdmin string| emailValue string| zipCodeValue string| membershipValue string| pathname boolean| memberNumberInvalid function| validateEmailForm function| priceFormat function| leadingZero function| daysInMonth function| convertPhoneNbr function| isValidHGVCRewardsPoint function| isValidAAadvantage function| getEBCDICvalue function| accessibilityModeVisible function| setResponsiveHeaderContent function| setResponsiveFooterContent function| setSeoCopyGA function| hideAccessibilityModule function| showAccessibilityModule function| expandCloseFunction function| removeCCinMemberNumInput string| wthDotPopupLinkId function| setFocusOnPopupLink boolean| noBrowserBack object| $this string| theme string| msgText boolean| textVisible boolean| textonly string| hash string| storeCode string| inetHostName string| page string| html string| queryParams number| totalRecords string| pageCategory boolean| promoPage string| resultsCardButtonText string| d string| d2 string| departureStartDate string| departureEndDate string| dMonth object| po_Window object| po_Browser function| Window function| showObject function| hideObject function| GetElementTop function| GetElementLeft function| expand function| GetClipString function| Browser function| WindowX function| WindowY function| GetEvent function| GetElement function| GetMouseX function| GetMouseY function| SetOpacity function| pickup function| drag function| release string| cruiseLineDefault boolean| expandedSearch string| monthHistory string| dayHistory string| flexHistory boolean| resetFilter boolean| selectionLinkExists number| pageFirstLoaded string| gaCategory string| promoDestinationDefault string| promoCruiseLineDefault boolean| multisearchExists boolean| newResultsSet function| setPromoValues string| query boolean| ismonthIndex function| hideCriteriaDisabled function| topUnselect function| minimizeSearch function| resetPagination string| formdata boolean| updateMatchCruises string| preAmount string| postAmount function| showPrivacyPolicy function| showDisclaimer string| externalSrcID string| externalSrcIdLogin string| defaultWebsiteId string| acs string| franchiseCssFlag string| showCssLink object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| clean_html function| count_lines function| getSearchDates function| fixdate function| DateAdd function| LZ function| formatDate function| promo_rendertimer function| promo_countdown function| promo_gettime function| promo_getserverdate function| promo_calcoffset function| promo_fixtext function| promo_stopclock function| ShowHideElementbyID function| displayPageHeader function| displayResponsivePageHeader function| getLogoName undefined| magelementExists string| ps_header_Bullets_norwegian_cruises_bulletcopy_00 string| ps_body_Bullets_norwegian_cruises_bulletcopy_00 string| ps_header_Bullets_norwegian_cruises_static_callouts_bulletcopy_0 string| ps_body_Bullets_norwegian_cruises_static_callouts_bulletcopy_0 object| googletag string| prefix string| hbDomainName undefined| url undefined| buttonShowPages undefined| showThisPage undefined| pageID boolean| isCloseAll object| ggeac object| closure_memoize_cache_ object| googleToken object| googleIMState object| google_js_reporting_queue function| processGoogleToken number| google_srt function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing number| __google_ad_urls_id number| google_unique_id object| ampInaboxIframes object| ampInaboxPendingMessages object| __google_ad_urls boolean| google_osd_loaded boolean| google_onload_fired function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| GoogleGcLKhOms object| google_image_requests

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
cl.exct.net
fonts.googleapis.com
fonts.gstatic.com
lavila.dreamvacations.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
stackpath.bootstrapcdn.com
stats.g.doubleclick.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
2001:4de0:ac19::1:b:3a
216.58.210.2
2a00:1450:4001:800::2002
2a00:1450:4001:801::2001
2a00:1450:4001:808::2002
2a00:1450:4001:809::2008
2a00:1450:4001:809::200e
2a00:1450:4001:814::2003
2a00:1450:4001:815::2004
2a00:1450:4001:81f::2003
2a00:1450:4001:820::200a
2a00:1450:4001:824::2002
2a00:1450:400c:c0c::9b
2a02:26f0:6c00:18b::416d
45.60.121.26
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
04cdfd7648ba063724219c9960d3ff5e8a8861c4b1c58366549205ea9f29c5a7
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
0a7da8cb37e4f1272197c9e414a7f9f563f4918318f6718267e39cf9c24efd13
0b3678d81937a06cba82b9b8d1b69a6e60c1133246d9798e681bf3908aa390bc
0da8ad5895dd69823bc2c7a6b26064d33e265cd55fb60f2e8f36cf9c552622df
10557b7accdf480fa4a95efb1052610392f500d0e6bc4f8c284b7f716e359d8b
115d22a94f892ccb0a72daf29f19c4a8b7719d279514b43d719f6cf4d94df4c3
13a2623eea5bb17b6ced7c05a7cc490c7b4ba88dfafd5365a3fff71ea0e9337a
1464b720e5e17df8c783969babc74482c6fc031f82df8a94fdccb238c2e7f7f2
148fe4c41d59d1e101775fe0667d306d15bd7050e0105e8797abfe3e63af0745
1e19e7296f29f5a47455a458205b2532777279680669de367751f9e61ca48fc2
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8
25d3fd57375ab4857a0bb2c33114dec6cb4df69ae494f60860d0ed1438b4453d
260ac99838645e41fed2509dcc8c02ca860adfef45dbdbebb61f402cae51c206
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b33e008cc80bcf800e6fc83cff2473bf647a7f86227412cdb437da8a9d96a54
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
31cef4481cba8d35c6458e997057772cf8455204c8007dabdddf595acfc77111
33a38646d2d15294479c4ab62a227975ea9a3824f712165191b38adb4a7d7796
3448f4b7cc91f20a269dd0e8b2851418af8f5b9fe9aea4eb5cf1dfc513a948a8
34c907374e938efced62f13f2a6755f9edcd5634ec946a74d936258ef1335c58
35f6562c765014dd570e978482ef4802db6fec7c4f65c2a0f55df964406b11f7
3662b2b19544f57f1caf2823d453cd89e00bc9ab417bb2b0c3fba4fb76473903
38dbda2092f1c46b56bcfaae6ef3b0e0f98e9404a44fc09b2802ac853acc44f5
3d4c008f7a44e26754dc360f81e6179b151755a2fcfcfa8046e51b289deed247
3d8d5d9080e568c717fe7f00120679ce3057d480038a637ee4727812445c05ba
4283b7de52bd36949abd99c7f8f7a1301ecf3d67f60658fa8c6854eadcb91950
46237c22b99b1d75d6eb26b1d2703091071b95f6a0e049c38106c4d8609fbbed
4776dd769d983e8d8853203765dd32fd8563b029235054ce28595855e8c17a74
4824ec1a8ee2fb490903cf82101b8ae3b8d789f481985511196cedb47c0dc303
4d7c32aedd6fffbea685beb629f12c5d7d4512524194dc6fedcedbd6c31031a6
4f5bad0f6a8f0bd0706e90b30e20949412b1460d420f7ac8199f7695afb1797b
4f96f51c5bd274e99490b35a2e1246de47c345ad07a4f2eef4fa85f84d48aee8
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
5f7f048d65434c4aed55c49e2ad6cd40eca0829f13e3632255788f3cd2f6b718
60d9cef1366462ec03703b8614427c1fa34a53e1a28f9aec0a1bba10d92c8f67
62adb5168831e869c8d24891fb3c7c447cd8f0c471c84c9d0420b400a54256b9
6991960b637e4abe9be0c11e8b1cbd5179d6b0d980adbe725f0cab62a5027797
6bc92b096fa224014e1caa871ae4e6d6c7bcc9a5c5459b893e6bb052b3cb257c
705157d5a0ff7449b27ed75b0d5e180b6370af54d1a61cb3d6276047ae4608db
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
86590561ae093328b341a9884ce67da377940214f30e9f5a921545ec6ae9dd59
89caadba2488e39ebb628a7fc9e1e69cd14ecc69741ef31fe618ab4c73704183
91222f96f34735ebc88df208017e54d4329b9202e3e52367fb8b149698a1a5ef
921636f59a65aedf8654130a3478613adf2a02017db7981789be341c634099ec
939413255b82cd3b68166e91f5a19928724614160c7035c84c9f8480719158fa
996342d54cdf52a74c7c2326847c915697bc98f6ad231a7c02a1b0e2b5e374ce
a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
a88e8637763b215e56141415514c77162c4478da1d038c1c11d9250fd58d0830
a9339d3d33e84085ae4c20356c6ce5d3a49530d254d772a9c55096a3c8276fab
ab3c20c0fb8caa76e1187380d116f92d1640221575f19cdba1fb335fa03a6398
acb859419ac69c3431109e0a6156973381e7fed4af97ed66da59e5cf6ed563a7
b08e49a71dea41d937974e9de5110b6fdd1a0d615e8b5bac7a87142dc3fae3ea
b53820bacb3848253ffc59dcb9a056d5e95b5b908bbc67c84f3a6632771f7bcc
b90f512321224f972967e1ae4a6057e5153a39be525a31389696d72ed7edfe4a
be59cd2174679dd5c5f363d7fd79858d23731d9bb3e574fe829e9de82504bc00
c0f8f520c8876a74eb54f59706270c0246cd7a2264372c926dc496397222fe06
c29b411ca1edd733947cfb5a67235b5a83619bbd92b245e3ec420500a31b78a6
c5eca7bd34d086dcb8f0ee78d48128fdb58acdcb3b26ee10d4000110a3eeba31
cb5ba86d749dc4437275f764b6f62ff5b40db4752c3c201ba24b22514eea6fd7
cfdeda526385665ebccd7587217c1de9ff566d2de54c0e287e71d5c9580c3d4a
d2c35153b8a3eb15f0d40d6bd12fa0de6f7f515939f1efd993eb808d250f53c3
d35a8c06ca1021863c28a17bdf76dccf3f346bb2be8eb598b4aca3358475bcda
d538973ff505b593fb8df308f5e1997330d5e537ae9d207e0d17393891734915
dab0c64efaaff5747c24f87054d5f177d68ec6e2948c00f3bbc8f958aba63003
e0efb2698022192156cc78047437988d55dda3b2f39ce4fa3b4cddce3012dcf2
e1ca14dff08f5b476b36e71e35936b2430bd30c1b68f5f531ce100083a48209d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9375425ed0cb0333fb962d472641bbe240b9c749051dcdd793c8e43229c7671
eaec6789f7c6bfcd7ab8ae931d312ba0defc9766ec7c15c0ba2c205e0cad9671
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
ece76822624804ba8d43812cbc9b7b273aaaa9be82ce1c93347a0c13ed9a81a1
ee7c835c66e95fe3465d7bc030aa439fe455d448b3b9ec7a6e29c1b46855cd12
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f07b4dc29c9e3f60783998a297774b50264742a3a107b98f9454c1a7d93a95d9
fa1b182aaf8b99b60a3987d0cf1578097c115cdd9b9707d83a52747b343cee37
fc72333eb9ac1292cc985f93696d57edc7261d5ba05943fa88ac37eda8124f85