urlscan.io logo urlscan.io
SecurityTrails logo

norton.travelweb.com Open in urlscan Pro
151.101.130.186  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://norton.travelweb.com/
Effective URL: https://norton.travelweb.com/hotels/
Submission: On June 10 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 21 IPs in 3 countries across 14 domains to perform 74 HTTP transactions. The main IP is 151.101.130.186, located in San Francisco, United States and belongs to FASTLY, US. The main domain is norton.travelweb.com.
TLS certificate: Issued by GeoTrust TLS RSA CA G1 on June 26th 2023. Valid for: a year.
This is the only time norton.travelweb.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

25    151.101.130.186 (San Francisco, United States)

ASN54113 (FASTLY, US)
norton.travelweb.com
3    151.101.66.186 (San Francisco, United States)

ASN54113 (FASTLY, US)
s1.pclncdn.com
5    2600:9000:235a:f400:12:94b3:c380:93a1 (United States)

ASN16509 (AMAZON-02, US)
images.ctfassets.net
1    2a00:1450:4001:81d::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2600:9000:2644:8c00:f:1b37:e600:93a1 (United States)

ASN16509 (AMAZON-02, US)
7736390f98ba.cdn4.forter.com
1    34.149.125.36 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 36.125.149.34.bc.googleusercontent.com
b.px-cdn.net
2    2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
4    13.225.78.129 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-129.fra2.r.cloudfront.net
cdn3.forter.com
2    2600:9000:275b:ae00:e:d088:5c40:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn9.forter.com
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
2    2a00:1450:400c:c0d::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    142.250.186.67 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f3.1e100.net
www.google.de
11    2606:4700::6813:b134 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.cookielaw.org
5    34.192.191.43 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-192-191-43.compute-1.amazonaws.com
cdn0.forter.com
1    2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ampcid.google.com
1    54.81.184.157 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-81-184-157.compute-1.amazonaws.com
fa65dc502fc64c6d8032afa30b203121-7736390f98ba.cdn.forter.com
1    2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ampcid.google.de
1    2606:4700:4400::6812:2089 (United States)

ASN13335 (CLOUDFLARENET, US)
geolocation.onetrust.com
3    2600:9000:2250:e400:1d:9f28:ff00:21 (United States)

ASN16509 (AMAZON-02, US)
duuytoqss3gu4.cloudfront.net
Apex Domain
Subdomains		 Transfer
25 travelweb.com
norton.travelweb.com
934 KB
13 forter.com
7736390f98ba.cdn4.forter.com — Cisco Umbrella Rank: 38134
cdn3.forter.com — Cisco Umbrella Rank: 4206
cdn9.forter.com — Cisco Umbrella Rank: 5203
cdn0.forter.com — Cisco Umbrella Rank: 4689
fa65dc502fc64c6d8032afa30b203121-7736390f98ba.cdn.forter.com
154 KB
11 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 375
152 KB
5 ctfassets.net
images.ctfassets.net — Cisco Umbrella Rank: 4252
438 KB
3 cloudfront.net
duuytoqss3gu4.cloudfront.net
837 B
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 78
203 KB
3 pclncdn.com
s1.pclncdn.com — Cisco Umbrella Rank: 35391
17 KB
2 google.de
www.google.de — Cisco Umbrella Rank: 8139
ampcid.google.de — Cisco Umbrella Rank: 122944
434 B
2 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 130
405 B
2 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 3163
ampcid.google.com — Cisco Umbrella Rank: 3313
690 B
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 65
21 KB
1 onetrust.com
geolocation.onetrust.com — Cisco Umbrella Rank: 631
304 B
1 px-cdn.net
b.px-cdn.net — Cisco Umbrella Rank: 12366
1 KB
1 gstatic.com
fonts.gstatic.com
33 KB
74 14
Domain Requested by
25 norton.travelweb.com 1 redirects norton.travelweb.com
11 cdn.cookielaw.org norton.travelweb.com
5 cdn0.forter.com norton.travelweb.com
5 images.ctfassets.net norton.travelweb.com
4 cdn3.forter.com norton.travelweb.com
3 duuytoqss3gu4.cloudfront.net
3 www.googletagmanager.com norton.travelweb.com
3 s1.pclncdn.com norton.travelweb.com
2 stats.g.doubleclick.net norton.travelweb.com
2 cdn9.forter.com 1 redirects
2 www.google-analytics.com norton.travelweb.com
1 geolocation.onetrust.com norton.travelweb.com
1 ampcid.google.de norton.travelweb.com
1 fa65dc502fc64c6d8032afa30b203121-7736390f98ba.cdn.forter.com norton.travelweb.com
1 ampcid.google.com norton.travelweb.com
1 www.google.de norton.travelweb.com
1 region1.analytics.google.com norton.travelweb.com
1 b.px-cdn.net norton.travelweb.com
1 7736390f98ba.cdn4.forter.com norton.travelweb.com
1 fonts.gstatic.com norton.travelweb.com
74 20

This site contains links to these domains. Also see Links.

Domain
cookiepedia.co.uk
www.onetrust.com
Subject Issuer Validity Valid
*.travelweb.com
GeoTrust TLS RSA CA G1		 2023-06-26 -
2024-07-26		 a year crt.sh
www.priceline.com
GlobalSign Atlas R3 DV TLS CA 2023 Q4		 2023-11-25 -
2024-12-26		 a year crt.sh
images.ctfassets.net
Amazon RSA 2048 M02		 2023-12-19 -
2025-01-16		 a year crt.sh
*.gstatic.com
WR2		 2024-05-21 -
2024-08-13		 3 months crt.sh
*.google-analytics.com
WR2		 2024-05-21 -
2024-08-13		 3 months crt.sh
*.cdn4.forter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-28 -
2024-12-15		 a year crt.sh
b.px-cdn.net
GTS CA 1D4		 2024-04-16 -
2024-07-15		 3 months crt.sh
cdn3.forter.com
GeoTrust TLS RSA CA G1		 2023-06-22 -
2024-07-03		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-05-21 -
2024-08-13		 3 months crt.sh
*.google.de
WR2		 2024-05-21 -
2024-08-13		 3 months crt.sh
cookielaw.org
Cloudflare Inc ECC CA-3		 2024-03-01 -
2024-12-31		 10 months crt.sh
cdn0.forter.com
GeoTrust TLS RSA CA G1		 2023-06-22 -
2024-07-22		 a year crt.sh
*.google.com
WR2		 2024-05-21 -
2024-08-13		 3 months crt.sh
*.cdn.forter.com
DigiCert Global G3 TLS ECC SHA384 2020 CA1		 2023-11-23 -
2024-07-22		 8 months crt.sh
onetrust.com
Cloudflare Inc ECC CA-3		 2023-11-13 -
2024-11-12		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh

This page contains 3 frames:

Primary Page: https://norton.travelweb.com/hotels/
Frame ID: CE28DC6129812B385D0705B4AABCF9ED
Requests: 71 HTTP requests in this frame

Frame: https://www.googletagmanager.com/ns.html?id=GTM-NNPL4L
Frame ID: 73B0AB316EF67683F2CF924714B1D65C
Requests: 1 HTTP requests in this frame

Frame: https://norton.travelweb.com/9aTjSd0n/captcha/captcha.js?a=&u=92c8b390-2748-11ef-99c4-6f409dc6e5a1&v=92d3c986-2748-11ef-8c5b-324fcdf13dd5&m=0
Frame ID: 3CA35E273F2591642DBC29CD4BC53025
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Hotel Reservations | Norton

Page URL History Show full URLs

  1. https://norton.travelweb.com/ HTTP 301
    https://norton.travelweb.com/hotels/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+data-react
Overall confidence: 100%
Detected patterns
  • forter\.com
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js
Overall confidence: 100%
Detected patterns

Page Statistics

74
Requests

96 %
HTTPS

65 %
IPv6

14
Domains

20
Subdomains

21
IPs

3
Countries

1957 kB
Transfer

4627 kB
Size

18
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://norton.travelweb.com/ HTTP 301
    https://norton.travelweb.com/hotels/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 35
  • https://cdn9.forter.com/vchk2 HTTP 301
  • https://cdn9.forter.com/vchk2/v1/28ee5c9e6819297b3f72e11c18fd00ebf8b39d097fde1766b8b4635fbcc5c015ac7f4acf6b1754e0d1f14ad6a077

74 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
norton.travelweb.com/hotels/
Redirect Chain
  • https://norton.travelweb.com/
  • https://norton.travelweb.com/hotels/
93 KB
28 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://norton.travelweb.com/hotels/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.186 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy / Next.js
Resource Hash
8409ed38b3975d61746c07a5bd7aef8bc73ed45c4787c7047ed77f0ce4e59917
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control
private, no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 10 Jun 2024 16:43:32 GMT
server
istio-envoy
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
via
1.1 google, 1.1 varnish
wsheader
ws=guse4-ikppn-prod cdn=FRA
x-cache
MISS
x-cache-hits
0
x-envoy-upstream-service-time
366
x-pcln-request-id
f093490919c95b08ef8a6891d3b1d56f
x-powered-by
Next.js
x-served-by
cache-fra-etou8220129-FRA
x-timer
S1718037812.713519,VS0,VE508

Redirect headers

accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
0
date
Mon, 10 Jun 2024 16:43:31 GMT
location
https://norton.travelweb.com/hotels/
retry-after
0
server
Varnish
via
1.1 varnish
wsheader
cdn=FRA
x-cache
HIT
x-cache-hits
0
x-pcln-request-id
9d274fa87571b75d7f433f59cf0a08c4
x-served-by
cache-fra-etou8220129-FRA
x-timer
S1718037812.627525,VS0,VE1
webpack-3b0a53dcd7479366.js
norton.travelweb.com/wl/_next/static/chunks/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://norton.travelweb.com/wl/_next/static/chunks/webpack-3b0a53dcd7479366.js
Requested by
Host: norton.travelweb.com
URL: https://norton.travelweb.com/hotels/
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.130.186 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy / Express
Resource Hash
a76947311e7817c8fcff4dd828ae4b4d50190d1f6d0101f16e42b93f073e0d04

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://norton.travelweb.com/hotels/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

wsheader
ws=guse4-ikppn-prod cdn=FRA
date
Mon, 10 Jun 2024 16:43:32 GMT
content-encoding
gzip
via
1.1 google, 1.1 varnish
age
0
x-powered-by
Express
x-cache
MISS
x-envoy-upstream-service-time
14
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
1240
fastly-restarts
1
x-served-by
cache-fra-etou8220152-FRA
last-modified
Mon, 03 Jun 2024 21:46:30 GMT
server
istio-envoy
x-timer
S1718037812.263052,VS0,VE124
etag
W/"9f6-18fe0116ef0"
x-pcln-request-id
53d0d9328e25b2b4c9659f6bdb772f9d
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
0
framework-2fe32adc70c78ec0.js
norton.travelweb.com/wl/_next/static/chunks/ 		138 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://norton.travelweb.com/wl/_next/static/chunks/framework-2fe32adc70c78ec0.js
Requested by
Host: norton.travelweb.com
URL: https://norton.travelweb.com/hotels/
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.130.186 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy / Express
Resource Hash
58f584ee935ec6ceb22493fd5bf2764fcc3dd0298ca12024f5d4ec0d5d963af2

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://norton.travelweb.com/hotels/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

wsheader
ws=guse4-ikppn-prod cdn=FRA
date
Mon, 10 Jun 2024 16:43:32 GMT
content-encoding
gzip
via
1.1 google, 1.1 varnish
age
0
x-powered-by
Express
x-cache
MISS
x-envoy-upstream-service-time
15
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
55971
fastly-restarts
1
x-served-by
cache-fra-etou8220152-FRA
last-modified
Mon, 03 Jun 2024 21:46:30 GMT
server
istio-envoy
x-timer
S1718037812.263900,VS0,VE134
etag
W/"22698-18fe0116ef0"
x-pcln-request-id
b91c6254c52d2e8e47e9973655fbc928
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
0
main-5f4177562fbc0ad2.js
norton.travelweb.com/wl/_next/static/chunks/ 		107 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://norton.travelweb.com/wl/_next/static/chunks/main-5f4177562fbc0ad2.js
Requested by
Host: norton.travelweb.com
URL: https://norton.travelweb.com/hotels/
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.130.186 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy / Express
Resource Hash
29553fd20450e191eef32d0184babf45d172a08fe3bdedb9e2b3342f8b370182

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://norton.travelweb.com/hotels/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

wsheader
ws=guse4-ikppn-prod cdn=FRA
date
Mon, 10 Jun 2024 16:43:32 GMT
content-encoding
gzip
via
1.1 google, 1.1 varnish
age
0
x-powered-by
Express
x-cache
MISS
x-envoy-upstream-service-time
11
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
41318
fastly-restarts
1
x-served-by
cache-fra-etou8220152-FRA
last-modified
Mon, 03 Jun 2024 21:46:30 GMT
server
istio-envoy
x-timer
S1718037812.283593,VS0,VE123
etag
W/"1ab49-18fe0116ef0"
x-pcln-request-id
54f87f4211fac38d372ba23a14e9074e
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
0
_app-164e43c75e22397e.js
norton.travelweb.com/wl/_next/static/chunks/pages/ 		977 B
1016 B 		Script
General
Check archive.org
Download Go to
Full URL
https://norton.travelweb.com/wl/_next/static/chunks/pages/_app-164e43c75e22397e.js
Requested by
Host: norton.travelweb.com
URL: https://norton.travelweb.com/hotels/
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.130.186 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy / Express
Resource Hash
2a3ae59514bc91d49c6213c9cc3b9d543140f4d421a19f8dcf78f3318102e280

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://norton.travelweb.com/hotels/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

wsheader
ws=guse4-ikppn-prod cdn=FRA
date
Mon, 10 Jun 2024 16:43:32 GMT
via
1.1 google, 1.1 varnish
content-encoding
gzip
age
0
x-powered-by
Express
x-cache
MISS
x-envoy-upstream-service-time
15
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
523
fastly-restarts
1
x-served-by
cache-fra-etou8220152-FRA
last-modified
Mon, 03 Jun 2024 21:46:32 GMT
server
istio-envoy
x-timer
S1718037812.284148,VS0,VE123
etag
W/"3d1-18fe01176c0"
x-pcln-request-id
04cdd29c9ea59e80373aff43263d5783
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
0
508-0bbe3b8d360f4a92.js
norton.travelweb.com/wl/_next/static/chunks/ 		552 KB
208 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://norton.travelweb.com/wl/_next/static/chunks/508-0bbe3b8d360f4a92.js
Requested by
Host: norton.travelweb.com
URL: https://norton.travelweb.com/hotels/
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.130.186 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy / Express
Resource Hash
1a57c7539a8533443783c59c96c795590acef0acdf61755dbbfe99049504306c

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://norton.travelweb.com/hotels/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

wsheader
ws=guse4-ikppn-prod cdn=FRA
date
Mon, 10 Jun 2024 16:43:32 GMT
content-encoding
gzip
via
1.1 google, 1.1 varnish
age
0
x-powered-by
Express
x-cache
MISS
x-envoy-upstream-service-time
20
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
212871
fastly-restarts
1
x-served-by
cache-fra-etou8220152-FRA
last-modified
Mon, 03 Jun 2024 21:46:30 GMT
server
istio-envoy
x-timer
S1718037812.285525,VS0,VE235
etag
W/"8a1e6-18fe0116ef0"
x-pcln-request-id
29979c23ed27dbf885bedb341dcecf7c
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
0
462-ce926b0123c440f4.js
norton.travelweb.com/wl/_next/static/chunks/ 		27 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://norton.travelweb.com/wl/_next/static/chunks/462-ce926b0123c440f4.js
Requested by
Host: norton.travelweb.com
URL: https://norton.travelweb.com/hotels/
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.130.186 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy / Express
Resource Hash
515be661001b26070d81464a6acfa2e0bddcf6df17252124bc5b35dbb29ed0b2

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://norton.travelweb.com/hotels/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

wsheader
ws=guse4-ikppn-prod cdn=FRA
date
Mon, 10 Jun 2024 16:43:32 GMT
content-encoding
gzip
via
1.1 google, 1.1 varnish
age
0
x-powered-by
Express
x-cache
MISS
x-envoy-upstream-service-time
4
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
7979
fastly-restarts
1
x-served-by
cache-fra-etou8220152-FRA
last-modified
Mon, 03 Jun 2024 21:46:30 GMT
server
istio-envoy
x-timer
S1718037812.285155,VS0,VE123
etag
W/"6be9-18fe0116ef0"
x-pcln-request-id
549091d086debcf5dddf0a87bfcaf26c
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
0
343-a620a730e6f2f570.js
norton.travelweb.com/wl/_next/static/chunks/ 		45 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://norton.travelweb.com/wl/_next/static/chunks/343-a620a730e6f2f570.js
Requested by
Host: norton.travelweb.com
URL: https://norton.travelweb.com/hotels/
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.130.186 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy / Express
Resource Hash
81cb713c39cc8facd0d93b007d47760d03b8c06bbc08a4b99141197579f85509

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://norton.travelweb.com/hotels/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

wsheader
ws=guse4-ikppn-prod cdn=FRA
date
Mon, 10 Jun 2024 16:43:32 GMT
content-encoding
gzip
via
1.1 google, 1.1 varnish
age
0
x-powered-by
Express
x-cache
MISS
x-envoy-upstream-service-time
13
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
10709
fastly-restarts
1
x-served-by
cache-fra-etou8220152-FRA
last-modified
Mon, 03 Jun 2024 21:46:30 GMT
server
istio-envoy
x-timer
S1718037812.285135,VS0,VE136
etag
W/"b2be-18fe0116ef0"
x-pcln-request-id
387324dfbe22baef532fda8848469ce3
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
0
832-a21f60576ced7b70.js
norton.travelweb.com/wl/_next/static/chunks/ 		154 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://norton.travelweb.com/wl/_next/static/chunks/832-a21f60576ced7b70.js
Requested by
Host: norton.travelweb.com
URL: https://norton.travelweb.com/hotels/
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.130.186 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy / Express
Resource Hash
c067240a063cfcea44c0f9b637b45e26c6e0cc81c7984dbaddd71f54a40f8b3d

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://norton.travelweb.com/hotels/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

wsheader
ws=guse4-ikppn-prod cdn=FRA
date
Mon, 10 Jun 2024 16:43:32 GMT
content-encoding
gzip
via
1.1 google, 1.1 varnish
age
0
x-powered-by
Express
x-cache
MISS
x-envoy-upstream-service-time
12
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
46907
fastly-restarts
1
x-served-by
cache-fra-etou8220152-FRA
last-modified
Mon, 03 Jun 2024 21:46:30 GMT
server
istio-envoy
x-timer
S1718037812.285721,VS0,VE157
etag
W/"26917-18fe0116ef0"
x-pcln-request-id
58a90b7f4ac87a70442fa11dd1b33b19
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
0
549-d71197f998734cf9.js
norton.travelweb.com/wl/_next/static/chunks/ 		157 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://norton.travelweb.com/wl/_next/static/chunks/549-d71197f998734cf9.js
Requested by
Host: norton.travelweb.com
URL: https://norton.travelweb.com/hotels/
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.130.186 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy / Express
Resource Hash
8175396a2659a16ab3d13a17471ab850a449e749d7cc048e53de150f4532dd96

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://norton.travelweb.com/hotels/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

wsheader
ws=guse4-ikppn-prod cdn=FRA
date
Mon, 10 Jun 2024 16:43:32 GMT
content-encoding
gzip
via
1.1 google, 1.1 varnish
age
0
x-powered-by
Express
x-cache
MISS
x-envoy-upstream-service-time
13
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
55957
fastly-restarts
1
x-served-by
cache-fra-etou8220152-FRA
last-modified
Mon, 03 Jun 2024 21:46:30 GMT
server
istio-envoy
x-timer
S1718037812.285499,VS0,VE145
etag
W/"27572-18fe0116ef0"
x-pcln-request-id
379fc7276f591639721d340b22b52cb8
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
0
312-9689bbd596e4e0a9.js
norton.travelweb.com/wl/_next/static/chunks/ 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://norton.travelweb.com/wl/_next/static/chunks/312-9689bbd596e4e0a9.js
Requested by
Host: norton.travelweb.com
URL: https://norton.travelweb.com/hotels/
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.130.186 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy / Express
Resource Hash
865f8568998983944f52a4d9657b91b66f32ae98434a41ebb79291043d0fa1ef

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://norton.travelweb.com/hotels/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

wsheader
ws=guse4-ikppn-prod cdn=FRA
date
Mon, 10 Jun 2024 16:43:32 GMT
content-encoding
gzip
via
1.1 google, 1.1 varnish
age
0
x-powered-by
Express
x-cache
MISS
x-envoy-upstream-service-time
12
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
12978
fastly-restarts
1
x-served-by
cache-fra-etou8220152-FRA
last-modified
Mon, 03 Jun 2024 21:46:30 GMT
server
istio-envoy
x-timer
S1718037812.287179,VS0,VE138
etag
W/"a506-18fe0116ef0"
x-pcln-request-id
c2d67b99545e994c61c3eb3f882026e1
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
0
263-08ba52081263a59c.js
norton.travelweb.com/wl/_next/static/chunks/ 		40 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://norton.travelweb.com/wl/_next/static/chunks/263-08ba52081263a59c.js
Requested by
Host: norton.travelweb.com
URL: https://norton.travelweb.com/hotels/
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.130.186 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy / Express
Resource Hash
8aff4a4ecf4ce8294f2f231d093f8f560ed07edfa8d3d08a35ddcbda93b4193c

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://norton.travelweb.com/hotels/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

wsheader
ws=guse4-ikppn-prod cdn=FRA
date
Mon, 10 Jun 2024 16:43:32 GMT
content-encoding
gzip
via
1.1 google, 1.1 varnish
age
0
x-powered-by
Express
x-cache
MISS
x-envoy-upstream-service-time
15
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
16549
fastly-restarts
1
x-served-by
cache-fra-etou8220152-FRA
last-modified
Mon, 03 Jun 2024 21:46:30 GMT
server
istio-envoy
x-timer
S1718037812.286822,VS0,VE152
etag
W/"a1cb-18fe0116ef0"
x-pcln-request-id
e092d13ab9ecf47f53b0ad75d8db3eb5
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
0
566-c5b431b26717767f.js
norton.travelweb.com/wl/_next/static/chunks/ 		200 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://norton.travelweb.com/wl/_next/static/chunks/566-c5b431b26717767f.js
Requested by
Host: norton.travelweb.com
URL: https://norton.travelweb.com/hotels/
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.130.186 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy / Express
Resource Hash
19a27a596b45ad3f4d6c6be5d35be241cff9426bbf0304d1f133dc22c898b932

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://norton.travelweb.com/hotels/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

wsheader
ws=guse4-ikppn-prod cdn=FRA
date
Mon, 10 Jun 2024 16:43:32 GMT
content-encoding
gzip
via
1.1 google, 1.1 varnish
age
0
x-powered-by
Express
x-cache
MISS
x-envoy-upstream-service-time
15
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
74473
fastly-restarts
1
x-served-by
cache-fra-etou8220152-FRA
last-modified
Mon, 03 Jun 2024 21:46:30 GMT
server
istio-envoy
x-timer
S1718037812.286415,VS0,VE472
etag
W/"31ec4-18fe0116ef0"
x-pcln-request-id
0ca04bacada8d106894e2a9e867c2aef
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
0
hotels-fcaf4cdde329fd73.js
norton.travelweb.com/wl/_next/static/chunks/pages/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://norton.travelweb.com/wl/_next/static/chunks/pages/hotels-fcaf4cdde329fd73.js
Requested by
Host: norton.travelweb.com
URL: https://norton.travelweb.com/hotels/
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.130.186 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy / Express
Resource Hash
cc2aa0ffcd8aef3d6e0eee57b98f13251d0fb1f27a30a7cccc97813fe08d542d

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://norton.travelweb.com/hotels/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

wsheader
ws=guse4-ikppn-prod cdn=FRA
date
Mon, 10 Jun 2024 16:43:32 GMT
content-encoding
gzip
via
1.1 google, 1.1 varnish
age
0
x-powered-by
Express
x-cache
MISS
x-envoy-upstream-service-time
14
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
1419
fastly-restarts
1
x-served-by
cache-fra-etou8220152-FRA
last-modified
Mon, 03 Jun 2024 21:46:32 GMT
server
istio-envoy
x-timer
S1718037812.286890,VS0,VE132
etag
W/"c84-18fe01176c0"
x-pcln-request-id
c9b55affbb976536269496d60f4c9753
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
0
_buildManifest.js
norton.travelweb.com/wl/_next/static/njRLGc7DQG5fZYkMmh4L9/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://norton.travelweb.com/wl/_next/static/njRLGc7DQG5fZYkMmh4L9/_buildManifest.js
Requested by
Host: norton.travelweb.com
URL: https://norton.travelweb.com/hotels/
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.130.186 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy / Express
Resource Hash
c338c556f35ae67164c621ad98a88c3678a09a0c20b264882f97e42f0716243b

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://norton.travelweb.com/hotels/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

wsheader
ws=guse4-ikppn-prod cdn=FRA
date
Mon, 10 Jun 2024 16:43:32 GMT
content-encoding
gzip
via
1.1 google, 1.1 varnish
age
0
x-powered-by
Express
x-cache
MISS
x-envoy-upstream-service-time
5
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
843
fastly-restarts
1
x-served-by
cache-fra-etou8220152-FRA
last-modified
Mon, 03 Jun 2024 21:46:30 GMT
server
istio-envoy
x-timer
S1718037812.287092,VS0,VE134
etag
W/"851-18fe0116ef0"
x-pcln-request-id
9e0c5243195971d5bed830584443e8f0
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
0
_ssgManifest.js
norton.travelweb.com/wl/_next/static/njRLGc7DQG5fZYkMmh4L9/ 		77 B
551 B 		Script
General
Check archive.org
Download Go to
Full URL
https://norton.travelweb.com/wl/_next/static/njRLGc7DQG5fZYkMmh4L9/_ssgManifest.js
Requested by
Host: norton.travelweb.com
URL: https://norton.travelweb.com/hotels/
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.130.186 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy / Express
Resource Hash
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://norton.travelweb.com/hotels/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

wsheader
ws=guse4-ikppn-prod cdn=FRA
date
Mon, 10 Jun 2024 16:43:32 GMT
via
1.1 google, 1.1 varnish
content-encoding
gzip
age
0
x-powered-by
Express
x-cache
MISS
x-envoy-upstream-service-time
6
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
61
fastly-restarts
1
x-served-by
cache-fra-etou8220152-FRA
last-modified
Mon, 03 Jun 2024 21:46:30 GMT
server
istio-envoy
x-timer
S1718037812.286751,VS0,VE126
etag
W/"4d-18fe0116ef0"
x-pcln-request-id
35298880ff3bb1d7d54084a9574dccfd
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
0
header-logo-cobrand.svg
s1.pclncdn.com/design-assets/white-label/norton/ 		30 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.pclncdn.com/design-assets/white-label/norton/header-logo-cobrand.svg
Requested by
Host: norton.travelweb.com
URL: https://norton.travelweb.com/hotels/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.186 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
964655e84caa287ee0093a0d4861ed74f7f72361d43289836ede96093d1b54b7

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://norton.travelweb.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Mon, 10 Jun 2024 17:43:32 GMT
date
Mon, 10 Jun 2024 16:43:32 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1717178526
age
1
x-guploader-uploadid
ABPtcPrP1OUz1DZVcrKUUg-CUbrsONPnl7pOFWOK2cbCVH7NrkLV2y2f6KhNY3U_40SdTE_tSzk
x-cache
MISS
x-goog-storage-class
MULTI_REGIONAL
v
65
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-served-by
cache-fra-etou8220140-FRA
last-modified
Fri, 31 May 2024 18:07:16 GMT
server
UploadServer
etag
W/"ad9252bbb403e5b23f819db2a3f45321"
vary
accept-encoding
x-goog-generation
1717178835942696
content-type
image/svg+xml
x-goog-hash
crc32c=0eQkxw==, md5=rZJSu7QD5bI/gZ2yo/RTIQ==
cache-control
public, max-age=3600
x-goog-stored-content-length
31087
accept-ranges
none
x-cache-hits
0
boomerang.js
norton.travelweb.com/common/metrics/ 		89 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://norton.travelweb.com/common/metrics/boomerang.js
Requested by
Host: norton.travelweb.com
URL: https://norton.travelweb.com/hotels/
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.130.186 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
57f78082f6b987bb2d22c02d0c901a0725e5b59e88ed9b5bfcfc5d1d59a25ab1

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://norton.travelweb.com/hotels/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

wsheader
ws=guse4-ikops-prod cdn=FRA
date
Mon, 10 Jun 2024 16:43:32 GMT
content-encoding
gzip
via
1.1 google, 1.1 varnish
age
0
x-cache
MISS
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
26877
fastly-restarts
1
x-served-by
cache-fra-etou8220152-FRA
last-modified
Wed, 21 Feb 2024 16:39:26 GMT
x-pcln-request-id
19b08346598cd6a2f9050eab673e4948
x-timer
S1718037812.286289,VS0,VE128
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=3600
accept-ranges
bytes
access-control-allow-headers
accept, content-type
x-cache-hits
0
header-logo-cobrand.svg
s1.pclncdn.com/design-assets/white-label/norton/ 		30 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.pclncdn.com/design-assets/white-label/norton/header-logo-cobrand.svg
Requested by
Host: norton.travelweb.com
URL: https://norton.travelweb.com/hotels/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.186 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
964655e84caa287ee0093a0d4861ed74f7f72361d43289836ede96093d1b54b7

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://norton.travelweb.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Mon, 10 Jun 2024 17:43:32 GMT
date
Mon, 10 Jun 2024 16:43:32 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1717178526
age
1
x-guploader-uploadid
ABPtcPrP1OUz1DZVcrKUUg-CUbrsONPnl7pOFWOK2cbCVH7NrkLV2y2f6KhNY3U_40SdTE_tSzk
x-cache
MISS
x-goog-storage-class
MULTI_REGIONAL
v
65
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-served-by
cache-fra-etou8220140-FRA
last-modified
Fri, 31 May 2024 18:07:16 GMT
server
UploadServer
etag
W/"ad9252bbb403e5b23f819db2a3f45321"
vary
accept-encoding
x-goog-generation
1717178835942696
content-type
image/svg+xml
x-goog-hash
crc32c=0eQkxw==, md5=rZJSu7QD5bI/gZ2yo/RTIQ==
cache-control
public, max-age=3600
x-goog-stored-content-length
31087
accept-ranges
none
x-cache-hits
0
global-web-components-install.js
norton.travelweb.com/global-web-components/public/js/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://norton.travelweb.com/global-web-components/public/js/global-web-components-install.js
Requested by
Host: norton.travelweb.com
URL: https://norton.travelweb.com/hotels/
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.130.186 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
94a1fb46041d26805816f473bc4dd0d6d7344c84866a7ac4b100a24971d8c9a8

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://norton.travelweb.com/hotels/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

wsheader
ws=guse4-iksitex-prod cdn=FRA
date
Mon, 10 Jun 2024 16:43:32 GMT
content-encoding
gzip
via
1.1 google, 1.1 varnish
age
0
x-cache
MISS
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
6012
fastly-restarts
1
x-served-by
cache-fra-etou8220152-FRA
last-modified
Wed, 05 Jun 2024 13:57:09 GMT
x-pcln-request-id
d4c95a8b8fa2d0637e7ac1394566c5f7
x-timer
S1718037812.286320,VS0,VE124
etag
W/"343a-18fe8b07308"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=60, s-maxage=120
accept-ranges
bytes
x-cache-hits
0
shutterstock_370728353.jpg
images.ctfassets.net/sdx4pteldsvw/4AioqsWFa8tu14wx3fjZby/68e9e5dbf79d73ac414a1b3635c6d965/ 		203 KB
204 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.ctfassets.net/sdx4pteldsvw/4AioqsWFa8tu14wx3fjZby/68e9e5dbf79d73ac414a1b3635c6d965/shutterstock_370728353.jpg?fit=fill&f=center&fm=avif&w=1920&q=90
Requested by
Host: norton.travelweb.com
URL: https://norton.travelweb.com/hotels/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:235a:f400:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
96ffdbb7c02a9cf0e4747a00d8c926784c46cfdd0b01e6f851226b416752e49b

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://norton.travelweb.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 16:43:32 GMT
via
1.1 d818b372f81cbe23bb149df5877c444a.cloudfront.net (CloudFront)
last-modified
Fri, 24 May 2024 14:17:10 GMT
server
Contentful Images API
x-amz-cf-pop
FRA60-P9
etag
"5447930bbdff98b9989c1fe3c4037c10"
x-cache
Miss from cloudfront
content-type
image/avif
access-control-allow-origin
*
cache-control
max-age=31536000
content-length
208194
x-amz-cf-id
vSo7TIJGlc_VCQCXTcEGCxifdGrnELUD-YJqqNCkPIqWv4Pc923hpw==
JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2
fonts.gstatic.com/s/montserrat/v26/ 		32 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2
Requested by
Host: norton.travelweb.com
URL: https://norton.travelweb.com/hotels/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
34208e63c50cc27f5c13b0c29629cf0561fa788f564a07f82cf877dc28e46b82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://norton.travelweb.com/
Origin
https://norton.travelweb.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 15:40:52 GMT
x-content-type-options
nosniff
age
262960
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33148
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:39:50 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 07 Jun 2025 15:40:52 GMT
chicago.jpg
images.ctfassets.net/sdx4pteldsvw/1pT404KSV2h0glruUWHXt7/218121538f476ed6194bd911da43a001/ 		66 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.ctfassets.net/sdx4pteldsvw/1pT404KSV2h0glruUWHXt7/218121538f476ed6194bd911da43a001/chicago.jpg?fit=fill&f=center&fm=webp&w=600&q=95
Requested by
Host: norton.travelweb.com
URL: https://norton.travelweb.com/hotels/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:235a:f400:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
5fe30e8af08331aeca580b70bfb6cdf9ff90752e6a845f0cd0433215858c8874

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://norton.travelweb.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 16:43:32 GMT
via
1.1 d818b372f81cbe23bb149df5877c444a.cloudfront.net (CloudFront)
last-modified
Sat, 01 Jun 2024 13:36:47 GMT
server
Contentful Images API
x-amz-cf-pop
FRA60-P9
age
67518
etag
"be03033281e79f77350b4f9cca1165cd"
x-cache
Hit from cloudfront
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000
content-length
67768
x-amz-cf-id
syMTXQkpJVxANht3fOnTJSPBXD3HmPn69a0ALif0iNWMXUk3BvBmjQ==
Off_the_strip.jpg
images.ctfassets.net/sdx4pteldsvw/3bBIw2nFavtZQUTP0GTo9P/508fc2e2bc29be4552ae55f920203417/ 		46 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.ctfassets.net/sdx4pteldsvw/3bBIw2nFavtZQUTP0GTo9P/508fc2e2bc29be4552ae55f920203417/Off_the_strip.jpg?fit=fill&f=center&fm=webp&w=600&q=95
Requested by
Host: norton.travelweb.com
URL: https://norton.travelweb.com/hotels/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:235a:f400:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
55ebcf71fb583176ce09e5b1535821bd06ee99afbfaa7f779980f65f8c70aa27

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://norton.travelweb.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 16:43:32 GMT
via
1.1 d818b372f81cbe23bb149df5877c444a.cloudfront.net (CloudFront)
last-modified
Wed, 29 May 2024 14:02:32 GMT
server
Contentful Images API
x-amz-cf-pop
FRA60-P9
etag
"ea0ded038064626225238a9c13a3fdd9"
x-cache
Miss from cloudfront
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000
content-length
47332
x-amz-cf-id
HFbzw9Bnt9xuXNCStPLpUW1sDUNzX1LFWRRDIAiUQQ115tINpn_wWA==
LP_LondonEye_MediaCard.jpg
images.ctfassets.net/sdx4pteldsvw/3aUd1PEsvfb7y3cu20ecBD/6d7e3283533e062da81470bbc70c6115/ 		55 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.ctfassets.net/sdx4pteldsvw/3aUd1PEsvfb7y3cu20ecBD/6d7e3283533e062da81470bbc70c6115/LP_LondonEye_MediaCard.jpg?fit=fill&f=center&fm=webp&w=600&q=95
Requested by
Host: norton.travelweb.com
URL: https://norton.travelweb.com/hotels/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:235a:f400:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
5bb00f1f3669bf192e1c6d27a1c257725fe2fc970100db7bba0529dd546e97bb

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://norton.travelweb.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 16:43:32 GMT
via
1.1 d818b372f81cbe23bb149df5877c444a.cloudfront.net (CloudFront)
last-modified
Thu, 30 May 2024 16:22:08 GMT
server
Contentful Images API
x-amz-cf-pop
FRA60-P9
etag
"29fb91d89646ba6e2c7bb064200dbce0"
x-cache
Miss from cloudfront
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000
content-length
56046
x-amz-cf-id
-9R6AqybGyzXxjm1tTbs1P2d5FMv-v8uidBJs-jK_eqFE2RheDP7Mg==
281684680.jpeg
images.ctfassets.net/sdx4pteldsvw/27YdN6dbL3ARIUyVpe26wg/547d3cb641df288ae57f924e2d223018/ 		66 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.ctfassets.net/sdx4pteldsvw/27YdN6dbL3ARIUyVpe26wg/547d3cb641df288ae57f924e2d223018/281684680.jpeg?fit=fill&f=center&fm=webp&w=600&q=95
Requested by
Host: norton.travelweb.com
URL: https://norton.travelweb.com/hotels/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:235a:f400:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
22e7cde1b578cf047fa713b78f9d620fc53363732f81b6e44490429f8cd1f17a

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://norton.travelweb.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 16:43:32 GMT
via
1.1 d818b372f81cbe23bb149df5877c444a.cloudfront.net (CloudFront)
last-modified
Thu, 23 May 2024 21:01:42 GMT
server
Contentful Images API
x-amz-cf-pop
FRA60-P9
etag
"8e8987f02765fdd754bf05c2a6a04e29"
x-cache
Miss from cloudfront
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000
content-length
67290
x-amz-cf-id
PAaUhgfWEiRW3fz6Fy8kBhGTDk6tYpOS4W-ufOdD4gN_cfmWfc2UaQ==
gtm.js
www.googletagmanager.com/ 		390 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NNPL4L
Requested by
Host: norton.travelweb.com
URL: https://norton.travelweb.com/hotels/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e0d4d46f29370854b8e2ab182466cbbbe47704ee6b0663768b3cf09844a0a38c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://norton.travelweb.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 16:43:32 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
105950
x-xss-protection
0
last-modified
Mon, 10 Jun 2024 16:04:13 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 10 Jun 2024 16:43:32 GMT
ns.html
www.googletagmanager.com/ Frame 73B0 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/ns.html?id=GTM-NNPL4L
Requested by
Host: norton.travelweb.com
URL: https://norton.travelweb.com/global-web-components/public/js/global-web-components-install.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://norton.travelweb.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
content-encoding
br
content-length
92
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 10 Jun 2024 16:43:32 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
vary
*
x-xss-protection
0
init.js
norton.travelweb.com/9aTjSd0n/ 		223 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://norton.travelweb.com/9aTjSd0n/init.js
Requested by
Host: norton.travelweb.com
URL: https://norton.travelweb.com/hotels/
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.130.186 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2e54a167444c96037f727d8e7a4367e097ef3cc52fc29890ba3e3e0f51446f33

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://norton.travelweb.com/hotels/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

wsheader
(null) cdn=FRA
date
Mon, 10 Jun 2024 16:43:32 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 google, 1.1 varnish
age
425
x-cache
MISS
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
93277
x-served-by
cache-fra-etou8220152-FRA
x-pcln-request-id
89003611fcb980cd5d996e064e474d67
x-timer
S1718037813.507823,VS0,VE10
etag
"37a2d-zmquWSHHnLE9HiV7/bEZNOowX/U"
x-px-hash
ZjkyNjgzNmM2ZmY2YTcyNTUzM2U3ZGEwZDY2NWU2MGU2MDc2MzgyNmUyZDNjNDRkODZhZTk0NmI0NDM1MTkzOQ==
vary
Accept-Encoding
active-cdn
fastly
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
active-cdn,x-served-by
cache-control
max-age=600
accept-ranges
bytes
x-cache-hits
0
script.js
7736390f98ba.cdn4.forter.com/sn/7736390f98ba/sha256-PcAAkf8lBlR6jflKk34W1g0yGjnIIxF%2F2yEzm36%2BPuk%3D/ 		316 KB
150 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://7736390f98ba.cdn4.forter.com/sn/7736390f98ba/sha256-PcAAkf8lBlR6jflKk34W1g0yGjnIIxF%2F2yEzm36%2BPuk%3D/script.js
Requested by
Host: norton.travelweb.com
URL: https://norton.travelweb.com/hotels/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:8c00:f:1b37:e600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
3dc00091ff2506547a8df94a937e16d60d321a39c823117fdb21339b7ebe3ee9
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://norton.travelweb.com/
Origin
https://norton.travelweb.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 16:43:32 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
last-modified
Mon, 10 Jun 2024 16:32:12 GMT
via
1.1 997d50190609a53c76124b45ad43b3ec.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P6
etag
W/"e24f90eebd8a59c3ce90c39939370e3e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, immutable, max-age=31536000
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
3Xt-eOTo-wcpJ7yGiAgRJ975A5M2xerFN62bfhK23t3c_9rx6Q1kdA==
collector
norton.travelweb.com/9aTjSd0n/xhr/api/v2/ 		792 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://norton.travelweb.com/9aTjSd0n/xhr/api/v2/collector
Requested by
Host: norton.travelweb.com
URL: https://norton.travelweb.com/9aTjSd0n/init.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.130.186 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
5b47cbe1f97f3da53b6edd995bffd97364cdafd1c72e407df80c9d135a979303

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://norton.travelweb.com/hotels/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

wsheader
(null) cdn=FRA
date
Mon, 10 Jun 2024 16:43:32 GMT
via
1.1 google, 1.1 varnish
x-cache
MISS
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
792
x-served-by
cache-fra-etou8220152-FRA
x-pcln-request-id
01279d51eead712311f21f09debf8f3c
x-timer
S1718037813.618726,VS0,VE41
vary
Accept-Encoding
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://norton.travelweb.com
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
0
p
b.px-cdn.net/api/v1/PX9aTjSd0n/d/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://b.px-cdn.net/api/v1/PX9aTjSd0n/d/p
Requested by
Host: norton.travelweb.com
URL: https://norton.travelweb.com/9aTjSd0n/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.125.36 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
36.125.149.34.bc.googleusercontent.com
Software
/
Resource Hash
384f041f47845c51ff3b31c9d0d4996cf1a4fd01e1190f96ab24a88bc9253066

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://norton.travelweb.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
multipart/form-data; boundary=----------------c7mgaow94d10uzn8

Response headers

date
Mon, 10 Jun 2024 16:43:32 GMT
via
1.1 google
access-control-allow-methods
HEAD,GET,POST,OPTIONS
content-type
application/json
access-control-allow-origin
https://norton.travelweb.com
access-control-allow-credentials
true
access-control-allow-headers
authorization
content-length
1029
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
d552899d-d500-448f-bc81-730ff9827861
https://norton.travelweb.com/ 		5 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://norton.travelweb.com/d552899d-d500-448f-bc81-730ff9827861
Requested by
Host: norton.travelweb.com
URL: https://norton.travelweb.com/hotels/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9b26033591e715dda34b307b703b3097561443816b3681c20b76d5e5844c0433

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Length
5305
Content-Type
application/javascript
js
www.googletagmanager.com/gtag/ 		296 KB
99 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-DC72C50JN6&l=dataLayer&cx=c
Requested by
Host: norton.travelweb.com
URL: https://norton.travelweb.com/9aTjSd0n/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5c7c53ddf6b0b6e77cda5c2d13b5575296502f9799d383269848f1cc6cdcbbcb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://norton.travelweb.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 16:43:32 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
101713
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 10 Jun 2024 16:43:32 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: norton.travelweb.com
URL: https://norton.travelweb.com/9aTjSd0n/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://norton.travelweb.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 10 Jun 2024 16:29:08 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
864
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Mon, 10 Jun 2024 18:29:08 GMT
events
cdn3.forter.com/ 		0
417 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://cdn3.forter.com/events
Requested by
Host: norton.travelweb.com
URL: https://norton.travelweb.com/9aTjSd0n/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-129.fra2.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://norton.travelweb.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain; charset=utf-8

Response headers

pragma
no-cache
date
Mon, 10 Jun 2024 16:43:33 GMT
strict-transport-security
max-age=86400; includeSubDomains
via
1.1 03d509e8374e9f42668961b5e0201348.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
vary
Origin
x-cache
Miss from cloudfront
access-control-allow-origin
https://norton.travelweb.com
cache-control
private, no-cache, no-store
access-control-allow-credentials
true
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
0
x-amz-cf-id
SKM_1ETQv_RgzD6eiv4iuc80Z6tw1vgT_rmRv2IsGvHkISJnw4PqwQ==
expires
-1
28ee5c9e6819297b3f72e11c18fd00ebf8b39d097fde1766b8b4635fbcc5c015ac7f4acf6b1754e0d1f14ad6a077
cdn9.forter.com/vchk2/v1/
Redirect Chain
  • https://cdn9.forter.com/vchk2
  • https://cdn9.forter.com/vchk2/v1/28ee5c9e6819297b3f72e11c18fd00ebf8b39d097fde1766b8b4635fbcc5c015ac7f4acf6b1754e0d1f14ad6a077
0
317 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn9.forter.com/vchk2/v1/28ee5c9e6819297b3f72e11c18fd00ebf8b39d097fde1766b8b4635fbcc5c015ac7f4acf6b1754e0d1f14ad6a077
Protocol
H2
Server
2600:9000:275b:ae00:e:d088:5c40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://norton.travelweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

date
Mon, 10 Jun 2024 16:43:33 GMT
via
1.1 6dcc6937cfa978a65f9d5d75296b24a6.cloudfront.net (CloudFront)
strict-transport-security
max-age=86400; includeSubDomains
x-amz-cf-pop
FRA60-P7
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
private, s-maxage=0, proxy-revalidate
timing-allow-origin
*
content-length
0
x-amz-cf-id
HsgCfM-yYvbQYYWqvlnt-raoI9XqDJqdcSXazCE-jX1pdlbqSyigdA==

Redirect headers

date
Mon, 10 Jun 2024 16:43:33 GMT
strict-transport-security
max-age=86400; includeSubDomains
via
1.1 6dcc6937cfa978a65f9d5d75296b24a6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P7
x-cache
Miss from cloudfront
location
https://cdn9.forter.com/vchk2/v1/28ee5c9e6819297b3f72e11c18fd00ebf8b39d097fde1766b8b4635fbcc5c015ac7f4acf6b1754e0d1f14ad6a077
access-control-allow-origin
*
cache-control
private, s-maxage=0, proxy-revalidate
timing-allow-origin
*
content-length
0
x-amz-cf-id
RNej_JYARjLpxN0H0k4fW4wTjh7ofHUcmIk3vgP66jDbqMY152J81w==
3793b10f-8c8c-4056-b30f-31caa3798884
https://norton.travelweb.com/ 		17 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://norton.travelweb.com/3793b10f-8c8c-4056-b30f-31caa3798884
Requested by
Host: norton.travelweb.com
URL: https://norton.travelweb.com/hotels/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
21bdc4912d950aa022892e63d1b87ceb504cd5587fdf227c800d966759b00fcf

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Length
17383
Content-Type
application/javascript
collect
region1.analytics.google.com/g/ 		0
248 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-DC72C50JN6&gtm=45je4650v886674963z871807268za200zb71807268&_p=1718037812487&_gaz=1&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=1805291142.1718037813&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&dt=hotel%20landingpage&uid=26ff524bb4bc7b928969ffda5d61b106&sid=1718037813&sct=1&seg=0&dl=https%3A%2F%2Fnorton.travelweb.com%2Fhotels%2F&en=page_view&_fv=1&_nsi=1&_ss=2&ep.content_group=homepagehotels%2F&up.customer_id=26ff524bb4bc7b928969ffda5d61b106&tfd=1530
Requested by
Host: norton.travelweb.com
URL: https://norton.travelweb.com/9aTjSd0n/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://norton.travelweb.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Mon, 10 Jun 2024 16:43:33 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://norton.travelweb.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
257 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-DC72C50JN6&cid=1805291142.1718037813&gtm=45je4650v886674963z871807268za200zb71807268&aip=1&uid=26ff524bb4bc7b928969ffda5d61b106&dma=1&dma_cps=sypham&gcd=13l3lPl2l1&npa=1&frm=0
Requested by
Host: norton.travelweb.com
URL: https://norton.travelweb.com/9aTjSd0n/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0d::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://norton.travelweb.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Mon, 10 Jun 2024 16:43:33 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://norton.travelweb.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-DC72C50JN6&cid=1805291142.1718037813&gtm=45je4650v886674963z871807268za200zb71807268&aip=1&uid=26ff524bb4bc7b928969ffda5d61b106&dma=1&dma_cps=sypham&gcd=13l3lPl2l1&npa=1&frm=0&z=1865638590
Requested by
Host: norton.travelweb.com
URL: https://norton.travelweb.com/hotels/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://norton.travelweb.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Mon, 10 Jun 2024 16:43:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
otSDKStub.js
cdn.cookielaw.org/scripttemplates/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: norton.travelweb.com
URL: https://norton.travelweb.com/9aTjSd0n/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fdfea52427fb822bebdd32b325768e73b40637bd203c100827d4dece88e431c3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://norton.travelweb.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 10 Jun 2024 16:43:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
YmFgVUTeB0lXZXM9YgX19A==
age
72210
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
6882
x-ms-lease-status
unlocked
last-modified
Thu, 06 Jun 2024 19:38:40 GMT
server
cloudflare
etag
0x8DC8660444682DE
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
64b6b1d0-e01e-006c-1bf5-b8eaba000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
891ad22c7afd3a44-FRA
prop.json
cdn0.forter.com/7736390f98ba/fa65dc502fc64c6d8032afa30b203121/ 		20 B
364 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn0.forter.com/7736390f98ba/fa65dc502fc64c6d8032afa30b203121/prop.json?_=1718037812943
Requested by
Host: norton.travelweb.com
URL: https://norton.travelweb.com/9aTjSd0n/init.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
34.192.191.43 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-192-191-43.compute-1.amazonaws.com
Software
/
Resource Hash
912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://norton.travelweb.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Pragma
no-cache
Date
Mon, 10 Jun 2024 16:43:33 GMT
Vary
Origin
Transfer-Encoding
chunked
Content-Type
application/json
Access-Control-Allow-Origin
https://norton.travelweb.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
Expires
-1
publisher:getClientId
ampcid.google.com/v1/ 		74 B
442 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: norton.travelweb.com
URL: https://norton.travelweb.com/9aTjSd0n/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://norton.travelweb.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 10 Jun 2024 16:43:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://norton.travelweb.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
94
x-xss-protection
0
018e33f4-928d-76e2-bca4-2613efb18249.json
cdn.cookielaw.org/consent/018e33f4-928d-76e2-bca4-2613efb18249/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/018e33f4-928d-76e2-bca4-2613efb18249/018e33f4-928d-76e2-bca4-2613efb18249.json
Requested by
Host: norton.travelweb.com
URL: https://norton.travelweb.com/9aTjSd0n/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d3fce6a23e27b6ab04ebd0c8db42efe94433348903c68a933fc88769b69747c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://norton.travelweb.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 10 Jun 2024 16:43:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-md5
V4dzwb/0hkriliXcSnHHdw==
content-length
1739
x-ms-lease-status
unlocked
last-modified
Tue, 12 Mar 2024 18:47:07 GMT
server
cloudflare
etag
0x8DC42C4D12F17D3
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
16226177-a01e-0006-201e-b9b611000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
891ad22d5cfb193b-FRA
expires
Tue, 11 Jun 2024 16:43:33 GMT
prop.json
fa65dc502fc64c6d8032afa30b203121-7736390f98ba.cdn.forter.com/ 		2 B
628 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fa65dc502fc64c6d8032afa30b203121-7736390f98ba.cdn.forter.com/prop.json
Requested by
Host: norton.travelweb.com
URL: https://norton.travelweb.com/9aTjSd0n/init.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
54.81.184.157 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-81-184-157.compute-1.amazonaws.com
Software
Apache /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://norton.travelweb.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Mon, 10 Jun 2024 16:43:33 GMT
Connection
close
Content-Length
2
Pragma
no-cache
Last-Modified
Mon, 10 Jun 2024 11:07:27 GMT
Server
Apache
ETag
"2-61a87279efccc"
Access-Control-Allow-Methods
PUT, GET, POST, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://norton.travelweb.com
Cache-Control
max-age=0, no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
origin, x-requested-with, content-type, x-csrf-token
Expires
Wed, 11 Jan 1984 05:00:00 GMT
publisher:getClientId
ampcid.google.de/v1/ 		3 B
371 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.de/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: norton.travelweb.com
URL: https://norton.travelweb.com/9aTjSd0n/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://norton.travelweb.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 10 Jun 2024 16:43:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://norton.travelweb.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23
x-xss-protection
0
favicon.ico
s1.pclncdn.com/design-assets/white-label/norton/ 		15 KB
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://s1.pclncdn.com/design-assets/white-label/norton/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.186 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
add8748236bbb256bc8d51c4fe167d6dde3160fae780cac326ef4e8db4c5020e

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://norton.travelweb.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Mon, 10 Jun 2024 17:43:33 GMT
date
Mon, 10 Jun 2024 16:43:33 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1717178526
age
1
x-guploader-uploadid
ABPtcPrEANkjx7Biy5Wq1RVbR7OXRgRu9Iy9l06IHknO3ZI9wzEsyGICCHeHFjlMkff_-2m8xbk
x-cache
MISS
x-goog-storage-class
MULTI_REGIONAL
v
65
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-served-by
cache-fra-etou8220140-FRA
last-modified
Fri, 31 May 2024 18:07:16 GMT
server
UploadServer
etag
W/"2002f757b3f7631fa89dcfd14ff5ce06"
vary
accept-encoding
x-goog-generation
1717178835918521
content-type
image/vnd.microsoft.icon
x-goog-hash
crc32c=GTe6/w==, md5=IAL3V7P3Yx+onc/RT/XOBg==
cache-control
public, max-age=3600
x-goog-stored-content-length
15406
accept-ranges
none
x-cache-hits
0
beaconHandler
norton.travelweb.com/svcs/glc/ 		0
492 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://norton.travelweb.com/svcs/glc/beaconHandler?c.e=lx97criv&c.tti.m=lt&pt.lcp=1531&mob.etype=4g&mob.dl=10&mob.rtt=100&rt.start=navigation&rt.bmr=728%2C197%2C175%2C3&rt.tstart=1718037811543&rt.bstart=1718037812470&rt.end=1718037813275&t_resp=689&t_page=1043&t_done=1732&t_other=t_domloaded%7C1396%2Cboomerang%7C807%2Cboomr_fb%7C927&rt.tt=1732&rt.obo=0&nt_nav_st=1718037811543&nt_red_st=1718037811543&nt_red_end=1718037811700&nt_fet_st=1718037811700&nt_dns_st=1718037811700&nt_dns_end=1718037811700&nt_con_st=1718037811700&nt_con_end=1718037811700&nt_req_st=1718037811701&nt_res_st=1718037812232&nt_res_end=1718037812256&nt_domloading=1718037812248&nt_domint=1718037812285&nt_domcontloaded_st=1718037812938&nt_domcontloaded_end=1718037812938&nt_domcomp=1718037813274&nt_load_st=1718037813275&nt_load_end=1718037813275&nt_ssl_st=1718037811700&nt_enc_size=27174&nt_dec_size=95249&nt_trn_size=27474&nt_protocol=h2&nt_first_paint=1718037812310&nt_red_cnt=1&nt_nav_type=0&pl_vph=1200&pl_vpw=1600&pt.fp=767&pt.fcp=767&u=https%3A%2F%2Fnorton.travelweb.com%2Fhotels%2F&v=1.654.0&sm=i&vis.st=visible&ua.plt=Win32&ua.vnd=Google%20Inc.&pid=nzoqmf9b&n=1&c.tti.vr=1395&c.lt.n=2&c.lt.tt=140&c.f=41&c.f.d=825&c.f.m=1&c.f.l=2&c.f.s=lx97cs8y&dom.res=39&dom.doms=14&mem.total=6711285&mem.limit=4294705152&mem.used=2706209&mem.lsln=14&mem.ssln=3&mem.lssz=1008&mem.sssz=172&scr.xy=1600x1200&scr.bpp=24%2F24&scr.orn=0%2Flandscape-primary&cpu.cnc=11&bat.lvl=1&dom.ln=182&dom.sz=51721&dom.ck=579&dom.img=2&dom.img.uniq=1&dom.script=32&dom.script.ext=24&dom.iframe=1&dom.link=6&dom.link.css=0
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.130.186 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://norton.travelweb.com/hotels/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
0
wsheader
ws=guse4-ikdatasvcs-prod cdn=FRA
date
Mon, 10 Jun 2024 16:43:33 GMT
via
1.1 google, 1.1 varnish
x-pcln-request-id
3680ecdc62014d775291d4b49fd65e1b
x-timer
S1718037813.321510,VS0,VE151
vary
Accept-Encoding
x-cache
MISS
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
fastly-restarts
1
x-served-by
cache-fra-etou8220152-FRA
collector
norton.travelweb.com/9aTjSd0n/xhr/api/v2/ 		580 B
935 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://norton.travelweb.com/9aTjSd0n/xhr/api/v2/collector
Requested by
Host: norton.travelweb.com
URL: https://norton.travelweb.com/9aTjSd0n/init.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.130.186 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e20299a135cd6ffea98e73a0ea63572a5ebbf31a37cf387b1eb2709bb52a1b6a

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://norton.travelweb.com/hotels/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

wsheader
(null) cdn=FRA
date
Mon, 10 Jun 2024 16:43:33 GMT
via
1.1 google, 1.1 varnish
x-cache
MISS
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
580
x-served-by
cache-fra-etou8220152-FRA
x-pcln-request-id
dc7ea0f3871700a9da8767c8d3d0c849
x-timer
S1718037813.421851,VS0,VE63
vary
Accept-Encoding
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://norton.travelweb.com
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
0
collect
www.google-analytics.com/j/ 		3 B
211 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=235698574&t=pageview&_s=1&dl=https%3A%2F%2Fnorton.travelweb.com%2Fhotels%2F&dp=%2Fhotels%2F&ul=de-de&de=UTF-8&dt=Hotel%20Reservations%20%7C%20Norton&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAgEABAAQCACAAI~&jid=947740675&gjid=451122245&cid=1805291142.1718037813&uid=&tid=UA-2975581-1&_gid=732127081.1718037813&_slc=1&gtm=45He4650n71NNPL4Lv71807268za200&cg2=Hotel%2F&cd1=signedout&cd5=26ff524bb4bc7b928969ffda5d61b106&cd16=Hotel%2F&cd28=Hotel%2F&cd32=%2Fhotels%2F&cd42=not%20iframe&cd52=&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tag_exp=0&npa=1&z=1796093274
Requested by
Host: norton.travelweb.com
URL: https://norton.travelweb.com/9aTjSd0n/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://norton.travelweb.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 10 Jun 2024 16:43:33 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://norton.travelweb.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
148 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-2975581-1&cid=1805291142.1718037813&jid=947740675&gjid=451122245&_gid=732127081.1718037813&npa=1&_u=YCDAgEABAAQCAGAAI~&z=1252981968
Requested by
Host: norton.travelweb.com
URL: https://norton.travelweb.com/9aTjSd0n/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0d::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://norton.travelweb.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 10 Jun 2024 16:43:33 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://norton.travelweb.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 		59 B
304 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: norton.travelweb.com
URL: https://norton.travelweb.com/9aTjSd0n/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2089 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
accept
application/json
Referer
https://norton.travelweb.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 16:43:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
cf-ray
891ad22ee8d81d90-FRA
access-control-allow-headers
Content-Type
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/202402.1.0/ 		430 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202402.1.0/otBannerSdk.js
Requested by
Host: norton.travelweb.com
URL: https://norton.travelweb.com/9aTjSd0n/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e789e43937c7abc5959eba06825459f4e08e050ff9ea43ab8ec5a041a3e7558
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://norton.travelweb.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 10 Jun 2024 16:43:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
5m3SVn9yaQSlRqLvlzjrBg==
age
76862
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
106956
x-ms-lease-status
unlocked
last-modified
Mon, 04 Mar 2024 07:33:33 GMT
server
cloudflare
etag
0x8DC3C1D6598CBF8
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
c5464b4d-e01e-0037-5c1c-6eeb2f000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
891ad22f4f733a44-FRA
prop.json
cdn0.forter.com/7736390f98ba/fa65dc502fc64c6d8032afa30b203121/ 		20 B
364 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn0.forter.com/7736390f98ba/fa65dc502fc64c6d8032afa30b203121/prop.json?_=1718037813642
Requested by
Host: norton.travelweb.com
URL: https://norton.travelweb.com/9aTjSd0n/init.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
34.192.191.43 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-192-191-43.compute-1.amazonaws.com
Software
/
Resource Hash
912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://norton.travelweb.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Pragma
no-cache
Date
Mon, 10 Jun 2024 16:43:33 GMT
Vary
Origin
Transfer-Encoding
chunked
Content-Type
application/json
Access-Control-Allow-Origin
https://norton.travelweb.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
Expires
-1
en.json
cdn.cookielaw.org/consent/018e33f4-928d-76e2-bca4-2613efb18249/3392b2c3-579e-4faf-8275-2fce86991a75/ 		37 KB
11 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/018e33f4-928d-76e2-bca4-2613efb18249/3392b2c3-579e-4faf-8275-2fce86991a75/en.json
Requested by
Host: norton.travelweb.com
URL: https://norton.travelweb.com/9aTjSd0n/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
41a3e0948a826a11c1cca863b1659b7baee10a2921d1f0e5e224e505f4cda870
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://norton.travelweb.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 10 Jun 2024 16:43:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-md5
CP07arShGdSC5fZ5MN9BRw==
content-length
11038
x-ms-lease-status
unlocked
last-modified
Tue, 12 Mar 2024 18:47:18 GMT
server
cloudflare
etag
0x8DC42C4D83C16A6
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
5527a9e1-f01e-0037-5e55-bbedc6000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
891ad23008c3193b-FRA
expires
Tue, 11 Jun 2024 16:43:33 GMT
events
cdn3.forter.com/ 		0
416 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://cdn3.forter.com/events
Requested by
Host: norton.travelweb.com
URL: https://norton.travelweb.com/9aTjSd0n/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-129.fra2.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://norton.travelweb.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain; charset=utf-8

Response headers

pragma
no-cache
date
Mon, 10 Jun 2024 16:43:33 GMT
strict-transport-security
max-age=86400; includeSubDomains
via
1.1 03d509e8374e9f42668961b5e0201348.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
vary
Origin
x-cache
Miss from cloudfront
access-control-allow-origin
https://norton.travelweb.com
cache-control
private, no-cache, no-store
access-control-allow-credentials
true
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
0
x-amz-cf-id
svB8plTBIGH06JDnfXvHndGmC2gFx2lv1_9aQCsM_r0MVaZY4g0uhw==
expires
-1
otFlat.json
cdn.cookielaw.org/scripttemplates/202402.1.0/assets/ 		13 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202402.1.0/assets/otFlat.json
Requested by
Host: norton.travelweb.com
URL: https://norton.travelweb.com/9aTjSd0n/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4aaa18c55c90588c5e828e56dcc6b2cb0acf9a4280494c7d1a53fc5e3669112
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://norton.travelweb.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 10 Jun 2024 16:43:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
J2h618merDnrxos96K8Rfg==
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
3041
x-ms-lease-status
unlocked
last-modified
Mon, 04 Mar 2024 07:33:26 GMT
server
cloudflare
etag
0x8DC3C1D6130E74D
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
ea422964-801e-006c-80c2-95d214000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
891ad2311a51193b-FRA
otPcCenter.json
cdn.cookielaw.org/scripttemplates/202402.1.0/assets/v2/ 		62 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202402.1.0/assets/v2/otPcCenter.json
Requested by
Host: norton.travelweb.com
URL: https://norton.travelweb.com/9aTjSd0n/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f40f57620246d052ea666f8f9d25dc6fcd93a7bbd6314077a2eb7213e98a4b5a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://norton.travelweb.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 10 Jun 2024 16:43:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
content-md5
01SMtGeyB0SRvW+F1DYVMg==
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
12808
x-ms-lease-status
unlocked
last-modified
Mon, 04 Mar 2024 07:33:28 GMT
server
cloudflare
etag
0x8DC3C1D628E9642
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
14c8be4e-c01e-0095-7155-bb205a000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
891ad2311a56193b-FRA
otCommonStyles.css
cdn.cookielaw.org/scripttemplates/202402.1.0/assets/ 		21 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202402.1.0/assets/otCommonStyles.css
Requested by
Host: norton.travelweb.com
URL: https://norton.travelweb.com/9aTjSd0n/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3f7b0ec4de079928a999641e781e80f33597a392a561bc460276dfb4efb6eec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://norton.travelweb.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 10 Jun 2024 16:43:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
c7xAZ9MSGAobGaTYg/Qtag==
x-ms-lease-status
unlocked
last-modified
Mon, 04 Mar 2024 07:33:37 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
8b1ed358-e01e-007a-6bc2-9524c3000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
891ad2311a59193b-FRA
prop.json
cdn0.forter.com/7736390f98ba/fa65dc502fc64c6d8032afa30b203121/ 		20 B
364 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn0.forter.com/7736390f98ba/fa65dc502fc64c6d8032afa30b203121/prop.json?_=1718037813947
Requested by
Host: norton.travelweb.com
URL: https://norton.travelweb.com/9aTjSd0n/init.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
34.192.191.43 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-192-191-43.compute-1.amazonaws.com
Software
/
Resource Hash
912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://norton.travelweb.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Pragma
no-cache
Date
Mon, 10 Jun 2024 16:43:34 GMT
Vary
Origin
Transfer-Encoding
chunked
Content-Type
application/json
Access-Control-Allow-Origin
https://norton.travelweb.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
Expires
-1
ot_close.svg
cdn.cookielaw.org/logos/static/ 		651 B
622 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cookielaw.org/logos/static/ot_close.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://norton.travelweb.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 10 Jun 2024 16:43:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
pcXWFGpuVeSg/jVnYCseRg==
age
4152
x-ms-lease-status
unlocked
last-modified
Mon, 10 Jun 2024 02:33:53 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
fa74459a-e01e-0082-2ee5-bae039000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
891ad231fb773a44-FRA
ot_guard_logo.svg
cdn.cookielaw.org/logos/static/ 		497 B
488 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg
Requested by
Host: norton.travelweb.com
URL: https://norton.travelweb.com/9aTjSd0n/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://norton.travelweb.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 10 Jun 2024 16:43:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
content-encoding
gzip
content-md5
tXyZydHjxQshFMbbBT1/8A==
x-ms-lease-status
unlocked
last-modified
Mon, 10 Jun 2024 15:44:01 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
a41cefa4-f01e-0051-1c55-bb5f9c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
891ad2322b9c193b-FRA
ot_company_logo.png
cdn.cookielaw.org/logos/static/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cookielaw.org/logos/static/ot_company_logo.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a335fc1da4a5ffc1fcacfa3eab57506faa41f026954496becb59cf5fbcd99d0e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://norton.travelweb.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 10 Jun 2024 16:43:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
E8+sk/ECzKgTUVtDLikiIA==
age
4152
content-length
4036
x-ms-lease-status
unlocked
last-modified
Thu, 06 Jun 2024 19:38:42 GMT
server
cloudflare
etag
0x8DC8660459E669C
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
da60bc26-d01e-0020-2e64-b82da5000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
891ad232bc883a44-FRA
powered_by_logo.svg
cdn.cookielaw.org/logos/static/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cookielaw.org/logos/static/powered_by_logo.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://norton.travelweb.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 10 Jun 2024 16:43:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
Y+c301RBZNK39PvKQWrIBw==
age
59113
x-ms-lease-status
unlocked
last-modified
Thu, 06 Jun 2024 19:38:42 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
d2001200-501e-00b2-4d0d-b9ba13000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
891ad232bc8d3a44-FRA
logo_small.gif
duuytoqss3gu4.cloudfront.net/ 		48 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://duuytoqss3gu4.cloudfront.net/logo_small.gif?dfpadname=&check=1718037814276
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:e400:1d:9f28:ff00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
0a66aa00275ce9c21012bcc686cc4016ed3f0ef6addb4b0d18dfb3489d7632b5

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://norton.travelweb.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 16:43:34 GMT
via
1.1 4b07e670df891a80bcae1d5be052af3c.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA60-P2
x-cache
FunctionGeneratedResponse from cloudfront
content-type
image/gif
content-length
48
x-amz-cf-id
t5LU0slCwQ7v04_orjes2EkLFOfP482TZoiCZLuO67yS58RiGArr2A==
logo_medium.gif
duuytoqss3gu4.cloudfront.net/ 		48 B
278 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://duuytoqss3gu4.cloudfront.net/logo_medium.gif?check=1718037814276&refererPageDetail=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:e400:1d:9f28:ff00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
0a66aa00275ce9c21012bcc686cc4016ed3f0ef6addb4b0d18dfb3489d7632b5

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://norton.travelweb.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 16:43:34 GMT
via
1.1 4b07e670df891a80bcae1d5be052af3c.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA60-P2
x-cache
FunctionGeneratedResponse from cloudfront
content-type
image/gif
content-length
48
x-amz-cf-id
YzJitoj5Zdrz1_OxoJeIQHujr0Tpfvt5k2Kckb4UYf0WHOPax7Nf2Q==
logo_large.gif
duuytoqss3gu4.cloudfront.net/ 		48 B
280 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://duuytoqss3gu4.cloudfront.net/logo_large.gif?1718037814276&-linkd-32.
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:e400:1d:9f28:ff00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
0a66aa00275ce9c21012bcc686cc4016ed3f0ef6addb4b0d18dfb3489d7632b5

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://norton.travelweb.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 16:43:34 GMT
via
1.1 4b07e670df891a80bcae1d5be052af3c.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA60-P2
x-cache
FunctionGeneratedResponse from cloudfront
content-type
image/gif
content-length
48
x-amz-cf-id
hN67Eva8vSJejf3f9vYMSRGE1HBzJ9WYmH2GlIh77dzoG4AwK_yrYQ==
wpt.json
cdn0.forter.com/7736390f98ba/fa65dc502fc64c6d8032afa30b203121/ 		20 B
445 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn0.forter.com/7736390f98ba/fa65dc502fc64c6d8032afa30b203121/wpt.json
Requested by
Host: norton.travelweb.com
URL: https://norton.travelweb.com/9aTjSd0n/init.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
34.192.191.43 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-192-191-43.compute-1.amazonaws.com
Software
/
Resource Hash
912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://norton.travelweb.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

Pragma
no-cache
Date
Mon, 10 Jun 2024 16:43:34 GMT
ETag
W/"14-Y53wuE/mmbSikKcT/WualL1N65U"
Vary
Origin
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://norton.travelweb.com
Cache-Control
private, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
Keep-Alive
timeout=10
Content-Length
20
Expires
-1
wpt.json
cdn0.forter.com/7736390f98ba/fa65dc502fc64c6d8032afa30b203121/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cdn0.forter.com/7736390f98ba/fa65dc502fc64c6d8032afa30b203121/wpt.json
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
34.192.191.43 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-192-191-43.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://norton.travelweb.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers
content-type
Access-Control-Allow-Methods
GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Length
0
Date
Mon, 10 Jun 2024 16:43:34 GMT
Keep-Alive
timeout=10
Vary
Access-Control-Request-Headers
events
cdn3.forter.com/ 		0
310 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://cdn3.forter.com/events
Requested by
Host: norton.travelweb.com
URL: https://norton.travelweb.com/9aTjSd0n/init.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.225.78.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-129.fra2.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://norton.travelweb.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain; charset=utf-8

Response headers

pragma
no-cache
date
Mon, 10 Jun 2024 16:43:35 GMT
strict-transport-security
max-age=86400; includeSubDomains
via
1.1 2b2e2811e641703aebf776da39317b9c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
vary
Origin
x-cache
Miss from cloudfront
access-control-allow-origin
https://norton.travelweb.com
cache-control
private, no-cache, no-store
access-control-allow-credentials
true
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
0
x-amz-cf-id
fUK7H0pRYWu9ycGZPh1-_uM0UjnvoQAOrwMBRUA-LR6N43R6Ettbag==
expires
-1
events
cdn3.forter.com/ 		0
310 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://cdn3.forter.com/events
Requested by
Host: norton.travelweb.com
URL: https://norton.travelweb.com/9aTjSd0n/init.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.225.78.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-129.fra2.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://norton.travelweb.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain; charset=utf-8

Response headers

pragma
no-cache
date
Mon, 10 Jun 2024 16:43:36 GMT
strict-transport-security
max-age=86400; includeSubDomains
via
1.1 2b2e2811e641703aebf776da39317b9c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
vary
Origin
x-cache
Miss from cloudfront
access-control-allow-origin
https://norton.travelweb.com
cache-control
private, no-cache, no-store
access-control-allow-credentials
true
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
0
x-amz-cf-id
FDI2gnu3iqAFn3N6W62Vl0LV7HEkoO4eqSUAHHdUyCzupeDOMDYgNA==
expires
-1
batch
norton.travelweb.com/pws/v0/fly/tag/ 		582 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://norton.travelweb.com/pws/v0/fly/tag/batch
Requested by
Host: norton.travelweb.com
URL: https://norton.travelweb.com/9aTjSd0n/init.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.130.186 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
68428b10a30e5a79815fca394cec9d5c0af7a532be10c05965768b8a6c181ab3

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://norton.travelweb.com/hotels/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

x-served-by
cache-fra-etou8220152-FRA
wsheader
(null) cdn=FRA
date
Mon, 10 Jun 2024 16:43:38 GMT
via
1.1 varnish
x-pcln-request-id
efd9bd6a966fb6cd865ab72e9ee3b420
server
Varnish
x-timer
S1718037818.049688,VS0,VE2
x-cache
MISS
content-type
application/json
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
582
retry-after
0
x-cache-hits
0
captcha.js
norton.travelweb.com/9aTjSd0n/captcha/ Frame 3CA3 		517 KB
244 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://norton.travelweb.com/9aTjSd0n/captcha/captcha.js?a=&u=92c8b390-2748-11ef-99c4-6f409dc6e5a1&v=92d3c986-2748-11ef-8c5b-324fcdf13dd5&m=0
Requested by
Host: norton.travelweb.com
URL: https://norton.travelweb.com/9aTjSd0n/init.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.130.186 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://norton.travelweb.com/hotels/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

wsheader
(null) cdn=FRA
content-security-policy
default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
date
Mon, 10 Jun 2024 16:43:39 GMT
via
1.1 varnish, 1.1 google, 1.1 varnish
x-permitted-cross-domain-policies
none
content-encoding
gzip
age
0
x-dns-prefetch-control
off
x-cache
MISS, MISS
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
248826
x-xss-protection
0
x-served-by
cache-fra-etou8220133-FRA, cache-fra-etou8220152-FRA
referrer-policy
no-referrer
x-pcln-request-id
dd0bdab8d47dfae3668a5a05f471d797
x-timer
S1718037818.085389,VS0,VE1059
etag
W/"81201-MmNuiFKcmP9va8lerK6yHNP0zAE"
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?1
cache-control
public, max-age=600
accept-ranges
bytes
x-cache-hits
0, 0

Verdicts & Comments Add Verdict or Comment

65 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 string| appVersion object| webpackChunk_N_E function| __next_require__ object| next object| __NEXT_DATA__ function| __SSG_MANIFEST_CB object| __NEXT_P object| _N_E function| BOOMR_check_doc_domain boolean| BOOMR_no_mark object| BOOMR function| utReportRUMType function| utReportRUM function| utOnLoad boolean| utSent number| beaconCount object| dataLayer object| ftr__config number| ftr__startScriptLoad function| ftr__fdad string| _pxParam5 string| _pxAppId string| _pxParam1 object| PX9aTjSd0n object| PX undefined| _9aTjSd0nhandler function| z7mm function| U2ii function| H6VV function| p9yy object| ftr__ext function| ftr__ object| ftr__scriptLoadOptions object| ftr__bufferW string| PX9aTjSd0n_csdp object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data string| GoogleAnalyticsObject function| ga object| events object| ftr__JSON3 function| OptanonWrapper object| PCLN object| __MIDDLEWARE_MATCHERS object| __BUILD_MANIFEST object| __SSG_MANIFEST object| __APOLLO_CLIENT__ object| googletag object| gaGlobal object| gaplugins object| OneTrustStub string| g object| p number| totalFirstPartyJsDownloadedJsBytes object| gaData string| OnetrustActiveGroups string| OptanonActiveGroups object| otStubData object| Optanon object| OneTrust

18 Cookies

Domain/Path Name / Value
.norton.travelweb.com/ Name: vid
Value: v202406101243318124bb09
.norton.travelweb.com/ Name: Referral
Value: CLICKID=&WEBENTRYTIME=6%2F10%2F2024%2012%3A43%3A31&ID=DIRECT&PRODUCTID=&SOURCEID=DT
.norton.travelweb.com/ Name: PL_CINFO
Value: 26ff524bb4bc7b928969ffda5d61b106~1718037812~v2
.norton.travelweb.com/ Name: SITESERVER
Value: ID=26ff524bb4bc7b928969ffda5d61b106
.travelweb.com/ Name: pxcts
Value: 92d3d730-2748-11ef-8c5b-5d4b7af9ca1c
.travelweb.com/ Name: _pxvid
Value: 92d3c986-2748-11ef-8c5b-324fcdf13dd5
.travelweb.com/ Name: __pxvid
Value: 92ec90aa-2748-11ef-bbfd-0242ac120002
.travelweb.com/ Name: ftr_blst_1h
Value: 1718037812855
.travelweb.com/ Name: _ga_DC72C50JN6
Value: GS1.1.1718037813.1.0.1718037813.60.0.0
.travelweb.com/ Name: AMP_TOKEN
Value: %24NOT_FOUND
.travelweb.com/ Name: _ga
Value: GA1.2.1805291142.1718037813
.travelweb.com/ Name: _gid
Value: GA1.2.732127081.1718037813
.travelweb.com/ Name: _dc_gtm_UA-2975581-1
Value: 1
.travelweb.com/ Name: forterToken
Value: fa65dc502fc64c6d8032afa30b203121_1718037812493__UDF43-m4_17ck
norton.travelweb.com/ Name: _pxhd
Value: VICr/TRbSy540/ZjQV8LGhlqhBm9A5NMC2PyyetVqJovsjg634nOqBCEhOTTFk0vu5RID-4pGb46cbPGBFRMIg==:hrlvLN7u0aWpuCZ2ZLVSlIYiyNDeJA-x2cJDU4LP-SCqM21AAg22KPH-lC6LZRXuJtwfV0urWLVWjBVSdl2Q0qnVyUMvIUYgCC91c/Ozh1o=
.travelweb.com/ Name: _px2
Value: eyJ1IjoiOTJjOGIzOTAtMjc0OC0xMWVmLTk5YzQtNmY0MDlkYzZlNWExIiwidiI6IjkyZDNjOTg2LTI3NDgtMTFlZi04YzViLTMyNGZjZGYxM2RkNSIsInQiOjE3MTgwMzgxMTM0NjUsImgiOiI3ZDQ5OWM5OTRhNWQzMWU5Yjc3NjNjOGQ3YTZmMDYyOWQ2YjBiZTJkMDZhOTJjN2Y2NzFiOTYwMmFhZGNkYzEyIn0=
.travelweb.com/ Name: _pxde
Value: 41ee2d9aa0f7273186ef109ced3be45092424416ee386d387c98c4d24b0b4e74:eyJ0aW1lc3RhbXAiOjE3MTgwMzc4MTM0NjUsImZfa2IiOjB9
.norton.travelweb.com/ Name: OptanonConsent
Value: isGpcEnabled=0&datestamp=Mon+Jun+10+2024+18%3A43%3A34+GMT%2B0200+(Mitteleurop%C3%A4ische+Sommerzeit)&version=202402.1.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=32a87fb5-134a-4306-9ee1-c2fe027492e2&interactionCount=0&isAnonUser=1&landingPath=https%3A%2F%2Fnorton.travelweb.com%2Fhotels%2F&groups=C0001%3A1%2CBG14%3A0%2CC0002%3A0

1 Console Messages

Source Level URL
Text
network error URL: https://norton.travelweb.com/pws/v0/fly/tag/batch
Message:
Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

7736390f98ba.cdn4.forter.com
ampcid.google.com
ampcid.google.de
b.px-cdn.net
cdn.cookielaw.org
cdn0.forter.com
cdn3.forter.com
cdn9.forter.com
duuytoqss3gu4.cloudfront.net
fa65dc502fc64c6d8032afa30b203121-7736390f98ba.cdn.forter.com
fonts.gstatic.com
geolocation.onetrust.com
images.ctfassets.net
norton.travelweb.com
region1.analytics.google.com
s1.pclncdn.com
stats.g.doubleclick.net
www.google-analytics.com
www.google.de
www.googletagmanager.com
13.225.78.129
142.250.186.67
151.101.130.186
151.101.66.186
2001:4860:4802:34::36
2600:9000:2250:e400:1d:9f28:ff00:21
2600:9000:235a:f400:12:94b3:c380:93a1
2600:9000:2644:8c00:f:1b37:e600:93a1
2600:9000:275b:ae00:e:d088:5c40:93a1
2606:4700:4400::6812:2089
2606:4700::6813:b134
2a00:1450:4001:80e::2008
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::200e
2a00:1450:4001:81d::2003
2a00:1450:4001:827::200e
2a00:1450:400c:c0d::9c
34.149.125.36
34.192.191.43
54.81.184.157
0a66aa00275ce9c21012bcc686cc4016ed3f0ef6addb4b0d18dfb3489d7632b5
19a27a596b45ad3f4d6c6be5d35be241cff9426bbf0304d1f133dc22c898b932
1a57c7539a8533443783c59c96c795590acef0acdf61755dbbfe99049504306c
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16
21bdc4912d950aa022892e63d1b87ceb504cd5587fdf227c800d966759b00fcf
22e7cde1b578cf047fa713b78f9d620fc53363732f81b6e44490429f8cd1f17a
29553fd20450e191eef32d0184babf45d172a08fe3bdedb9e2b3342f8b370182
2a3ae59514bc91d49c6213c9cc3b9d543140f4d421a19f8dcf78f3318102e280
2d3fce6a23e27b6ab04ebd0c8db42efe94433348903c68a933fc88769b69747c
2e54a167444c96037f727d8e7a4367e097ef3cc52fc29890ba3e3e0f51446f33
2e789e43937c7abc5959eba06825459f4e08e050ff9ea43ab8ec5a041a3e7558
34208e63c50cc27f5c13b0c29629cf0561fa788f564a07f82cf877dc28e46b82
384f041f47845c51ff3b31c9d0d4996cf1a4fd01e1190f96ab24a88bc9253066
3dc00091ff2506547a8df94a937e16d60d321a39c823117fdb21339b7ebe3ee9
41a3e0948a826a11c1cca863b1659b7baee10a2921d1f0e5e224e505f4cda870
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
515be661001b26070d81464a6acfa2e0bddcf6df17252124bc5b35dbb29ed0b2
55ebcf71fb583176ce09e5b1535821bd06ee99afbfaa7f779980f65f8c70aa27
57f78082f6b987bb2d22c02d0c901a0725e5b59e88ed9b5bfcfc5d1d59a25ab1
58f584ee935ec6ceb22493fd5bf2764fcc3dd0298ca12024f5d4ec0d5d963af2
5b47cbe1f97f3da53b6edd995bffd97364cdafd1c72e407df80c9d135a979303
5bb00f1f3669bf192e1c6d27a1c257725fe2fc970100db7bba0529dd546e97bb
5c7c53ddf6b0b6e77cda5c2d13b5575296502f9799d383269848f1cc6cdcbbcb
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
5fe30e8af08331aeca580b70bfb6cdf9ff90752e6a845f0cd0433215858c8874
68428b10a30e5a79815fca394cec9d5c0af7a532be10c05965768b8a6c181ab3
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
8175396a2659a16ab3d13a17471ab850a449e749d7cc048e53de150f4532dd96
81cb713c39cc8facd0d93b007d47760d03b8c06bbc08a4b99141197579f85509
8409ed38b3975d61746c07a5bd7aef8bc73ed45c4787c7047ed77f0ce4e59917
865f8568998983944f52a4d9657b91b66f32ae98434a41ebb79291043d0fa1ef
8aff4a4ecf4ce8294f2f231d093f8f560ed07edfa8d3d08a35ddcbda93b4193c
901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc
912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d
94a1fb46041d26805816f473bc4dd0d6d7344c84866a7ac4b100a24971d8c9a8
964655e84caa287ee0093a0d4861ed74f7f72361d43289836ede96093d1b54b7
96ffdbb7c02a9cf0e4747a00d8c926784c46cfdd0b01e6f851226b416752e49b
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
9b26033591e715dda34b307b703b3097561443816b3681c20b76d5e5844c0433
a335fc1da4a5ffc1fcacfa3eab57506faa41f026954496becb59cf5fbcd99d0e
a76947311e7817c8fcff4dd828ae4b4d50190d1f6d0101f16e42b93f073e0d04
add8748236bbb256bc8d51c4fe167d6dde3160fae780cac326ef4e8db4c5020e
c067240a063cfcea44c0f9b637b45e26c6e0cc81c7984dbaddd71f54a40f8b3d
c338c556f35ae67164c621ad98a88c3678a09a0c20b264882f97e42f0716243b
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cc2aa0ffcd8aef3d6e0eee57b98f13251d0fb1f27a30a7cccc97813fe08d542d
d3f7b0ec4de079928a999641e781e80f33597a392a561bc460276dfb4efb6eec
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e0d4d46f29370854b8e2ab182466cbbbe47704ee6b0663768b3cf09844a0a38c
e20299a135cd6ffea98e73a0ea63572a5ebbf31a37cf387b1eb2709bb52a1b6a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f40f57620246d052ea666f8f9d25dc6fcd93a7bbd6314077a2eb7213e98a4b5a
f4aaa18c55c90588c5e828e56dcc6b2cb0acf9a4280494c7d1a53fc5e3669112
fdfea52427fb822bebdd32b325768e73b40637bd203c100827d4dece88e431c3